39759cfd256456bb", @loopback, 0x4, 0x1, 0x1, 0x100, 0x7, 0x2640241, r3}) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c6572300000000000000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000a1fb86977145000000000000000000ffffffffffff00000000000000002801000060010000b0010000000000000000000000000000000000000050000000000000008800000000000000000000000000080000000000000000000000ffffac1414aa00000000000000000000009cdfcba7e824c91b000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d0000000000000000000000000000000000000000000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000030000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c06000000000000000000000000000000000000000000000080000000000000280000000000000073797a300000000000000000000000000000000000000000000000000000000000000000000026d8b2427f0b6719c70890d39527123329b28f27a2c30647cbe6d8cda6f41bf58109fd34d9c4cc0e62ea90f6b45f2492a0ec09e4564bbf7e67e821e140e2efb51b200eec35c15e65fadc27840fa4f7399a969355c9b8e875cabd537461b5da4cb66125bf98000000000000"]}, 0x325) [ 3088.801651][T20917] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3088.809778][T20917] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3088.930976][T20917] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3088.930976][T20917] !' [ 3088.991392][T20917] CPU: 0 PID: 20917 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3089.000137][T20917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3089.010203][T20917] Call Trace: [ 3089.013509][T20917] dump_stack+0x188/0x20d [ 3089.017871][T20917] sysfs_warn_dup.cold+0x1c/0x2d [ 3089.022836][T20917] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3089.028924][T20917] sysfs_create_link+0x61/0xc0 [ 3089.033700][T20917] device_add+0x71c/0x1bc0 [ 3089.038142][T20917] ? uevent_show+0x360/0x360 [ 3089.042750][T20917] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3089.048762][T20917] wiphy_register+0x1c46/0x2720 [ 3089.053644][T20917] ? wiphy_unregister+0xf90/0xf90 [ 3089.058688][T20917] ? __kmalloc+0x629/0x7a0 [ 3089.063150][T20917] ? ieee80211_register_hw+0xbea/0x3760 [ 3089.068722][T20917] ? ieee80211_cs_list_valid+0x198/0x280 [ 3089.074379][T20917] ieee80211_register_hw+0x141d/0x3760 [ 3089.079870][T20917] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3089.085345][T20917] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3089.090906][T20917] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3089.096900][T20917] ? memset+0x20/0x40 [ 3089.100887][T20917] ? __hrtimer_init+0x134/0x260 [ 3089.105757][T20917] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3089.111485][T20917] ? vprintk_func+0x81/0x17e [ 3089.116106][T20917] ? hwsim_register_received_nl+0x400/0x400 [ 3089.122029][T20917] hwsim_new_radio_nl+0x905/0xf60 [ 3089.127074][T20917] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3089.132977][T20917] ? cap_capable+0x1eb/0x250 [ 3089.137598][T20917] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3089.143936][T20917] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3089.150282][T20917] genl_rcv_msg+0x627/0xdf0 [ 3089.154815][T20917] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3089.161149][T20917] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3089.166445][T20917] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3089.171952][T20917] netlink_rcv_skb+0x15a/0x410 [ 3089.176738][T20917] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3089.183123][T20917] ? netlink_ack+0xa80/0xa80 [ 3089.187754][T20917] genl_rcv+0x24/0x40 [ 3089.191750][T20917] netlink_unicast+0x537/0x740 [ 3089.196531][T20917] ? netlink_attachskb+0x810/0x810 [ 3089.201650][T20917] ? _copy_from_iter_full+0x25c/0x870 [ 3089.207037][T20917] ? __phys_addr_symbol+0x2c/0x70 [ 3089.212073][T20917] ? __check_object_size+0x171/0x437 [ 3089.217376][T20917] netlink_sendmsg+0x882/0xe10 [ 3089.222161][T20917] ? aa_af_perm+0x260/0x260 [ 3089.226673][T20917] ? netlink_unicast+0x740/0x740 [ 3089.231643][T20917] ? netlink_unicast+0x740/0x740 [ 3089.236589][T20917] sock_sendmsg+0xcf/0x120 [ 3089.241033][T20917] ____sys_sendmsg+0x6b9/0x7d0 [ 3089.245810][T20917] ? kernel_sendmsg+0x50/0x50 [ 3089.250503][T20917] ? mark_lock+0xbc/0x1220 [ 3089.254954][T20917] ___sys_sendmsg+0x100/0x170 [ 3089.259652][T20917] ? sendmsg_copy_msghdr+0x70/0x70 [ 3089.264796][T20917] ? __fget_files+0x329/0x4f0 [ 3089.269502][T20917] ? ksys_dup3+0x3c0/0x3c0 [ 3089.273943][T20917] ? __fget_light+0x208/0x270 [ 3089.278643][T20917] __sys_sendmsg+0xec/0x1b0 [ 3089.283158][T20917] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3089.288189][T20917] ? __x64_sys_futex+0x380/0x4f0 [ 3089.293149][T20917] ? trace_hardirqs_off_caller+0x55/0x230 [ 3089.298876][T20917] ? do_syscall_64+0x21/0x7d0 [ 3089.303570][T20917] do_syscall_64+0xf6/0x7d0 [ 3089.308095][T20917] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3089.313994][T20917] RIP: 0033:0x45c849 [ 3089.317896][T20917] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3089.337503][T20917] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3089.345924][T20917] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3089.353899][T20917] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3089.361877][T20917] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3089.369858][T20917] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3089.377836][T20917] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3089.392925][T20943] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 3089.412584][T20943] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3089.516202][T20943] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3089.516202][T20943] !' [ 3089.529839][T20943] CPU: 1 PID: 20943 Comm: syz-executor.3 Not tainted 5.6.0-rc6-syzkaller #0 [ 3089.538536][T20943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3089.548594][T20943] Call Trace: [ 3089.551898][T20943] dump_stack+0x188/0x20d [ 3089.556244][T20943] sysfs_warn_dup.cold+0x1c/0x2d [ 3089.561203][T20943] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3089.567286][T20943] sysfs_create_link+0x61/0xc0 [ 3089.572065][T20943] device_add+0x71c/0x1bc0 [ 3089.576505][T20943] ? uevent_show+0x360/0x360 [ 3089.581110][T20943] ? wiphy_register+0x1c3e/0x2720 [ 3089.586158][T20943] wiphy_register+0x1c46/0x2720 [ 3089.591040][T20943] ? wiphy_unregister+0xf90/0xf90 [ 3089.596096][T20943] ? ieee80211_cs_list_valid+0x23/0x280 [ 3089.601657][T20943] ? ieee80211_cs_list_valid+0x1aa/0x280 [ 3089.607299][T20943] ? ieee80211_cs_list_valid+0x198/0x280 [ 3089.612953][T20943] ieee80211_register_hw+0x141d/0x3760 [ 3089.618443][T20943] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3089.623920][T20943] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3089.629475][T20943] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3089.635468][T20943] ? memset+0x20/0x40 [ 3089.639456][T20943] ? __hrtimer_init+0x134/0x260 [ 3089.644322][T20943] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3089.650053][T20943] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3089.655368][T20943] ? hwsim_register_received_nl+0x400/0x400 [ 3089.661283][T20943] hwsim_new_radio_nl+0x905/0xf60 [ 3089.666314][T20943] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3089.671621][T20943] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3089.677559][T20943] genl_rcv_msg+0x627/0xdf0 [ 3089.682092][T20943] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3089.688441][T20943] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3089.693748][T20943] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3089.699475][T20943] ? retint_kernel+0x2b/0x2b [ 3089.704086][T20943] netlink_rcv_skb+0x15a/0x410 [ 3089.708858][T20943] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3089.715208][T20943] ? netlink_ack+0xa80/0xa80 [ 3089.719839][T20943] genl_rcv+0x24/0x40 [ 3089.723830][T20943] netlink_unicast+0x537/0x740 [ 3089.728610][T20943] ? netlink_attachskb+0x810/0x810 [ 3089.733751][T20943] netlink_sendmsg+0x882/0xe10 [ 3089.738521][T20943] ? aa_af_perm+0x260/0x260 [ 3089.743038][T20943] ? netlink_unicast+0x740/0x740 [ 3089.747977][T20943] ? netlink_unicast+0x740/0x740 [ 3089.752903][T20943] sock_sendmsg+0xcf/0x120 [ 3089.757309][T20943] ____sys_sendmsg+0x6b9/0x7d0 [ 3089.762062][T20943] ? kernel_sendmsg+0x50/0x50 [ 3089.766730][T20943] ? mark_lock+0xbc/0x1220 [ 3089.771149][T20943] ___sys_sendmsg+0x100/0x170 [ 3089.775820][T20943] ? sendmsg_copy_msghdr+0x70/0x70 [ 3089.780931][T20943] ? __fget_files+0x329/0x4f0 [ 3089.785601][T20943] ? ksys_dup3+0x3c0/0x3c0 [ 3089.790014][T20943] ? lock_acquire+0x197/0x420 [ 3089.794679][T20943] ? __might_fault+0xef/0x1d0 [ 3089.799354][T20943] ? __fget_light+0x208/0x270 [ 3089.804028][T20943] __sys_sendmsg+0xec/0x1b0 [ 3089.808520][T20943] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3089.813530][T20943] ? __x64_sys_futex+0x380/0x4f0 [ 3089.818492][T20943] ? trace_hardirqs_off_caller+0x55/0x230 [ 3089.824229][T20943] ? do_syscall_64+0x21/0x7d0 [ 3089.828915][T20943] do_syscall_64+0xf6/0x7d0 [ 3089.833422][T20943] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3089.839296][T20943] RIP: 0033:0x45c849 [ 3089.843178][T20943] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3089.862770][T20943] RSP: 002b:00007f413d0f4c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3089.871175][T20943] RAX: ffffffffffffffda RBX: 00007f413d0f56d4 RCX: 000000000045c849 [ 3089.879136][T20943] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 3089.887104][T20943] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3089.895072][T20943] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3089.903032][T20943] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:42:51 executing program 4: keyctl$instantiate(0xc, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="6e657520646566617550b65563726c7420757365723a73797a203034307019aa37f225c2065cb139689dcc52811a52053053bad3939724b71276151db1d0f023ad6231dc406ac793a504ca07c06315f890bdf432596b03b2b901b18a5d291542fe6e5d3db5456906e9db419d38e62033cba6e6e313d70ab2a99d3afa609251c670507ae39ad406dae81535cf185111d32367bef1e5f06b3d58d6bab270378a59888015c2c32aa6abbc10779b9bc29f336650a10000000000009842c8e868bb84390a425ed81f90db49d802d54541e4f8247236000000000d7339327134195110b749744142c76f7d34a004a67c46db8140f2a01781379d1b62ee7a361d6bec3b690da912071a48a26f1e8fc9aef02b7abfb5699d5d12dcc6bbe3f6f67a894032cc0c48db1397046c4603000000b01e5f0a5993fbccf373129d1691a0bd8600bdc3c4561ee9a8e932125ab53ec702c381ec917624340e651d489dca48e8436cc82b2292ac0255d7a650edc308ac15e30cf453ba43c0d22100000000caa0b1f24b11872aec2343a683dbc34e50187f08e14aa9ea7f0000000000000000214c7a06aeea7b287d78f2861b76b5"], 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1000000000000000}, 0x0, 0x0, 0x1, 0x0, 0x4786}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x4e22, @multicast1}, {0x2, 0x0, @remote}, {0x2, 0x4e24, @remote}, 0x1b6}) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/net/pfkey\x00', 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x0, @loopback}, {}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x19}}, 0x0, 0x0, 0x0, 0x0, 0x3e91, &(0x7f0000000340)='vxcan1\x00', 0x0, 0x2, 0x1f}) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000080)={0x750, {0x2, 0x0, @dev}, {0x2, 0x0, @remote}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x2, 0x46a}) syz_open_dev$media(&(0x7f0000000200)='/dev/media#\x00', 0x97ba, 0xa4000) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0) setsockopt$IP_VS_SO_SET_ZERO(0xffffffffffffffff, 0x0, 0x48f, &(0x7f0000001240)={0x84, @local, 0x0, 0x4, 'none\x00', 0x17, 0x1f, 0x5b}, 0x8b) r3 = dup3(r1, 0xffffffffffffffff, 0x80000) ioctl$USBDEVFS_BULK(r3, 0xc0185502, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) socket$inet(0x2, 0x4000000805, 0x0) 11:42:51 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:42:51 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000005000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:42:51 executing program 2: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) pipe(&(0x7f0000000140)={0xffffffffffffffff}) setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000000)=0x2, 0x4) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) 11:42:51 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c00000000000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:42:51 executing program 3: socket$kcm(0xa, 0x6, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r0 = gettid() r1 = getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r0, @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32], 0x3c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r0, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3097.195762][T20956] netlink: 'syz-executor.0': attribute type 8 has an invalid length. [ 3097.221624][T20962] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3097.232536][T20960] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:42:51 executing program 2: socket$inet(0x2, 0x1, 0x0) r0 = syz_open_dev$sndseq(&(0x7f0000000200)='/dev/snd/seq\x00', 0x0, 0x1) r1 = dup2(r0, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r1, &(0x7f0000000000), 0x0) ioctl$SNDRV_PCM_IOCTL_RESET(r1, 0x4141, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3097.246044][T20956] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3097.267796][T20962] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:42:51 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000006000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3097.372913][T20956] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3097.372913][T20956] !' [ 3097.384869][T20956] CPU: 0 PID: 20956 Comm: syz-executor.0 Not tainted 5.6.0-rc6-syzkaller #0 [ 3097.393577][T20956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3097.403642][T20956] Call Trace: [ 3097.406950][T20956] dump_stack+0x188/0x20d [ 3097.411305][T20956] sysfs_warn_dup.cold+0x1c/0x2d [ 3097.416270][T20956] sysfs_do_create_link_sd.isra.0+0x119/0x130 11:42:51 executing program 2: r0 = socket$inet(0x2, 0x80000, 0xfb) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3097.422361][T20956] sysfs_create_link+0x61/0xc0 [ 3097.427147][T20956] device_add+0x71c/0x1bc0 [ 3097.431584][T20956] ? uevent_show+0x360/0x360 [ 3097.436203][T20956] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3097.442212][T20956] wiphy_register+0x1c46/0x2720 [ 3097.447098][T20956] ? wiphy_unregister+0xf90/0xf90 [ 3097.452134][T20956] ? retint_kernel+0x2b/0x2b [ 3097.456749][T20956] ? ieee80211_register_hw+0x2ae8/0x3760 [ 3097.462398][T20956] ieee80211_register_hw+0x141d/0x3760 [ 3097.467889][T20956] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3097.473368][T20956] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3097.478926][T20956] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3097.484924][T20956] ? memset+0x20/0x40 [ 3097.488933][T20956] ? __hrtimer_init+0x134/0x260 [ 3097.493805][T20956] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3097.496344][T20976] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3097.499530][T20956] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3097.499574][T20956] ? hwsim_register_received_nl+0x400/0x400 [ 3097.499593][T20956] ? hwsim_new_radio_nl+0x9a3/0xf60 [ 3097.499615][T20956] hwsim_new_radio_nl+0x905/0xf60 [ 3097.529629][T20956] ? retint_kernel+0x2b/0x2b [ 3097.534249][T20956] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3097.540176][T20956] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3097.546522][T20956] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3097.552869][T20956] genl_rcv_msg+0x627/0xdf0 [ 3097.557396][T20956] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3097.563735][T20956] ? lockdep_hardirqs_on+0x417/0x5d0 11:42:51 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000007000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3097.569035][T20956] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3097.574635][T20956] netlink_rcv_skb+0x15a/0x410 [ 3097.579432][T20956] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3097.585777][T20956] ? netlink_ack+0xa80/0xa80 [ 3097.590407][T20956] genl_rcv+0x24/0x40 [ 3097.594397][T20956] netlink_unicast+0x537/0x740 [ 3097.599180][T20956] ? netlink_attachskb+0x810/0x810 [ 3097.604316][T20956] netlink_sendmsg+0x882/0xe10 [ 3097.609103][T20956] ? aa_af_perm+0x260/0x260 [ 3097.613614][T20956] ? netlink_unicast+0x740/0x740 [ 3097.618572][T20956] ? netlink_unicast+0x740/0x740 [ 3097.623519][T20956] sock_sendmsg+0xcf/0x120 [ 3097.627959][T20956] ____sys_sendmsg+0x6b9/0x7d0 [ 3097.632882][T20956] ? kernel_sendmsg+0x50/0x50 [ 3097.637578][T20956] ? mark_lock+0xbc/0x1220 [ 3097.642015][T20956] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3097.647503][T20956] ___sys_sendmsg+0x100/0x170 [ 3097.652207][T20956] ? sendmsg_copy_msghdr+0x70/0x70 [ 3097.657335][T20956] ? __fget_files+0x2a6/0x4f0 [ 3097.662031][T20956] ? __fget_files+0x329/0x4f0 [ 3097.666729][T20956] ? ksys_dup3+0x3c0/0x3c0 11:42:52 executing program 2: r0 = syz_open_dev$vcsu(&(0x7f0000000000)='/dev/vcsu#\x00', 0x0, 0x740) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$wireguard(&(0x7f00000000c0)='wireguard\x00') r3 = openat$cuse(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cuse\x00', 0x82, 0x0) io_setup(0x2, &(0x7f0000000400)=0x0) io_submit(r4, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x4, 0x960000, 0x0, 0x1, 0x0, r3, &(0x7f00000001c0)="1000004004ffffffffa0010000000000b22025285db74192e7576d9062ec6e2fe8ffff3ff248691861d03a71091d334252afb1af5b8f0474c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}]) clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0}) io_pgetevents(r4, 0x3, 0x9, &(0x7f00000009c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000240)={r5, r6+10000000}, 0x0) sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)={0x74, r2, 0x409, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_PEERS={0x4c, 0x8, 0x0, 0x1, [{0x48, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg='\xdb\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff'}, @WGPEER_A_ALLOWEDIPS={0x20, 0x9, 0x0, 0x1, [{0x3, 0x0, 0x0, 0x1, [@ipv4={{0x6, 0x2}, {0x8, 0x2, @multicast1}, {0x5}}]}]}]}]}]}, 0x74}}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket(0x1, 0x803, 0x0) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0xb, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb, 0x1, 'ipvlan\x00'}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r9}, @IFLA_MASTER={0x8, 0xa, r9}]}, 0x44}}, 0x0) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000b00)=ANY=[@ANYBLOB="e0040000", @ANYRES16=r2, @ANYBLOB="10002cbd7000fedbdf250100000008000110c617e24804620593b391df5aee2bf87c4fff95e0e23b13a3c3", @ANYRES32=r9, @ANYBLOB="0800050000000000080007000300000014000200776732000000000000000000000000000800050001000000140002007767310000000000000000000000000008000700ff07000014000200776732000000000000000000000000006804088044030080200004000a004e2100000400fe8000000000000000000000000000bb1000100006000500ad0f00001400040002004e22ac1e010100000000000000001400040002004e207f000001000000000000000008000300020000000600050008000000200004000a004e2200000009fe8000000000000000000000000000bbf64b000006000500010000002400010000000000000000000000000000000000000000000000000000000000000000009402098094000080060001000a00000014000200ff02000000000000000000000000000105000300020000000600010002000000080002007f0000010500030001000000060001000200000008000200e00000020500030001000000060001000200000008000200ac1414bb0500030001000000060001000a00000014000200ff020000000000000000000000000001050003000200000030010080060001000a00000014000200ff0100000000000000000000000000010500030003000000060001000200000008000200000000010500030000000000060001000a00000014000200fe88000000000000000000000000010105000300010000000600010002000000080002007f0000010500030001000000060001000200000008000200ac1414aa0500030002000000060001000a00000014000200fe8000000000000000000000000000aa0500030000000000060001000a00000014000200fe8000000000000000000000000000aa0500030003000000060001000200000008000200ac1414bb05000300020000000600010002000000080002007f0000010500030002000000060001000a0000001400020000000000000000000000ffffac1414aa050003000300000040000080060001000a00000014000200fe8000000000000000000000000000bb0500030002000000060001000200000008000200ac1414bb05000300010000004c000080060001000a00000014000200ff0100000000000000000000000000010500030003000000060001000a00000014000200ff020000000000000000000000000001050003000000000040000080060001000200000008000200ac14140a0500030000000000060001000a00000014000200fe8800000000000000000000000000010500030003000000b4000080b0000980ac000080060001000200000008000200e00000020500030003000000060001000200000008000200ac1414bb0500030002000000060001000200000008000200e00000020500030003000000060001000a00000014000200fe8800000000000000000000000000010500030003000000060001000200000008000200ffffffff0500030001000000060001000a00000014000200fe80000000000000000000000000002405000300010000006c000080200004000a004e24fffffffefe8800000000000000000000000001010010000024000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c24000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b"], 0x4e0}, 0x1, 0x0, 0x0, 0x200488d0}, 0x400c4) r10 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r10, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac14000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/553]}, 0x2a1) [ 3097.671155][T20956] ? lock_acquire+0x197/0x420 [ 3097.675851][T20956] ? __might_fault+0xef/0x1d0 [ 3097.680559][T20956] ? __fget_light+0x208/0x270 [ 3097.685264][T20956] __sys_sendmsg+0xec/0x1b0 [ 3097.689779][T20956] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3097.694839][T20956] ? __x64_sys_futex+0x380/0x4f0 [ 3097.699809][T20956] ? trace_hardirqs_off_caller+0x55/0x230 [ 3097.705550][T20956] ? do_syscall_64+0x21/0x7d0 [ 3097.710246][T20956] do_syscall_64+0xf6/0x7d0 [ 3097.714762][T20956] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3097.720656][T20956] RIP: 0033:0x45c849 [ 3097.722125][T20982] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3097.724556][T20956] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3097.724566][T20956] RSP: 002b:00007febc7569c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3097.724586][T20956] RAX: ffffffffffffffda RBX: 00007febc756a6d4 RCX: 000000000045c849 [ 3097.724595][T20956] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3097.724604][T20956] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3097.724612][T20956] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3097.724619][T20956] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3097.765601][T20964] netlink: 'syz-executor.1': attribute type 8 has an invalid length. 11:42:52 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0000000000000000000000000060000000000000000000000000000a000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3097.901648][T20964] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3097.936680][T20991] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3098.071979][T20964] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3098.071979][T20964] !' [ 3098.085299][T20964] CPU: 1 PID: 20964 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3098.094006][T20964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3098.104069][T20964] Call Trace: [ 3098.107374][T20964] dump_stack+0x188/0x20d [ 3098.111727][T20964] sysfs_warn_dup.cold+0x1c/0x2d [ 3098.116682][T20964] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3098.122763][T20964] sysfs_create_link+0x61/0xc0 [ 3098.127543][T20964] device_add+0x71c/0x1bc0 [ 3098.131992][T20964] ? uevent_show+0x360/0x360 [ 3098.136600][T20964] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3098.142606][T20964] wiphy_register+0x1c46/0x2720 [ 3098.147510][T20964] ? wiphy_unregister+0xf90/0xf90 [ 3098.152561][T20964] ? __kmalloc+0x629/0x7a0 [ 3098.156989][T20964] ? ieee80211_register_hw+0xbea/0x3760 [ 3098.162555][T20964] ? ieee80211_cs_list_valid+0x198/0x280 [ 3098.168206][T20964] ieee80211_register_hw+0x141d/0x3760 [ 3098.173702][T20964] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3098.179181][T20964] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3098.184745][T20964] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3098.190738][T20964] ? memset+0x20/0x40 [ 3098.194731][T20964] ? __hrtimer_init+0x134/0x260 [ 3098.199601][T20964] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3098.205331][T20964] ? vprintk_func+0x81/0x17e [ 3098.209984][T20964] ? hwsim_register_received_nl+0x400/0x400 [ 3098.215906][T20964] hwsim_new_radio_nl+0x905/0xf60 [ 3098.220950][T20964] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3098.226849][T20964] ? cap_capable+0x1eb/0x250 [ 3098.231475][T20964] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3098.237812][T20964] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3098.244165][T20964] genl_rcv_msg+0x627/0xdf0 [ 3098.248696][T20964] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3098.255066][T20964] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 3098.260901][T20964] netlink_rcv_skb+0x15a/0x410 [ 3098.265679][T20964] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3098.272023][T20964] ? netlink_ack+0xa80/0xa80 [ 3098.276638][T20964] ? genl_rcv+0x9/0x40 [ 3098.280722][T20964] genl_rcv+0x24/0x40 [ 3098.284712][T20964] netlink_unicast+0x537/0x740 [ 3098.289498][T20964] ? netlink_attachskb+0x810/0x810 [ 3098.294617][T20964] ? security_netlink_send+0x13/0xa0 [ 3098.299915][T20964] ? __sanitizer_cov_trace_pc+0x22/0x50 [ 3098.305480][T20964] netlink_sendmsg+0x882/0xe10 [ 3098.310276][T20964] ? aa_af_perm+0x260/0x260 [ 3098.314790][T20964] ? netlink_unicast+0x740/0x740 [ 3098.319761][T20964] ? netlink_unicast+0x740/0x740 [ 3098.324710][T20964] sock_sendmsg+0xcf/0x120 [ 3098.329141][T20964] ____sys_sendmsg+0x6b9/0x7d0 [ 3098.333930][T20964] ? kernel_sendmsg+0x50/0x50 [ 3098.338625][T20964] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3098.344352][T20964] ? retint_kernel+0x2b/0x2b [ 3098.349406][T20964] ___sys_sendmsg+0x100/0x170 [ 3098.354103][T20964] ? sendmsg_copy_msghdr+0x70/0x70 [ 3098.359246][T20964] ? __fget_files+0x329/0x4f0 [ 3098.363950][T20964] ? ksys_dup3+0x3c0/0x3c0 [ 3098.368379][T20964] ? lock_acquire+0x197/0x420 [ 3098.373066][T20964] ? __might_fault+0xef/0x1d0 [ 3098.377769][T20964] ? __fget_light+0x208/0x270 [ 3098.382469][T20964] __sys_sendmsg+0xec/0x1b0 [ 3098.386986][T20964] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3098.392057][T20964] ? trace_hardirqs_off_caller+0x55/0x230 [ 3098.397790][T20964] ? do_syscall_64+0x21/0x7d0 [ 3098.402486][T20964] do_syscall_64+0xf6/0x7d0 [ 3098.407019][T20964] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3098.412915][T20964] RIP: 0033:0x45c849 [ 3098.416818][T20964] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3098.436437][T20964] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3098.444857][T20964] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3098.452850][T20964] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3098.460832][T20964] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3098.468811][T20964] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3098.476788][T20964] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3098.508669][T20963] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 3098.519809][T20963] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3098.547029][T20963] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3098.547029][T20963] !' [ 3098.568129][T20963] CPU: 0 PID: 20963 Comm: syz-executor.3 Not tainted 5.6.0-rc6-syzkaller #0 [ 3098.576832][T20963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3098.586894][T20963] Call Trace: [ 3098.590201][T20963] dump_stack+0x188/0x20d [ 3098.594558][T20963] sysfs_warn_dup.cold+0x1c/0x2d [ 3098.599517][T20963] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3098.605600][T20963] sysfs_create_link+0x61/0xc0 [ 3098.610377][T20963] device_add+0x71c/0x1bc0 [ 3098.614815][T20963] ? uevent_show+0x360/0x360 [ 3098.619423][T20963] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3098.625429][T20963] wiphy_register+0x1c46/0x2720 [ 3098.630350][T20963] ? wiphy_unregister+0xf90/0xf90 [ 3098.635397][T20963] ? __kmalloc+0x629/0x7a0 [ 3098.639829][T20963] ? ieee80211_register_hw+0xbea/0x3760 [ 3098.645400][T20963] ? ieee80211_cs_list_valid+0x198/0x280 [ 3098.651061][T20963] ieee80211_register_hw+0x141d/0x3760 [ 3098.656562][T20963] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3098.662044][T20963] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3098.667603][T20963] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3098.673601][T20963] ? memset+0x20/0x40 [ 3098.677597][T20963] ? __hrtimer_init+0x134/0x260 [ 3098.682463][T20963] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3098.688192][T20963] ? vprintk_func+0x81/0x17e [ 3098.692817][T20963] ? hwsim_register_received_nl+0x400/0x400 [ 3098.698740][T20963] hwsim_new_radio_nl+0x905/0xf60 [ 3098.703786][T20963] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3098.709689][T20963] ? cap_capable+0x1eb/0x250 [ 3098.714311][T20963] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3098.720646][T20963] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3098.727003][T20963] genl_rcv_msg+0x627/0xdf0 [ 3098.731540][T20963] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3098.737914][T20963] ? mark_held_locks+0xe0/0xe0 [ 3098.742702][T20963] netlink_rcv_skb+0x15a/0x410 [ 3098.747487][T20963] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3098.753834][T20963] ? netlink_ack+0xa80/0xa80 [ 3098.758477][T20963] genl_rcv+0x24/0x40 [ 3098.762475][T20963] netlink_unicast+0x537/0x740 [ 3098.767257][T20963] ? netlink_attachskb+0x810/0x810 [ 3098.772404][T20963] ? _copy_from_iter_full+0x25c/0x870 [ 3098.777789][T20963] ? __phys_addr_symbol+0x2c/0x70 [ 3098.782944][T20963] ? __check_object_size+0x171/0x437 [ 3098.788249][T20963] netlink_sendmsg+0x882/0xe10 [ 3098.793036][T20963] ? aa_af_perm+0x260/0x260 [ 3098.797554][T20963] ? netlink_unicast+0x740/0x740 [ 3098.802521][T20963] ? netlink_unicast+0x740/0x740 [ 3098.807475][T20963] sock_sendmsg+0xcf/0x120 [ 3098.811909][T20963] ____sys_sendmsg+0x6b9/0x7d0 [ 3098.816689][T20963] ? kernel_sendmsg+0x50/0x50 [ 3098.821381][T20963] ? mark_lock+0xbc/0x1220 [ 3098.825826][T20963] ___sys_sendmsg+0x100/0x170 [ 3098.830602][T20963] ? sendmsg_copy_msghdr+0x70/0x70 [ 3098.835744][T20963] ? __fget_files+0x329/0x4f0 [ 3098.840450][T20963] ? ksys_dup3+0x3c0/0x3c0 [ 3098.844887][T20963] ? lock_acquire+0x197/0x420 [ 3098.849575][T20963] ? __might_fault+0xef/0x1d0 [ 3098.854276][T20963] ? __fget_light+0x208/0x270 [ 3098.858975][T20963] __sys_sendmsg+0xec/0x1b0 [ 3098.863488][T20963] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3098.868548][T20963] ? do_syscall_64+0x4f/0x7d0 [ 3098.873242][T20963] do_syscall_64+0xf6/0x7d0 [ 3098.877760][T20963] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3098.883656][T20963] RIP: 0033:0x45c849 [ 3098.887561][T20963] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3098.907169][T20963] RSP: 002b:00007f413d0f4c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3098.915588][T20963] RAX: ffffffffffffffda RBX: 00007f413d0f56d4 RCX: 000000000045c849 [ 3098.923563][T20963] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 3098.931540][T20963] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3098.939519][T20963] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3098.947498][T20963] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:42:58 executing program 4: keyctl$instantiate(0xc, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="6e657520646566617550b65563726c7420757365723a73797a203034307019aa37f225c2065cb139689dcc52811a52053053bad3939724b71276151db1d0f023ad6231dc406ac793a504ca07c06315f890bdf432596b03b2b901b18a5d291542fe6e5d3db5456906e9db419d38e62033cba6e6e313d70ab2a99d3afa609251c670507ae39ad406dae81535cf185111d32367bef1e5f06b3d58d6bab270378a59888015c2c32aa6abbc10779b9bc29f336650a10000000000009842c8e868bb84390a425ed81f90db49d802d54541e4f8247236000000000d7339327134195110b749744142c76f7d34a004a67c46db8140f2a01781379d1b62ee7a361d6bec3b690da912071a48a26f1e8fc9aef02b7abfb5699d5d12dcc6bbe3f6f67a894032cc0c48db1397046c4603000000b01e5f0a5993fbccf373129d1691a0bd8600bdc3c4561ee9a8e932125ab53ec702c381ec917624340e651d489dca48e8436cc82b2292ac0255d7a650edc308ac15e30cf453ba43c0d22100000000caa0b1f24b11872aec2343a683dbc34e50187f08e14aa9ea7f0000000000000000214c7a06aeea7b287d78f2861b76b5"], 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1000000000000000}, 0x0, 0x0, 0x1, 0x0, 0x4786}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x4e22, @multicast1}, {0x2, 0x0, @remote}, {0x2, 0x4e24, @remote}, 0x1b6}) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/net/pfkey\x00', 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x0, @loopback}, {}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x19}}, 0x0, 0x0, 0x0, 0x0, 0x3e91, &(0x7f0000000340)='vxcan1\x00', 0x0, 0x2, 0x1f}) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000080)={0x750, {0x2, 0x0, @dev}, {0x2, 0x0, @remote}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x2, 0x46a}) syz_open_dev$media(&(0x7f0000000200)='/dev/media#\x00', 0x97ba, 0xa4000) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0) setsockopt$IP_VS_SO_SET_ZERO(0xffffffffffffffff, 0x0, 0x48f, &(0x7f0000001240)={0x84, @local, 0x0, 0x4, 'none\x00', 0x17, 0x1f, 0x5b}, 0x8b) r3 = dup3(r1, 0xffffffffffffffff, 0x80000) ioctl$USBDEVFS_BULK(r3, 0xc0185502, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) socket$inet(0x2, 0x4000000805, 0x0) 11:42:58 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:42:58 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000018000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:42:58 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c00000000000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:42:58 executing program 3: socket$kcm(0xa, 0x6, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r0 = gettid() r1 = getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r0, @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32], 0x3c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r0, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:42:58 executing program 2: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000008000000000010000000000000004a56ca6c6dcf1312790546000000007fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000000000000000000000000000000000000000003d1cacc9f42e5b240ef415359060a903df071e38323f5e679379e8833e1c916d5e89e793a599"]}, 0x2de) r1 = syz_open_dev$sndseq(&(0x7f0000000200)='/dev/snd/seq\x00', 0x0, 0x1) r2 = dup2(r1, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r2, &(0x7f0000000000), 0x0) ioctl$SNDRV_PCM_IOCTL_RESET(r2, 0x4141, 0x0) setsockopt$inet_int(r2, 0x0, 0x23, &(0x7f0000000000)=0x8, 0x4) r3 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000240)=[@in={0x2, 0x4e20, @loopback}, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1d}}], 0x20) sendto$inet(r3, &(0x7f00003cef9f)='7', 0x1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000025e000)={0x2, [0x0, 0x0]}, &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x7a, &(0x7f000059aff8)={r4}, &(0x7f000034f000)=0x2059b000) setsockopt$inet_sctp_SCTP_RESET_ASSOC(r2, 0x84, 0x78, &(0x7f0000000040)=r4, 0x4) [ 3104.395740][T21003] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3104.430581][T21009] netlink: 'syz-executor.1': attribute type 8 has an invalid length. 11:42:58 executing program 2: socket$inet(0x2, 0x1, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff}) setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000000)=0x2, 0x4) r1 = syz_open_dev$usbfs(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x77, 0x1) ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000380)) r2 = getpid() sched_setscheduler(r2, 0x0, &(0x7f0000000380)) r3 = syz_open_dev$sndseq(&(0x7f0000000200)='/dev/snd/seq\x00', 0x0, 0x1) setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, &(0x7f0000000000)=0x2, 0x4) ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, &(0x7f0000000340)={0x0, 0x1, 0x10000, 0xffffffffffffffff, 0x0, &(0x7f00000002c0)={0x980906, 0x0, [], @value64=0x66}}) ioctl$TIOCCBRK(r4, 0x5428) r5 = dup2(r3, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r5, &(0x7f0000000000), 0x0) ioctl$SNDRV_PCM_IOCTL_RESET(r5, 0x4141, 0x0) r6 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/autofs\x00', 0x4002, 0x0) ioctl$sock_inet_SIOCGIFDSTADDR(r6, 0x8917, &(0x7f0000000280)={'wg2\x00', {0x2, 0x4e24, @empty}}) pipe(&(0x7f0000000080)={0xffffffffffffffff}) setsockopt$EBT_SO_SET_ENTRIES(r7, 0x0, 0x80, &(0x7f00000000c0)=@broute={'broute\x00', 0x20, 0x1, 0xc, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYRES32=r2, @ANYRES64=r5]}, 0x84) [ 3104.458511][T21009] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. 11:42:58 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000020000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3104.566834][T21009] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3104.566834][T21009] !' [ 3104.611716][T21017] hub 9-0:1.0: USB hub found [ 3104.617252][T21009] CPU: 1 PID: 21009 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3104.625956][T21009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3104.631229][T21017] hub 9-0:1.0: 8 ports detected [ 3104.636011][T21009] Call Trace: [ 3104.636036][T21009] dump_stack+0x188/0x20d [ 3104.636062][T21009] sysfs_warn_dup.cold+0x1c/0x2d [ 3104.636080][T21009] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3104.636101][T21009] sysfs_create_link+0x61/0xc0 [ 3104.664317][T21009] device_add+0x71c/0x1bc0 [ 3104.668757][T21009] ? uevent_show+0x360/0x360 [ 3104.673363][T21009] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3104.679371][T21009] wiphy_register+0x1c46/0x2720 [ 3104.684255][T21009] ? wiphy_unregister+0xf90/0xf90 [ 3104.689283][T21009] ? retint_kernel+0x2b/0x2b [ 3104.693899][T21009] ? ieee80211_cs_list_valid+0x198/0x280 [ 3104.699544][T21009] ieee80211_register_hw+0x141d/0x3760 [ 3104.705035][T21009] ? ieee80211_ifa_changed+0xdc0/0xdc0 11:42:59 executing program 2: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000001000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff010000000500000000000000a6dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069667230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b001000069703600000000000000000000000000000000000000000028f3abcf0000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d0000000000dafbbcb1c3b3f6e6000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a22fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a300000000000000000000001000000000000000000196b955d459b87d2b131b305b59e71abb29494f96c74aaf7a3a1698788c2694cc9c27fd32e0845b843db90c3f1146d46984f7d10ec76ab60e785e019e555d8656cf9e3c718764950f9b3b2265298517da4ce94f784820623c48ccf7c43bbd1ed66f9c5edc0a770af592f9af349fbe8b30bbdcf0b289208443e6d0425ec7941f201321a700fc6c55cd83234a238e17d84a72684bb107e3fc5dc9a0ff4cb8d991f2f8bd98e9914c27a085bc77526ceca0f4f7380505977591152cc568dbe02b1c3697d47184c339429d23412169697bd3e"]}, 0x388) r1 = syz_open_dev$sndseq(&(0x7f0000000240)='/dev/snd/seq\x00', 0x0, 0x10000) pipe(&(0x7f0000000140)={0xffffffffffffffff}) setsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000000)=0x2, 0x4) r3 = dup2(r1, r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000004c0)={0x6, 0xfffffffc, 0x0, 'queue1\x00', 0x7fdc}) write$sndseq(r3, &(0x7f0000000000), 0x0) ioctl$SNDRV_PCM_IOCTL_RESET(r3, 0x4141, 0x0) sendmsg$IPSET_CMD_TYPE(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="380000000d0601080000000000000000050000030500050000000000050000686173683a697000050001007f55ff07"], 0x38}, 0x1, 0x0, 0x0, 0x24000001}, 0x20000000) [ 3104.710510][T21009] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3104.716068][T21009] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3104.722067][T21009] ? memset+0x20/0x40 [ 3104.726059][T21009] ? __hrtimer_init+0x134/0x260 [ 3104.730927][T21009] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3104.736653][T21009] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3104.741971][T21009] ? hwsim_register_received_nl+0x400/0x400 [ 3104.747890][T21009] hwsim_new_radio_nl+0x905/0xf60 [ 3104.752930][T21009] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3104.758424][T21009] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3104.764326][T21009] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3104.770107][T21009] genl_rcv_msg+0x627/0xdf0 [ 3104.774644][T21009] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3104.780986][T21009] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3104.786463][T21009] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3104.792212][T21009] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3104.798559][T21009] netlink_rcv_skb+0x15a/0x410 [ 3104.803346][T21009] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3104.809695][T21009] ? netlink_ack+0xa80/0xa80 [ 3104.814320][T21009] genl_rcv+0x24/0x40 [ 3104.818315][T21009] netlink_unicast+0x537/0x740 [ 3104.823100][T21009] ? netlink_attachskb+0x810/0x810 [ 3104.828244][T21009] netlink_sendmsg+0x882/0xe10 [ 3104.833022][T21009] ? retint_kernel+0x2b/0x2b [ 3104.837616][T21009] ? netlink_unicast+0x740/0x740 [ 3104.842558][T21009] ? netlink_unicast+0x740/0x740 [ 3104.847516][T21009] ? netlink_unicast+0x740/0x740 [ 3104.852461][T21009] sock_sendmsg+0xcf/0x120 [ 3104.856889][T21009] ____sys_sendmsg+0x6b9/0x7d0 11:42:59 executing program 2: r0 = socket$inet(0x2, 0x1, 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000200)='/dev/snd/seq\x00', 0x0, 0x1) r2 = dup2(r1, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue0\x00'}) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x200000, 0x0) r4 = syz_open_dev$sndpcmp(0x0, 0x0, 0x0) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140)='TIPC\x00') sendmsg$TIPC_CMD_GET_MAX_PORTS(r4, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400283}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0xfffffffffffffe06, r5, 0x400, 0x0, 0x25dfdbfb, {}, ["", "", ""]}, 0x1c}}, 0x0) sendmsg$TIPC_CMD_SET_NODE_ADDR(r3, &(0x7f0000000500)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000240)={0x24, r5, 0x400, 0x70bd2b, 0x25dfdbff, {{}, {}, {0x8, 0x11, 0x2}}, ["", "", "", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x40) write$sndseq(r2, &(0x7f0000000000), 0x0) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r2) ioctl$SNDRV_PCM_IOCTL_RESET(r2, 0x4141, 0x0) setsockopt$SO_BINDTODEVICE_wg(r2, 0x1, 0x19, &(0x7f0000000000)='wg1\x00', 0x4) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3104.861670][T21009] ? kernel_sendmsg+0x50/0x50 [ 3104.866361][T21009] ? mark_lock+0xbc/0x1220 [ 3104.870788][T21009] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3104.876277][T21009] ___sys_sendmsg+0x100/0x170 [ 3104.880976][T21009] ? sendmsg_copy_msghdr+0x70/0x70 [ 3104.886109][T21009] ? __fget_files+0x329/0x4f0 [ 3104.890819][T21009] ? ksys_dup3+0x3c0/0x3c0 [ 3104.895260][T21009] ? lock_acquire+0x197/0x420 [ 3104.899941][T21009] ? __might_fault+0xef/0x1d0 [ 3104.904648][T21009] ? __fget_light+0x208/0x270 [ 3104.909462][T21009] __sys_sendmsg+0xec/0x1b0 [ 3104.913988][T21009] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3104.919052][T21009] ? do_syscall_64+0x4f/0x7d0 [ 3104.923745][T21009] do_syscall_64+0xf6/0x7d0 [ 3104.928440][T21009] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3104.934330][T21009] RIP: 0033:0x45c849 [ 3104.938228][T21009] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3104.944717][T21029] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3104.957833][T21009] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3104.957848][T21009] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3104.957856][T21009] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3104.957863][T21009] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3104.957871][T21009] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 11:42:59 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0000000000000000000000000060000000000000000000000000003f000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3104.957879][T21009] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3105.026784][T21010] netlink: 'syz-executor.0': attribute type 8 has an invalid length. [ 3105.040471][T21010] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.0'. 11:42:59 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c00000000000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3105.109250][T21010] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3105.109250][T21010] !' [ 3105.156543][T21033] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3105.165744][T21010] CPU: 0 PID: 21010 Comm: syz-executor.0 Not tainted 5.6.0-rc6-syzkaller #0 [ 3105.174433][T21010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3105.184493][T21010] Call Trace: [ 3105.187801][T21010] dump_stack+0x188/0x20d [ 3105.192154][T21010] sysfs_warn_dup.cold+0x1c/0x2d [ 3105.197098][T21010] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3105.203176][T21010] sysfs_create_link+0x61/0xc0 [ 3105.207953][T21010] device_add+0x71c/0x1bc0 [ 3105.212402][T21010] ? ieee80211_set_bitrate_flags+0x4e2/0x5c0 [ 3105.218402][T21010] ? uevent_show+0x360/0x360 [ 3105.223011][T21010] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3105.229023][T21010] wiphy_register+0x1c46/0x2720 [ 3105.233907][T21010] ? wiphy_unregister+0xf90/0xf90 [ 3105.238951][T21010] ? ieee80211_cs_list_valid+0x1e/0x280 [ 3105.244505][T21010] ? ieee80211_cs_list_valid+0x198/0x280 [ 3105.250149][T21010] ieee80211_register_hw+0x141d/0x3760 [ 3105.255631][T21010] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3105.261101][T21010] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3105.266658][T21010] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3105.272653][T21010] ? memset+0x20/0x40 [ 3105.276643][T21010] ? __hrtimer_init+0x134/0x260 [ 3105.281506][T21010] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3105.287232][T21010] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3105.292550][T21010] ? hwsim_register_received_nl+0x400/0x400 [ 3105.298475][T21010] hwsim_new_radio_nl+0x905/0xf60 [ 3105.303519][T21010] ? retint_kernel+0x2b/0x2b [ 3105.308128][T21010] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3105.314048][T21010] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3105.320385][T21010] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3105.326742][T21010] genl_rcv_msg+0x627/0xdf0 [ 3105.331266][T21010] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3105.337632][T21010] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 3105.343463][T21010] netlink_rcv_skb+0x15a/0x410 [ 3105.348241][T21010] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3105.354590][T21010] ? netlink_ack+0xa80/0xa80 [ 3105.359223][T21010] genl_rcv+0x24/0x40 [ 3105.363217][T21010] netlink_unicast+0x537/0x740 [ 3105.368005][T21010] ? netlink_attachskb+0x810/0x810 [ 3105.373125][T21010] ? _copy_from_iter_full+0x25c/0x870 [ 3105.378505][T21010] ? __phys_addr_symbol+0x2c/0x70 [ 3105.383538][T21010] ? __check_object_size+0x171/0x437 [ 3105.388843][T21010] netlink_sendmsg+0x882/0xe10 [ 3105.393629][T21010] ? aa_af_perm+0x260/0x260 [ 3105.398143][T21010] ? netlink_unicast+0x740/0x740 [ 3105.403109][T21010] ? netlink_unicast+0x740/0x740 [ 3105.408064][T21010] sock_sendmsg+0xcf/0x120 [ 3105.412493][T21010] ____sys_sendmsg+0x6b9/0x7d0 [ 3105.417266][T21010] ? kernel_sendmsg+0x50/0x50 [ 3105.421959][T21010] ? mark_lock+0xbc/0x1220 [ 3105.426410][T21010] ___sys_sendmsg+0x100/0x170 [ 3105.431104][T21010] ? sendmsg_copy_msghdr+0x70/0x70 [ 3105.436241][T21010] ? __fget_files+0x329/0x4f0 [ 3105.440938][T21010] ? ksys_dup3+0x3c0/0x3c0 [ 3105.445357][T21010] ? lock_acquire+0x197/0x420 [ 3105.450038][T21010] ? __might_fault+0xef/0x1d0 [ 3105.454733][T21010] ? __fget_light+0x208/0x270 [ 3105.459436][T21010] __sys_sendmsg+0xec/0x1b0 [ 3105.463953][T21010] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3105.468987][T21010] ? __x64_sys_futex+0x380/0x4f0 [ 3105.473953][T21010] ? trace_hardirqs_off_caller+0x55/0x230 [ 3105.479698][T21010] ? do_syscall_64+0x21/0x7d0 [ 3105.484385][T21010] do_syscall_64+0xf6/0x7d0 [ 3105.488905][T21010] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3105.494794][T21010] RIP: 0033:0x45c849 [ 3105.498693][T21010] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3105.518298][T21010] RSP: 002b:00007febc7569c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3105.526714][T21010] RAX: ffffffffffffffda RBX: 00007febc756a6d4 RCX: 000000000045c849 [ 3105.534690][T21010] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3105.542665][T21010] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3105.550641][T21010] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3105.558616][T21010] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3105.578024][T21011] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 3105.598407][T21011] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3105.641961][T21011] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3105.641961][T21011] !' [ 3105.666634][T21011] CPU: 0 PID: 21011 Comm: syz-executor.3 Not tainted 5.6.0-rc6-syzkaller #0 [ 3105.675340][T21011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3105.685401][T21011] Call Trace: [ 3105.688712][T21011] dump_stack+0x188/0x20d [ 3105.693062][T21011] sysfs_warn_dup.cold+0x1c/0x2d [ 3105.698012][T21011] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3105.704097][T21011] sysfs_create_link+0x61/0xc0 [ 3105.708874][T21011] device_add+0x71c/0x1bc0 [ 3105.713312][T21011] ? uevent_show+0x360/0x360 [ 3105.717916][T21011] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3105.724025][T21011] wiphy_register+0x1c46/0x2720 [ 3105.728907][T21011] ? wiphy_unregister+0xf90/0xf90 [ 3105.733954][T21011] ? __kmalloc+0x629/0x7a0 [ 3105.738379][T21011] ? ieee80211_register_hw+0xbea/0x3760 [ 3105.743945][T21011] ? ieee80211_cs_list_valid+0x198/0x280 [ 3105.749590][T21011] ieee80211_register_hw+0x141d/0x3760 [ 3105.755073][T21011] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3105.760543][T21011] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3105.766091][T21011] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3105.772083][T21011] ? memset+0x20/0x40 [ 3105.776069][T21011] ? __hrtimer_init+0x134/0x260 [ 3105.780935][T21011] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3105.786659][T21011] ? vprintk_func+0x81/0x17e [ 3105.791277][T21011] ? hwsim_register_received_nl+0x400/0x400 [ 3105.797196][T21011] hwsim_new_radio_nl+0x905/0xf60 [ 3105.802237][T21011] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3105.808136][T21011] ? cap_capable+0x1eb/0x250 [ 3105.812750][T21011] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3105.819083][T21011] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3105.825435][T21011] genl_rcv_msg+0x627/0xdf0 [ 3105.829964][T21011] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3105.836313][T21011] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3105.842075][T21011] netlink_rcv_skb+0x15a/0x410 [ 3105.846851][T21011] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3105.853196][T21011] ? netlink_ack+0xa80/0xa80 [ 3105.857824][T21011] genl_rcv+0x24/0x40 [ 3105.861912][T21011] netlink_unicast+0x537/0x740 [ 3105.866695][T21011] ? netlink_attachskb+0x810/0x810 [ 3105.871812][T21011] ? _copy_from_iter_full+0x25c/0x870 [ 3105.877193][T21011] ? __phys_addr_symbol+0x2c/0x70 [ 3105.882225][T21011] ? __check_object_size+0x171/0x437 [ 3105.887634][T21011] netlink_sendmsg+0x882/0xe10 [ 3105.892430][T21011] ? netlink_unicast+0x740/0x740 [ 3105.897394][T21011] ? netlink_unicast+0x740/0x740 [ 3105.902337][T21011] sock_sendmsg+0xcf/0x120 [ 3105.906759][T21011] ____sys_sendmsg+0x6b9/0x7d0 [ 3105.911540][T21011] ? kernel_sendmsg+0x50/0x50 [ 3105.916232][T21011] ? mark_lock+0xbc/0x1220 [ 3105.920678][T21011] ___sys_sendmsg+0x100/0x170 [ 3105.925382][T21011] ? sendmsg_copy_msghdr+0x70/0x70 [ 3105.930521][T21011] ? __fget_files+0x329/0x4f0 [ 3105.935211][T21011] ? ksys_dup3+0x3c0/0x3c0 [ 3105.939629][T21011] ? lock_acquire+0x209/0x420 [ 3105.944335][T21011] ? __fget_light+0x208/0x270 [ 3105.949044][T21011] __sys_sendmsg+0xec/0x1b0 [ 3105.953558][T21011] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3105.958589][T21011] ? __x64_sys_futex+0x380/0x4f0 [ 3105.963558][T21011] ? trace_hardirqs_off_caller+0x55/0x230 [ 3105.969294][T21011] ? do_syscall_64+0x21/0x7d0 [ 3105.974006][T21011] do_syscall_64+0xf6/0x7d0 [ 3105.978528][T21011] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3105.984424][T21011] RIP: 0033:0x45c849 [ 3105.988324][T21011] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3106.007931][T21011] RSP: 002b:00007f413d0f4c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3106.016355][T21011] RAX: ffffffffffffffda RBX: 00007f413d0f56d4 RCX: 000000000045c849 [ 3106.024339][T21011] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 3106.032336][T21011] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3106.040316][T21011] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3106.048296][T21011] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3106.077485][T21028] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:43:07 executing program 4: keyctl$instantiate(0xc, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="6e657520646566617550b65563726c7420757365723a73797a203034307019aa37f225c2065cb139689dcc52811a52053053bad3939724b71276151db1d0f023ad6231dc406ac793a504ca07c06315f890bdf432596b03b2b901b18a5d291542fe6e5d3db5456906e9db419d38e62033cba6e6e313d70ab2a99d3afa609251c670507ae39ad406dae81535cf185111d32367bef1e5f06b3d58d6bab270378a59888015c2c32aa6abbc10779b9bc29f336650a10000000000009842c8e868bb84390a425ed81f90db49d802d54541e4f8247236000000000d7339327134195110b749744142c76f7d34a004a67c46db8140f2a01781379d1b62ee7a361d6bec3b690da912071a48a26f1e8fc9aef02b7abfb5699d5d12dcc6bbe3f6f67a894032cc0c48db1397046c4603000000b01e5f0a5993fbccf373129d1691a0bd8600bdc3c4561ee9a8e932125ab53ec702c381ec917624340e651d489dca48e8436cc82b2292ac0255d7a650edc308ac15e30cf453ba43c0d22100000000caa0b1f24b11872aec2343a683dbc34e50187f08e14aa9ea7f0000000000000000214c7a06aeea7b287d78f2861b76b5"], 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1000000000000000}, 0x0, 0x0, 0x1, 0x0, 0x4786}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x4e22, @multicast1}, {0x2, 0x0, @remote}, {0x2, 0x4e24, @remote}, 0x1b6}) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/net/pfkey\x00', 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x0, @loopback}, {}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x19}}, 0x0, 0x0, 0x0, 0x0, 0x3e91, &(0x7f0000000340)='vxcan1\x00', 0x0, 0x2, 0x1f}) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000080)={0x750, {0x2, 0x0, @dev}, {0x2, 0x0, @remote}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x2, 0x46a}) syz_open_dev$media(&(0x7f0000000200)='/dev/media#\x00', 0x97ba, 0xa4000) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0) setsockopt$IP_VS_SO_SET_ZERO(0xffffffffffffffff, 0x0, 0x48f, &(0x7f0000001240)={0x84, @local, 0x0, 0x4, 'none\x00', 0x17, 0x1f, 0x5b}, 0x8b) r3 = dup3(r1, 0xffffffffffffffff, 0x80000) ioctl$USBDEVFS_BULK(r3, 0xc0185502, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) socket$inet(0x2, 0x4000000805, 0x0) 11:43:07 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000040000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:43:07 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:43:07 executing program 3: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000006000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:43:07 executing program 2: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff000000000000000080ffff000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c454400000000000000000000000000000000000000000000cfdf0000000000280000000000000073797a3000000000000000000000000000000000000000003fcff43c0f221934196404901b0d4c09cb5cac07d85c5473d40d09b8419ae94c8888346615c55230a7cfdbc38a0fb0e8c5be46ae909b779d966b"]}, 0x2f2) r1 = syz_open_dev$sndseq(&(0x7f0000000200)='/dev/snd/seq\x00', 0x0, 0x1) r2 = dup2(r1, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r2, &(0x7f0000000000), 0x0) ioctl$SNDRV_PCM_IOCTL_RESET(r2, 0x4141, 0x0) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000240)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x38, 0x2, 0x6, 0x5, 0x0, 0x0, {0x5, 0x0, 0xa}, [@IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x54, 0x2, 0x1, 0x0, @empty}}]}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x800) ioctl$USBDEVFS_BULK(r2, 0xc0185502, &(0x7f0000000380)={{{0x4, 0x1}}, 0xd9, 0x3, &(0x7f0000000280)="ae3efd399a715653a090f71eab6c0804384c4f6428bf3bfa1553871e7e12017a5a27d9c4399d75a5b1dc148fdf34b7ba77c77f0f8a3d285dac7e47f0d1e7d748ce570d8e67ecd8645d4fed3c33c0bdc5c8e58333ef4a9fdcebf797cfe7303762b4d5dc863c2179982ca2d8d3b785d974698a3fb04bf4d5e8b052ccc9fd3706713b805c948a385beea36fe5fd69b7dff924821dbc5d04cddfa2ae3f441c707fd5b48db1a2c6858d83e3ebd15dc5fe52086847d9d1fde4fc88e290bde010e121bd7611fd0d18e2bb0bfd7ce717d9dec5f636fc8c12bb7b7b47f7"}) 11:43:07 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001", @ANYRES32, @ANYRES32], 0x80}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3112.866047][T21162] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3112.891615][T21160] netlink: 'syz-executor.0': attribute type 8 has an invalid length. [ 3112.900101][T21159] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:43:07 executing program 3: keyctl$instantiate(0xc, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="6e657520646566617550b65563726c7420757365723a73797a203034307019aa37f225c2065cb139689dcc52811a52053053bad3939724b71276151db1d0f023ad6231dc406ac793a504ca07c06315f890bdf432596b03b2b901b18a5d291542fe6e5d3db5456906e9db419d38e62033cba6e6e313d70ab2a99d3afa609251c670507ae39ad406dae81535cf185111d32367bef1e5f06b3d58d6bab270378a59888015c2c32aa6abbc10779b9bc29f336650a10000000000009842c8e868bb84390a425ed81f90db49d802d54541e4f8247236000000000d7339327134195110b749744142c76f7d34a004a67c46db8140f2a01781379d1b62ee7a361d6bec3b690da912071a48a26f1e8fc9aef02b7abfb5699d5d12dcc6bbe3f6f67a894032cc0c48db1397046c4603000000b01e5f0a5993fbccf373129d1691a0bd8600bdc3c4561ee9a8e932125ab53ec702c381ec917624340e651d489dca48e8436cc82b2292ac0255d7a650edc308ac15e30cf453ba43c0d22100000000caa0b1f24b11872aec2343a683dbc34e50187f08e14aa9ea7f0000000000000000214c7a06aeea7b287d78f2861b76b5"], 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1000000000000000}, 0x0, 0x0, 0x1, 0x0, 0x4786}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x4e22, @multicast1}, {0x2, 0x0, @remote}, {0x2, 0x4e24, @remote}, 0x1b6}) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/net/pfkey\x00', 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x0, @loopback}, {}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x19}}, 0x0, 0x0, 0x0, 0x0, 0x3e91, &(0x7f0000000340)='vxcan1\x00', 0x0, 0x2, 0x1f}) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000080)={0x750, {0x2, 0x0, @dev}, {0x2, 0x0, @remote}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x2, 0x46a}) syz_open_dev$media(&(0x7f0000000200)='/dev/media#\x00', 0x97ba, 0xa4000) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0) setsockopt$IP_VS_SO_SET_ZERO(0xffffffffffffffff, 0x0, 0x48f, &(0x7f0000001240)={0x84, @local, 0x0, 0x4, 'none\x00', 0x17, 0x1f, 0x5b}, 0x8b) r3 = dup3(r1, 0xffffffffffffffff, 0x80000) ioctl$USBDEVFS_BULK(r3, 0xc0185502, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) socket$inet(0x2, 0x4000000805, 0x0) [ 3112.921685][T21160] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.0'. 11:43:07 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000048000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3113.020498][T21160] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3113.020498][T21160] !' 11:43:07 executing program 2: r0 = socket$inet(0x2, 0x1, 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000200)='/dev/snd/seq\x00', 0x0, 0x1) r2 = dup2(r1, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r2, &(0x7f0000000000), 0x0) ioctl$SNDRV_PCM_IOCTL_RESET(r2, 0x4141, 0x0) ioctl$KVM_ASSIGN_PCI_DEVICE(r2, 0x8040ae69, &(0x7f0000000000)={0x1, 0x0, 0xffffff82, 0x0, 0x20}) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000007000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a00000000000000000000000000000000000000000000000000f2ffffffffffffff4a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c00000000000000000000000000000000000000000000000000000000280000000000000073797a300000000000000000000000000000000000000000a865e922fae83cb11cb63c661925f7b622cb6dda270b97ec91ca5ae200a846b55054b1be08ce1501a9789484cc76a965e8d384c7d8044c2304bceebf703aeaa3995c00"]}, 0x2f8) r3 = syz_open_dev$sndseq(&(0x7f0000000200)='/dev/snd/seq\x00', 0x0, 0x1) r4 = dup2(r3, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r4, &(0x7f0000000000), 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000240)=[@in={0x2, 0x4e20, @loopback}, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1d}}], 0x20) sendto$inet(0xffffffffffffffff, &(0x7f00003cef9f)='7', 0x1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @remote}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000380)=ANY=[@ANYBLOB="45e0ebd89cb6f15432c119b2f51456d3ea3c684a5e4b02cf25b33c86375b6db33af25569a4f2bd16641d035d0a5f0060426082866e68105eecfc26c0d2358a81", @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x7a, &(0x7f000059aff8)={r5}, &(0x7f000034f000)=0x2059b000) setsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000340)={r5, 0xe26, 0x100, 0xc1df, 0x7, 0x2}, 0x14) ioctl$SNDRV_PCM_IOCTL_RESET(r4, 0x4141, 0x0) r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100)='batadv\x00') sendmsg$BATADV_CMD_GET_NEIGHBORS(r4, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="4c002001", @ANYRES16=r6, @ANYBLOB="849f2dbd7000ffdbdf250900000005002e00010000000500330001000000080031000900000008003a000800000005002e0001679b0005003500d10000000800340001000080"], 0x4c}, 0x1, 0x0, 0x0, 0x44091}, 0x20000000) [ 3113.070537][T21160] CPU: 0 PID: 21160 Comm: syz-executor.0 Not tainted 5.6.0-rc6-syzkaller #0 [ 3113.079262][T21160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3113.089325][T21160] Call Trace: [ 3113.092627][T21160] dump_stack+0x188/0x20d [ 3113.096984][T21160] sysfs_warn_dup.cold+0x1c/0x2d [ 3113.101938][T21160] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3113.108027][T21160] sysfs_create_link+0x61/0xc0 [ 3113.112811][T21160] device_add+0x71c/0x1bc0 [ 3113.117248][T21160] ? uevent_show+0x360/0x360 [ 3113.121855][T21160] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3113.127861][T21160] wiphy_register+0x1c46/0x2720 [ 3113.132744][T21160] ? wiphy_unregister+0xf90/0xf90 [ 3113.137792][T21160] ? retint_kernel+0x2b/0x2b [ 3113.142412][T21160] ? ieee80211_cs_list_valid+0x198/0x280 [ 3113.148065][T21160] ieee80211_register_hw+0x141d/0x3760 [ 3113.153553][T21160] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3113.159038][T21160] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3113.164603][T21160] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3113.170600][T21160] ? memset+0x20/0x40 [ 3113.174605][T21160] ? __hrtimer_init+0x134/0x260 [ 3113.179475][T21160] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3113.185208][T21160] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3113.190534][T21160] ? hwsim_register_received_nl+0x400/0x400 [ 3113.196460][T21160] hwsim_new_radio_nl+0x905/0xf60 [ 3113.201504][T21160] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3113.206980][T21160] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3113.212891][T21160] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3113.218636][T21160] ? genl_rcv_msg+0x4ca/0xdf0 [ 3113.223333][T21160] genl_rcv_msg+0x627/0xdf0 [ 3113.227864][T21160] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3113.234199][T21160] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3113.239497][T21160] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3113.245005][T21160] netlink_rcv_skb+0x15a/0x410 [ 3113.249789][T21160] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3113.256133][T21160] ? netlink_ack+0xa80/0xa80 [ 3113.260769][T21160] genl_rcv+0x24/0x40 [ 3113.264766][T21160] netlink_unicast+0x537/0x740 [ 3113.269551][T21160] ? netlink_attachskb+0x810/0x810 [ 3113.274667][T21160] ? _copy_from_iter_full+0x25c/0x870 [ 3113.280044][T21160] ? __phys_addr_symbol+0x2c/0x70 [ 3113.285077][T21160] ? __check_object_size+0x171/0x437 [ 3113.290384][T21160] netlink_sendmsg+0x882/0xe10 [ 3113.295165][T21160] ? aa_af_perm+0x260/0x260 [ 3113.299681][T21160] ? netlink_unicast+0x740/0x740 [ 3113.304650][T21160] ? netlink_unicast+0x740/0x740 [ 3113.309602][T21160] sock_sendmsg+0xcf/0x120 [ 3113.314035][T21160] ____sys_sendmsg+0x6b9/0x7d0 [ 3113.318817][T21160] ? kernel_sendmsg+0x50/0x50 [ 3113.323508][T21160] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3113.328999][T21160] ___sys_sendmsg+0x100/0x170 [ 3113.333697][T21160] ? sendmsg_copy_msghdr+0x70/0x70 [ 3113.338841][T21160] ? __fget_files+0x329/0x4f0 [ 3113.343547][T21160] ? ksys_dup3+0x3c0/0x3c0 [ 3113.347991][T21160] ? __fget_light+0x208/0x270 [ 3113.352691][T21160] __sys_sendmsg+0xec/0x1b0 [ 3113.357213][T21160] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3113.362250][T21160] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3113.368238][T21160] ? __x64_sys_futex+0x380/0x4f0 [ 3113.373335][T21160] ? trace_hardirqs_off_caller+0x55/0x230 [ 3113.379070][T21160] ? do_syscall_64+0x21/0x7d0 [ 3113.383765][T21160] do_syscall_64+0xf6/0x7d0 [ 3113.388284][T21160] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3113.394182][T21160] RIP: 0033:0x45c849 [ 3113.398093][T21160] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3113.417703][T21160] RSP: 002b:00007febc7569c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3113.426127][T21160] RAX: ffffffffffffffda RBX: 00007febc756a6d4 RCX: 000000000045c849 [ 3113.434107][T21160] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3113.442084][T21160] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3113.450064][T21160] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3113.458043][T21160] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:43:07 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0000000000000000000000000060000000000000000000000000004c000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3113.505838][T21198] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3113.607340][T21280] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3113.658099][T21158] netlink: 'syz-executor.1': attribute type 8 has an invalid length. 11:43:08 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x0, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3113.700623][T21158] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. 11:43:08 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000060000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3113.743333][T21158] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3113.743333][T21158] !' [ 3113.786501][T21158] CPU: 1 PID: 21158 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3113.795223][T21158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3113.805290][T21158] Call Trace: [ 3113.808595][T21158] dump_stack+0x188/0x20d [ 3113.812948][T21158] sysfs_warn_dup.cold+0x1c/0x2d [ 3113.817905][T21158] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3113.823992][T21158] sysfs_create_link+0x61/0xc0 [ 3113.828768][T21158] device_add+0x71c/0x1bc0 [ 3113.833212][T21158] ? uevent_show+0x360/0x360 [ 3113.837818][T21158] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3113.843815][T21158] wiphy_register+0x1c46/0x2720 [ 3113.848695][T21158] ? wiphy_unregister+0xf90/0xf90 [ 3113.850762][T21284] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3113.853734][T21158] ? __kmalloc+0x629/0x7a0 [ 3113.853757][T21158] ? ieee80211_register_hw+0xbea/0x3760 [ 3113.872377][T21158] ? ieee80211_cs_list_valid+0x198/0x280 [ 3113.878030][T21158] ieee80211_register_hw+0x141d/0x3760 [ 3113.883522][T21158] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3113.888999][T21158] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3113.894560][T21158] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3113.900556][T21158] ? memset+0x20/0x40 [ 3113.904549][T21158] ? __hrtimer_init+0x134/0x260 [ 3113.909420][T21158] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3113.915151][T21158] ? vprintk_func+0x81/0x17e [ 3113.919781][T21158] ? hwsim_register_received_nl+0x400/0x400 [ 3113.925700][T21158] hwsim_new_radio_nl+0x905/0xf60 [ 3113.930745][T21158] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3113.936653][T21158] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3113.942396][T21158] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3113.948736][T21158] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3113.955086][T21158] genl_rcv_msg+0x627/0xdf0 [ 3113.959612][T21158] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3113.965978][T21158] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 3113.971807][T21158] netlink_rcv_skb+0x15a/0x410 [ 3113.976589][T21158] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3113.982934][T21158] ? netlink_ack+0xa80/0xa80 [ 3113.987562][T21158] genl_rcv+0x24/0x40 [ 3113.991563][T21158] netlink_unicast+0x537/0x740 [ 3113.996351][T21158] ? netlink_attachskb+0x810/0x810 [ 3114.001489][T21158] netlink_sendmsg+0x882/0xe10 [ 3114.006272][T21158] ? aa_af_perm+0x260/0x260 [ 3114.010787][T21158] ? netlink_unicast+0x740/0x740 [ 3114.015730][T21158] ? retint_kernel+0x2b/0x2b [ 3114.020348][T21158] ? netlink_unicast+0x740/0x740 [ 3114.025300][T21158] sock_sendmsg+0xcf/0x120 [ 3114.029730][T21158] ____sys_sendmsg+0x6b9/0x7d0 [ 3114.034514][T21158] ? kernel_sendmsg+0x50/0x50 [ 3114.039210][T21158] ? mark_lock+0xbc/0x1220 [ 3114.043660][T21158] ___sys_sendmsg+0x100/0x170 [ 3114.048350][T21158] ? sendmsg_copy_msghdr+0x70/0x70 [ 3114.053492][T21158] ? __fget_files+0x329/0x4f0 [ 3114.058200][T21158] ? ksys_dup3+0x3c0/0x3c0 [ 3114.062623][T21158] ? lock_acquire+0x197/0x420 [ 3114.067312][T21158] ? __might_fault+0xef/0x1d0 [ 3114.072017][T21158] ? __fget_light+0x208/0x270 [ 3114.076720][T21158] __sys_sendmsg+0xec/0x1b0 [ 3114.081233][T21158] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3114.086295][T21158] ? do_syscall_64+0xbc/0x7d0 [ 3114.090989][T21158] do_syscall_64+0xf6/0x7d0 [ 3114.095548][T21158] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3114.101595][T21158] RIP: 0033:0x45c849 [ 3114.105499][T21158] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3114.125111][T21158] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3114.133533][T21158] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3114.141511][T21158] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3114.149485][T21158] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3114.157456][T21158] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3114.165429][T21158] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:43:16 executing program 3: keyctl$instantiate(0xc, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="6e657520646566617550b65563726c7420757365723a73797a203034307019aa37f225c2065cb139689dcc52811a52053053bad3939724b71276151db1d0f023ad6231dc406ac793a504ca07c06315f890bdf432596b03b2b901b18a5d291542fe6e5d3db5456906e9db419d38e62033cba6e6e313d70ab2a99d3afa609251c670507ae39ad406dae81535cf185111d32367bef1e5f06b3d58d6bab270378a59888015c2c32aa6abbc10779b9bc29f336650a10000000000009842c8e868bb84390a425ed81f90db49d802d54541e4f8247236000000000d7339327134195110b749744142c76f7d34a004a67c46db8140f2a01781379d1b62ee7a361d6bec3b690da912071a48a26f1e8fc9aef02b7abfb5699d5d12dcc6bbe3f6f67a894032cc0c48db1397046c4603000000b01e5f0a5993fbccf373129d1691a0bd8600bdc3c4561ee9a8e932125ab53ec702c381ec917624340e651d489dca48e8436cc82b2292ac0255d7a650edc308ac15e30cf453ba43c0d22100000000caa0b1f24b11872aec2343a683dbc34e50187f08e14aa9ea7f0000000000000000214c7a06aeea7b287d78f2861b76b5"], 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1000000000000000}, 0x0, 0x0, 0x1, 0x0, 0x4786}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x4e22, @multicast1}, {0x2, 0x0, @remote}, {0x2, 0x4e24, @remote}, 0x1b6}) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/net/pfkey\x00', 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x0, @loopback}, {}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x19}}, 0x0, 0x0, 0x0, 0x0, 0x3e91, &(0x7f0000000340)='vxcan1\x00', 0x0, 0x2, 0x1f}) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000080)={0x750, {0x2, 0x0, @dev}, {0x2, 0x0, @remote}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x2, 0x46a}) syz_open_dev$media(&(0x7f0000000200)='/dev/media#\x00', 0x97ba, 0xa4000) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0) setsockopt$IP_VS_SO_SET_ZERO(0xffffffffffffffff, 0x0, 0x48f, &(0x7f0000001240)={0x84, @local, 0x0, 0x4, 'none\x00', 0x17, 0x1f, 0x5b}, 0x8b) r3 = dup3(r1, 0xffffffffffffffff, 0x80000) ioctl$USBDEVFS_BULK(r3, 0xc0185502, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) socket$inet(0x2, 0x4000000805, 0x0) 11:43:16 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000068000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:43:16 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x0, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:43:16 executing program 2: socket$kcm(0xa, 0x6, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r0 = gettid() r1 = getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r0, @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32], 0x3c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r0, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:43:16 executing program 4: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32], 0x3c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:43:16 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001", @ANYRES32, @ANYRES32], 0x80}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3122.182982][T21298] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:43:16 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0000000000000000000000000060000000000000000000000000006c000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:43:16 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x0, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3122.229350][T21299] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3122.263743][T21299] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3122.310353][T21299] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3122.310353][T21299] !' [ 3122.332955][T21299] CPU: 1 PID: 21299 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3122.341670][T21299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3122.351733][T21299] Call Trace: [ 3122.355037][T21299] dump_stack+0x188/0x20d [ 3122.359383][T21299] sysfs_warn_dup.cold+0x1c/0x2d [ 3122.364339][T21299] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3122.370425][T21299] sysfs_create_link+0x61/0xc0 [ 3122.375200][T21299] device_add+0x71c/0x1bc0 [ 3122.380240][T21299] ? ieee80211_set_bitrate_flags+0x1b7/0x5c0 [ 3122.386229][T21299] ? uevent_show+0x360/0x360 [ 3122.390834][T21299] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3122.396834][T21299] wiphy_register+0x1c46/0x2720 [ 3122.401715][T21299] ? wiphy_unregister+0xf90/0xf90 [ 3122.406748][T21299] ? retint_kernel+0x2b/0x2b [ 3122.411370][T21299] ? ieee80211_cs_list_valid+0x198/0x280 [ 3122.415444][T21309] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3122.417011][T21299] ieee80211_register_hw+0x141d/0x3760 [ 3122.417055][T21299] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3122.436621][T21299] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3122.442180][T21299] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3122.448177][T21299] ? memset+0x20/0x40 [ 3122.452172][T21299] ? __hrtimer_init+0x134/0x260 [ 3122.457037][T21299] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3122.462768][T21299] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3122.468092][T21299] ? hwsim_register_received_nl+0x400/0x400 [ 3122.474011][T21299] hwsim_new_radio_nl+0x905/0xf60 [ 3122.479048][T21299] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3122.484529][T21299] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3122.490433][T21299] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3122.496192][T21299] genl_rcv_msg+0x627/0xdf0 [ 3122.500722][T21299] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3122.507055][T21299] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3122.512360][T21299] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3122.517870][T21299] netlink_rcv_skb+0x15a/0x410 [ 3122.522648][T21299] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3122.528984][T21299] ? netlink_ack+0xa80/0xa80 [ 3122.533599][T21299] genl_rcv+0x24/0x40 [ 3122.537596][T21299] netlink_unicast+0x537/0x740 [ 3122.542382][T21299] ? netlink_attachskb+0x810/0x810 [ 3122.547508][T21299] ? netlink_sendmsg+0x81c/0xe10 [ 3122.552471][T21299] netlink_sendmsg+0x882/0xe10 [ 3122.557257][T21299] ? aa_af_perm+0x260/0x260 [ 3122.561778][T21299] ? netlink_unicast+0x740/0x740 [ 3122.566718][T21299] ? apparmor_socket_sendmsg+0xf/0x30 [ 3122.572115][T21299] ? netlink_unicast+0x740/0x740 [ 3122.577066][T21299] sock_sendmsg+0xcf/0x120 [ 3122.581497][T21299] ____sys_sendmsg+0x6b9/0x7d0 [ 3122.586275][T21299] ? kernel_sendmsg+0x50/0x50 [ 3122.590986][T21299] ___sys_sendmsg+0x100/0x170 [ 3122.595649][T21315] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3122.595678][T21299] ? sendmsg_copy_msghdr+0x70/0x70 [ 3122.609471][T21299] ? __fget_files+0x329/0x4f0 [ 3122.614170][T21299] ? ksys_dup3+0x3c0/0x3c0 [ 3122.618601][T21299] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3122.624330][T21299] ? retint_kernel+0x2b/0x2b [ 3122.628943][T21299] ? __fget_light+0x208/0x270 [ 3122.633641][T21299] __sys_sendmsg+0xec/0x1b0 [ 3122.638145][T21299] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3122.643182][T21299] ? __x64_sys_futex+0x380/0x4f0 [ 3122.648139][T21299] ? trace_hardirqs_off_caller+0x55/0x230 [ 3122.653865][T21299] ? do_syscall_64+0x21/0x7d0 [ 3122.658556][T21299] do_syscall_64+0xf6/0x7d0 [ 3122.663073][T21299] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3122.668973][T21299] RIP: 0033:0x45c849 [ 3122.672875][T21299] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3122.692482][T21299] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3122.700907][T21299] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 11:43:16 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000074000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:43:17 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0000000000000000000000000060000000000000000000000000007a000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3122.708888][T21299] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3122.716866][T21299] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3122.724843][T21299] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3122.732820][T21299] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:43:17 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3122.836548][T21303] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3122.850142][T21303] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3122.858676][T21318] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:43:17 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001", @ANYRES32, @ANYRES32], 0x80}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3122.959942][T21303] debugfs: Directory ' [ 3122.959942][T21303] !' with parent 'ieee80211' already present! 11:43:17 executing program 3: keyctl$instantiate(0xc, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="6e657520646566617550b65563726c7420757365723a73797a203034307019aa37f225c2065cb139689dcc52811a52053053bad3939724b71276151db1d0f023ad6231dc406ac793a504ca07c06315f890bdf432596b03b2b901b18a5d291542fe6e5d3db5456906e9db419d38e62033cba6e6e313d70ab2a99d3afa609251c670507ae39ad406dae81535cf185111d32367bef1e5f06b3d58d6bab270378a59888015c2c32aa6abbc10779b9bc29f336650a10000000000009842c8e868bb84390a425ed81f90db49d802d54541e4f8247236000000000d7339327134195110b749744142c76f7d34a004a67c46db8140f2a01781379d1b62ee7a361d6bec3b690da912071a48a26f1e8fc9aef02b7abfb5699d5d12dcc6bbe3f6f67a894032cc0c48db1397046c4603000000b01e5f0a5993fbccf373129d1691a0bd8600bdc3c4561ee9a8e932125ab53ec702c381ec917624340e651d489dca48e8436cc82b2292ac0255d7a650edc308ac15e30cf453ba43c0d22100000000caa0b1f24b11872aec2343a683dbc34e50187f08e14aa9ea7f0000000000000000214c7a06aeea7b287d78f2861b76b5"], 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1000000000000000}, 0x0, 0x0, 0x1, 0x0, 0x4786}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x4e22, @multicast1}, {0x2, 0x0, @remote}, {0x2, 0x4e24, @remote}, 0x1b6}) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/net/pfkey\x00', 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x0, @loopback}, {}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x19}}, 0x0, 0x0, 0x0, 0x0, 0x3e91, &(0x7f0000000340)='vxcan1\x00', 0x0, 0x2, 0x1f}) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000080)={0x750, {0x2, 0x0, @dev}, {0x2, 0x0, @remote}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x2, 0x46a}) syz_open_dev$media(&(0x7f0000000200)='/dev/media#\x00', 0x97ba, 0xa4000) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0) setsockopt$IP_VS_SO_SET_ZERO(0xffffffffffffffff, 0x0, 0x48f, &(0x7f0000001240)={0x84, @local, 0x0, 0x4, 'none\x00', 0x17, 0x1f, 0x5b}, 0x8b) r3 = dup3(r1, 0xffffffffffffffff, 0x80000) ioctl$USBDEVFS_BULK(r3, 0xc0185502, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) socket$inet(0x2, 0x4000000805, 0x0) 11:43:17 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:43:17 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000007fffffe000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3123.174574][T21324] netlink: 'syz-executor.1': attribute type 8 has an invalid length. 11:43:17 executing program 2: socket$kcm(0xa, 0x6, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r0 = gettid() r1 = getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r0, @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32], 0x3c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r0, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3123.218206][T21334] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3123.220668][T21324] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3123.347141][T21324] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3123.347141][T21324] !' [ 3123.380802][T21324] CPU: 1 PID: 21324 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3123.389524][T21324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3123.399588][T21324] Call Trace: [ 3123.402913][T21324] dump_stack+0x188/0x20d [ 3123.407273][T21324] sysfs_warn_dup.cold+0x1c/0x2d [ 3123.412228][T21324] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3123.418311][T21324] sysfs_create_link+0x61/0xc0 [ 3123.423092][T21324] device_add+0x71c/0x1bc0 [ 3123.427529][T21324] ? ieee80211_set_bitrate_flags+0x153/0x5c0 [ 3123.433514][T21324] ? uevent_show+0x360/0x360 [ 3123.438116][T21324] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3123.444116][T21324] wiphy_register+0x1c46/0x2720 [ 3123.448994][T21324] ? wiphy_unregister+0xf90/0xf90 [ 3123.454026][T21324] ? retint_kernel+0x2b/0x2b [ 3123.458677][T21324] ? ieee80211_cs_list_valid+0x198/0x280 [ 3123.464328][T21324] ieee80211_register_hw+0x141d/0x3760 [ 3123.469817][T21324] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3123.475298][T21324] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3123.480856][T21324] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3123.486850][T21324] ? memset+0x20/0x40 [ 3123.490845][T21324] ? __hrtimer_init+0x134/0x260 [ 3123.495711][T21324] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3123.501476][T21324] ? hwsim_register_received_nl+0x400/0x400 [ 3123.507408][T21324] hwsim_new_radio_nl+0x905/0xf60 [ 3123.512448][T21324] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3123.517753][T21324] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3123.523684][T21324] ? genl_rcv_msg+0x4ca/0xdf0 [ 3123.528383][T21324] genl_rcv_msg+0x627/0xdf0 [ 3123.532919][T21324] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3123.539299][T21324] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 3123.545137][T21324] netlink_rcv_skb+0x15a/0x410 [ 3123.549923][T21324] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3123.556266][T21324] ? netlink_ack+0xa80/0xa80 [ 3123.560904][T21324] genl_rcv+0x24/0x40 [ 3123.564893][T21324] netlink_unicast+0x537/0x740 [ 3123.569677][T21324] ? netlink_attachskb+0x810/0x810 [ 3123.574796][T21324] ? _copy_from_iter_full+0x25c/0x870 [ 3123.580173][T21324] ? __phys_addr_symbol+0x2c/0x70 [ 3123.585206][T21324] ? __check_object_size+0x171/0x437 [ 3123.590509][T21324] netlink_sendmsg+0x882/0xe10 [ 3123.595292][T21324] ? aa_af_perm+0x260/0x260 [ 3123.599809][T21324] ? netlink_unicast+0x740/0x740 [ 3123.604781][T21324] ? netlink_unicast+0x740/0x740 [ 3123.609733][T21324] sock_sendmsg+0xcf/0x120 [ 3123.614168][T21324] ____sys_sendmsg+0x6b9/0x7d0 [ 3123.618953][T21324] ? kernel_sendmsg+0x50/0x50 [ 3123.623649][T21324] ? mark_lock+0xbc/0x1220 [ 3123.628095][T21324] ___sys_sendmsg+0x100/0x170 [ 3123.632789][T21324] ? sendmsg_copy_msghdr+0x70/0x70 [ 3123.637941][T21324] ? __fget_files+0x329/0x4f0 [ 3123.642646][T21324] ? ksys_dup3+0x3c0/0x3c0 [ 3123.647073][T21324] ? lock_acquire+0x197/0x420 [ 3123.651766][T21324] ? __might_fault+0xef/0x1d0 [ 3123.656472][T21324] ? __fget_light+0x208/0x270 [ 3123.661178][T21324] __sys_sendmsg+0xec/0x1b0 [ 3123.665696][T21324] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3123.670732][T21324] ? __x64_sys_futex+0x380/0x4f0 [ 3123.675701][T21324] ? trace_hardirqs_off_caller+0x55/0x230 [ 3123.681438][T21324] ? do_syscall_64+0x21/0x7d0 [ 3123.686134][T21324] do_syscall_64+0xf6/0x7d0 [ 3123.690655][T21324] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3123.696552][T21324] RIP: 0033:0x45c849 [ 3123.700459][T21324] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3123.720071][T21324] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3123.728491][T21324] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3123.736466][T21324] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3123.744445][T21324] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3123.752424][T21324] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3123.760398][T21324] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3123.814048][T21339] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3123.840505][T21339] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3123.942480][T21339] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3123.942480][T21339] !' [ 3123.958840][T21339] CPU: 0 PID: 21339 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3123.967545][T21339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3123.977605][T21339] Call Trace: [ 3123.980908][T21339] dump_stack+0x188/0x20d [ 3123.985255][T21339] sysfs_warn_dup.cold+0x1c/0x2d [ 3123.990211][T21339] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3123.996297][T21339] sysfs_create_link+0x61/0xc0 [ 3124.001070][T21339] device_add+0x71c/0x1bc0 [ 3124.005503][T21339] ? uevent_show+0x360/0x360 [ 3124.010110][T21339] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3124.016116][T21339] wiphy_register+0x1c46/0x2720 [ 3124.020993][T21339] ? wiphy_unregister+0xf90/0xf90 [ 3124.026024][T21339] ? retint_kernel+0x2b/0x2b [ 3124.030638][T21339] ? ieee80211_register_hw+0x2c1b/0x3760 [ 3124.036295][T21339] ieee80211_register_hw+0x141d/0x3760 [ 3124.041785][T21339] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3124.047262][T21339] ? retint_kernel+0x2b/0x2b [ 3124.051873][T21339] ? __hrtimer_init+0x134/0x260 [ 3124.056746][T21339] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3124.062477][T21339] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3124.067800][T21339] ? hwsim_register_received_nl+0x400/0x400 [ 3124.073712][T21339] ? hwsim_new_radio_nl+0x1d3/0xf60 [ 3124.078930][T21339] hwsim_new_radio_nl+0x905/0xf60 [ 3124.083966][T21339] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3124.089438][T21339] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3124.095342][T21339] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3124.101108][T21339] genl_rcv_msg+0x627/0xdf0 [ 3124.105636][T21339] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3124.112003][T21339] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 3124.117831][T21339] netlink_rcv_skb+0x15a/0x410 [ 3124.122612][T21339] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3124.128959][T21339] ? netlink_ack+0xa80/0xa80 [ 3124.133584][T21339] genl_rcv+0x24/0x40 [ 3124.137573][T21339] netlink_unicast+0x537/0x740 [ 3124.142369][T21339] ? netlink_attachskb+0x810/0x810 [ 3124.147495][T21339] ? _copy_from_iter_full+0x25c/0x870 [ 3124.152879][T21339] ? __phys_addr_symbol+0x2c/0x70 [ 3124.157917][T21339] ? __check_object_size+0x171/0x437 [ 3124.163226][T21339] netlink_sendmsg+0x882/0xe10 [ 3124.168012][T21339] ? aa_af_perm+0x260/0x260 [ 3124.172522][T21339] ? netlink_unicast+0x740/0x740 [ 3124.177489][T21339] ? netlink_unicast+0x740/0x740 [ 3124.182438][T21339] sock_sendmsg+0xcf/0x120 [ 3124.186868][T21339] ____sys_sendmsg+0x6b9/0x7d0 [ 3124.191648][T21339] ? kernel_sendmsg+0x50/0x50 [ 3124.196351][T21339] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3124.201842][T21339] ___sys_sendmsg+0x100/0x170 [ 3124.206538][T21339] ? sendmsg_copy_msghdr+0x70/0x70 [ 3124.211669][T21339] ? __fget_files+0x38d/0x4f0 [ 3124.216370][T21339] ? __fget_files+0x329/0x4f0 [ 3124.221069][T21339] ? ksys_dup3+0x3c0/0x3c0 [ 3124.225495][T21339] ? lock_acquire+0x197/0x420 [ 3124.230184][T21339] ? __might_fault+0xef/0x1d0 [ 3124.234889][T21339] ? __fget_light+0x208/0x270 [ 3124.239594][T21339] __sys_sendmsg+0xec/0x1b0 [ 3124.244121][T21339] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3124.249158][T21339] ? __x64_sys_futex+0x380/0x4f0 [ 3124.254130][T21339] ? trace_hardirqs_off_caller+0x55/0x230 [ 3124.259874][T21339] ? do_syscall_64+0x21/0x7d0 [ 3124.264572][T21339] do_syscall_64+0xf6/0x7d0 [ 3124.269095][T21339] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3124.274994][T21339] RIP: 0033:0x45c849 [ 3124.278903][T21339] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3124.298507][T21339] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3124.306927][T21339] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3124.314905][T21339] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 3124.322882][T21339] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3124.330861][T21339] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3124.338839][T21339] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3134.724719][T21349] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 3134.742187][T21349] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3134.808389][T21349] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3134.808389][T21349] !' [ 3134.818710][T21349] CPU: 1 PID: 21349 Comm: syz-executor.4 Not tainted 5.6.0-rc6-syzkaller #0 [ 3134.827437][T21349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3134.837498][T21349] Call Trace: [ 3134.840802][T21349] dump_stack+0x188/0x20d [ 3134.845155][T21349] sysfs_warn_dup.cold+0x1c/0x2d [ 3134.850110][T21349] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3134.856193][T21349] sysfs_create_link+0x61/0xc0 [ 3134.860972][T21349] device_add+0x71c/0x1bc0 [ 3134.865409][T21349] ? ieee80211_set_bitrate_flags+0x2b/0x5c0 [ 3134.871318][T21349] ? uevent_show+0x360/0x360 [ 3134.875927][T21349] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3134.881952][T21349] wiphy_register+0x1c46/0x2720 [ 3134.886832][T21349] ? wiphy_unregister+0xf90/0xf90 [ 3134.891861][T21349] ? retint_kernel+0x2b/0x2b [ 3134.896473][T21349] ? ieee80211_register_hw+0x11c4/0x3760 [ 3134.902122][T21349] ieee80211_register_hw+0x141d/0x3760 [ 3134.907612][T21349] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3134.913093][T21349] ? __hrtimer_init+0x33/0x260 [ 3134.917873][T21349] ? memset+0x20/0x40 [ 3134.921878][T21349] ? __hrtimer_init+0x134/0x260 [ 3134.926737][T21349] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3134.932465][T21349] ? hwsim_register_received_nl+0x400/0x400 [ 3134.938358][T21349] hwsim_new_radio_nl+0x905/0xf60 [ 3134.943373][T21349] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3134.948818][T21349] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3134.954703][T21349] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3134.960439][T21349] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3134.966776][T21349] genl_rcv_msg+0x627/0xdf0 [ 3134.971292][T21349] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3134.977624][T21349] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3134.982898][T21349] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3134.988355][T21349] netlink_rcv_skb+0x15a/0x410 [ 3134.993112][T21349] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3134.999432][T21349] ? netlink_ack+0xa80/0xa80 [ 3135.004033][T21349] genl_rcv+0x24/0x40 [ 3135.008000][T21349] netlink_unicast+0x537/0x740 [ 3135.012779][T21349] ? netlink_attachskb+0x810/0x810 [ 3135.017893][T21349] ? _copy_from_iter_full+0x25c/0x870 [ 3135.023283][T21349] ? __phys_addr_symbol+0x2c/0x70 [ 3135.028310][T21349] ? __check_object_size+0x171/0x437 [ 3135.033625][T21349] netlink_sendmsg+0x882/0xe10 [ 3135.038912][T21349] ? aa_af_perm+0x260/0x260 [ 3135.043417][T21349] ? netlink_unicast+0x740/0x740 [ 3135.048358][T21349] ? netlink_unicast+0x740/0x740 [ 3135.053285][T21349] sock_sendmsg+0xcf/0x120 [ 3135.057689][T21349] ____sys_sendmsg+0x6b9/0x7d0 [ 3135.062457][T21349] ? kernel_sendmsg+0x50/0x50 [ 3135.067132][T21349] ? retint_kernel+0x2b/0x2b [ 3135.071731][T21349] ___sys_sendmsg+0x100/0x170 [ 3135.076398][T21349] ? sendmsg_copy_msghdr+0x70/0x70 [ 3135.081509][T21349] ? __fget_files+0x329/0x4f0 [ 3135.086191][T21349] ? ksys_dup3+0x3c0/0x3c0 [ 3135.090592][T21349] ? lock_acquire+0x197/0x420 [ 3135.095259][T21349] ? __might_fault+0xef/0x1d0 [ 3135.099932][T21349] ? __fget_light+0x208/0x270 [ 3135.104620][T21349] __sys_sendmsg+0xec/0x1b0 [ 3135.109139][T21349] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3135.114165][T21349] ? __x64_sys_futex+0x380/0x4f0 [ 3135.119128][T21349] ? trace_hardirqs_off_caller+0x55/0x230 [ 3135.124854][T21349] ? do_syscall_64+0x21/0x7d0 [ 3135.129539][T21349] do_syscall_64+0xf6/0x7d0 [ 3135.134050][T21349] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3135.139932][T21349] RIP: 0033:0x45c849 [ 3135.143819][T21349] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3135.163456][T21349] RSP: 002b:00007f96f5f61c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3135.171868][T21349] RAX: ffffffffffffffda RBX: 00007f96f5f626d4 RCX: 000000000045c849 [ 3135.179836][T21349] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3135.187804][T21349] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3135.195768][T21349] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3135.203735][T21349] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:43:29 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000006000000000000000000000ffffffff000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:43:29 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:43:29 executing program 4: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000074000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:43:29 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001", @ANYRES32, @ANYRES32], 0x80}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:43:29 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c00000000000000010000000100", @ANYRES32, @ANYRES32], 0x81}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:43:29 executing program 2: socket$kcm(0xa, 0x6, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r0 = gettid() r1 = getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r0, @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32], 0x3c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r0, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3135.334695][T21357] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3135.372357][T21358] netlink: 'syz-executor.1': attribute type 8 has an invalid length. 11:43:29 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000002000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:43:29 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, 0x0, 0x0) [ 3135.406546][T21358] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3135.497930][T21358] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3135.497930][T21358] !' [ 3135.518406][T21366] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3135.567807][T21358] CPU: 1 PID: 21358 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3135.576523][T21358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3135.586617][T21358] Call Trace: [ 3135.589924][T21358] dump_stack+0x188/0x20d [ 3135.594271][T21358] sysfs_warn_dup.cold+0x1c/0x2d [ 3135.599233][T21358] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3135.605315][T21358] sysfs_create_link+0x61/0xc0 [ 3135.610095][T21358] device_add+0x71c/0x1bc0 [ 3135.614532][T21358] ? ieee80211_set_bitrate_flags+0x4eb/0x5c0 [ 3135.620524][T21358] ? uevent_show+0x360/0x360 [ 3135.625128][T21358] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3135.631135][T21358] wiphy_register+0x1c46/0x2720 [ 3135.636018][T21358] ? wiphy_unregister+0xf90/0xf90 [ 3135.641063][T21358] ? ieee80211_register_hw+0x2b4c/0x3760 [ 3135.646713][T21358] ? check_memory_region+0x10c/0x190 [ 3135.652020][T21358] ieee80211_register_hw+0x141d/0x3760 [ 3135.657508][T21358] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3135.662987][T21358] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3135.668552][T21358] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3135.674546][T21358] ? memset+0x20/0x40 [ 3135.678539][T21358] ? __hrtimer_init+0x134/0x260 [ 3135.683413][T21358] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3135.689149][T21358] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3135.694471][T21358] ? hwsim_register_received_nl+0x400/0x400 [ 3135.700391][T21358] hwsim_new_radio_nl+0x905/0xf60 [ 3135.705435][T21358] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3135.711348][T21358] ? security_capable+0x3d/0xc0 [ 3135.716229][T21358] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3135.722566][T21358] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3135.728914][T21358] genl_rcv_msg+0x627/0xdf0 [ 3135.733447][T21358] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3135.739798][T21358] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3135.745282][T21358] ? mark_held_locks+0x9f/0xe0 [ 3135.750075][T21358] netlink_rcv_skb+0x15a/0x410 [ 3135.754858][T21358] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3135.761321][T21358] ? netlink_ack+0xa80/0xa80 [ 3135.765920][T21358] ? retint_kernel+0x2b/0x2b [ 3135.770647][T21358] ? down_read+0x110/0x420 [ 3135.775076][T21358] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3135.781420][T21358] genl_rcv+0x24/0x40 [ 3135.785409][T21358] netlink_unicast+0x537/0x740 [ 3135.790195][T21358] ? netlink_attachskb+0x810/0x810 [ 3135.795319][T21358] ? _copy_from_iter_full+0x25c/0x870 [ 3135.800720][T21358] netlink_sendmsg+0x882/0xe10 [ 3135.805504][T21358] ? aa_af_perm+0x260/0x260 [ 3135.810020][T21358] ? netlink_unicast+0x740/0x740 [ 3135.814987][T21358] ? netlink_unicast+0x740/0x740 [ 3135.819938][T21358] sock_sendmsg+0xcf/0x120 [ 3135.824391][T21358] ____sys_sendmsg+0x6b9/0x7d0 [ 3135.829273][T21358] ? kernel_sendmsg+0x50/0x50 [ 3135.833964][T21358] ? retint_kernel+0x2b/0x2b [ 3135.838588][T21358] ___sys_sendmsg+0x100/0x170 [ 3135.843294][T21358] ? sendmsg_copy_msghdr+0x70/0x70 [ 3135.848441][T21358] ? __fget_files+0x329/0x4f0 [ 3135.853141][T21358] ? ksys_dup3+0x3c0/0x3c0 [ 3135.857567][T21358] ? lock_acquire+0x197/0x420 [ 3135.862262][T21358] ? __might_fault+0xef/0x1d0 [ 3135.867081][T21358] ? __fget_light+0x208/0x270 [ 3135.871787][T21358] __sys_sendmsg+0xec/0x1b0 [ 3135.876303][T21358] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3135.881370][T21358] ? trace_hardirqs_off_caller+0x55/0x230 [ 3135.887103][T21358] ? do_syscall_64+0x21/0x7d0 [ 3135.891804][T21358] do_syscall_64+0xf6/0x7d0 [ 3135.896437][T21358] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3135.902332][T21358] RIP: 0033:0x45c849 [ 3135.906238][T21358] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3135.925846][T21358] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3135.934267][T21358] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3135.942244][T21358] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3135.950220][T21358] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3135.958199][T21358] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 11:43:30 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000003000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3135.966180][T21358] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:43:30 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, 0x0, 0x0) [ 3135.998700][T21371] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3136.005737][T21360] netlink: 'syz-executor.3': attribute type 8 has an invalid length. 11:43:30 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000004000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3136.049608][T21360] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. 11:43:30 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c00000000000000010000000100", @ANYRES32, @ANYRES32], 0x81}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3136.154014][T21360] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3136.154014][T21360] !' [ 3136.162152][T21377] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:43:30 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, 0x0, 0x0) 11:43:30 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000005000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3136.298788][T21360] CPU: 0 PID: 21360 Comm: syz-executor.3 Not tainted 5.6.0-rc6-syzkaller #0 [ 3136.305809][T21384] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3136.307536][T21360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3136.307542][T21360] Call Trace: [ 3136.307565][T21360] dump_stack+0x188/0x20d [ 3136.307594][T21360] sysfs_warn_dup.cold+0x1c/0x2d [ 3136.338827][T21360] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3136.344914][T21360] sysfs_create_link+0x61/0xc0 [ 3136.349690][T21360] device_add+0x71c/0x1bc0 [ 3136.354125][T21360] ? ieee80211_set_bitrate_flags+0x1a7/0x5c0 [ 3136.360116][T21360] ? uevent_show+0x360/0x360 [ 3136.364724][T21360] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3136.370729][T21360] wiphy_register+0x1c46/0x2720 [ 3136.375609][T21360] ? wiphy_unregister+0xf90/0xf90 [ 3136.380642][T21360] ? retint_kernel+0x2b/0x2b [ 3136.385260][T21360] ? ieee80211_register_hw+0x1226/0x3760 [ 3136.390910][T21360] ieee80211_register_hw+0x141d/0x3760 [ 3136.396397][T21360] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3136.401882][T21360] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3136.407440][T21360] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3136.413432][T21360] ? memset+0x20/0x40 [ 3136.417427][T21360] ? __hrtimer_init+0x134/0x260 [ 3136.422298][T21360] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3136.428029][T21360] ? vprintk_func+0x81/0x17e [ 3136.432640][T21360] ? hwsim_register_received_nl+0x400/0x400 [ 3136.438552][T21360] hwsim_new_radio_nl+0x905/0xf60 [ 3136.443590][T21360] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3136.449065][T21360] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3136.454966][T21360] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3136.460726][T21360] genl_rcv_msg+0x627/0xdf0 [ 3136.465256][T21360] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3136.471607][T21360] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3136.476911][T21360] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3136.482644][T21360] ? retint_kernel+0x2b/0x2b [ 3136.487262][T21360] netlink_rcv_skb+0x15a/0x410 [ 3136.492043][T21360] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3136.498387][T21360] ? netlink_ack+0xa80/0xa80 [ 3136.503018][T21360] genl_rcv+0x24/0x40 [ 3136.507107][T21360] netlink_unicast+0x537/0x740 [ 3136.511894][T21360] ? netlink_attachskb+0x810/0x810 [ 3136.517016][T21360] ? _copy_from_iter_full+0x25c/0x870 [ 3136.522399][T21360] ? __phys_addr_symbol+0x2c/0x70 [ 3136.527438][T21360] ? __check_object_size+0x171/0x437 [ 3136.532743][T21360] netlink_sendmsg+0x882/0xe10 [ 3136.537531][T21360] ? aa_af_perm+0x260/0x260 [ 3136.542047][T21360] ? netlink_unicast+0x740/0x740 [ 3136.547029][T21360] ? netlink_unicast+0x740/0x740 [ 3136.551979][T21360] sock_sendmsg+0xcf/0x120 [ 3136.556412][T21360] ____sys_sendmsg+0x6b9/0x7d0 [ 3136.561199][T21360] ? kernel_sendmsg+0x50/0x50 [ 3136.565915][T21360] ___sys_sendmsg+0x100/0x170 [ 3136.570610][T21360] ? sendmsg_copy_msghdr+0x70/0x70 [ 3136.575755][T21360] ? __fget_files+0x329/0x4f0 [ 3136.580460][T21360] ? ksys_dup3+0x3c0/0x3c0 [ 3136.584897][T21360] ? lock_acquire+0x197/0x420 [ 3136.589586][T21360] ? __might_fault+0xef/0x1d0 [ 3136.594396][T21360] ? __fget_light+0x208/0x270 [ 3136.599100][T21360] __sys_sendmsg+0xec/0x1b0 [ 3136.603727][T21360] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3136.608787][T21360] ? trace_hardirqs_off_caller+0x55/0x230 [ 3136.614528][T21360] ? do_syscall_64+0x21/0x7d0 [ 3136.619222][T21360] do_syscall_64+0xf6/0x7d0 [ 3136.623745][T21360] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3136.629646][T21360] RIP: 0033:0x45c849 [ 3136.633550][T21360] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3136.653157][T21360] RSP: 002b:00007f413d0f4c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3136.661576][T21360] RAX: ffffffffffffffda RBX: 00007f413d0f56d4 RCX: 000000000045c849 [ 3136.669553][T21360] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3136.677533][T21360] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3136.685514][T21360] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3136.693491][T21360] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3136.709282][T21356] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3136.737064][T21356] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3136.757935][T21356] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3136.757935][T21356] !' [ 3136.781311][T21356] CPU: 0 PID: 21356 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3136.790022][T21356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3136.800081][T21356] Call Trace: [ 3136.803388][T21356] dump_stack+0x188/0x20d [ 3136.807746][T21356] sysfs_warn_dup.cold+0x1c/0x2d [ 3136.812708][T21356] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3136.818793][T21356] sysfs_create_link+0x61/0xc0 [ 3136.823569][T21356] device_add+0x71c/0x1bc0 [ 3136.828120][T21356] ? uevent_show+0x360/0x360 [ 3136.832723][T21356] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3136.838731][T21356] wiphy_register+0x1c46/0x2720 [ 3136.843616][T21356] ? wiphy_unregister+0xf90/0xf90 [ 3136.848655][T21356] ? __kmalloc+0x629/0x7a0 [ 3136.853082][T21356] ? ieee80211_register_hw+0xbea/0x3760 [ 3136.858658][T21356] ? ieee80211_cs_list_valid+0x198/0x280 [ 3136.864305][T21356] ieee80211_register_hw+0x141d/0x3760 [ 3136.869793][T21356] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3136.875270][T21356] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3136.880827][T21356] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3136.886827][T21356] ? memset+0x20/0x40 [ 3136.890823][T21356] ? __hrtimer_init+0x134/0x260 [ 3136.895685][T21356] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3136.901417][T21356] ? vprintk_func+0x81/0x17e [ 3136.906045][T21356] ? hwsim_register_received_nl+0x400/0x400 [ 3136.912320][T21356] hwsim_new_radio_nl+0x905/0xf60 [ 3136.917376][T21356] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3136.923276][T21356] ? cap_capable+0x1eb/0x250 [ 3136.927895][T21356] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3136.934248][T21356] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3136.940600][T21356] genl_rcv_msg+0x627/0xdf0 [ 3136.945241][T21356] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3136.951595][T21356] ? retint_kernel+0x2b/0x2b [ 3136.956227][T21356] netlink_rcv_skb+0x15a/0x410 [ 3136.961013][T21356] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3136.967354][T21356] ? netlink_ack+0xa80/0xa80 [ 3136.971983][T21356] genl_rcv+0x24/0x40 [ 3136.975966][T21356] netlink_unicast+0x537/0x740 [ 3136.980751][T21356] ? netlink_attachskb+0x810/0x810 [ 3136.985873][T21356] ? _copy_from_iter_full+0x25c/0x870 [ 3136.991255][T21356] ? __phys_addr_symbol+0x2c/0x70 [ 3136.996286][T21356] ? __check_object_size+0x171/0x437 [ 3137.001589][T21356] netlink_sendmsg+0x882/0xe10 [ 3137.006369][T21356] ? aa_af_perm+0x260/0x260 [ 3137.010883][T21356] ? netlink_unicast+0x740/0x740 [ 3137.015840][T21356] ? netlink_unicast+0x740/0x740 [ 3137.020789][T21356] sock_sendmsg+0xcf/0x120 [ 3137.025221][T21356] ____sys_sendmsg+0x6b9/0x7d0 [ 3137.030001][T21356] ? kernel_sendmsg+0x50/0x50 [ 3137.034691][T21356] ? mark_lock+0xbc/0x1220 [ 3137.039137][T21356] ___sys_sendmsg+0x100/0x170 [ 3137.043837][T21356] ? sendmsg_copy_msghdr+0x70/0x70 [ 3137.048985][T21356] ? __fget_files+0x329/0x4f0 [ 3137.053681][T21356] ? ksys_dup3+0x3c0/0x3c0 [ 3137.058099][T21356] ? lock_acquire+0x197/0x420 [ 3137.062781][T21356] ? __might_fault+0xef/0x1d0 [ 3137.067483][T21356] ? __fget_light+0x208/0x270 [ 3137.072188][T21356] __sys_sendmsg+0xec/0x1b0 [ 3137.076695][T21356] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3137.081756][T21356] ? do_syscall_64+0x4f/0x7d0 [ 3137.086448][T21356] do_syscall_64+0xf6/0x7d0 [ 3137.091074][T21356] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3137.096968][T21356] RIP: 0033:0x45c849 [ 3137.100874][T21356] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3137.120485][T21356] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3137.128905][T21356] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3137.136880][T21356] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 3137.144855][T21356] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3137.152834][T21356] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3137.160816][T21356] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3137.182738][T21380] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3137.195525][T21380] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3137.230761][T21380] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3137.230761][T21380] !' [ 3137.240970][T21380] CPU: 0 PID: 21380 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3137.249652][T21380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3137.259721][T21380] Call Trace: [ 3137.263034][T21380] dump_stack+0x188/0x20d [ 3137.267382][T21380] sysfs_warn_dup.cold+0x1c/0x2d [ 3137.272338][T21380] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3137.278421][T21380] sysfs_create_link+0x61/0xc0 [ 3137.283197][T21380] device_add+0x71c/0x1bc0 [ 3137.287626][T21380] ? uevent_show+0x360/0x360 [ 3137.292230][T21380] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3137.298233][T21380] wiphy_register+0x1c46/0x2720 [ 3137.303124][T21380] ? wiphy_unregister+0xf90/0xf90 [ 3137.308160][T21380] ? __kmalloc+0x629/0x7a0 [ 3137.312581][T21380] ? ieee80211_register_hw+0xbea/0x3760 [ 3137.318136][T21380] ? ieee80211_cs_list_valid+0x198/0x280 [ 3137.323785][T21380] ieee80211_register_hw+0x141d/0x3760 [ 3137.329282][T21380] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3137.334762][T21380] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3137.340325][T21380] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3137.346318][T21380] ? memset+0x20/0x40 [ 3137.350306][T21380] ? __hrtimer_init+0x134/0x260 [ 3137.355172][T21380] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3137.360904][T21380] ? vprintk_func+0x81/0x17e [ 3137.365532][T21380] ? hwsim_register_received_nl+0x400/0x400 [ 3137.371449][T21380] hwsim_new_radio_nl+0x905/0xf60 [ 3137.376499][T21380] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3137.382397][T21380] ? cap_capable+0x1eb/0x250 [ 3137.387008][T21380] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3137.393347][T21380] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3137.399699][T21380] genl_rcv_msg+0x627/0xdf0 [ 3137.404230][T21380] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3137.410594][T21380] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 3137.416421][T21380] netlink_rcv_skb+0x15a/0x410 [ 3137.421202][T21380] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3137.427549][T21380] ? netlink_ack+0xa80/0xa80 [ 3137.432176][T21380] genl_rcv+0x24/0x40 [ 3137.436160][T21380] netlink_unicast+0x537/0x740 [ 3137.440940][T21380] ? netlink_attachskb+0x810/0x810 [ 3137.446060][T21380] ? _copy_from_iter_full+0x25c/0x870 [ 3137.451443][T21380] ? __phys_addr_symbol+0x2c/0x70 [ 3137.456477][T21380] ? __check_object_size+0x171/0x437 [ 3137.461792][T21380] netlink_sendmsg+0x882/0xe10 [ 3137.466571][T21380] ? aa_af_perm+0x260/0x260 [ 3137.471083][T21380] ? netlink_unicast+0x740/0x740 [ 3137.476038][T21380] ? netlink_unicast+0x740/0x740 [ 3137.480980][T21380] sock_sendmsg+0xcf/0x120 [ 3137.485410][T21380] ____sys_sendmsg+0x6b9/0x7d0 [ 3137.490184][T21380] ? kernel_sendmsg+0x50/0x50 [ 3137.494891][T21380] ___sys_sendmsg+0x100/0x170 [ 3137.499574][T21380] ? rcu_preempt_deferred_qs_irqrestore+0x672/0xb60 [ 3137.506177][T21380] ? sendmsg_copy_msghdr+0x70/0x70 [ 3137.511305][T21380] ? __rcu_read_unlock+0x26c/0x700 [ 3137.516435][T21380] ? __fget_files+0x329/0x4f0 [ 3137.521124][T21380] ? ksys_dup3+0x3c0/0x3c0 [ 3137.525544][T21380] ? lock_acquire+0x209/0x420 [ 3137.530238][T21380] ? __fget_light+0x208/0x270 [ 3137.534928][T21380] __sys_sendmsg+0xec/0x1b0 [ 3137.539439][T21380] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3137.544493][T21380] ? trace_hardirqs_off_caller+0x55/0x230 [ 3137.550226][T21380] ? do_syscall_64+0x21/0x7d0 [ 3137.554919][T21380] do_syscall_64+0xf6/0x7d0 [ 3137.559445][T21380] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3137.565341][T21380] RIP: 0033:0x45c849 [ 3137.569237][T21380] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3137.588841][T21380] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3137.597252][T21380] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3137.605224][T21380] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3137.613201][T21380] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3137.621177][T21380] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3137.629154][T21380] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:43:39 executing program 4: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000074000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:43:39 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) 11:43:39 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000006000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:43:39 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001", @ANYRES32, @ANYRES32], 0x80}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:43:39 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32], 0x3c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:43:39 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c00000000000000010000000100", @ANYRES32, @ANYRES32], 0x81}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3144.885834][T21396] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3144.897295][T21396] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3144.917856][T21403] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:43:39 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000007000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3144.983831][T21396] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3144.983831][T21396] !' [ 3145.017738][T21396] CPU: 0 PID: 21396 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3145.026448][T21396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3145.036513][T21396] Call Trace: [ 3145.039824][T21396] dump_stack+0x188/0x20d [ 3145.044270][T21396] sysfs_warn_dup.cold+0x1c/0x2d [ 3145.049229][T21396] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3145.055311][T21396] sysfs_create_link+0x61/0xc0 [ 3145.060091][T21396] device_add+0x71c/0x1bc0 [ 3145.064529][T21396] ? uevent_show+0x360/0x360 [ 3145.069150][T21396] wiphy_register+0x1c46/0x2720 [ 3145.074034][T21396] ? wiphy_unregister+0xf90/0xf90 [ 3145.079081][T21396] ? ieee80211_cs_list_valid+0x1e/0x280 [ 3145.082701][T21408] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3145.084636][T21396] ? ieee80211_cs_list_valid+0x198/0x280 [ 3145.084666][T21396] ieee80211_register_hw+0x141d/0x3760 [ 3145.084700][T21396] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3145.109879][T21396] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3145.115436][T21396] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3145.121430][T21396] ? memset+0x20/0x40 [ 3145.125421][T21396] ? __hrtimer_init+0x134/0x260 11:43:39 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0000000000000000000000000060000000000000000a000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3145.130283][T21396] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3145.136010][T21396] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3145.141337][T21396] ? hwsim_register_received_nl+0x400/0x400 [ 3145.147254][T21396] hwsim_new_radio_nl+0x905/0xf60 [ 3145.152293][T21396] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3145.158208][T21396] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3145.164540][T21396] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3145.170887][T21396] genl_rcv_msg+0x627/0xdf0 [ 3145.175410][T21396] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3145.181759][T21396] ? retint_kernel+0x2b/0x2b [ 3145.186392][T21396] netlink_rcv_skb+0x15a/0x410 [ 3145.191171][T21396] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3145.197510][T21396] ? netlink_ack+0xa80/0xa80 [ 3145.202135][T21396] genl_rcv+0x24/0x40 [ 3145.204692][T21411] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3145.206119][T21396] netlink_unicast+0x537/0x740 [ 3145.206155][T21396] ? netlink_attachskb+0x810/0x810 [ 3145.206178][T21396] ? _copy_from_iter_full+0x25c/0x870 [ 3145.230052][T21396] ? __phys_addr_symbol+0x2c/0x70 11:43:39 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000018000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3145.235082][T21396] ? __check_object_size+0x171/0x437 [ 3145.240387][T21396] netlink_sendmsg+0x882/0xe10 [ 3145.245176][T21396] ? netlink_unicast+0x740/0x740 [ 3145.250138][T21396] ? netlink_unicast+0x740/0x740 [ 3145.255081][T21396] sock_sendmsg+0xcf/0x120 [ 3145.259509][T21396] ____sys_sendmsg+0x6b9/0x7d0 [ 3145.264285][T21396] ? retint_kernel+0x2b/0x2b [ 3145.268888][T21396] ? kernel_sendmsg+0x50/0x50 [ 3145.273596][T21396] ? ____sys_sendmsg+0xe/0x7d0 [ 3145.278383][T21396] ___sys_sendmsg+0x100/0x170 [ 3145.283083][T21396] ? sendmsg_copy_msghdr+0x70/0x70 [ 3145.288228][T21396] ? __fget_files+0x329/0x4f0 [ 3145.292924][T21396] ? ksys_dup3+0x3c0/0x3c0 [ 3145.297343][T21396] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3145.303074][T21396] ? retint_kernel+0x2b/0x2b [ 3145.307683][T21396] ? __fget_light+0x208/0x270 [ 3145.312380][T21396] __sys_sendmsg+0xec/0x1b0 [ 3145.316892][T21396] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3145.321919][T21396] ? __x64_sys_futex+0x380/0x4f0 [ 3145.326898][T21396] ? trace_hardirqs_off_caller+0x55/0x230 [ 3145.332634][T21396] ? do_syscall_64+0x21/0x7d0 [ 3145.337330][T21396] do_syscall_64+0xf6/0x7d0 [ 3145.341851][T21396] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3145.343069][T21414] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3145.347738][T21396] RIP: 0033:0x45c849 [ 3145.347756][T21396] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 11:43:39 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000048000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:43:39 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) [ 3145.347764][T21396] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3145.347779][T21396] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3145.347787][T21396] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3145.347802][T21396] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3145.412352][T21396] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3145.420339][T21396] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3145.448431][T21402] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 3145.460474][T21402] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. 11:43:39 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3145.518157][T21402] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3145.518157][T21402] !' [ 3145.562466][T21417] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3145.576017][T21402] CPU: 0 PID: 21402 Comm: syz-executor.3 Not tainted 5.6.0-rc6-syzkaller #0 [ 3145.584714][T21402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3145.594775][T21402] Call Trace: [ 3145.598081][T21402] dump_stack+0x188/0x20d [ 3145.602439][T21402] sysfs_warn_dup.cold+0x1c/0x2d [ 3145.607394][T21402] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3145.613478][T21402] sysfs_create_link+0x61/0xc0 [ 3145.618354][T21402] device_add+0x71c/0x1bc0 [ 3145.622791][T21402] ? ieee80211_set_bitrate_flags+0x1fa/0x5c0 [ 3145.628786][T21402] ? uevent_show+0x360/0x360 [ 3145.633392][T21402] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3145.639397][T21402] wiphy_register+0x1c46/0x2720 [ 3145.644286][T21402] ? wiphy_unregister+0xf90/0xf90 [ 3145.649421][T21402] ? retint_kernel+0x2b/0x2b [ 3145.654045][T21402] ? ieee80211_register_hw+0x1283/0x3760 [ 3145.659700][T21402] ieee80211_register_hw+0x141d/0x3760 [ 3145.665191][T21402] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3145.670667][T21402] ? __hrtimer_init+0xf7/0x260 [ 3145.675439][T21402] ? __sanitizer_cov_trace_pc+0x27/0x50 [ 3145.680976][T21402] ? __hrtimer_init+0x134/0x260 [ 3145.685818][T21402] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3145.691544][T21402] ? hwsim_register_received_nl+0x400/0x400 [ 3145.697453][T21402] hwsim_new_radio_nl+0x905/0xf60 [ 3145.702485][T21402] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3145.708371][T21402] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3145.714091][T21402] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3145.720412][T21402] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3145.726809][T21402] genl_rcv_msg+0x627/0xdf0 [ 3145.731312][T21402] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3145.737664][T21402] ? mark_held_locks+0xe0/0xe0 [ 3145.742443][T21402] netlink_rcv_skb+0x15a/0x410 [ 3145.747204][T21402] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3145.753524][T21402] ? netlink_ack+0xa80/0xa80 [ 3145.758117][T21402] ? genl_rcv+0x9/0x40 [ 3145.762178][T21402] genl_rcv+0x24/0x40 [ 3145.766146][T21402] netlink_unicast+0x537/0x740 [ 3145.770908][T21402] ? netlink_attachskb+0x810/0x810 [ 3145.776007][T21402] ? _copy_from_iter_full+0x25c/0x870 [ 3145.781366][T21402] ? __phys_addr_symbol+0x2c/0x70 [ 3145.786377][T21402] ? __check_object_size+0x171/0x437 [ 3145.791653][T21402] netlink_sendmsg+0x882/0xe10 [ 3145.796410][T21402] ? aa_af_perm+0x260/0x260 [ 3145.800941][T21402] ? netlink_unicast+0x740/0x740 [ 3145.805895][T21402] ? netlink_unicast+0x740/0x740 [ 3145.810830][T21402] sock_sendmsg+0xcf/0x120 [ 3145.815247][T21402] ____sys_sendmsg+0x6b9/0x7d0 [ 3145.820005][T21402] ? kernel_sendmsg+0x50/0x50 [ 3145.824681][T21402] ? _raw_spin_unlock_irq+0x1f/0x80 [ 3145.829873][T21402] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3145.835178][T21402] ___sys_sendmsg+0x100/0x170 [ 3145.839844][T21402] ? __schedule+0x93c/0x1f90 [ 3145.844429][T21402] ? sendmsg_copy_msghdr+0x70/0x70 [ 3145.849531][T21402] ? __sched_text_start+0x8/0x8 [ 3145.854370][T21402] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3145.859813][T21402] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3145.865086][T21402] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3145.870549][T21402] ? preempt_schedule_irq+0xee/0x150 [ 3145.875842][T21402] ? retint_kernel+0x2b/0x2b [ 3145.880435][T21402] ? sockfd_lookup_light+0x69/0x170 [ 3145.885624][T21402] ? __sanitizer_cov_trace_const_cmp8+0x4/0x20 [ 3145.891786][T21402] __sys_sendmsg+0xec/0x1b0 [ 3145.896293][T21402] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3145.901328][T21402] ? do_syscall_64+0x4f/0x7d0 [ 3145.905995][T21402] do_syscall_64+0xf6/0x7d0 [ 3145.910491][T21402] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3145.916370][T21402] RIP: 0033:0x45c849 [ 3145.920255][T21402] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3145.939858][T21402] RSP: 002b:00007f413d0f4c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3145.948268][T21402] RAX: ffffffffffffffda RBX: 00007f413d0f56d4 RCX: 000000000045c849 [ 3145.956236][T21402] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3145.964207][T21402] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3145.972163][T21402] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3145.980122][T21402] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3146.107581][T21399] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3146.142042][T21399] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3146.206282][T21399] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3146.206282][T21399] !' [ 3146.233871][T21399] CPU: 0 PID: 21399 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3146.242594][T21399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3146.252654][T21399] Call Trace: [ 3146.255964][T21399] dump_stack+0x188/0x20d [ 3146.260326][T21399] sysfs_warn_dup.cold+0x1c/0x2d [ 3146.265279][T21399] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3146.271367][T21399] sysfs_create_link+0x61/0xc0 [ 3146.276145][T21399] device_add+0x71c/0x1bc0 [ 3146.280586][T21399] ? uevent_show+0x360/0x360 [ 3146.285192][T21399] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3146.291200][T21399] wiphy_register+0x1c46/0x2720 [ 3146.296079][T21399] ? wiphy_unregister+0xf90/0xf90 [ 3146.301117][T21399] ? __kmalloc+0x629/0x7a0 [ 3146.305547][T21399] ? ieee80211_register_hw+0xbea/0x3760 [ 3146.311115][T21399] ? ieee80211_cs_list_valid+0x198/0x280 [ 3146.316760][T21399] ieee80211_register_hw+0x141d/0x3760 [ 3146.322250][T21399] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3146.327724][T21399] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3146.333281][T21399] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3146.339278][T21399] ? memset+0x20/0x40 [ 3146.343270][T21399] ? __hrtimer_init+0x134/0x260 [ 3146.348149][T21399] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3146.353878][T21399] ? vprintk_func+0x81/0x17e [ 3146.358506][T21399] ? hwsim_register_received_nl+0x400/0x400 [ 3146.364431][T21399] hwsim_new_radio_nl+0x905/0xf60 [ 3146.369475][T21399] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3146.375378][T21399] ? cap_capable+0x1eb/0x250 [ 3146.379989][T21399] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3146.386326][T21399] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3146.392675][T21399] genl_rcv_msg+0x627/0xdf0 [ 3146.397209][T21399] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3146.403582][T21399] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 3146.409411][T21399] netlink_rcv_skb+0x15a/0x410 [ 3146.414190][T21399] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3146.420530][T21399] ? netlink_ack+0xa80/0xa80 [ 3146.425154][T21399] genl_rcv+0x24/0x40 [ 3146.429143][T21399] netlink_unicast+0x537/0x740 [ 3146.433924][T21399] ? netlink_attachskb+0x810/0x810 [ 3146.439150][T21399] ? _copy_from_iter_full+0x25c/0x870 [ 3146.444527][T21399] ? __phys_addr_symbol+0x2c/0x70 [ 3146.449561][T21399] ? __check_object_size+0x171/0x437 [ 3146.454863][T21399] netlink_sendmsg+0x882/0xe10 [ 3146.459639][T21399] ? aa_af_perm+0x260/0x260 [ 3146.464144][T21399] ? netlink_unicast+0x740/0x740 [ 3146.469105][T21399] ? netlink_unicast+0x740/0x740 [ 3146.474047][T21399] sock_sendmsg+0xcf/0x120 [ 3146.478478][T21399] ____sys_sendmsg+0x6b9/0x7d0 [ 3146.483256][T21399] ? kernel_sendmsg+0x50/0x50 [ 3146.487944][T21399] ? mark_lock+0xbc/0x1220 [ 3146.492384][T21399] ___sys_sendmsg+0x100/0x170 [ 3146.497068][T21399] ? sendmsg_copy_msghdr+0x70/0x70 [ 3146.502204][T21399] ? __fget_files+0x329/0x4f0 [ 3146.506899][T21399] ? ksys_dup3+0x3c0/0x3c0 [ 3146.511316][T21399] ? lock_acquire+0x197/0x420 [ 3146.515998][T21399] ? __might_fault+0xef/0x1d0 [ 3146.520730][T21399] ? __fget_light+0x208/0x270 [ 3146.525427][T21399] __sys_sendmsg+0xec/0x1b0 [ 3146.529944][T21399] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3146.535000][T21399] ? trace_hardirqs_off_caller+0x55/0x230 [ 3146.540838][T21399] ? do_syscall_64+0x21/0x7d0 [ 3146.545548][T21399] do_syscall_64+0xf6/0x7d0 [ 3146.550070][T21399] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3146.555984][T21399] RIP: 0033:0x45c849 [ 3146.559893][T21399] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3146.579500][T21399] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3146.587916][T21399] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3146.595894][T21399] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3146.603874][T21399] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3146.611938][T21399] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3146.620006][T21399] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3146.637480][T21423] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3146.658747][T21423] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3146.702559][T21423] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3146.702559][T21423] !' [ 3146.718220][T21423] CPU: 0 PID: 21423 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3146.726920][T21423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3146.736978][T21423] Call Trace: [ 3146.740278][T21423] dump_stack+0x188/0x20d [ 3146.744627][T21423] sysfs_warn_dup.cold+0x1c/0x2d [ 3146.749582][T21423] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3146.755662][T21423] sysfs_create_link+0x61/0xc0 [ 3146.760508][T21423] device_add+0x71c/0x1bc0 [ 3146.764945][T21423] ? ieee80211_set_bitrate_flags+0x350/0x5c0 [ 3146.770946][T21423] ? uevent_show+0x360/0x360 [ 3146.775562][T21423] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3146.781570][T21423] wiphy_register+0x1c46/0x2720 [ 3146.786453][T21423] ? wiphy_unregister+0xf90/0xf90 [ 3146.791485][T21423] ? retint_kernel+0x2b/0x2b [ 3146.796118][T21423] ? ieee80211_register_hw+0x132e/0x3760 [ 3146.801769][T21423] ieee80211_register_hw+0x141d/0x3760 [ 3146.807254][T21423] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3146.812727][T21423] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3146.818285][T21423] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3146.824282][T21423] ? memset+0x20/0x40 [ 3146.828274][T21423] ? __hrtimer_init+0x134/0x260 [ 3146.833143][T21423] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3146.838869][T21423] ? vprintk_func+0x81/0x17e [ 3146.843495][T21423] ? hwsim_register_received_nl+0x400/0x400 [ 3146.849409][T21423] hwsim_new_radio_nl+0x905/0xf60 [ 3146.854450][T21423] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3146.859927][T21423] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3146.865833][T21423] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3146.871592][T21423] genl_rcv_msg+0x627/0xdf0 [ 3146.876116][T21423] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3146.882481][T21423] ? ___preempt_schedule+0x16/0x18 [ 3146.887626][T21423] netlink_rcv_skb+0x15a/0x410 [ 3146.892400][T21423] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3146.898735][T21423] ? netlink_ack+0xa80/0xa80 [ 3146.903355][T21423] genl_rcv+0x24/0x40 [ 3146.907338][T21423] netlink_unicast+0x537/0x740 [ 3146.912117][T21423] ? netlink_attachskb+0x810/0x810 [ 3146.917256][T21423] ? _copy_from_iter_full+0x25c/0x870 [ 3146.922656][T21423] netlink_sendmsg+0x882/0xe10 [ 3146.927438][T21423] ? aa_af_perm+0x260/0x260 [ 3146.931946][T21423] ? netlink_unicast+0x740/0x740 [ 3146.936912][T21423] ? netlink_unicast+0x740/0x740 [ 3146.941966][T21423] sock_sendmsg+0xcf/0x120 [ 3146.946400][T21423] ____sys_sendmsg+0x6b9/0x7d0 [ 3146.951205][T21423] ? kernel_sendmsg+0x50/0x50 [ 3146.955901][T21423] ? mark_lock+0xbc/0x1220 [ 3146.960353][T21423] ___sys_sendmsg+0x100/0x170 [ 3146.965042][T21423] ? sendmsg_copy_msghdr+0x70/0x70 [ 3146.970180][T21423] ? __fget_files+0x329/0x4f0 [ 3146.974877][T21423] ? ksys_dup3+0x3c0/0x3c0 [ 3146.979292][T21423] ? lock_acquire+0x197/0x420 [ 3146.983982][T21423] ? __might_fault+0xef/0x1d0 [ 3146.988675][T21423] ? __fget_light+0x208/0x270 [ 3146.993367][T21423] __sys_sendmsg+0xec/0x1b0 [ 3146.997875][T21423] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3147.002931][T21423] ? do_syscall_64+0x4f/0x7d0 [ 3147.007631][T21423] do_syscall_64+0xf6/0x7d0 [ 3147.012154][T21423] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3147.018045][T21423] RIP: 0033:0x45c849 [ 3147.021946][T21423] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3147.041550][T21423] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3147.049970][T21423] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3147.057943][T21423] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3147.065926][T21423] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3147.073896][T21423] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3147.081874][T21423] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:43:48 executing program 4: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000074000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:43:48 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) 11:43:48 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0000000000000000000000000060000000000000004c000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:43:48 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001", @ANYRES32, @ANYRES32], 0x80}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:43:48 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32], 0x3c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:43:48 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3154.319410][T21434] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3154.397147][T21437] netlink: 'syz-executor.1': attribute type 8 has an invalid length. 11:43:48 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000060000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:43:48 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0) [ 3154.442755][T21437] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. 11:43:48 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0) [ 3154.506807][T21437] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3154.506807][T21437] !' [ 3154.546592][T21450] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3154.630541][T21437] CPU: 0 PID: 21437 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3154.639270][T21437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3154.649334][T21437] Call Trace: [ 3154.652642][T21437] dump_stack+0x188/0x20d [ 3154.656993][T21437] sysfs_warn_dup.cold+0x1c/0x2d [ 3154.661946][T21437] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3154.668023][T21437] sysfs_create_link+0x61/0xc0 [ 3154.672798][T21437] device_add+0x71c/0x1bc0 [ 3154.677245][T21437] ? uevent_show+0x360/0x360 [ 3154.681851][T21437] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3154.687853][T21437] wiphy_register+0x1c46/0x2720 [ 3154.692735][T21437] ? wiphy_unregister+0xf90/0xf90 [ 3154.697777][T21437] ? retint_kernel+0x2b/0x2b [ 3154.702398][T21437] ? ieee80211_cs_list_valid+0x198/0x280 [ 3154.708049][T21437] ieee80211_register_hw+0x141d/0x3760 [ 3154.713538][T21437] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3154.719013][T21437] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3154.724580][T21437] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3154.730576][T21437] ? memset+0x20/0x40 [ 3154.734574][T21437] ? __hrtimer_init+0x134/0x260 [ 3154.739453][T21437] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3154.745191][T21437] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3154.750520][T21437] ? hwsim_register_received_nl+0x400/0x400 [ 3154.756446][T21437] hwsim_new_radio_nl+0x905/0xf60 [ 3154.761488][T21437] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3154.766966][T21437] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3154.772982][T21437] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3154.778754][T21437] genl_rcv_msg+0x627/0xdf0 [ 3154.783289][T21437] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3154.789644][T21437] ? retint_kernel+0x2b/0x2b [ 3154.794282][T21437] netlink_rcv_skb+0x15a/0x410 [ 3154.799062][T21437] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3154.805424][T21437] ? netlink_ack+0xa80/0xa80 [ 3154.810055][T21437] genl_rcv+0x24/0x40 [ 3154.814053][T21437] netlink_unicast+0x537/0x740 [ 3154.818834][T21437] ? netlink_attachskb+0x810/0x810 [ 3154.823955][T21437] ? _copy_from_iter_full+0x25c/0x870 [ 3154.829339][T21437] ? __phys_addr_symbol+0x2c/0x70 [ 3154.834375][T21437] ? __check_object_size+0x171/0x437 [ 3154.839689][T21437] netlink_sendmsg+0x882/0xe10 [ 3154.844474][T21437] ? aa_af_perm+0x260/0x260 [ 3154.848987][T21437] ? netlink_unicast+0x740/0x740 [ 3154.853955][T21437] ? netlink_unicast+0x740/0x740 [ 3154.858906][T21437] sock_sendmsg+0xcf/0x120 [ 3154.863334][T21437] ____sys_sendmsg+0x6b9/0x7d0 [ 3154.868113][T21437] ? kernel_sendmsg+0x50/0x50 [ 3154.872797][T21437] ? retint_kernel+0x2b/0x2b [ 3154.877422][T21437] ___sys_sendmsg+0x100/0x170 [ 3154.882113][T21437] ? sendmsg_copy_msghdr+0x70/0x70 [ 3154.887255][T21437] ? __fget_files+0x329/0x4f0 [ 3154.891953][T21437] ? ksys_dup3+0x3c0/0x3c0 [ 3154.896377][T21437] ? lock_acquire+0x197/0x420 [ 3154.901064][T21437] ? __might_fault+0xef/0x1d0 [ 3154.905773][T21437] ? __fget_light+0x208/0x270 [ 3154.910473][T21437] __sys_sendmsg+0xec/0x1b0 [ 3154.914991][T21437] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3154.920051][T21437] ? trace_hardirqs_off_caller+0x55/0x230 [ 3154.925786][T21437] ? do_syscall_64+0x21/0x7d0 [ 3154.930479][T21437] do_syscall_64+0xf6/0x7d0 [ 3154.935004][T21437] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3154.940903][T21437] RIP: 0033:0x45c849 [ 3154.944805][T21437] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3154.964414][T21437] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3154.972837][T21437] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 11:43:49 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000068000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:43:49 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0) [ 3154.980815][T21437] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3154.988793][T21437] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3154.996769][T21437] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3155.004748][T21437] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:43:49 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0) [ 3155.054169][T21458] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3155.095412][T21442] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3155.115360][T21442] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3155.165215][T21442] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3155.165215][T21442] !' [ 3155.228948][T21442] CPU: 0 PID: 21442 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3155.237662][T21442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3155.247725][T21442] Call Trace: [ 3155.251033][T21442] dump_stack+0x188/0x20d [ 3155.255387][T21442] sysfs_warn_dup.cold+0x1c/0x2d [ 3155.260342][T21442] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3155.266431][T21442] sysfs_create_link+0x61/0xc0 [ 3155.271211][T21442] device_add+0x71c/0x1bc0 [ 3155.275649][T21442] ? ieee80211_set_bitrate_flags+0x418/0x5c0 [ 3155.281641][T21442] ? uevent_show+0x360/0x360 [ 3155.286248][T21442] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3155.292250][T21442] wiphy_register+0x1c46/0x2720 [ 3155.297128][T21442] ? wiphy_unregister+0xf90/0xf90 [ 3155.302165][T21442] ? retint_kernel+0x2b/0x2b [ 3155.306791][T21442] ? ieee80211_register_hw+0x1084/0x3760 [ 3155.312437][T21442] ? ieee80211_cs_list_valid+0x198/0x280 [ 3155.318090][T21442] ieee80211_register_hw+0x141d/0x3760 [ 3155.323585][T21442] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3155.329079][T21442] ? check_memory_region+0x11a/0x190 [ 3155.334387][T21442] ? memset+0x20/0x40 [ 3155.338393][T21442] ? __hrtimer_init+0x134/0x260 [ 3155.343269][T21442] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3155.349002][T21442] ? vprintk_func+0x81/0x17e [ 3155.353629][T21442] ? hwsim_register_received_nl+0x400/0x400 [ 3155.359545][T21442] hwsim_new_radio_nl+0x905/0xf60 [ 3155.364593][T21442] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3155.370492][T21442] ? retint_kernel+0x2b/0x2b [ 3155.375086][T21442] ? cap_capable+0x1eb/0x250 [ 3155.379724][T21442] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3155.386064][T21442] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3155.392417][T21442] genl_rcv_msg+0x627/0xdf0 [ 3155.396948][T21442] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3155.403286][T21442] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3155.408597][T21442] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3155.414106][T21442] netlink_rcv_skb+0x15a/0x410 [ 3155.418885][T21442] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3155.425226][T21442] ? netlink_ack+0xa80/0xa80 [ 3155.429851][T21442] genl_rcv+0x24/0x40 [ 3155.433841][T21442] netlink_unicast+0x537/0x740 [ 3155.438618][T21442] ? netlink_attachskb+0x810/0x810 [ 3155.443759][T21442] netlink_sendmsg+0x882/0xe10 [ 3155.448543][T21442] ? aa_af_perm+0x260/0x260 [ 3155.453058][T21442] ? netlink_unicast+0x740/0x740 [ 3155.458024][T21442] ? netlink_unicast+0x740/0x740 [ 3155.462973][T21442] sock_sendmsg+0xcf/0x120 [ 3155.467408][T21442] ____sys_sendmsg+0x6b9/0x7d0 [ 3155.472187][T21442] ? kernel_sendmsg+0x50/0x50 [ 3155.476906][T21442] ___sys_sendmsg+0x100/0x170 [ 3155.481603][T21442] ? sendmsg_copy_msghdr+0x70/0x70 [ 3155.486750][T21442] ? __fget_files+0x329/0x4f0 [ 3155.491454][T21442] ? ksys_dup3+0x3c0/0x3c0 [ 3155.495877][T21442] ? lock_acquire+0x209/0x420 [ 3155.500568][T21442] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3155.506039][T21442] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3155.511339][T21442] ? __fget_light+0x208/0x270 [ 3155.516041][T21442] __sys_sendmsg+0xec/0x1b0 [ 3155.520561][T21442] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3155.525599][T21442] ? __x64_sys_clock_gettime+0x165/0x240 [ 3155.531256][T21442] ? trace_hardirqs_off_caller+0x55/0x230 [ 3155.536997][T21442] ? do_syscall_64+0x21/0x7d0 [ 3155.541692][T21442] do_syscall_64+0xf6/0x7d0 [ 3155.546211][T21442] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3155.552111][T21442] RIP: 0033:0x45c849 [ 3155.556016][T21442] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3155.575626][T21442] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3155.584048][T21442] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3155.592029][T21442] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3155.600011][T21442] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3155.607993][T21442] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3155.615973][T21442] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3155.628812][T21441] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 3155.650609][T21441] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3155.665500][T21441] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3155.665500][T21441] !' [ 3155.677922][T21441] CPU: 0 PID: 21441 Comm: syz-executor.3 Not tainted 5.6.0-rc6-syzkaller #0 [ 3155.686616][T21441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3155.696676][T21441] Call Trace: [ 3155.699988][T21441] dump_stack+0x188/0x20d [ 3155.704344][T21441] sysfs_warn_dup.cold+0x1c/0x2d [ 3155.709309][T21441] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3155.715391][T21441] sysfs_create_link+0x61/0xc0 [ 3155.720168][T21441] device_add+0x71c/0x1bc0 [ 3155.724602][T21441] ? uevent_show+0x360/0x360 [ 3155.729209][T21441] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3155.735212][T21441] wiphy_register+0x1c46/0x2720 [ 3155.740110][T21441] ? wiphy_unregister+0xf90/0xf90 [ 3155.745152][T21441] ? __kmalloc+0x629/0x7a0 [ 3155.750622][T21441] ? ieee80211_register_hw+0xbea/0x3760 [ 3155.756185][T21441] ? ieee80211_cs_list_valid+0x198/0x280 [ 3155.761836][T21441] ieee80211_register_hw+0x141d/0x3760 [ 3155.767327][T21441] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3155.772806][T21441] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3155.778364][T21441] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3155.784359][T21441] ? memset+0x20/0x40 [ 3155.788356][T21441] ? __hrtimer_init+0x134/0x260 [ 3155.793224][T21441] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3155.798953][T21441] ? vprintk_func+0x81/0x17e [ 3155.803578][T21441] ? hwsim_register_received_nl+0x400/0x400 [ 3155.809603][T21441] hwsim_new_radio_nl+0x905/0xf60 [ 3155.814644][T21441] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3155.820551][T21441] ? cap_capable+0x1eb/0x250 [ 3155.825171][T21441] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3155.831509][T21441] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3155.837857][T21441] genl_rcv_msg+0x627/0xdf0 [ 3155.842495][T21441] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3155.848829][T21441] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3155.854131][T21441] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3155.859645][T21441] netlink_rcv_skb+0x15a/0x410 [ 3155.864426][T21441] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3155.870769][T21441] ? netlink_ack+0xa80/0xa80 [ 3155.875394][T21441] genl_rcv+0x24/0x40 [ 3155.879384][T21441] netlink_unicast+0x537/0x740 [ 3155.884162][T21441] ? netlink_attachskb+0x810/0x810 [ 3155.889285][T21441] ? _copy_from_iter_full+0x25c/0x870 [ 3155.894670][T21441] ? __phys_addr_symbol+0x2c/0x70 [ 3155.899701][T21441] ? __check_object_size+0x171/0x437 [ 3155.905007][T21441] netlink_sendmsg+0x882/0xe10 [ 3155.909791][T21441] ? retint_kernel+0x2b/0x2b [ 3155.914389][T21441] ? netlink_unicast+0x740/0x740 [ 3155.919328][T21441] ? netlink_unicast+0x740/0x740 [ 3155.924287][T21441] ? netlink_unicast+0x740/0x740 [ 3155.929236][T21441] sock_sendmsg+0xcf/0x120 [ 3155.933660][T21441] ____sys_sendmsg+0x6b9/0x7d0 [ 3155.938439][T21441] ? kernel_sendmsg+0x50/0x50 [ 3155.943136][T21441] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3155.948623][T21441] ___sys_sendmsg+0x100/0x170 [ 3155.953319][T21441] ? sendmsg_copy_msghdr+0x70/0x70 [ 3155.958448][T21441] ? __fget_files+0x38d/0x4f0 [ 3155.963145][T21441] ? __fget_files+0x329/0x4f0 [ 3155.967842][T21441] ? ksys_dup3+0x3c0/0x3c0 [ 3155.972267][T21441] ? lock_acquire+0x197/0x420 [ 3155.976956][T21441] ? __might_fault+0xef/0x1d0 [ 3155.981681][T21441] ? __fget_light+0x208/0x270 [ 3155.986377][T21441] __sys_sendmsg+0xec/0x1b0 [ 3155.990892][T21441] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3155.995953][T21441] ? do_syscall_64+0x4f/0x7d0 [ 3156.000647][T21441] do_syscall_64+0xf6/0x7d0 [ 3156.005171][T21441] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3156.011066][T21441] RIP: 0033:0x45c849 [ 3156.014970][T21441] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3156.034575][T21441] RSP: 002b:00007f413d0f4c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3156.042993][T21441] RAX: ffffffffffffffda RBX: 00007f413d0f56d4 RCX: 000000000045c849 [ 3156.050965][T21441] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3156.058939][T21441] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3156.066921][T21441] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3156.074931][T21441] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3160.631323][T21467] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:43:55 executing program 4: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32, @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32], 0x3c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:43:55 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0) 11:43:55 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0000000000000000000000000060000000000000006c000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:43:55 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:43:55 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32], 0x3c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:43:55 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c00000000000000010000000100", @ANYRES32, @ANYRES32], 0x81}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3160.857545][T21477] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:43:55 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0) [ 3160.899213][T21476] netlink: 'syz-executor.1': attribute type 8 has an invalid length. 11:43:55 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000074000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3160.962853][T21476] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. 11:43:55 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1}, 0x0) [ 3161.035022][T21476] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3161.035022][T21476] !' [ 3161.064300][T21476] CPU: 1 PID: 21476 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3161.073019][T21476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3161.083081][T21476] Call Trace: [ 3161.086391][T21476] dump_stack+0x188/0x20d [ 3161.090744][T21476] sysfs_warn_dup.cold+0x1c/0x2d [ 3161.095702][T21476] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3161.101787][T21476] sysfs_create_link+0x61/0xc0 [ 3161.106562][T21476] device_add+0x71c/0x1bc0 [ 3161.107215][T21487] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3161.110985][T21476] ? retint_kernel+0x2b/0x2b [ 3161.111005][T21476] ? uevent_show+0x360/0x360 [ 3161.111038][T21476] wiphy_register+0x1c46/0x2720 [ 3161.111073][T21476] ? wiphy_unregister+0xf90/0xf90 [ 3161.111085][T21476] ? retint_kernel+0x2b/0x2b [ 3161.111114][T21476] ? ieee80211_register_hw+0x13b6/0x3760 [ 3161.148962][T21476] ieee80211_register_hw+0x141d/0x3760 [ 3161.154461][T21476] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3161.159936][T21476] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3161.165496][T21476] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3161.171492][T21476] ? memset+0x20/0x40 [ 3161.175483][T21476] ? __hrtimer_init+0x134/0x260 11:43:55 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0000000000000000000000000060000000000000007a000000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3161.180347][T21476] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3161.186079][T21476] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3161.191401][T21476] ? hwsim_register_received_nl+0x400/0x400 [ 3161.197315][T21476] ? hwsim_new_radio_nl+0x5dd/0xf60 [ 3161.202533][T21476] hwsim_new_radio_nl+0x905/0xf60 [ 3161.207579][T21476] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3161.213483][T21476] ? cap_capable+0x1eb/0x250 [ 3161.218219][T21476] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3161.224564][T21476] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3161.230913][T21476] genl_rcv_msg+0x627/0xdf0 11:43:55 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1}, 0x0) [ 3161.235442][T21476] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3161.241810][T21476] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 3161.247638][T21476] netlink_rcv_skb+0x15a/0x410 [ 3161.252414][T21476] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3161.258745][T21476] ? netlink_ack+0xa80/0xa80 [ 3161.263361][T21476] genl_rcv+0x24/0x40 [ 3161.267352][T21476] netlink_unicast+0x537/0x740 [ 3161.272141][T21476] ? netlink_attachskb+0x810/0x810 [ 3161.277263][T21476] ? _copy_from_iter_full+0x25c/0x870 [ 3161.282369][T21491] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3161.282638][T21476] ? __phys_addr_symbol+0x2c/0x70 [ 3161.296322][T21476] ? __check_object_size+0x171/0x437 [ 3161.301627][T21476] netlink_sendmsg+0x882/0xe10 [ 3161.306411][T21476] ? aa_af_perm+0x260/0x260 [ 3161.310926][T21476] ? netlink_unicast+0x740/0x740 [ 3161.315890][T21476] ? netlink_unicast+0x740/0x740 [ 3161.320841][T21476] sock_sendmsg+0xcf/0x120 [ 3161.325267][T21476] ____sys_sendmsg+0x6b9/0x7d0 [ 3161.330042][T21476] ? kernel_sendmsg+0x50/0x50 [ 3161.334728][T21476] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3161.340026][T21476] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3161.345514][T21476] ___sys_sendmsg+0x100/0x170 [ 3161.350204][T21476] ? sendmsg_copy_msghdr+0x70/0x70 [ 3161.355330][T21476] ? __rcu_read_unlock+0x136/0x700 [ 3161.360465][T21476] ? __fget_files+0x329/0x4f0 [ 3161.365168][T21476] ? ksys_dup3+0x3c0/0x3c0 [ 3161.369724][T21476] ? lock_acquire+0x209/0x420 [ 3161.374440][T21476] ? __fget_light+0x208/0x270 [ 3161.379135][T21476] __sys_sendmsg+0xec/0x1b0 11:43:55 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000030000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3161.383651][T21476] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3161.388714][T21476] ? do_syscall_64+0x4f/0x7d0 [ 3161.393414][T21476] do_syscall_64+0xf6/0x7d0 [ 3161.397934][T21476] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3161.403833][T21476] RIP: 0033:0x45c849 [ 3161.407736][T21476] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3161.427344][T21476] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3161.435769][T21476] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3161.443746][T21476] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3161.451737][T21476] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3161.459718][T21476] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3161.467693][T21476] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3161.473243][T21495] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3161.506175][T21479] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3161.533916][T21479] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3161.612808][T21479] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3161.612808][T21479] !' [ 3161.630494][T21479] CPU: 1 PID: 21479 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3161.639200][T21479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3161.649256][T21479] Call Trace: [ 3161.652564][T21479] dump_stack+0x188/0x20d [ 3161.656905][T21479] sysfs_warn_dup.cold+0x1c/0x2d [ 3161.661839][T21479] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3161.667896][T21479] sysfs_create_link+0x61/0xc0 [ 3161.672650][T21479] device_add+0x71c/0x1bc0 [ 3161.677085][T21479] ? uevent_show+0x360/0x360 [ 3161.681673][T21479] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3161.687648][T21479] wiphy_register+0x1c46/0x2720 [ 3161.692503][T21479] ? wiphy_unregister+0xf90/0xf90 [ 3161.697513][T21479] ? retint_kernel+0x2b/0x2b [ 3161.702101][T21479] ? ieee80211_register_hw+0x1283/0x3760 [ 3161.707721][T21479] ieee80211_register_hw+0x141d/0x3760 [ 3161.713183][T21479] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3161.718632][T21479] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3161.724164][T21479] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3161.730133][T21479] ? memset+0x20/0x40 [ 3161.734102][T21479] ? __hrtimer_init+0x134/0x260 [ 3161.738944][T21479] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3161.744691][T21479] ? hwsim_register_received_nl+0x400/0x400 [ 3161.750593][T21479] hwsim_new_radio_nl+0x905/0xf60 [ 3161.755621][T21479] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3161.761107][T21479] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3161.767010][T21479] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3161.772762][T21479] genl_rcv_msg+0x627/0xdf0 [ 3161.777262][T21479] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3161.783584][T21479] ? retint_kernel+0x2b/0x2b [ 3161.788266][T21479] netlink_rcv_skb+0x15a/0x410 [ 3161.793041][T21479] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3161.799359][T21479] ? netlink_ack+0xa80/0xa80 [ 3161.803959][T21479] genl_rcv+0x24/0x40 [ 3161.807945][T21479] netlink_unicast+0x537/0x740 [ 3161.812704][T21479] ? netlink_attachskb+0x810/0x810 [ 3161.817813][T21479] ? _copy_from_iter_full+0x25c/0x870 [ 3161.823178][T21479] ? __phys_addr_symbol+0x2c/0x70 [ 3161.828192][T21479] ? __check_object_size+0x171/0x437 [ 3161.833475][T21479] netlink_sendmsg+0x882/0xe10 [ 3161.838247][T21479] ? netlink_unicast+0x740/0x740 [ 3161.843185][T21479] ? netlink_unicast+0x740/0x740 [ 3161.848111][T21479] sock_sendmsg+0xcf/0x120 [ 3161.852518][T21479] ____sys_sendmsg+0x6b9/0x7d0 [ 3161.857275][T21479] ? kernel_sendmsg+0x50/0x50 [ 3161.861958][T21479] ___sys_sendmsg+0x100/0x170 [ 3161.866625][T21479] ? sendmsg_copy_msghdr+0x70/0x70 [ 3161.871730][T21479] ? __rcu_read_unlock+0x130/0x700 [ 3161.876840][T21479] ? __fget_files+0x329/0x4f0 [ 3161.881524][T21479] ? ksys_dup3+0x3c0/0x3c0 [ 3161.885926][T21479] ? lock_acquire+0x197/0x420 [ 3161.890603][T21479] ? __might_fault+0xef/0x1d0 [ 3161.895277][T21479] ? __fget_light+0x208/0x270 [ 3161.899955][T21479] __sys_sendmsg+0xec/0x1b0 [ 3161.904446][T21479] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3161.909456][T21479] ? __x64_sys_futex+0x380/0x4f0 [ 3161.914392][T21479] ? trace_hardirqs_off_caller+0x55/0x230 [ 3161.920128][T21479] ? do_syscall_64+0x21/0x7d0 [ 3161.924812][T21479] do_syscall_64+0xf6/0x7d0 [ 3161.929317][T21479] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3161.935196][T21479] RIP: 0033:0x45c849 [ 3161.939079][T21479] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3161.958777][T21479] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3161.967181][T21479] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3161.975140][T21479] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3161.983097][T21479] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3161.991052][T21479] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3161.999006][T21479] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3162.139092][T21481] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 3162.160380][T21481] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3162.201222][T21481] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3162.201222][T21481] !' [ 3162.226437][T21481] CPU: 0 PID: 21481 Comm: syz-executor.3 Not tainted 5.6.0-rc6-syzkaller #0 [ 3162.235152][T21481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3162.245215][T21481] Call Trace: [ 3162.248526][T21481] dump_stack+0x188/0x20d [ 3162.252878][T21481] sysfs_warn_dup.cold+0x1c/0x2d [ 3162.257828][T21481] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3162.263907][T21481] sysfs_create_link+0x61/0xc0 [ 3162.268678][T21481] device_add+0x71c/0x1bc0 [ 3162.273111][T21481] ? uevent_show+0x360/0x360 [ 3162.277716][T21481] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3162.283712][T21481] wiphy_register+0x1c46/0x2720 [ 3162.288591][T21481] ? wiphy_unregister+0xf90/0xf90 [ 3162.293623][T21481] ? __kmalloc+0x629/0x7a0 [ 3162.298042][T21481] ? ieee80211_register_hw+0xbea/0x3760 [ 3162.303600][T21481] ? ieee80211_cs_list_valid+0x198/0x280 [ 3162.309242][T21481] ieee80211_register_hw+0x141d/0x3760 [ 3162.314733][T21481] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3162.320200][T21481] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3162.325754][T21481] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3162.331744][T21481] ? memset+0x20/0x40 [ 3162.335736][T21481] ? __hrtimer_init+0x134/0x260 [ 3162.340601][T21481] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3162.346323][T21481] ? vprintk_func+0x81/0x17e [ 3162.350944][T21481] ? hwsim_register_received_nl+0x400/0x400 [ 3162.356862][T21481] hwsim_new_radio_nl+0x905/0xf60 [ 3162.361898][T21481] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3162.367795][T21481] ? cap_capable+0x1eb/0x250 [ 3162.372405][T21481] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3162.378740][T21481] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3162.385086][T21481] genl_rcv_msg+0x627/0xdf0 [ 3162.389609][T21481] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3162.395939][T21481] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3162.401238][T21481] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3162.406741][T21481] netlink_rcv_skb+0x15a/0x410 [ 3162.411514][T21481] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3162.417849][T21481] ? netlink_ack+0xa80/0xa80 [ 3162.422458][T21481] ? netlink_unicast+0x1a4/0x740 [ 3162.427407][T21481] genl_rcv+0x24/0x40 [ 3162.431385][T21481] netlink_unicast+0x537/0x740 [ 3162.436164][T21481] ? netlink_attachskb+0x810/0x810 [ 3162.441279][T21481] ? _copy_from_iter_full+0x25c/0x870 [ 3162.446673][T21481] netlink_sendmsg+0x882/0xe10 [ 3162.451448][T21481] ? aa_af_perm+0x260/0x260 [ 3162.455952][T21481] ? netlink_unicast+0x740/0x740 [ 3162.460911][T21481] ? netlink_unicast+0x740/0x740 [ 3162.465854][T21481] sock_sendmsg+0xcf/0x120 [ 3162.470274][T21481] ____sys_sendmsg+0x6b9/0x7d0 [ 3162.475047][T21481] ? kernel_sendmsg+0x50/0x50 [ 3162.479731][T21481] ? mark_lock+0xbc/0x1220 [ 3162.484179][T21481] ___sys_sendmsg+0x100/0x170 [ 3162.488869][T21481] ? sendmsg_copy_msghdr+0x70/0x70 [ 3162.494002][T21481] ? __fget_files+0x329/0x4f0 [ 3162.498691][T21481] ? ksys_dup3+0x3c0/0x3c0 [ 3162.503109][T21481] ? lock_acquire+0x197/0x420 [ 3162.507795][T21481] ? __might_fault+0xef/0x1d0 [ 3162.512489][T21481] ? __fget_light+0x208/0x270 [ 3162.517177][T21481] __sys_sendmsg+0xec/0x1b0 [ 3162.521684][T21481] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3162.526751][T21481] ? trace_hardirqs_off_caller+0x55/0x230 [ 3162.532482][T21481] ? do_syscall_64+0x21/0x7d0 [ 3162.537171][T21481] do_syscall_64+0xf6/0x7d0 [ 3162.541698][T21481] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3162.547599][T21481] RIP: 0033:0x45c849 [ 3162.551502][T21481] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3162.571111][T21481] RSP: 002b:00007f413d0f4c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3162.579544][T21481] RAX: ffffffffffffffda RBX: 00007f413d0f56d4 RCX: 000000000045c849 [ 3162.587519][T21481] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3162.595493][T21481] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3162.603468][T21481] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3162.611445][T21481] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3167.122686][T21504] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 3167.131271][T21504] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3167.173240][T21504] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3167.173240][T21504] !' [ 3167.183500][T21504] CPU: 1 PID: 21504 Comm: syz-executor.4 Not tainted 5.6.0-rc6-syzkaller #0 [ 3167.192182][T21504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3167.202344][T21504] Call Trace: [ 3167.205654][T21504] dump_stack+0x188/0x20d [ 3167.210010][T21504] sysfs_warn_dup.cold+0x1c/0x2d [ 3167.214962][T21504] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3167.221044][T21504] sysfs_create_link+0x61/0xc0 [ 3167.225821][T21504] device_add+0x71c/0x1bc0 [ 3167.230259][T21504] ? uevent_show+0x360/0x360 [ 3167.234862][T21504] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3167.240865][T21504] wiphy_register+0x1c46/0x2720 [ 3167.245750][T21504] ? wiphy_unregister+0xf90/0xf90 [ 3167.250783][T21504] ? retint_kernel+0x2b/0x2b [ 3167.255402][T21504] ? ieee80211_register_hw+0x24e0/0x3760 [ 3167.261054][T21504] ieee80211_register_hw+0x141d/0x3760 [ 3167.266544][T21504] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3167.272019][T21504] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3167.277569][T21504] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3167.283557][T21504] ? memset+0x20/0x40 [ 3167.287552][T21504] ? __hrtimer_init+0x134/0x260 [ 3167.292418][T21504] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3167.298171][T21504] ? hwsim_register_received_nl+0x400/0x400 [ 3167.304087][T21504] hwsim_new_radio_nl+0x905/0xf60 [ 3167.309127][T21504] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3167.314603][T21504] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3167.320507][T21504] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3167.326265][T21504] genl_rcv_msg+0x627/0xdf0 [ 3167.330794][T21504] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3167.337131][T21504] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3167.342723][T21504] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3167.348466][T21504] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3167.354815][T21504] netlink_rcv_skb+0x15a/0x410 [ 3167.359594][T21504] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3167.365942][T21504] ? netlink_ack+0xa80/0xa80 [ 3167.370566][T21504] genl_rcv+0x24/0x40 [ 3167.374559][T21504] netlink_unicast+0x537/0x740 [ 3167.379344][T21504] ? netlink_attachskb+0x810/0x810 [ 3167.384461][T21504] ? _copy_from_iter_full+0x25c/0x870 [ 3167.389838][T21504] ? __phys_addr_symbol+0x2c/0x70 [ 3167.394871][T21504] ? __check_object_size+0x171/0x437 [ 3167.400183][T21504] netlink_sendmsg+0x882/0xe10 [ 3167.404962][T21504] ? aa_af_perm+0x260/0x260 [ 3167.409479][T21504] ? netlink_unicast+0x740/0x740 [ 3167.414443][T21504] ? netlink_unicast+0x740/0x740 [ 3167.419393][T21504] sock_sendmsg+0xcf/0x120 [ 3167.423821][T21504] ____sys_sendmsg+0x6b9/0x7d0 [ 3167.428594][T21504] ? kernel_sendmsg+0x50/0x50 [ 3167.433302][T21504] ___sys_sendmsg+0x100/0x170 [ 3167.437998][T21504] ? sendmsg_copy_msghdr+0x70/0x70 [ 3167.443139][T21504] ? __fget_files+0x329/0x4f0 [ 3167.447840][T21504] ? ksys_dup3+0x3c0/0x3c0 [ 3167.452268][T21504] ? lock_acquire+0x197/0x420 [ 3167.456954][T21504] ? __might_fault+0xef/0x1d0 [ 3167.461652][T21504] ? __fget_light+0x208/0x270 [ 3167.466345][T21504] __sys_sendmsg+0xec/0x1b0 [ 3167.470852][T21504] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3167.475907][T21504] ? do_syscall_64+0x4f/0x7d0 [ 3167.480603][T21504] do_syscall_64+0xf6/0x7d0 [ 3167.485122][T21504] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3167.491021][T21504] RIP: 0033:0x45c849 [ 3167.494917][T21504] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3167.514531][T21504] RSP: 002b:00007f96f5f61c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3167.522945][T21504] RAX: ffffffffffffffda RBX: 00007f96f5f626d4 RCX: 000000000045c849 [ 3167.530923][T21504] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3167.538902][T21504] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3167.546980][T21504] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3167.554957][T21504] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:44:01 executing program 4: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32, @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32], 0x3c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:01 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1}, 0x0) 11:44:01 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:01 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000050000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:44:01 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:01 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c00000000000000010000000100", @ANYRES32, @ANYRES32], 0x81}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3167.663475][T21515] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:44:02 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000060000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:44:02 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011", 0x17}], 0x1}, 0x0) [ 3167.718268][T21511] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3167.796789][T21519] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3167.804157][T21511] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. 11:44:02 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000070000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3167.875969][T21511] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3167.875969][T21511] !' [ 3167.913227][T21511] CPU: 0 PID: 21511 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3167.921947][T21511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3167.932012][T21511] Call Trace: [ 3167.935320][T21511] dump_stack+0x188/0x20d [ 3167.939673][T21511] sysfs_warn_dup.cold+0x1c/0x2d [ 3167.944636][T21511] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3167.950722][T21511] sysfs_create_link+0x61/0xc0 [ 3167.950908][T21524] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3167.955487][T21511] device_add+0x71c/0x1bc0 [ 3167.955514][T21511] ? ieee80211_set_bitrate_flags+0xf9/0x5c0 [ 3167.955532][T21511] ? uevent_show+0x360/0x360 [ 3167.955549][T21511] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3167.955574][T21511] wiphy_register+0x1c46/0x2720 [ 3167.989940][T21511] ? wiphy_unregister+0xf90/0xf90 [ 3167.994972][T21511] ? retint_kernel+0x2b/0x2b [ 3167.999593][T21511] ? ieee80211_cs_list_valid+0x198/0x280 [ 3168.005247][T21511] ieee80211_register_hw+0x141d/0x3760 [ 3168.010732][T21511] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3168.016206][T21511] ? retint_kernel+0x2b/0x2b [ 3168.020818][T21511] ? __hrtimer_init+0x134/0x260 [ 3168.025691][T21511] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3168.031419][T21511] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3168.036744][T21511] ? hwsim_register_received_nl+0x400/0x400 [ 3168.042667][T21511] hwsim_new_radio_nl+0x905/0xf60 [ 3168.047704][T21511] ? retint_kernel+0x2b/0x2b [ 3168.052307][T21511] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3168.058233][T21511] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3168.064572][T21511] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3168.070921][T21511] genl_rcv_msg+0x627/0xdf0 [ 3168.075449][T21511] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3168.081787][T21511] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3168.087266][T21511] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3168.093004][T21511] ? netlink_rcv_skb+0x308/0x410 [ 3168.097966][T21511] netlink_rcv_skb+0x15a/0x410 [ 3168.102749][T21511] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3168.109096][T21511] ? netlink_ack+0xa80/0xa80 [ 3168.113747][T21511] genl_rcv+0x24/0x40 [ 3168.115005][T21527] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3168.117733][T21511] netlink_unicast+0x537/0x740 [ 3168.117762][T21511] ? netlink_attachskb+0x810/0x810 [ 3168.117779][T21511] ? _copy_from_iter_full+0x25c/0x870 [ 3168.117794][T21511] ? __phys_addr_symbol+0x2c/0x70 [ 3168.117814][T21511] ? __check_object_size+0x171/0x437 [ 3168.152075][T21511] netlink_sendmsg+0x882/0xe10 [ 3168.156981][T21511] ? aa_af_perm+0x260/0x260 [ 3168.161518][T21511] ? netlink_unicast+0x740/0x740 [ 3168.166490][T21511] ? netlink_unicast+0x740/0x740 [ 3168.171443][T21511] sock_sendmsg+0xcf/0x120 [ 3168.175880][T21511] ____sys_sendmsg+0x6b9/0x7d0 [ 3168.180672][T21511] ? kernel_sendmsg+0x50/0x50 [ 3168.185367][T21511] ? mark_lock+0xbc/0x1220 [ 3168.189812][T21511] ___sys_sendmsg+0x100/0x170 [ 3168.194504][T21511] ? sendmsg_copy_msghdr+0x70/0x70 [ 3168.199645][T21511] ? __fget_files+0x329/0x4f0 [ 3168.204348][T21511] ? ksys_dup3+0x3c0/0x3c0 [ 3168.208772][T21511] ? lock_acquire+0x197/0x420 [ 3168.213462][T21511] ? __might_fault+0xef/0x1d0 [ 3168.218174][T21511] ? __fget_light+0x208/0x270 [ 3168.222893][T21511] __sys_sendmsg+0xec/0x1b0 [ 3168.227397][T21511] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3168.232455][T21511] ? trace_hardirqs_off_caller+0x55/0x230 [ 3168.238190][T21511] ? do_syscall_64+0x21/0x7d0 [ 3168.242887][T21511] do_syscall_64+0xf6/0x7d0 [ 3168.247401][T21511] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3168.253291][T21511] RIP: 0033:0x45c849 [ 3168.257196][T21511] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 11:44:02 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000006000000000000000000a0000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:44:02 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000180000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3168.261927][T21530] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3168.276807][T21511] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3168.276822][T21511] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3168.276829][T21511] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3168.276837][T21511] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3168.276845][T21511] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 11:44:02 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011", 0x17}], 0x1}, 0x0) [ 3168.276854][T21511] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3168.334552][T21513] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 3168.360518][T21513] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3168.479354][T21513] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3168.479354][T21513] !' [ 3168.505979][T21513] CPU: 1 PID: 21513 Comm: syz-executor.3 Not tainted 5.6.0-rc6-syzkaller #0 [ 3168.514696][T21513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3168.524757][T21513] Call Trace: [ 3168.528065][T21513] dump_stack+0x188/0x20d [ 3168.532413][T21513] sysfs_warn_dup.cold+0x1c/0x2d [ 3168.537364][T21513] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3168.543556][T21513] sysfs_create_link+0x61/0xc0 [ 3168.548328][T21513] device_add+0x71c/0x1bc0 [ 3168.552758][T21513] ? ieee80211_set_bitrate_flags+0x134/0x5c0 [ 3168.558742][T21513] ? uevent_show+0x360/0x360 [ 3168.563350][T21513] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3168.569348][T21513] wiphy_register+0x1c46/0x2720 [ 3168.574228][T21513] ? wiphy_unregister+0xf90/0xf90 [ 3168.579260][T21513] ? retint_kernel+0x2b/0x2b [ 3168.583869][T21513] ? ieee80211_register_hw+0x1226/0x3760 [ 3168.589509][T21513] ieee80211_register_hw+0x141d/0x3760 [ 3168.594991][T21513] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3168.600457][T21513] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3168.606014][T21513] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3168.612003][T21513] ? hrtimer_init+0x36/0x320 [ 3168.616600][T21513] ? memset+0x20/0x40 [ 3168.620609][T21513] ? __hrtimer_init+0x134/0x260 [ 3168.625492][T21513] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3168.631226][T21513] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3168.636548][T21513] ? hwsim_register_received_nl+0x400/0x400 [ 3168.642469][T21513] hwsim_new_radio_nl+0x905/0xf60 [ 3168.647500][T21513] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3168.652798][T21513] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3168.658732][T21513] genl_rcv_msg+0x627/0xdf0 [ 3168.663256][T21513] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3168.669601][T21513] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3168.674905][T21513] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3168.680628][T21513] ? retint_kernel+0x2b/0x2b [ 3168.685236][T21513] netlink_rcv_skb+0x15a/0x410 [ 3168.690009][T21513] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3168.696349][T21513] ? netlink_ack+0xa80/0xa80 [ 3168.700970][T21513] genl_rcv+0x24/0x40 [ 3168.704961][T21513] netlink_unicast+0x537/0x740 [ 3168.709745][T21513] ? netlink_attachskb+0x810/0x810 [ 3168.714863][T21513] ? _copy_from_iter_full+0x25c/0x870 [ 3168.720243][T21513] ? __phys_addr_symbol+0x2c/0x70 [ 3168.725273][T21513] ? __check_object_size+0x171/0x437 [ 3168.730579][T21513] netlink_sendmsg+0x882/0xe10 [ 3168.735368][T21513] ? netlink_unicast+0x740/0x740 [ 3168.740325][T21513] ? __sanitizer_cov_trace_pc+0x27/0x50 [ 3168.745880][T21513] ? netlink_unicast+0x740/0x740 [ 3168.750830][T21513] sock_sendmsg+0xcf/0x120 [ 3168.755262][T21513] ____sys_sendmsg+0x6b9/0x7d0 [ 3168.760039][T21513] ? kernel_sendmsg+0x50/0x50 [ 3168.764729][T21513] ? mark_lock+0xbc/0x1220 [ 3168.769148][T21513] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3168.774630][T21513] ___sys_sendmsg+0x100/0x170 [ 3168.779320][T21513] ? sendmsg_copy_msghdr+0x70/0x70 [ 3168.784461][T21513] ? __fget_files+0x329/0x4f0 [ 3168.789160][T21513] ? ksys_dup3+0x3c0/0x3c0 [ 3168.793583][T21513] ? lock_acquire+0x197/0x420 [ 3168.798263][T21513] ? __might_fault+0xef/0x1d0 [ 3168.802957][T21513] ? __fget_light+0x208/0x270 [ 3168.807656][T21513] __sys_sendmsg+0xec/0x1b0 [ 3168.812166][T21513] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3168.817235][T21513] do_syscall_64+0xf6/0x7d0 [ 3168.821751][T21513] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3168.827645][T21513] RIP: 0033:0x45c849 [ 3168.831547][T21513] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3168.851154][T21513] RSP: 002b:00007f413d0f4c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3168.859576][T21513] RAX: ffffffffffffffda RBX: 00007f413d0f56d4 RCX: 000000000045c849 [ 3168.867560][T21513] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3168.875543][T21513] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3168.883519][T21513] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3168.891492][T21513] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3168.939843][T21512] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3168.960328][T21512] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3168.989571][T21512] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3168.989571][T21512] !' [ 3169.044698][T21512] CPU: 0 PID: 21512 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3169.053427][T21512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3169.063492][T21512] Call Trace: [ 3169.066809][T21512] dump_stack+0x188/0x20d [ 3169.071167][T21512] sysfs_warn_dup.cold+0x1c/0x2d [ 3169.076122][T21512] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3169.082203][T21512] sysfs_create_link+0x61/0xc0 [ 3169.086983][T21512] device_add+0x71c/0x1bc0 [ 3169.091427][T21512] ? uevent_show+0x360/0x360 [ 3169.096049][T21512] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3169.102063][T21512] wiphy_register+0x1c46/0x2720 [ 3169.106948][T21512] ? wiphy_unregister+0xf90/0xf90 [ 3169.112101][T21512] ? __kmalloc+0x629/0x7a0 [ 3169.116526][T21512] ? ieee80211_register_hw+0xbea/0x3760 [ 3169.122090][T21512] ? ieee80211_cs_list_valid+0x198/0x280 [ 3169.127743][T21512] ieee80211_register_hw+0x141d/0x3760 [ 3169.133234][T21512] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3169.138714][T21512] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3169.144275][T21512] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3169.150267][T21512] ? memset+0x20/0x40 [ 3169.154258][T21512] ? __hrtimer_init+0x134/0x260 [ 3169.159127][T21512] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3169.164868][T21512] ? vprintk_func+0x81/0x17e [ 3169.169498][T21512] ? hwsim_register_received_nl+0x400/0x400 [ 3169.175423][T21512] hwsim_new_radio_nl+0x905/0xf60 [ 3169.180465][T21512] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3169.186375][T21512] ? cap_capable+0x1eb/0x250 [ 3169.190997][T21512] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3169.197334][T21512] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3169.204038][T21512] genl_rcv_msg+0x627/0xdf0 [ 3169.208569][T21512] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3169.214902][T21512] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3169.220203][T21512] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3169.225728][T21512] netlink_rcv_skb+0x15a/0x410 [ 3169.230522][T21512] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3169.236870][T21512] ? netlink_ack+0xa80/0xa80 [ 3169.241506][T21512] genl_rcv+0x24/0x40 [ 3169.245502][T21512] netlink_unicast+0x537/0x740 [ 3169.250289][T21512] ? netlink_attachskb+0x810/0x810 [ 3169.255424][T21512] netlink_sendmsg+0x882/0xe10 [ 3169.260211][T21512] ? aa_af_perm+0x260/0x260 [ 3169.264736][T21512] ? netlink_unicast+0x740/0x740 [ 3169.269710][T21512] ? netlink_unicast+0x740/0x740 [ 3169.274659][T21512] sock_sendmsg+0xcf/0x120 [ 3169.279095][T21512] ____sys_sendmsg+0x6b9/0x7d0 [ 3169.283879][T21512] ? kernel_sendmsg+0x50/0x50 [ 3169.288575][T21512] ? mark_lock+0xbc/0x1220 [ 3169.293031][T21512] ___sys_sendmsg+0x100/0x170 [ 3169.297734][T21512] ? sendmsg_copy_msghdr+0x70/0x70 [ 3169.302881][T21512] ? __fget_files+0x329/0x4f0 [ 3169.307582][T21512] ? ksys_dup3+0x3c0/0x3c0 [ 3169.312013][T21512] ? lock_acquire+0x197/0x420 [ 3169.316701][T21512] ? __might_fault+0xef/0x1d0 [ 3169.321409][T21512] ? __fget_light+0x208/0x270 [ 3169.326112][T21512] __sys_sendmsg+0xec/0x1b0 [ 3169.330632][T21512] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3169.335699][T21512] ? do_syscall_64+0x4f/0x7d0 [ 3169.340398][T21512] do_syscall_64+0xf6/0x7d0 [ 3169.344913][T21512] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3169.350814][T21512] RIP: 0033:0x45c849 [ 3169.354721][T21512] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3169.374333][T21512] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3169.382756][T21512] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3169.390739][T21512] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3169.398721][T21512] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3169.406700][T21512] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3169.414689][T21512] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3176.007957][T21541] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 3176.018687][T21541] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3176.053562][T21541] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3176.053562][T21541] !' [ 3176.069623][T21541] CPU: 0 PID: 21541 Comm: syz-executor.4 Not tainted 5.6.0-rc6-syzkaller #0 [ 3176.078319][T21541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3176.088377][T21541] Call Trace: [ 3176.091684][T21541] dump_stack+0x188/0x20d [ 3176.096067][T21541] sysfs_warn_dup.cold+0x1c/0x2d [ 3176.101024][T21541] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3176.107100][T21541] sysfs_create_link+0x61/0xc0 [ 3176.111878][T21541] device_add+0x71c/0x1bc0 [ 3176.116310][T21541] ? uevent_show+0x360/0x360 [ 3176.120908][T21541] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3176.126909][T21541] wiphy_register+0x1c46/0x2720 [ 3176.131789][T21541] ? wiphy_unregister+0xf90/0xf90 [ 3176.136819][T21541] ? retint_kernel+0x2b/0x2b [ 3176.141434][T21541] ? ieee80211_cs_list_valid+0x198/0x280 [ 3176.147081][T21541] ieee80211_register_hw+0x141d/0x3760 [ 3176.152567][T21541] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3176.158040][T21541] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3176.163600][T21541] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3176.169596][T21541] ? memset+0x20/0x40 [ 3176.173587][T21541] ? __hrtimer_init+0x134/0x260 [ 3176.178454][T21541] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3176.184179][T21541] ? vprintk_func+0x81/0x17e [ 3176.188804][T21541] ? hwsim_register_received_nl+0x400/0x400 [ 3176.194730][T21541] hwsim_new_radio_nl+0x905/0xf60 [ 3176.199773][T21541] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3176.205671][T21541] ? security_capable+0x57/0xc0 [ 3176.210527][T21541] ? cap_capable+0x1eb/0x250 [ 3176.215145][T21541] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3176.221486][T21541] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3176.227835][T21541] genl_rcv_msg+0x627/0xdf0 [ 3176.232364][T21541] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3176.238699][T21541] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3176.243999][T21541] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3176.249505][T21541] netlink_rcv_skb+0x15a/0x410 [ 3176.254280][T21541] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3176.260619][T21541] ? netlink_ack+0xa80/0xa80 [ 3176.265242][T21541] genl_rcv+0x24/0x40 [ 3176.269227][T21541] netlink_unicast+0x537/0x740 [ 3176.274007][T21541] ? netlink_attachskb+0x810/0x810 [ 3176.279121][T21541] ? security_netlink_send+0x13/0xa0 [ 3176.284415][T21541] ? security_netlink_send+0x1a/0xa0 [ 3176.289717][T21541] netlink_sendmsg+0x882/0xe10 [ 3176.294493][T21541] ? aa_af_perm+0x260/0x260 [ 3176.299008][T21541] ? netlink_unicast+0x740/0x740 [ 3176.303975][T21541] ? netlink_unicast+0x740/0x740 [ 3176.308921][T21541] sock_sendmsg+0xcf/0x120 [ 3176.313344][T21541] ____sys_sendmsg+0x6b9/0x7d0 [ 3176.318202][T21541] ? kernel_sendmsg+0x50/0x50 [ 3176.322891][T21541] ? mark_lock+0xbc/0x1220 [ 3176.327311][T21541] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3176.332791][T21541] ___sys_sendmsg+0x100/0x170 [ 3176.337485][T21541] ? sendmsg_copy_msghdr+0x70/0x70 [ 3176.342628][T21541] ? __fget_files+0x329/0x4f0 [ 3176.347333][T21541] ? ksys_dup3+0x3c0/0x3c0 [ 3176.351775][T21541] ? __fget_light+0x208/0x270 [ 3176.356474][T21541] __sys_sendmsg+0xec/0x1b0 [ 3176.360995][T21541] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3176.366035][T21541] ? __x64_sys_futex+0x380/0x4f0 [ 3176.371112][T21541] ? trace_hardirqs_off_caller+0x55/0x230 [ 3176.376841][T21541] ? do_syscall_64+0x21/0x7d0 [ 3176.381532][T21541] do_syscall_64+0xf6/0x7d0 [ 3176.386047][T21541] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3176.392110][T21541] RIP: 0033:0x45c849 [ 3176.396011][T21541] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3176.415640][T21541] RSP: 002b:00007f96f5f61c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3176.424063][T21541] RAX: ffffffffffffffda RBX: 00007f96f5f626d4 RCX: 000000000045c849 [ 3176.432042][T21541] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3176.440021][T21541] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 11:44:10 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011", 0x17}], 0x1}, 0x0) 11:44:10 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:10 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000200000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:44:10 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:10 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c00000000000000010000000100", @ANYRES32, @ANYRES32], 0x81}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:10 executing program 4: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32, @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32], 0x3c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3176.447997][T21541] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3176.455980][T21541] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3176.542268][T21550] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3176.561778][T21548] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3176.577135][T21548] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. 11:44:10 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000006000000000000000003f0000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:44:11 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e", 0x23}], 0x1}, 0x0) [ 3176.694488][T21548] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3176.694488][T21548] !' [ 3176.747924][T21548] CPU: 0 PID: 21548 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3176.756761][T21548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3176.766829][T21548] Call Trace: [ 3176.770134][T21548] dump_stack+0x188/0x20d [ 3176.774502][T21548] sysfs_warn_dup.cold+0x1c/0x2d [ 3176.779451][T21548] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3176.785533][T21548] sysfs_create_link+0x61/0xc0 [ 3176.790304][T21548] device_add+0x71c/0x1bc0 [ 3176.794741][T21548] ? uevent_show+0x360/0x360 [ 3176.799380][T21548] wiphy_register+0x1c46/0x2720 [ 3176.803534][T21556] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3176.804249][T21548] ? wiphy_unregister+0xf90/0xf90 [ 3176.804271][T21548] ? retint_kernel+0x2b/0x2b [ 3176.822589][T21548] ? ieee80211_register_hw+0x2e13/0x3760 [ 3176.828242][T21548] ieee80211_register_hw+0x141d/0x3760 [ 3176.833730][T21548] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3176.839206][T21548] ? rcu_read_lock_sched_held+0x9c/0xd0 11:44:11 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000400000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3176.844760][T21548] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3176.850756][T21548] ? memset+0x20/0x40 [ 3176.854752][T21548] ? __hrtimer_init+0x134/0x260 [ 3176.859629][T21548] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3176.865409][T21548] ? hwsim_register_received_nl+0x400/0x400 [ 3176.871332][T21548] hwsim_new_radio_nl+0x905/0xf60 [ 3176.876369][T21548] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3176.881867][T21548] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3176.887776][T21548] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3176.893533][T21548] genl_rcv_msg+0x627/0xdf0 [ 3176.898064][T21548] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3176.904534][T21548] netlink_rcv_skb+0x15a/0x410 [ 3176.909315][T21548] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3176.915660][T21548] ? netlink_ack+0xa80/0xa80 [ 3176.920288][T21548] genl_rcv+0x24/0x40 [ 3176.924275][T21548] netlink_unicast+0x537/0x740 [ 3176.928344][T21558] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3176.929054][T21548] ? netlink_attachskb+0x810/0x810 [ 3176.929073][T21548] ? _copy_from_iter_full+0x25c/0x870 [ 3176.929089][T21548] ? __phys_addr_symbol+0x2c/0x70 [ 3176.929109][T21548] ? __check_object_size+0x171/0x437 [ 3176.959151][T21548] netlink_sendmsg+0x882/0xe10 [ 3176.963948][T21548] ? aa_af_perm+0x260/0x260 [ 3176.968463][T21548] ? netlink_unicast+0x740/0x740 [ 3176.973426][T21548] ? netlink_unicast+0x740/0x740 [ 3176.978370][T21548] sock_sendmsg+0xcf/0x120 [ 3176.982813][T21548] ____sys_sendmsg+0x6b9/0x7d0 [ 3176.987592][T21548] ? kernel_sendmsg+0x50/0x50 [ 3176.992279][T21548] ? mark_lock+0xbc/0x1220 11:44:11 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000480000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3176.996728][T21548] ___sys_sendmsg+0x100/0x170 [ 3177.001423][T21548] ? sendmsg_copy_msghdr+0x70/0x70 [ 3177.006567][T21548] ? __fget_files+0x329/0x4f0 [ 3177.011266][T21548] ? ksys_dup3+0x3c0/0x3c0 [ 3177.015690][T21548] ? lock_acquire+0x209/0x420 [ 3177.020400][T21548] ? __fget_light+0x208/0x270 [ 3177.025101][T21548] __sys_sendmsg+0xec/0x1b0 [ 3177.029621][T21548] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3177.034663][T21548] ? retint_kernel+0x2b/0x2b [ 3177.039883][T21548] ? __x64_sys_sendmsg+0xd/0xb0 [ 3177.044743][T21548] ? __sanitizer_cov_trace_pc+0x2e/0x50 [ 3177.050311][T21548] do_syscall_64+0xf6/0x7d0 [ 3177.054829][T21548] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3177.060730][T21548] RIP: 0033:0x45c849 [ 3177.064642][T21548] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3177.084253][T21548] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3177.092963][T21548] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3177.100948][T21548] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3177.108930][T21548] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3177.116917][T21548] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3177.123160][T21562] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3177.124892][T21548] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:44:11 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e", 0x23}], 0x1}, 0x0) 11:44:11 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000006000000000000000004c0000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3177.258219][T21547] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 3177.309962][T21547] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3177.366989][T21571] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3177.403095][T21547] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3177.403095][T21547] !' [ 3177.459557][T21547] CPU: 1 PID: 21547 Comm: syz-executor.3 Not tainted 5.6.0-rc6-syzkaller #0 [ 3177.468279][T21547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3177.478343][T21547] Call Trace: [ 3177.481649][T21547] dump_stack+0x188/0x20d [ 3177.486009][T21547] sysfs_warn_dup.cold+0x1c/0x2d [ 3177.490967][T21547] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3177.497052][T21547] sysfs_create_link+0x61/0xc0 [ 3177.501818][T21547] device_add+0x71c/0x1bc0 [ 3177.506240][T21547] ? uevent_show+0x360/0x360 [ 3177.510843][T21547] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3177.516947][T21547] wiphy_register+0x1c46/0x2720 [ 3177.521822][T21547] ? wiphy_unregister+0xf90/0xf90 [ 3177.526851][T21547] ? __kmalloc+0x629/0x7a0 [ 3177.531271][T21547] ? ieee80211_register_hw+0xbea/0x3760 [ 3177.536836][T21547] ? ieee80211_cs_list_valid+0x198/0x280 [ 3177.542481][T21547] ieee80211_register_hw+0x141d/0x3760 [ 3177.547967][T21547] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3177.553448][T21547] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3177.559006][T21547] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3177.564997][T21547] ? memset+0x20/0x40 [ 3177.568991][T21547] ? __hrtimer_init+0x134/0x260 [ 3177.573858][T21547] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3177.579583][T21547] ? vprintk_func+0x81/0x17e [ 3177.584208][T21547] ? hwsim_register_received_nl+0x400/0x400 [ 3177.590131][T21547] hwsim_new_radio_nl+0x905/0xf60 [ 3177.595176][T21547] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3177.601080][T21547] ? cap_capable+0x1eb/0x250 [ 3177.605697][T21547] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3177.612038][T21547] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3177.618391][T21547] genl_rcv_msg+0x627/0xdf0 [ 3177.622919][T21547] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3177.629291][T21547] ? mark_held_locks+0xe0/0xe0 [ 3177.634077][T21547] netlink_rcv_skb+0x15a/0x410 [ 3177.638856][T21547] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3177.645198][T21547] ? netlink_ack+0xa80/0xa80 [ 3177.649813][T21547] ? genl_rcv+0x9/0x40 [ 3177.653947][T21547] genl_rcv+0x24/0x40 [ 3177.657937][T21547] netlink_unicast+0x537/0x740 [ 3177.662729][T21547] ? netlink_attachskb+0x810/0x810 [ 3177.667961][T21547] netlink_sendmsg+0x882/0xe10 [ 3177.672750][T21547] ? aa_af_perm+0x260/0x260 [ 3177.677263][T21547] ? netlink_unicast+0x740/0x740 [ 3177.682226][T21547] ? netlink_unicast+0x740/0x740 [ 3177.687174][T21547] sock_sendmsg+0xcf/0x120 [ 3177.691609][T21547] ____sys_sendmsg+0x6b9/0x7d0 [ 3177.696387][T21547] ? kernel_sendmsg+0x50/0x50 [ 3177.701068][T21547] ? retint_kernel+0x2b/0x2b [ 3177.705689][T21547] ___sys_sendmsg+0x100/0x170 [ 3177.710385][T21547] ? sendmsg_copy_msghdr+0x70/0x70 [ 3177.715536][T21547] ? __fget_files+0x329/0x4f0 [ 3177.720231][T21547] ? ksys_dup3+0x3c0/0x3c0 [ 3177.724661][T21547] ? check_memory_region+0x11a/0x190 [ 3177.729964][T21547] ? __fget_light+0x208/0x270 [ 3177.734658][T21547] __sys_sendmsg+0xec/0x1b0 [ 3177.739174][T21547] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3177.744202][T21547] ? __x64_sys_futex+0x380/0x4f0 [ 3177.749164][T21547] ? trace_hardirqs_off_caller+0x55/0x230 [ 3177.754896][T21547] ? do_syscall_64+0x21/0x7d0 [ 3177.759586][T21547] do_syscall_64+0xf6/0x7d0 [ 3177.764103][T21547] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3177.769994][T21547] RIP: 0033:0x45c849 [ 3177.773893][T21547] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3177.793501][T21547] RSP: 002b:00007f413d0f4c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3177.801921][T21547] RAX: ffffffffffffffda RBX: 00007f413d0f56d4 RCX: 000000000045c849 [ 3177.809897][T21547] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3177.817873][T21547] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3177.825850][T21547] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3177.833832][T21547] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3177.853083][T21551] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3177.870380][T21551] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3177.893449][T21551] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3177.893449][T21551] !' [ 3177.920351][T21551] CPU: 1 PID: 21551 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3177.929070][T21551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3177.939125][T21551] Call Trace: [ 3177.942423][T21551] dump_stack+0x188/0x20d [ 3177.946775][T21551] sysfs_warn_dup.cold+0x1c/0x2d [ 3177.951722][T21551] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3177.957797][T21551] sysfs_create_link+0x61/0xc0 [ 3177.962564][T21551] device_add+0x71c/0x1bc0 [ 3177.966999][T21551] ? uevent_show+0x360/0x360 [ 3177.971607][T21551] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3177.977609][T21551] wiphy_register+0x1c46/0x2720 [ 3177.982487][T21551] ? wiphy_unregister+0xf90/0xf90 [ 3177.987518][T21551] ? __kmalloc+0x629/0x7a0 [ 3177.991948][T21551] ? ieee80211_register_hw+0xbea/0x3760 [ 3177.997515][T21551] ? ieee80211_cs_list_valid+0x198/0x280 [ 3178.003182][T21551] ieee80211_register_hw+0x141d/0x3760 [ 3178.008671][T21551] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3178.014141][T21551] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3178.019697][T21551] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3178.025688][T21551] ? memset+0x20/0x40 [ 3178.029673][T21551] ? __hrtimer_init+0x134/0x260 [ 3178.034642][T21551] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3178.040364][T21551] ? vprintk_func+0x81/0x17e [ 3178.044987][T21551] ? hwsim_register_received_nl+0x400/0x400 [ 3178.050905][T21551] hwsim_new_radio_nl+0x905/0xf60 [ 3178.055945][T21551] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3178.061842][T21551] ? cap_capable+0x1eb/0x250 [ 3178.066463][T21551] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3178.072799][T21551] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3178.079160][T21551] genl_rcv_msg+0x627/0xdf0 [ 3178.083699][T21551] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3178.090040][T21551] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3178.095348][T21551] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3178.100849][T21551] ? mark_held_locks+0x9f/0xe0 [ 3178.105635][T21551] netlink_rcv_skb+0x15a/0x410 [ 3178.110416][T21551] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3178.116760][T21551] ? netlink_ack+0xa80/0xa80 [ 3178.121363][T21551] ? retint_kernel+0x2b/0x2b [ 3178.125974][T21551] ? down_read+0x110/0x420 [ 3178.130410][T21551] genl_rcv+0x24/0x40 [ 3178.134404][T21551] netlink_unicast+0x537/0x740 [ 3178.139191][T21551] ? netlink_attachskb+0x810/0x810 [ 3178.144313][T21551] ? _copy_from_iter_full+0x25c/0x870 [ 3178.149705][T21551] ? __phys_addr_symbol+0x2c/0x70 [ 3178.154741][T21551] ? __check_object_size+0x171/0x437 [ 3178.160047][T21551] netlink_sendmsg+0x882/0xe10 [ 3178.164830][T21551] ? aa_af_perm+0x260/0x260 [ 3178.169352][T21551] ? netlink_unicast+0x740/0x740 [ 3178.174320][T21551] ? netlink_unicast+0x740/0x740 [ 3178.179267][T21551] sock_sendmsg+0xcf/0x120 [ 3178.183691][T21551] ____sys_sendmsg+0x6b9/0x7d0 [ 3178.188467][T21551] ? kernel_sendmsg+0x50/0x50 [ 3178.193154][T21551] ? mark_lock+0xbc/0x1220 [ 3178.197596][T21551] ___sys_sendmsg+0x100/0x170 [ 3178.202292][T21551] ? sendmsg_copy_msghdr+0x70/0x70 [ 3178.207439][T21551] ? __fget_files+0x329/0x4f0 [ 3178.212142][T21551] ? ksys_dup3+0x3c0/0x3c0 [ 3178.216564][T21551] ? lock_acquire+0x197/0x420 [ 3178.221257][T21551] ? __might_fault+0xef/0x1d0 [ 3178.225945][T21551] ? __might_fault+0xf4/0x1d0 [ 3178.230634][T21551] ? __fget_light+0x208/0x270 [ 3178.235326][T21551] __sys_sendmsg+0xec/0x1b0 [ 3178.239839][T21551] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3178.244972][T21551] ? __x64_sys_futex+0x380/0x4f0 [ 3178.249939][T21551] ? trace_hardirqs_off_caller+0x55/0x230 [ 3178.255672][T21551] ? do_syscall_64+0x21/0x7d0 [ 3178.260365][T21551] do_syscall_64+0xf6/0x7d0 [ 3178.264882][T21551] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3178.270778][T21551] RIP: 0033:0x45c849 [ 3178.274683][T21551] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3178.294381][T21551] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3178.302799][T21551] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3178.310778][T21551] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3178.318758][T21551] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3178.326733][T21551] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3178.334711][T21551] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3184.882472][T21578] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 3184.900400][T21578] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3184.938334][T21578] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3184.938334][T21578] !' [ 3184.948539][T21578] CPU: 0 PID: 21578 Comm: syz-executor.4 Not tainted 5.6.0-rc6-syzkaller #0 [ 3184.957229][T21578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3184.967293][T21578] Call Trace: [ 3184.970603][T21578] dump_stack+0x188/0x20d [ 3184.974957][T21578] sysfs_warn_dup.cold+0x1c/0x2d [ 3184.979906][T21578] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3184.985989][T21578] sysfs_create_link+0x61/0xc0 [ 3184.990769][T21578] device_add+0x71c/0x1bc0 [ 3184.995212][T21578] ? uevent_show+0x360/0x360 [ 3184.999814][T21578] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3185.005814][T21578] wiphy_register+0x1c46/0x2720 [ 3185.010692][T21578] ? wiphy_unregister+0xf90/0xf90 [ 3185.015732][T21578] ? ieee80211_cs_list_valid+0x23/0x280 [ 3185.021296][T21578] ? ieee80211_cs_list_valid+0x193/0x280 [ 3185.026940][T21578] ? ieee80211_cs_list_valid+0x198/0x280 [ 3185.032594][T21578] ieee80211_register_hw+0x141d/0x3760 [ 3185.038084][T21578] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3185.043555][T21578] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3185.049115][T21578] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3185.055109][T21578] ? memset+0x20/0x40 [ 3185.059100][T21578] ? __hrtimer_init+0x134/0x260 [ 3185.063967][T21578] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3185.069685][T21578] ? vprintk_func+0x81/0x17e [ 3185.074313][T21578] ? hwsim_register_received_nl+0x400/0x400 [ 3185.080231][T21578] hwsim_new_radio_nl+0x905/0xf60 [ 3185.085274][T21578] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3185.091176][T21578] ? cap_capable+0x1eb/0x250 [ 3185.095801][T21578] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3185.102142][T21578] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3185.108492][T21578] genl_rcv_msg+0x627/0xdf0 [ 3185.113020][T21578] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3185.119384][T21578] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3185.124874][T21578] netlink_rcv_skb+0x15a/0x410 [ 3185.129655][T21578] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3185.136025][T21578] ? netlink_ack+0xa80/0xa80 [ 3185.140653][T21578] genl_rcv+0x24/0x40 [ 3185.144649][T21578] netlink_unicast+0x537/0x740 [ 3185.149437][T21578] ? netlink_attachskb+0x810/0x810 [ 3185.154593][T21578] ? _copy_from_iter_full+0x25c/0x870 [ 3185.159981][T21578] ? __phys_addr_symbol+0x2c/0x70 [ 3185.165012][T21578] ? __check_object_size+0x171/0x437 [ 3185.170350][T21578] netlink_sendmsg+0x882/0xe10 [ 3185.175136][T21578] ? retint_kernel+0x2b/0x2b [ 3185.179740][T21578] ? netlink_unicast+0x740/0x740 [ 3185.184685][T21578] ? netlink_unicast+0x740/0x740 [ 3185.189650][T21578] ? netlink_unicast+0x740/0x740 [ 3185.194597][T21578] sock_sendmsg+0xcf/0x120 [ 3185.199021][T21578] ____sys_sendmsg+0x6b9/0x7d0 [ 3185.203807][T21578] ? kernel_sendmsg+0x50/0x50 [ 3185.208496][T21578] ? mark_lock+0xbc/0x1220 [ 3185.212938][T21578] ___sys_sendmsg+0x100/0x170 [ 3185.217640][T21578] ? sendmsg_copy_msghdr+0x70/0x70 [ 3185.222786][T21578] ? __fget_files+0x329/0x4f0 [ 3185.227480][T21578] ? ksys_dup3+0x3c0/0x3c0 [ 3185.231901][T21578] ? lock_acquire+0x209/0x420 [ 3185.236602][T21578] ? __fget_light+0x208/0x270 [ 3185.241296][T21578] __sys_sendmsg+0xec/0x1b0 [ 3185.245809][T21578] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3185.250836][T21578] ? __x64_sys_futex+0x380/0x4f0 [ 3185.255802][T21578] ? trace_hardirqs_off_caller+0x55/0x230 [ 3185.261563][T21578] ? do_syscall_64+0x21/0x7d0 [ 3185.266252][T21578] do_syscall_64+0xf6/0x7d0 [ 3185.270768][T21578] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3185.276668][T21578] RIP: 0033:0x45c849 [ 3185.280568][T21578] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3185.300177][T21578] RSP: 002b:00007f96f5f61c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3185.308606][T21578] RAX: ffffffffffffffda RBX: 00007f96f5f626d4 RCX: 000000000045c849 [ 3185.316596][T21578] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3185.324605][T21578] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3185.332587][T21578] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3185.340566][T21578] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:44:19 executing program 4: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32, @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32], 0x3c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:19 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:19 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e", 0x23}], 0x1}, 0x0) 11:44:19 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000600000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:44:19 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:19 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3185.462157][T21585] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:44:19 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000", 0x29}], 0x1}, 0x0) [ 3185.505601][T21584] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3185.545688][T21584] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. 11:44:19 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000680000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3185.622131][T21584] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3185.622131][T21584] !' [ 3185.674996][T21584] CPU: 0 PID: 21584 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3185.683721][T21584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3185.693776][T21584] Call Trace: [ 3185.697081][T21584] dump_stack+0x188/0x20d [ 3185.701434][T21584] sysfs_warn_dup.cold+0x1c/0x2d [ 3185.706385][T21584] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3185.712472][T21584] sysfs_create_link+0x61/0xc0 [ 3185.717252][T21584] device_add+0x71c/0x1bc0 [ 3185.721689][T21584] ? uevent_show+0x360/0x360 [ 3185.726310][T21584] wiphy_register+0x1c46/0x2720 [ 3185.731190][T21584] ? wiphy_unregister+0xf90/0xf90 [ 3185.736240][T21584] ? retint_kernel+0x2b/0x2b [ 3185.740862][T21584] ? ieee80211_register_hw+0x132e/0x3760 [ 3185.746512][T21584] ieee80211_register_hw+0x141d/0x3760 [ 3185.752007][T21584] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3185.757485][T21584] ? retint_kernel+0x2b/0x2b [ 3185.762132][T21584] ? __hrtimer_init+0x134/0x260 [ 3185.767003][T21584] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3185.772758][T21584] ? hwsim_register_received_nl+0x400/0x400 [ 3185.778675][T21584] hwsim_new_radio_nl+0x905/0xf60 [ 3185.783705][T21584] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3185.789008][T21584] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3185.795053][T21584] genl_rcv_msg+0x627/0xdf0 [ 3185.799580][T21584] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3185.805913][T21584] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3185.811208][T21584] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3185.816715][T21584] netlink_rcv_skb+0x15a/0x410 [ 3185.821500][T21584] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3185.827840][T21584] ? netlink_ack+0xa80/0xa80 [ 3185.832467][T21584] genl_rcv+0x24/0x40 [ 3185.836455][T21584] netlink_unicast+0x537/0x740 [ 3185.841234][T21584] ? netlink_attachskb+0x810/0x810 [ 3185.846355][T21584] ? _copy_from_iter_full+0x25c/0x870 [ 3185.851741][T21584] ? __phys_addr_symbol+0x2c/0x70 [ 3185.856778][T21584] ? __check_object_size+0x171/0x437 [ 3185.862082][T21584] netlink_sendmsg+0x882/0xe10 [ 3185.866865][T21584] ? aa_af_perm+0x260/0x260 [ 3185.871376][T21584] ? netlink_unicast+0x740/0x740 [ 3185.876696][T21584] ? netlink_unicast+0x740/0x740 [ 3185.881649][T21584] sock_sendmsg+0xcf/0x120 [ 3185.886082][T21584] ____sys_sendmsg+0x6b9/0x7d0 [ 3185.890854][T21584] ? kernel_sendmsg+0x50/0x50 [ 3185.895563][T21584] ___sys_sendmsg+0x100/0x170 [ 3185.900256][T21584] ? sendmsg_copy_msghdr+0x70/0x70 [ 3185.905396][T21584] ? __fget_files+0x329/0x4f0 [ 3185.910089][T21584] ? ksys_dup3+0x3c0/0x3c0 [ 3185.914521][T21584] ? _raw_spin_unlock_irq+0x4b/0x80 [ 3185.919738][T21584] ? __fget_light+0x208/0x270 [ 3185.924435][T21584] __sys_sendmsg+0xec/0x1b0 [ 3185.928948][T21584] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3185.934002][T21584] ? trace_hardirqs_off_caller+0x55/0x230 [ 3185.939736][T21584] ? do_syscall_64+0x21/0x7d0 [ 3185.944427][T21584] do_syscall_64+0xf6/0x7d0 [ 3185.948945][T21584] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3185.954837][T21584] RIP: 0033:0x45c849 [ 3185.958739][T21584] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3185.978348][T21584] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3185.986768][T21584] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3185.994749][T21584] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3186.002727][T21584] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3186.010706][T21584] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3186.018681][T21584] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:44:20 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000", 0x29}], 0x1}, 0x0) 11:44:20 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000006000000000000000006c0000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3186.045503][T21595] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3186.095977][T21586] netlink: 'syz-executor.3': attribute type 8 has an invalid length. 11:44:20 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x82}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3186.139989][T21586] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3186.161346][T21599] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:44:20 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000740000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3186.272781][T21586] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3186.272781][T21586] !' [ 3186.324967][T21586] CPU: 1 PID: 21586 Comm: syz-executor.3 Not tainted 5.6.0-rc6-syzkaller #0 [ 3186.333687][T21586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3186.343753][T21586] Call Trace: [ 3186.347063][T21586] dump_stack+0x188/0x20d [ 3186.351419][T21586] sysfs_warn_dup.cold+0x1c/0x2d [ 3186.356372][T21586] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3186.362456][T21586] sysfs_create_link+0x61/0xc0 [ 3186.367230][T21586] device_add+0x71c/0x1bc0 [ 3186.371901][T21586] ? uevent_show+0x360/0x360 [ 3186.376524][T21586] wiphy_register+0x1c46/0x2720 [ 3186.381411][T21586] ? wiphy_unregister+0xf90/0xf90 [ 3186.382149][T21610] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3186.386452][T21586] ? ieee80211_cs_list_valid+0x23/0x280 [ 3186.386474][T21586] ? ieee80211_cs_list_valid+0x193/0x280 [ 3186.386498][T21586] ? ieee80211_cs_list_valid+0x198/0x280 [ 3186.411965][T21586] ieee80211_register_hw+0x141d/0x3760 [ 3186.417459][T21586] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3186.422938][T21586] ? retint_kernel+0x2b/0x2b [ 3186.427548][T21586] ? __hrtimer_init+0x134/0x260 [ 3186.432417][T21586] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3186.438155][T21586] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3186.443452][T21586] ? hwsim_register_received_nl+0x400/0x400 [ 3186.449337][T21586] ? kvasprintf+0xe9/0x150 [ 3186.453745][T21586] hwsim_new_radio_nl+0x905/0xf60 [ 3186.458766][T21586] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3186.464649][T21586] ? cap_capable+0x1eb/0x250 [ 3186.469254][T21586] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3186.475570][T21586] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3186.481904][T21586] genl_rcv_msg+0x627/0xdf0 [ 3186.486413][T21586] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3186.492727][T21586] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3186.498004][T21586] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3186.503475][T21586] netlink_rcv_skb+0x15a/0x410 [ 3186.508226][T21586] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3186.514542][T21586] ? netlink_ack+0xa80/0xa80 [ 3186.519139][T21586] genl_rcv+0x24/0x40 [ 3186.523107][T21586] netlink_unicast+0x537/0x740 [ 3186.527864][T21586] ? netlink_attachskb+0x810/0x810 [ 3186.532974][T21586] netlink_sendmsg+0x882/0xe10 [ 3186.537733][T21586] ? netlink_unicast+0x740/0x740 [ 3186.542667][T21586] ? netlink_unicast+0x740/0x740 [ 3186.547592][T21586] sock_sendmsg+0xcf/0x120 [ 3186.551999][T21586] ____sys_sendmsg+0x6b9/0x7d0 [ 3186.556753][T21586] ? kernel_sendmsg+0x50/0x50 [ 3186.561417][T21586] ? mark_lock+0xbc/0x1220 [ 3186.565830][T21586] ___sys_sendmsg+0x100/0x170 [ 3186.570496][T21586] ? sendmsg_copy_msghdr+0x70/0x70 [ 3186.575598][T21586] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3186.581043][T21586] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3186.586312][T21586] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3186.591762][T21586] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3186.597473][T21586] ? retint_kernel+0x2b/0x2b [ 3186.602148][T21586] ? sockfd_lookup_light+0x73/0x170 [ 3186.607347][T21586] ? sockfd_lookup_light+0x9c/0x170 [ 3186.612553][T21586] __sys_sendmsg+0xec/0x1b0 [ 3186.617048][T21586] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3186.622064][T21586] ? __x64_sys_futex+0x380/0x4f0 [ 3186.627010][T21586] ? trace_hardirqs_off_caller+0x55/0x230 [ 3186.632720][T21586] ? do_syscall_64+0x21/0x7d0 [ 3186.637387][T21586] do_syscall_64+0xf6/0x7d0 [ 3186.641901][T21586] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3186.647793][T21586] RIP: 0033:0x45c849 [ 3186.651689][T21586] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3186.671287][T21586] RSP: 002b:00007f413d0f4c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3186.679686][T21586] RAX: ffffffffffffffda RBX: 00007f413d0f56d4 RCX: 000000000045c849 [ 3186.687647][T21586] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3186.695612][T21586] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3186.703568][T21586] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3186.711523][T21586] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3186.768369][T21587] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3186.786305][T21587] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3186.801863][T21587] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3186.801863][T21587] !' [ 3186.842397][T21587] CPU: 0 PID: 21587 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3186.851122][T21587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3186.861190][T21587] Call Trace: [ 3186.864499][T21587] dump_stack+0x188/0x20d [ 3186.868852][T21587] sysfs_warn_dup.cold+0x1c/0x2d [ 3186.873813][T21587] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3186.879895][T21587] sysfs_create_link+0x61/0xc0 [ 3186.884672][T21587] device_add+0x71c/0x1bc0 [ 3186.889111][T21587] ? uevent_show+0x360/0x360 [ 3186.893717][T21587] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3186.899722][T21587] wiphy_register+0x1c46/0x2720 [ 3186.904608][T21587] ? wiphy_unregister+0xf90/0xf90 [ 3186.909645][T21587] ? __kmalloc+0x629/0x7a0 [ 3186.914072][T21587] ? ieee80211_register_hw+0xbea/0x3760 [ 3186.919636][T21587] ? ieee80211_cs_list_valid+0x198/0x280 [ 3186.925287][T21587] ieee80211_register_hw+0x141d/0x3760 [ 3186.930779][T21587] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3186.936255][T21587] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3186.941924][T21587] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3186.947931][T21587] ? memset+0x20/0x40 [ 3186.952073][T21587] ? __hrtimer_init+0x134/0x260 [ 3186.956956][T21587] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3186.962712][T21587] ? vprintk_func+0x81/0x17e [ 3186.967343][T21587] ? hwsim_register_received_nl+0x400/0x400 [ 3186.973268][T21587] hwsim_new_radio_nl+0x905/0xf60 [ 3186.978312][T21587] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3186.984213][T21587] ? cap_capable+0x1eb/0x250 [ 3186.988834][T21587] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3186.995169][T21587] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3187.001516][T21587] genl_rcv_msg+0x627/0xdf0 [ 3187.006045][T21587] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3187.012389][T21587] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3187.018120][T21587] ? retint_kernel+0x2b/0x2b [ 3187.022738][T21587] ? check_memory_region+0x11a/0x190 [ 3187.028043][T21587] netlink_rcv_skb+0x15a/0x410 [ 3187.032822][T21587] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3187.039163][T21587] ? netlink_ack+0xa80/0xa80 [ 3187.043786][T21587] genl_rcv+0x24/0x40 [ 3187.047774][T21587] netlink_unicast+0x537/0x740 [ 3187.052559][T21587] ? netlink_attachskb+0x810/0x810 [ 3187.057684][T21587] ? _copy_from_iter_full+0x25c/0x870 [ 3187.063068][T21587] ? __phys_addr_symbol+0x2c/0x70 [ 3187.068107][T21587] ? __check_object_size+0x171/0x437 [ 3187.073416][T21587] netlink_sendmsg+0x882/0xe10 [ 3187.078202][T21587] ? aa_af_perm+0x260/0x260 [ 3187.082725][T21587] ? netlink_unicast+0x740/0x740 [ 3187.087743][T21587] ? netlink_unicast+0x740/0x740 [ 3187.092693][T21587] sock_sendmsg+0xcf/0x120 [ 3187.097127][T21587] ____sys_sendmsg+0x6b9/0x7d0 [ 3187.101929][T21587] ? kernel_sendmsg+0x50/0x50 [ 3187.106624][T21587] ? mark_lock+0xbc/0x1220 [ 3187.111068][T21587] ___sys_sendmsg+0x100/0x170 [ 3187.115775][T21587] ? sendmsg_copy_msghdr+0x70/0x70 [ 3187.120916][T21587] ? __fget_files+0x329/0x4f0 [ 3187.125614][T21587] ? ksys_dup3+0x3c0/0x3c0 [ 3187.130046][T21587] ? __fget_light+0x88/0x270 [ 3187.134651][T21587] ? __fget_light+0x208/0x270 [ 3187.139352][T21587] __sys_sendmsg+0xec/0x1b0 [ 3187.143863][T21587] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3187.148891][T21587] ? __x64_sys_futex+0x380/0x4f0 [ 3187.153859][T21587] ? trace_hardirqs_off_caller+0x55/0x230 [ 3187.159594][T21587] ? do_syscall_64+0x21/0x7d0 [ 3187.164288][T21587] do_syscall_64+0xf6/0x7d0 [ 3187.168806][T21587] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3187.174753][T21587] RIP: 0033:0x45c849 [ 3187.178693][T21587] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3187.198303][T21587] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3187.206721][T21587] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3187.214700][T21587] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3187.222683][T21587] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3187.230659][T21587] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3187.238638][T21587] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3187.252182][T21605] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3187.270737][T21605] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3187.305670][T21605] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3187.305670][T21605] !' [ 3187.332459][T21605] CPU: 0 PID: 21605 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3187.341182][T21605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3187.351245][T21605] Call Trace: [ 3187.354560][T21605] dump_stack+0x188/0x20d [ 3187.358918][T21605] sysfs_warn_dup.cold+0x1c/0x2d [ 3187.363874][T21605] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3187.369956][T21605] sysfs_create_link+0x61/0xc0 [ 3187.374739][T21605] device_add+0x71c/0x1bc0 [ 3187.379174][T21605] ? uevent_show+0x360/0x360 [ 3187.383776][T21605] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3187.389779][T21605] wiphy_register+0x1c46/0x2720 [ 3187.394659][T21605] ? wiphy_unregister+0xf90/0xf90 [ 3187.399700][T21605] ? __kmalloc+0x629/0x7a0 [ 3187.404122][T21605] ? ieee80211_register_hw+0xbea/0x3760 [ 3187.409684][T21605] ? ieee80211_cs_list_valid+0x198/0x280 [ 3187.415335][T21605] ieee80211_register_hw+0x141d/0x3760 [ 3187.420822][T21605] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3187.426292][T21605] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3187.431843][T21605] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3187.437835][T21605] ? memset+0x20/0x40 [ 3187.441824][T21605] ? __hrtimer_init+0x134/0x260 [ 3187.446690][T21605] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3187.452419][T21605] ? vprintk_func+0x81/0x17e [ 3187.457047][T21605] ? hwsim_register_received_nl+0x400/0x400 [ 3187.462973][T21605] hwsim_new_radio_nl+0x905/0xf60 [ 3187.468021][T21605] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3187.473926][T21605] ? cap_capable+0x1eb/0x250 [ 3187.478543][T21605] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3187.484879][T21605] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3187.491230][T21605] genl_rcv_msg+0x627/0xdf0 [ 3187.495760][T21605] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3187.502128][T21605] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 3187.507951][T21605] netlink_rcv_skb+0x15a/0x410 [ 3187.512735][T21605] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3187.519073][T21605] ? netlink_ack+0xa80/0xa80 [ 3187.523698][T21605] genl_rcv+0x24/0x40 [ 3187.527692][T21605] netlink_unicast+0x537/0x740 [ 3187.532484][T21605] ? netlink_attachskb+0x810/0x810 [ 3187.537612][T21605] ? security_netlink_send+0x13/0xa0 [ 3187.542910][T21605] ? security_netlink_send+0x1a/0xa0 [ 3187.548215][T21605] netlink_sendmsg+0x882/0xe10 [ 3187.553000][T21605] ? aa_af_perm+0x260/0x260 [ 3187.557510][T21605] ? netlink_unicast+0x740/0x740 [ 3187.562474][T21605] ? netlink_unicast+0x740/0x740 [ 3187.567423][T21605] sock_sendmsg+0xcf/0x120 [ 3187.571848][T21605] ____sys_sendmsg+0x6b9/0x7d0 [ 3187.576621][T21605] ? kernel_sendmsg+0x50/0x50 [ 3187.581312][T21605] ? mark_lock+0xbc/0x1220 [ 3187.585753][T21605] ___sys_sendmsg+0x100/0x170 [ 3187.590449][T21605] ? sendmsg_copy_msghdr+0x70/0x70 [ 3187.595584][T21605] ? __fget_files+0x329/0x4f0 [ 3187.600278][T21605] ? ksys_dup3+0x3c0/0x3c0 [ 3187.604692][T21605] ? lock_acquire+0x209/0x420 [ 3187.609390][T21605] ? __fget_light+0x208/0x270 [ 3187.614103][T21605] __sys_sendmsg+0xec/0x1b0 [ 3187.618616][T21605] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3187.623646][T21605] ? __x64_sys_futex+0x380/0x4f0 [ 3187.628617][T21605] ? trace_hardirqs_off_caller+0x55/0x230 [ 3187.634343][T21605] ? do_syscall_64+0x21/0x7d0 [ 3187.639045][T21605] do_syscall_64+0xf6/0x7d0 [ 3187.643569][T21605] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3187.649470][T21605] RIP: 0033:0x45c849 [ 3187.653373][T21605] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3187.672982][T21605] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3187.681409][T21605] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3187.689396][T21605] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3187.697383][T21605] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3187.705387][T21605] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3187.713364][T21605] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3196.002455][T21617] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 3196.016955][T21617] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3196.058653][T21617] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3196.058653][T21617] !' [ 3196.068946][T21617] CPU: 0 PID: 21617 Comm: syz-executor.4 Not tainted 5.6.0-rc6-syzkaller #0 [ 3196.077641][T21617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3196.087822][T21617] Call Trace: [ 3196.091131][T21617] dump_stack+0x188/0x20d [ 3196.095482][T21617] sysfs_warn_dup.cold+0x1c/0x2d [ 3196.100436][T21617] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3196.106516][T21617] sysfs_create_link+0x61/0xc0 [ 3196.111293][T21617] device_add+0x71c/0x1bc0 [ 3196.115733][T21617] ? ieee80211_set_bitrate_flags+0x1b7/0x5c0 [ 3196.121730][T21617] ? uevent_show+0x360/0x360 [ 3196.126335][T21617] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3196.132337][T21617] wiphy_register+0x1c46/0x2720 [ 3196.137218][T21617] ? wiphy_unregister+0xf90/0xf90 [ 3196.142252][T21617] ? retint_kernel+0x2b/0x2b [ 3196.146870][T21617] ? ieee80211_register_hw+0x1226/0x3760 [ 3196.152524][T21617] ieee80211_register_hw+0x141d/0x3760 [ 3196.158026][T21617] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3196.163511][T21617] ? __hrtimer_init+0x134/0x260 [ 3196.168377][T21617] ? ieee80211_register_hw+0xb/0x3760 [ 3196.173765][T21617] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3196.179523][T21617] ? hwsim_register_received_nl+0x400/0x400 [ 3196.185422][T21617] ? vprintk_func+0x81/0x17e [ 3196.190133][T21617] hwsim_new_radio_nl+0x905/0xf60 [ 3196.195310][T21617] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3196.200613][T21617] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3196.206553][T21617] genl_rcv_msg+0x627/0xdf0 [ 3196.211088][T21617] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3196.217454][T21617] ? mark_held_locks+0x9f/0xe0 [ 3196.222240][T21617] netlink_rcv_skb+0x15a/0x410 [ 3196.227017][T21617] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3196.233358][T21617] ? netlink_ack+0xa80/0xa80 [ 3196.237956][T21617] ? retint_kernel+0x2b/0x2b [ 3196.242568][T21617] ? down_read+0x110/0x420 [ 3196.247000][T21617] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3196.253343][T21617] genl_rcv+0x24/0x40 [ 3196.257336][T21617] netlink_unicast+0x537/0x740 [ 3196.262126][T21617] ? netlink_attachskb+0x810/0x810 [ 3196.267246][T21617] ? _copy_from_iter_full+0x25c/0x870 [ 3196.272625][T21617] ? __phys_addr_symbol+0x2c/0x70 [ 3196.277657][T21617] ? __check_object_size+0x171/0x437 [ 3196.282962][T21617] netlink_sendmsg+0x882/0xe10 [ 3196.287737][T21617] ? aa_af_perm+0x260/0x260 [ 3196.292247][T21617] ? netlink_unicast+0x740/0x740 [ 3196.297214][T21617] ? netlink_unicast+0x740/0x740 [ 3196.302160][T21617] sock_sendmsg+0xcf/0x120 [ 3196.306586][T21617] ____sys_sendmsg+0x6b9/0x7d0 [ 3196.311360][T21617] ? kernel_sendmsg+0x50/0x50 [ 3196.316046][T21617] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3196.321535][T21617] ___sys_sendmsg+0x100/0x170 [ 3196.326232][T21617] ? sendmsg_copy_msghdr+0x70/0x70 [ 3196.331372][T21617] ? __fget_files+0x329/0x4f0 [ 3196.336071][T21617] ? ksys_dup3+0x3c0/0x3c0 [ 3196.340515][T21617] ? __fget_light+0x208/0x270 [ 3196.345209][T21617] __sys_sendmsg+0xec/0x1b0 [ 3196.349721][T21617] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3196.354809][T21617] ? trace_hardirqs_off_caller+0x55/0x230 [ 3196.360540][T21617] ? do_syscall_64+0x21/0x7d0 [ 3196.365225][T21617] do_syscall_64+0xf6/0x7d0 [ 3196.369737][T21617] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3196.375647][T21617] RIP: 0033:0x45c849 [ 3196.379554][T21617] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3196.399163][T21617] RSP: 002b:00007f96f5f61c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3196.407588][T21617] RAX: ffffffffffffffda RBX: 00007f96f5f626d4 RCX: 000000000045c849 [ 3196.415569][T21617] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3196.423550][T21617] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3196.431530][T21617] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3196.439507][T21617] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:44:30 executing program 4: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32, @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32], 0x3c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:30 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:30 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000", 0x29}], 0x1}, 0x0) 11:44:30 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000006000000000000000007a0000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:44:30 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:30 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x82}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3196.571557][T21624] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:44:31 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700", 0x2c}], 0x1}, 0x0) 11:44:31 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000002000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3196.632585][T21626] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3196.659341][T21626] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3196.712820][T21626] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3196.712820][T21626] !' [ 3196.753018][T21626] CPU: 1 PID: 21626 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3196.761741][T21626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3196.771808][T21626] Call Trace: [ 3196.775122][T21626] dump_stack+0x188/0x20d [ 3196.779473][T21626] sysfs_warn_dup.cold+0x1c/0x2d [ 3196.784423][T21626] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3196.790510][T21626] sysfs_create_link+0x61/0xc0 [ 3196.795286][T21626] device_add+0x71c/0x1bc0 [ 3196.799717][T21626] ? uevent_show+0x360/0x360 [ 3196.804412][T21626] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3196.809370][T21634] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3196.810408][T21626] wiphy_register+0x1c46/0x2720 [ 3196.810442][T21626] ? wiphy_unregister+0xf90/0xf90 [ 3196.810458][T21626] ? retint_kernel+0x2b/0x2b [ 3196.810489][T21626] ? ieee80211_cs_list_valid+0x198/0x280 [ 3196.839206][T21626] ieee80211_register_hw+0x141d/0x3760 [ 3196.844694][T21626] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3196.850171][T21626] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3196.855732][T21626] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3196.861728][T21626] ? memset+0x20/0x40 [ 3196.865717][T21626] ? __hrtimer_init+0x134/0x260 [ 3196.870587][T21626] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3196.876311][T21626] ? vprintk_func+0x81/0x17e [ 3196.880918][T21626] ? hwsim_register_received_nl+0x400/0x400 [ 3196.886823][T21626] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3196.892122][T21626] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3196.897598][T21626] hwsim_new_radio_nl+0x905/0xf60 [ 3196.902625][T21626] ? retint_kernel+0x2b/0x2b [ 3196.907234][T21626] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3196.913160][T21626] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3196.919496][T21626] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3196.925861][T21626] genl_rcv_msg+0x627/0xdf0 [ 3196.930397][T21626] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3196.936755][T21626] ? retint_kernel+0x2b/0x2b [ 3196.941390][T21626] netlink_rcv_skb+0x15a/0x410 [ 3196.946168][T21626] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3196.951726][T21640] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3196.952505][T21626] ? netlink_ack+0xa80/0xa80 [ 3196.952543][T21626] genl_rcv+0x24/0x40 [ 3196.969753][T21626] netlink_unicast+0x537/0x740 [ 3196.974544][T21626] ? netlink_attachskb+0x810/0x810 [ 3196.979667][T21626] ? _copy_from_iter_full+0x25c/0x870 [ 3196.985170][T21626] ? __phys_addr_symbol+0x2c/0x70 [ 3196.990201][T21626] ? __check_object_size+0x171/0x437 [ 3196.995508][T21626] netlink_sendmsg+0x882/0xe10 [ 3197.000289][T21626] ? aa_af_perm+0x260/0x260 [ 3197.004806][T21626] ? netlink_unicast+0x740/0x740 [ 3197.009777][T21626] ? netlink_unicast+0x740/0x740 [ 3197.014728][T21626] sock_sendmsg+0xcf/0x120 [ 3197.019502][T21626] ____sys_sendmsg+0x6b9/0x7d0 [ 3197.024268][T21626] ? kernel_sendmsg+0x50/0x50 [ 3197.028964][T21626] ___sys_sendmsg+0x100/0x170 [ 3197.033654][T21626] ? sendmsg_copy_msghdr+0x70/0x70 [ 3197.038796][T21626] ? __fget_files+0x329/0x4f0 [ 3197.043497][T21626] ? ksys_dup3+0x3c0/0x3c0 [ 3197.047929][T21626] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3197.053658][T21626] ? retint_kernel+0x2b/0x2b [ 3197.058264][T21626] ? __fget_light+0x208/0x270 [ 3197.062964][T21626] __sys_sendmsg+0xec/0x1b0 [ 3197.067478][T21626] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3197.072615][T21626] ? __x64_sys_futex+0x380/0x4f0 [ 3197.077584][T21626] ? trace_hardirqs_off_caller+0x55/0x230 [ 3197.083317][T21626] ? do_syscall_64+0x21/0x7d0 [ 3197.088012][T21626] do_syscall_64+0xf6/0x7d0 [ 3197.092537][T21626] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3197.098455][T21626] RIP: 0033:0x45c849 [ 3197.102356][T21626] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3197.121985][T21626] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3197.130415][T21626] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3197.138397][T21626] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3197.146376][T21626] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 11:44:31 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700", 0x2c}], 0x1}, 0x0) 11:44:31 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000001000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:44:31 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700", 0x2c}], 0x1}, 0x0) 11:44:31 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000002000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3197.154356][T21626] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3197.162332][T21626] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3197.189117][T21646] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3197.403306][T21627] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 3197.415162][T21627] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3197.437786][T21627] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3197.437786][T21627] !' [ 3197.458990][T21627] CPU: 1 PID: 21627 Comm: syz-executor.3 Not tainted 5.6.0-rc6-syzkaller #0 [ 3197.467703][T21627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3197.477768][T21627] Call Trace: [ 3197.481078][T21627] dump_stack+0x188/0x20d [ 3197.485415][T21627] sysfs_warn_dup.cold+0x1c/0x2d [ 3197.490357][T21627] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3197.496440][T21627] sysfs_create_link+0x61/0xc0 [ 3197.501224][T21627] device_add+0x71c/0x1bc0 [ 3197.505660][T21627] ? uevent_show+0x360/0x360 [ 3197.510262][T21627] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3197.516268][T21627] wiphy_register+0x1c46/0x2720 [ 3197.521151][T21627] ? wiphy_unregister+0xf90/0xf90 [ 3197.526190][T21627] ? __kmalloc+0x629/0x7a0 [ 3197.530629][T21627] ? ieee80211_register_hw+0xbea/0x3760 [ 3197.536193][T21627] ? ieee80211_cs_list_valid+0x198/0x280 [ 3197.541852][T21627] ieee80211_register_hw+0x141d/0x3760 [ 3197.547346][T21627] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3197.552826][T21627] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3197.558389][T21627] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3197.564388][T21627] ? memset+0x20/0x40 [ 3197.568381][T21627] ? __hrtimer_init+0x134/0x260 [ 3197.573314][T21627] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3197.579056][T21627] ? vprintk_func+0x81/0x17e [ 3197.583684][T21627] ? hwsim_register_received_nl+0x400/0x400 [ 3197.589605][T21627] hwsim_new_radio_nl+0x905/0xf60 [ 3197.594662][T21627] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3197.600566][T21627] ? cap_capable+0x1eb/0x250 [ 3197.605181][T21627] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3197.611511][T21627] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3197.617860][T21627] genl_rcv_msg+0x627/0xdf0 [ 3197.622386][T21627] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3197.628727][T21627] ? mark_held_locks+0x9f/0xe0 [ 3197.633500][T21627] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3197.638983][T21627] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3197.644720][T21627] ? retint_kernel+0x2b/0x2b [ 3197.649332][T21627] netlink_rcv_skb+0x15a/0x410 [ 3197.654215][T21627] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3197.660559][T21627] ? netlink_ack+0xa80/0xa80 [ 3197.665186][T21627] genl_rcv+0x24/0x40 [ 3197.669183][T21627] netlink_unicast+0x537/0x740 [ 3197.673963][T21627] ? netlink_attachskb+0x810/0x810 [ 3197.679080][T21627] ? _copy_from_iter_full+0x25c/0x870 [ 3197.684458][T21627] ? __phys_addr_symbol+0x2c/0x70 [ 3197.689490][T21627] ? __check_object_size+0x171/0x437 [ 3197.694790][T21627] netlink_sendmsg+0x882/0xe10 [ 3197.699569][T21627] ? aa_af_perm+0x260/0x260 [ 3197.704076][T21627] ? netlink_unicast+0x740/0x740 [ 3197.709039][T21627] ? netlink_unicast+0x740/0x740 [ 3197.713989][T21627] sock_sendmsg+0xcf/0x120 [ 3197.718412][T21627] ____sys_sendmsg+0x6b9/0x7d0 [ 3197.723184][T21627] ? kernel_sendmsg+0x50/0x50 [ 3197.727883][T21627] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3197.733369][T21627] ___sys_sendmsg+0x100/0x170 [ 3197.738050][T21627] ? retint_kernel+0x2b/0x2b [ 3197.742650][T21627] ? sendmsg_copy_msghdr+0x70/0x70 [ 3197.747779][T21627] ? __fget_files+0x307/0x4f0 [ 3197.752478][T21627] ? __fget_files+0x329/0x4f0 [ 3197.757180][T21627] ? ksys_dup3+0x3c0/0x3c0 [ 3197.761601][T21627] ? lock_acquire+0x197/0x420 [ 3197.766287][T21627] ? __might_fault+0xef/0x1d0 [ 3197.770987][T21627] ? __fget_light+0x208/0x270 [ 3197.775692][T21627] __sys_sendmsg+0xec/0x1b0 [ 3197.780204][T21627] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3197.785266][T21627] ? do_syscall_64+0x4f/0x7d0 [ 3197.789956][T21627] do_syscall_64+0xf6/0x7d0 [ 3197.794472][T21627] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3197.800370][T21627] RIP: 0033:0x45c849 [ 3197.804269][T21627] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3197.823988][T21627] RSP: 002b:00007f413d0f4c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3197.832407][T21627] RAX: ffffffffffffffda RBX: 00007f413d0f56d4 RCX: 000000000045c849 [ 3197.840382][T21627] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3197.848356][T21627] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3197.856328][T21627] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3197.864298][T21627] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3197.886191][T21622] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3197.908116][T21622] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3197.919771][T21622] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3197.919771][T21622] !' [ 3197.929985][T21622] CPU: 1 PID: 21622 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3197.938673][T21622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3197.948731][T21622] Call Trace: [ 3197.952034][T21622] dump_stack+0x188/0x20d [ 3197.956387][T21622] sysfs_warn_dup.cold+0x1c/0x2d [ 3197.961338][T21622] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3197.967421][T21622] sysfs_create_link+0x61/0xc0 [ 3197.972187][T21622] device_add+0x71c/0x1bc0 [ 3197.976609][T21622] ? uevent_show+0x360/0x360 [ 3197.981210][T21622] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3197.987215][T21622] wiphy_register+0x1c46/0x2720 [ 3197.992093][T21622] ? wiphy_unregister+0xf90/0xf90 [ 3197.997135][T21622] ? __kmalloc+0x629/0x7a0 [ 3198.001563][T21622] ? ieee80211_register_hw+0xbea/0x3760 [ 3198.007124][T21622] ? ieee80211_cs_list_valid+0x198/0x280 [ 3198.012770][T21622] ieee80211_register_hw+0x141d/0x3760 [ 3198.018252][T21622] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3198.023732][T21622] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3198.029281][T21622] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3198.035268][T21622] ? memset+0x20/0x40 [ 3198.039261][T21622] ? __hrtimer_init+0x134/0x260 [ 3198.044136][T21622] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3198.049864][T21622] ? vprintk_func+0x81/0x17e [ 3198.054487][T21622] ? hwsim_register_received_nl+0x400/0x400 [ 3198.060404][T21622] hwsim_new_radio_nl+0x905/0xf60 [ 3198.065436][T21622] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3198.071330][T21622] ? cap_capable+0x1eb/0x250 [ 3198.075942][T21622] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3198.082279][T21622] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3198.088623][T21622] genl_rcv_msg+0x627/0xdf0 [ 3198.093148][T21622] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3198.099506][T21622] ? ___preempt_schedule+0x16/0x18 [ 3198.104636][T21622] netlink_rcv_skb+0x15a/0x410 [ 3198.109420][T21622] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3198.115773][T21622] ? netlink_ack+0xa80/0xa80 [ 3198.120401][T21622] genl_rcv+0x24/0x40 [ 3198.124387][T21622] netlink_unicast+0x537/0x740 [ 3198.129163][T21622] ? netlink_attachskb+0x810/0x810 [ 3198.134306][T21622] netlink_sendmsg+0x882/0xe10 [ 3198.139100][T21622] ? netlink_unicast+0x740/0x740 [ 3198.144053][T21622] ? security_socket_sendmsg+0x45/0xb0 [ 3198.149533][T21622] ? netlink_unicast+0x740/0x740 [ 3198.154484][T21622] sock_sendmsg+0xcf/0x120 [ 3198.158911][T21622] ____sys_sendmsg+0x6b9/0x7d0 [ 3198.163684][T21622] ? kernel_sendmsg+0x50/0x50 [ 3198.168390][T21622] ___sys_sendmsg+0x100/0x170 [ 3198.173081][T21622] ? sendmsg_copy_msghdr+0x70/0x70 [ 3198.178218][T21622] ? __fget_files+0x329/0x4f0 [ 3198.182915][T21622] ? ksys_dup3+0x3c0/0x3c0 [ 3198.187340][T21622] ? _raw_spin_unlock_irq+0x4b/0x80 [ 3198.192566][T21622] ? __fget_light+0x208/0x270 [ 3198.197269][T21622] __sys_sendmsg+0xec/0x1b0 [ 3198.201786][T21622] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3198.206850][T21622] ? trace_hardirqs_off_caller+0x55/0x230 [ 3198.212582][T21622] ? do_syscall_64+0x21/0x7d0 [ 3198.217270][T21622] do_syscall_64+0xf6/0x7d0 [ 3198.221794][T21622] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3198.227692][T21622] RIP: 0033:0x45c849 [ 3198.231593][T21622] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3198.251196][T21622] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3198.259614][T21622] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3198.267585][T21622] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3198.275565][T21622] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3198.283536][T21622] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3198.291524][T21622] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:44:38 executing program 4: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32, @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32], 0x3c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:38 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1", 0x2d}], 0x1}, 0x0) 11:44:38 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000003000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:44:38 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x82}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:38 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:38 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3203.861802][T21661] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3203.886217][T21658] netlink: 'syz-executor.2': attribute type 8 has an invalid length. 11:44:38 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1", 0x2d}], 0x1}, 0x0) 11:44:38 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000004000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3203.928565][T21658] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3204.017482][T21658] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3204.017482][T21658] !' [ 3204.052810][T21658] CPU: 0 PID: 21658 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3204.061533][T21658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3204.071593][T21658] Call Trace: [ 3204.074899][T21658] dump_stack+0x188/0x20d [ 3204.079249][T21658] sysfs_warn_dup.cold+0x1c/0x2d [ 3204.084198][T21658] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3204.090303][T21658] sysfs_create_link+0x61/0xc0 [ 3204.095182][T21658] device_add+0x71c/0x1bc0 [ 3204.099618][T21658] ? ieee80211_set_bitrate_flags+0x1fa/0x5c0 [ 3204.105605][T21658] ? uevent_show+0x360/0x360 [ 3204.110207][T21658] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3204.116205][T21658] wiphy_register+0x1c46/0x2720 [ 3204.121086][T21658] ? wiphy_unregister+0xf90/0xf90 [ 3204.126134][T21658] ? retint_kernel+0x2b/0x2b [ 3204.130750][T21658] ? ieee80211_register_hw+0x13b6/0x3760 [ 3204.136395][T21658] ieee80211_register_hw+0x141d/0x3760 [ 3204.141887][T21658] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3204.147359][T21658] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3204.152913][T21658] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3204.158898][T21658] ? memset+0x20/0x40 [ 3204.162885][T21658] ? __hrtimer_init+0x134/0x260 [ 3204.167745][T21658] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3204.173472][T21658] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3204.178787][T21658] ? hwsim_register_received_nl+0x400/0x400 [ 3204.184690][T21658] ? hwsim_new_radio_nl+0x51b/0xf60 [ 3204.189896][T21658] hwsim_new_radio_nl+0x905/0xf60 [ 3204.194936][T21658] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3204.200836][T21658] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3204.206577][T21658] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3204.212913][T21658] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 11:44:38 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1", 0x2d}], 0x1}, 0x0) [ 3204.219265][T21658] genl_rcv_msg+0x627/0xdf0 [ 3204.223788][T21658] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3204.230158][T21658] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 3204.235980][T21658] netlink_rcv_skb+0x15a/0x410 [ 3204.240758][T21658] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3204.247096][T21658] ? netlink_ack+0xa80/0xa80 [ 3204.251723][T21658] genl_rcv+0x24/0x40 [ 3204.255711][T21658] netlink_unicast+0x537/0x740 [ 3204.260484][T21658] ? netlink_attachskb+0x810/0x810 [ 3204.265607][T21658] ? security_netlink_send+0x13/0xa0 [ 3204.270900][T21658] ? security_netlink_send+0x1a/0xa0 [ 3204.276215][T21658] netlink_sendmsg+0x882/0xe10 [ 3204.280991][T21658] ? retint_kernel+0x2b/0x2b [ 3204.285592][T21658] ? netlink_unicast+0x740/0x740 [ 3204.290538][T21658] ? netlink_unicast+0x740/0x740 [ 3204.295499][T21658] ? netlink_unicast+0x740/0x740 [ 3204.300451][T21658] sock_sendmsg+0xcf/0x120 [ 3204.304878][T21658] ____sys_sendmsg+0x6b9/0x7d0 [ 3204.309657][T21658] ? kernel_sendmsg+0x50/0x50 [ 3204.314434][T21658] ? mark_lock+0xbc/0x1220 11:44:38 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000005000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3204.318881][T21658] ___sys_sendmsg+0x100/0x170 [ 3204.323582][T21658] ? sendmsg_copy_msghdr+0x70/0x70 [ 3204.328727][T21658] ? __fget_files+0x329/0x4f0 [ 3204.333426][T21658] ? ksys_dup3+0x3c0/0x3c0 [ 3204.337849][T21658] ? lock_acquire+0x197/0x420 [ 3204.342543][T21658] ? __might_fault+0xef/0x1d0 [ 3204.347244][T21658] ? __fget_light+0x208/0x270 [ 3204.351941][T21658] __sys_sendmsg+0xec/0x1b0 [ 3204.356455][T21658] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3204.361492][T21658] ? __x64_sys_futex+0x380/0x4f0 [ 3204.366462][T21658] ? trace_hardirqs_off_caller+0x55/0x230 [ 3204.372201][T21658] ? do_syscall_64+0x21/0x7d0 [ 3204.376897][T21658] do_syscall_64+0xf6/0x7d0 [ 3204.381426][T21658] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3204.387327][T21658] RIP: 0033:0x45c849 [ 3204.391229][T21658] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3204.410839][T21658] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3204.419264][T21658] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3204.427243][T21658] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3204.433507][T21678] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3204.435217][T21658] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3204.435226][T21658] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3204.435235][T21658] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:44:38 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32], 0x3c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3204.486529][T21662] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3204.508917][T21662] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3204.571305][T21662] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3204.571305][T21662] !' [ 3204.582104][T21662] CPU: 0 PID: 21662 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3204.590797][T21662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3204.600863][T21662] Call Trace: [ 3204.604168][T21662] dump_stack+0x188/0x20d [ 3204.608538][T21662] sysfs_warn_dup.cold+0x1c/0x2d [ 3204.613499][T21662] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3204.619577][T21662] sysfs_create_link+0x61/0xc0 [ 3204.624334][T21662] device_add+0x71c/0x1bc0 [ 3204.628743][T21662] ? ieee80211_set_bitrate_flags+0x153/0x5c0 [ 3204.634726][T21662] ? uevent_show+0x360/0x360 [ 3204.639316][T21662] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3204.645297][T21662] wiphy_register+0x1c46/0x2720 [ 3204.650165][T21662] ? wiphy_unregister+0xf90/0xf90 [ 3204.655204][T21662] ? __kmalloc+0x629/0x7a0 [ 3204.659615][T21662] ? ieee80211_register_hw+0xbea/0x3760 [ 3204.665267][T21662] ? ieee80211_cs_list_valid+0x198/0x280 [ 3204.670894][T21662] ieee80211_register_hw+0x141d/0x3760 [ 3204.676366][T21662] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3204.681817][T21662] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3204.687350][T21662] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3204.693322][T21662] ? memset+0x20/0x40 [ 3204.697313][T21662] ? __hrtimer_init+0x134/0x260 [ 3204.702173][T21662] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3204.707911][T21662] ? hwsim_register_received_nl+0x400/0x400 [ 3204.713806][T21662] hwsim_new_radio_nl+0x905/0xf60 [ 3204.718836][T21662] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3204.724740][T21662] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3204.730462][T21662] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3204.736776][T21662] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3204.743117][T21662] genl_rcv_msg+0x627/0xdf0 [ 3204.747621][T21662] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3204.753938][T21662] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3204.759392][T21662] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3204.765111][T21662] ? netlink_rcv_skb+0x308/0x410 [ 3204.770045][T21662] netlink_rcv_skb+0x15a/0x410 [ 3204.774806][T21662] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3204.781123][T21662] ? netlink_ack+0xa80/0xa80 [ 3204.785717][T21662] genl_rcv+0x24/0x40 [ 3204.789684][T21662] netlink_unicast+0x537/0x740 [ 3204.794440][T21662] ? netlink_attachskb+0x810/0x810 [ 3204.799540][T21662] ? _copy_from_iter_full+0x25c/0x870 [ 3204.804895][T21662] ? __phys_addr_symbol+0x2c/0x70 [ 3204.809923][T21662] ? __check_object_size+0x171/0x437 [ 3204.815223][T21662] netlink_sendmsg+0x882/0xe10 [ 3204.819986][T21662] ? aa_af_perm+0x260/0x260 [ 3204.824493][T21662] ? netlink_unicast+0x740/0x740 [ 3204.829439][T21662] ? netlink_unicast+0x740/0x740 [ 3204.834376][T21662] sock_sendmsg+0xcf/0x120 [ 3204.838787][T21662] ____sys_sendmsg+0x6b9/0x7d0 [ 3204.843544][T21662] ? kernel_sendmsg+0x50/0x50 [ 3204.848212][T21662] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3204.853672][T21662] ___sys_sendmsg+0x100/0x170 [ 3204.858344][T21662] ? sendmsg_copy_msghdr+0x70/0x70 [ 3204.863457][T21662] ? __fget_files+0x329/0x4f0 [ 3204.868132][T21662] ? ksys_dup3+0x3c0/0x3c0 [ 3204.872534][T21662] ? lock_acquire+0x197/0x420 [ 3204.877200][T21662] ? __might_fault+0xef/0x1d0 [ 3204.881874][T21662] ? __fget_light+0x208/0x270 [ 3204.886543][T21662] __sys_sendmsg+0xec/0x1b0 [ 3204.891035][T21662] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3204.896047][T21662] ? retint_kernel+0x2b/0x2b [ 3204.900638][T21662] ? __x64_sys_sendmsg+0xd/0xb0 [ 3204.905499][T21662] ? __x64_sys_sendmsg+0x1e/0xb0 [ 3204.910435][T21662] do_syscall_64+0xf6/0x7d0 [ 3204.914941][T21662] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3204.920835][T21662] RIP: 0033:0x45c849 [ 3204.924722][T21662] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3204.944327][T21662] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3204.952727][T21662] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3204.960683][T21662] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3204.968638][T21662] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3204.976593][T21662] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3204.984550][T21662] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:44:39 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3205.028119][T21664] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 3205.047281][T21664] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3205.117791][T21664] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3205.117791][T21664] !' [ 3205.164066][T21664] CPU: 0 PID: 21664 Comm: syz-executor.3 Not tainted 5.6.0-rc6-syzkaller #0 [ 3205.172795][T21664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3205.182874][T21664] Call Trace: [ 3205.186170][T21664] dump_stack+0x188/0x20d [ 3205.190517][T21664] sysfs_warn_dup.cold+0x1c/0x2d [ 3205.195467][T21664] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3205.201550][T21664] sysfs_create_link+0x61/0xc0 [ 3205.206332][T21664] device_add+0x71c/0x1bc0 [ 3205.210772][T21664] ? uevent_show+0x360/0x360 [ 3205.215382][T21664] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3205.221388][T21664] wiphy_register+0x1c46/0x2720 [ 3205.226274][T21664] ? wiphy_unregister+0xf90/0xf90 [ 3205.231316][T21664] ? __kmalloc+0x629/0x7a0 [ 3205.235745][T21664] ? ieee80211_register_hw+0xbea/0x3760 [ 3205.241310][T21664] ? ieee80211_cs_list_valid+0x198/0x280 [ 3205.246962][T21664] ieee80211_register_hw+0x141d/0x3760 [ 3205.252452][T21664] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3205.257930][T21664] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3205.263490][T21664] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3205.269487][T21664] ? memset+0x20/0x40 [ 3205.273489][T21664] ? __hrtimer_init+0x134/0x260 [ 3205.278363][T21664] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3205.284103][T21664] ? vprintk_func+0x81/0x17e [ 3205.288733][T21664] ? hwsim_register_received_nl+0x400/0x400 [ 3205.294659][T21664] hwsim_new_radio_nl+0x905/0xf60 [ 3205.299715][T21664] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3205.305621][T21664] ? cap_capable+0x1eb/0x250 [ 3205.310238][T21664] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3205.316574][T21664] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3205.322942][T21664] genl_rcv_msg+0x627/0xdf0 [ 3205.327474][T21664] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3205.333813][T21664] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3205.339121][T21664] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3205.344628][T21664] netlink_rcv_skb+0x15a/0x410 [ 3205.349412][T21664] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3205.355752][T21664] ? netlink_ack+0xa80/0xa80 [ 3205.360382][T21664] ? down_read+0x1e/0x420 [ 3205.364742][T21664] genl_rcv+0x24/0x40 [ 3205.368735][T21664] netlink_unicast+0x537/0x740 [ 3205.373524][T21664] ? netlink_attachskb+0x810/0x810 [ 3205.378648][T21664] ? _copy_from_iter_full+0x25c/0x870 [ 3205.384031][T21664] ? __phys_addr_symbol+0x2c/0x70 [ 3205.389063][T21664] ? __check_object_size+0x171/0x437 [ 3205.394378][T21664] netlink_sendmsg+0x882/0xe10 [ 3205.399166][T21664] ? netlink_unicast+0x740/0x740 [ 3205.404133][T21664] ? security_socket_sendmsg+0x45/0xb0 [ 3205.409610][T21664] ? netlink_unicast+0x740/0x740 [ 3205.414563][T21664] sock_sendmsg+0xcf/0x120 [ 3205.419001][T21664] ____sys_sendmsg+0x6b9/0x7d0 [ 3205.423782][T21664] ? kernel_sendmsg+0x50/0x50 [ 3205.428478][T21664] ? mark_lock+0xbc/0x1220 [ 3205.432915][T21664] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3205.438413][T21664] ___sys_sendmsg+0x100/0x170 [ 3205.443113][T21664] ? sendmsg_copy_msghdr+0x70/0x70 [ 3205.448257][T21664] ? __fget_files+0x329/0x4f0 [ 3205.452957][T21664] ? ksys_dup3+0x3c0/0x3c0 [ 3205.457385][T21664] ? lock_acquire+0x197/0x420 [ 3205.462083][T21664] ? __might_fault+0xef/0x1d0 [ 3205.466884][T21664] ? __fget_light+0x208/0x270 [ 3205.471583][T21664] __sys_sendmsg+0xec/0x1b0 [ 3205.476103][T21664] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3205.481168][T21664] ? do_syscall_64+0xbc/0x7d0 [ 3205.485870][T21664] do_syscall_64+0xf6/0x7d0 [ 3205.490393][T21664] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3205.496293][T21664] RIP: 0033:0x45c849 [ 3205.500195][T21664] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3205.519805][T21664] RSP: 002b:00007f413d0f4c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3205.528234][T21664] RAX: ffffffffffffffda RBX: 00007f413d0f56d4 RCX: 000000000045c849 [ 3205.536229][T21664] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3205.544223][T21664] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3205.552204][T21664] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3205.560190][T21664] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3205.581130][T21682] netlink: 'syz-executor.0': attribute type 8 has an invalid length. [ 3205.615055][T21682] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3205.639471][T21682] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3205.639471][T21682] !' [ 3205.666732][T21682] CPU: 0 PID: 21682 Comm: syz-executor.0 Not tainted 5.6.0-rc6-syzkaller #0 [ 3205.675460][T21682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3205.685532][T21682] Call Trace: [ 3205.688838][T21682] dump_stack+0x188/0x20d [ 3205.693193][T21682] sysfs_warn_dup.cold+0x1c/0x2d [ 3205.698156][T21682] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3205.704242][T21682] sysfs_create_link+0x61/0xc0 [ 3205.709021][T21682] device_add+0x71c/0x1bc0 [ 3205.713467][T21682] ? uevent_show+0x360/0x360 [ 3205.718080][T21682] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3205.724084][T21682] wiphy_register+0x1c46/0x2720 [ 3205.728971][T21682] ? wiphy_unregister+0xf90/0xf90 [ 3205.734018][T21682] ? __kmalloc+0x629/0x7a0 [ 3205.738449][T21682] ? ieee80211_register_hw+0xbea/0x3760 [ 3205.744018][T21682] ? ieee80211_cs_list_valid+0x198/0x280 [ 3205.749668][T21682] ieee80211_register_hw+0x141d/0x3760 [ 3205.755162][T21682] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3205.760645][T21682] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3205.766205][T21682] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3205.772203][T21682] ? memset+0x20/0x40 [ 3205.776201][T21682] ? __hrtimer_init+0x134/0x260 [ 3205.781075][T21682] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3205.786808][T21682] ? vprintk_func+0x81/0x17e [ 3205.791435][T21682] ? hwsim_register_received_nl+0x400/0x400 [ 3205.797357][T21682] hwsim_new_radio_nl+0x905/0xf60 [ 3205.802406][T21682] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3205.808314][T21682] ? cap_capable+0x1eb/0x250 [ 3205.812940][T21682] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3205.819279][T21682] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3205.825631][T21682] genl_rcv_msg+0x627/0xdf0 [ 3205.830172][T21682] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3205.836629][T21682] ? retint_kernel+0x2b/0x2b [ 3205.841264][T21682] netlink_rcv_skb+0x15a/0x410 [ 3205.846046][T21682] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3205.852388][T21682] ? netlink_ack+0xa80/0xa80 [ 3205.857024][T21682] genl_rcv+0x24/0x40 [ 3205.861069][T21682] netlink_unicast+0x537/0x740 [ 3205.865876][T21682] ? netlink_attachskb+0x810/0x810 [ 3205.870997][T21682] ? _copy_from_iter_full+0x25c/0x870 [ 3205.876384][T21682] ? __phys_addr_symbol+0x2c/0x70 [ 3205.881432][T21682] ? __check_object_size+0x171/0x437 [ 3205.886745][T21682] netlink_sendmsg+0x882/0xe10 [ 3205.891549][T21682] ? netlink_unicast+0x740/0x740 [ 3205.896535][T21682] ? netlink_unicast+0x740/0x740 [ 3205.901483][T21682] sock_sendmsg+0xcf/0x120 [ 3205.905910][T21682] ____sys_sendmsg+0x6b9/0x7d0 [ 3205.910715][T21682] ? kernel_sendmsg+0x50/0x50 [ 3205.915444][T21682] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3205.921198][T21682] ___sys_sendmsg+0x100/0x170 [ 3205.925899][T21682] ? sendmsg_copy_msghdr+0x70/0x70 [ 3205.931041][T21682] ? __fget_files+0x329/0x4f0 [ 3205.935751][T21682] ? ksys_dup3+0x3c0/0x3c0 [ 3205.940213][T21682] ? lock_release+0x19/0x7c0 [ 3205.944830][T21682] ? __fget_light+0x208/0x270 [ 3205.949532][T21682] __sys_sendmsg+0xec/0x1b0 [ 3205.954048][T21682] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3205.959084][T21682] ? __x64_sys_futex+0x380/0x4f0 [ 3205.964055][T21682] ? trace_hardirqs_off_caller+0x55/0x230 [ 3205.969791][T21682] ? do_syscall_64+0x21/0x7d0 [ 3205.974492][T21682] do_syscall_64+0xf6/0x7d0 [ 3205.979018][T21682] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3205.984917][T21682] RIP: 0033:0x45c849 [ 3205.988819][T21682] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3206.008689][T21682] RSP: 002b:00007febc7569c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3206.017124][T21682] RAX: ffffffffffffffda RBX: 00007febc756a6d4 RCX: 000000000045c849 [ 3206.025118][T21682] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3206.033098][T21682] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3206.041110][T21682] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3206.049097][T21682] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3206.071327][T21686] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3206.079443][T21686] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3206.132305][T21686] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3206.132305][T21686] !' [ 3206.185196][T21686] CPU: 0 PID: 21686 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3206.193916][T21686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3206.203980][T21686] Call Trace: [ 3206.207289][T21686] dump_stack+0x188/0x20d [ 3206.211646][T21686] sysfs_warn_dup.cold+0x1c/0x2d [ 3206.216607][T21686] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3206.222717][T21686] sysfs_create_link+0x61/0xc0 [ 3206.227522][T21686] device_add+0x71c/0x1bc0 [ 3206.231965][T21686] ? uevent_show+0x360/0x360 [ 3206.236571][T21686] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3206.242573][T21686] wiphy_register+0x1c46/0x2720 [ 3206.247456][T21686] ? wiphy_unregister+0xf90/0xf90 [ 3206.252500][T21686] ? __kmalloc+0x629/0x7a0 [ 3206.256931][T21686] ? ieee80211_register_hw+0xbea/0x3760 [ 3206.262494][T21686] ? ieee80211_cs_list_valid+0x198/0x280 [ 3206.268142][T21686] ieee80211_register_hw+0x141d/0x3760 [ 3206.273633][T21686] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3206.279111][T21686] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3206.284670][T21686] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3206.290665][T21686] ? memset+0x20/0x40 [ 3206.294658][T21686] ? __hrtimer_init+0x134/0x260 [ 3206.299527][T21686] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3206.305257][T21686] ? vprintk_func+0x81/0x17e [ 3206.309882][T21686] ? hwsim_register_received_nl+0x400/0x400 [ 3206.315810][T21686] hwsim_new_radio_nl+0x905/0xf60 [ 3206.320871][T21686] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3206.326774][T21686] ? cap_capable+0x1eb/0x250 [ 3206.331402][T21686] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3206.337742][T21686] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3206.344096][T21686] genl_rcv_msg+0x627/0xdf0 [ 3206.348626][T21686] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3206.354989][T21686] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3206.360298][T21686] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3206.365779][T21686] netlink_rcv_skb+0x15a/0x410 [ 3206.370564][T21686] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3206.376908][T21686] ? netlink_ack+0xa80/0xa80 [ 3206.381535][T21686] genl_rcv+0x24/0x40 [ 3206.385530][T21686] netlink_unicast+0x537/0x740 [ 3206.390327][T21686] ? netlink_attachskb+0x810/0x810 [ 3206.395446][T21686] ? _copy_from_iter_full+0x25c/0x870 [ 3206.400830][T21686] ? __phys_addr_symbol+0x2c/0x70 [ 3206.405868][T21686] ? __check_object_size+0x171/0x437 [ 3206.411173][T21686] netlink_sendmsg+0x882/0xe10 [ 3206.415960][T21686] ? aa_af_perm+0x260/0x260 [ 3206.420474][T21686] ? netlink_unicast+0x740/0x740 [ 3206.425444][T21686] ? netlink_unicast+0x740/0x740 [ 3206.430401][T21686] sock_sendmsg+0xcf/0x120 [ 3206.434835][T21686] ____sys_sendmsg+0x6b9/0x7d0 [ 3206.439615][T21686] ? kernel_sendmsg+0x50/0x50 [ 3206.444311][T21686] ? mark_lock+0xbc/0x1220 [ 3206.448759][T21686] ___sys_sendmsg+0x100/0x170 [ 3206.453460][T21686] ? sendmsg_copy_msghdr+0x70/0x70 [ 3206.458603][T21686] ? __fget_files+0x329/0x4f0 [ 3206.463334][T21686] ? ksys_dup3+0x3c0/0x3c0 [ 3206.467762][T21686] ? lock_acquire+0x197/0x420 [ 3206.472450][T21686] ? __might_fault+0xef/0x1d0 [ 3206.477150][T21686] ? __fget_light+0x208/0x270 [ 3206.481856][T21686] __sys_sendmsg+0xec/0x1b0 [ 3206.486376][T21686] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3206.491419][T21686] ? __x64_sys_futex+0x380/0x4f0 [ 3206.496398][T21686] ? trace_hardirqs_off_caller+0x55/0x230 [ 3206.502140][T21686] ? do_syscall_64+0x21/0x7d0 [ 3206.506836][T21686] do_syscall_64+0xf6/0x7d0 [ 3206.511367][T21686] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3206.517262][T21686] RIP: 0033:0x45c849 [ 3206.521166][T21686] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3206.540774][T21686] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3206.549198][T21686] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3206.557180][T21686] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3206.565160][T21686] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3206.573273][T21686] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3206.581254][T21686] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:44:45 executing program 4 (fault-call:6 fault-nth:0): getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:45 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000006000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:44:45 executing program 2 (fault-call:12 fault-nth:0): socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:45 executing program 3 (fault-call:7 fault-nth:0): socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r3, &(0x7f0000000200)=""/202, 0xca, 0x0) 11:44:45 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32], 0x3c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:45 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3211.130017][T21700] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3211.179563][T21701] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3211.193356][T21694] FAULT_INJECTION: forcing a failure. [ 3211.193356][T21694] name failslab, interval 1, probability 0, space 0, times 0 [ 3211.208676][T21701] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3211.220397][T21694] CPU: 1 PID: 21694 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3211.229102][T21694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3211.239166][T21694] Call Trace: [ 3211.242480][T21694] dump_stack+0x188/0x20d [ 3211.246841][T21694] should_fail.cold+0x5/0xa [ 3211.251354][T21694] ? lock_downgrade+0x7f0/0x7f0 [ 3211.256222][T21694] ? fault_create_debugfs_attr+0x140/0x140 [ 3211.262065][T21694] should_failslab+0x5/0xf [ 3211.266505][T21694] kmem_cache_alloc_node_trace+0x27c/0x790 [ 3211.272328][T21694] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3211.277798][T21694] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3211.283102][T21694] __get_vm_area_node+0x126/0x3b0 [ 3211.288145][T21694] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3211.293882][T21694] __vmalloc_node_range+0xdc/0x7a0 [ 3211.299008][T21694] ? netlink_sendmsg+0x605/0xe10 [ 3211.303974][T21694] ? netlink_sendmsg+0x605/0xe10 [ 3211.308928][T21694] vmalloc+0x67/0x80 [ 3211.312839][T21694] ? netlink_sendmsg+0x605/0xe10 [ 3211.317795][T21694] netlink_sendmsg+0x605/0xe10 [ 3211.322585][T21694] ? aa_af_perm+0x260/0x260 [ 3211.327101][T21694] ? netlink_unicast+0x740/0x740 [ 3211.332071][T21694] ? netlink_unicast+0x740/0x740 [ 3211.337021][T21694] sock_sendmsg+0xcf/0x120 [ 3211.341449][T21694] ____sys_sendmsg+0x6b9/0x7d0 [ 3211.346234][T21694] ? kernel_sendmsg+0x50/0x50 [ 3211.350928][T21694] ? mark_lock+0xbc/0x1220 [ 3211.355371][T21694] ___sys_sendmsg+0x100/0x170 [ 3211.360068][T21694] ? sendmsg_copy_msghdr+0x70/0x70 [ 3211.365209][T21694] ? __fget_files+0x329/0x4f0 [ 3211.369913][T21694] ? ksys_dup3+0x3c0/0x3c0 [ 3211.374332][T21694] ? find_held_lock+0x2d/0x110 [ 3211.379107][T21694] ? vfs_write+0x342/0x5c0 [ 3211.383547][T21694] ? __fget_light+0x208/0x270 [ 3211.388249][T21694] __sys_sendmsg+0xec/0x1b0 [ 3211.392761][T21694] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3211.397800][T21694] ? vfs_write+0x15b/0x5c0 [ 3211.402247][T21694] ? trace_hardirqs_off_caller+0x55/0x230 [ 3211.407977][T21694] ? do_syscall_64+0x21/0x7d0 [ 3211.412682][T21694] do_syscall_64+0xf6/0x7d0 [ 3211.417214][T21694] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3211.423113][T21694] RIP: 0033:0x45c849 [ 3211.427013][T21694] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3211.446624][T21694] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3211.455050][T21694] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3211.463034][T21694] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3211.471014][T21694] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 11:44:45 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000007000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3211.478992][T21694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 3211.486973][T21694] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 0000000000000000 [ 3211.540701][T21694] syz-executor.2: vmalloc: allocation failure: 213312 bytes, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz2,mems_allowed=0-1 [ 3211.550674][T21701] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3211.550674][T21701] !' [ 3211.559255][T21694] CPU: 1 PID: 21694 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3211.572899][T21694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3211.573424][T21705] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3211.582950][T21694] Call Trace: [ 3211.582976][T21694] dump_stack+0x188/0x20d [ 3211.583001][T21694] warn_alloc.cold+0x87/0x164 [ 3211.583019][T21694] ? zone_watermark_ok_safe+0x260/0x260 [ 3211.583053][T21694] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3211.615334][T21694] ? __get_vm_area_node+0x2e2/0x3b0 [ 3211.620558][T21694] __vmalloc_node_range+0x452/0x7a0 [ 3211.625775][T21694] ? netlink_sendmsg+0x605/0xe10 [ 3211.630730][T21694] vmalloc+0x67/0x80 [ 3211.634640][T21694] ? netlink_sendmsg+0x605/0xe10 [ 3211.639618][T21694] netlink_sendmsg+0x605/0xe10 [ 3211.644400][T21694] ? aa_af_perm+0x260/0x260 [ 3211.648911][T21694] ? netlink_unicast+0x740/0x740 [ 3211.654090][T21694] ? netlink_unicast+0x740/0x740 [ 3211.659052][T21694] sock_sendmsg+0xcf/0x120 [ 3211.663483][T21694] ____sys_sendmsg+0x6b9/0x7d0 [ 3211.668257][T21694] ? kernel_sendmsg+0x50/0x50 [ 3211.672957][T21694] ? mark_lock+0xbc/0x1220 [ 3211.677395][T21694] ___sys_sendmsg+0x100/0x170 [ 3211.682088][T21694] ? sendmsg_copy_msghdr+0x70/0x70 [ 3211.687226][T21694] ? __fget_files+0x329/0x4f0 [ 3211.691919][T21694] ? ksys_dup3+0x3c0/0x3c0 [ 3211.696340][T21694] ? find_held_lock+0x2d/0x110 [ 3211.701116][T21694] ? vfs_write+0x342/0x5c0 [ 3211.705559][T21694] ? __fget_light+0x208/0x270 [ 3211.710253][T21694] __sys_sendmsg+0xec/0x1b0 [ 3211.714776][T21694] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3211.719812][T21694] ? vfs_write+0x15b/0x5c0 [ 3211.724260][T21694] ? trace_hardirqs_off_caller+0x55/0x230 [ 3211.729995][T21694] ? do_syscall_64+0x21/0x7d0 [ 3211.734681][T21694] do_syscall_64+0xf6/0x7d0 [ 3211.739206][T21694] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3211.745101][T21694] RIP: 0033:0x45c849 [ 3211.749004][T21694] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3211.768615][T21694] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3211.777039][T21694] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 11:44:46 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000006000000000000000feffff07000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3211.785017][T21694] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3211.792998][T21694] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3211.800978][T21694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 3211.808963][T21694] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 0000000000000000 [ 3211.817533][T21701] CPU: 0 PID: 21701 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3211.826228][T21701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3211.832633][T21694] Mem-Info: [ 3211.836402][T21701] Call Trace: [ 3211.836429][T21701] dump_stack+0x188/0x20d [ 3211.836456][T21701] sysfs_warn_dup.cold+0x1c/0x2d [ 3211.836475][T21701] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3211.836495][T21701] sysfs_create_link+0x61/0xc0 [ 3211.839832][T21694] active_anon:136607 inactive_anon:254 isolated_anon:0 [ 3211.839832][T21694] active_file:9720 inactive_file:156166 isolated_file:0 [ 3211.839832][T21694] unevictable:0 dirty:132 writeback:0 unstable:0 [ 3211.839832][T21694] slab_reclaimable:18513 slab_unreclaimable:99052 [ 3211.839832][T21694] mapped:61348 shmem:301 pagetables:3717 bounce:0 [ 3211.839832][T21694] free:1086389 free_pcp:619 free_cma:0 [ 3211.842867][T21701] device_add+0x71c/0x1bc0 [ 3211.842891][T21701] ? uevent_show+0x360/0x360 [ 3211.842912][T21701] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3211.842942][T21701] wiphy_register+0x1c46/0x2720 [ 3211.842975][T21701] ? wiphy_unregister+0xf90/0xf90 [ 3211.842991][T21701] ? retint_kernel+0x2b/0x2b [ 3211.843029][T21701] ? ieee80211_cs_list_valid+0x198/0x280 [ 3211.843053][T21701] ieee80211_register_hw+0x141d/0x3760 [ 3211.843088][T21701] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3211.843112][T21701] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3211.843128][T21701] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3211.843149][T21701] ? memset+0x20/0x40 [ 3211.843165][T21701] ? __hrtimer_init+0x134/0x260 [ 3211.843189][T21701] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3211.843229][T21701] ? hwsim_register_received_nl+0x400/0x400 [ 3211.843259][T21701] hwsim_new_radio_nl+0x905/0xf60 [ 3211.858437][T21694] Node 0 active_anon:546420kB inactive_anon:1016kB active_file:38740kB inactive_file:624664kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:245392kB dirty:524kB writeback:0kB shmem:1204kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 415744kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 3211.858541][T21701] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3211.858566][T21701] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3211.865776][T21694] Node 1 active_anon:8kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3211.901361][T21701] genl_rcv_msg+0x627/0xdf0 [ 3211.901391][T21701] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3211.901409][T21701] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3211.901428][T21701] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3211.901476][T21701] netlink_rcv_skb+0x15a/0x410 [ 3211.901495][T21701] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3211.901514][T21701] ? netlink_ack+0xa80/0xa80 11:44:46 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:46 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0000000000000000000000000060000000000000000000000a000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3211.901556][T21701] genl_rcv+0x24/0x40 [ 3211.901570][T21701] netlink_unicast+0x537/0x740 [ 3211.901596][T21701] ? netlink_attachskb+0x810/0x810 [ 3211.901629][T21701] netlink_sendmsg+0x882/0xe10 [ 3211.901656][T21701] ? netlink_unicast+0x740/0x740 [ 3211.901688][T21701] ? netlink_unicast+0x740/0x740 [ 3211.901706][T21701] sock_sendmsg+0xcf/0x120 [ 3211.901724][T21701] ____sys_sendmsg+0x6b9/0x7d0 [ 3211.901745][T21701] ? kernel_sendmsg+0x50/0x50 [ 3211.901765][T21701] ? mark_lock+0xbc/0x1220 [ 3211.901799][T21701] ___sys_sendmsg+0x100/0x170 [ 3211.901820][T21701] ? sendmsg_copy_msghdr+0x70/0x70 [ 3211.901854][T21701] ? __fget_files+0x329/0x4f0 [ 3211.901881][T21701] ? ksys_dup3+0x3c0/0x3c0 [ 3211.901904][T21701] ? __might_fault+0x158/0x1d0 [ 3211.901927][T21701] ? __fget_light+0x208/0x270 [ 3211.901954][T21701] __sys_sendmsg+0xec/0x1b0 [ 3211.901970][T21701] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3211.902028][T21701] do_syscall_64+0xf6/0x7d0 [ 3211.902050][T21701] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3211.902062][T21701] RIP: 0033:0x45c849 [ 3211.902078][T21701] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3211.902087][T21701] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3211.902101][T21701] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3211.902110][T21701] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3211.902118][T21701] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3211.902126][T21701] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3211.902135][T21701] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3211.931173][T21708] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:44:46 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000018000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3212.004837][T21694] Node 0 DMA free:11704kB min:220kB low:272kB high:324kB reserved_highatomic:0KB active_anon:4096kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3212.214667][T21712] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3212.240954][T21714] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3212.249057][T21712] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3212.350334][T21694] lowmem_reserve[]: 0 2521 2521 2521 2521 [ 3212.356114][T21694] Node 0 DMA32 free:581492kB min:48256kB low:57248kB high:66240kB reserved_highatomic:0KB active_anon:542412kB inactive_anon:1016kB active_file:38660kB inactive_file:624664kB unevictable:0kB writepending:540kB present:3129332kB managed:2584792kB mlocked:0kB kernel_stack:11600kB pagetables:15116kB bounce:0kB free_pcp:2272kB local_pcp:1144kB free_cma:0kB [ 3212.356425][T21717] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:44:46 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000020000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3212.475200][T21719] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3212.505761][T21712] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3212.505761][T21712] !' [ 3212.519584][T21712] CPU: 1 PID: 21712 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3212.528286][T21712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3212.538354][T21712] Call Trace: [ 3212.541665][T21712] dump_stack+0x188/0x20d [ 3212.546017][T21712] sysfs_warn_dup.cold+0x1c/0x2d [ 3212.550977][T21712] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3212.557063][T21712] sysfs_create_link+0x61/0xc0 [ 3212.561839][T21712] device_add+0x71c/0x1bc0 [ 3212.566291][T21712] ? ieee80211_set_bitrate_flags+0x116/0x5c0 [ 3212.572310][T21712] ? uevent_show+0x360/0x360 [ 3212.576923][T21712] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3212.580278][T21694] lowmem_reserve[]: 0 0 0 0 0 [ 3212.582919][T21712] wiphy_register+0x1c46/0x2720 [ 3212.587575][T21694] Node 0 Normal free:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:80kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:80kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3212.592432][T21712] ? wiphy_unregister+0xf90/0xf90 [ 3212.592460][T21712] ? ieee80211_cs_list_valid+0x1e/0x280 [ 3212.592484][T21712] ? ieee80211_cs_list_valid+0x198/0x280 [ 3212.636838][T21712] ieee80211_register_hw+0x141d/0x3760 [ 3212.642336][T21712] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3212.647806][T21712] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3212.653368][T21712] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3212.659363][T21712] ? memset+0x20/0x40 [ 3212.663377][T21712] ? __hrtimer_init+0x134/0x260 [ 3212.668255][T21712] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3212.674020][T21712] ? hwsim_register_received_nl+0x400/0x400 [ 3212.679971][T21712] hwsim_new_radio_nl+0x905/0xf60 [ 3212.685008][T21712] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3212.690274][T21694] lowmem_reserve[]: 0 0 0 0 0 [ 3212.690312][T21712] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3212.694970][T21694] Node 1 Normal free:3750916kB min:53916kB low:67392kB high:80868kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870200kB mlocked:0kB kernel_stack:16kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3212.700875][T21712] genl_rcv_msg+0x627/0xdf0 [ 3212.700903][T21712] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3212.700923][T21712] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3212.747457][T21712] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3212.752970][T21712] netlink_rcv_skb+0x15a/0x410 [ 3212.757745][T21712] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3212.764088][T21712] ? netlink_ack+0xa80/0xa80 [ 3212.768728][T21712] genl_rcv+0x24/0x40 [ 3212.772723][T21712] netlink_unicast+0x537/0x740 [ 3212.777503][T21712] ? netlink_attachskb+0x810/0x810 [ 3212.782623][T21712] ? _copy_from_iter_full+0x25c/0x870 [ 3212.788004][T21712] ? __phys_addr_symbol+0x2c/0x70 [ 3212.793036][T21712] ? __check_object_size+0x171/0x437 [ 3212.798350][T21712] netlink_sendmsg+0x882/0xe10 [ 3212.800272][T21694] lowmem_reserve[]: 0 0 0 0 0 [ 3212.803126][T21712] ? aa_af_perm+0x260/0x260 [ 3212.807780][T21694] Node 0 DMA: 26*4kB (UE) 26*8kB (UE) 18*16kB (UE) 15*32kB (UE) 12*64kB (UE) 9*128kB (UE) 6*256kB (UE) 4*512kB (UE) 1*1024kB (U) 2*2048kB (ME) 0*4096kB = 11704kB [ 3212.812290][T21712] ? netlink_unicast+0x740/0x740 [ 3212.812329][T21712] ? netlink_unicast+0x740/0x740 [ 3212.812352][T21712] sock_sendmsg+0xcf/0x120 [ 3212.842737][T21712] ____sys_sendmsg+0x6b9/0x7d0 [ 3212.847518][T21712] ? kernel_sendmsg+0x50/0x50 [ 3212.852206][T21712] ? mark_lock+0xbc/0x1220 [ 3212.856650][T21712] ___sys_sendmsg+0x100/0x170 [ 3212.861340][T21712] ? sendmsg_copy_msghdr+0x70/0x70 [ 3212.866487][T21712] ? __fget_files+0x329/0x4f0 [ 3212.870267][T21694] Node 0 DMA32: 2010*4kB (UME) 498*8kB (UME) 2154*16kB (UME) 2042*32kB (UME) 1222*64kB (UME) 705*128kB (UME) 393*256kB (UME) 225*512kB (UME) 83*1024kB (UME) 0*2048kB 0*4096kB = 581080kB [ 3212.871173][T21712] ? ksys_dup3+0x3c0/0x3c0 [ 3212.893847][T21712] ? __fget_light+0x208/0x270 [ 3212.898544][T21712] __sys_sendmsg+0xec/0x1b0 [ 3212.903054][T21712] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3212.908085][T21712] ? __x64_sys_futex+0x380/0x4f0 [ 3212.910259][T21694] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 3212.913038][T21712] ? trace_hardirqs_off_caller+0x55/0x230 [ 3212.930138][T21712] ? do_syscall_64+0x21/0x7d0 [ 3212.934839][T21712] do_syscall_64+0xf6/0x7d0 [ 3212.939366][T21712] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3212.945262][T21712] RIP: 0033:0x45c849 [ 3212.949162][T21712] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3212.950271][T21694] Node 1 Normal: 3*4kB (UM) 85*8kB (UME) 183*16kB (UME) 101*32kB (UME) 45*64kB (UM) 26*128kB (U) 17*256kB (UE) 10*512kB (U) 13*1024kB (UME) 12*2048kB (UME) 901*4096kB (UM) = 3750916kB [ 3212.968958][T21712] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3212.968972][T21712] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3212.968980][T21712] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3212.968987][T21712] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3212.968994][T21712] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3212.969002][T21712] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3213.038084][T21698] netlink: 'syz-executor.0': attribute type 8 has an invalid length. [ 3213.049787][T21698] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3213.070529][T21694] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 3213.083092][T21694] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 3213.087717][T21698] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3213.087717][T21698] !' [ 3213.094039][T21694] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 3213.114100][T21694] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 3213.123634][T21694] 48365 total pagecache pages [ 3213.128550][T21694] 0 pages in swap cache [ 3213.132938][T21694] Swap cache stats: add 0, delete 0, find 0/0 [ 3213.139126][T21694] Free swap = 0kB [ 3213.143250][T21698] CPU: 1 PID: 21698 Comm: syz-executor.0 Not tainted 5.6.0-rc6-syzkaller #0 [ 3213.151935][T21698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3213.162081][T21698] Call Trace: [ 3213.165397][T21698] dump_stack+0x188/0x20d [ 3213.169753][T21698] sysfs_warn_dup.cold+0x1c/0x2d [ 3213.174703][T21698] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3213.180789][T21698] sysfs_create_link+0x61/0xc0 [ 3213.185565][T21698] device_add+0x71c/0x1bc0 [ 3213.190001][T21698] ? uevent_show+0x360/0x360 [ 3213.194610][T21698] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3213.200616][T21698] wiphy_register+0x1c46/0x2720 [ 3213.205501][T21698] ? wiphy_unregister+0xf90/0xf90 [ 3213.210542][T21698] ? __kmalloc+0x629/0x7a0 [ 3213.215075][T21698] ? ieee80211_register_hw+0xbea/0x3760 [ 3213.220637][T21698] ? ieee80211_cs_list_valid+0x198/0x280 [ 3213.226285][T21698] ieee80211_register_hw+0x141d/0x3760 [ 3213.231774][T21698] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3213.237246][T21698] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3213.242835][T21698] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3213.248832][T21698] ? memset+0x20/0x40 [ 3213.252829][T21698] ? __hrtimer_init+0x134/0x260 [ 3213.257692][T21698] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3213.263418][T21698] ? vprintk_func+0x81/0x17e [ 3213.268043][T21698] ? hwsim_register_received_nl+0x400/0x400 [ 3213.273960][T21698] hwsim_new_radio_nl+0x905/0xf60 [ 3213.279002][T21698] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3213.284902][T21698] ? cap_capable+0x1eb/0x250 [ 3213.289519][T21698] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3213.295855][T21698] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3213.302204][T21698] genl_rcv_msg+0x627/0xdf0 [ 3213.306729][T21698] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3213.313058][T21698] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3213.318355][T21698] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3213.323866][T21698] netlink_rcv_skb+0x15a/0x410 [ 3213.328646][T21698] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3213.334983][T21698] ? netlink_ack+0xa80/0xa80 [ 3213.339606][T21698] genl_rcv+0x24/0x40 [ 3213.343592][T21698] netlink_unicast+0x537/0x740 [ 3213.348380][T21698] ? netlink_attachskb+0x810/0x810 [ 3213.353497][T21698] ? _copy_from_iter_full+0x25c/0x870 [ 3213.358876][T21698] ? __phys_addr_symbol+0x2c/0x70 [ 3213.363914][T21698] ? __check_object_size+0x171/0x437 [ 3213.369217][T21698] netlink_sendmsg+0x882/0xe10 [ 3213.374004][T21698] ? netlink_unicast+0x740/0x740 [ 3213.378972][T21698] ? netlink_unicast+0x740/0x740 [ 3213.383919][T21698] sock_sendmsg+0xcf/0x120 [ 3213.388353][T21698] ____sys_sendmsg+0x6b9/0x7d0 [ 3213.393131][T21698] ? kernel_sendmsg+0x50/0x50 [ 3213.397848][T21698] ___sys_sendmsg+0x100/0x170 [ 3213.402542][T21698] ? sendmsg_copy_msghdr+0x70/0x70 [ 3213.407686][T21698] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3213.413158][T21698] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3213.418456][T21698] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3213.423932][T21698] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3213.429660][T21698] ? retint_kernel+0x2b/0x2b [ 3213.434280][T21698] __sys_sendmsg+0xec/0x1b0 [ 3213.438799][T21698] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3213.443838][T21698] ? __x64_sys_futex+0x380/0x4f0 [ 3213.448806][T21698] ? trace_hardirqs_off_caller+0x55/0x230 [ 3213.454540][T21698] ? do_syscall_64+0x21/0x7d0 [ 3213.459233][T21698] do_syscall_64+0xf6/0x7d0 [ 3213.463772][T21698] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3213.469670][T21698] RIP: 0033:0x45c849 [ 3213.473570][T21698] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3213.493178][T21698] RSP: 002b:00007febc7569c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3213.501596][T21698] RAX: ffffffffffffffda RBX: 00007febc756a6d4 RCX: 000000000045c849 [ 3213.509571][T21698] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3213.517546][T21698] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3213.525520][T21698] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3213.533493][T21698] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3213.573549][T21694] Total swap = 0kB [ 3213.578160][T21694] 1965979 pages RAM [ 3213.582139][T21694] 0 pages HighMem/MovableOnly [ 3213.586888][T21694] 348234 pages reserved [ 3213.591666][T21694] 0 pages cma reserved 11:44:57 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:57 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r3, &(0x7f0000000200)=""/202, 0xca, 0x0) 11:44:57 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0000000000000000000000000060000000000000000000003f000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:44:57 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x82}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:57 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32], 0x3c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:44:57 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3222.881165][T21730] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:44:57 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000040000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3222.962177][T21740] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3222.995529][T21740] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3223.075380][T21744] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3223.095949][T21740] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3223.095949][T21740] !' [ 3223.109853][T21740] CPU: 1 PID: 21740 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3223.118558][T21740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3223.128617][T21740] Call Trace: [ 3223.131920][T21740] dump_stack+0x188/0x20d [ 3223.136277][T21740] sysfs_warn_dup.cold+0x1c/0x2d [ 3223.141229][T21740] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3223.147308][T21740] sysfs_create_link+0x61/0xc0 [ 3223.152083][T21740] device_add+0x71c/0x1bc0 [ 3223.156522][T21740] ? uevent_show+0x360/0x360 [ 3223.161130][T21740] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3223.167126][T21740] wiphy_register+0x1c46/0x2720 [ 3223.172004][T21740] ? wiphy_unregister+0xf90/0xf90 [ 3223.177038][T21740] ? retint_kernel+0x2b/0x2b [ 3223.181658][T21740] ? ieee80211_register_hw+0x1191/0x3760 [ 3223.187309][T21740] ieee80211_register_hw+0x141d/0x3760 [ 3223.192797][T21740] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3223.198266][T21740] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3223.203816][T21740] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3223.209804][T21740] ? memset+0x20/0x40 [ 3223.213797][T21740] ? __hrtimer_init+0x134/0x260 [ 3223.218664][T21740] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3223.224387][T21740] ? vprintk_func+0x81/0x17e [ 3223.229016][T21740] ? hwsim_register_received_nl+0x400/0x400 [ 3223.234936][T21740] hwsim_new_radio_nl+0x905/0xf60 [ 3223.239963][T21740] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3223.245262][T21740] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3223.251193][T21740] genl_rcv_msg+0x627/0xdf0 [ 3223.255823][T21740] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3223.262164][T21740] ? retint_kernel+0x2b/0x2b [ 3223.266788][T21740] netlink_rcv_skb+0x15a/0x410 [ 3223.271569][T21740] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3223.277910][T21740] ? netlink_ack+0xa80/0xa80 [ 3223.282546][T21740] genl_rcv+0x24/0x40 [ 3223.286533][T21740] netlink_unicast+0x537/0x740 [ 3223.291316][T21740] ? netlink_attachskb+0x810/0x810 [ 3223.296435][T21740] ? security_netlink_send+0x13/0xa0 [ 3223.301813][T21740] ? security_netlink_send+0x1a/0xa0 [ 3223.307112][T21740] netlink_sendmsg+0x882/0xe10 [ 3223.311900][T21740] ? aa_af_perm+0x260/0x260 [ 3223.316416][T21740] ? netlink_unicast+0x740/0x740 [ 3223.321381][T21740] ? netlink_unicast+0x740/0x740 [ 3223.326341][T21740] sock_sendmsg+0xcf/0x120 [ 3223.330783][T21740] ____sys_sendmsg+0x6b9/0x7d0 [ 3223.335564][T21740] ? kernel_sendmsg+0x50/0x50 [ 3223.340256][T21740] ? mark_lock+0xbc/0x1220 [ 3223.344697][T21740] ___sys_sendmsg+0x100/0x170 [ 3223.349385][T21740] ? sendmsg_copy_msghdr+0x70/0x70 [ 3223.354530][T21740] ? __fget_files+0x329/0x4f0 [ 3223.359237][T21740] ? ksys_dup3+0x3c0/0x3c0 [ 3223.363659][T21740] ? lock_acquire+0x197/0x420 [ 3223.368346][T21740] ? __might_fault+0xef/0x1d0 [ 3223.373048][T21740] ? __fget_light+0x208/0x270 [ 3223.377750][T21740] __sys_sendmsg+0xec/0x1b0 [ 3223.382267][T21740] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3223.387297][T21740] ? __x64_sys_futex+0x380/0x4f0 [ 3223.392259][T21740] ? trace_hardirqs_off_caller+0x55/0x230 [ 3223.397990][T21740] ? do_syscall_64+0x21/0x7d0 [ 3223.402684][T21740] do_syscall_64+0xf6/0x7d0 [ 3223.407207][T21740] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3223.413099][T21740] RIP: 0033:0x45c849 [ 3223.417008][T21740] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3223.436614][T21740] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3223.445036][T21740] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3223.453010][T21740] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3223.460985][T21740] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3223.468960][T21740] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 11:44:57 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000048000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3223.476933][T21740] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3223.515268][T21737] netlink: 'syz-executor.0': attribute type 8 has an invalid length. 11:44:57 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x82}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3223.524607][T21747] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3223.527055][T21737] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3223.597741][T21737] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3223.597741][T21737] !' [ 3223.616734][T21737] CPU: 1 PID: 21737 Comm: syz-executor.0 Not tainted 5.6.0-rc6-syzkaller #0 [ 3223.625455][T21737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3223.635525][T21737] Call Trace: [ 3223.638830][T21737] dump_stack+0x188/0x20d [ 3223.643183][T21737] sysfs_warn_dup.cold+0x1c/0x2d [ 3223.648137][T21737] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3223.654226][T21737] sysfs_create_link+0x61/0xc0 [ 3223.659010][T21737] device_add+0x71c/0x1bc0 [ 3223.663451][T21737] ? ieee80211_set_bitrate_flags+0x36f/0x5c0 [ 3223.669453][T21737] ? uevent_show+0x360/0x360 [ 3223.674205][T21737] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3223.680211][T21737] wiphy_register+0x1c46/0x2720 [ 3223.685090][T21737] ? wiphy_unregister+0xf90/0xf90 [ 3223.690138][T21737] ? ieee80211_cs_list_valid+0x198/0x280 [ 3223.695790][T21737] ? __sanitizer_cov_trace_pc+0x37/0x50 [ 3223.701356][T21737] ? ieee80211_cs_list_valid+0x198/0x280 [ 3223.707016][T21737] ieee80211_register_hw+0x141d/0x3760 [ 3223.712497][T21737] ? smp_apic_timer_interrupt+0xd1/0x600 [ 3223.718158][T21737] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3223.723644][T21737] ? check_memory_region+0x1c/0x190 [ 3223.728856][T21737] ? memset+0x20/0x40 [ 3223.732859][T21737] ? __hrtimer_init+0x134/0x260 [ 3223.737837][T21737] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3223.743600][T21737] ? hwsim_register_received_nl+0x400/0x400 [ 3223.749523][T21737] hwsim_new_radio_nl+0x905/0xf60 [ 3223.754564][T21737] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3223.760486][T21737] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3223.766827][T21737] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3223.773181][T21737] genl_rcv_msg+0x627/0xdf0 [ 3223.777723][T21737] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3223.784077][T21737] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3223.789562][T21737] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3223.795298][T21737] netlink_rcv_skb+0x15a/0x410 [ 3223.800069][T21737] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3223.806408][T21737] ? netlink_ack+0xa80/0xa80 [ 3223.811036][T21737] genl_rcv+0x24/0x40 [ 3223.815162][T21737] netlink_unicast+0x537/0x740 [ 3223.819945][T21737] ? netlink_attachskb+0x810/0x810 [ 3223.825065][T21737] ? _copy_from_iter_full+0x25c/0x870 [ 3223.830443][T21737] ? __phys_addr_symbol+0x2c/0x70 [ 3223.835472][T21737] ? __check_object_size+0x171/0x437 [ 3223.840777][T21737] netlink_sendmsg+0x882/0xe10 [ 3223.845558][T21737] ? retint_kernel+0x2b/0x2b [ 3223.850155][T21737] ? netlink_unicast+0x740/0x740 [ 3223.855095][T21737] ? netlink_unicast+0x740/0x740 [ 3223.860062][T21737] ? netlink_unicast+0x740/0x740 [ 3223.865008][T21737] sock_sendmsg+0xcf/0x120 [ 3223.869443][T21737] ____sys_sendmsg+0x6b9/0x7d0 [ 3223.874331][T21737] ? kernel_sendmsg+0x50/0x50 [ 3223.879024][T21737] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3223.884510][T21737] ___sys_sendmsg+0x100/0x170 [ 3223.889196][T21737] ? sendmsg_copy_msghdr+0x70/0x70 [ 3223.894334][T21737] ? __fget_files+0x329/0x4f0 [ 3223.899026][T21737] ? ksys_dup3+0x3c0/0x3c0 [ 3223.903443][T21737] ? lock_acquire+0x197/0x420 [ 3223.908131][T21737] ? __might_fault+0xef/0x1d0 [ 3223.912830][T21737] ? __fget_light+0x208/0x270 [ 3223.917523][T21737] __sys_sendmsg+0xec/0x1b0 [ 3223.922039][T21737] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3223.927226][T21737] ? trace_hardirqs_off_caller+0x55/0x230 [ 3223.932965][T21737] ? do_syscall_64+0x21/0x7d0 [ 3223.937657][T21737] do_syscall_64+0xf6/0x7d0 [ 3223.942175][T21737] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3223.948067][T21737] RIP: 0033:0x45c849 [ 3223.951962][T21737] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3223.971571][T21737] RSP: 002b:00007febc7569c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3223.979990][T21737] RAX: ffffffffffffffda RBX: 00007febc756a6d4 RCX: 000000000045c849 [ 3223.988140][T21737] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 11:44:58 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0000000000000000000000000060000000000000000000004c000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3223.996116][T21737] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3224.004097][T21737] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3224.012075][T21737] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3224.028924][T21753] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:44:58 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000060000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:44:58 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r3, &(0x7f0000000200)=""/202, 0xa, 0x0) [ 3224.067021][T21739] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3224.083674][T21739] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3224.151667][T21739] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3224.151667][T21739] !' [ 3224.172192][T21756] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3224.208035][T21739] CPU: 1 PID: 21739 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3224.216747][T21739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3224.226804][T21739] Call Trace: [ 3224.230103][T21739] dump_stack+0x188/0x20d [ 3224.234460][T21739] sysfs_warn_dup.cold+0x1c/0x2d [ 3224.239414][T21739] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3224.245498][T21739] sysfs_create_link+0x61/0xc0 [ 3224.250277][T21739] device_add+0x71c/0x1bc0 [ 3224.254710][T21739] ? uevent_show+0x360/0x360 [ 3224.259313][T21739] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3224.265312][T21739] wiphy_register+0x1c46/0x2720 [ 3224.270240][T21739] ? wiphy_unregister+0xf90/0xf90 [ 3224.275310][T21739] ? __kmalloc+0x629/0x7a0 [ 3224.308820][T21739] ? ieee80211_register_hw+0xbea/0x3760 [ 3224.314396][T21739] ? ieee80211_cs_list_valid+0x198/0x280 [ 3224.320047][T21739] ieee80211_register_hw+0x141d/0x3760 [ 3224.325529][T21739] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3224.331133][T21739] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3224.336686][T21739] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3224.345817][T21739] ? memset+0x20/0x40 [ 3224.349806][T21739] ? __hrtimer_init+0x134/0x260 [ 3224.354672][T21739] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3224.360397][T21739] ? vprintk_func+0x81/0x17e [ 3224.365020][T21739] ? hwsim_register_received_nl+0x400/0x400 [ 3224.370915][T21739] ? __nla_validate_parse+0x156/0x1cd0 [ 3224.376385][T21739] hwsim_new_radio_nl+0x905/0xf60 [ 3224.381419][T21739] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3224.387314][T21739] ? cap_capable+0x1eb/0x250 [ 3224.391927][T21739] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3224.398256][T21739] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3224.404599][T21739] genl_rcv_msg+0x627/0xdf0 [ 3224.409113][T21739] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3224.415470][T21739] ? ___preempt_schedule+0x16/0x18 [ 3224.420618][T21739] netlink_rcv_skb+0x15a/0x410 [ 3224.425394][T21739] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3224.431729][T21739] ? netlink_ack+0xa80/0xa80 [ 3224.436353][T21739] genl_rcv+0x24/0x40 [ 3224.440336][T21739] netlink_unicast+0x537/0x740 [ 3224.445113][T21739] ? netlink_attachskb+0x810/0x810 [ 3224.450224][T21739] ? _copy_from_iter_full+0x25c/0x870 [ 3224.455599][T21739] ? __phys_addr_symbol+0x2c/0x70 [ 3224.460626][T21739] ? __check_object_size+0x171/0x437 [ 3224.465917][T21739] netlink_sendmsg+0x882/0xe10 [ 3224.470694][T21739] ? aa_af_perm+0x260/0x260 [ 3224.475197][T21739] ? netlink_unicast+0x740/0x740 [ 3224.480155][T21739] ? netlink_unicast+0x740/0x740 [ 3224.485100][T21739] sock_sendmsg+0xcf/0x120 [ 3224.489524][T21739] ____sys_sendmsg+0x6b9/0x7d0 [ 3224.494296][T21739] ? kernel_sendmsg+0x50/0x50 [ 3224.498995][T21739] ? mark_lock+0xbc/0x1220 [ 3224.503430][T21739] ___sys_sendmsg+0x100/0x170 [ 3224.508114][T21739] ? sendmsg_copy_msghdr+0x70/0x70 [ 3224.513244][T21739] ? __fget_files+0x329/0x4f0 [ 3224.517933][T21739] ? ksys_dup3+0x3c0/0x3c0 [ 3224.522345][T21739] ? lock_acquire+0x197/0x420 [ 3224.527022][T21739] ? __might_fault+0xef/0x1d0 [ 3224.531720][T21739] ? __fget_light+0x208/0x270 [ 3224.536433][T21739] __sys_sendmsg+0xec/0x1b0 [ 3224.540939][T21739] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3224.545993][T21739] ? do_syscall_64+0x4f/0x7d0 [ 3224.550680][T21739] do_syscall_64+0xf6/0x7d0 [ 3224.555193][T21739] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3224.561524][T21739] RIP: 0033:0x45c849 [ 3224.565427][T21739] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3224.586604][T21739] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3224.595016][T21739] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3224.602983][T21739] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3224.610953][T21739] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3224.618924][T21739] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3224.626898][T21739] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3224.668953][T21751] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3224.692760][T21751] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3224.711903][T21751] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3224.711903][T21751] !' [ 3224.727809][T21751] CPU: 1 PID: 21751 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3224.736509][T21751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3224.746566][T21751] Call Trace: [ 3224.749868][T21751] dump_stack+0x188/0x20d [ 3224.754219][T21751] sysfs_warn_dup.cold+0x1c/0x2d [ 3224.759169][T21751] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3224.765242][T21751] sysfs_create_link+0x61/0xc0 [ 3224.770008][T21751] device_add+0x71c/0x1bc0 [ 3224.774453][T21751] ? uevent_show+0x360/0x360 [ 3224.779348][T21751] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3224.785356][T21751] wiphy_register+0x1c46/0x2720 [ 3224.790242][T21751] ? wiphy_unregister+0xf90/0xf90 [ 3224.795283][T21751] ? __kmalloc+0x629/0x7a0 [ 3224.799707][T21751] ? ieee80211_register_hw+0xbea/0x3760 [ 3224.805266][T21751] ? ieee80211_cs_list_valid+0x198/0x280 [ 3224.810916][T21751] ieee80211_register_hw+0x141d/0x3760 [ 3224.816403][T21751] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3224.821878][T21751] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3224.827482][T21751] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3224.833479][T21751] ? memset+0x20/0x40 [ 3224.837475][T21751] ? __hrtimer_init+0x134/0x260 [ 3224.842341][T21751] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3224.848066][T21751] ? vprintk_func+0x81/0x17e [ 3224.852684][T21751] ? hwsim_register_received_nl+0x400/0x400 [ 3224.858606][T21751] hwsim_new_radio_nl+0x905/0xf60 [ 3224.863657][T21751] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3224.869555][T21751] ? cap_capable+0x1eb/0x250 [ 3224.874164][T21751] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3224.880570][T21751] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3224.886922][T21751] genl_rcv_msg+0x627/0xdf0 [ 3224.891449][T21751] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3224.898489][T21751] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3224.904246][T21751] netlink_rcv_skb+0x15a/0x410 [ 3224.909020][T21751] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3224.916058][T21751] ? netlink_ack+0xa80/0xa80 [ 3224.920701][T21751] genl_rcv+0x24/0x40 [ 3224.924690][T21751] netlink_unicast+0x537/0x740 [ 3224.929481][T21751] ? netlink_attachskb+0x810/0x810 [ 3224.934879][T21751] ? security_netlink_send+0x13/0xa0 [ 3224.940270][T21751] ? security_netlink_send+0x1a/0xa0 [ 3224.945583][T21751] netlink_sendmsg+0x882/0xe10 [ 3224.950361][T21751] ? aa_af_perm+0x260/0x260 [ 3224.954873][T21751] ? netlink_unicast+0x740/0x740 [ 3224.959841][T21751] ? netlink_unicast+0x740/0x740 [ 3224.964788][T21751] sock_sendmsg+0xcf/0x120 [ 3224.969207][T21751] ____sys_sendmsg+0x6b9/0x7d0 [ 3224.973980][T21751] ? kernel_sendmsg+0x50/0x50 [ 3224.978661][T21751] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3224.984142][T21751] ___sys_sendmsg+0x100/0x170 [ 3224.988840][T21751] ? sendmsg_copy_msghdr+0x70/0x70 [ 3224.993991][T21751] ? __fget_files+0x329/0x4f0 [ 3224.998690][T21751] ? ksys_dup3+0x3c0/0x3c0 [ 3225.003117][T21751] ? lock_acquire+0x197/0x420 [ 3225.007804][T21751] ? __might_fault+0xef/0x1d0 [ 3225.012504][T21751] ? __fget_light+0x208/0x270 [ 3225.017203][T21751] __sys_sendmsg+0xec/0x1b0 [ 3225.021719][T21751] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3225.026747][T21751] ? __x64_sys_futex+0x380/0x4f0 [ 3225.031723][T21751] ? trace_hardirqs_off_caller+0x55/0x230 [ 3225.037454][T21751] ? do_syscall_64+0x21/0x7d0 [ 3225.049264][T21751] do_syscall_64+0xf6/0x7d0 [ 3225.053797][T21751] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3225.059696][T21751] RIP: 0033:0x45c849 [ 3225.063595][T21751] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3225.083199][T21751] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3225.091620][T21751] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3225.099603][T21751] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3225.107583][T21751] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3225.115560][T21751] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3225.123538][T21751] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3233.431101][T21867] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 3233.439918][T21867] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3233.479874][T21867] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3233.479874][T21867] !' [ 3233.489853][T21867] CPU: 0 PID: 21867 Comm: syz-executor.4 Not tainted 5.6.0-rc6-syzkaller #0 [ 3233.498535][T21867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3233.508592][T21867] Call Trace: [ 3233.512003][T21867] dump_stack+0x188/0x20d [ 3233.516352][T21867] sysfs_warn_dup.cold+0x1c/0x2d [ 3233.521305][T21867] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3233.527387][T21867] sysfs_create_link+0x61/0xc0 [ 3233.532203][T21867] device_add+0x71c/0x1bc0 [ 3233.536640][T21867] ? uevent_show+0x360/0x360 [ 3233.541237][T21867] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3233.547292][T21867] wiphy_register+0x1c46/0x2720 [ 3233.552164][T21867] ? wiphy_unregister+0xf90/0xf90 [ 3233.557218][T21867] ? __kmalloc+0x629/0x7a0 [ 3233.561640][T21867] ? ieee80211_register_hw+0xbea/0x3760 [ 3233.567283][T21867] ? ieee80211_cs_list_valid+0x198/0x280 [ 3233.572920][T21867] ieee80211_register_hw+0x141d/0x3760 [ 3233.578407][T21867] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3233.583876][T21867] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3233.589427][T21867] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3233.595417][T21867] ? memset+0x20/0x40 [ 3233.599401][T21867] ? __hrtimer_init+0x134/0x260 [ 3233.604386][T21867] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3233.610105][T21867] ? vprintk_func+0x81/0x17e [ 3233.614718][T21867] ? hwsim_register_received_nl+0x400/0x400 [ 3233.620618][T21867] ? __nla_validate_parse+0x156/0x1cd0 [ 3233.626093][T21867] hwsim_new_radio_nl+0x905/0xf60 [ 3233.631147][T21867] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3233.637048][T21867] ? cap_capable+0x1eb/0x250 [ 3233.641660][T21867] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3233.647983][T21867] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3233.654324][T21867] genl_rcv_msg+0x627/0xdf0 [ 3233.658869][T21867] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3233.665230][T21867] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 3233.672014][T21867] netlink_rcv_skb+0x15a/0x410 [ 3233.676799][T21867] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3233.683661][T21867] ? netlink_ack+0xa80/0xa80 [ 3233.688290][T21867] genl_rcv+0x24/0x40 [ 3233.692286][T21867] netlink_unicast+0x537/0x740 [ 3233.697070][T21867] ? netlink_attachskb+0x810/0x810 [ 3233.702188][T21867] ? _copy_from_iter_full+0x25c/0x870 [ 3233.707561][T21867] ? __phys_addr_symbol+0x2c/0x70 [ 3233.712584][T21867] ? __check_object_size+0x171/0x437 [ 3233.717879][T21867] netlink_sendmsg+0x882/0xe10 [ 3233.722654][T21867] ? aa_af_perm+0x260/0x260 [ 3233.727165][T21867] ? netlink_unicast+0x740/0x740 [ 3233.732133][T21867] ? netlink_unicast+0x740/0x740 [ 3233.737115][T21867] sock_sendmsg+0xcf/0x120 [ 3233.741538][T21867] ____sys_sendmsg+0x6b9/0x7d0 [ 3233.746314][T21867] ? kernel_sendmsg+0x50/0x50 [ 3233.751005][T21867] ? mark_lock+0xbc/0x1220 [ 3233.755451][T21867] ___sys_sendmsg+0x100/0x170 [ 3233.760141][T21867] ? sendmsg_copy_msghdr+0x70/0x70 [ 3233.765979][T21867] ? __fget_files+0x329/0x4f0 [ 3233.770683][T21867] ? ksys_dup3+0x3c0/0x3c0 [ 3233.775119][T21867] ? lock_acquire+0x197/0x420 [ 3233.779807][T21867] ? __might_fault+0xef/0x1d0 [ 3233.784512][T21867] ? __fget_light+0x208/0x270 [ 3233.789211][T21867] __sys_sendmsg+0xec/0x1b0 [ 3233.793718][T21867] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3233.798747][T21867] ? __x64_sys_futex+0x380/0x4f0 [ 3233.803708][T21867] ? trace_hardirqs_off_caller+0x55/0x230 [ 3233.809429][T21867] ? do_syscall_64+0x21/0x7d0 [ 3233.814111][T21867] do_syscall_64+0xf6/0x7d0 [ 3233.818619][T21867] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3233.824510][T21867] RIP: 0033:0x45c849 [ 3233.828406][T21867] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3233.848012][T21867] RSP: 002b:00007f96f5f61c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3233.856424][T21867] RAX: ffffffffffffffda RBX: 00007f96f5f626d4 RCX: 000000000045c849 [ 3233.864397][T21867] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 3233.872366][T21867] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3233.880442][T21867] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3233.888417][T21867] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:45:08 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="0f00000024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:08 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x82}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:08 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000068000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:45:08 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r3, &(0x7f0000000200)=""/202, 0x56, 0x0) 11:45:08 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="0f00000024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:08 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x82}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3233.995173][T21874] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:45:08 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0000000000000000000000000060000000000000000000006c000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:45:08 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e000024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3234.059089][T21869] netlink: 'syz-executor.0': attribute type 8 has an invalid length. [ 3234.085598][T21869] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3234.132460][T21869] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3234.132460][T21869] !' [ 3234.148456][T21869] CPU: 1 PID: 21869 Comm: syz-executor.0 Not tainted 5.6.0-rc6-syzkaller #0 [ 3234.157159][T21869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3234.168170][T21869] Call Trace: [ 3234.171471][T21869] dump_stack+0x188/0x20d [ 3234.175821][T21869] sysfs_warn_dup.cold+0x1c/0x2d [ 3234.180776][T21869] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3234.186855][T21869] sysfs_create_link+0x61/0xc0 [ 3234.191635][T21869] device_add+0x71c/0x1bc0 [ 3234.196072][T21869] ? ieee80211_set_bitrate_flags+0x36f/0x5c0 [ 3234.202680][T21869] ? uevent_show+0x360/0x360 [ 3234.207286][T21869] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3234.213286][T21869] wiphy_register+0x1c46/0x2720 [ 3234.218157][T21869] ? wiphy_unregister+0xf90/0xf90 [ 3234.223186][T21869] ? retint_kernel+0x2b/0x2b [ 3234.227808][T21869] ? ieee80211_cs_list_valid+0x198/0x280 [ 3234.233460][T21869] ieee80211_register_hw+0x141d/0x3760 [ 3234.238951][T21869] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3234.244425][T21869] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3234.248095][T21888] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3234.249987][T21869] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3234.250007][T21869] ? memset+0x20/0x40 [ 3234.250026][T21869] ? __hrtimer_init+0x134/0x260 [ 3234.273469][T21869] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3234.279214][T21869] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3234.284532][T21869] ? hwsim_register_received_nl+0x400/0x400 [ 3234.290454][T21869] hwsim_new_radio_nl+0x905/0xf60 [ 3234.295497][T21869] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3234.300973][T21869] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3234.306886][T21869] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3234.312638][T21869] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3234.318978][T21869] genl_rcv_msg+0x627/0xdf0 [ 3234.323502][T21869] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3234.329866][T21869] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3234.335161][T21869] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3234.341595][T21869] netlink_rcv_skb+0x15a/0x410 [ 3234.346372][T21869] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3234.352720][T21869] ? netlink_ack+0xa80/0xa80 [ 3234.357349][T21869] genl_rcv+0x24/0x40 [ 3234.361342][T21869] netlink_unicast+0x537/0x740 [ 3234.366114][T21869] ? netlink_attachskb+0x810/0x810 [ 3234.371226][T21869] ? _copy_from_iter_full+0x25c/0x870 [ 3234.376623][T21869] netlink_sendmsg+0x882/0xe10 [ 3234.381406][T21869] ? aa_af_perm+0x260/0x260 [ 3234.385924][T21869] ? netlink_unicast+0x740/0x740 [ 3234.390898][T21869] ? netlink_unicast+0x740/0x740 [ 3234.393679][T21892] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3234.395864][T21869] sock_sendmsg+0xcf/0x120 [ 3234.395885][T21869] ____sys_sendmsg+0x6b9/0x7d0 [ 3234.395906][T21869] ? kernel_sendmsg+0x50/0x50 [ 3234.395927][T21869] ? mark_lock+0xbc/0x1220 [ 3234.422846][T21869] ___sys_sendmsg+0x100/0x170 [ 3234.427544][T21869] ? sendmsg_copy_msghdr+0x70/0x70 11:45:08 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000074000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:45:08 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0000000000000000000000000060000000000000000000007a000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3234.432692][T21869] ? __fget_files+0x329/0x4f0 [ 3234.437390][T21869] ? ksys_dup3+0x3c0/0x3c0 [ 3234.441817][T21869] ? lock_acquire+0x209/0x420 [ 3234.446643][T21869] ? __fget_light+0x208/0x270 [ 3234.451348][T21869] __sys_sendmsg+0xec/0x1b0 [ 3234.455868][T21869] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3234.461333][T21869] ? __x64_sys_futex+0x380/0x4f0 [ 3234.466482][T21869] ? trace_hardirqs_off_caller+0x55/0x230 [ 3234.472214][T21869] ? do_syscall_64+0x21/0x7d0 [ 3234.476904][T21869] do_syscall_64+0xf6/0x7d0 [ 3234.481424][T21869] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3234.487325][T21869] RIP: 0033:0x45c849 [ 3234.491227][T21869] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3234.511453][T21869] RSP: 002b:00007febc7569c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3234.519884][T21869] RAX: ffffffffffffffda RBX: 00007febc756a6d4 RCX: 000000000045c849 [ 3234.524443][T21895] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3234.528547][T21869] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3234.528556][T21869] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3234.528565][T21869] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3234.528574][T21869] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3234.554319][T21876] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3234.595695][T21876] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3234.637535][T21876] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3234.637535][T21876] !' [ 3234.656324][T21876] CPU: 1 PID: 21876 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3234.665032][T21876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3234.675094][T21876] Call Trace: [ 3234.678390][T21876] dump_stack+0x188/0x20d [ 3234.682718][T21876] sysfs_warn_dup.cold+0x1c/0x2d [ 3234.687646][T21876] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3234.693705][T21876] sysfs_create_link+0x61/0xc0 [ 3234.698460][T21876] device_add+0x71c/0x1bc0 [ 3234.702873][T21876] ? uevent_show+0x360/0x360 [ 3234.707452][T21876] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3234.713428][T21876] wiphy_register+0x1c46/0x2720 [ 3234.719234][T21876] ? wiphy_unregister+0xf90/0xf90 [ 3234.724252][T21876] ? retint_kernel+0x2b/0x2b [ 3234.728838][T21876] ? ieee80211_register_hw+0xf97/0x3760 [ 3234.734368][T21876] ? ieee80211_cs_list_valid+0x198/0x280 [ 3234.739991][T21876] ieee80211_register_hw+0x141d/0x3760 [ 3234.745450][T21876] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3234.750895][T21876] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3234.756441][T21876] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3234.762480][T21876] ? memset+0x20/0x40 [ 3234.766455][T21876] ? __hrtimer_init+0x134/0x260 [ 3234.771301][T21876] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3234.777022][T21876] ? vprintk_func+0x81/0x17e [ 3234.781622][T21876] ? hwsim_register_received_nl+0x400/0x400 [ 3234.787530][T21876] hwsim_new_radio_nl+0x905/0xf60 [ 3234.792553][T21876] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3234.798438][T21876] ? cap_capable+0x1eb/0x250 [ 3234.803119][T21876] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3234.809443][T21876] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3234.815780][T21876] genl_rcv_msg+0x627/0xdf0 [ 3234.820291][T21876] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3234.826604][T21876] ? mark_held_locks+0x9f/0xe0 [ 3234.831363][T21876] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3234.836810][T21876] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3234.842090][T21876] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3234.847797][T21876] ? retint_kernel+0x2b/0x2b [ 3234.852382][T21876] netlink_rcv_skb+0x15a/0x410 [ 3234.857137][T21876] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3234.863450][T21876] ? netlink_ack+0xa80/0xa80 [ 3234.868043][T21876] genl_rcv+0x24/0x40 [ 3234.872012][T21876] netlink_unicast+0x537/0x740 [ 3234.877559][T21876] ? netlink_attachskb+0x810/0x810 [ 3234.882657][T21876] ? _copy_from_iter_full+0x25c/0x870 [ 3234.888025][T21876] ? __phys_addr_symbol+0x2c/0x70 [ 3234.893034][T21876] ? __check_object_size+0x171/0x437 [ 3234.898311][T21876] netlink_sendmsg+0x882/0xe10 [ 3234.903068][T21876] ? aa_af_perm+0x260/0x260 [ 3234.907557][T21876] ? netlink_unicast+0x740/0x740 [ 3234.912491][T21876] ? netlink_unicast+0x740/0x740 [ 3234.917413][T21876] sock_sendmsg+0xcf/0x120 [ 3234.921817][T21876] ____sys_sendmsg+0x6b9/0x7d0 [ 3234.926569][T21876] ? kernel_sendmsg+0x50/0x50 [ 3234.931244][T21876] ? mark_lock+0xbc/0x1220 [ 3234.935656][T21876] ___sys_sendmsg+0x100/0x170 [ 3234.940319][T21876] ? sendmsg_copy_msghdr+0x70/0x70 [ 3234.945426][T21876] ? __fget_files+0x329/0x4f0 [ 3234.950095][T21876] ? ksys_dup3+0x3c0/0x3c0 [ 3234.954495][T21876] ? lock_acquire+0x197/0x420 [ 3234.959156][T21876] ? __might_fault+0xef/0x1d0 [ 3234.963830][T21876] ? __fget_light+0x208/0x270 [ 3234.969196][T21876] __sys_sendmsg+0xec/0x1b0 [ 3234.973683][T21876] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3234.978693][T21876] ? __x64_sys_clock_gettime+0xb4/0x240 [ 3234.984232][T21876] ? trace_hardirqs_off_caller+0x55/0x230 [ 3234.989937][T21876] ? do_syscall_64+0x21/0x7d0 [ 3234.994608][T21876] do_syscall_64+0xf6/0x7d0 [ 3234.999103][T21876] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3235.004989][T21876] RIP: 0033:0x45c849 [ 3235.008876][T21876] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3235.029415][T21876] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e 11:45:09 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000007fffffe000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3235.037810][T21876] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3235.045780][T21876] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3235.053734][T21876] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3235.061686][T21876] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3235.079275][T21876] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:45:09 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7e}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3235.160892][T21900] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3235.179453][T21889] netlink: 3740 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3235.230661][T21889] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3235.230661][T21889] !' [ 3235.340291][T21889] CPU: 0 PID: 21889 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3235.349020][T21889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3235.359084][T21889] Call Trace: [ 3235.362397][T21889] dump_stack+0x188/0x20d [ 3235.366745][T21889] sysfs_warn_dup.cold+0x1c/0x2d [ 3235.371699][T21889] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3235.378565][T21889] sysfs_create_link+0x61/0xc0 [ 3235.383343][T21889] device_add+0x71c/0x1bc0 [ 3235.387782][T21889] ? uevent_show+0x360/0x360 [ 3235.392390][T21889] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3235.398394][T21889] wiphy_register+0x1c46/0x2720 [ 3235.403280][T21889] ? wiphy_unregister+0xf90/0xf90 [ 3235.408411][T21889] ? __kmalloc+0x629/0x7a0 [ 3235.412944][T21889] ? ieee80211_register_hw+0xbea/0x3760 [ 3235.418512][T21889] ? ieee80211_cs_list_valid+0x198/0x280 [ 3235.424169][T21889] ieee80211_register_hw+0x141d/0x3760 [ 3235.429669][T21889] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3235.435151][T21889] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3235.440718][T21889] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3235.446724][T21889] ? memset+0x20/0x40 [ 3235.451318][T21889] ? __hrtimer_init+0x134/0x260 [ 3235.456194][T21889] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3235.462449][T21889] ? vprintk_func+0x81/0x17e [ 3235.467077][T21889] ? hwsim_register_received_nl+0x400/0x400 [ 3235.473089][T21889] hwsim_new_radio_nl+0x905/0xf60 [ 3235.478741][T21889] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3235.484646][T21889] ? cap_capable+0x1eb/0x250 [ 3235.489263][T21889] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3235.495603][T21889] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3235.502751][T21889] genl_rcv_msg+0x627/0xdf0 [ 3235.507301][T21889] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3235.513644][T21889] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3235.519042][T21889] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3235.524904][T21889] netlink_rcv_skb+0x15a/0x410 [ 3235.529804][T21889] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3235.536149][T21889] ? netlink_ack+0xa80/0xa80 [ 3235.540779][T21889] genl_rcv+0x24/0x40 [ 3235.544774][T21889] netlink_unicast+0x537/0x740 [ 3235.549567][T21889] ? netlink_attachskb+0x810/0x810 [ 3235.554711][T21889] ? netlink_sendmsg+0x7f7/0xe10 [ 3235.559757][T21889] netlink_sendmsg+0x882/0xe10 [ 3235.564577][T21889] ? aa_af_perm+0x260/0x260 [ 3235.570934][T21889] ? netlink_unicast+0x740/0x740 [ 3235.575909][T21889] ? netlink_unicast+0x740/0x740 [ 3235.580862][T21889] sock_sendmsg+0xcf/0x120 [ 3235.585393][T21889] ____sys_sendmsg+0x6b9/0x7d0 [ 3235.590178][T21889] ? kernel_sendmsg+0x50/0x50 [ 3235.594891][T21889] ? mark_lock+0xbc/0x1220 [ 3235.599325][T21889] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3235.604899][T21889] ___sys_sendmsg+0x100/0x170 [ 3235.609634][T21889] ? sendmsg_copy_msghdr+0x70/0x70 [ 3235.614798][T21889] ? __fget_files+0x329/0x4f0 [ 3235.619501][T21889] ? ksys_dup3+0x3c0/0x3c0 [ 3235.623934][T21889] ? lock_acquire+0x197/0x420 [ 3235.628627][T21889] ? __might_fault+0xef/0x1d0 [ 3235.633445][T21889] ? __fget_light+0x208/0x270 [ 3235.638145][T21889] __sys_sendmsg+0xec/0x1b0 [ 3235.642684][T21889] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3235.647789][T21889] ? __sys_sendmsg+0xc/0x1b0 [ 3235.653355][T21889] do_syscall_64+0xf6/0x7d0 [ 3235.657891][T21889] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3235.663875][T21889] RIP: 0033:0x45c849 [ 3235.667776][T21889] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3235.687609][T21889] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3235.697002][T21889] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3235.707930][T21889] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3235.715907][T21889] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3235.723894][T21889] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3235.731880][T21889] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3235.745778][T21897] netlink: 3740 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3235.789851][T21897] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3235.789851][T21897] !' [ 3235.830344][T21897] CPU: 0 PID: 21897 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3235.839060][T21897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3235.849112][T21897] Call Trace: [ 3235.852393][T21897] dump_stack+0x188/0x20d [ 3235.856718][T21897] sysfs_warn_dup.cold+0x1c/0x2d [ 3235.862258][T21897] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3235.868328][T21897] sysfs_create_link+0x61/0xc0 [ 3235.873087][T21897] device_add+0x71c/0x1bc0 [ 3235.877499][T21897] ? uevent_show+0x360/0x360 [ 3235.882081][T21897] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3235.888179][T21897] wiphy_register+0x1c46/0x2720 [ 3235.893037][T21897] ? wiphy_unregister+0xf90/0xf90 [ 3235.898511][T21897] ? __kmalloc+0x629/0x7a0 [ 3235.902939][T21897] ? ieee80211_register_hw+0xbea/0x3760 [ 3235.908507][T21897] ? ieee80211_cs_list_valid+0x198/0x280 [ 3235.914157][T21897] ieee80211_register_hw+0x141d/0x3760 [ 3235.919646][T21897] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3235.925129][T21897] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3235.930686][T21897] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3235.936682][T21897] ? memset+0x20/0x40 [ 3235.940686][T21897] ? __hrtimer_init+0x134/0x260 [ 3235.945554][T21897] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3235.951283][T21897] ? vprintk_func+0x81/0x17e [ 3235.955917][T21897] ? hwsim_register_received_nl+0x400/0x400 [ 3235.961845][T21897] hwsim_new_radio_nl+0x905/0xf60 [ 3235.966886][T21897] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3235.972789][T21897] ? cap_capable+0x1eb/0x250 [ 3235.977407][T21897] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3235.983740][T21897] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3235.990093][T21897] genl_rcv_msg+0x627/0xdf0 [ 3235.994622][T21897] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3236.000986][T21897] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 3236.006817][T21897] netlink_rcv_skb+0x15a/0x410 [ 3236.011594][T21897] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3236.017939][T21897] ? netlink_ack+0xa80/0xa80 [ 3236.022570][T21897] genl_rcv+0x24/0x40 [ 3236.026562][T21897] netlink_unicast+0x537/0x740 [ 3236.031344][T21897] ? netlink_attachskb+0x810/0x810 [ 3236.036467][T21897] ? _copy_from_iter_full+0x25c/0x870 [ 3236.041853][T21897] ? __phys_addr_symbol+0x2c/0x70 [ 3236.046888][T21897] ? __check_object_size+0x171/0x437 [ 3236.052191][T21897] netlink_sendmsg+0x882/0xe10 [ 3236.056970][T21897] ? aa_af_perm+0x260/0x260 [ 3236.061494][T21897] ? netlink_unicast+0x740/0x740 [ 3236.066463][T21897] ? netlink_unicast+0x740/0x740 [ 3236.071416][T21897] sock_sendmsg+0xcf/0x120 [ 3236.075846][T21897] ____sys_sendmsg+0x6b9/0x7d0 [ 3236.080634][T21897] ? kernel_sendmsg+0x50/0x50 [ 3236.086031][T21897] ? mark_lock+0xbc/0x1220 [ 3236.090476][T21897] ___sys_sendmsg+0x100/0x170 [ 3236.095176][T21897] ? sendmsg_copy_msghdr+0x70/0x70 [ 3236.100318][T21897] ? __fget_files+0x329/0x4f0 [ 3236.105014][T21897] ? ksys_dup3+0x3c0/0x3c0 [ 3236.109435][T21897] ? lock_acquire+0x197/0x420 [ 3236.114127][T21897] ? __might_fault+0xef/0x1d0 [ 3236.118827][T21897] ? __fget_light+0x208/0x270 [ 3236.123530][T21897] __sys_sendmsg+0xec/0x1b0 [ 3236.128047][T21897] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3236.133081][T21897] ? __x64_sys_futex+0x380/0x4f0 [ 3236.138050][T21897] ? trace_hardirqs_off_caller+0x55/0x230 [ 3236.143789][T21897] ? do_syscall_64+0x21/0x7d0 [ 3236.148489][T21897] do_syscall_64+0xf6/0x7d0 [ 3236.153014][T21897] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3236.158920][T21897] RIP: 0033:0x45c849 [ 3236.162825][T21897] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3236.182433][T21897] RSP: 002b:00007fc08081bc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3236.190858][T21897] RAX: ffffffffffffffda RBX: 00007fc08081c6d4 RCX: 000000000045c849 [ 3236.200225][T21897] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3236.208207][T21897] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 3236.216197][T21897] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3236.224171][T21897] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076c04c [ 3236.250335][T22004] netlink: 'syz-executor.0': attribute type 8 has an invalid length. [ 3236.280334][T22004] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3236.292467][T22004] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3236.292467][T22004] !' [ 3236.318438][T22004] CPU: 1 PID: 22004 Comm: syz-executor.0 Not tainted 5.6.0-rc6-syzkaller #0 [ 3236.327171][T22004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3236.337330][T22004] Call Trace: [ 3236.340642][T22004] dump_stack+0x188/0x20d [ 3236.345003][T22004] sysfs_warn_dup.cold+0x1c/0x2d [ 3236.349975][T22004] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3236.356056][T22004] sysfs_create_link+0x61/0xc0 [ 3236.360831][T22004] device_add+0x71c/0x1bc0 [ 3236.365271][T22004] ? uevent_show+0x360/0x360 [ 3236.369882][T22004] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3236.375888][T22004] wiphy_register+0x1c46/0x2720 [ 3236.380773][T22004] ? wiphy_unregister+0xf90/0xf90 [ 3236.385819][T22004] ? __kmalloc+0x629/0x7a0 [ 3236.390247][T22004] ? ieee80211_register_hw+0xbea/0x3760 [ 3236.395816][T22004] ? ieee80211_cs_list_valid+0x198/0x280 [ 3236.401469][T22004] ieee80211_register_hw+0x141d/0x3760 [ 3236.406969][T22004] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3236.412448][T22004] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3236.418012][T22004] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3236.424012][T22004] ? memset+0x20/0x40 [ 3236.428010][T22004] ? __hrtimer_init+0x134/0x260 [ 3236.432879][T22004] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3236.438617][T22004] ? vprintk_func+0x81/0x17e [ 3236.443251][T22004] ? hwsim_register_received_nl+0x400/0x400 [ 3236.449170][T22004] hwsim_new_radio_nl+0x905/0xf60 [ 3236.454210][T22004] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3236.460113][T22004] ? cap_capable+0x1eb/0x250 [ 3236.464732][T22004] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3236.471073][T22004] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3236.477426][T22004] genl_rcv_msg+0x627/0xdf0 [ 3236.481966][T22004] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3236.488335][T22004] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 3236.494160][T22004] netlink_rcv_skb+0x15a/0x410 [ 3236.498939][T22004] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3236.505280][T22004] ? netlink_ack+0xa80/0xa80 [ 3236.509908][T22004] genl_rcv+0x24/0x40 [ 3236.513908][T22004] netlink_unicast+0x537/0x740 [ 3236.528611][T22004] ? netlink_attachskb+0x810/0x810 [ 3236.533738][T22004] ? _copy_from_iter_full+0x25c/0x870 [ 3236.539129][T22004] ? __phys_addr_symbol+0x2c/0x70 [ 3236.544169][T22004] ? __check_object_size+0x171/0x437 [ 3236.549476][T22004] netlink_sendmsg+0x882/0xe10 [ 3236.554265][T22004] ? aa_af_perm+0x260/0x260 [ 3236.558784][T22004] ? netlink_unicast+0x740/0x740 [ 3236.563750][T22004] ? netlink_unicast+0x740/0x740 [ 3236.568699][T22004] sock_sendmsg+0xcf/0x120 [ 3236.573129][T22004] ____sys_sendmsg+0x6b9/0x7d0 [ 3236.577908][T22004] ? kernel_sendmsg+0x50/0x50 [ 3236.582609][T22004] ? mark_lock+0xbc/0x1220 [ 3236.587055][T22004] ___sys_sendmsg+0x100/0x170 [ 3236.591876][T22004] ? sendmsg_copy_msghdr+0x70/0x70 [ 3236.597025][T22004] ? __fget_files+0x329/0x4f0 [ 3236.601727][T22004] ? ksys_dup3+0x3c0/0x3c0 [ 3236.606147][T22004] ? lock_acquire+0x197/0x420 [ 3236.610843][T22004] ? __might_fault+0xef/0x1d0 [ 3236.615546][T22004] ? __fget_light+0x208/0x270 [ 3236.620243][T22004] __sys_sendmsg+0xec/0x1b0 [ 3236.624757][T22004] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3236.630085][T22004] ? do_syscall_64+0x4f/0x7d0 [ 3236.634775][T22004] do_syscall_64+0xf6/0x7d0 [ 3236.639305][T22004] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3236.645204][T22004] RIP: 0033:0x45c849 [ 3236.649112][T22004] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3236.668726][T22004] RSP: 002b:00007febc7569c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3236.677147][T22004] RAX: ffffffffffffffda RBX: 00007febc756a6d4 RCX: 000000000045c849 [ 3236.685128][T22004] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3236.693107][T22004] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3236.701086][T22004] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3236.709060][T22004] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:45:19 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:19 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000020000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:45:19 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x27}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:19 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="0040030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:19 executing program 0 (fault-call:1 fault-nth:0): r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:19 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r3, &(0x7f0000000200)=""/202, 0x200002ca, 0x0) [ 3245.614150][T22022] FAULT_INJECTION: forcing a failure. [ 3245.614150][T22022] name failslab, interval 1, probability 0, space 0, times 0 [ 3245.629730][T22025] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3245.657000][T22027] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3245.690655][T22022] CPU: 0 PID: 22022 Comm: syz-executor.0 Not tainted 5.6.0-rc6-syzkaller #0 11:45:20 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000000010000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3245.699374][T22022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3245.705936][T22027] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3245.709425][T22022] Call Trace: [ 3245.709453][T22022] dump_stack+0x188/0x20d [ 3245.709481][T22022] should_fail.cold+0x5/0xa [ 3245.709502][T22022] ? lock_downgrade+0x7f0/0x7f0 [ 3245.736075][T22022] ? fault_create_debugfs_attr+0x140/0x140 [ 3245.741899][T22022] should_failslab+0x5/0xf [ 3245.746319][T22022] kmem_cache_alloc_node_trace+0x27c/0x790 [ 3245.752137][T22022] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3245.757433][T22022] ? __local_bh_enable_ip+0x159/0x270 [ 3245.762826][T22022] __get_vm_area_node+0x126/0x3b0 [ 3245.767878][T22022] __vmalloc_node_range+0xdc/0x7a0 [ 3245.772998][T22022] ? netlink_sendmsg+0x605/0xe10 [ 3245.777952][T22022] ? netlink_sendmsg+0x605/0xe10 [ 3245.782905][T22022] vmalloc+0x67/0x80 [ 3245.786814][T22022] ? netlink_sendmsg+0x605/0xe10 [ 3245.787053][T22033] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3245.791771][T22022] netlink_sendmsg+0x605/0xe10 11:45:20 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000000020000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3245.791797][T22022] ? aa_af_perm+0x260/0x260 [ 3245.791813][T22022] ? netlink_unicast+0x740/0x740 [ 3245.791840][T22022] ? netlink_unicast+0x740/0x740 [ 3245.791861][T22022] sock_sendmsg+0xcf/0x120 [ 3245.824248][T22022] ____sys_sendmsg+0x6b9/0x7d0 [ 3245.829030][T22022] ? kernel_sendmsg+0x50/0x50 [ 3245.834286][T22022] ___sys_sendmsg+0x100/0x170 [ 3245.838989][T22022] ? sendmsg_copy_msghdr+0x70/0x70 [ 3245.844137][T22022] ? __fget_files+0x329/0x4f0 [ 3245.848871][T22022] ? ksys_dup3+0x3c0/0x3c0 [ 3245.853297][T22022] ? find_held_lock+0x2d/0x110 [ 3245.858074][T22022] ? vfs_write+0x342/0x5c0 [ 3245.862514][T22022] ? __fget_light+0x208/0x270 [ 3245.867215][T22022] __sys_sendmsg+0xec/0x1b0 [ 3245.871730][T22022] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3245.872354][T22036] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3245.876752][T22022] ? vfs_write+0x15b/0x5c0 [ 3245.876789][T22022] ? trace_hardirqs_off_caller+0x55/0x230 [ 3245.876811][T22022] ? do_syscall_64+0x21/0x7d0 [ 3245.900271][T22022] do_syscall_64+0xf6/0x7d0 11:45:20 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000000030000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3245.904818][T22022] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3245.910713][T22022] RIP: 0033:0x45c849 [ 3245.914609][T22022] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3245.934322][T22022] RSP: 002b:00007febc7569c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3245.942743][T22022] RAX: ffffffffffffffda RBX: 00007febc756a6d4 RCX: 000000000045c849 [ 3245.950718][T22022] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 11:45:20 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="2040032024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3245.958699][T22022] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3245.963263][T22039] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3245.966672][T22022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3245.966681][T22022] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 0000000000000000 11:45:20 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="00f0ff7f24000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3246.095040][T22027] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3246.095040][T22027] !' [ 3246.130477][T22027] CPU: 0 PID: 22027 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3246.139194][T22027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3246.149248][T22027] Call Trace: [ 3246.153237][T22027] dump_stack+0x188/0x20d [ 3246.157585][T22027] sysfs_warn_dup.cold+0x1c/0x2d [ 3246.162518][T22027] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3246.168581][T22027] sysfs_create_link+0x61/0xc0 [ 3246.173360][T22027] device_add+0x71c/0x1bc0 [ 3246.177793][T22027] ? ieee80211_set_bitrate_flags+0x2b/0x5c0 [ 3246.183775][T22027] ? uevent_show+0x360/0x360 [ 3246.188380][T22027] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 11:45:20 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e024030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3246.194384][T22027] wiphy_register+0x1c46/0x2720 [ 3246.199270][T22027] ? wiphy_unregister+0xf90/0xf90 [ 3246.204311][T22027] ? retint_kernel+0x2b/0x2b [ 3246.208923][T22027] ? ieee80211_register_hw+0x132e/0x3760 [ 3246.214573][T22027] ieee80211_register_hw+0x141d/0x3760 [ 3246.220069][T22027] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3246.225546][T22027] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3246.231099][T22027] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3246.237080][T22027] ? memset+0x20/0x40 [ 3246.241068][T22027] ? __hrtimer_init+0x134/0x260 [ 3246.245936][T22027] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3246.251660][T22027] ? vprintk_func+0x81/0x17e [ 3246.256283][T22027] ? hwsim_register_received_nl+0x400/0x400 [ 3246.262185][T22027] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3246.267481][T22027] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3246.272961][T22027] hwsim_new_radio_nl+0x905/0xf60 [ 3246.277990][T22027] ? retint_kernel+0x2b/0x2b [ 3246.282593][T22027] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3246.288513][T22027] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3246.294844][T22027] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3246.301197][T22027] genl_rcv_msg+0x627/0xdf0 [ 3246.305723][T22027] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3246.312093][T22027] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 3246.312924][T22022] syz-executor.0: vmalloc: allocation failure: 213312 bytes, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 3246.317918][T22027] netlink_rcv_skb+0x15a/0x410 [ 3246.317940][T22027] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3246.317960][T22027] ? netlink_ack+0xa80/0xa80 [ 3246.318000][T22027] genl_rcv+0x24/0x40 [ 3246.350899][T22027] netlink_unicast+0x537/0x740 [ 3246.355688][T22027] ? netlink_attachskb+0x810/0x810 [ 3246.360814][T22027] ? _copy_from_iter_full+0x25c/0x870 [ 3246.366208][T22027] ? __phys_addr_symbol+0x2c/0x70 [ 3246.371938][T22027] ? __check_object_size+0x171/0x437 [ 3246.377229][T22027] netlink_sendmsg+0x882/0xe10 [ 3246.382000][T22027] ? aa_af_perm+0x260/0x260 [ 3246.386536][T22027] ? netlink_unicast+0x740/0x740 [ 3246.392209][T22027] ? netlink_unicast+0x740/0x740 [ 3246.397139][T22027] sock_sendmsg+0xcf/0x120 [ 3246.401552][T22027] ____sys_sendmsg+0x6b9/0x7d0 [ 3246.406323][T22027] ? kernel_sendmsg+0x50/0x50 [ 3246.411013][T22027] ? mark_lock+0xbc/0x1220 [ 3246.415444][T22027] ___sys_sendmsg+0x100/0x170 [ 3246.420113][T22027] ? sendmsg_copy_msghdr+0x70/0x70 [ 3246.425239][T22027] ? __fget_files+0x329/0x4f0 [ 3246.429944][T22027] ? ksys_dup3+0x3c0/0x3c0 [ 3246.434374][T22027] ? __fget_light+0x208/0x270 [ 3246.439065][T22027] __sys_sendmsg+0xec/0x1b0 [ 3246.443562][T22027] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3246.448594][T22027] ? trace_hardirqs_off_caller+0x55/0x230 [ 3246.454307][T22027] ? do_syscall_64+0x21/0x7d0 [ 3246.458984][T22027] do_syscall_64+0xf6/0x7d0 [ 3246.463479][T22027] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3246.469357][T22027] RIP: 0033:0x45c849 [ 3246.473330][T22027] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3246.492919][T22027] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3246.501314][T22027] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3246.509271][T22027] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3246.517847][T22027] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3246.525835][T22027] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3246.533791][T22027] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3246.544339][T22022] CPU: 1 PID: 22022 Comm: syz-executor.0 Not tainted 5.6.0-rc6-syzkaller #0 [ 3246.553223][T22022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3246.563276][T22022] Call Trace: [ 3246.566568][T22022] dump_stack+0x188/0x20d [ 3246.570912][T22022] warn_alloc.cold+0x87/0x164 [ 3246.575609][T22022] ? zone_watermark_ok_safe+0x260/0x260 [ 3246.581876][T22022] ? __local_bh_enable_ip+0x159/0x270 [ 3246.587270][T22022] ? __get_vm_area_node+0x2e2/0x3b0 [ 3246.592504][T22022] __vmalloc_node_range+0x452/0x7a0 [ 3246.597727][T22022] ? netlink_sendmsg+0x605/0xe10 [ 3246.602675][T22022] vmalloc+0x67/0x80 [ 3246.606594][T22022] ? netlink_sendmsg+0x605/0xe10 [ 3246.611548][T22022] netlink_sendmsg+0x605/0xe10 [ 3246.616336][T22022] ? aa_af_perm+0x260/0x260 [ 3246.620853][T22022] ? netlink_unicast+0x740/0x740 [ 3246.625848][T22022] ? netlink_unicast+0x740/0x740 [ 3246.630807][T22022] sock_sendmsg+0xcf/0x120 [ 3246.635240][T22022] ____sys_sendmsg+0x6b9/0x7d0 [ 3246.640979][T22022] ? kernel_sendmsg+0x50/0x50 [ 3246.645693][T22022] ___sys_sendmsg+0x100/0x170 [ 3246.650388][T22022] ? sendmsg_copy_msghdr+0x70/0x70 [ 3246.655657][T22022] ? __fget_files+0x329/0x4f0 [ 3246.660358][T22022] ? ksys_dup3+0x3c0/0x3c0 [ 3246.664782][T22022] ? find_held_lock+0x2d/0x110 [ 3246.669567][T22022] ? vfs_write+0x342/0x5c0 [ 3246.674011][T22022] ? __fget_light+0x208/0x270 [ 3246.678722][T22022] __sys_sendmsg+0xec/0x1b0 [ 3246.683238][T22022] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3246.688279][T22022] ? vfs_write+0x15b/0x5c0 [ 3246.692729][T22022] ? trace_hardirqs_off_caller+0x55/0x230 [ 3246.698461][T22022] ? do_syscall_64+0x21/0x7d0 [ 3246.703157][T22022] do_syscall_64+0xf6/0x7d0 [ 3246.707683][T22022] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3246.713583][T22022] RIP: 0033:0x45c849 [ 3246.717486][T22022] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3246.737184][T22022] RSP: 002b:00007febc7569c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3246.745607][T22022] RAX: ffffffffffffffda RBX: 00007febc756a6d4 RCX: 000000000045c849 [ 3246.753594][T22022] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 3246.761578][T22022] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3246.769560][T22022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3246.777628][T22022] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 0000000000000000 [ 3246.807773][T22050] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3246.820034][T22050] netlink: 178608 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3246.864513][T22050] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3246.864513][T22050] !' [ 3246.882780][T22050] CPU: 1 PID: 22050 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3246.891485][T22050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3246.901551][T22050] Call Trace: [ 3246.904865][T22050] dump_stack+0x188/0x20d [ 3246.909219][T22050] sysfs_warn_dup.cold+0x1c/0x2d [ 3246.914170][T22050] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3246.920236][T22050] sysfs_create_link+0x61/0xc0 [ 3246.925108][T22050] device_add+0x71c/0x1bc0 [ 3246.929555][T22050] ? uevent_show+0x360/0x360 [ 3246.934180][T22050] wiphy_register+0x1c46/0x2720 [ 3246.939077][T22050] ? wiphy_unregister+0xf90/0xf90 [ 3246.944136][T22050] ? ieee80211_cs_list_valid+0x19/0x280 [ 3246.949701][T22050] ? __sanitizer_cov_trace_pc+0x27/0x50 [ 3246.955372][T22050] ? ieee80211_cs_list_valid+0x198/0x280 [ 3246.961028][T22050] ieee80211_register_hw+0x141d/0x3760 [ 3246.966521][T22050] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3246.971999][T22050] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3246.977569][T22050] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3246.983565][T22050] ? memset+0x20/0x40 [ 3246.987560][T22050] ? __hrtimer_init+0x134/0x260 [ 3246.992468][T22050] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3246.998229][T22050] ? hwsim_register_received_nl+0x400/0x400 [ 3247.004152][T22050] hwsim_new_radio_nl+0x905/0xf60 [ 3247.009186][T22050] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3247.014487][T22050] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3247.020420][T22050] genl_rcv_msg+0x627/0xdf0 [ 3247.024946][T22050] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3247.031289][T22050] ? mark_held_locks+0x9f/0xe0 [ 3247.036068][T22050] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3247.041560][T22050] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3247.047293][T22050] ? retint_kernel+0x2b/0x2b [ 3247.051901][T22050] netlink_rcv_skb+0x15a/0x410 [ 3247.056684][T22050] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3247.063032][T22050] ? netlink_ack+0xa80/0xa80 [ 3247.067661][T22050] genl_rcv+0x24/0x40 [ 3247.071661][T22050] netlink_unicast+0x537/0x740 [ 3247.076448][T22050] ? netlink_attachskb+0x810/0x810 [ 3247.081586][T22050] netlink_sendmsg+0x882/0xe10 [ 3247.085251][T22022] Mem-Info: [ 3247.086359][T22050] ? aa_af_perm+0x260/0x260 [ 3247.086386][T22050] ? netlink_unicast+0x740/0x740 [ 3247.094961][T22022] active_anon:136636 inactive_anon:252 isolated_anon:0 [ 3247.094961][T22022] active_file:9720 inactive_file:156248 isolated_file:0 [ 3247.094961][T22022] unevictable:0 dirty:128 writeback:0 unstable:0 [ 3247.094961][T22022] slab_reclaimable:18893 slab_unreclaimable:98902 [ 3247.094961][T22022] mapped:61348 shmem:301 pagetables:3700 bounce:0 [ 3247.094961][T22022] free:1085743 free_pcp:676 free_cma:0 [ 3247.098916][T22050] ? netlink_unicast+0x740/0x740 [ 3247.098937][T22050] sock_sendmsg+0xcf/0x120 [ 3247.146416][T22050] ____sys_sendmsg+0x6b9/0x7d0 [ 3247.151202][T22050] ? kernel_sendmsg+0x50/0x50 [ 3247.155892][T22050] ? retint_kernel+0x2b/0x2b [ 3247.160527][T22050] ___sys_sendmsg+0x100/0x170 [ 3247.165221][T22050] ? sendmsg_copy_msghdr+0x70/0x70 [ 3247.170369][T22050] ? __fget_files+0x329/0x4f0 [ 3247.175077][T22050] ? ksys_dup3+0x3c0/0x3c0 [ 3247.179504][T22050] ? lock_acquire+0x197/0x420 [ 3247.184195][T22050] ? __might_fault+0xef/0x1d0 [ 3247.188903][T22050] ? __fget_light+0x208/0x270 [ 3247.193605][T22050] __sys_sendmsg+0xec/0x1b0 [ 3247.198124][T22050] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3247.203170][T22050] ? __x64_sys_futex+0x380/0x4f0 [ 3247.208145][T22050] ? trace_hardirqs_off_caller+0x55/0x230 [ 3247.213879][T22050] ? do_syscall_64+0x21/0x7d0 [ 3247.218572][T22050] do_syscall_64+0xf6/0x7d0 [ 3247.219692][T22022] Node 0 active_anon:546536kB inactive_anon:1008kB active_file:38740kB inactive_file:624992kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:245392kB dirty:512kB writeback:0kB shmem:1204kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 415744kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 3247.223084][T22050] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3247.223096][T22050] RIP: 0033:0x45c849 [ 3247.223113][T22050] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3247.223121][T22050] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3247.223134][T22050] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3247.223142][T22050] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3247.223150][T22050] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3247.223159][T22050] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3247.223167][T22050] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3247.270987][T22153] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3247.348609][T22022] Node 1 active_anon:8kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3247.378901][T22022] Node 0 DMA free:11704kB min:220kB low:272kB high:324kB reserved_highatomic:0KB active_anon:4096kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3247.420959][T22022] lowmem_reserve[]: 0 2521 2521 2521 2521 [ 3247.427390][T22153] netlink: 178608 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3247.427924][T22022] Node 0 DMA32 free:580452kB min:48256kB low:57248kB high:66240kB reserved_highatomic:0KB active_anon:542340kB inactive_anon:1008kB active_file:38660kB inactive_file:624992kB unevictable:0kB writepending:512kB present:3129332kB managed:2584792kB mlocked:0kB kernel_stack:11428kB pagetables:14800kB bounce:0kB free_pcp:2392kB local_pcp:1448kB free_cma:0kB [ 3247.476542][T22022] lowmem_reserve[]: 0 0 0 0 0 [ 3247.481755][T22022] Node 0 Normal free:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:80kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:80kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3247.483481][T22153] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3247.483481][T22153] !' [ 3247.516514][T22022] lowmem_reserve[]: 0 0 0 0 0 [ 3247.525423][T22022] Node 1 Normal free:3750916kB min:53916kB low:67392kB high:80868kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870200kB mlocked:0kB kernel_stack:16kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3247.561757][T22153] CPU: 1 PID: 22153 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3247.570456][T22153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3247.580513][T22153] Call Trace: [ 3247.583822][T22153] dump_stack+0x188/0x20d [ 3247.588176][T22153] sysfs_warn_dup.cold+0x1c/0x2d [ 3247.593140][T22153] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3247.599220][T22153] sysfs_create_link+0x61/0xc0 [ 3247.603996][T22153] device_add+0x71c/0x1bc0 [ 3247.605202][T22022] lowmem_reserve[]: 0 0 0 0 0 [ 3247.608448][T22153] ? uevent_show+0x360/0x360 [ 3247.608471][T22153] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3247.608496][T22153] wiphy_register+0x1c46/0x2720 [ 3247.622116][T22022] Node 0 DMA: 26*4kB (UE) 26*8kB (UE) 18*16kB (UE) 15*32kB (UE) 12*64kB (UE) 9*128kB (UE) 6*256kB (UE) 4*512kB (UE) 1*1024kB (U) 2*2048kB (ME) 0*4096kB = 11704kB [ 3247.623715][T22153] ? wiphy_unregister+0xf90/0xf90 [ 3247.623736][T22153] ? __kmalloc+0x629/0x7a0 [ 3247.630651][T22022] Node 0 DMA32: 847*4kB (UME) 525*8kB (UME) 2465*16kB (UME) 2038*32kB (UME) 1227*64kB (UME) 705*128kB (UME) 392*256kB (UME) 220*512kB (UME) 82*1024kB (UME) 1*2048kB (M) 0*4096kB = 580020kB [ 3247.644700][T22153] ? ieee80211_register_hw+0xbea/0x3760 [ 3247.644725][T22153] ? ieee80211_cs_list_valid+0x198/0x280 [ 3247.644747][T22153] ieee80211_register_hw+0x141d/0x3760 [ 3247.644784][T22153] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3247.667587][T22022] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 3247.672821][T22153] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3247.672838][T22153] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3247.672859][T22153] ? memset+0x20/0x40 [ 3247.672875][T22153] ? __hrtimer_init+0x134/0x260 [ 3247.672898][T22153] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3247.672919][T22153] ? vprintk_func+0x81/0x17e [ 3247.672957][T22153] ? hwsim_register_received_nl+0x400/0x400 [ 3247.672986][T22153] hwsim_new_radio_nl+0x905/0xf60 [ 3247.673008][T22153] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3247.673027][T22153] ? cap_capable+0x1eb/0x250 [ 3247.690338][T22022] Node 1 Normal: 3*4kB (UM) 85*8kB (UME) 183*16kB (UME) 101*32kB (UME) 45*64kB (UM) 26*128kB (U) 17*256kB (UE) 10*512kB (U) 13*1024kB (UME) 12*2048kB (UME) 901*4096kB (UM) = 3750916kB [ 3247.695198][T22153] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3247.695211][T22153] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3247.695236][T22153] genl_rcv_msg+0x627/0xdf0 [ 3247.724751][T22022] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 3247.726911][T22153] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3247.726960][T22153] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 3247.742794][T22022] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 3247.743102][T22153] netlink_rcv_skb+0x15a/0x410 [ 3247.755017][T22022] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 3247.758562][T22153] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3247.758588][T22153] ? netlink_ack+0xa80/0xa80 [ 3247.803637][T22022] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 3247.809593][T22153] genl_rcv+0x24/0x40 [ 3247.809612][T22153] netlink_unicast+0x537/0x740 [ 3247.830148][T22022] 48455 total pagecache pages [ 3247.838977][T22153] ? netlink_attachskb+0x810/0x810 [ 3247.838994][T22153] ? _copy_from_iter_full+0x25c/0x870 [ 3247.839012][T22153] ? __phys_addr_symbol+0x2c/0x70 [ 3247.839026][T22153] ? __check_object_size+0x171/0x437 [ 3247.839049][T22153] netlink_sendmsg+0x882/0xe10 [ 3247.839072][T22153] ? aa_af_perm+0x260/0x260 [ 3247.864634][T22022] 0 pages in swap cache [ 3247.867943][T22153] ? netlink_unicast+0x740/0x740 [ 3247.867975][T22153] ? netlink_unicast+0x740/0x740 [ 3247.882689][T22022] Swap cache stats: add 0, delete 0, find 0/0 [ 3247.883095][T22153] sock_sendmsg+0xcf/0x120 [ 3247.895419][T22022] Free swap = 0kB [ 3247.898117][T22153] ____sys_sendmsg+0x6b9/0x7d0 [ 3247.898137][T22153] ? kernel_sendmsg+0x50/0x50 [ 3247.898158][T22153] ? mark_lock+0xbc/0x1220 [ 3247.911704][T22022] Total swap = 0kB [ 3247.916644][T22153] ___sys_sendmsg+0x100/0x170 [ 3247.916666][T22153] ? sendmsg_copy_msghdr+0x70/0x70 [ 3247.936352][T22022] 1965979 pages RAM [ 3247.940256][T22153] ? __fget_files+0x329/0x4f0 [ 3247.940283][T22153] ? ksys_dup3+0x3c0/0x3c0 [ 3247.940296][T22153] ? lock_acquire+0x197/0x420 [ 3247.940311][T22153] ? __might_fault+0xef/0x1d0 [ 3247.940337][T22153] ? __fget_light+0x208/0x270 [ 3247.950342][T22022] 0 pages HighMem/MovableOnly [ 3247.953132][T22153] __sys_sendmsg+0xec/0x1b0 [ 3247.953151][T22153] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3247.953170][T22153] ? __x64_sys_futex+0x380/0x4f0 [ 3247.970336][T22022] 348234 pages reserved [ 3247.971173][T22153] ? trace_hardirqs_off_caller+0x55/0x230 [ 3247.980714][T22022] 0 pages cma reserved [ 3247.985143][T22153] ? do_syscall_64+0x21/0x7d0 [ 3247.985171][T22153] do_syscall_64+0xf6/0x7d0 [ 3248.027348][T22153] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3248.033244][T22153] RIP: 0033:0x45c849 [ 3248.037147][T22153] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3248.056754][T22153] RSP: 002b:00007fc08083cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3248.065169][T22153] RAX: ffffffffffffffda RBX: 00007fc08083d6d4 RCX: 000000000045c849 [ 3248.073145][T22153] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3248.081119][T22153] RBP: 000000000076bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 3248.089096][T22153] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3248.097105][T22153] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bfac 11:45:29 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e000024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:29 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000000040000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:45:29 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x27}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:29 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r3, &(0x7f0000000200)=""/202, 0xca, 0x2) 11:45:29 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:29 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f040024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3254.987642][T22171] netlink: 'syz-executor.0': attribute type 8 has an invalid length. [ 3254.996781][T22170] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:45:29 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000000050000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3255.033444][T22171] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3255.091808][T22171] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3255.091808][T22171] !' [ 3255.122187][T22171] CPU: 1 PID: 22171 Comm: syz-executor.0 Not tainted 5.6.0-rc6-syzkaller #0 [ 3255.130905][T22171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3255.140964][T22171] Call Trace: [ 3255.144264][T22171] dump_stack+0x188/0x20d [ 3255.148367][T22177] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3255.148605][T22171] sysfs_warn_dup.cold+0x1c/0x2d [ 3255.162211][T22171] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3255.168393][T22171] sysfs_create_link+0x61/0xc0 [ 3255.173167][T22171] device_add+0x71c/0x1bc0 [ 3255.177606][T22171] ? uevent_show+0x360/0x360 [ 3255.182213][T22171] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3255.188216][T22171] wiphy_register+0x1c46/0x2720 [ 3255.193089][T22171] ? wiphy_unregister+0xf90/0xf90 [ 3255.198132][T22171] ? __kmalloc+0x629/0x7a0 [ 3255.202555][T22171] ? ieee80211_register_hw+0xbea/0x3760 [ 3255.208223][T22171] ? ieee80211_cs_list_valid+0x198/0x280 [ 3255.213875][T22171] ieee80211_register_hw+0x141d/0x3760 [ 3255.219469][T22171] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3255.224947][T22171] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3255.230500][T22171] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3255.237010][T22171] ? memset+0x20/0x40 [ 3255.241005][T22171] ? __hrtimer_init+0x134/0x260 [ 3255.245872][T22171] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3255.251598][T22171] ? vprintk_func+0x81/0x17e [ 3255.256216][T22171] ? hwsim_register_received_nl+0x400/0x400 [ 3255.262120][T22171] ? __nla_validate_parse+0x156/0x1cd0 [ 3255.267600][T22171] hwsim_new_radio_nl+0x905/0xf60 [ 3255.272639][T22171] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3255.278537][T22171] ? cap_capable+0x1eb/0x250 [ 3255.283159][T22171] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3255.289492][T22171] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3255.295838][T22171] genl_rcv_msg+0x627/0xdf0 [ 3255.300361][T22171] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3255.306722][T22171] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 3255.311845][T22183] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3255.312548][T22171] netlink_rcv_skb+0x15a/0x410 [ 3255.312569][T22171] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3255.312588][T22171] ? netlink_ack+0xa80/0xa80 [ 3255.312623][T22171] genl_rcv+0x24/0x40 11:45:29 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f350024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:29 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000000060000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3255.340883][T22171] netlink_unicast+0x537/0x740 [ 3255.345669][T22171] ? netlink_attachskb+0x810/0x810 [ 3255.350788][T22171] ? _copy_from_iter_full+0x25c/0x870 [ 3255.356170][T22171] ? __phys_addr_symbol+0x2c/0x70 [ 3255.361207][T22171] ? __check_object_size+0x171/0x437 [ 3255.366512][T22171] netlink_sendmsg+0x882/0xe10 [ 3255.371297][T22171] ? aa_af_perm+0x260/0x260 [ 3255.375826][T22171] ? netlink_unicast+0x740/0x740 [ 3255.380792][T22171] ? netlink_unicast+0x740/0x740 [ 3255.385864][T22171] sock_sendmsg+0xcf/0x120 11:45:29 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000000070000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:45:29 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03000f000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3255.390299][T22171] ____sys_sendmsg+0x6b9/0x7d0 [ 3255.395081][T22171] ? kernel_sendmsg+0x50/0x50 [ 3255.399881][T22171] ? mark_lock+0xbc/0x1220 [ 3255.404346][T22171] ___sys_sendmsg+0x100/0x170 [ 3255.409042][T22171] ? sendmsg_copy_msghdr+0x70/0x70 [ 3255.414179][T22171] ? __fget_files+0x329/0x4f0 [ 3255.418898][T22171] ? ksys_dup3+0x3c0/0x3c0 [ 3255.423312][T22171] ? lock_acquire+0x197/0x420 [ 3255.428003][T22171] ? __might_fault+0xef/0x1d0 [ 3255.432706][T22171] ? __fget_light+0x208/0x270 [ 3255.437401][T22171] __sys_sendmsg+0xec/0x1b0 [ 3255.441915][T22171] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3255.446950][T22171] ? __x64_sys_futex+0x380/0x4f0 [ 3255.451913][T22171] ? trace_hardirqs_off_caller+0x55/0x230 [ 3255.457632][T22171] ? do_syscall_64+0x21/0x7d0 [ 3255.462317][T22171] do_syscall_64+0xf6/0x7d0 [ 3255.466845][T22171] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3255.472742][T22171] RIP: 0033:0x45c849 [ 3255.476652][T22171] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3255.496260][T22171] RSP: 002b:00007febc7569c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3255.504674][T22171] RAX: ffffffffffffffda RBX: 00007febc756a6d4 RCX: 000000000045c849 [ 3255.512651][T22171] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 3255.520629][T22171] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3255.528608][T22171] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3255.536587][T22171] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3255.542449][T22189] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:45:29 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000006000000000000000000000000000000a0000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3255.707266][T22195] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3255.777756][T22168] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3255.805095][T22168] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3255.856224][T22168] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3255.856224][T22168] !' [ 3255.920275][T22168] CPU: 1 PID: 22168 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3255.929003][T22168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3255.939051][T22168] Call Trace: [ 3255.942368][T22168] dump_stack+0x188/0x20d [ 3255.946720][T22168] sysfs_warn_dup.cold+0x1c/0x2d [ 3255.951763][T22168] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3255.957876][T22168] sysfs_create_link+0x61/0xc0 [ 3255.962657][T22168] device_add+0x71c/0x1bc0 [ 3255.967093][T22168] ? uevent_show+0x360/0x360 [ 3255.971718][T22168] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3255.977733][T22168] wiphy_register+0x1c46/0x2720 [ 3255.982621][T22168] ? wiphy_unregister+0xf90/0xf90 [ 3255.987661][T22168] ? __kmalloc+0x629/0x7a0 [ 3255.992088][T22168] ? ieee80211_register_hw+0xbea/0x3760 [ 3255.997651][T22168] ? ieee80211_cs_list_valid+0x198/0x280 [ 3256.003304][T22168] ieee80211_register_hw+0x141d/0x3760 [ 3256.008799][T22168] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3256.014278][T22168] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3256.019840][T22168] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3256.025837][T22168] ? memset+0x20/0x40 [ 3256.029837][T22168] ? __hrtimer_init+0x134/0x260 [ 3256.034707][T22168] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3256.040485][T22168] ? vprintk_func+0x81/0x17e [ 3256.045113][T22168] ? hwsim_register_received_nl+0x400/0x400 [ 3256.051052][T22168] hwsim_new_radio_nl+0x905/0xf60 [ 3256.056103][T22168] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3256.062006][T22168] ? cap_capable+0x1eb/0x250 [ 3256.066627][T22168] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3256.072967][T22168] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3256.079319][T22168] genl_rcv_msg+0x627/0xdf0 [ 3256.083854][T22168] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3256.090191][T22168] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3256.095489][T22168] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3256.101001][T22168] netlink_rcv_skb+0x15a/0x410 [ 3256.105781][T22168] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3256.112124][T22168] ? netlink_ack+0xa80/0xa80 [ 3256.116752][T22168] genl_rcv+0x24/0x40 [ 3256.120745][T22168] netlink_unicast+0x537/0x740 [ 3256.125531][T22168] ? netlink_attachskb+0x810/0x810 [ 3256.130654][T22168] ? _copy_from_iter_full+0x25c/0x870 [ 3256.136036][T22168] ? __phys_addr_symbol+0x2c/0x70 [ 3256.141075][T22168] ? __check_object_size+0x171/0x437 [ 3256.146379][T22168] netlink_sendmsg+0x882/0xe10 [ 3256.151165][T22168] ? aa_af_perm+0x260/0x260 [ 3256.155676][T22168] ? netlink_unicast+0x740/0x740 [ 3256.160640][T22168] ? netlink_unicast+0x740/0x740 [ 3256.165587][T22168] sock_sendmsg+0xcf/0x120 [ 3256.170021][T22168] ____sys_sendmsg+0x6b9/0x7d0 [ 3256.174808][T22168] ? kernel_sendmsg+0x50/0x50 [ 3256.179508][T22168] ? mark_lock+0xbc/0x1220 [ 3256.183957][T22168] ___sys_sendmsg+0x100/0x170 [ 3256.188659][T22168] ? sendmsg_copy_msghdr+0x70/0x70 [ 3256.193801][T22168] ? __fget_files+0x329/0x4f0 [ 3256.198504][T22168] ? ksys_dup3+0x3c0/0x3c0 [ 3256.202934][T22168] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3256.208664][T22168] ? retint_kernel+0x2b/0x2b [ 3256.213283][T22168] ? __fget_light+0x208/0x270 [ 3256.218121][T22168] __sys_sendmsg+0xec/0x1b0 [ 3256.222644][T22168] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3256.227708][T22168] ? trace_hardirqs_off_caller+0x55/0x230 [ 3256.233444][T22168] ? do_syscall_64+0x21/0x7d0 [ 3256.238135][T22168] do_syscall_64+0xf6/0x7d0 [ 3256.242657][T22168] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3256.248557][T22168] RIP: 0033:0x45c849 [ 3256.252462][T22168] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3256.272072][T22168] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3256.280495][T22168] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3256.288476][T22168] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3256.296458][T22168] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3256.304436][T22168] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3256.312413][T22168] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:45:38 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="0040030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:38 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030224000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:38 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000000180000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:45:38 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="0f00000024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:38 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x27}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:38 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r3, &(0x7f0000000200)=""/202, 0xca, 0x60) [ 3264.354633][T22314] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3264.364317][T22315] netlink: 'syz-executor.1': attribute type 8 has an invalid length. 11:45:38 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:38 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030a24000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3264.413713][T22315] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. 11:45:38 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000000200000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3264.515025][T22315] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3264.515025][T22315] !' [ 3264.562724][T22328] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3264.577197][T22315] CPU: 1 PID: 22315 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3264.585915][T22315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3264.596097][T22315] Call Trace: [ 3264.599405][T22315] dump_stack+0x188/0x20d [ 3264.603766][T22315] sysfs_warn_dup.cold+0x1c/0x2d [ 3264.608726][T22315] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3264.614813][T22315] sysfs_create_link+0x61/0xc0 [ 3264.619601][T22315] device_add+0x71c/0x1bc0 [ 3264.624040][T22315] ? uevent_show+0x360/0x360 [ 3264.628652][T22315] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3264.634651][T22315] wiphy_register+0x1c46/0x2720 [ 3264.639534][T22315] ? wiphy_unregister+0xf90/0xf90 [ 3264.644572][T22315] ? retint_kernel+0x2b/0x2b [ 3264.649196][T22315] ? ieee80211_register_hw+0x13b6/0x3760 [ 3264.654855][T22315] ieee80211_register_hw+0x141d/0x3760 [ 3264.660352][T22315] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3264.665829][T22315] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3264.671385][T22315] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3264.677383][T22315] ? memset+0x20/0x40 [ 3264.681376][T22315] ? __hrtimer_init+0x134/0x260 [ 3264.686248][T22315] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3264.691979][T22315] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3264.697307][T22315] ? hwsim_register_received_nl+0x400/0x400 [ 3264.703221][T22315] ? hwsim_new_radio_nl+0x211/0xf60 [ 3264.708438][T22315] hwsim_new_radio_nl+0x905/0xf60 [ 3264.713480][T22315] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3264.719480][T22315] ? cap_capable+0x1eb/0x250 [ 3264.724096][T22315] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3264.730471][T22315] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3264.736823][T22315] genl_rcv_msg+0x627/0xdf0 [ 3264.741365][T22315] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3264.747699][T22315] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3264.752997][T22315] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3264.758515][T22315] netlink_rcv_skb+0x15a/0x410 [ 3264.763293][T22315] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3264.769630][T22315] ? netlink_ack+0xa80/0xa80 [ 3264.774254][T22315] genl_rcv+0x24/0x40 [ 3264.778247][T22315] netlink_unicast+0x537/0x740 [ 3264.783029][T22315] ? netlink_attachskb+0x810/0x810 [ 3264.788153][T22315] ? _copy_from_iter_full+0x25c/0x870 [ 3264.793548][T22315] netlink_sendmsg+0x882/0xe10 [ 3264.798327][T22315] ? aa_af_perm+0x260/0x260 [ 3264.802878][T22315] ? netlink_unicast+0x740/0x740 [ 3264.807846][T22315] ? netlink_unicast+0x740/0x740 [ 3264.812798][T22315] sock_sendmsg+0xcf/0x120 [ 3264.817229][T22315] ____sys_sendmsg+0x6b9/0x7d0 [ 3264.822008][T22315] ? kernel_sendmsg+0x50/0x50 [ 3264.826703][T22315] ? mark_lock+0xbc/0x1220 [ 3264.831149][T22315] ___sys_sendmsg+0x100/0x170 [ 3264.835844][T22315] ? sendmsg_copy_msghdr+0x70/0x70 [ 3264.840982][T22315] ? __fget_files+0x329/0x4f0 [ 3264.845681][T22315] ? ksys_dup3+0x3c0/0x3c0 [ 3264.850104][T22315] ? lock_acquire+0x197/0x420 [ 3264.854792][T22315] ? __might_fault+0xef/0x1d0 [ 3264.859496][T22315] ? __fget_light+0x208/0x270 [ 3264.864196][T22315] __sys_sendmsg+0xec/0x1b0 [ 3264.868714][T22315] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3264.873776][T22315] ? do_syscall_64+0x4f/0x7d0 [ 3264.878470][T22315] do_syscall_64+0xf6/0x7d0 [ 3264.882995][T22315] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3264.888889][T22315] RIP: 0033:0x45c849 [ 3264.892790][T22315] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 11:45:39 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030e24000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:39 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f036024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:39 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030035000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3264.912396][T22315] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3264.920812][T22315] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3264.928789][T22315] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3264.936764][T22315] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3264.944739][T22315] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3264.952711][T22315] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:45:47 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="2040032024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:47 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000006000000000000000000000000000003f0000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:45:47 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x27}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:47 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e000024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:47 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:47 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r3, &(0x7f0000000200)=""/202, 0xca, 0x2000) [ 3273.681975][T22454] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3273.683924][T22460] netlink: 3740 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3273.755115][T22460] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3273.755115][T22460] !' [ 3273.805691][T22460] CPU: 0 PID: 22460 Comm: syz-executor.0 Not tainted 5.6.0-rc6-syzkaller #0 [ 3273.814431][T22460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3273.824501][T22460] Call Trace: [ 3273.827862][T22460] dump_stack+0x188/0x20d [ 3273.832218][T22460] sysfs_warn_dup.cold+0x1c/0x2d [ 3273.837159][T22460] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3273.843241][T22460] sysfs_create_link+0x61/0xc0 [ 3273.848033][T22460] device_add+0x71c/0x1bc0 11:45:48 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030040000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3273.852473][T22460] ? uevent_show+0x360/0x360 [ 3273.857086][T22460] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3273.863092][T22460] wiphy_register+0x1c46/0x2720 [ 3273.867978][T22460] ? wiphy_unregister+0xf90/0xf90 [ 3273.873013][T22460] ? __kmalloc+0x629/0x7a0 [ 3273.877438][T22460] ? ieee80211_register_hw+0xbea/0x3760 [ 3273.883030][T22460] ? ieee80211_cs_list_valid+0x198/0x280 [ 3273.888679][T22460] ieee80211_register_hw+0x141d/0x3760 [ 3273.894171][T22460] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3273.899654][T22460] ? rcu_read_lock_sched_held+0x9c/0xd0 11:45:48 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000000400000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:45:48 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03000f000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3273.905209][T22460] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3273.911204][T22460] ? memset+0x20/0x40 [ 3273.915192][T22460] ? __hrtimer_init+0x134/0x260 [ 3273.920062][T22460] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3273.925806][T22460] ? vprintk_func+0x81/0x17e [ 3273.930423][T22460] ? hwsim_register_received_nl+0x400/0x400 [ 3273.936342][T22460] hwsim_new_radio_nl+0x905/0xf60 [ 3273.941387][T22460] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3273.947292][T22460] ? cap_capable+0x1eb/0x250 [ 3273.951913][T22460] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3273.958253][T22460] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3273.964610][T22460] genl_rcv_msg+0x627/0xdf0 [ 3273.969141][T22460] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3273.975506][T22460] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 3273.981334][T22460] netlink_rcv_skb+0x15a/0x410 [ 3273.986116][T22460] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3273.990802][T22474] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3273.992454][T22460] ? netlink_ack+0xa80/0xa80 11:45:48 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030035000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:48 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000000480000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3273.992493][T22460] genl_rcv+0x24/0x40 [ 3274.009707][T22460] netlink_unicast+0x537/0x740 [ 3274.014492][T22460] ? netlink_attachskb+0x810/0x810 [ 3274.019608][T22460] ? _copy_from_iter_full+0x25c/0x870 [ 3274.024992][T22460] ? __phys_addr_symbol+0x2c/0x70 [ 3274.030022][T22460] ? __check_object_size+0x171/0x437 [ 3274.035322][T22460] netlink_sendmsg+0x882/0xe10 [ 3274.040100][T22460] ? aa_af_perm+0x260/0x260 [ 3274.044611][T22460] ? netlink_unicast+0x740/0x740 [ 3274.049573][T22460] ? netlink_unicast+0x740/0x740 [ 3274.054523][T22460] sock_sendmsg+0xcf/0x120 [ 3274.058954][T22460] ____sys_sendmsg+0x6b9/0x7d0 [ 3274.063731][T22460] ? kernel_sendmsg+0x50/0x50 [ 3274.068431][T22460] ? mark_lock+0xbc/0x1220 [ 3274.072874][T22460] ___sys_sendmsg+0x100/0x170 [ 3274.077560][T22460] ? sendmsg_copy_msghdr+0x70/0x70 [ 3274.082707][T22460] ? __fget_files+0x329/0x4f0 [ 3274.087417][T22460] ? ksys_dup3+0x3c0/0x3c0 [ 3274.091845][T22460] ? lock_acquire+0x197/0x420 [ 3274.096538][T22460] ? __might_fault+0xef/0x1d0 [ 3274.101242][T22460] ? __fget_light+0x208/0x270 [ 3274.105937][T22460] __sys_sendmsg+0xec/0x1b0 [ 3274.110445][T22460] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3274.115482][T22460] ? __x64_sys_futex+0x380/0x4f0 [ 3274.118405][T22480] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3274.120445][T22460] ? trace_hardirqs_off_caller+0x55/0x230 [ 3274.120467][T22460] ? do_syscall_64+0x21/0x7d0 [ 3274.120491][T22460] do_syscall_64+0xf6/0x7d0 [ 3274.144034][T22460] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3274.149929][T22460] RIP: 0033:0x45c849 11:45:48 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000006000000000000000000000000000004c0000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3274.153833][T22460] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3274.173439][T22460] RSP: 002b:00007febc7569c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3274.181861][T22460] RAX: ffffffffffffffda RBX: 00007febc756a6d4 RCX: 000000000045c849 [ 3274.189839][T22460] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 3274.197995][T22460] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3274.205972][T22460] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3274.213951][T22460] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3274.286618][T22486] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3274.387101][T22458] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3274.424288][T22458] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3274.490737][T22458] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3274.490737][T22458] !' [ 3274.506565][T22458] CPU: 0 PID: 22458 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3274.515272][T22458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3274.525333][T22458] Call Trace: [ 3274.528641][T22458] dump_stack+0x188/0x20d [ 3274.532994][T22458] sysfs_warn_dup.cold+0x1c/0x2d [ 3274.537947][T22458] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3274.544030][T22458] sysfs_create_link+0x61/0xc0 [ 3274.548801][T22458] device_add+0x71c/0x1bc0 [ 3274.553269][T22458] ? uevent_show+0x360/0x360 [ 3274.557878][T22458] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3274.563884][T22458] wiphy_register+0x1c46/0x2720 [ 3274.568765][T22458] ? wiphy_unregister+0xf90/0xf90 [ 3274.573805][T22458] ? __kmalloc+0x629/0x7a0 [ 3274.578244][T22458] ? ieee80211_register_hw+0xbea/0x3760 [ 3274.583822][T22458] ? ieee80211_cs_list_valid+0x198/0x280 [ 3274.589472][T22458] ieee80211_register_hw+0x141d/0x3760 [ 3274.594957][T22458] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3274.600431][T22458] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3274.605991][T22458] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3274.611982][T22458] ? memset+0x20/0x40 [ 3274.615976][T22458] ? __hrtimer_init+0x134/0x260 [ 3274.620960][T22458] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3274.626742][T22458] ? hwsim_register_received_nl+0x400/0x400 [ 3274.632669][T22458] hwsim_new_radio_nl+0x905/0xf60 [ 3274.637704][T22458] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3274.643005][T22458] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3274.648942][T22458] genl_rcv_msg+0x627/0xdf0 [ 3274.653469][T22458] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3274.659803][T22458] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3274.665276][T22458] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3274.671022][T22458] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3274.677370][T22458] netlink_rcv_skb+0x15a/0x410 [ 3274.682151][T22458] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3274.688496][T22458] ? netlink_ack+0xa80/0xa80 [ 3274.693119][T22458] genl_rcv+0x24/0x40 [ 3274.697113][T22458] netlink_unicast+0x537/0x740 [ 3274.701897][T22458] ? netlink_attachskb+0x810/0x810 [ 3274.707020][T22458] ? _copy_from_iter_full+0x25c/0x870 [ 3274.712405][T22458] ? __phys_addr_symbol+0x2c/0x70 [ 3274.717438][T22458] ? __check_object_size+0x171/0x437 [ 3274.722743][T22458] netlink_sendmsg+0x882/0xe10 [ 3274.727521][T22458] ? aa_af_perm+0x260/0x260 [ 3274.732028][T22458] ? netlink_unicast+0x740/0x740 [ 3274.736986][T22458] ? netlink_unicast+0x740/0x740 [ 3274.742046][T22458] sock_sendmsg+0xcf/0x120 [ 3274.746483][T22458] ____sys_sendmsg+0x6b9/0x7d0 [ 3274.751263][T22458] ? kernel_sendmsg+0x50/0x50 [ 3274.755977][T22458] ___sys_sendmsg+0x100/0x170 [ 3274.760679][T22458] ? sendmsg_copy_msghdr+0x70/0x70 [ 3274.765820][T22458] ? __fget_files+0x329/0x4f0 [ 3274.770525][T22458] ? ksys_dup3+0x3c0/0x3c0 [ 3274.774950][T22458] ? lock_acquire+0x197/0x420 [ 3274.779657][T22458] ? __might_fault+0xef/0x1d0 [ 3274.784354][T22458] ? __fget_light+0x208/0x270 [ 3274.789056][T22458] __sys_sendmsg+0xec/0x1b0 [ 3274.793569][T22458] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3274.798629][T22458] ? do_syscall_64+0x4f/0x7d0 [ 3274.803324][T22458] do_syscall_64+0xf6/0x7d0 [ 3274.807852][T22458] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3274.813872][T22458] RIP: 0033:0x45c849 [ 3274.817779][T22458] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3274.837389][T22458] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3274.845811][T22458] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3274.853790][T22458] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3274.861765][T22458] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3274.869737][T22458] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3274.877721][T22458] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:45:57 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="00f0ff7f24000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:57 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024020705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:57 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000000600000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:45:57 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="0040030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:57 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x27}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:45:57 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r3, &(0x7f0000000200)=""/202, 0xca, 0x6000) [ 3283.030309][T22596] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:45:57 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000000680000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:45:57 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="2040032024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3283.112041][T22602] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3283.140547][T22602] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. 11:45:57 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f0300240a0705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3283.258781][T22602] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3283.258781][T22602] !' [ 3283.266757][T22614] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:45:57 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="00f0ff7f24000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3283.317828][T22602] CPU: 0 PID: 22602 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3283.326546][T22602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3283.336610][T22602] Call Trace: [ 3283.339923][T22602] dump_stack+0x188/0x20d [ 3283.344278][T22602] sysfs_warn_dup.cold+0x1c/0x2d [ 3283.349230][T22602] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3283.355316][T22602] sysfs_create_link+0x61/0xc0 [ 3283.360100][T22602] device_add+0x71c/0x1bc0 11:45:57 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000006000000000000000000000000000006c0000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3283.364538][T22602] ? __sanitizer_cov_trace_switch+0x37/0x70 [ 3283.370445][T22602] ? uevent_show+0x360/0x360 [ 3283.375077][T22602] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3283.381086][T22602] wiphy_register+0x1c46/0x2720 [ 3283.385969][T22602] ? wiphy_unregister+0xf90/0xf90 [ 3283.391003][T22602] ? retint_kernel+0x2b/0x2b [ 3283.395623][T22602] ? ieee80211_cs_list_valid+0x198/0x280 [ 3283.401274][T22602] ieee80211_register_hw+0x141d/0x3760 [ 3283.406747][T22602] ? calibrate_delay.cold+0x3db/0x3f6 [ 3283.412180][T22602] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3283.417649][T22602] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3283.423397][T22602] ? __hrtimer_init+0x134/0x260 [ 3283.428270][T22602] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3283.434001][T22602] ? _raw_spin_unlock_irq+0x1f/0x80 [ 3283.435046][T22623] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3283.439224][T22602] ? hwsim_register_received_nl+0x400/0x400 [ 3283.439255][T22602] hwsim_new_radio_nl+0x905/0xf60 [ 3283.458809][T22602] ? lockdep_hardirqs_on+0x417/0x5d0 11:45:57 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e002030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3283.464114][T22602] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3283.470017][T22602] ? preempt_schedule_irq+0xee/0x150 [ 3283.475344][T22602] genl_rcv_msg+0x627/0xdf0 [ 3283.479873][T22602] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3283.486222][T22602] ? retint_kernel+0x2b/0x2b [ 3283.490850][T22602] netlink_rcv_skb+0x15a/0x410 [ 3283.495631][T22602] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3283.501974][T22602] ? netlink_ack+0xa80/0xa80 [ 3283.506599][T22602] genl_rcv+0x24/0x40 [ 3283.510587][T22602] netlink_unicast+0x537/0x740 [ 3283.515370][T22602] ? netlink_attachskb+0x810/0x810 [ 3283.520495][T22602] ? _copy_from_iter_full+0x25c/0x870 [ 3283.525885][T22602] ? __phys_addr_symbol+0x2c/0x70 [ 3283.530918][T22602] ? __check_object_size+0x171/0x437 [ 3283.536235][T22602] netlink_sendmsg+0x882/0xe10 [ 3283.541026][T22602] ? aa_af_perm+0x260/0x260 [ 3283.545553][T22602] ? netlink_unicast+0x740/0x740 [ 3283.550513][T22602] ? netlink_unicast+0x740/0x740 [ 3283.555479][T22602] sock_sendmsg+0xcf/0x120 [ 3283.559912][T22602] ____sys_sendmsg+0x6b9/0x7d0 [ 3283.564691][T22602] ? retint_kernel+0x2b/0x2b [ 3283.569433][T22602] ? kernel_sendmsg+0x50/0x50 [ 3283.574129][T22602] ? sendmsg_copy_msghdr+0x3f/0x70 [ 3283.579251][T22602] ? __sanitizer_cov_trace_pc+0x44/0x50 [ 3283.584812][T22602] ___sys_sendmsg+0x100/0x170 [ 3283.589506][T22602] ? sendmsg_copy_msghdr+0x70/0x70 [ 3283.594654][T22602] ? __fget_files+0x329/0x4f0 [ 3283.599358][T22602] ? ksys_dup3+0x3c0/0x3c0 [ 3283.603789][T22602] ? lock_acquire+0x197/0x420 [ 3283.608486][T22602] ? __might_fault+0xef/0x1d0 [ 3283.613189][T22602] ? __fget_light+0x208/0x270 [ 3283.617896][T22602] __sys_sendmsg+0xec/0x1b0 [ 3283.622423][T22602] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3283.627612][T22602] ? trace_hardirqs_off_caller+0x55/0x230 [ 3283.633452][T22602] ? do_syscall_64+0x21/0x7d0 [ 3283.638145][T22602] do_syscall_64+0xf6/0x7d0 [ 3283.642674][T22602] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3283.648575][T22602] RIP: 0033:0x45c849 [ 3283.652480][T22602] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3283.672212][T22602] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3283.680641][T22602] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3283.688628][T22602] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3283.696614][T22602] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3283.704596][T22602] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3283.712577][T22602] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3283.771408][T22625] netlink: 'syz-executor.0': attribute type 8 has an invalid length. [ 3283.779639][T22625] netlink: 169904 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3283.849273][T22625] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3283.849273][T22625] !' [ 3283.911542][T22625] CPU: 0 PID: 22625 Comm: syz-executor.0 Not tainted 5.6.0-rc6-syzkaller #0 [ 3283.920267][T22625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3283.930330][T22625] Call Trace: [ 3283.933641][T22625] dump_stack+0x188/0x20d [ 3283.937996][T22625] sysfs_warn_dup.cold+0x1c/0x2d [ 3283.942953][T22625] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3283.949035][T22625] sysfs_create_link+0x61/0xc0 [ 3283.953807][T22625] device_add+0x71c/0x1bc0 [ 3283.958238][T22625] ? uevent_show+0x360/0x360 [ 3283.962835][T22625] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3283.968832][T22625] wiphy_register+0x1c46/0x2720 [ 3283.973708][T22625] ? wiphy_unregister+0xf90/0xf90 [ 3283.978748][T22625] ? __kmalloc+0x629/0x7a0 [ 3283.983174][T22625] ? ieee80211_register_hw+0xbea/0x3760 [ 3283.988731][T22625] ? ieee80211_cs_list_valid+0x198/0x280 [ 3283.994376][T22625] ieee80211_register_hw+0x141d/0x3760 [ 3283.999867][T22625] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3284.005343][T22625] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3284.010897][T22625] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3284.016890][T22625] ? memset+0x20/0x40 [ 3284.020880][T22625] ? __hrtimer_init+0x134/0x260 [ 3284.025744][T22625] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3284.031472][T22625] ? vprintk_func+0x81/0x17e [ 3284.036094][T22625] ? hwsim_register_received_nl+0x400/0x400 [ 3284.042009][T22625] hwsim_new_radio_nl+0x905/0xf60 [ 3284.047051][T22625] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3284.052951][T22625] ? cap_capable+0x1eb/0x250 [ 3284.057569][T22625] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3284.063900][T22625] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3284.070250][T22625] genl_rcv_msg+0x627/0xdf0 [ 3284.074782][T22625] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3284.081249][T22625] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 3284.087080][T22625] netlink_rcv_skb+0x15a/0x410 [ 3284.091866][T22625] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3284.098208][T22625] ? netlink_ack+0xa80/0xa80 [ 3284.102838][T22625] genl_rcv+0x24/0x40 [ 3284.106831][T22625] netlink_unicast+0x537/0x740 [ 3284.111617][T22625] ? netlink_attachskb+0x810/0x810 [ 3284.116734][T22625] ? _copy_from_iter_full+0x25c/0x870 [ 3284.122116][T22625] ? __phys_addr_symbol+0x2c/0x70 [ 3284.127149][T22625] ? __check_object_size+0x171/0x437 [ 3284.132454][T22625] netlink_sendmsg+0x882/0xe10 [ 3284.137233][T22625] ? aa_af_perm+0x260/0x260 [ 3284.141745][T22625] ? netlink_unicast+0x740/0x740 [ 3284.146709][T22625] ? netlink_unicast+0x740/0x740 [ 3284.151654][T22625] sock_sendmsg+0xcf/0x120 [ 3284.156086][T22625] ____sys_sendmsg+0x6b9/0x7d0 [ 3284.160873][T22625] ? kernel_sendmsg+0x50/0x50 [ 3284.165567][T22625] ? mark_lock+0xbc/0x1220 [ 3284.170011][T22625] ___sys_sendmsg+0x100/0x170 [ 3284.174719][T22625] ? sendmsg_copy_msghdr+0x70/0x70 [ 3284.179882][T22625] ? __fget_files+0x329/0x4f0 [ 3284.184592][T22625] ? ksys_dup3+0x3c0/0x3c0 [ 3284.189014][T22625] ? lock_acquire+0x197/0x420 [ 3284.193697][T22625] ? __might_fault+0xef/0x1d0 [ 3284.198398][T22625] ? __fget_light+0x208/0x270 [ 3284.203091][T22625] __sys_sendmsg+0xec/0x1b0 [ 3284.207620][T22625] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3284.212662][T22625] ? __x64_sys_futex+0x380/0x4f0 [ 3284.217629][T22625] ? trace_hardirqs_off_caller+0x55/0x230 [ 3284.223451][T22625] ? do_syscall_64+0x21/0x7d0 [ 3284.228172][T22625] do_syscall_64+0xf6/0x7d0 [ 3284.232695][T22625] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3284.238591][T22625] RIP: 0033:0x45c849 [ 3284.242487][T22625] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3284.262098][T22625] RSP: 002b:00007febc7569c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3284.270520][T22625] RAX: ffffffffffffffda RBX: 00007febc756a6d4 RCX: 000000000045c849 [ 3284.278500][T22625] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 3284.286479][T22625] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3284.294459][T22625] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3284.302437][T22625] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:46:04 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e002030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:04 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000000000740000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:46:04 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f0300240e0705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:04 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x27}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:04 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e024030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:04 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r3, &(0x7f0000000200)=""/202, 0xca, 0x1000000) 11:46:04 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024600705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3290.406490][T22746] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3290.443700][T22755] netlink: 'syz-executor.0': attribute type 8 has an invalid length. 11:46:04 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000006000000000000000000000000000007a0000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3290.488648][T22755] netlink: 178608 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3290.551444][T22755] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3290.551444][T22755] !' [ 3290.598663][T22755] CPU: 1 PID: 22755 Comm: syz-executor.0 Not tainted 5.6.0-rc6-syzkaller #0 [ 3290.607390][T22755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3290.607923][T22763] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3290.617445][T22755] Call Trace: [ 3290.617472][T22755] dump_stack+0x188/0x20d [ 3290.617500][T22755] sysfs_warn_dup.cold+0x1c/0x2d [ 3290.617520][T22755] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3290.617539][T22755] sysfs_create_link+0x61/0xc0 [ 3290.617558][T22755] device_add+0x71c/0x1bc0 [ 3290.617585][T22755] ? uevent_show+0x360/0x360 [ 3290.617606][T22755] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3290.617631][T22755] wiphy_register+0x1c46/0x2720 [ 3290.669666][T22755] ? wiphy_unregister+0xf90/0xf90 [ 3290.674710][T22755] ? __kmalloc+0x629/0x7a0 [ 3290.679142][T22755] ? ieee80211_register_hw+0xbea/0x3760 [ 3290.684710][T22755] ? ieee80211_cs_list_valid+0x198/0x280 [ 3290.690362][T22755] ieee80211_register_hw+0x141d/0x3760 11:46:05 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0000000000000000000000000060000000000000000000000007fffffe0000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3290.695852][T22755] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3290.701331][T22755] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3290.706888][T22755] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3290.712885][T22755] ? memset+0x20/0x40 [ 3290.716879][T22755] ? __hrtimer_init+0x134/0x260 [ 3290.721753][T22755] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3290.727476][T22755] ? vprintk_func+0x81/0x17e [ 3290.732096][T22755] ? hwsim_register_received_nl+0x400/0x400 [ 3290.738017][T22755] hwsim_new_radio_nl+0x905/0xf60 [ 3290.743064][T22755] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3290.748973][T22755] ? cap_capable+0x1eb/0x250 [ 3290.753622][T22755] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3290.760129][T22755] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3290.766477][T22755] genl_rcv_msg+0x627/0xdf0 [ 3290.771005][T22755] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3290.777371][T22755] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 3290.783205][T22755] netlink_rcv_skb+0x15a/0x410 [ 3290.787990][T22755] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3290.794334][T22755] ? netlink_ack+0xa80/0xa80 [ 3290.797332][T22765] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3290.798973][T22755] genl_rcv+0x24/0x40 [ 3290.798990][T22755] netlink_unicast+0x537/0x740 [ 3290.799020][T22755] ? netlink_attachskb+0x810/0x810 [ 3290.821508][T22755] ? _copy_from_iter_full+0x25c/0x870 [ 3290.826890][T22755] ? __phys_addr_symbol+0x2c/0x70 [ 3290.832012][T22755] ? __check_object_size+0x171/0x437 [ 3290.837319][T22755] netlink_sendmsg+0x882/0xe10 [ 3290.842104][T22755] ? aa_af_perm+0x260/0x260 [ 3290.846617][T22755] ? netlink_unicast+0x740/0x740 [ 3290.851582][T22755] ? netlink_unicast+0x740/0x740 [ 3290.856533][T22755] sock_sendmsg+0xcf/0x120 [ 3290.860961][T22755] ____sys_sendmsg+0x6b9/0x7d0 [ 3290.865769][T22755] ? kernel_sendmsg+0x50/0x50 [ 3290.870461][T22755] ? mark_lock+0xbc/0x1220 [ 3290.874914][T22755] ___sys_sendmsg+0x100/0x170 [ 3290.879610][T22755] ? sendmsg_copy_msghdr+0x70/0x70 [ 3290.884754][T22755] ? __fget_files+0x329/0x4f0 [ 3290.889451][T22755] ? ksys_dup3+0x3c0/0x3c0 [ 3290.893870][T22755] ? lock_acquire+0x197/0x420 11:46:05 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000ffffffff0000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3290.898554][T22755] ? __might_fault+0xef/0x1d0 [ 3290.903257][T22755] ? __fget_light+0x208/0x270 [ 3290.907959][T22755] __sys_sendmsg+0xec/0x1b0 [ 3290.912471][T22755] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3290.917508][T22755] ? __x64_sys_futex+0x380/0x4f0 [ 3290.922474][T22755] ? trace_hardirqs_off_caller+0x55/0x230 [ 3290.928208][T22755] ? do_syscall_64+0x21/0x7d0 [ 3290.932909][T22755] do_syscall_64+0xf6/0x7d0 [ 3290.937428][T22755] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3290.943321][T22755] RIP: 0033:0x45c849 [ 3290.947224][T22755] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3290.966836][T22755] RSP: 002b:00007febc7569c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3290.975255][T22755] RAX: ffffffffffffffda RBX: 00007febc756a6d4 RCX: 000000000045c849 [ 3290.983235][T22755] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 3290.991211][T22755] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 11:46:05 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024003505d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3290.999188][T22755] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3291.006106][T22772] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3291.007158][T22755] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:46:05 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e05a030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3291.043352][T22756] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3291.096346][T22756] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3291.188863][T22756] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3291.188863][T22756] !' [ 3291.235014][T22756] CPU: 0 PID: 22756 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3291.243747][T22756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3291.253812][T22756] Call Trace: [ 3291.257115][T22756] dump_stack+0x188/0x20d [ 3291.261468][T22756] sysfs_warn_dup.cold+0x1c/0x2d [ 3291.266422][T22756] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3291.272495][T22756] sysfs_create_link+0x61/0xc0 [ 3291.277259][T22756] device_add+0x71c/0x1bc0 [ 3291.281689][T22756] ? retint_kernel+0x2b/0x2b [ 3291.286294][T22756] ? uevent_show+0x360/0x360 [ 3291.290907][T22756] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3291.296914][T22756] wiphy_register+0x1c46/0x2720 [ 3291.301801][T22756] ? wiphy_unregister+0xf90/0xf90 [ 3291.306837][T22756] ? retint_kernel+0x2b/0x2b [ 3291.311460][T22756] ? ieee80211_register_hw+0x1226/0x3760 [ 3291.317113][T22756] ieee80211_register_hw+0x141d/0x3760 [ 3291.322585][T22756] ? lockdep_hardirqs_on+0x321/0x5d0 [ 3291.327882][T22756] ? calibrate_delay.cold+0x3db/0x3f6 [ 3291.333272][T22756] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3291.338750][T22756] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3291.344304][T22756] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3291.350293][T22756] ? memset+0x20/0x40 [ 3291.354284][T22756] ? __hrtimer_init+0x134/0x260 [ 3291.359145][T22756] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3291.364876][T22756] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3291.370199][T22756] ? hwsim_register_received_nl+0x400/0x400 [ 3291.376127][T22756] hwsim_new_radio_nl+0x905/0xf60 [ 3291.381174][T22756] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3291.387075][T22756] ? cap_capable+0x1eb/0x250 [ 3291.391713][T22756] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3291.398046][T22756] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3291.404392][T22756] genl_rcv_msg+0x627/0xdf0 [ 3291.408915][T22756] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3291.415257][T22756] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3291.420690][T22756] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3291.426198][T22756] netlink_rcv_skb+0x15a/0x410 [ 3291.430976][T22756] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3291.437320][T22756] ? netlink_ack+0xa80/0xa80 [ 3291.441942][T22756] genl_rcv+0x24/0x40 [ 3291.445931][T22756] netlink_unicast+0x537/0x740 [ 3291.450710][T22756] ? netlink_attachskb+0x810/0x810 [ 3291.455827][T22756] ? _copy_from_iter_full+0x25c/0x870 [ 3291.461210][T22756] ? __phys_addr_symbol+0x2c/0x70 [ 3291.466238][T22756] ? __check_object_size+0x171/0x437 [ 3291.471539][T22756] netlink_sendmsg+0x882/0xe10 [ 3291.476318][T22756] ? aa_af_perm+0x260/0x260 [ 3291.480827][T22756] ? netlink_unicast+0x740/0x740 [ 3291.485781][T22756] ? netlink_unicast+0x740/0x740 [ 3291.490726][T22756] sock_sendmsg+0xcf/0x120 [ 3291.495258][T22756] ____sys_sendmsg+0x6b9/0x7d0 [ 3291.500040][T22756] ? kernel_sendmsg+0x50/0x50 [ 3291.504729][T22756] ? mark_lock+0xbc/0x1220 [ 3291.509166][T22756] ___sys_sendmsg+0x100/0x170 [ 3291.513865][T22756] ? sendmsg_copy_msghdr+0x70/0x70 [ 3291.518997][T22756] ? __fget_files+0x329/0x4f0 [ 3291.523689][T22756] ? ksys_dup3+0x3c0/0x3c0 [ 3291.528108][T22756] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3291.533831][T22756] ? retint_kernel+0x2b/0x2b [ 3291.538432][T22756] ? __fget_light+0x208/0x270 [ 3291.543128][T22756] __sys_sendmsg+0xec/0x1b0 [ 3291.547637][T22756] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3291.552665][T22756] ? __x64_sys_futex+0x380/0x4f0 [ 3291.557631][T22756] ? trace_hardirqs_off_caller+0x55/0x230 [ 3291.563374][T22756] ? do_syscall_64+0x21/0x7d0 [ 3291.568070][T22756] do_syscall_64+0xf6/0x7d0 [ 3291.572587][T22756] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3291.578484][T22756] RIP: 0033:0x45c849 [ 3291.582387][T22756] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3291.602009][T22756] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3291.610431][T22756] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3291.618409][T22756] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3291.626383][T22756] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3291.634361][T22756] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3291.642339][T22756] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3291.676985][T22776] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3291.690520][T22776] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3291.772898][T22776] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3291.772898][T22776] !' [ 3291.800472][T22776] CPU: 0 PID: 22776 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3291.809197][T22776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3291.819261][T22776] Call Trace: [ 3291.822568][T22776] dump_stack+0x188/0x20d [ 3291.826926][T22776] sysfs_warn_dup.cold+0x1c/0x2d [ 3291.831882][T22776] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3291.837971][T22776] sysfs_create_link+0x61/0xc0 [ 3291.842751][T22776] device_add+0x71c/0x1bc0 [ 3291.847320][T22776] ? uevent_show+0x360/0x360 [ 3291.851915][T22776] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3291.857889][T22776] wiphy_register+0x1c46/0x2720 [ 3291.862754][T22776] ? wiphy_unregister+0xf90/0xf90 [ 3291.867765][T22776] ? retint_kernel+0x2b/0x2b [ 3291.872352][T22776] ? ieee80211_register_hw+0x13b6/0x3760 [ 3291.878031][T22776] ieee80211_register_hw+0x141d/0x3760 [ 3291.883497][T22776] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3291.888956][T22776] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3291.894495][T22776] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3291.900466][T22776] ? memset+0x20/0x40 [ 3291.904431][T22776] ? __hrtimer_init+0x134/0x260 [ 3291.909281][T22776] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3291.915014][T22776] ? hwsim_register_received_nl+0x400/0x400 [ 3291.920901][T22776] hwsim_new_radio_nl+0x905/0xf60 [ 3291.925908][T22776] ? retint_kernel+0x2b/0x2b [ 3291.930527][T22776] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3291.936413][T22776] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3291.942727][T22776] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3291.949060][T22776] genl_rcv_msg+0x627/0xdf0 [ 3291.953565][T22776] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3291.959885][T22776] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3291.965188][T22776] ? retint_kernel+0x2b/0x2b [ 3291.969767][T22776] netlink_rcv_skb+0x15a/0x410 [ 3291.974516][T22776] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3291.980826][T22776] ? netlink_ack+0xa80/0xa80 [ 3291.985407][T22776] genl_rcv+0x24/0x40 [ 3291.989369][T22776] netlink_unicast+0x537/0x740 [ 3291.994179][T22776] ? netlink_attachskb+0x810/0x810 [ 3291.999362][T22776] ? _copy_from_iter_full+0x25c/0x870 [ 3292.004724][T22776] netlink_sendmsg+0x882/0xe10 [ 3292.009497][T22776] ? netlink_unicast+0x740/0x740 [ 3292.014441][T22776] ? netlink_sendmsg+0x1a/0xe10 [ 3292.019281][T22776] ? netlink_unicast+0x740/0x740 [ 3292.024204][T22776] sock_sendmsg+0xcf/0x120 [ 3292.028606][T22776] ____sys_sendmsg+0x6b9/0x7d0 [ 3292.033358][T22776] ? kernel_sendmsg+0x50/0x50 [ 3292.038023][T22776] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3292.043473][T22776] ___sys_sendmsg+0x100/0x170 [ 3292.048142][T22776] ? retint_kernel+0x2b/0x2b [ 3292.052721][T22776] ? sendmsg_copy_msghdr+0x70/0x70 [ 3292.057953][T22776] ? __fget_files+0x3fa/0x4f0 [ 3292.062623][T22776] ? __fget_files+0x329/0x4f0 [ 3292.067291][T22776] ? ksys_dup3+0x3c0/0x3c0 [ 3292.071695][T22776] ? finish_task_switch+0x119/0x750 [ 3292.076883][T22776] ? _raw_spin_unlock_irq+0x1f/0x80 [ 3292.082071][T22776] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3292.087350][T22776] ? __fget_light+0x208/0x270 [ 3292.092023][T22776] __sys_sendmsg+0xec/0x1b0 [ 3292.096568][T22776] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3292.101591][T22776] ? trace_hardirqs_off_caller+0x55/0x230 [ 3292.107327][T22776] ? do_syscall_64+0x21/0x7d0 [ 3292.112054][T22776] do_syscall_64+0xf6/0x7d0 [ 3292.116548][T22776] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3292.122424][T22776] RIP: 0033:0x45c849 [ 3292.126304][T22776] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3292.145894][T22776] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3292.154317][T22776] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3292.162280][T22776] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3292.170241][T22776] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3292.178202][T22776] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3292.186157][T22776] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:46:11 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e024030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:11 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000020000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:46:11 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e06c030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:11 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r3, &(0x7f0000000200)=""/202, 0xca, 0x2000000) 11:46:11 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca991111", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x55}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:11 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024004005d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3297.617235][T22902] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:46:12 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f020024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3297.658737][T22899] netlink: 'syz-executor.1': attribute type 8 has an invalid length. 11:46:12 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000030000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3297.704082][T22899] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. 11:46:12 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024003505d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3297.826563][T22899] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3297.826563][T22899] !' [ 3297.868368][T22913] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3297.877116][T22899] CPU: 1 PID: 22899 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3297.877128][T22899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3297.877133][T22899] Call Trace: [ 3297.877158][T22899] dump_stack+0x188/0x20d [ 3297.877188][T22899] sysfs_warn_dup.cold+0x1c/0x2d [ 3297.877209][T22899] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3297.877229][T22899] sysfs_create_link+0x61/0xc0 [ 3297.877245][T22899] device_add+0x71c/0x1bc0 [ 3297.877271][T22899] ? uevent_show+0x360/0x360 [ 3297.928377][T22899] wiphy_register+0x1c46/0x2720 [ 3297.933262][T22899] ? wiphy_unregister+0xf90/0xf90 [ 3297.938310][T22899] ? ieee80211_cs_list_valid+0x19/0x280 [ 3297.943872][T22899] ? __sanitizer_cov_trace_pc+0x27/0x50 [ 3297.949432][T22899] ? ieee80211_cs_list_valid+0x198/0x280 [ 3297.955089][T22899] ieee80211_register_hw+0x141d/0x3760 [ 3297.960587][T22899] ? ieee80211_ifa_changed+0xdc0/0xdc0 11:46:12 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000040000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3297.966065][T22899] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3297.971624][T22899] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3297.977620][T22899] ? memset+0x20/0x40 [ 3297.981615][T22899] ? __hrtimer_init+0x134/0x260 [ 3297.986487][T22899] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3297.992245][T22899] ? hwsim_register_received_nl+0x400/0x400 [ 3297.998165][T22899] hwsim_new_radio_nl+0x905/0xf60 [ 3298.003208][T22899] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3298.008898][T22899] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3298.014810][T22899] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3298.020584][T22899] genl_rcv_msg+0x627/0xdf0 [ 3298.025124][T22899] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3298.031494][T22899] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 3298.037328][T22899] netlink_rcv_skb+0x15a/0x410 [ 3298.042107][T22899] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3298.046314][T22917] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3298.048445][T22899] ? netlink_ack+0xa80/0xa80 [ 3298.048491][T22899] genl_rcv+0x24/0x40 [ 3298.048509][T22899] netlink_unicast+0x537/0x740 [ 3298.070489][T22899] ? netlink_attachskb+0x810/0x810 [ 3298.075613][T22899] ? _copy_from_iter_full+0x25c/0x870 [ 3298.080996][T22899] ? __phys_addr_symbol+0x2c/0x70 [ 3298.086039][T22899] ? __check_object_size+0x171/0x437 [ 3298.091363][T22899] netlink_sendmsg+0x882/0xe10 [ 3298.096152][T22899] ? aa_af_perm+0x260/0x260 [ 3298.100674][T22899] ? netlink_unicast+0x740/0x740 [ 3298.105646][T22899] ? netlink_unicast+0x740/0x740 [ 3298.110601][T22899] sock_sendmsg+0xcf/0x120 11:46:12 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000050000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3298.115035][T22899] ____sys_sendmsg+0x6b9/0x7d0 [ 3298.119814][T22899] ? retint_kernel+0x2b/0x2b [ 3298.124418][T22899] ? kernel_sendmsg+0x50/0x50 [ 3298.129119][T22899] ? ____sys_sendmsg+0xe/0x7d0 [ 3298.133901][T22899] ___sys_sendmsg+0x100/0x170 [ 3298.138601][T22899] ? sendmsg_copy_msghdr+0x70/0x70 [ 3298.143741][T22899] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3298.149217][T22899] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3298.154518][T22899] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3298.159999][T22899] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3298.165734][T22899] ? retint_kernel+0x2b/0x2b [ 3298.167866][T22919] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3298.170346][T22899] ? __fget_light+0x208/0x270 [ 3298.170366][T22899] ? sockfd_lookup_light+0x59/0x170 [ 3298.170392][T22899] __sys_sendmsg+0xec/0x1b0 [ 3298.170406][T22899] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3298.170445][T22899] ? do_syscall_64+0x4f/0x7d0 [ 3298.203141][T22899] do_syscall_64+0xf6/0x7d0 [ 3298.207667][T22899] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3298.213565][T22899] RIP: 0033:0x45c849 11:46:12 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000060000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3298.217475][T22899] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3298.237086][T22899] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3298.245513][T22899] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3298.253498][T22899] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3298.261482][T22899] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3298.269463][T22899] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3298.275377][T22921] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3298.277436][T22899] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3298.323664][T22910] netlink: 'syz-executor.0': attribute type 8 has an invalid length. [ 3298.338698][T22910] netlink: 119984 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3298.388803][T22910] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3298.388803][T22910] !' [ 3298.421066][T22910] CPU: 1 PID: 22910 Comm: syz-executor.0 Not tainted 5.6.0-rc6-syzkaller #0 [ 3298.429792][T22910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3298.440116][T22910] Call Trace: [ 3298.443430][T22910] dump_stack+0x188/0x20d [ 3298.447788][T22910] sysfs_warn_dup.cold+0x1c/0x2d [ 3298.452745][T22910] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3298.458828][T22910] sysfs_create_link+0x61/0xc0 [ 3298.463614][T22910] device_add+0x71c/0x1bc0 [ 3298.468046][T22910] ? uevent_show+0x360/0x360 [ 3298.472648][T22910] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3298.478730][T22910] wiphy_register+0x1c46/0x2720 [ 3298.483638][T22910] ? wiphy_unregister+0xf90/0xf90 [ 3298.488689][T22910] ? __kmalloc+0x629/0x7a0 [ 3298.493107][T22910] ? ieee80211_register_hw+0xbea/0x3760 [ 3298.498660][T22910] ? ieee80211_cs_list_valid+0x198/0x280 [ 3298.504338][T22910] ieee80211_register_hw+0x141d/0x3760 [ 3298.509795][T22910] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3298.515258][T22910] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3298.520811][T22910] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3298.526794][T22910] ? memset+0x20/0x40 [ 3298.530775][T22910] ? __hrtimer_init+0x134/0x260 [ 3298.535643][T22910] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3298.541474][T22910] ? vprintk_func+0x81/0x17e [ 3298.546071][T22910] ? hwsim_register_received_nl+0x400/0x400 [ 3298.551971][T22910] hwsim_new_radio_nl+0x905/0xf60 [ 3298.556997][T22910] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3298.562886][T22910] ? cap_capable+0x1eb/0x250 [ 3298.567492][T22910] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3298.573821][T22910] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3298.580160][T22910] genl_rcv_msg+0x627/0xdf0 [ 3298.584662][T22910] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3298.590991][T22910] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 3298.596812][T22910] netlink_rcv_skb+0x15a/0x410 [ 3298.601587][T22910] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3298.607928][T22910] ? netlink_ack+0xa80/0xa80 [ 3298.612523][T22910] genl_rcv+0x24/0x40 [ 3298.616494][T22910] netlink_unicast+0x537/0x740 [ 3298.621272][T22910] ? netlink_attachskb+0x810/0x810 [ 3298.626381][T22910] ? _copy_from_iter_full+0x25c/0x870 [ 3298.631755][T22910] ? __phys_addr_symbol+0x2c/0x70 [ 3298.636772][T22910] ? __check_object_size+0x171/0x437 [ 3298.642064][T22910] netlink_sendmsg+0x882/0xe10 [ 3298.646839][T22910] ? aa_af_perm+0x260/0x260 [ 3298.651343][T22910] ? netlink_unicast+0x740/0x740 [ 3298.656289][T22910] ? netlink_unicast+0x740/0x740 [ 3298.661219][T22910] sock_sendmsg+0xcf/0x120 [ 3298.665625][T22910] ____sys_sendmsg+0x6b9/0x7d0 [ 3298.670379][T22910] ? kernel_sendmsg+0x50/0x50 [ 3298.675045][T22910] ? mark_lock+0xbc/0x1220 [ 3298.679460][T22910] ___sys_sendmsg+0x100/0x170 [ 3298.684127][T22910] ? sendmsg_copy_msghdr+0x70/0x70 [ 3298.689237][T22910] ? __fget_files+0x329/0x4f0 [ 3298.693907][T22910] ? ksys_dup3+0x3c0/0x3c0 [ 3298.698305][T22910] ? lock_acquire+0x197/0x420 [ 3298.702967][T22910] ? __might_fault+0xef/0x1d0 [ 3298.707641][T22910] ? __fget_light+0x208/0x270 [ 3298.712313][T22910] __sys_sendmsg+0xec/0x1b0 [ 3298.716817][T22910] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3298.721843][T22910] ? __x64_sys_futex+0x380/0x4f0 [ 3298.726801][T22910] ? trace_hardirqs_off_caller+0x55/0x230 [ 3298.732522][T22910] ? do_syscall_64+0x21/0x7d0 [ 3298.737194][T22910] do_syscall_64+0xf6/0x7d0 [ 3298.741688][T22910] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3298.747566][T22910] RIP: 0033:0x45c849 [ 3298.751450][T22910] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3298.771037][T22910] RSP: 002b:00007febc7569c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3298.779452][T22910] RAX: ffffffffffffffda RBX: 00007febc756a6d4 RCX: 000000000045c849 [ 3298.787417][T22910] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 3298.795374][T22910] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3298.803329][T22910] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3298.811291][T22910] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3298.857118][T22915] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3298.875583][T22915] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3298.908757][T22915] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3298.908757][T22915] !' [ 3298.932210][T22915] CPU: 1 PID: 22915 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3298.940931][T22915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3298.950991][T22915] Call Trace: [ 3298.954304][T22915] dump_stack+0x188/0x20d [ 3298.958670][T22915] sysfs_warn_dup.cold+0x1c/0x2d [ 3298.963634][T22915] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3298.969728][T22915] sysfs_create_link+0x61/0xc0 [ 3298.974508][T22915] device_add+0x71c/0x1bc0 [ 3298.978951][T22915] ? uevent_show+0x360/0x360 [ 3298.983563][T22915] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3298.989686][T22915] wiphy_register+0x1c46/0x2720 [ 3298.994569][T22915] ? wiphy_unregister+0xf90/0xf90 [ 3298.999618][T22915] ? __kmalloc+0x629/0x7a0 [ 3299.004053][T22915] ? ieee80211_register_hw+0xbea/0x3760 [ 3299.009617][T22915] ? ieee80211_cs_list_valid+0x198/0x280 [ 3299.015275][T22915] ieee80211_register_hw+0x141d/0x3760 [ 3299.020768][T22915] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3299.026241][T22915] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3299.031823][T22915] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3299.037821][T22915] ? memset+0x20/0x40 [ 3299.041814][T22915] ? __hrtimer_init+0x134/0x260 [ 3299.046684][T22915] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3299.052414][T22915] ? vprintk_func+0x81/0x17e [ 3299.057042][T22915] ? hwsim_register_received_nl+0x400/0x400 [ 3299.062960][T22915] hwsim_new_radio_nl+0x905/0xf60 [ 3299.068002][T22915] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3299.073909][T22915] ? cap_capable+0x1eb/0x250 [ 3299.078533][T22915] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3299.084873][T22915] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3299.091233][T22915] genl_rcv_msg+0x627/0xdf0 [ 3299.095763][T22915] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3299.102101][T22915] ? mark_held_locks+0x9f/0xe0 [ 3299.106883][T22915] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3299.112373][T22915] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3299.118107][T22915] ? retint_kernel+0x2b/0x2b [ 3299.122724][T22915] netlink_rcv_skb+0x15a/0x410 [ 3299.127505][T22915] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3299.133873][T22915] ? netlink_ack+0xa80/0xa80 [ 3299.138527][T22915] genl_rcv+0x24/0x40 [ 3299.142520][T22915] netlink_unicast+0x537/0x740 [ 3299.147305][T22915] ? netlink_attachskb+0x810/0x810 [ 3299.152431][T22915] ? _copy_from_iter_full+0x25c/0x870 [ 3299.157814][T22915] ? __phys_addr_symbol+0x2c/0x70 [ 3299.162851][T22915] ? __check_object_size+0x171/0x437 [ 3299.168159][T22915] netlink_sendmsg+0x882/0xe10 [ 3299.173032][T22915] ? aa_af_perm+0x260/0x260 [ 3299.177549][T22915] ? netlink_unicast+0x740/0x740 [ 3299.182514][T22915] ? netlink_unicast+0x740/0x740 [ 3299.187467][T22915] sock_sendmsg+0xcf/0x120 [ 3299.191896][T22915] ____sys_sendmsg+0x6b9/0x7d0 [ 3299.196674][T22915] ? kernel_sendmsg+0x50/0x50 [ 3299.201365][T22915] ? mark_lock+0xbc/0x1220 [ 3299.205811][T22915] ___sys_sendmsg+0x100/0x170 [ 3299.210508][T22915] ? sendmsg_copy_msghdr+0x70/0x70 [ 3299.215649][T22915] ? __fget_files+0x329/0x4f0 [ 3299.220352][T22915] ? ksys_dup3+0x3c0/0x3c0 [ 3299.224798][T22915] ? __fget_light+0x208/0x270 [ 3299.229499][T22915] __sys_sendmsg+0xec/0x1b0 [ 3299.234023][T22915] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3299.239060][T22915] ? __x64_sys_futex+0x380/0x4f0 [ 3299.244033][T22915] ? trace_hardirqs_off_caller+0x55/0x230 [ 3299.249777][T22915] ? do_syscall_64+0x21/0x7d0 [ 3299.254475][T22915] do_syscall_64+0xf6/0x7d0 [ 3299.258995][T22915] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3299.264898][T22915] RIP: 0033:0x45c849 [ 3299.268806][T22915] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3299.288442][T22915] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3299.296869][T22915] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3299.304854][T22915] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3299.312837][T22915] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3299.320817][T22915] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3299.328796][T22915] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3299.349102][T22910] netlink: 'syz-executor.0': attribute type 8 has an invalid length. [ 3299.361139][T22910] netlink: 119984 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3299.396097][T22910] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3299.396097][T22910] !' [ 3299.430356][T22910] CPU: 1 PID: 22910 Comm: syz-executor.0 Not tainted 5.6.0-rc6-syzkaller #0 [ 3299.439095][T22910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3299.449160][T22910] Call Trace: [ 3299.452474][T22910] dump_stack+0x188/0x20d [ 3299.456833][T22910] sysfs_warn_dup.cold+0x1c/0x2d [ 3299.461793][T22910] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3299.467903][T22910] sysfs_create_link+0x61/0xc0 [ 3299.472684][T22910] device_add+0x71c/0x1bc0 [ 3299.477126][T22910] ? uevent_show+0x360/0x360 [ 3299.481731][T22910] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3299.487735][T22910] wiphy_register+0x1c46/0x2720 [ 3299.492618][T22910] ? wiphy_unregister+0xf90/0xf90 [ 3299.497664][T22910] ? __kmalloc+0x629/0x7a0 [ 3299.502096][T22910] ? ieee80211_register_hw+0xbea/0x3760 [ 3299.507661][T22910] ? ieee80211_cs_list_valid+0x198/0x280 [ 3299.513315][T22910] ieee80211_register_hw+0x141d/0x3760 [ 3299.518805][T22910] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3299.524285][T22910] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3299.529844][T22910] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3299.535846][T22910] ? memset+0x20/0x40 [ 3299.539860][T22910] ? __hrtimer_init+0x134/0x260 [ 3299.544733][T22910] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3299.550472][T22910] ? vprintk_func+0x81/0x17e [ 3299.555113][T22910] ? hwsim_register_received_nl+0x400/0x400 [ 3299.561035][T22910] hwsim_new_radio_nl+0x905/0xf60 [ 3299.566088][T22910] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3299.572003][T22910] ? cap_capable+0x1eb/0x250 [ 3299.576635][T22910] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3299.583501][T22910] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3299.589856][T22910] genl_rcv_msg+0x627/0xdf0 [ 3299.594389][T22910] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3299.600756][T22910] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 3299.606589][T22910] netlink_rcv_skb+0x15a/0x410 [ 3299.611370][T22910] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3299.617714][T22910] ? netlink_ack+0xa80/0xa80 [ 3299.622344][T22910] genl_rcv+0x24/0x40 [ 3299.626340][T22910] netlink_unicast+0x537/0x740 [ 3299.631125][T22910] ? netlink_attachskb+0x810/0x810 [ 3299.636249][T22910] ? _copy_from_iter_full+0x25c/0x870 [ 3299.641644][T22910] ? __phys_addr_symbol+0x2c/0x70 [ 3299.646683][T22910] ? __check_object_size+0x171/0x437 [ 3299.651991][T22910] netlink_sendmsg+0x882/0xe10 [ 3299.656775][T22910] ? aa_af_perm+0x260/0x260 [ 3299.661293][T22910] ? netlink_unicast+0x740/0x740 [ 3299.666261][T22910] ? netlink_unicast+0x740/0x740 [ 3299.671210][T22910] sock_sendmsg+0xcf/0x120 [ 3299.675648][T22910] ____sys_sendmsg+0x6b9/0x7d0 [ 3299.680427][T22910] ? kernel_sendmsg+0x50/0x50 [ 3299.685118][T22910] ? mark_lock+0xbc/0x1220 [ 3299.689564][T22910] ___sys_sendmsg+0x100/0x170 [ 3299.694262][T22910] ? sendmsg_copy_msghdr+0x70/0x70 [ 3299.699416][T22910] ? __fget_files+0x329/0x4f0 [ 3299.704112][T22910] ? ksys_dup3+0x3c0/0x3c0 [ 3299.708535][T22910] ? lock_acquire+0x197/0x420 [ 3299.713230][T22910] ? __might_fault+0xef/0x1d0 [ 3299.717928][T22910] ? __fget_light+0x208/0x270 [ 3299.722632][T22910] __sys_sendmsg+0xec/0x1b0 [ 3299.727152][T22910] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3299.732194][T22910] ? __x64_sys_futex+0x380/0x4f0 [ 3299.737164][T22910] ? trace_hardirqs_off_caller+0x55/0x230 [ 3299.742898][T22910] ? do_syscall_64+0x21/0x7d0 [ 3299.747594][T22910] do_syscall_64+0xf6/0x7d0 [ 3299.752121][T22910] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3299.758017][T22910] RIP: 0033:0x45c849 [ 3299.761919][T22910] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3299.781529][T22910] RSP: 002b:00007febc7569c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3299.789958][T22910] RAX: ffffffffffffffda RBX: 00007febc756a6d4 RCX: 000000000045c849 [ 3299.797941][T22910] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 3299.805924][T22910] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3299.813901][T22910] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3299.821884][T22910] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:46:23 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e05a030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:23 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca991111", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x55}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:23 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000070000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:46:23 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000735d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:23 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f040024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:23 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r3, &(0x7f0000000200)=""/202, 0xca, 0x20000000) [ 3309.191885][T23037] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3309.239291][T23043] netlink: 'syz-executor.2': attribute type 8 has an invalid length. 11:46:23 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000006000000000000000000a0000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:46:23 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f050024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3309.282256][T23043] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3309.384774][T23043] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3309.384774][T23043] !' [ 3309.400567][T23043] CPU: 1 PID: 23043 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3309.409282][T23043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3309.419345][T23043] Call Trace: [ 3309.422651][T23043] dump_stack+0x188/0x20d [ 3309.427006][T23043] sysfs_warn_dup.cold+0x1c/0x2d 11:46:23 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f060024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3309.431960][T23043] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3309.438042][T23043] sysfs_create_link+0x61/0xc0 [ 3309.438128][T23055] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3309.442808][T23043] device_add+0x71c/0x1bc0 [ 3309.442833][T23043] ? ieee80211_set_bitrate_flags+0x4e2/0x5c0 [ 3309.442848][T23043] ? uevent_show+0x360/0x360 [ 3309.442870][T23043] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3309.472574][T23043] wiphy_register+0x1c46/0x2720 [ 3309.477456][T23043] ? wiphy_unregister+0xf90/0xf90 11:46:23 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000180000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3309.482488][T23043] ? retint_kernel+0x2b/0x2b [ 3309.487108][T23043] ? ieee80211_register_hw+0x12d2/0x3760 [ 3309.492763][T23043] ieee80211_register_hw+0x141d/0x3760 [ 3309.498255][T23043] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3309.503730][T23043] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3309.509284][T23043] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3309.515273][T23043] ? memset+0x20/0x40 [ 3309.519265][T23043] ? __hrtimer_init+0x134/0x260 [ 3309.524131][T23043] mac80211_hwsim_new_radio+0x2187/0x43d0 11:46:23 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f070024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3309.529890][T23043] ? hwsim_register_received_nl+0x400/0x400 [ 3309.535798][T23043] ? vprintk_func+0x81/0x17e [ 3309.540405][T23043] ? __nla_validate_parse+0x15e/0x1cd0 [ 3309.545886][T23043] hwsim_new_radio_nl+0x905/0xf60 [ 3309.550924][T23043] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3309.556834][T23043] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3309.562581][T23043] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3309.568913][T23043] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3309.575260][T23043] genl_rcv_msg+0x627/0xdf0 [ 3309.579794][T23043] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3309.580696][T23059] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3309.586123][T23043] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3309.586143][T23043] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3309.586187][T23043] netlink_rcv_skb+0x15a/0x410 [ 3309.610654][T23043] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3309.616999][T23043] ? netlink_ack+0xa80/0xa80 [ 3309.621627][T23043] genl_rcv+0x24/0x40 [ 3309.625620][T23043] netlink_unicast+0x537/0x740 [ 3309.630406][T23043] ? netlink_attachskb+0x810/0x810 11:46:24 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000480000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3309.635527][T23043] ? _copy_from_iter_full+0x25c/0x870 [ 3309.640909][T23043] ? __phys_addr_symbol+0x2c/0x70 [ 3309.645941][T23043] ? __check_object_size+0x171/0x437 [ 3309.651248][T23043] netlink_sendmsg+0x882/0xe10 [ 3309.656028][T23043] ? aa_af_perm+0x260/0x260 [ 3309.660543][T23043] ? netlink_unicast+0x740/0x740 [ 3309.665521][T23043] ? netlink_unicast+0x740/0x740 [ 3309.670471][T23043] sock_sendmsg+0xcf/0x120 [ 3309.674903][T23043] ____sys_sendmsg+0x6b9/0x7d0 [ 3309.679687][T23043] ? kernel_sendmsg+0x50/0x50 [ 3309.684377][T23043] ? mark_lock+0xbc/0x1220 [ 3309.688820][T23043] ___sys_sendmsg+0x100/0x170 [ 3309.693519][T23043] ? sendmsg_copy_msghdr+0x70/0x70 [ 3309.698660][T23043] ? __fget_files+0x329/0x4f0 [ 3309.703357][T23043] ? ksys_dup3+0x3c0/0x3c0 [ 3309.707785][T23043] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3309.713516][T23043] ? retint_kernel+0x2b/0x2b [ 3309.717281][T23063] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3309.718123][T23043] ? __fget_light+0x208/0x270 [ 3309.731478][T23043] __sys_sendmsg+0xec/0x1b0 [ 3309.735999][T23043] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3309.741036][T23043] ? __x64_sys_futex+0x380/0x4f0 [ 3309.746007][T23043] ? trace_hardirqs_off_caller+0x55/0x230 [ 3309.751737][T23043] ? do_syscall_64+0x21/0x7d0 [ 3309.756434][T23043] do_syscall_64+0xf6/0x7d0 [ 3309.760951][T23043] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3309.766844][T23043] RIP: 0033:0x45c849 [ 3309.770739][T23043] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3309.790364][T23043] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3309.798784][T23043] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3309.806764][T23043] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3309.814740][T23043] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3309.822715][T23043] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3309.830690][T23043] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3310.019819][T23046] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3310.041792][T23046] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3310.075134][T23046] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3310.075134][T23046] !' [ 3310.087385][T23046] CPU: 0 PID: 23046 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3310.096081][T23046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3310.106140][T23046] Call Trace: [ 3310.109451][T23046] dump_stack+0x188/0x20d [ 3310.113803][T23046] sysfs_warn_dup.cold+0x1c/0x2d [ 3310.118779][T23046] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3310.124859][T23046] sysfs_create_link+0x61/0xc0 [ 3310.129630][T23046] device_add+0x71c/0x1bc0 [ 3310.134064][T23046] ? uevent_show+0x360/0x360 [ 3310.138666][T23046] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3310.144669][T23046] wiphy_register+0x1c46/0x2720 [ 3310.149556][T23046] ? wiphy_unregister+0xf90/0xf90 [ 3310.154590][T23046] ? __kmalloc+0x629/0x7a0 [ 3310.159014][T23046] ? ieee80211_register_hw+0xbea/0x3760 [ 3310.164574][T23046] ? ieee80211_cs_list_valid+0x198/0x280 [ 3310.170214][T23046] ieee80211_register_hw+0x141d/0x3760 [ 3310.175703][T23046] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3310.181177][T23046] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3310.186732][T23046] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3310.192726][T23046] ? memset+0x20/0x40 [ 3310.196734][T23046] ? __hrtimer_init+0x134/0x260 [ 3310.201598][T23046] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3310.207325][T23046] ? vprintk_func+0x81/0x17e [ 3310.211951][T23046] ? hwsim_register_received_nl+0x400/0x400 [ 3310.217877][T23046] hwsim_new_radio_nl+0x905/0xf60 [ 3310.222917][T23046] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3310.228835][T23046] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3310.235163][T23046] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3310.241511][T23046] genl_rcv_msg+0x627/0xdf0 [ 3310.246033][T23046] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3310.252400][T23046] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 3310.258220][T23046] netlink_rcv_skb+0x15a/0x410 [ 3310.263099][T23046] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3310.269439][T23046] ? netlink_ack+0xa80/0xa80 [ 3310.274063][T23046] genl_rcv+0x24/0x40 [ 3310.278050][T23046] netlink_unicast+0x537/0x740 [ 3310.282826][T23046] ? netlink_attachskb+0x810/0x810 [ 3310.287939][T23046] ? _copy_from_iter_full+0x25c/0x870 [ 3310.293317][T23046] ? __phys_addr_symbol+0x2c/0x70 [ 3310.298344][T23046] ? __check_object_size+0x171/0x437 [ 3310.303639][T23046] netlink_sendmsg+0x882/0xe10 [ 3310.308417][T23046] ? retint_kernel+0x2b/0x2b [ 3310.313011][T23046] ? netlink_unicast+0x740/0x740 [ 3310.317961][T23046] ? sock_sendmsg+0x4b/0x120 [ 3310.322551][T23046] ? sock_sendmsg+0x65/0x120 [ 3310.327161][T23046] ? netlink_unicast+0x740/0x740 [ 3310.332102][T23046] sock_sendmsg+0xcf/0x120 [ 3310.336524][T23046] ____sys_sendmsg+0x6b9/0x7d0 [ 3310.341291][T23046] ? kernel_sendmsg+0x50/0x50 [ 3310.345998][T23046] ___sys_sendmsg+0x100/0x170 [ 3310.350696][T23046] ? sendmsg_copy_msghdr+0x70/0x70 [ 3310.355828][T23046] ? __fget_files+0x329/0x4f0 [ 3310.360519][T23046] ? ksys_dup3+0x3c0/0x3c0 [ 3310.364935][T23046] ? lock_acquire+0x197/0x420 [ 3310.369612][T23046] ? __might_fault+0xef/0x1d0 [ 3310.374309][T23046] ? __fget_light+0x208/0x270 [ 3310.379000][T23046] __sys_sendmsg+0xec/0x1b0 [ 3310.383509][T23046] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3310.388535][T23046] ? __x64_sys_futex+0x380/0x4f0 [ 3310.393499][T23046] ? trace_hardirqs_off_caller+0x55/0x230 [ 3310.399225][T23046] ? do_syscall_64+0x21/0x7d0 [ 3310.403915][T23046] do_syscall_64+0xf6/0x7d0 [ 3310.408435][T23046] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3310.414329][T23046] RIP: 0033:0x45c849 [ 3310.418230][T23046] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3310.437839][T23046] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3310.446257][T23046] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3310.454236][T23046] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3310.462212][T23046] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3310.470190][T23046] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3310.478162][T23046] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3310.500908][T23071] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3310.515985][T23071] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3310.559341][T23071] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3310.559341][T23071] !' [ 3310.572637][T23071] CPU: 0 PID: 23071 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3310.581335][T23071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3310.591399][T23071] Call Trace: [ 3310.594716][T23071] dump_stack+0x188/0x20d [ 3310.599079][T23071] sysfs_warn_dup.cold+0x1c/0x2d [ 3310.604070][T23071] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3310.610156][T23071] sysfs_create_link+0x61/0xc0 [ 3310.614937][T23071] device_add+0x71c/0x1bc0 [ 3310.619385][T23071] ? uevent_show+0x360/0x360 [ 3310.623997][T23071] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3310.630005][T23071] wiphy_register+0x1c46/0x2720 [ 3310.634895][T23071] ? wiphy_unregister+0xf90/0xf90 [ 3310.639937][T23071] ? __kmalloc+0x629/0x7a0 [ 3310.644367][T23071] ? ieee80211_register_hw+0xbea/0x3760 [ 3310.649935][T23071] ? ieee80211_cs_list_valid+0x198/0x280 [ 3310.655690][T23071] ieee80211_register_hw+0x141d/0x3760 [ 3310.661190][T23071] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3310.666663][T23071] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3310.672225][T23071] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3310.678248][T23071] ? memset+0x20/0x40 [ 3310.682241][T23071] ? __hrtimer_init+0x134/0x260 [ 3310.687120][T23071] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3310.692853][T23071] ? vprintk_func+0x81/0x17e [ 3310.697485][T23071] ? hwsim_register_received_nl+0x400/0x400 [ 3310.703407][T23071] hwsim_new_radio_nl+0x905/0xf60 [ 3310.708448][T23071] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3310.714348][T23071] ? cap_capable+0x1eb/0x250 [ 3310.718967][T23071] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3310.725308][T23071] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3310.731667][T23071] genl_rcv_msg+0x627/0xdf0 [ 3310.736198][T23071] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3310.742565][T23071] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 3310.748400][T23071] netlink_rcv_skb+0x15a/0x410 [ 3310.753174][T23071] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3310.759518][T23071] ? netlink_ack+0xa80/0xa80 [ 3310.764145][T23071] genl_rcv+0x24/0x40 [ 3310.768138][T23071] netlink_unicast+0x537/0x740 [ 3310.772928][T23071] ? netlink_attachskb+0x810/0x810 [ 3310.778045][T23071] ? _copy_from_iter_full+0x25c/0x870 [ 3310.783433][T23071] ? __phys_addr_symbol+0x2c/0x70 [ 3310.788469][T23071] ? __check_object_size+0x171/0x437 [ 3310.793778][T23071] netlink_sendmsg+0x882/0xe10 [ 3310.798564][T23071] ? aa_af_perm+0x260/0x260 [ 3310.803083][T23071] ? netlink_unicast+0x740/0x740 [ 3310.808047][T23071] ? netlink_unicast+0x740/0x740 [ 3310.813001][T23071] sock_sendmsg+0xcf/0x120 [ 3310.817436][T23071] ____sys_sendmsg+0x6b9/0x7d0 [ 3310.822217][T23071] ? kernel_sendmsg+0x50/0x50 [ 3310.826905][T23071] ? mark_lock+0xbc/0x1220 [ 3310.831356][T23071] ___sys_sendmsg+0x100/0x170 [ 3310.836047][T23071] ? sendmsg_copy_msghdr+0x70/0x70 [ 3310.841191][T23071] ? __fget_files+0x329/0x4f0 [ 3310.845896][T23071] ? ksys_dup3+0x3c0/0x3c0 [ 3310.850319][T23071] ? lock_acquire+0x197/0x420 [ 3310.855128][T23071] ? __might_fault+0xef/0x1d0 [ 3310.859830][T23071] ? __fget_light+0x208/0x270 [ 3310.864535][T23071] __sys_sendmsg+0xec/0x1b0 [ 3310.869056][T23071] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3310.874113][T23071] ? trace_hardirqs_off_caller+0x55/0x230 [ 3310.879918][T23071] ? do_syscall_64+0x21/0x7d0 [ 3310.884632][T23071] do_syscall_64+0xf6/0x7d0 [ 3310.889146][T23071] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3310.895047][T23071] RIP: 0033:0x45c849 [ 3310.898947][T23071] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3310.918554][T23071] RSP: 002b:00007fc0807fac78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3310.926973][T23071] RAX: ffffffffffffffda RBX: 00007fc0807fb6d4 RCX: 000000000045c849 [ 3310.935050][T23071] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3310.943127][T23071] RBP: 000000000076c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 3310.951099][T23071] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3310.959073][T23071] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076c0ec 11:46:32 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e06c030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:32 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f080024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:32 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000006000000000000000004c0000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:46:32 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca991111", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x55}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:32 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d23580788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:32 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r3, &(0x7f0000000200)=""/202, 0xca, 0x60000000) [ 3318.569423][T23189] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3318.616365][T23187] netlink: 'syz-executor.1': attribute type 8 has an invalid length. 11:46:33 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f090024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:33 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000600000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3318.666580][T23187] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3318.773239][T23187] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3318.773239][T23187] !' [ 3318.816148][T23187] CPU: 0 PID: 23187 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3318.824873][T23187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3318.834934][T23187] Call Trace: [ 3318.838214][T23187] dump_stack+0x188/0x20d [ 3318.842530][T23187] sysfs_warn_dup.cold+0x1c/0x2d [ 3318.847466][T23187] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3318.853530][T23187] sysfs_create_link+0x61/0xc0 [ 3318.858285][T23187] device_add+0x71c/0x1bc0 [ 3318.862713][T23187] ? uevent_show+0x360/0x360 [ 3318.867306][T23187] wiphy_register+0x1c46/0x2720 [ 3318.872149][T23187] ? wiphy_unregister+0xf90/0xf90 [ 3318.877166][T23187] ? ieee80211_cs_list_valid+0x1e/0x280 [ 3318.882748][T23187] ? ieee80211_cs_list_valid+0x198/0x280 [ 3318.888376][T23187] ieee80211_register_hw+0x141d/0x3760 [ 3318.893837][T23187] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3318.899294][T23187] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3318.904842][T23187] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3318.910839][T23187] ? memset+0x20/0x40 [ 3318.914837][T23187] ? __hrtimer_init+0x134/0x260 [ 3318.919706][T23187] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3318.925464][T23187] ? hwsim_register_received_nl+0x400/0x400 [ 3318.931387][T23187] hwsim_new_radio_nl+0x905/0xf60 [ 3318.936426][T23187] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3318.941907][T23187] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3318.947825][T23187] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3318.953598][T23187] genl_rcv_msg+0x627/0xdf0 [ 3318.958132][T23187] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3318.964488][T23187] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3318.970250][T23187] netlink_rcv_skb+0x15a/0x410 [ 3318.975033][T23187] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3318.981376][T23187] ? netlink_ack+0xa80/0xa80 [ 3318.986007][T23187] genl_rcv+0x24/0x40 [ 3318.989999][T23187] netlink_unicast+0x537/0x740 [ 3318.994787][T23187] ? netlink_attachskb+0x810/0x810 [ 3318.999903][T23187] ? _copy_from_iter_full+0x25c/0x870 [ 3319.005290][T23187] ? __phys_addr_symbol+0x2c/0x70 [ 3319.010329][T23187] ? __check_object_size+0x171/0x437 [ 3319.015636][T23187] netlink_sendmsg+0x882/0xe10 [ 3319.020419][T23187] ? aa_af_perm+0x260/0x260 [ 3319.024937][T23187] ? netlink_unicast+0x740/0x740 [ 3319.029899][T23187] ? netlink_unicast+0x740/0x740 [ 3319.034844][T23187] sock_sendmsg+0xcf/0x120 [ 3319.039270][T23187] ____sys_sendmsg+0x6b9/0x7d0 [ 3319.044050][T23187] ? kernel_sendmsg+0x50/0x50 [ 3319.048750][T23187] ? mark_lock+0xbc/0x1220 [ 3319.053197][T23187] ___sys_sendmsg+0x100/0x170 [ 3319.057891][T23187] ? sendmsg_copy_msghdr+0x70/0x70 [ 3319.063033][T23187] ? __fget_files+0x329/0x4f0 [ 3319.067737][T23187] ? ksys_dup3+0x3c0/0x3c0 [ 3319.072167][T23187] ? lock_acquire+0x197/0x420 [ 3319.076958][T23187] ? __might_fault+0xef/0x1d0 [ 3319.081662][T23187] ? __fget_light+0x208/0x270 [ 3319.086363][T23187] __sys_sendmsg+0xec/0x1b0 [ 3319.090874][T23187] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3319.095914][T23187] ? __x64_sys_futex+0x380/0x4f0 [ 3319.100885][T23187] ? trace_hardirqs_off_caller+0x55/0x230 [ 3319.106624][T23187] ? do_syscall_64+0x21/0x7d0 [ 3319.111318][T23187] do_syscall_64+0xf6/0x7d0 [ 3319.115839][T23187] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3319.121736][T23187] RIP: 0033:0x45c849 [ 3319.125641][T23187] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3319.146033][T23187] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3319.154453][T23187] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 11:46:33 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f0c0024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3319.162434][T23187] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3319.170517][T23187] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3319.178492][T23187] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3319.186470][T23187] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3319.207844][T23199] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:46:33 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000680000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3319.287861][T23188] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3319.307841][T23205] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3319.332398][T23188] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. 11:46:33 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f0e0024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3319.364390][T23188] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3319.364390][T23188] !' [ 3319.429475][T23188] CPU: 0 PID: 23188 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3319.438201][T23188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3319.448259][T23188] Call Trace: [ 3319.451595][T23188] dump_stack+0x188/0x20d [ 3319.455960][T23188] sysfs_warn_dup.cold+0x1c/0x2d [ 3319.460922][T23188] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3319.467043][T23188] sysfs_create_link+0x61/0xc0 [ 3319.471839][T23188] device_add+0x71c/0x1bc0 [ 3319.476277][T23188] ? uevent_show+0x360/0x360 [ 3319.480882][T23188] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3319.486886][T23188] wiphy_register+0x1c46/0x2720 [ 3319.491766][T23188] ? wiphy_unregister+0xf90/0xf90 [ 3319.496812][T23188] ? __kmalloc+0x629/0x7a0 [ 3319.501252][T23188] ? ieee80211_register_hw+0xbea/0x3760 [ 3319.506822][T23188] ? ieee80211_cs_list_valid+0x198/0x280 [ 3319.517891][T23188] ieee80211_register_hw+0x141d/0x3760 [ 3319.523393][T23188] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3319.528874][T23188] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3319.534435][T23188] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3319.540443][T23188] ? memset+0x20/0x40 [ 3319.544441][T23188] ? __hrtimer_init+0x134/0x260 [ 3319.549316][T23188] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3319.555072][T23188] ? vprintk_func+0x81/0x17e [ 3319.559812][T23188] ? hwsim_register_received_nl+0x400/0x400 [ 3319.565733][T23188] hwsim_new_radio_nl+0x905/0xf60 [ 3319.570777][T23188] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3319.576703][T23188] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3319.583053][T23188] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3319.589757][T23188] genl_rcv_msg+0x627/0xdf0 [ 3319.594293][T23188] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3319.600666][T23188] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 3319.606500][T23188] netlink_rcv_skb+0x15a/0x410 [ 3319.611287][T23188] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3319.617637][T23188] ? netlink_ack+0xa80/0xa80 [ 3319.622269][T23188] genl_rcv+0x24/0x40 [ 3319.626263][T23188] netlink_unicast+0x537/0x740 [ 3319.631049][T23188] ? netlink_attachskb+0x810/0x810 [ 3319.636170][T23188] ? _copy_from_iter_full+0x25c/0x870 [ 3319.641649][T23188] ? __phys_addr_symbol+0x2c/0x70 [ 3319.646689][T23188] ? __check_object_size+0x171/0x437 [ 3319.648756][T23316] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3319.651996][T23188] netlink_sendmsg+0x882/0xe10 [ 3319.652021][T23188] ? aa_af_perm+0x260/0x260 [ 3319.652036][T23188] ? netlink_unicast+0x740/0x740 [ 3319.652066][T23188] ? netlink_unicast+0x740/0x740 [ 3319.679861][T23188] sock_sendmsg+0xcf/0x120 [ 3319.684294][T23188] ____sys_sendmsg+0x6b9/0x7d0 [ 3319.690032][T23188] ? kernel_sendmsg+0x50/0x50 [ 3319.694728][T23188] ? mark_lock+0xbc/0x1220 [ 3319.699158][T23188] ___sys_sendmsg+0x100/0x170 [ 3319.703847][T23188] ? sendmsg_copy_msghdr+0x70/0x70 [ 3319.708992][T23188] ? __fget_files+0x329/0x4f0 [ 3319.713692][T23188] ? ksys_dup3+0x3c0/0x3c0 [ 3319.718816][T23188] ? lock_acquire+0x209/0x420 [ 3319.723524][T23188] ? __fget_light+0x208/0x270 [ 3319.728231][T23188] __sys_sendmsg+0xec/0x1b0 [ 3319.732746][T23188] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3319.737809][T23188] ? do_syscall_64+0xbc/0x7d0 [ 3319.742500][T23188] do_syscall_64+0xf6/0x7d0 [ 3319.747017][T23188] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3319.752914][T23188] RIP: 0033:0x45c849 [ 3319.756815][T23188] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 11:46:33 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000006000000000000000006c0000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3319.777204][T23188] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3319.785622][T23188] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3319.793606][T23188] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3319.801586][T23188] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3319.809564][T23188] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3319.817538][T23188] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3319.875801][T23265] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3319.885876][T23265] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3319.917879][T23265] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3319.917879][T23265] !' [ 3319.934840][T23265] CPU: 1 PID: 23265 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3319.943558][T23265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3319.953613][T23265] Call Trace: [ 3319.956922][T23265] dump_stack+0x188/0x20d [ 3319.961279][T23265] sysfs_warn_dup.cold+0x1c/0x2d [ 3319.966754][T23265] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3319.973720][T23265] sysfs_create_link+0x61/0xc0 [ 3319.978488][T23265] device_add+0x71c/0x1bc0 [ 3319.982923][T23265] ? uevent_show+0x360/0x360 [ 3319.987526][T23265] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3319.993530][T23265] wiphy_register+0x1c46/0x2720 [ 3319.998405][T23265] ? wiphy_unregister+0xf90/0xf90 [ 3320.003441][T23265] ? __kmalloc+0x629/0x7a0 [ 3320.007863][T23265] ? ieee80211_register_hw+0xbea/0x3760 [ 3320.013425][T23265] ? ieee80211_cs_list_valid+0x198/0x280 [ 3320.019083][T23265] ieee80211_register_hw+0x141d/0x3760 [ 3320.024573][T23265] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3320.030046][T23265] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3320.035599][T23265] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3320.041595][T23265] ? memset+0x20/0x40 [ 3320.045589][T23265] ? __hrtimer_init+0x134/0x260 [ 3320.050453][T23265] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3320.056173][T23265] ? vprintk_func+0x81/0x17e [ 3320.060794][T23265] ? hwsim_register_received_nl+0x400/0x400 [ 3320.066715][T23265] hwsim_new_radio_nl+0x905/0xf60 [ 3320.071756][T23265] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3320.077653][T23265] ? cap_capable+0x1eb/0x250 [ 3320.082266][T23265] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3320.088604][T23265] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3320.094953][T23265] genl_rcv_msg+0x627/0xdf0 [ 3320.099473][T23265] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3320.105826][T23265] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 3320.111655][T23265] netlink_rcv_skb+0x15a/0x410 [ 3320.116431][T23265] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3320.122762][T23265] ? netlink_ack+0xa80/0xa80 [ 3320.127385][T23265] genl_rcv+0x24/0x40 [ 3320.131380][T23265] netlink_unicast+0x537/0x740 [ 3320.136165][T23265] ? netlink_attachskb+0x810/0x810 [ 3320.141288][T23265] ? _copy_from_iter_full+0x25c/0x870 [ 3320.146672][T23265] ? __phys_addr_symbol+0x2c/0x70 [ 3320.151712][T23265] ? __check_object_size+0x171/0x437 [ 3320.157010][T23265] netlink_sendmsg+0x882/0xe10 [ 3320.161790][T23265] ? aa_af_perm+0x260/0x260 [ 3320.166300][T23265] ? netlink_unicast+0x740/0x740 [ 3320.171275][T23265] ? netlink_unicast+0x740/0x740 [ 3320.176214][T23265] sock_sendmsg+0xcf/0x120 [ 3320.181417][T23265] ____sys_sendmsg+0x6b9/0x7d0 [ 3320.186188][T23265] ? kernel_sendmsg+0x50/0x50 [ 3320.190878][T23265] ? mark_lock+0xbc/0x1220 [ 3320.195665][T23265] ___sys_sendmsg+0x100/0x170 [ 3320.200349][T23265] ? sendmsg_copy_msghdr+0x70/0x70 [ 3320.205485][T23265] ? __fget_files+0x329/0x4f0 [ 3320.211047][T23265] ? ksys_dup3+0x3c0/0x3c0 [ 3320.215465][T23265] ? lock_acquire+0x197/0x420 [ 3320.220151][T23265] ? __might_fault+0xef/0x1d0 [ 3320.224856][T23265] ? __fget_light+0x208/0x270 [ 3320.229550][T23265] __sys_sendmsg+0xec/0x1b0 [ 3320.234589][T23265] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3320.239626][T23265] ? __x64_sys_futex+0x380/0x4f0 [ 3320.244590][T23265] ? trace_hardirqs_off_caller+0x55/0x230 [ 3320.250319][T23265] ? do_syscall_64+0x21/0x7d0 [ 3320.255014][T23265] do_syscall_64+0xf6/0x7d0 [ 3320.259539][T23265] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3320.265436][T23265] RIP: 0033:0x45c849 [ 3320.269353][T23265] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3320.289101][T23265] RSP: 002b:00007fc08081bc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3320.301858][T23265] RAX: ffffffffffffffda RBX: 00007fc08081c6d4 RCX: 000000000045c849 [ 3320.309838][T23265] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3320.317815][T23265] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 3320.325787][T23265] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3320.333759][T23265] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076c04c 11:46:42 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f020024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:42 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x6c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:42 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f100024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:42 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000740000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:46:42 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c6394350424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:42 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r3, &(0x7f0000000200)=""/202, 0xca, 0x100000000000000) [ 3327.938968][T23332] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:46:42 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f280024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:42 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000006000000000000000007a0000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3328.015502][T23329] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3328.052248][T23329] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. 11:46:42 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f350024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3328.158611][T23329] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3328.158611][T23329] !' [ 3328.200497][T23329] CPU: 0 PID: 23329 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3328.209744][T23329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3328.220068][T23329] Call Trace: [ 3328.223379][T23329] dump_stack+0x188/0x20d [ 3328.224831][T23342] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3328.227836][T23329] sysfs_warn_dup.cold+0x1c/0x2d [ 3328.227859][T23329] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3328.227880][T23329] sysfs_create_link+0x61/0xc0 [ 3328.227903][T23329] device_add+0x71c/0x1bc0 [ 3328.257710][T23329] ? ieee80211_set_bitrate_flags+0x418/0x5c0 [ 3328.263703][T23329] ? uevent_show+0x360/0x360 [ 3328.268306][T23329] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3328.274312][T23329] wiphy_register+0x1c46/0x2720 [ 3328.287972][T23329] ? wiphy_unregister+0xf90/0xf90 [ 3328.293016][T23329] ? retint_kernel+0x2b/0x2b [ 3328.297722][T23329] ? ieee80211_register_hw+0x2c1b/0x3760 [ 3328.303373][T23329] ieee80211_register_hw+0x141d/0x3760 [ 3328.308881][T23329] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3328.314459][T23329] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3328.320020][T23329] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3328.326015][T23329] ? memset+0x20/0x40 [ 3328.330008][T23329] ? __hrtimer_init+0x134/0x260 [ 3328.334876][T23329] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3328.340648][T23329] ? hwsim_register_received_nl+0x400/0x400 [ 3328.346570][T23329] hwsim_new_radio_nl+0x905/0xf60 [ 3328.351614][T23329] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3328.356918][T23329] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3328.362860][T23329] genl_rcv_msg+0x627/0xdf0 [ 3328.367393][T23329] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3328.373730][T23329] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3328.379025][T23329] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3328.382816][T23347] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3328.384526][T23329] netlink_rcv_skb+0x15a/0x410 [ 3328.384549][T23329] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3328.404301][T23329] ? netlink_ack+0xa80/0xa80 [ 3328.408931][T23329] genl_rcv+0x24/0x40 [ 3328.412929][T23329] netlink_unicast+0x537/0x740 [ 3328.417716][T23329] ? netlink_attachskb+0x810/0x810 [ 3328.422837][T23329] ? security_netlink_send+0x13/0xa0 [ 3328.428246][T23329] ? security_netlink_send+0x1a/0xa0 [ 3328.433557][T23329] netlink_sendmsg+0x882/0xe10 [ 3328.438352][T23329] ? netlink_unicast+0x740/0x740 [ 3328.443306][T23329] ? netlink_unicast+0x740/0x740 [ 3328.448355][T23329] sock_sendmsg+0xcf/0x120 [ 3328.452792][T23329] ____sys_sendmsg+0x6b9/0x7d0 [ 3328.457573][T23329] ? kernel_sendmsg+0x50/0x50 [ 3328.462354][T23329] ? mark_lock+0xbc/0x1220 [ 3328.466815][T23329] ___sys_sendmsg+0x100/0x170 [ 3328.471517][T23329] ? sendmsg_copy_msghdr+0x70/0x70 [ 3328.476656][T23329] ? __fget_files+0x329/0x4f0 [ 3328.481356][T23329] ? ksys_dup3+0x3c0/0x3c0 [ 3328.485789][T23329] ? lock_acquire+0x197/0x420 [ 3328.490478][T23329] ? __might_fault+0xef/0x1d0 [ 3328.496130][T23329] ? __fget_light+0x208/0x270 [ 3328.500834][T23329] __sys_sendmsg+0xec/0x1b0 [ 3328.505345][T23329] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3328.510397][T23329] ? trace_hardirqs_off_caller+0x55/0x230 [ 3328.516131][T23329] ? do_syscall_64+0x21/0x7d0 [ 3328.520829][T23329] do_syscall_64+0xf6/0x7d0 [ 3328.525351][T23329] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3328.531245][T23329] RIP: 0033:0x45c849 [ 3328.535148][T23329] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3328.555454][T23329] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3328.563887][T23329] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3328.571884][T23329] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3328.579861][T23329] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3328.587850][T23329] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 11:46:42 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f5a0024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:42 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000300000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:46:42 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f630024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3328.595830][T23329] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3328.781795][T23330] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3328.800735][T23330] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3328.834747][T23330] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3328.834747][T23330] !' [ 3328.862418][T23330] CPU: 1 PID: 23330 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3328.871133][T23330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3328.881198][T23330] Call Trace: [ 3328.884506][T23330] dump_stack+0x188/0x20d [ 3328.888861][T23330] sysfs_warn_dup.cold+0x1c/0x2d [ 3328.893818][T23330] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3328.899911][T23330] sysfs_create_link+0x61/0xc0 [ 3328.904687][T23330] device_add+0x71c/0x1bc0 [ 3328.909125][T23330] ? uevent_show+0x360/0x360 [ 3328.913738][T23330] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3328.919745][T23330] wiphy_register+0x1c46/0x2720 [ 3328.924798][T23330] ? wiphy_unregister+0xf90/0xf90 [ 3328.930110][T23330] ? __kmalloc+0x629/0x7a0 [ 3328.934539][T23330] ? ieee80211_register_hw+0xbea/0x3760 [ 3328.940138][T23330] ? ieee80211_cs_list_valid+0x198/0x280 [ 3328.945793][T23330] ieee80211_register_hw+0x141d/0x3760 [ 3328.951285][T23330] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3328.956761][T23330] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3328.962323][T23330] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3328.968317][T23330] ? memset+0x20/0x40 [ 3328.972306][T23330] ? __hrtimer_init+0x134/0x260 [ 3328.977180][T23330] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3328.982909][T23330] ? vprintk_func+0x81/0x17e [ 3328.987623][T23330] ? hwsim_register_received_nl+0x400/0x400 [ 3328.993547][T23330] hwsim_new_radio_nl+0x905/0xf60 [ 3328.998594][T23330] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3329.004582][T23330] ? cap_capable+0x1eb/0x250 [ 3329.009203][T23330] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3329.015541][T23330] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3329.021892][T23330] genl_rcv_msg+0x627/0xdf0 [ 3329.026432][T23330] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3329.032802][T23330] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 3329.038633][T23330] netlink_rcv_skb+0x15a/0x410 [ 3329.043417][T23330] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3329.049758][T23330] ? netlink_ack+0xa80/0xa80 [ 3329.054388][T23330] genl_rcv+0x24/0x40 [ 3329.058385][T23330] netlink_unicast+0x537/0x740 [ 3329.063182][T23330] ? netlink_attachskb+0x810/0x810 [ 3329.068307][T23330] ? _copy_from_iter_full+0x25c/0x870 [ 3329.073692][T23330] ? __phys_addr_symbol+0x2c/0x70 [ 3329.078729][T23330] ? __check_object_size+0x171/0x437 [ 3329.084036][T23330] netlink_sendmsg+0x882/0xe10 [ 3329.088824][T23330] ? aa_af_perm+0x260/0x260 [ 3329.093342][T23330] ? netlink_unicast+0x740/0x740 [ 3329.098304][T23330] ? netlink_unicast+0x740/0x740 [ 3329.103255][T23330] sock_sendmsg+0xcf/0x120 [ 3329.107685][T23330] ____sys_sendmsg+0x6b9/0x7d0 [ 3329.112553][T23330] ? kernel_sendmsg+0x50/0x50 [ 3329.117275][T23330] ___sys_sendmsg+0x100/0x170 [ 3329.121971][T23330] ? sendmsg_copy_msghdr+0x70/0x70 [ 3329.127138][T23330] ? __fget_files+0x329/0x4f0 [ 3329.131842][T23330] ? ksys_dup3+0x3c0/0x3c0 [ 3329.136266][T23330] ? lock_acquire+0x197/0x420 [ 3329.140964][T23330] ? __might_fault+0xef/0x1d0 [ 3329.145664][T23330] ? __fget_light+0x208/0x270 [ 3329.150364][T23330] __sys_sendmsg+0xec/0x1b0 [ 3329.154874][T23330] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3329.159933][T23330] ? trace_hardirqs_off_caller+0x55/0x230 [ 3329.165670][T23330] ? do_syscall_64+0x21/0x7d0 [ 3329.170366][T23330] do_syscall_64+0xf6/0x7d0 [ 3329.174886][T23330] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3329.180785][T23330] RIP: 0033:0x45c849 [ 3329.184687][T23330] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3329.204726][T23330] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3329.213153][T23330] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3329.221130][T23330] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3329.229110][T23330] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3329.237112][T23330] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3329.245107][T23330] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3334.231233][T23461] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 3334.242684][T23461] netlink: 119984 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3334.277884][T23461] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3334.277884][T23461] !' [ 3334.288966][T23461] CPU: 0 PID: 23461 Comm: syz-executor.4 Not tainted 5.6.0-rc6-syzkaller #0 [ 3334.297661][T23461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3334.307720][T23461] Call Trace: [ 3334.311028][T23461] dump_stack+0x188/0x20d [ 3334.315465][T23461] sysfs_warn_dup.cold+0x1c/0x2d [ 3334.320498][T23461] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3334.326579][T23461] sysfs_create_link+0x61/0xc0 [ 3334.331349][T23461] device_add+0x71c/0x1bc0 [ 3334.335781][T23461] ? quarantine_reduce+0x161/0x190 [ 3334.340902][T23461] ? uevent_show+0x360/0x360 [ 3334.345524][T23461] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3334.351529][T23461] wiphy_register+0x1c46/0x2720 [ 3334.356849][T23461] ? wiphy_unregister+0xf90/0xf90 [ 3334.361906][T23461] ? __kmalloc+0x629/0x7a0 [ 3334.366330][T23461] ? ieee80211_register_hw+0xbea/0x3760 [ 3334.371898][T23461] ? ieee80211_cs_list_valid+0x198/0x280 [ 3334.377584][T23461] ieee80211_register_hw+0x141d/0x3760 [ 3334.383078][T23461] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3334.388553][T23461] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3334.394196][T23461] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3334.400190][T23461] ? memset+0x20/0x40 [ 3334.404182][T23461] ? __hrtimer_init+0x134/0x260 [ 3334.409054][T23461] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3334.414784][T23461] ? vprintk_func+0x81/0x17e [ 3334.419411][T23461] ? hwsim_register_received_nl+0x400/0x400 [ 3334.425328][T23461] hwsim_new_radio_nl+0x905/0xf60 [ 3334.430365][T23461] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3334.436268][T23461] ? cap_capable+0x1eb/0x250 [ 3334.440880][T23461] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3334.447214][T23461] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3334.453562][T23461] genl_rcv_msg+0x627/0xdf0 [ 3334.458096][T23461] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3334.464467][T23461] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 3334.470306][T23461] netlink_rcv_skb+0x15a/0x410 [ 3334.475088][T23461] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3334.481426][T23461] ? netlink_ack+0xa80/0xa80 [ 3334.486051][T23461] genl_rcv+0x24/0x40 [ 3334.490036][T23461] netlink_unicast+0x537/0x740 [ 3334.495251][T23461] ? netlink_attachskb+0x810/0x810 [ 3334.500368][T23461] ? _copy_from_iter_full+0x25c/0x870 [ 3334.505752][T23461] ? __phys_addr_symbol+0x2c/0x70 [ 3334.511483][T23461] ? __check_object_size+0x171/0x437 [ 3334.516875][T23461] netlink_sendmsg+0x882/0xe10 [ 3334.522292][T23461] ? aa_af_perm+0x260/0x260 [ 3334.526827][T23461] ? netlink_unicast+0x740/0x740 [ 3334.531794][T23461] ? netlink_unicast+0x740/0x740 [ 3334.536753][T23461] sock_sendmsg+0xcf/0x120 [ 3334.541178][T23461] ____sys_sendmsg+0x6b9/0x7d0 [ 3334.545952][T23461] ? kernel_sendmsg+0x50/0x50 [ 3334.550645][T23461] ? mark_lock+0xbc/0x1220 [ 3334.555091][T23461] ___sys_sendmsg+0x100/0x170 [ 3334.559789][T23461] ? sendmsg_copy_msghdr+0x70/0x70 [ 3334.564939][T23461] ? __fget_files+0x329/0x4f0 [ 3334.569639][T23461] ? ksys_dup3+0x3c0/0x3c0 [ 3334.574065][T23461] ? lock_acquire+0x197/0x420 [ 3334.578754][T23461] ? __might_fault+0xef/0x1d0 [ 3334.583452][T23461] ? __fget_light+0x208/0x270 [ 3334.588168][T23461] __sys_sendmsg+0xec/0x1b0 [ 3334.592680][T23461] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3334.597725][T23461] ? __x64_sys_futex+0x380/0x4f0 [ 3334.602688][T23461] ? trace_hardirqs_off_caller+0x55/0x230 [ 3334.608419][T23461] ? do_syscall_64+0x21/0x7d0 [ 3334.613116][T23461] do_syscall_64+0xf6/0x7d0 [ 3334.617632][T23461] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3334.623527][T23461] RIP: 0033:0x45c849 [ 3334.627424][T23461] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3334.647217][T23461] RSP: 002b:00007f96f5f61c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3334.655636][T23461] RAX: ffffffffffffffda RBX: 00007f96f5f626d4 RCX: 000000000045c849 [ 3334.663613][T23461] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 3334.671587][T23461] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3334.679564][T23461] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3334.687539][T23461] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:46:50 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f040024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:50 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000500000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:46:50 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f6c0024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:50 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d3524fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:50 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r3, &(0x7f0000000200)=""/202, 0xca, 0x200000000000000) 11:46:50 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x6c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3335.751456][T23466] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:46:50 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f7c0324000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:50 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000600000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3335.829250][T23472] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3335.857562][T23472] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. 11:46:50 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d040ffc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3335.957800][T23472] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3335.957800][T23472] !' [ 3335.998839][T23472] CPU: 1 PID: 23472 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3335.999585][T23486] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3336.007557][T23472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3336.007563][T23472] Call Trace: [ 3336.007586][T23472] dump_stack+0x188/0x20d [ 3336.007611][T23472] sysfs_warn_dup.cold+0x1c/0x2d [ 3336.007637][T23472] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3336.045909][T23472] sysfs_create_link+0x61/0xc0 [ 3336.050684][T23472] device_add+0x71c/0x1bc0 [ 3336.055129][T23472] ? uevent_show+0x360/0x360 [ 3336.059823][T23472] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3336.065831][T23472] wiphy_register+0x1c46/0x2720 [ 3336.070716][T23472] ? wiphy_unregister+0xf90/0xf90 [ 3336.075747][T23472] ? retint_kernel+0x2b/0x2b [ 3336.080364][T23472] ? ieee80211_cs_list_valid+0x198/0x280 [ 3336.086010][T23472] ieee80211_register_hw+0x141d/0x3760 [ 3336.091489][T23472] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3336.096988][T23472] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3336.103687][T23472] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3336.109678][T23472] ? memset+0x20/0x40 [ 3336.113670][T23472] ? __hrtimer_init+0x134/0x260 [ 3336.118537][T23472] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3336.124260][T23472] ? kvasprintf+0x11b/0x150 [ 3336.128799][T23472] ? hwsim_register_received_nl+0x400/0x400 [ 3336.134699][T23472] ? __nla_validate_parse+0x2af/0x1cd0 [ 3336.140181][T23472] hwsim_new_radio_nl+0x905/0xf60 [ 3336.145221][T23472] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3336.150687][T23472] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3336.156586][T23472] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3336.162350][T23472] genl_rcv_msg+0x627/0xdf0 [ 3336.166965][T23472] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3336.173301][T23472] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3336.179035][T23472] ? retint_kernel+0x2b/0x2b [ 3336.183651][T23472] ? check_memory_region+0x1c/0x190 [ 3336.188862][T23472] netlink_rcv_skb+0x15a/0x410 [ 3336.193635][T23472] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3336.199965][T23472] ? netlink_ack+0xa80/0xa80 [ 3336.204586][T23472] genl_rcv+0x24/0x40 [ 3336.208573][T23472] netlink_unicast+0x537/0x740 [ 3336.213350][T23472] ? netlink_attachskb+0x810/0x810 [ 3336.218567][T23472] ? _copy_from_iter_full+0x25c/0x870 [ 3336.223946][T23472] ? __check_object_size+0x171/0x437 [ 3336.229250][T23472] netlink_sendmsg+0x882/0xe10 [ 3336.234033][T23472] ? aa_af_perm+0x260/0x260 [ 3336.238544][T23472] ? netlink_unicast+0x740/0x740 [ 3336.243510][T23472] ? netlink_unicast+0x740/0x740 [ 3336.248460][T23472] sock_sendmsg+0xcf/0x120 [ 3336.252889][T23472] ____sys_sendmsg+0x6b9/0x7d0 [ 3336.257666][T23472] ? kernel_sendmsg+0x50/0x50 [ 3336.262350][T23472] ? mark_lock+0xbc/0x1220 [ 3336.266792][T23472] ___sys_sendmsg+0x100/0x170 [ 3336.271488][T23472] ? sendmsg_copy_msghdr+0x70/0x70 [ 3336.276627][T23472] ? __fget_files+0x329/0x4f0 [ 3336.281352][T23472] ? ksys_dup3+0x3c0/0x3c0 [ 3336.285777][T23472] ? lock_acquire+0x197/0x420 [ 3336.290547][T23472] ? __might_fault+0xef/0x1d0 [ 3336.295246][T23472] ? __fget_light+0x208/0x270 [ 3336.299939][T23472] __sys_sendmsg+0xec/0x1b0 [ 3336.304477][T23472] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3336.309516][T23472] ? __x64_sys_futex+0x380/0x4f0 [ 3336.314473][T23472] ? trace_hardirqs_off_caller+0x55/0x230 [ 3336.320222][T23472] ? do_syscall_64+0x21/0x7d0 [ 3336.324914][T23472] do_syscall_64+0xf6/0x7d0 [ 3336.329433][T23472] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3336.335349][T23472] RIP: 0033:0x45c849 [ 3336.339252][T23472] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3336.359303][T23472] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3336.367728][T23472] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3336.375703][T23472] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3336.383689][T23472] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3336.392190][T23472] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 11:46:50 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000700000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:46:50 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f003224000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3336.400164][T23472] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:46:50 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000a00000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3336.442453][T23491] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3336.475382][T23489] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3336.497603][T23494] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3336.527536][T23489] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3336.658363][T23489] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3336.658363][T23489] !' [ 3336.683647][T23489] CPU: 0 PID: 23489 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3336.692356][T23489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3336.702462][T23489] Call Trace: [ 3336.705768][T23489] dump_stack+0x188/0x20d [ 3336.710121][T23489] sysfs_warn_dup.cold+0x1c/0x2d [ 3336.715081][T23489] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3336.721157][T23489] sysfs_create_link+0x61/0xc0 [ 3336.725925][T23489] device_add+0x71c/0x1bc0 [ 3336.730352][T23489] ? uevent_show+0x360/0x360 [ 3336.734952][T23489] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3336.740948][T23489] wiphy_register+0x1c46/0x2720 [ 3336.745829][T23489] ? wiphy_unregister+0xf90/0xf90 [ 3336.750860][T23489] ? retint_kernel+0x2b/0x2b [ 3336.755475][T23489] ? ieee80211_register_hw+0x1325/0x3760 [ 3336.761119][T23489] ieee80211_register_hw+0x141d/0x3760 [ 3336.767382][T23489] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3336.772848][T23489] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3336.778393][T23489] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3336.784380][T23489] ? memset+0x20/0x40 [ 3336.788361][T23489] ? __hrtimer_init+0x134/0x260 [ 3336.793226][T23489] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3336.798985][T23489] ? hwsim_register_received_nl+0x400/0x400 [ 3336.804880][T23489] ? vprintk_func+0x81/0x17e [ 3336.809501][T23489] hwsim_new_radio_nl+0x905/0xf60 [ 3336.814545][T23489] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3336.819851][T23489] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3336.825786][T23489] genl_rcv_msg+0x627/0xdf0 [ 3336.830311][T23489] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3336.836646][T23489] ? mark_held_locks+0x9f/0xe0 [ 3336.841419][T23489] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3336.846903][T23489] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3336.852632][T23489] ? retint_kernel+0x2b/0x2b [ 3336.857236][T23489] netlink_rcv_skb+0x15a/0x410 [ 3336.862016][T23489] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3336.868350][T23489] ? netlink_ack+0xa80/0xa80 [ 3336.872969][T23489] genl_rcv+0x24/0x40 [ 3336.876961][T23489] netlink_unicast+0x537/0x740 [ 3336.882191][T23489] ? netlink_attachskb+0x810/0x810 [ 3336.887310][T23489] ? _copy_from_iter_full+0x25c/0x870 [ 3336.892692][T23489] ? __phys_addr_symbol+0x2c/0x70 [ 3336.897719][T23489] ? __check_object_size+0x171/0x437 [ 3336.903024][T23489] netlink_sendmsg+0x882/0xe10 [ 3336.907805][T23489] ? aa_af_perm+0x260/0x260 [ 3336.912324][T23489] ? netlink_unicast+0x740/0x740 [ 3336.918246][T23489] ? netlink_unicast+0x740/0x740 [ 3336.923198][T23489] sock_sendmsg+0xcf/0x120 [ 3336.928932][T23489] ____sys_sendmsg+0x6b9/0x7d0 [ 3336.933710][T23489] ? kernel_sendmsg+0x50/0x50 [ 3336.938397][T23489] ? mark_lock+0xbc/0x1220 [ 3336.945617][T23489] ___sys_sendmsg+0x100/0x170 [ 3336.950305][T23489] ? sendmsg_copy_msghdr+0x70/0x70 [ 3336.955443][T23489] ? __fget_files+0x329/0x4f0 [ 3336.960140][T23489] ? ksys_dup3+0x3c0/0x3c0 [ 3336.964567][T23489] ? lock_acquire+0x209/0x420 [ 3336.969299][T23489] ? __fget_light+0x208/0x270 [ 3336.974001][T23489] __sys_sendmsg+0xec/0x1b0 [ 3336.978511][T23489] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3336.983537][T23489] ? __x64_sys_futex+0x380/0x4f0 [ 3336.988494][T23489] ? trace_hardirqs_off_caller+0x55/0x230 [ 3336.994219][T23489] ? do_syscall_64+0x21/0x7d0 [ 3336.998902][T23489] do_syscall_64+0xf6/0x7d0 [ 3337.003414][T23489] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3337.009306][T23489] RIP: 0033:0x45c849 [ 3337.013202][T23489] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3337.032806][T23489] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3337.041219][T23489] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3337.049189][T23489] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3337.057176][T23489] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3337.065153][T23489] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3337.073130][T23489] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3337.127958][T23602] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3337.140559][T23602] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3337.152262][T23602] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3337.152262][T23602] !' [ 3337.180445][T23602] CPU: 0 PID: 23602 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3337.190244][T23602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3337.200410][T23602] Call Trace: [ 3337.203691][T23602] dump_stack+0x188/0x20d [ 3337.208017][T23602] sysfs_warn_dup.cold+0x1c/0x2d [ 3337.212965][T23602] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3337.219268][T23602] sysfs_create_link+0x61/0xc0 [ 3337.224140][T23602] device_add+0x71c/0x1bc0 [ 3337.228567][T23602] ? uevent_show+0x360/0x360 [ 3337.233174][T23602] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3337.239175][T23602] wiphy_register+0x1c46/0x2720 [ 3337.244051][T23602] ? wiphy_unregister+0xf90/0xf90 [ 3337.249184][T23602] ? __kmalloc+0x629/0x7a0 [ 3337.253608][T23602] ? ieee80211_register_hw+0xbea/0x3760 [ 3337.259776][T23602] ? ieee80211_cs_list_valid+0x198/0x280 [ 3337.265421][T23602] ieee80211_register_hw+0x141d/0x3760 [ 3337.271084][T23602] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3337.276568][T23602] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3337.282114][T23602] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3337.288107][T23602] ? memset+0x20/0x40 [ 3337.292194][T23602] ? __hrtimer_init+0x134/0x260 [ 3337.297062][T23602] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3337.302786][T23602] ? vprintk_func+0x81/0x17e [ 3337.308198][T23602] ? hwsim_register_received_nl+0x400/0x400 [ 3337.314119][T23602] hwsim_new_radio_nl+0x905/0xf60 [ 3337.319161][T23602] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3337.325068][T23602] ? cap_capable+0x1eb/0x250 [ 3337.329683][T23602] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3337.336015][T23602] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3337.342358][T23602] genl_rcv_msg+0x627/0xdf0 [ 3337.346882][T23602] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3337.353243][T23602] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 3337.359073][T23602] netlink_rcv_skb+0x15a/0x410 [ 3337.363855][T23602] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3337.370196][T23602] ? netlink_ack+0xa80/0xa80 [ 3337.374923][T23602] genl_rcv+0x24/0x40 [ 3337.378933][T23602] netlink_unicast+0x537/0x740 [ 3337.383720][T23602] ? netlink_attachskb+0x810/0x810 [ 3337.388835][T23602] ? _copy_from_iter_full+0x25c/0x870 [ 3337.394212][T23602] ? __phys_addr_symbol+0x2c/0x70 [ 3337.399274][T23602] ? __check_object_size+0x171/0x437 [ 3337.404843][T23602] netlink_sendmsg+0x882/0xe10 [ 3337.409644][T23602] ? aa_af_perm+0x260/0x260 [ 3337.414263][T23602] ? netlink_unicast+0x740/0x740 [ 3337.419231][T23602] ? netlink_unicast+0x740/0x740 [ 3337.424176][T23602] sock_sendmsg+0xcf/0x120 [ 3337.428598][T23602] ____sys_sendmsg+0x6b9/0x7d0 [ 3337.433374][T23602] ? kernel_sendmsg+0x50/0x50 [ 3337.438057][T23602] ? mark_lock+0xbc/0x1220 [ 3337.442497][T23602] ___sys_sendmsg+0x100/0x170 [ 3337.447182][T23602] ? sendmsg_copy_msghdr+0x70/0x70 [ 3337.452319][T23602] ? __fget_files+0x329/0x4f0 [ 3337.457008][T23602] ? ksys_dup3+0x3c0/0x3c0 [ 3337.462207][T23602] ? lock_acquire+0x197/0x420 [ 3337.473147][T23602] ? __might_fault+0xef/0x1d0 [ 3337.478636][T23602] ? __fget_light+0x208/0x270 [ 3337.483335][T23602] __sys_sendmsg+0xec/0x1b0 [ 3337.487848][T23602] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3337.492880][T23602] ? __x64_sys_futex+0x380/0x4f0 [ 3337.497845][T23602] ? trace_hardirqs_off_caller+0x55/0x230 [ 3337.503569][T23602] ? do_syscall_64+0x21/0x7d0 [ 3337.508256][T23602] do_syscall_64+0xf6/0x7d0 [ 3337.512769][T23602] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3337.519355][T23602] RIP: 0033:0x45c849 [ 3337.523264][T23602] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3337.542869][T23602] RSP: 002b:00007fc08083cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3337.551288][T23602] RAX: ffffffffffffffda RBX: 00007fc08083d6d4 RCX: 000000000045c849 [ 3337.559262][T23602] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3337.567234][T23602] RBP: 000000000076bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 3337.575205][T23602] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3337.583180][T23602] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bfac 11:46:59 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f050024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:59 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x6c}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:59 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000001800000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:46:59 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r3, &(0x7f0000000200)=""/202, 0xca, 0x2000000000000000) 11:46:59 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f006224000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:46:59 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0435fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3345.146343][T23615] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3345.154940][T23610] netlink: 'syz-executor.1': attribute type 8 has an invalid length. 11:46:59 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03000f000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3345.190631][T23610] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. 11:46:59 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000002000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3345.281814][T23610] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3345.281814][T23610] !' 11:46:59 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030224000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3345.348087][T23610] CPU: 1 PID: 23610 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3345.356808][T23610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3345.366877][T23610] Call Trace: [ 3345.370185][T23610] dump_stack+0x188/0x20d [ 3345.374540][T23610] sysfs_warn_dup.cold+0x1c/0x2d [ 3345.379499][T23610] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3345.385588][T23610] sysfs_create_link+0x61/0xc0 [ 3345.390361][T23610] device_add+0x71c/0x1bc0 [ 3345.394804][T23610] ? ieee80211_set_bitrate_flags+0x4c5/0x5c0 [ 3345.401244][T23610] ? uevent_show+0x360/0x360 [ 3345.405935][T23610] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3345.411941][T23610] wiphy_register+0x1c46/0x2720 [ 3345.416833][T23610] ? wiphy_unregister+0xf90/0xf90 [ 3345.421868][T23610] ? retint_kernel+0x2b/0x2b [ 3345.426487][T23610] ? ieee80211_cs_list_valid+0x198/0x280 [ 3345.432154][T23610] ieee80211_register_hw+0x141d/0x3760 [ 3345.437652][T23610] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3345.443128][T23610] ? rcu_read_lock_sched_held+0x9c/0xd0 11:46:59 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030324000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3345.443927][T23626] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3345.448678][T23610] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3345.448700][T23610] ? memset+0x20/0x40 [ 3345.448718][T23610] ? __hrtimer_init+0x134/0x260 [ 3345.448742][T23610] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3345.448764][T23610] ? vprintk_func+0x81/0x17e [ 3345.482684][T23610] ? hwsim_register_received_nl+0x400/0x400 [ 3345.488603][T23610] hwsim_new_radio_nl+0x905/0xf60 [ 3345.493779][T23610] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3345.499084][T23610] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3345.505017][T23610] genl_rcv_msg+0x627/0xdf0 [ 3345.509549][T23610] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3345.515897][T23610] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3345.521201][T23610] ? retint_kernel+0x2b/0x2b [ 3345.525813][T23610] netlink_rcv_skb+0x15a/0x410 [ 3345.530587][T23610] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3345.537885][T23610] ? netlink_ack+0xa80/0xa80 [ 3345.542524][T23610] genl_rcv+0x24/0x40 11:46:59 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000003f00000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:46:59 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030424000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3345.546514][T23610] netlink_unicast+0x537/0x740 [ 3345.551298][T23610] ? netlink_attachskb+0x810/0x810 [ 3345.556416][T23610] ? _copy_from_iter_full+0x25c/0x870 [ 3345.561805][T23610] ? __phys_addr_symbol+0x2c/0x70 [ 3345.566836][T23610] ? __check_object_size+0x171/0x437 [ 3345.572140][T23610] netlink_sendmsg+0x882/0xe10 [ 3345.577008][T23610] ? aa_af_perm+0x260/0x260 [ 3345.581521][T23610] ? netlink_unicast+0x740/0x740 [ 3345.586481][T23610] ? netlink_unicast+0x740/0x740 [ 3345.591427][T23610] sock_sendmsg+0xcf/0x120 [ 3345.595858][T23610] ____sys_sendmsg+0x6b9/0x7d0 [ 3345.600639][T23610] ? kernel_sendmsg+0x50/0x50 [ 3345.605327][T23610] ? mark_lock+0xbc/0x1220 [ 3345.609857][T23610] ___sys_sendmsg+0x100/0x170 [ 3345.614549][T23610] ? sendmsg_copy_msghdr+0x70/0x70 [ 3345.619687][T23610] ? __fget_files+0x329/0x4f0 [ 3345.624389][T23610] ? ksys_dup3+0x3c0/0x3c0 [ 3345.628833][T23610] ? __fget_light+0x208/0x270 [ 3345.633534][T23610] __sys_sendmsg+0xec/0x1b0 [ 3345.638047][T23610] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3345.643080][T23610] ? __x64_sys_futex+0x380/0x4f0 [ 3345.648225][T23610] ? trace_hardirqs_off_caller+0x55/0x230 [ 3345.653964][T23610] ? do_syscall_64+0x21/0x7d0 [ 3345.658658][T23610] do_syscall_64+0xf6/0x7d0 [ 3345.663185][T23610] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3345.669081][T23610] RIP: 0033:0x45c849 [ 3345.672981][T23610] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3345.692587][T23610] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3345.701002][T23610] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3345.708982][T23610] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3345.716957][T23610] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3345.724930][T23610] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3345.726096][T23634] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3345.732910][T23610] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3345.844023][T23617] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3345.870197][T23617] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3345.948074][T23617] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3345.948074][T23617] !' [ 3346.003192][T23617] CPU: 1 PID: 23617 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3346.011923][T23617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3346.022082][T23617] Call Trace: [ 3346.025404][T23617] dump_stack+0x188/0x20d [ 3346.029759][T23617] sysfs_warn_dup.cold+0x1c/0x2d [ 3346.034708][T23617] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3346.040763][T23617] sysfs_create_link+0x61/0xc0 [ 3346.045521][T23617] device_add+0x71c/0x1bc0 [ 3346.050070][T23617] ? uevent_show+0x360/0x360 [ 3346.054670][T23617] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3346.060661][T23617] wiphy_register+0x1c46/0x2720 [ 3346.065544][T23617] ? wiphy_unregister+0xf90/0xf90 [ 3346.070585][T23617] ? __kmalloc+0x629/0x7a0 [ 3346.075106][T23617] ? ieee80211_register_hw+0xbea/0x3760 [ 3346.080669][T23617] ? ieee80211_cs_list_valid+0x198/0x280 [ 3346.086329][T23617] ieee80211_register_hw+0x141d/0x3760 [ 3346.091817][T23617] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3346.097297][T23617] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3346.102854][T23617] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3346.108844][T23617] ? memset+0x20/0x40 [ 3346.112833][T23617] ? __hrtimer_init+0x134/0x260 [ 3346.117693][T23617] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3346.123417][T23617] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3346.128728][T23617] ? hwsim_register_received_nl+0x400/0x400 [ 3346.134639][T23617] hwsim_new_radio_nl+0x905/0xf60 [ 3346.139663][T23617] ? retint_kernel+0x2b/0x2b [ 3346.144265][T23617] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3346.150200][T23617] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3346.156531][T23617] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3346.162875][T23617] genl_rcv_msg+0x627/0xdf0 [ 3346.167399][T23617] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3346.173732][T23617] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3346.179022][T23617] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3346.184525][T23617] netlink_rcv_skb+0x15a/0x410 [ 3346.189307][T23617] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3346.195650][T23617] ? netlink_ack+0xa80/0xa80 [ 3346.200280][T23617] genl_rcv+0x24/0x40 [ 3346.204279][T23617] netlink_unicast+0x537/0x740 [ 3346.209070][T23617] ? netlink_attachskb+0x810/0x810 [ 3346.214205][T23617] netlink_sendmsg+0x882/0xe10 [ 3346.218986][T23617] ? aa_af_perm+0x260/0x260 [ 3346.223496][T23617] ? netlink_unicast+0x740/0x740 [ 3346.228454][T23617] ? netlink_unicast+0x740/0x740 [ 3346.233412][T23617] sock_sendmsg+0xcf/0x120 [ 3346.237848][T23617] ____sys_sendmsg+0x6b9/0x7d0 [ 3346.242625][T23617] ? kernel_sendmsg+0x50/0x50 [ 3346.247316][T23617] ? mark_lock+0xbc/0x1220 [ 3346.251764][T23617] ___sys_sendmsg+0x100/0x170 [ 3346.256454][T23617] ? sendmsg_copy_msghdr+0x70/0x70 [ 3346.261592][T23617] ? __fget_files+0x329/0x4f0 [ 3346.266282][T23617] ? ksys_dup3+0x3c0/0x3c0 [ 3346.270719][T23617] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3346.276445][T23617] ? retint_kernel+0x2b/0x2b [ 3346.281051][T23617] ? __fget_light+0x208/0x270 [ 3346.285839][T23617] __sys_sendmsg+0xec/0x1b0 [ 3346.290369][T23617] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3346.295401][T23617] ? __x64_sys_futex+0x380/0x4f0 [ 3346.300364][T23617] ? trace_hardirqs_off_caller+0x55/0x230 [ 3346.306093][T23617] ? do_syscall_64+0x21/0x7d0 [ 3346.310788][T23617] do_syscall_64+0xf6/0x7d0 [ 3346.315308][T23617] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3346.321202][T23617] RIP: 0033:0x45c849 [ 3346.325102][T23617] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3346.344706][T23617] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3346.353119][T23617] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3346.361093][T23617] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3346.369070][T23617] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3346.377049][T23617] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3346.385075][T23617] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:47:10 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f060024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:10 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030524000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:10 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000004000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:47:10 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x77}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:10 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60020011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:10 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r3, &(0x7f0000000200)=""/202, 0xca, 0x6000000000000000) [ 3356.557855][T23750] netlink: 212940 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3356.601058][T23756] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:47:11 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030624000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:11 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000004800000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3356.844307][T23864] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:47:11 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000004c00000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:47:11 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030724000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3356.889040][T23758] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3356.906754][T23758] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3356.994673][T23758] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3356.994673][T23758] !' 11:47:11 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000006000000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3357.044529][T23873] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3357.050447][T23758] CPU: 1 PID: 23758 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3357.061921][T23758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3357.071979][T23758] Call Trace: [ 3357.075284][T23758] dump_stack+0x188/0x20d [ 3357.079644][T23758] sysfs_warn_dup.cold+0x1c/0x2d [ 3357.084593][T23758] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3357.090678][T23758] sysfs_create_link+0x61/0xc0 [ 3357.095453][T23758] device_add+0x71c/0x1bc0 [ 3357.099896][T23758] ? ieee80211_set_bitrate_flags+0x1b7/0x5c0 [ 3357.105891][T23758] ? uevent_show+0x360/0x360 [ 3357.111030][T23758] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3357.117127][T23758] wiphy_register+0x1c46/0x2720 [ 3357.122011][T23758] ? wiphy_unregister+0xf90/0xf90 [ 3357.127052][T23758] ? __kmalloc+0x629/0x7a0 [ 3357.131489][T23758] ? ieee80211_register_hw+0xbea/0x3760 [ 3357.137089][T23758] ? ieee80211_cs_list_valid+0x198/0x280 [ 3357.142736][T23758] ieee80211_register_hw+0x141d/0x3760 [ 3357.146645][T23876] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3357.148234][T23758] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3357.148257][T23758] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3357.167938][T23758] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3357.173934][T23758] ? memset+0x20/0x40 [ 3357.177931][T23758] ? __hrtimer_init+0x134/0x260 [ 3357.182787][T23758] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3357.188505][T23758] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3357.193893][T23758] ? hwsim_register_received_nl+0x400/0x400 [ 3357.199788][T23758] hwsim_new_radio_nl+0x905/0xf60 [ 3357.204805][T23758] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3357.210080][T23758] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3357.215981][T23758] genl_rcv_msg+0x627/0xdf0 [ 3357.220482][T23758] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3357.226823][T23758] ? retint_kernel+0x2b/0x2b [ 3357.231432][T23758] netlink_rcv_skb+0x15a/0x410 [ 3357.236184][T23758] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3357.242515][T23758] ? netlink_ack+0xa80/0xa80 [ 3357.247111][T23758] genl_rcv+0x24/0x40 [ 3357.251081][T23758] netlink_unicast+0x537/0x740 [ 3357.255838][T23758] ? netlink_attachskb+0x810/0x810 [ 3357.260945][T23758] ? _copy_from_iter_full+0x25c/0x870 [ 3357.266304][T23758] ? __phys_addr_symbol+0x2c/0x70 [ 3357.271337][T23758] ? __check_object_size+0x171/0x437 [ 3357.276610][T23758] netlink_sendmsg+0x882/0xe10 [ 3357.281369][T23758] ? aa_af_perm+0x260/0x260 [ 3357.285871][T23758] ? netlink_unicast+0x740/0x740 [ 3357.290817][T23758] ? netlink_unicast+0x740/0x740 [ 3357.295749][T23758] sock_sendmsg+0xcf/0x120 [ 3357.300153][T23758] ____sys_sendmsg+0x6b9/0x7d0 [ 3357.304907][T23758] ? kernel_sendmsg+0x50/0x50 [ 3357.309575][T23758] ? mark_lock+0xbc/0x1220 [ 3357.314001][T23758] ___sys_sendmsg+0x100/0x170 [ 3357.318668][T23758] ? sendmsg_copy_msghdr+0x70/0x70 [ 3357.323791][T23758] ? __fget_files+0x329/0x4f0 [ 3357.328459][T23758] ? ksys_dup3+0x3c0/0x3c0 [ 3357.332859][T23758] ? lock_acquire+0x197/0x420 [ 3357.337520][T23758] ? __might_fault+0xef/0x1d0 [ 3357.342192][T23758] ? __fget_light+0x208/0x270 [ 3357.346864][T23758] __sys_sendmsg+0xec/0x1b0 [ 3357.351351][T23758] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3357.356371][T23758] ? __x64_sys_futex+0x380/0x4f0 [ 3357.361309][T23758] ? trace_hardirqs_off_caller+0x55/0x230 [ 3357.367027][T23758] ? do_syscall_64+0x21/0x7d0 [ 3357.371706][T23758] do_syscall_64+0xf6/0x7d0 [ 3357.376200][T23758] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3357.382073][T23758] RIP: 0033:0x45c849 [ 3357.385953][T23758] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3357.405540][T23758] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3357.413945][T23758] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3357.421914][T23758] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3357.429883][T23758] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3357.437843][T23758] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 11:47:11 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030824000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3357.445798][T23758] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3357.574383][T23866] netlink: 212940 bytes leftover after parsing attributes in process `syz-executor.2'. 11:47:20 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f070024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:20 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCL_SCROLLCONSOLE(r0, 0x800455c9, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r2, 0x0, r1) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r3, &(0x7f0000000200)=""/202, 0xca, 0x0) 11:47:20 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x77}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:20 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030924000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:20 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000006800000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:47:20 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60040011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:20 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030a24000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:20 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60060011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3365.966675][T23896] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3365.994227][T23898] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3366.050656][T23898] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. 11:47:20 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000006c00000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:47:20 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030e24000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3366.156917][T23898] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3366.156917][T23898] !' [ 3366.194126][T23898] CPU: 1 PID: 23898 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3366.202864][T23898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3366.212941][T23898] Call Trace: [ 3366.216256][T23898] dump_stack+0x188/0x20d [ 3366.220815][T23898] sysfs_warn_dup.cold+0x1c/0x2d [ 3366.225883][T23898] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3366.232268][T23898] sysfs_create_link+0x61/0xc0 [ 3366.237056][T23898] device_add+0x71c/0x1bc0 [ 3366.241501][T23898] ? retint_kernel+0x2b/0x2b [ 3366.246127][T23898] ? uevent_show+0x360/0x360 [ 3366.250746][T23898] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 11:47:20 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f034824000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3366.256997][T23898] wiphy_register+0x1c46/0x2720 [ 3366.261892][T23898] ? wiphy_unregister+0xf90/0xf90 [ 3366.266959][T23898] ? retint_kernel+0x2b/0x2b [ 3366.271589][T23898] ? ieee80211_register_hw+0x1226/0x3760 [ 3366.277247][T23898] ieee80211_register_hw+0x141d/0x3760 [ 3366.282748][T23898] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3366.288360][T23898] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3366.293933][T23898] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3366.299943][T23898] ? memset+0x20/0x40 11:47:20 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f034c24000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3366.303952][T23898] ? __hrtimer_init+0x134/0x260 [ 3366.308943][T23898] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3366.314682][T23898] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3366.320013][T23898] ? hwsim_register_received_nl+0x400/0x400 [ 3366.325945][T23898] hwsim_new_radio_nl+0x905/0xf60 [ 3366.331000][T23898] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3366.336934][T23898] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3366.343284][T23898] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3366.349647][T23898] genl_rcv_msg+0x627/0xdf0 [ 3366.354185][T23898] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3366.360536][T23898] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3366.365849][T23898] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3366.371365][T23898] netlink_rcv_skb+0x15a/0x410 [ 3366.376152][T23898] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3366.382547][T23898] ? netlink_ack+0xa80/0xa80 [ 3366.387187][T23898] genl_rcv+0x24/0x40 [ 3366.391194][T23898] netlink_unicast+0x537/0x740 [ 3366.396000][T23898] ? netlink_attachskb+0x810/0x810 [ 3366.401477][T23898] ? _copy_from_iter_full+0x25c/0x870 [ 3366.407008][T23898] ? __phys_addr_symbol+0x2c/0x70 [ 3366.412179][T23898] ? __check_object_size+0x171/0x437 [ 3366.417500][T23898] netlink_sendmsg+0x882/0xe10 [ 3366.422294][T23898] ? aa_af_perm+0x260/0x260 [ 3366.426823][T23898] ? netlink_unicast+0x740/0x740 [ 3366.431803][T23898] ? netlink_unicast+0x740/0x740 [ 3366.436763][T23898] sock_sendmsg+0xcf/0x120 [ 3366.441201][T23898] ____sys_sendmsg+0x6b9/0x7d0 [ 3366.446016][T23898] ? kernel_sendmsg+0x50/0x50 [ 3366.450713][T23898] ? mark_lock+0xbc/0x1220 [ 3366.455265][T23898] ___sys_sendmsg+0x100/0x170 [ 3366.460105][T23898] ? sendmsg_copy_msghdr+0x70/0x70 [ 3366.465257][T23898] ? __fget_files+0x329/0x4f0 [ 3366.469967][T23898] ? ksys_dup3+0x3c0/0x3c0 [ 3366.474396][T23898] ? lock_acquire+0x197/0x420 [ 3366.479241][T23898] ? __might_fault+0xef/0x1d0 [ 3366.483951][T23898] ? __fget_light+0x208/0x270 [ 3366.488751][T23898] __sys_sendmsg+0xec/0x1b0 [ 3366.493266][T23898] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3366.498308][T23898] ? __x64_sys_futex+0x380/0x4f0 [ 3366.503280][T23898] ? trace_hardirqs_off_caller+0x55/0x230 [ 3366.509026][T23898] ? do_syscall_64+0x21/0x7d0 [ 3366.513771][T23898] do_syscall_64+0xf6/0x7d0 [ 3366.518297][T23898] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3366.524328][T23898] RIP: 0033:0x45c849 [ 3366.528242][T23898] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3366.547864][T23898] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3366.556297][T23898] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3366.564287][T23898] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3366.572280][T23898] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3366.580265][T23898] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3366.588252][T23898] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3366.638085][T23916] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3366.672231][T23906] netlink: 206524 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3366.772068][T23906] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3366.772068][T23906] !' [ 3366.811011][T23906] CPU: 1 PID: 23906 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3366.819766][T23906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3366.829843][T23906] Call Trace: [ 3366.833160][T23906] dump_stack+0x188/0x20d [ 3366.837520][T23906] sysfs_warn_dup.cold+0x1c/0x2d [ 3366.842507][T23906] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3366.848596][T23906] sysfs_create_link+0x61/0xc0 [ 3366.853381][T23906] device_add+0x71c/0x1bc0 [ 3366.857915][T23906] ? ieee80211_set_bitrate_flags+0x145/0x5c0 [ 3366.863921][T23906] ? uevent_show+0x360/0x360 [ 3366.868540][T23906] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3366.874547][T23906] wiphy_register+0x1c46/0x2720 [ 3366.879439][T23906] ? wiphy_unregister+0xf90/0xf90 [ 3366.884478][T23906] ? retint_kernel+0x2b/0x2b [ 3366.889097][T23906] ? ieee80211_cs_list_valid+0x198/0x280 [ 3366.894752][T23906] ieee80211_register_hw+0x141d/0x3760 [ 3366.900253][T23906] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3366.905864][T23906] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3366.911555][T23906] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3366.917558][T23906] ? memset+0x20/0x40 [ 3366.921560][T23906] ? __hrtimer_init+0x134/0x260 [ 3366.926441][T23906] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3366.932182][T23906] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3366.937646][T23906] ? hwsim_register_received_nl+0x400/0x400 [ 3366.943701][T23906] hwsim_new_radio_nl+0x905/0xf60 [ 3366.948758][T23906] ? retint_kernel+0x2b/0x2b [ 3366.953378][T23906] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3366.959319][T23906] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3366.965670][T23906] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3366.972035][T23906] genl_rcv_msg+0x627/0xdf0 [ 3366.976648][T23906] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3366.982999][T23906] ? mark_held_locks+0x9f/0xe0 [ 3366.987788][T23906] netlink_rcv_skb+0x15a/0x410 [ 3366.992554][T23906] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3366.998995][T23906] ? netlink_ack+0xa80/0xa80 [ 3367.003583][T23906] ? retint_kernel+0x2b/0x2b [ 3367.008181][T23906] ? down_read+0x110/0x420 [ 3367.012597][T23906] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3367.019066][T23906] genl_rcv+0x24/0x40 [ 3367.023049][T23906] netlink_unicast+0x537/0x740 [ 3367.027817][T23906] ? netlink_attachskb+0x810/0x810 [ 3367.032930][T23906] ? _copy_from_iter_full+0x25c/0x870 [ 3367.038297][T23906] ? __phys_addr_symbol+0x2c/0x70 [ 3367.043317][T23906] ? __check_object_size+0x171/0x437 [ 3367.048602][T23906] netlink_sendmsg+0x882/0xe10 [ 3367.053368][T23906] ? aa_af_perm+0x260/0x260 [ 3367.057864][T23906] ? netlink_unicast+0x740/0x740 [ 3367.062811][T23906] ? netlink_unicast+0x740/0x740 [ 3367.067745][T23906] sock_sendmsg+0xcf/0x120 [ 3367.072162][T23906] ____sys_sendmsg+0x6b9/0x7d0 [ 3367.076927][T23906] ? kernel_sendmsg+0x50/0x50 [ 3367.081608][T23906] ? mark_lock+0xbc/0x1220 [ 3367.086036][T23906] ___sys_sendmsg+0x100/0x170 [ 3367.090719][T23906] ? sendmsg_copy_msghdr+0x70/0x70 [ 3367.095843][T23906] ? __fget_files+0x329/0x4f0 [ 3367.100523][T23906] ? ksys_dup3+0x3c0/0x3c0 [ 3367.105005][T23906] ? __fget_light+0x208/0x270 [ 3367.109689][T23906] __sys_sendmsg+0xec/0x1b0 [ 3367.114193][T23906] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3367.119235][T23906] ? do_syscall_64+0xbc/0x7d0 [ 3367.123912][T23906] do_syscall_64+0xf6/0x7d0 [ 3367.128416][T23906] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3367.134302][T23906] RIP: 0033:0x45c849 [ 3367.138197][T23906] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3367.157882][T23906] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3367.166290][T23906] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3367.174257][T23906] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3367.182223][T23906] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3367.190190][T23906] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3367.198159][T23906] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3367.323683][T24020] netlink: 206524 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3367.346925][T24020] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3367.346925][T24020] !' [ 3367.357317][T24020] CPU: 1 PID: 24020 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3367.366127][T24020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3367.376201][T24020] Call Trace: [ 3367.379766][T24020] dump_stack+0x188/0x20d [ 3367.384118][T24020] sysfs_warn_dup.cold+0x1c/0x2d [ 3367.389227][T24020] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3367.395302][T24020] sysfs_create_link+0x61/0xc0 [ 3367.400068][T24020] device_add+0x71c/0x1bc0 [ 3367.404494][T24020] ? uevent_show+0x360/0x360 [ 3367.409087][T24020] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3367.415073][T24020] wiphy_register+0x1c46/0x2720 [ 3367.420066][T24020] ? wiphy_unregister+0xf90/0xf90 [ 3367.425101][T24020] ? __kmalloc+0x629/0x7a0 [ 3367.429515][T24020] ? ieee80211_register_hw+0xbea/0x3760 [ 3367.435068][T24020] ? ieee80211_cs_list_valid+0x198/0x280 [ 3367.440850][T24020] ieee80211_register_hw+0x141d/0x3760 [ 3367.446327][T24020] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3367.451789][T24020] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3367.457332][T24020] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3367.463316][T24020] ? memset+0x20/0x40 [ 3367.467299][T24020] ? __hrtimer_init+0x134/0x260 [ 3367.472152][T24020] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3367.477993][T24020] ? vprintk_func+0x81/0x17e [ 3367.482608][T24020] ? hwsim_register_received_nl+0x400/0x400 [ 3367.488641][T24020] hwsim_new_radio_nl+0x905/0xf60 [ 3367.493830][T24020] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3367.499996][T24020] ? cap_capable+0x1eb/0x250 [ 3367.504634][T24020] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3367.510971][T24020] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3367.517312][T24020] genl_rcv_msg+0x627/0xdf0 [ 3367.521827][T24020] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3367.528250][T24020] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 3367.534073][T24020] netlink_rcv_skb+0x15a/0x410 [ 3367.538886][T24020] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3367.545534][T24020] ? netlink_ack+0xa80/0xa80 [ 3367.550286][T24020] genl_rcv+0x24/0x40 [ 3367.554283][T24020] netlink_unicast+0x537/0x740 [ 3367.559055][T24020] ? netlink_attachskb+0x810/0x810 [ 3367.564174][T24020] ? _copy_from_iter_full+0x25c/0x870 [ 3367.569552][T24020] ? __phys_addr_symbol+0x2c/0x70 [ 3367.574582][T24020] ? __check_object_size+0x171/0x437 [ 3367.580020][T24020] netlink_sendmsg+0x882/0xe10 [ 3367.584817][T24020] ? aa_af_perm+0x260/0x260 [ 3367.589320][T24020] ? netlink_unicast+0x740/0x740 [ 3367.594276][T24020] ? netlink_unicast+0x740/0x740 [ 3367.599221][T24020] sock_sendmsg+0xcf/0x120 [ 3367.603649][T24020] ____sys_sendmsg+0x6b9/0x7d0 [ 3367.608414][T24020] ? kernel_sendmsg+0x50/0x50 [ 3367.613133][T24020] ? mark_lock+0xbc/0x1220 [ 3367.617719][T24020] ___sys_sendmsg+0x100/0x170 [ 3367.622664][T24020] ? sendmsg_copy_msghdr+0x70/0x70 [ 3367.627805][T24020] ? __fget_files+0x329/0x4f0 [ 3367.632512][T24020] ? ksys_dup3+0x3c0/0x3c0 [ 3367.636929][T24020] ? lock_acquire+0x197/0x420 [ 3367.641733][T24020] ? __might_fault+0xef/0x1d0 [ 3367.646625][T24020] ? __fget_light+0x208/0x270 [ 3367.651315][T24020] __sys_sendmsg+0xec/0x1b0 [ 3367.655822][T24020] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3367.660856][T24020] ? __x64_sys_futex+0x380/0x4f0 [ 3367.665831][T24020] ? trace_hardirqs_off_caller+0x55/0x230 [ 3367.671558][T24020] ? do_syscall_64+0x21/0x7d0 [ 3367.676239][T24020] do_syscall_64+0xf6/0x7d0 [ 3367.680749][T24020] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3367.686639][T24020] RIP: 0033:0x45c849 [ 3367.690538][T24020] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3367.710192][T24020] RSP: 002b:00007fc08083cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3367.718611][T24020] RAX: ffffffffffffffda RBX: 00007fc08083d6d4 RCX: 000000000045c849 [ 3367.726580][T24020] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3367.734575][T24020] RBP: 000000000076bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 3367.742776][T24020] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3367.750960][T24020] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bfac 11:47:29 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f080024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:29 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f036024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:29 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x77}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:29 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000007400000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:47:29 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) r4 = syz_open_dev$sndseq(&(0x7f0000000200)='/dev/snd/seq\x00', 0x0, 0x1) dup2(r4, 0xffffffffffffffff) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r4, 0xc0406618, &(0x7f0000000000)={{0x1, 0x0, @descriptor="3a3f92220f9eee32"}}) ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000380)=@usbdevfs_driver={0x2, 0x8000, &(0x7f0000000240)="a0797651"}) ioctl$VIDIOC_TRY_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, &(0x7f0000000400)={0x980000, 0x20, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000003c0)={0x9909e3, 0x7d3c1de2, [], @p_u16=&(0x7f0000000100)=0xffff}}) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) pipe(&(0x7f0000000440)={0xffffffffffffffff}) setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, &(0x7f0000000300)=0x40000002, 0x4) r6 = syz_open_dev$usbfs(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x77, 0x1) ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, &(0x7f0000000380)) ioctl$VIDIOC_QBUF(r5, 0xc058560f, &(0x7f0000000180)={0x1f, 0x4, 0x4, 0x20000000, 0x2, {}, {0x2, 0xc, 0x9, 0x1f, 0x86, 0x3, "4e3180f0"}, 0x8, 0x3, @userptr=0x7ff, 0x0, 0x0, r6}) r7 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r7, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r3, &(0x7f0000000480)=""/217, 0xd9, 0x10000000000) 11:47:29 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc600a0011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3375.291649][T24028] netlink: 189576 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3375.303787][T24031] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:47:29 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f036824000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:29 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000007a00000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3375.427511][T24028] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3375.427511][T24028] !' [ 3375.480874][T24028] CPU: 0 PID: 24028 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3375.489692][T24028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3375.499769][T24028] Call Trace: [ 3375.503082][T24028] dump_stack+0x188/0x20d [ 3375.507439][T24028] sysfs_warn_dup.cold+0x1c/0x2d [ 3375.512397][T24028] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3375.518481][T24028] sysfs_create_link+0x61/0xc0 [ 3375.523264][T24028] device_add+0x71c/0x1bc0 [ 3375.527700][T24028] ? ieee80211_set_bitrate_flags+0x46a/0x5c0 [ 3375.533698][T24028] ? uevent_show+0x360/0x360 [ 3375.538307][T24028] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3375.544316][T24028] wiphy_register+0x1c46/0x2720 [ 3375.549210][T24028] ? wiphy_unregister+0xf90/0xf90 [ 3375.554254][T24028] ? retint_kernel+0x2b/0x2b [ 3375.558871][T24028] ? ieee80211_register_hw+0x1226/0x3760 [ 3375.564525][T24028] ieee80211_register_hw+0x141d/0x3760 [ 3375.570012][T24028] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3375.575485][T24028] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3375.581046][T24028] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3375.587047][T24028] ? memset+0x20/0x40 [ 3375.591041][T24028] ? __hrtimer_init+0x134/0x260 [ 3375.595913][T24028] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3375.601649][T24028] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3375.606989][T24028] ? hwsim_register_received_nl+0x400/0x400 [ 3375.612905][T24028] ? hwsim_new_radio_nl+0x342/0xf60 [ 3375.618133][T24028] hwsim_new_radio_nl+0x905/0xf60 [ 3375.623184][T24028] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3375.628493][T24028] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3375.634456][T24028] genl_rcv_msg+0x627/0xdf0 [ 3375.638988][T24028] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3375.645332][T24028] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3375.650818][T24028] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3375.656573][T24028] ? netlink_rcv_skb+0x101/0x410 [ 3375.661541][T24028] netlink_rcv_skb+0x15a/0x410 [ 3375.666323][T24028] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3375.672665][T24028] ? netlink_ack+0xa80/0xa80 [ 3375.677292][T24028] genl_rcv+0x24/0x40 [ 3375.681280][T24028] netlink_unicast+0x537/0x740 [ 3375.686060][T24028] ? netlink_attachskb+0x810/0x810 [ 3375.691177][T24028] ? _copy_from_iter_full+0x25c/0x870 [ 3375.696564][T24028] ? __phys_addr_symbol+0x2c/0x70 [ 3375.701595][T24028] ? __check_object_size+0x171/0x437 [ 3375.706898][T24028] netlink_sendmsg+0x882/0xe10 [ 3375.711682][T24028] ? aa_af_perm+0x260/0x260 [ 3375.716200][T24028] ? netlink_unicast+0x740/0x740 [ 3375.721172][T24028] ? netlink_unicast+0x740/0x740 [ 3375.726123][T24028] sock_sendmsg+0xcf/0x120 [ 3375.730550][T24028] ____sys_sendmsg+0x6b9/0x7d0 [ 3375.735327][T24028] ? kernel_sendmsg+0x50/0x50 [ 3375.740010][T24028] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3375.745502][T24028] ___sys_sendmsg+0x100/0x170 [ 3375.750196][T24028] ? sendmsg_copy_msghdr+0x70/0x70 [ 3375.755339][T24028] ? __fget_files+0x329/0x4f0 [ 3375.760048][T24028] ? ksys_dup3+0x3c0/0x3c0 [ 3375.764476][T24028] ? lock_acquire+0x197/0x420 [ 3375.769168][T24028] ? __might_fault+0xef/0x1d0 [ 3375.773874][T24028] ? __fget_light+0x208/0x270 [ 3375.778570][T24028] __sys_sendmsg+0xec/0x1b0 [ 3375.783084][T24028] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3375.788114][T24028] ? __x64_sys_futex+0x380/0x4f0 [ 3375.793083][T24028] ? trace_hardirqs_off_caller+0x55/0x230 [ 3375.798814][T24028] ? do_syscall_64+0x21/0x7d0 [ 3375.803502][T24028] do_syscall_64+0xf6/0x7d0 [ 3375.808015][T24028] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3375.813914][T24028] RIP: 0033:0x45c849 [ 3375.817820][T24028] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3375.837435][T24028] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3375.845873][T24028] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3375.853854][T24028] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3375.861836][T24028] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3375.869820][T24028] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 11:47:29 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) getsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000000), &(0x7f0000000040)=0x8) ioctl$RTC_IRQP_SET(r2, 0x4008700c, 0xba7) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(0xffffffffffffffff, &(0x7f0000000000), 0x0) ioctl$SNDRV_PCM_IOCTL_RESET(0xffffffffffffffff, 0x4141, 0x0) r4 = dup3(0xffffffffffffffff, r3, 0x0) r5 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000240)=[@in={0x2, 0x4e20, @loopback}, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1d}}], 0x20) sendto$inet(r5, &(0x7f00003cef9f)='7', 0x1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000025e000)={0x2, [0x0, 0x0]}, &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x7a, &(0x7f000059aff8)={r6}, &(0x7f000034f000)=0x2059b000) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r4, 0x84, 0x7c, &(0x7f0000000100)={r6, 0x8, 0x8}, &(0x7f0000000180)=0x8) r7 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r7, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r3, &(0x7f0000000200)=""/202, 0xca, 0x0) [ 3375.877800][T24028] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3375.909129][T24029] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3375.913775][T24144] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3375.921537][T24029] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3375.956116][T24029] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3375.956116][T24029] !' [ 3375.966566][T24029] CPU: 0 PID: 24029 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3375.975271][T24029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3375.985328][T24029] Call Trace: [ 3375.988631][T24029] dump_stack+0x188/0x20d [ 3375.992984][T24029] sysfs_warn_dup.cold+0x1c/0x2d [ 3375.997936][T24029] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3376.004021][T24029] sysfs_create_link+0x61/0xc0 [ 3376.008800][T24029] device_add+0x71c/0x1bc0 [ 3376.013232][T24029] ? ieee80211_set_bitrate_flags+0x1b7/0x5c0 [ 3376.019209][T24029] ? uevent_show+0x360/0x360 [ 3376.023809][T24029] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3376.029808][T24029] wiphy_register+0x1c46/0x2720 [ 3376.034702][T24029] ? wiphy_unregister+0xf90/0xf90 [ 3376.039743][T24029] ? retint_kernel+0x2b/0x2b [ 3376.044378][T24029] ? ieee80211_cs_list_valid+0x198/0x280 [ 3376.050046][T24029] ieee80211_register_hw+0x141d/0x3760 [ 3376.055522][T24029] ? swapgs_restore_regs_and_return_to_usermode+0x3c/0x40 [ 3376.062773][T24029] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3376.068247][T24029] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3376.073808][T24029] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3376.079803][T24029] ? memset+0x20/0x40 [ 3376.083786][T24029] ? __hrtimer_init+0x134/0x260 [ 3376.088655][T24029] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3376.094414][T24029] ? hwsim_register_received_nl+0x400/0x400 [ 3376.100341][T24029] hwsim_new_radio_nl+0x905/0xf60 [ 3376.105386][T24029] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3376.111305][T24029] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3376.125288][T24029] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3376.131651][T24029] genl_rcv_msg+0x627/0xdf0 [ 3376.136176][T24029] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3376.142516][T24029] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3376.147813][T24029] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3376.153313][T24029] netlink_rcv_skb+0x15a/0x410 [ 3376.158096][T24029] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3376.164436][T24029] ? netlink_ack+0xa80/0xa80 [ 3376.169064][T24029] genl_rcv+0x24/0x40 [ 3376.173052][T24029] netlink_unicast+0x537/0x740 [ 3376.177834][T24029] ? netlink_attachskb+0x810/0x810 [ 3376.182952][T24029] ? _copy_from_iter_full+0x25c/0x870 [ 3376.188327][T24029] ? __phys_addr_symbol+0x2c/0x70 [ 3376.193361][T24029] ? __check_object_size+0x171/0x437 [ 3376.198667][T24029] netlink_sendmsg+0x882/0xe10 [ 3376.203445][T24029] ? aa_af_perm+0x260/0x260 [ 3376.207958][T24029] ? netlink_unicast+0x740/0x740 [ 3376.212918][T24029] ? netlink_unicast+0x740/0x740 [ 3376.217865][T24029] sock_sendmsg+0xcf/0x120 [ 3376.222288][T24029] ____sys_sendmsg+0x6b9/0x7d0 [ 3376.227058][T24029] ? kernel_sendmsg+0x50/0x50 [ 3376.231742][T24029] ? retint_kernel+0x2b/0x2b [ 3376.236353][T24029] ? ___sys_sendmsg+0xdc/0x170 [ 3376.241129][T24029] ___sys_sendmsg+0x100/0x170 [ 3376.245818][T24029] ? sendmsg_copy_msghdr+0x70/0x70 [ 3376.250958][T24029] ? __fget_files+0x329/0x4f0 [ 3376.255661][T24029] ? ksys_dup3+0x3c0/0x3c0 [ 3376.260089][T24029] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3376.265814][T24029] ? retint_kernel+0x2b/0x2b [ 3376.270421][T24029] ? __fget_light+0x208/0x270 [ 3376.275122][T24029] __sys_sendmsg+0xec/0x1b0 [ 3376.279645][T24029] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3376.284699][T24029] ? trace_hardirqs_off_caller+0x55/0x230 [ 3376.290435][T24029] ? do_syscall_64+0x21/0x7d0 [ 3376.295153][T24029] do_syscall_64+0xf6/0x7d0 [ 3376.299677][T24029] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3376.305577][T24029] RIP: 0033:0x45c849 [ 3376.309487][T24029] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3376.329193][T24029] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3376.337639][T24029] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3376.345624][T24029] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 11:47:30 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f036c24000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:30 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000020000000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:47:30 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) r3 = syz_open_dev$sndseq(&(0x7f0000000200)='/dev/snd/seq\x00', 0x0, 0x1) r4 = dup2(r3, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r4, &(0x7f0000000000), 0x0) ioctl$SNDRV_PCM_IOCTL_RESET(r4, 0x4141, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000040)=[0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0], 0x6, 0x1, 0x7, 0x1}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r6 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r6, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r5, &(0x7f0000000200)=""/202, 0xca, 0x0) [ 3376.353598][T24029] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3376.361572][T24029] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3376.369559][T24029] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3376.458898][T24153] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:47:38 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f090024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:38 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc600c0011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:38 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f037424000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:38 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7d}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:38 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000010000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:47:38 executing program 3: syz_open_dev$sndseq(&(0x7f0000000200)='/dev/snd/seq\x00', 0x0, 0x1) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000000)=0x2, 0x4) ioctl$VT_WAITACTIVE(r0, 0x5607) r2 = dup2(r1, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r2, &(0x7f0000000000), 0x0) ioctl$SNDRV_PCM_IOCTL_RESET(r2, 0x4141, 0x0) ioctl$ION_IOC_ALLOC(r2, 0xc0184900, &(0x7f0000000100)={0x8, 0x28}) setns(r1, 0x20000) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = fcntl$dupfd(r4, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) syz_open_dev$sndseq(&(0x7f0000000200)='/dev/snd/seq\x00', 0x0, 0x1) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x800}) ioctl$PPPIOCSFLAGS(r5, 0x40047459, &(0x7f0000000000)=0x40008) r7 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r7, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r6, &(0x7f0000000300)=""/232, 0xe8, 0x80) 11:47:39 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f037a24000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3384.688483][T24173] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3384.717908][T24171] netlink: 'syz-executor.1': attribute type 8 has an invalid length. 11:47:39 executing program 3: pipe(&(0x7f0000000140)={0xffffffffffffffff}) setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000000)=0x2, 0x4) ioctl$SIOCPNADDRESOURCE(r0, 0x89e0, &(0x7f0000000100)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r5 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r5, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r4, &(0x7f0000000200)=""/202, 0xca, 0x0) r6 = msgget$private(0x0, 0x0) msgctl$IPC_RMID(r6, 0x0) msgctl$MSG_STAT(r6, 0xb, &(0x7f0000000180)=""/128) 11:47:39 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000020000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:47:39 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030028000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3384.763171][T24171] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3384.865525][T24171] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3384.865525][T24171] !' [ 3384.918064][T24187] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3384.933028][T24171] CPU: 1 PID: 24171 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3384.941738][T24171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3384.951823][T24171] Call Trace: [ 3384.955131][T24171] dump_stack+0x188/0x20d [ 3384.959490][T24171] sysfs_warn_dup.cold+0x1c/0x2d [ 3384.964434][T24171] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3384.970495][T24171] sysfs_create_link+0x61/0xc0 [ 3384.975264][T24171] device_add+0x71c/0x1bc0 [ 3384.979900][T24171] ? uevent_show+0x360/0x360 [ 3384.984483][T24171] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3384.990455][T24171] wiphy_register+0x1c46/0x2720 [ 3384.995310][T24171] ? wiphy_unregister+0xf90/0xf90 [ 3385.000329][T24171] ? retint_kernel+0x2b/0x2b [ 3385.004928][T24171] ? ieee80211_register_hw+0x1226/0x3760 [ 3385.010559][T24171] ieee80211_register_hw+0x141d/0x3760 [ 3385.016028][T24171] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3385.021471][T24171] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3385.027002][T24171] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3385.032986][T24171] ? memset+0x20/0x40 [ 3385.036965][T24171] ? __hrtimer_init+0x134/0x260 [ 3385.041862][T24171] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3385.047582][T24171] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3385.052863][T24171] ? hwsim_register_received_nl+0x400/0x400 [ 3385.058740][T24171] ? hwsim_new_radio_nl+0x211/0xf60 [ 3385.063924][T24171] hwsim_new_radio_nl+0x905/0xf60 [ 3385.068937][T24171] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3385.075173][T24171] ? cap_capable+0x1eb/0x250 [ 3385.079764][T24171] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3385.086087][T24171] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3385.092417][T24171] genl_rcv_msg+0x627/0xdf0 [ 3385.096913][T24171] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3385.103222][T24171] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3385.108937][T24171] ? retint_kernel+0x2b/0x2b [ 3385.113538][T24171] ? check_memory_region+0x117/0x190 [ 3385.118826][T24171] netlink_rcv_skb+0x15a/0x410 [ 3385.123593][T24171] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3385.129914][T24171] ? netlink_ack+0xa80/0xa80 [ 3385.134516][T24171] genl_rcv+0x24/0x40 [ 3385.138482][T24171] netlink_unicast+0x537/0x740 [ 3385.143252][T24171] ? netlink_attachskb+0x810/0x810 [ 3385.148364][T24171] ? _copy_from_iter_full+0x25c/0x870 [ 3385.153729][T24171] ? __phys_addr_symbol+0x2c/0x70 [ 3385.158736][T24171] ? __check_object_size+0x171/0x437 [ 3385.164178][T24171] netlink_sendmsg+0x882/0xe10 [ 3385.168966][T24171] ? aa_af_perm+0x260/0x260 [ 3385.173499][T24171] ? netlink_unicast+0x740/0x740 [ 3385.178471][T24171] ? netlink_unicast+0x740/0x740 [ 3385.183419][T24171] sock_sendmsg+0xcf/0x120 [ 3385.187851][T24171] ____sys_sendmsg+0x6b9/0x7d0 [ 3385.192637][T24171] ? kernel_sendmsg+0x50/0x50 [ 3385.197336][T24171] ? mark_lock+0xbc/0x1220 [ 3385.201790][T24171] ___sys_sendmsg+0x100/0x170 [ 3385.206485][T24171] ? sendmsg_copy_msghdr+0x70/0x70 11:47:39 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000030000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:47:39 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000040000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3385.209551][T24189] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3385.211624][T24171] ? __fget_files+0x329/0x4f0 [ 3385.211653][T24171] ? ksys_dup3+0x3c0/0x3c0 [ 3385.211687][T24171] ? __fget_light+0x208/0x270 [ 3385.211713][T24171] __sys_sendmsg+0xec/0x1b0 [ 3385.238733][T24171] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3385.243769][T24171] ? __x64_sys_futex+0x380/0x4f0 [ 3385.248741][T24171] ? trace_hardirqs_off_caller+0x55/0x230 [ 3385.254482][T24171] ? do_syscall_64+0x21/0x7d0 [ 3385.259188][T24171] do_syscall_64+0xf6/0x7d0 [ 3385.263718][T24171] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3385.269615][T24171] RIP: 0033:0x45c849 [ 3385.273526][T24171] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3385.293143][T24171] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3385.294246][T24192] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3385.301576][T24171] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3385.301585][T24171] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3385.301593][T24171] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3385.301601][T24171] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3385.301610][T24171] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3385.338084][T24175] netlink: 189576 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3385.434055][T24175] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3385.434055][T24175] !' [ 3385.545926][T24175] CPU: 1 PID: 24175 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3385.554667][T24175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3385.564837][T24175] Call Trace: [ 3385.568144][T24175] dump_stack+0x188/0x20d [ 3385.572496][T24175] sysfs_warn_dup.cold+0x1c/0x2d [ 3385.577455][T24175] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3385.583543][T24175] sysfs_create_link+0x61/0xc0 [ 3385.588325][T24175] device_add+0x71c/0x1bc0 [ 3385.592764][T24175] ? ieee80211_set_bitrate_flags+0x153/0x5c0 [ 3385.598763][T24175] ? uevent_show+0x360/0x360 [ 3385.603479][T24175] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3385.609486][T24175] wiphy_register+0x1c46/0x2720 [ 3385.614368][T24175] ? wiphy_unregister+0xf90/0xf90 [ 3385.619404][T24175] ? retint_kernel+0x2b/0x2b [ 3385.624030][T24175] ? ieee80211_register_hw+0x1226/0x3760 [ 3385.629687][T24175] ieee80211_register_hw+0x141d/0x3760 [ 3385.635179][T24175] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3385.640662][T24175] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3385.646225][T24175] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3385.652221][T24175] ? memset+0x20/0x40 [ 3385.656230][T24175] ? __hrtimer_init+0x134/0x260 [ 3385.661104][T24175] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3385.666871][T24175] ? hwsim_register_received_nl+0x400/0x400 [ 3385.672791][T24175] hwsim_new_radio_nl+0x905/0xf60 [ 3385.677829][T24175] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3385.683310][T24175] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3385.689251][T24175] genl_rcv_msg+0x627/0xdf0 [ 3385.693782][T24175] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3385.700151][T24175] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 3385.705992][T24175] netlink_rcv_skb+0x15a/0x410 [ 3385.710773][T24175] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3385.717118][T24175] ? netlink_ack+0xa80/0xa80 [ 3385.721753][T24175] genl_rcv+0x24/0x40 [ 3385.725746][T24175] netlink_unicast+0x537/0x740 [ 3385.730530][T24175] ? netlink_attachskb+0x810/0x810 [ 3385.735649][T24175] ? _copy_from_iter_full+0x25c/0x870 [ 3385.741038][T24175] ? __phys_addr_symbol+0x2c/0x70 [ 3385.746073][T24175] ? __check_object_size+0x171/0x437 [ 3385.751380][T24175] netlink_sendmsg+0x882/0xe10 [ 3385.756165][T24175] ? aa_af_perm+0x260/0x260 [ 3385.760681][T24175] ? netlink_unicast+0x740/0x740 [ 3385.765643][T24175] ? netlink_unicast+0x740/0x740 [ 3385.770595][T24175] sock_sendmsg+0xcf/0x120 [ 3385.775028][T24175] ____sys_sendmsg+0x6b9/0x7d0 [ 3385.779813][T24175] ? kernel_sendmsg+0x50/0x50 [ 3385.784506][T24175] ? mark_lock+0xbc/0x1220 [ 3385.788964][T24175] ___sys_sendmsg+0x100/0x170 [ 3385.793666][T24175] ? sendmsg_copy_msghdr+0x70/0x70 [ 3385.798816][T24175] ? __fget_files+0x329/0x4f0 [ 3385.803521][T24175] ? ksys_dup3+0x3c0/0x3c0 [ 3385.807951][T24175] ? lock_acquire+0x197/0x420 [ 3385.812639][T24175] ? __might_fault+0xef/0x1d0 [ 3385.817343][T24175] ? __fget_light+0x208/0x270 [ 3385.822045][T24175] __sys_sendmsg+0xec/0x1b0 [ 3385.826566][T24175] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3385.831632][T24175] ? do_syscall_64+0x4f/0x7d0 [ 3385.836330][T24175] do_syscall_64+0xf6/0x7d0 [ 3385.840866][T24175] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3385.846760][T24175] RIP: 0033:0x45c849 [ 3385.850662][T24175] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3385.870387][T24175] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3385.878818][T24175] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3385.886796][T24175] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3385.894777][T24175] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3385.902757][T24175] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3385.910733][T24175] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3385.963335][T24295] netlink: 189576 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3385.994856][T24295] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3385.994856][T24295] !' [ 3386.009020][T24295] CPU: 1 PID: 24295 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3386.017723][T24295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3386.027789][T24295] Call Trace: [ 3386.031092][T24295] dump_stack+0x188/0x20d [ 3386.035448][T24295] sysfs_warn_dup.cold+0x1c/0x2d [ 3386.040405][T24295] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3386.046750][T24295] sysfs_create_link+0x61/0xc0 [ 3386.051532][T24295] device_add+0x71c/0x1bc0 [ 3386.055973][T24295] ? uevent_show+0x360/0x360 [ 3386.060583][T24295] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3386.066586][T24295] wiphy_register+0x1c46/0x2720 [ 3386.071462][T24295] ? wiphy_unregister+0xf90/0xf90 [ 3386.076498][T24295] ? __kmalloc+0x629/0x7a0 [ 3386.080933][T24295] ? ieee80211_register_hw+0xbea/0x3760 [ 3386.086501][T24295] ? ieee80211_cs_list_valid+0x198/0x280 [ 3386.092163][T24295] ieee80211_register_hw+0x141d/0x3760 [ 3386.097651][T24295] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3386.103123][T24295] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3386.108673][T24295] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3386.114661][T24295] ? memset+0x20/0x40 [ 3386.118650][T24295] ? __hrtimer_init+0x134/0x260 [ 3386.123515][T24295] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3386.129242][T24295] ? vprintk_func+0x81/0x17e [ 3386.133870][T24295] ? hwsim_register_received_nl+0x400/0x400 [ 3386.139794][T24295] hwsim_new_radio_nl+0x905/0xf60 [ 3386.144833][T24295] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3386.150730][T24295] ? cap_capable+0x1eb/0x250 [ 3386.155346][T24295] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3386.161682][T24295] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3386.168036][T24295] genl_rcv_msg+0x627/0xdf0 [ 3386.172570][T24295] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3386.178933][T24295] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 3386.184762][T24295] netlink_rcv_skb+0x15a/0x410 [ 3386.189536][T24295] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3386.195878][T24295] ? netlink_ack+0xa80/0xa80 [ 3386.200507][T24295] genl_rcv+0x24/0x40 [ 3386.204609][T24295] netlink_unicast+0x537/0x740 [ 3386.209391][T24295] ? netlink_attachskb+0x810/0x810 [ 3386.214510][T24295] ? _copy_from_iter_full+0x25c/0x870 [ 3386.219896][T24295] ? __phys_addr_symbol+0x2c/0x70 [ 3386.224924][T24295] ? __check_object_size+0x171/0x437 [ 3386.230224][T24295] netlink_sendmsg+0x882/0xe10 [ 3386.235001][T24295] ? aa_af_perm+0x260/0x260 [ 3386.239519][T24295] ? netlink_unicast+0x740/0x740 [ 3386.244486][T24295] ? netlink_unicast+0x740/0x740 [ 3386.249432][T24295] sock_sendmsg+0xcf/0x120 [ 3386.253859][T24295] ____sys_sendmsg+0x6b9/0x7d0 [ 3386.258634][T24295] ? kernel_sendmsg+0x50/0x50 [ 3386.263320][T24295] ? mark_lock+0xbc/0x1220 [ 3386.267755][T24295] ___sys_sendmsg+0x100/0x170 [ 3386.272449][T24295] ? sendmsg_copy_msghdr+0x70/0x70 [ 3386.277585][T24295] ? __fget_files+0x329/0x4f0 [ 3386.282280][T24295] ? ksys_dup3+0x3c0/0x3c0 [ 3386.286705][T24295] ? lock_acquire+0x197/0x420 [ 3386.291396][T24295] ? __might_fault+0xef/0x1d0 [ 3386.296097][T24295] ? __fget_light+0x208/0x270 [ 3386.300805][T24295] __sys_sendmsg+0xec/0x1b0 [ 3386.305308][T24295] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3386.310341][T24295] ? __x64_sys_futex+0x380/0x4f0 [ 3386.315312][T24295] ? trace_hardirqs_off_caller+0x55/0x230 [ 3386.321044][T24295] ? do_syscall_64+0x21/0x7d0 [ 3386.325727][T24295] do_syscall_64+0xf6/0x7d0 [ 3386.330245][T24295] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3386.336140][T24295] RIP: 0033:0x45c849 [ 3386.340037][T24295] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3386.359650][T24295] RSP: 002b:00007fc08081bc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3386.368074][T24295] RAX: ffffffffffffffda RBX: 00007fc08081c6d4 RCX: 000000000045c849 [ 3386.376054][T24295] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3386.384036][T24295] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 3386.392016][T24295] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3386.400431][T24295] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076c04c 11:47:48 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f0c0024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:48 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7d}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:48 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) ioctl$CAPI_INSTALLED(r2, 0x80024322) pread64(r3, &(0x7f0000000200)=""/202, 0xca, 0x0) 11:47:48 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000050000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:47:48 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030035000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:48 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60350011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:48 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000060000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3394.102654][T24317] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3394.128850][T24312] netlink: 212884 bytes leftover after parsing attributes in process `syz-executor.2'. 11:47:48 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3394.228066][T24312] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3394.228066][T24312] !' [ 3394.265253][T24321] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3394.280780][T24312] CPU: 1 PID: 24312 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3394.289496][T24312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3394.299557][T24312] Call Trace: [ 3394.302873][T24312] dump_stack+0x188/0x20d [ 3394.307227][T24312] sysfs_warn_dup.cold+0x1c/0x2d [ 3394.312189][T24312] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3394.318283][T24312] sysfs_create_link+0x61/0xc0 [ 3394.323060][T24312] device_add+0x71c/0x1bc0 11:47:48 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000070000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3394.327496][T24312] ? ieee80211_set_bitrate_flags+0x350/0x5c0 [ 3394.333492][T24312] ? uevent_show+0x360/0x360 [ 3394.338102][T24312] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3394.344106][T24312] wiphy_register+0x1c46/0x2720 [ 3394.348989][T24312] ? wiphy_unregister+0xf90/0xf90 [ 3394.354031][T24312] ? __kmalloc+0x629/0x7a0 [ 3394.358481][T24312] ? ieee80211_register_hw+0xbea/0x3760 [ 3394.364034][T24312] ? ieee80211_register_hw+0xb36/0x3760 [ 3394.369586][T24312] ? ieee80211_cs_list_valid+0x198/0x280 [ 3394.375236][T24312] ieee80211_register_hw+0x141d/0x3760 11:47:48 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030040000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3394.380727][T24312] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3394.386216][T24312] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3394.391775][T24312] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3394.397772][T24312] ? memset+0x20/0x40 [ 3394.401767][T24312] ? __hrtimer_init+0x134/0x260 [ 3394.406635][T24312] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3394.412371][T24312] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3394.417082][T24327] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3394.417685][T24312] ? hwsim_register_received_nl+0x400/0x400 [ 3394.417712][T24312] ? hwsim_new_radio_nl+0x211/0xf60 [ 3394.437458][T24312] hwsim_new_radio_nl+0x905/0xf60 [ 3394.442500][T24312] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3394.448408][T24312] ? cap_capable+0x1eb/0x250 [ 3394.453033][T24312] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3394.459375][T24312] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3394.465738][T24312] genl_rcv_msg+0x627/0xdf0 [ 3394.470267][T24312] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3394.476600][T24312] ? lockdep_hardirqs_on+0x417/0x5d0 11:47:48 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000feffff070000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3394.481904][T24312] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3394.487414][T24312] netlink_rcv_skb+0x15a/0x410 [ 3394.492198][T24312] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3394.498557][T24312] ? netlink_ack+0xa80/0xa80 [ 3394.503183][T24312] genl_rcv+0x24/0x40 [ 3394.507177][T24312] netlink_unicast+0x537/0x740 [ 3394.511959][T24312] ? netlink_attachskb+0x810/0x810 [ 3394.517074][T24312] ? _copy_from_iter_full+0x25c/0x870 [ 3394.522462][T24312] ? __phys_addr_symbol+0x2c/0x70 11:47:48 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03005a000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3394.527496][T24312] ? __check_object_size+0x171/0x437 [ 3394.532798][T24312] netlink_sendmsg+0x882/0xe10 [ 3394.537578][T24312] ? aa_af_perm+0x260/0x260 [ 3394.542106][T24312] ? netlink_unicast+0x740/0x740 [ 3394.547075][T24312] ? netlink_unicast+0x740/0x740 [ 3394.552029][T24312] sock_sendmsg+0xcf/0x120 [ 3394.556458][T24312] ____sys_sendmsg+0x6b9/0x7d0 [ 3394.561233][T24312] ? kernel_sendmsg+0x50/0x50 [ 3394.565916][T24312] ? retint_kernel+0x2b/0x2b [ 3394.570550][T24312] ___sys_sendmsg+0x100/0x170 [ 3394.575261][T24312] ? sendmsg_copy_msghdr+0x70/0x70 [ 3394.580433][T24312] ? __fget_files+0x329/0x4f0 [ 3394.585134][T24312] ? ksys_dup3+0x3c0/0x3c0 [ 3394.589558][T24312] ? lock_acquire+0x197/0x420 [ 3394.594257][T24312] ? __might_fault+0xef/0x1d0 [ 3394.598962][T24312] ? __fget_light+0x208/0x270 [ 3394.603662][T24312] __sys_sendmsg+0xec/0x1b0 [ 3394.608182][T24312] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3394.613245][T24312] ? do_syscall_64+0x4f/0x7d0 [ 3394.617943][T24312] do_syscall_64+0xf6/0x7d0 [ 3394.621060][T24334] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3394.622462][T24312] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3394.622475][T24312] RIP: 0033:0x45c849 [ 3394.622499][T24312] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3394.660548][T24312] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3394.668968][T24312] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3394.676941][T24312] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3394.684913][T24312] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3394.692883][T24312] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3394.700865][T24312] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3394.850838][T24316] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3394.872329][T24316] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3394.909736][T24316] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3394.909736][T24316] !' [ 3394.925358][T24316] CPU: 0 PID: 24316 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3394.934070][T24316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3394.944136][T24316] Call Trace: [ 3394.947445][T24316] dump_stack+0x188/0x20d [ 3394.951798][T24316] sysfs_warn_dup.cold+0x1c/0x2d [ 3394.956755][T24316] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3394.962840][T24316] sysfs_create_link+0x61/0xc0 [ 3394.967618][T24316] device_add+0x71c/0x1bc0 [ 3394.972063][T24316] ? uevent_show+0x360/0x360 [ 3394.976677][T24316] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3394.982700][T24316] wiphy_register+0x1c46/0x2720 [ 3394.987583][T24316] ? wiphy_unregister+0xf90/0xf90 [ 3394.992622][T24316] ? __kmalloc+0x629/0x7a0 [ 3394.997056][T24316] ? ieee80211_register_hw+0xbea/0x3760 [ 3395.002622][T24316] ? ieee80211_cs_list_valid+0x198/0x280 [ 3395.008277][T24316] ieee80211_register_hw+0x141d/0x3760 [ 3395.013771][T24316] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3395.019253][T24316] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3395.024814][T24316] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3395.030811][T24316] ? memset+0x20/0x40 [ 3395.034806][T24316] ? __hrtimer_init+0x134/0x260 [ 3395.039687][T24316] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3395.045417][T24316] ? vprintk_func+0x81/0x17e [ 3395.050053][T24316] ? hwsim_register_received_nl+0x400/0x400 [ 3395.055977][T24316] hwsim_new_radio_nl+0x905/0xf60 [ 3395.061026][T24316] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3395.066956][T24316] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3395.073303][T24316] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3395.079746][T24316] genl_rcv_msg+0x627/0xdf0 [ 3395.084279][T24316] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3395.090629][T24316] ? retint_kernel+0x2b/0x2b [ 3395.095265][T24316] netlink_rcv_skb+0x15a/0x410 [ 3395.100063][T24316] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3395.106408][T24316] ? netlink_ack+0xa80/0xa80 [ 3395.111039][T24316] genl_rcv+0x24/0x40 [ 3395.115037][T24316] netlink_unicast+0x537/0x740 [ 3395.119825][T24316] ? netlink_attachskb+0x810/0x810 [ 3395.124947][T24316] ? _copy_from_iter_full+0x25c/0x870 [ 3395.130330][T24316] ? __phys_addr_symbol+0x2c/0x70 [ 3395.135366][T24316] ? __check_object_size+0x171/0x437 [ 3395.140791][T24316] netlink_sendmsg+0x882/0xe10 [ 3395.145586][T24316] ? aa_af_perm+0x260/0x260 [ 3395.150115][T24316] ? netlink_unicast+0x740/0x740 [ 3395.155110][T24316] ? netlink_unicast+0x740/0x740 [ 3395.160102][T24316] sock_sendmsg+0xcf/0x120 [ 3395.164533][T24316] ____sys_sendmsg+0x6b9/0x7d0 [ 3395.169314][T24316] ? kernel_sendmsg+0x50/0x50 [ 3395.174013][T24316] ? mark_lock+0xbc/0x1220 [ 3395.178458][T24316] ___sys_sendmsg+0x100/0x170 [ 3395.183160][T24316] ? sendmsg_copy_msghdr+0x70/0x70 [ 3395.188302][T24316] ? __fget_files+0x329/0x4f0 [ 3395.193004][T24316] ? ksys_dup3+0x3c0/0x3c0 [ 3395.197427][T24316] ? lock_acquire+0x197/0x420 [ 3395.202114][T24316] ? __might_fault+0xef/0x1d0 [ 3395.206825][T24316] ? __fget_light+0x208/0x270 [ 3395.211531][T24316] __sys_sendmsg+0xec/0x1b0 [ 3395.216048][T24316] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3395.221113][T24316] ? trace_hardirqs_off_caller+0x55/0x230 [ 3395.226858][T24316] ? do_syscall_64+0x21/0x7d0 [ 3395.231557][T24316] do_syscall_64+0xf6/0x7d0 [ 3395.236079][T24316] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3395.241980][T24316] RIP: 0033:0x45c849 [ 3395.245883][T24316] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3395.265493][T24316] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3395.273918][T24316] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3395.281896][T24316] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3395.289878][T24316] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3395.297859][T24316] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3395.305842][T24316] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3395.328388][T24344] netlink: 212884 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3395.363371][T24344] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3395.363371][T24344] !' [ 3395.391581][T24344] CPU: 0 PID: 24344 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3395.400318][T24344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3395.410385][T24344] Call Trace: [ 3395.413707][T24344] dump_stack+0x188/0x20d [ 3395.418065][T24344] sysfs_warn_dup.cold+0x1c/0x2d [ 3395.423036][T24344] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3395.429130][T24344] sysfs_create_link+0x61/0xc0 [ 3395.433913][T24344] device_add+0x71c/0x1bc0 [ 3395.438364][T24344] ? uevent_show+0x360/0x360 [ 3395.442970][T24344] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3395.448977][T24344] wiphy_register+0x1c46/0x2720 [ 3395.453862][T24344] ? wiphy_unregister+0xf90/0xf90 [ 3395.458905][T24344] ? __kmalloc+0x629/0x7a0 [ 3395.463337][T24344] ? ieee80211_register_hw+0xbea/0x3760 [ 3395.468905][T24344] ? ieee80211_cs_list_valid+0x198/0x280 [ 3395.474572][T24344] ieee80211_register_hw+0x141d/0x3760 [ 3395.480239][T24344] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3395.485719][T24344] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3395.491281][T24344] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3395.497277][T24344] ? memset+0x20/0x40 [ 3395.501273][T24344] ? __hrtimer_init+0x134/0x260 [ 3395.506146][T24344] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3395.511880][T24344] ? vprintk_func+0x81/0x17e [ 3395.516603][T24344] ? hwsim_register_received_nl+0x400/0x400 [ 3395.522525][T24344] hwsim_new_radio_nl+0x905/0xf60 [ 3395.527587][T24344] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3395.533499][T24344] ? cap_capable+0x1eb/0x250 [ 3395.538118][T24344] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3395.544455][T24344] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3395.550805][T24344] genl_rcv_msg+0x627/0xdf0 [ 3395.555339][T24344] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3395.561715][T24344] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 3395.567673][T24344] netlink_rcv_skb+0x15a/0x410 [ 3395.572460][T24344] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3395.578918][T24344] ? netlink_ack+0xa80/0xa80 [ 3395.583554][T24344] genl_rcv+0x24/0x40 [ 3395.587729][T24344] netlink_unicast+0x537/0x740 [ 3395.592512][T24344] ? netlink_attachskb+0x810/0x810 [ 3395.597639][T24344] ? _copy_from_iter_full+0x25c/0x870 [ 3395.603028][T24344] ? __phys_addr_symbol+0x2c/0x70 [ 3395.608066][T24344] ? __check_object_size+0x171/0x437 [ 3395.613380][T24344] netlink_sendmsg+0x882/0xe10 [ 3395.618176][T24344] ? aa_af_perm+0x260/0x260 [ 3395.622696][T24344] ? netlink_unicast+0x740/0x740 [ 3395.627668][T24344] ? netlink_unicast+0x740/0x740 [ 3395.632622][T24344] sock_sendmsg+0xcf/0x120 [ 3395.637057][T24344] ____sys_sendmsg+0x6b9/0x7d0 [ 3395.641842][T24344] ? kernel_sendmsg+0x50/0x50 [ 3395.646535][T24344] ? mark_lock+0xbc/0x1220 [ 3395.650981][T24344] ___sys_sendmsg+0x100/0x170 [ 3395.655681][T24344] ? sendmsg_copy_msghdr+0x70/0x70 [ 3395.660829][T24344] ? __fget_files+0x329/0x4f0 [ 3395.665534][T24344] ? ksys_dup3+0x3c0/0x3c0 [ 3395.669963][T24344] ? lock_acquire+0x197/0x420 [ 3395.674653][T24344] ? __might_fault+0xef/0x1d0 [ 3395.679360][T24344] ? __fget_light+0x208/0x270 [ 3395.684062][T24344] __sys_sendmsg+0xec/0x1b0 [ 3395.688581][T24344] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3395.693620][T24344] ? __x64_sys_futex+0x380/0x4f0 [ 3395.698594][T24344] ? trace_hardirqs_off_caller+0x55/0x230 [ 3395.704337][T24344] ? do_syscall_64+0x21/0x7d0 [ 3395.709037][T24344] do_syscall_64+0xf6/0x7d0 [ 3395.713562][T24344] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3395.719460][T24344] RIP: 0033:0x45c849 [ 3395.723367][T24344] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3395.742978][T24344] RSP: 002b:00007fc08081bc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3395.751413][T24344] RAX: ffffffffffffffda RBX: 00007fc08081c6d4 RCX: 000000000045c849 [ 3395.759402][T24344] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3395.767381][T24344] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 3395.775366][T24344] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3395.783344][T24344] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076c04c 11:47:57 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f0e0024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:57 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03006c000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:57 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000006000000000000000000000000a0000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:47:57 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x7d}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:57 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60586511400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:57 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000140)={0xffffffffffffffff}) setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000000)=0x2, 0x4) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) pipe(&(0x7f0000000140)={0xffffffffffffffff}) setsockopt$TIPC_DEST_DROPPABLE(r3, 0x10f, 0x81, &(0x7f0000000000)=0x2, 0x4) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(r3, 0xc0385720, &(0x7f0000000040)={0x1}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r5 = socket$netlink(0x10, 0x3, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff}) setsockopt$TIPC_DEST_DROPPABLE(r6, 0x10f, 0x81, &(0x7f0000000000)=0x2, 0x4) ioctl$USBDEVFS_SUBMITURB(r6, 0x8038550a, &(0x7f0000000180)=@urb_type_control={0x2, {0xd}, 0x0, 0x60, &(0x7f0000000100)={0x0, 0x9, 0x80, 0x7, 0x7fff}, 0x8, 0x1, 0x4, 0x0, 0x2, 0xf6, &(0x7f0000000400)="989de77510f8eeb6983d038df92cc6d1f1c1ef6809938b9a58e638ef835cec17ecb68deedce6779f4f73213a191637705fb8b04715c07310f1e16064f34059c7b0899292492a19c42317a9ac31e94e98f14de4c1ca56819eaa97a6620cdecbf4d115150e0a0149312d6521948a4d938eb28329f42da01049d32407c61dd0942ce7564327a81ae652b49583e885398fb2a06a18b96e4280472ffd7d784f009a574a67ca37f64c5afce8e2d43e6b08f7ebcfea9f5f0f149e2d086a78327860a757a3a8fed8b99570f8e44aced15a50669f822adf1475ba46735f377f93898bb7c62cd752ec604afad44bb61b1a83f3c182e31479900e65119bf9cce6fd60dd6cc8971123f732578b0fc5962d3e1718e2285692d90002354f85ac9d14f23270d32494e058c821443d79ece0a1e01727a83b15f2709e6e4087c4889b1890fea2c994be9fe475fd3dc9b65a4b8f6e38f1ece747cf67350a79116aafd6d1c8aba3230d7480a4cc04c9e28118743f0fe00f0e0300adf364ec4dba1eda1b039974ea0bef1bb7797c8f859e4fcef44553a616303ea32bf8979ef18075cd65593a62bedd5b065daafe583f199c9d8fa0916c5a2bdfa8c40f3c397fed38a6bbba349481105ef8ffa009e6a488660a0cfe798d20c69c25661846d16d6cde477664da52c0afda7ab2d8362500d82dc06abe05686348e6566d3d828bea8d5ade9ac28c18aab6a782c9a153de7ce04b54522e1706b57d692ec938fc4b25eb43a59e899d47f7cc15dfaeb3e284dd8776263dcd3d04afd9765e8331a3063957bde3c46bc3d28fb11d64ab7e5f9a01f8d388efb976f40cbdc3d98a6551c702ad4500a87d526ab5c284842f45772df930aaa8b264caf4717515ce63e9ad6090643b675164c36ccc27faba8e9ccf4a64ed0a92fb551dafab5a6aa7cbff8f3c02968f312f58389400dde1c835bd41c2b7b6a48c76118b24b057cfa9ea1f7454d9dec43343f1ad70374efdf4bed21a3e83b11b9dc84f45822810c3e222f4cea9f6ed5b8a11d31b4a224cadf3688ec160b8c02173ca5fea13e2735044926c4778a648082a3de20e0602ba934d21a534cee5e6763db3d82e95109686922128b1687ca9e8b5cc84a677ae0d20112da2f292bc1dd08e7470e4edae974e40bfc3299dca51e6aea5d056c9bb76054eb16f91ee010ea373ffdeefb694119532dd3b8cc4ab9df1a06fec195461d454d5fd8197a9531172db2ee6946b4cde18165d3048ac7d7edc48bda4963bc79509f5272b0bf29d0a501b09317cea14073ced2a2c0a10d12975a6ab8c54bf793f180a8c41fdcd05b9f0dbc09d912a80e725b02f6ac8bbd421657b5d3fbc2e47becc504db6233e365af6397353d1bc7f3b4eaae722bf67f9a28b36a161c32f8d172b7b5c9e83534745bc4fd0657a327a61efd8eb002cb3e12d8d86cd05c2a9f13e79adee91c4869242e597cbce4f6831e263575d5edeb4bc1e8d31f7e76dafa66f8e86322a0f55f0e3b4f5b44512c73e4b32872a74735ffe9a6546f34ec3a49d88110118f5e92a76f811506dab38ba12a2cc738b33fb7b7c5bec3d368bf79a6d3b935fd3311909a4f7f144ce86f3cfd1cb031e0df9cdbd9497b71165cb2e8c3761bec7ca40b52533f4a51915faa946143ef48d26cb3244495aed1587cc040b9c316ce86c89c60c09a5b164602181607c3d19a270de08ff7a4bba9958130847ec056c55f6a698c1eb7eca17df27332da35d8d3039fb17b3a272c2479d37bf9ee47af5dd46b76d23550434878bbe116f89f8bff67aebdb86e9d777eba808fa7a105b2925962dc3e36986ba049759297201c0e763cc63e59d6457762888783f86b72ed6222a779c6165d7bc55803d6995c06951b17a00d305424b6ec6c8cf8f3414eb3f9b15ecd52c1f1f0e2fa6dd61a617edcda46d5f6e8f727e224e337cb13b75a5f0ee18c002e162f299a01564200731f4ceb488859996b28dacbdc975fea1dcf2dd31c0008b89db64252b8249b8dd2386a17d8af3de7f761aa34bea6cc465bc1a8da5fdb7b93352edceecf47783981d31634a23f94e72a9fa4620507a75e334d112162408875b10ed26e880ec7e5425051cca863e531640c7c787bc7662fbc3ad52b45c44edb4bdf38dcc791922d3a62167200951c73f4ccaaae014df7e8aafa2024b3777b9e13fdab237893a337a61350c598f5ee89705ce02174454887131cd11351af0a11cf75b90e97c5a35bec206d9be45e9df9503f10e5db7446df6acebe4ae4ffd541b4bff9b3e2b4301099504c42a9b419fb659ada5dc35688753e4919bbc3531e500d25715ee1d82e4e31dd8fd4e4cf774bf00ef2491878214c676c07a00df97da8a7a67836002db3c3ced0f7908a534608a2440ab197a45ee56663587ba72731d5477876a10f62326d607898d19d9f833358f3f2a0577eb11f1d4b090377b3d02f3699b3f14a7444947ae38ef2010f1c51cf2c8fe8cb3ae78b5b6e4cce60b3b64870ae5e1dc8266bc773ab73a797f8e89370fab0814997d25be051209d4a9d05dd0e5fd2f0b029540fbc7c845732a4076332cf9730b4a91811f7fce8b02ff2820d316cfe6e13f77812bcfbefd4a3032a4448ebaa32e213bf81a38b8e32076b20d359a38789a1cc8b3f7ee6ce25f9a2a833ef3c2ea444726bd1265bf295a585f24083d13b23c355edb8814cbf568201bce4a5848809e665c099c12f4fb27c6e959da97bc45a5cef017d530c871f501b39d1dd6e82d4b30920f50282caa8ef47a6080a9327052f7dbec064334d9f419e10390d29ad69d8ca85f9b7bf877a6d9dbda952828df406a98f243e6a26519bd15d4b5801658088aa5e526398b69b0209c7ba08018f480d56c8c9c3c586157dae9bbdba1ad30cc4946cb7891c75c373139c2db24de97fc8c1c1542f0695c2ccdf84207cb2b1e8085777874ccd9df697bb19c872053e2f3f7c9e5a7259b981141533e609bdd57a358a27344d92173598f1ee662371c861c48430e9f3ba0d8ec713df259ff45188c7a9a536299f1b81ad7530cc318a6fa737e7aa01f487218b9b940f62ad73f2bf690bdd00c5525000f58c137c6a5e932fcf99c1acba2ebb24011a57f5dcba519fce93be7c4c01576c0f256cfe81c7227598e329ca555ed5746cf9331ba2d4e0ea5bb7e2fd097def00e25ffe2d5e7e888f31f718b7d747846c49e4e9bda854cb967c37e5e680361a245b097a04e1c03775be3c6e2d336b2940fe480269fe12c326ec6c4c3f2d1c312d4cbf83d32630bbe27f06f1cd3011fe03530646f511b4fe30fe89e0ee9f281a1d86ad0ebaca20a40c5c4cfbe27adbcf9f05b40cd8f501fdf96a2707f9c8bf182a34ca5da48467dbad90a1419aefc149af2e81856f60d3f311f996d0114b2447482bdcf0ed7572f501a22ba951a2bde64e25b4e8638bd8bb14505009a20edd37517e2d9140cf9be216b6e12e99fcb536f3141fc05c68049175337f2b65383850b29f31fda1995444036c59d32d631a37410eb7694c2ab07b66e7f4c4402647e48afa5f49c6ecde08b43049606439c8c471029f4493a1e6887ef4f280d9d716fa00cadf7283297caf28858da538f307556a4f84db576374a4fa8edf3170affe14088894500d0d1517f294ab2ca0626aab82bb5ce8810cd39a94bcf500b97cb79c6ba110bfa987afb8f4da8dae1f58b589a5eee3e856bc3fb13ca6baaf6f8b3166d198cd6e14ea8449fb5032e0dbbf4ed485c8d08807bf67749031fd58dab76594ccc2caaf47bd4a53cbd3caeaff17d0f71427a00d7da0275afd5929a2f62f40a48e094f7d6a78b9f7ea90eeaa7bfbc86e5b66a203aafe95162790de257c3c13eadff50285e3ce3066560964691f2f35c727d67e578da5eaed0bad01800ccc8e9bd4c63f739ad68a67b35e9206b8c747c3801f09c1e73aef9d61c01d4a35c689d9c9fd261bbef235064808b6af4af8924afb2b22c54f3d8b0c6dbc33f9f14a4a73649fbc736d2e85ea3dedb8a986cf757280f1bbbff2e1fe0f63aa8798361e517b9de2b97a470f8562cc9bd5bcd7f10113d6408ade67fe5346252cc0643e5562e9d4bf68e8ca26f3b56f6914d7d2caa4725519ab375c27bdab26679c621de7e06c11354ca3be387b49e3a723ca88fca578e7d309bfc0fcbb8b5245b4a98a2721ee7dc1265ac79e5423b74a451c1dc1eedfba420618726c66b35211a8d8733b13f2a325c4569802da32a6c8d279053d75c319518a71e6c7c1426ffcd985b433668de2f4d75bdd00aaec9f37566332bab2ccc199aea30f6381aeb803583415860e9941adb05a81732cf64452feb746eafd8cfde9cd8273b393ba39c7242be7835954da3d18d46ea3718e68c79f616d0b819b721bf8f8ae1da9fcd222a1f8cfdeb4006cd03b82acd0eab24fad1aebc20ed2c28e2d275d2c2d87f457cf1caf93fefb01dea5b30df7d49d7bcbb2d2096735aacd39699ab04c4ecbee344eaa8587d0deacfaf979a844713fa04fd1943cc4889363277e2dddb081c30ff6e8a7ed374089011a0882b33760b5a065dff3c3f24fa0c7cd51a97d17075f80da61e9a4974f38b07887b02b02f6b6620384f27497b20fa9bb73adcc05ff877a74a411bd206ac23285d400c22f311b8d162ae7d8ad852a8aa592f2450bf45b9845c8da4c82736f40d60117191bb96b7c3fa6bdd43fdde45a0ff3a16b492689449722787ae35ad5dd72006fb150a429e9c3ae30334b2d4a713b5884967a49808d3b7a579c2deba75651b19f93df28855d4b64395ac007a2441f76a212cd8c6e5c825cf740b24bd89ccfa448e65f6123c00d1e7e67a82649f62cf17af23b82e10b380facd353a1a90f5ce5dcf7eed228f9dbece82154fd435faeb6b96c9a3270a35ac769da4b26042145d0e864dd35e49f9bdc957fde48545f4194d6faa19ab6dadd2644222965298587264a73a40abccef9ef49cc7f4bb19dda23bf0c42b0a1ecd9aff7106c781e10ef08275c0471496b11986eaaa9d5d3ba058f93c1ceeabc6dd2dac4620fcf73a84bcbedc9e3502812d28ae4f81e71531982dc298975727ccd9dd88f210f53d0977fc44a496e1359300d799b7da8591def3efc72567911f689d6ad23e476b1ab2d6602b4619715362fb481dd8a56e0b868f000549f0760c73d50a3a84ee0dea0e3e1dfc12395ea82b2af71043e3bbfc8c6768d36bca9e32b6d97213a65eb018b142335c5d995bd0149d2c76119eed53d2b2b55ee7b1588cf0b2c7de5a80018fdb03fda39563d74e4b04065b32bd92df8825e7d2e1492553a3c6eb87c297ed94a330504a2decf4f06728dbf3fab67c42262ef11e686b26ff8e10d9474c19d5de8bc9743dc038d8260e1be6ddcbba8ffeb458f0cd5d7ddd7814053b985a5eb22e6fdc29842db32748b124dc6aec6a1a0973109f54904c132e0f274cc3f8c474721dba133072c802be47052805d16d30efd8c0b1d905038f58dcdd42f26cbe87a9ba3c33fcea18794af1cb4ce75c179a14c50b06847b055f2bd7be89ede500db6218e7a0719705862dd06e41e77e82cd538b0e7933b1a4a2f2f19d517ebf799118d4ac6e63e8760c3ccef1bd76485832572b67cb7dc4023263a4cc42a639ef5863b8edccae9bda39ae60a7f65d8b5bfa25d1d26d1fcf6e2abd1770d47b66577a1bab83697538d75b625375aed10245fb8cf77248ff6ee51a04a3e823a82934d10d38f58cc09d558eb69c4ddf5b5d9bee0bd876340b06635fe35bbb9183827e1ad2121167771a31dc2771d1ce93963ee4f823892a982e465e94f684881e8c82bdb361e6"}) ioctl$sock_inet_SIOCSIFADDR(r5, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r4, &(0x7f0000000300)=""/211, 0xd3, 0x3) 11:47:57 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03000f000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3403.468770][T24452] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3403.478642][T24453] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3403.490482][T24452] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. 11:47:57 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030028000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:47:58 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000180000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3403.633301][T24452] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3403.633301][T24452] !' [ 3403.684396][T24452] CPU: 1 PID: 24452 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3403.693131][T24452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3403.703198][T24452] Call Trace: [ 3403.706502][T24452] dump_stack+0x188/0x20d [ 3403.710868][T24452] sysfs_warn_dup.cold+0x1c/0x2d [ 3403.715833][T24452] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3403.721920][T24452] sysfs_create_link+0x61/0xc0 [ 3403.726807][T24452] device_add+0x71c/0x1bc0 [ 3403.731254][T24452] ? uevent_show+0x360/0x360 [ 3403.735865][T24452] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3403.741878][T24452] wiphy_register+0x1c46/0x2720 [ 3403.746757][T24452] ? wiphy_unregister+0xf90/0xf90 [ 3403.751788][T24452] ? retint_kernel+0x2b/0x2b [ 3403.756406][T24452] ? ieee80211_cs_list_valid+0x198/0x280 [ 3403.762052][T24452] ieee80211_register_hw+0x141d/0x3760 [ 3403.767535][T24452] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3403.773015][T24452] ? __hrtimer_init+0x134/0x260 [ 3403.777874][T24452] ? __hrtimer_init+0x1bf/0x260 [ 3403.782741][T24452] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3403.788471][T24452] ? printk+0xde/0xed [ 3403.792488][T24452] ? hwsim_register_received_nl+0x400/0x400 [ 3403.798405][T24452] hwsim_new_radio_nl+0x905/0xf60 [ 3403.803441][T24452] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3403.809362][T24452] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3403.815693][T24452] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3403.822043][T24452] genl_rcv_msg+0x627/0xdf0 [ 3403.826570][T24452] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3403.832944][T24452] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 3403.838778][T24452] netlink_rcv_skb+0x15a/0x410 [ 3403.843559][T24452] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3403.849900][T24452] ? netlink_ack+0xa80/0xa80 [ 3403.854527][T24452] genl_rcv+0x24/0x40 [ 3403.858516][T24452] netlink_unicast+0x537/0x740 [ 3403.863296][T24452] ? netlink_attachskb+0x810/0x810 [ 3403.868414][T24452] ? _copy_from_iter_full+0x25c/0x870 [ 3403.873790][T24452] ? __phys_addr_symbol+0x2c/0x70 [ 3403.878818][T24452] ? __check_object_size+0x171/0x437 [ 3403.884122][T24452] netlink_sendmsg+0x882/0xe10 [ 3403.888910][T24452] ? aa_af_perm+0x260/0x260 [ 3403.893452][T24452] ? netlink_unicast+0x740/0x740 [ 3403.898422][T24452] ? netlink_unicast+0x740/0x740 [ 3403.903366][T24452] sock_sendmsg+0xcf/0x120 [ 3403.907800][T24452] ____sys_sendmsg+0x6b9/0x7d0 [ 3403.912578][T24452] ? kernel_sendmsg+0x50/0x50 [ 3403.917614][T24452] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3403.923095][T24452] ___sys_sendmsg+0x100/0x170 [ 3403.927778][T24452] ? retint_kernel+0x2b/0x2b [ 3403.932383][T24452] ? sendmsg_copy_msghdr+0x70/0x70 [ 3403.937517][T24452] ? __fget_files+0x30c/0x4f0 [ 3403.942208][T24452] ? __fget_files+0x329/0x4f0 [ 3403.946932][T24452] ? ksys_dup3+0x3c0/0x3c0 [ 3403.951357][T24452] ? lock_acquire+0x197/0x420 [ 3403.956044][T24452] ? __might_fault+0xef/0x1d0 [ 3403.960740][T24452] ? __might_fault+0xf4/0x1d0 [ 3403.965435][T24452] ? __fget_light+0x208/0x270 [ 3403.970133][T24452] __sys_sendmsg+0xec/0x1b0 [ 3403.974642][T24452] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3403.979699][T24452] ? do_syscall_64+0xbc/0x7d0 [ 3403.984394][T24452] do_syscall_64+0xf6/0x7d0 [ 3403.988908][T24452] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3403.994801][T24452] RIP: 0033:0x45c849 [ 3403.998701][T24452] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3404.018307][T24452] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3404.026721][T24452] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3404.034700][T24452] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3404.042677][T24452] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3404.050650][T24452] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3404.058621][T24452] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c 11:47:58 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000200000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3404.085682][T24565] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 11:47:58 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x80}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3404.147012][T24455] netlink: 186996 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3404.184836][T24568] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3404.245933][T24455] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3404.245933][T24455] !' [ 3404.262543][T24455] CPU: 1 PID: 24455 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3404.271253][T24455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3404.281307][T24455] Call Trace: [ 3404.284614][T24455] dump_stack+0x188/0x20d [ 3404.288964][T24455] sysfs_warn_dup.cold+0x1c/0x2d [ 3404.293939][T24455] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3404.300022][T24455] sysfs_create_link+0x61/0xc0 [ 3404.304797][T24455] device_add+0x71c/0x1bc0 [ 3404.309238][T24455] ? retint_kernel+0x2b/0x2b [ 3404.313846][T24455] ? uevent_show+0x360/0x360 [ 3404.318466][T24455] wiphy_register+0x1c46/0x2720 [ 3404.323348][T24455] ? wiphy_unregister+0xf90/0xf90 [ 3404.328385][T24455] ? retint_kernel+0x2b/0x2b [ 3404.333006][T24455] ? ieee80211_register_hw+0x1226/0x3760 [ 3404.338668][T24455] ieee80211_register_hw+0x141d/0x3760 [ 3404.344163][T24455] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3404.349640][T24455] ? retint_kernel+0x2b/0x2b [ 3404.354255][T24455] ? __hrtimer_init+0x134/0x260 [ 3404.359125][T24455] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3404.364855][T24455] ? vprintk_func+0x81/0x17e [ 3404.369492][T24455] ? hwsim_register_received_nl+0x400/0x400 [ 3404.375416][T24455] hwsim_new_radio_nl+0x905/0xf60 [ 3404.380471][T24455] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3404.386378][T24455] ? cap_capable+0x1eb/0x250 [ 3404.390998][T24455] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3404.397338][T24455] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3404.403690][T24455] genl_rcv_msg+0x627/0xdf0 [ 3404.408223][T24455] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3404.414569][T24455] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3404.419875][T24455] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3404.425391][T24455] netlink_rcv_skb+0x15a/0x410 [ 3404.430178][T24455] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3404.436521][T24455] ? netlink_ack+0xa80/0xa80 [ 3404.441154][T24455] genl_rcv+0x24/0x40 [ 3404.445149][T24455] netlink_unicast+0x537/0x740 [ 3404.449940][T24455] ? netlink_attachskb+0x810/0x810 [ 3404.455071][T24455] ? _copy_from_iter_full+0x25c/0x870 [ 3404.460456][T24455] ? __phys_addr_symbol+0x2c/0x70 [ 3404.465500][T24455] ? __check_object_size+0x171/0x437 [ 3404.470814][T24455] netlink_sendmsg+0x882/0xe10 [ 3404.475612][T24455] ? aa_af_perm+0x260/0x260 [ 3404.480130][T24455] ? netlink_unicast+0x740/0x740 [ 3404.485102][T24455] ? netlink_unicast+0x740/0x740 [ 3404.490056][T24455] sock_sendmsg+0xcf/0x120 [ 3404.494491][T24455] ____sys_sendmsg+0x6b9/0x7d0 [ 3404.499292][T24455] ? kernel_sendmsg+0x50/0x50 [ 3404.503988][T24455] ? mark_lock+0xbc/0x1220 [ 3404.508435][T24455] ___sys_sendmsg+0x100/0x170 [ 3404.513134][T24455] ? sendmsg_copy_msghdr+0x70/0x70 [ 3404.518284][T24455] ? __fget_files+0x329/0x4f0 [ 3404.522985][T24455] ? ksys_dup3+0x3c0/0x3c0 [ 3404.527413][T24455] ? lock_acquire+0x197/0x420 [ 3404.532103][T24455] ? __might_fault+0xef/0x1d0 [ 3404.536807][T24455] ? __fget_light+0x208/0x270 [ 3404.541510][T24455] __sys_sendmsg+0xec/0x1b0 [ 3404.546028][T24455] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3404.551068][T24455] ? retint_kernel+0x2b/0x2b [ 3404.555693][T24455] ? __x64_sys_sendmsg+0xd/0xb0 [ 3404.560561][T24455] ? __x64_sys_sendmsg+0x1e/0xb0 [ 3404.565525][T24455] do_syscall_64+0xf6/0x7d0 [ 3404.570047][T24455] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3404.575944][T24455] RIP: 0033:0x45c849 11:47:59 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="000000000000000000000000006000000000000000000000003f0000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3404.579849][T24455] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3404.599463][T24455] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3404.607893][T24455] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3404.615873][T24455] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3404.623861][T24455] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3404.631844][T24455] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3404.639827][T24455] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3404.686835][T24573] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 3404.702888][T24573] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3404.758532][T24573] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3404.758532][T24573] !' [ 3404.771739][T24580] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3404.800531][T24573] CPU: 1 PID: 24573 Comm: syz-executor.1 Not tainted 5.6.0-rc6-syzkaller #0 [ 3404.809257][T24573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3404.819328][T24573] Call Trace: [ 3404.822647][T24573] dump_stack+0x188/0x20d [ 3404.827001][T24573] sysfs_warn_dup.cold+0x1c/0x2d [ 3404.831957][T24573] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3404.838045][T24573] sysfs_create_link+0x61/0xc0 [ 3404.842851][T24573] device_add+0x71c/0x1bc0 [ 3404.847286][T24573] ? ieee80211_set_bitrate_flags+0xf9/0x5c0 [ 3404.853195][T24573] ? uevent_show+0x360/0x360 [ 3404.857808][T24573] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3404.863810][T24573] wiphy_register+0x1c46/0x2720 [ 3404.868695][T24573] ? wiphy_unregister+0xf90/0xf90 [ 3404.873733][T24573] ? retint_kernel+0x2b/0x2b [ 3404.878352][T24573] ? ieee80211_register_hw+0x13a9/0x3760 [ 3404.884006][T24573] ieee80211_register_hw+0x141d/0x3760 [ 3404.889499][T24573] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3404.894975][T24573] ? retint_kernel+0x2b/0x2b [ 3404.899589][T24573] ? __hrtimer_init+0x134/0x260 [ 3404.904467][T24573] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3404.910199][T24573] ? vprintk_func+0x81/0x17e [ 3404.914825][T24573] ? hwsim_register_received_nl+0x400/0x400 [ 3404.920747][T24573] hwsim_new_radio_nl+0x905/0xf60 [ 3404.925796][T24573] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3404.931723][T24573] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3404.938066][T24573] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3404.944423][T24573] genl_rcv_msg+0x627/0xdf0 [ 3404.948957][T24573] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3404.955309][T24573] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3404.961074][T24573] netlink_rcv_skb+0x15a/0x410 [ 3404.965858][T24573] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3404.972202][T24573] ? netlink_ack+0xa80/0xa80 [ 3404.976830][T24573] genl_rcv+0x24/0x40 [ 3404.980824][T24573] netlink_unicast+0x537/0x740 [ 3404.985615][T24573] ? netlink_attachskb+0x810/0x810 [ 3404.990739][T24573] ? _copy_from_iter_full+0x25c/0x870 [ 3404.996121][T24573] ? __phys_addr_symbol+0x2c/0x70 [ 3405.001155][T24573] ? __check_object_size+0x171/0x437 [ 3405.006464][T24573] netlink_sendmsg+0x882/0xe10 [ 3405.011281][T24573] ? netlink_unicast+0x740/0x740 [ 3405.016251][T24573] ? netlink_unicast+0x740/0x740 [ 3405.021204][T24573] sock_sendmsg+0xcf/0x120 [ 3405.025640][T24573] ____sys_sendmsg+0x6b9/0x7d0 [ 3405.030423][T24573] ? kernel_sendmsg+0x50/0x50 [ 3405.035117][T24573] ? mark_lock+0xbc/0x1220 [ 3405.039551][T24573] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3405.045040][T24573] ___sys_sendmsg+0x100/0x170 [ 3405.049738][T24573] ? sendmsg_copy_msghdr+0x70/0x70 [ 3405.054889][T24573] ? __fget_files+0x329/0x4f0 [ 3405.059591][T24573] ? ksys_dup3+0x3c0/0x3c0 [ 3405.064020][T24573] ? lock_acquire+0x197/0x420 [ 3405.068712][T24573] ? __might_fault+0xef/0x1d0 [ 3405.073426][T24573] ? __fget_light+0x208/0x270 [ 3405.078129][T24573] __sys_sendmsg+0xec/0x1b0 [ 3405.082648][T24573] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3405.087685][T24573] ? __x64_sys_futex+0x380/0x4f0 [ 3405.092656][T24573] ? trace_hardirqs_off_caller+0x55/0x230 [ 3405.098396][T24573] ? do_syscall_64+0x21/0x7d0 [ 3405.103093][T24573] do_syscall_64+0xf6/0x7d0 [ 3405.107620][T24573] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3405.113651][T24573] RIP: 0033:0x45c849 [ 3405.117559][T24573] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3405.137170][T24573] RSP: 002b:00007fa98c160c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3405.145600][T24573] RAX: ffffffffffffffda RBX: 00007fa98c1616d4 RCX: 000000000045c849 [ 3405.153587][T24573] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3405.161564][T24573] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3405.169680][T24573] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3405.177660][T24573] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3405.255445][T24575] netlink: 186996 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3405.307438][T24575] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 3405.307438][T24575] !' [ 3405.350790][T24575] CPU: 0 PID: 24575 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3405.359512][T24575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3405.369575][T24575] Call Trace: [ 3405.372879][T24575] dump_stack+0x188/0x20d [ 3405.377243][T24575] sysfs_warn_dup.cold+0x1c/0x2d [ 3405.382221][T24575] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 3405.388314][T24575] sysfs_create_link+0x61/0xc0 [ 3405.393098][T24575] device_add+0x71c/0x1bc0 [ 3405.397541][T24575] ? __alloc_pages_nodemask+0x5fc/0x820 [ 3405.403105][T24575] ? uevent_show+0x360/0x360 [ 3405.407712][T24575] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 3405.413723][T24575] wiphy_register+0x1c46/0x2720 [ 3405.418604][T24575] ? wiphy_unregister+0xf90/0xf90 [ 3405.423648][T24575] ? __kmalloc+0x629/0x7a0 [ 3405.428078][T24575] ? ieee80211_register_hw+0xbea/0x3760 [ 3405.433649][T24575] ? ieee80211_cs_list_valid+0x198/0x280 [ 3405.439302][T24575] ieee80211_register_hw+0x141d/0x3760 [ 3405.444798][T24575] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 3405.450279][T24575] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 3405.455836][T24575] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 3405.461838][T24575] ? memset+0x20/0x40 [ 3405.465835][T24575] ? __hrtimer_init+0x134/0x260 [ 3405.470707][T24575] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 3405.476436][T24575] ? vprintk_func+0x81/0x17e [ 3405.481063][T24575] ? hwsim_register_received_nl+0x400/0x400 [ 3405.486983][T24575] hwsim_new_radio_nl+0x905/0xf60 [ 3405.492025][T24575] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3405.497925][T24575] ? cap_capable+0x1eb/0x250 [ 3405.502539][T24575] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 3405.508879][T24575] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 3405.515241][T24575] genl_rcv_msg+0x627/0xdf0 [ 3405.519774][T24575] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3405.526177][T24575] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 3405.532017][T24575] netlink_rcv_skb+0x15a/0x410 [ 3405.536797][T24575] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3405.543143][T24575] ? netlink_ack+0xa80/0xa80 [ 3405.547776][T24575] genl_rcv+0x24/0x40 [ 3405.551770][T24575] netlink_unicast+0x537/0x740 [ 3405.556556][T24575] ? netlink_attachskb+0x810/0x810 [ 3405.561679][T24575] ? _copy_from_iter_full+0x25c/0x870 [ 3405.567066][T24575] ? __phys_addr_symbol+0x2c/0x70 [ 3405.572113][T24575] ? __check_object_size+0x171/0x437 [ 3405.577436][T24575] netlink_sendmsg+0x882/0xe10 [ 3405.582240][T24575] ? aa_af_perm+0x260/0x260 [ 3405.586763][T24575] ? netlink_unicast+0x740/0x740 [ 3405.591742][T24575] ? netlink_unicast+0x740/0x740 [ 3405.596695][T24575] sock_sendmsg+0xcf/0x120 [ 3405.601131][T24575] ____sys_sendmsg+0x6b9/0x7d0 [ 3405.605919][T24575] ? kernel_sendmsg+0x50/0x50 [ 3405.610634][T24575] ? mark_lock+0xbc/0x1220 [ 3405.615089][T24575] ___sys_sendmsg+0x100/0x170 [ 3405.619786][T24575] ? sendmsg_copy_msghdr+0x70/0x70 [ 3405.624931][T24575] ? __fget_files+0x329/0x4f0 [ 3405.629641][T24575] ? ksys_dup3+0x3c0/0x3c0 [ 3405.634063][T24575] ? lock_acquire+0x197/0x420 [ 3405.638750][T24575] ? __might_fault+0xef/0x1d0 [ 3405.643458][T24575] ? __fget_light+0x208/0x270 [ 3405.648164][T24575] __sys_sendmsg+0xec/0x1b0 [ 3405.652690][T24575] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3405.657731][T24575] ? __x64_sys_futex+0x380/0x4f0 [ 3405.662699][T24575] ? trace_hardirqs_off_caller+0x55/0x230 [ 3405.668435][T24575] ? do_syscall_64+0x21/0x7d0 [ 3405.673131][T24575] do_syscall_64+0xf6/0x7d0 [ 3405.677658][T24575] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3405.683556][T24575] RIP: 0033:0x45c849 [ 3405.687457][T24575] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3405.707071][T24575] RSP: 002b:00007fc0807fac78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3405.715498][T24575] RAX: ffffffffffffffda RBX: 00007fc0807fb6d4 RCX: 000000000045c849 [ 3405.723484][T24575] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3405.731469][T24575] RBP: 000000000076c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 3405.739453][T24575] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3405.747439][T24575] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076c0ec 11:48:07 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000400000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) 11:48:07 executing program 4: getuid() ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f100024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:48:07 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030035000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:48:07 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)) r0 = syz_open_dev$sndseq(&(0x7f0000000200)='/dev/snd/seq\x00', 0x0, 0x1) dup2(r0, 0xffffffffffffffff) pipe(&(0x7f0000000140)={0xffffffffffffffff}) setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000000)=0x2, 0x4) r2 = syz_open_dev$usbfs(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x77, 0x1) ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000380)) r3 = fcntl$dupfd(r1, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) setsockopt$ALG_SET_AEAD_AUTHSIZE(r1, 0x117, 0x5, 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r5 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r5, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) pread64(r4, &(0x7f0000000200)=""/202, 0xca, 0x0) 11:48:07 executing program 1: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() r2 = getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYBLOB="000000001c0000000000000001000000010000", @ANYRES32, @ANYRES32], 0x80}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:48:07 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000004c0)) r1 = gettid() getuid() ioctl$RTC_WIE_OFF(r0, 0x7010) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="f4df83a68eabb5f2efce7023bdad3b3a28f4ca042209d2c64c984b5e9cf5c168d9126d508621be11d00dca9911118892f4aa79cb6ebb2273a8066a016ae52306c724166346dbde40d3910d458387ee4a6eb1ea53e1f1ba9088618b", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32], 0x83}, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440)=r1, 0x12) getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60008111400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 11:48:07 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03005a000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 3412.846208][T24597] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3412.849844][T24596] hub 9-0:1.0: USB hub found [ 3412.887889][T24598] netlink: 179916 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3412.907465][T24596] hub 9-0:1.0: 8 ports detected 11:48:07 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x240, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000600000000000000000000000480000000000000000000000000000feffffff00000000000000000000000000000000000000001b7c5c4a3d24a4e400000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c30000000000000000000000036343eb100000000000000000000000069666230000000000000000000010000000000000000000000000000ffffffffffff00000000000000002801000060010000b0010000697036000000000000000000000000000000000000000000000000000000000050000000000000008800000000000000000000000000000000000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a4000ffff000000000000000000006d61726b5f6d00000000000000000000000000000000000000000000000008000000000000000000000000001f00000000000000000000000000000000000000646e6174007b6a0000000000000000000000000000000000000000000000000010000000000000004a56ca6c6dcf131279054649c5e1a62fffffffffffff000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000"/576]}, 0x2b8) [ 3412.933892][T24598] ------------[ cut here ]------------ [ 3412.947710][T24598] precision 33020 too large [ 3412.948458][T24598] WARNING: CPU: 0 PID: 24598 at lib/vsprintf.c:2471 set_precision+0x13a/0x170 [ 3412.961843][T24598] Kernel panic - not syncing: panic_on_warn set ... [ 3412.968447][T24598] CPU: 0 PID: 24598 Comm: syz-executor.2 Not tainted 5.6.0-rc6-syzkaller #0 [ 3412.977123][T24598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3412.987180][T24598] Call Trace: [ 3412.990483][T24598] dump_stack+0x188/0x20d [ 3412.994835][T24598] ? set_precision+0xf0/0x170 [ 3412.999538][T24598] panic+0x2e3/0x75c [ 3413.003445][T24598] ? add_taint.cold+0x16/0x16 [ 3413.008231][T24598] ? __probe_kernel_read+0x188/0x1d0 [ 3413.013523][T24598] ? __warn.cold+0x14/0x35 [ 3413.017956][T24598] ? set_precision+0x13a/0x170 [ 3413.022729][T24598] __warn.cold+0x2f/0x35 [ 3413.026983][T24598] ? set_precision+0x13a/0x170 [ 3413.031756][T24598] report_bug+0x27b/0x2f0 [ 3413.036113][T24598] do_error_trap+0x12b/0x220 [ 3413.040709][T24598] ? set_precision+0x13a/0x170 [ 3413.045491][T24598] do_invalid_op+0x32/0x40 [ 3413.049920][T24598] ? set_precision+0x13a/0x170 [ 3413.054704][T24598] invalid_op+0x23/0x30 [ 3413.058989][T24598] RIP: 0010:set_precision+0x13a/0x170 [ 3413.061131][T24642] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3413.064362][T24598] Code: b6 df 88 5d 07 5b 5d 41 5c 41 5d e9 f0 f8 ba f9 e8 eb f8 ba f9 89 de 48 c7 c7 40 29 da 88 c6 05 83 02 aa 02 01 e8 ce 09 8d f9 <0f> 0b e9 67 ff ff ff be 08 00 00 00 48 89 ef e8 62 b7 f7 f9 e9 14 [ 3413.064371][T24598] RSP: 0018:ffffc900073cf2d8 EFLAGS: 00010286 [ 3413.064383][T24598] RAX: 0000000000000000 RBX: 00000000000080fc RCX: 0000000000000000 [ 3413.064392][T24598] RDX: 0000000000017ec4 RSI: ffffffff815c06c1 RDI: fffff52000e79e4d [ 3413.064401][T24598] RBP: ffffc900073cf368 R08: ffff888096a5a280 R09: fffffbfff180e57b [ 3413.064410][T24598] R10: fffffbfff180e57a R11: ffffffff8c072bd7 R12: 0000000000000000 [ 3413.064427][T24598] R13: ffffc900073cf36f R14: 0000000000000018 R15: ffffc900073cf400 [ 3413.138632][T24598] ? vprintk_func+0x81/0x17e [ 3413.143243][T24598] ? set_precision+0x13a/0x170 [ 3413.148021][T24598] vsnprintf+0x894/0x14f0 [ 3413.152374][T24598] ? pointer+0x680/0x680 [ 3413.156647][T24598] kvasprintf+0x9c/0x150 [ 3413.160903][T24598] ? bust_spinlocks+0xe0/0xe0 [ 3413.165596][T24598] ? vprintk_func+0x81/0x17e [ 3413.170204][T24598] kasprintf+0xbb/0xf0 [ 3413.174287][T24598] ? kvasprintf_const+0x190/0x190 [ 3413.179333][T24598] ? mark_lock+0xbc/0x1220 [ 3413.183783][T24598] hwsim_new_radio_nl+0x8db/0xf60 [ 3413.188817][T24598] ? lockdep_hardirqs_on+0x417/0x5d0 [ 3413.194118][T24598] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 3413.200063][T24598] genl_rcv_msg+0x627/0xdf0 [ 3413.204592][T24598] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3413.210937][T24598] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 3413.216661][T24598] ? retint_kernel+0x2b/0x2b [ 3413.221277][T24598] ? check_memory_region+0xfa/0x190 [ 3413.226498][T24598] netlink_rcv_skb+0x15a/0x410 [ 3413.231275][T24598] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 3413.237611][T24598] ? netlink_ack+0xa80/0xa80 [ 3413.242228][T24598] ? genl_rcv+0x9/0x40 [ 3413.246317][T24598] genl_rcv+0x24/0x40 [ 3413.250303][T24598] netlink_unicast+0x537/0x740 [ 3413.255086][T24598] ? netlink_attachskb+0x810/0x810 [ 3413.260200][T24598] ? _copy_from_iter_full+0x25c/0x870 [ 3413.265579][T24598] ? __phys_addr_symbol+0x2c/0x70 [ 3413.270611][T24598] ? __check_object_size+0x171/0x437 [ 3413.275932][T24598] netlink_sendmsg+0x882/0xe10 [ 3413.280715][T24598] ? aa_af_perm+0x260/0x260 [ 3413.285223][T24598] ? netlink_unicast+0x740/0x740 [ 3413.290183][T24598] ? netlink_unicast+0x740/0x740 [ 3413.295134][T24598] sock_sendmsg+0xcf/0x120 [ 3413.299570][T24598] ____sys_sendmsg+0x6b9/0x7d0 [ 3413.304356][T24598] ? kernel_sendmsg+0x50/0x50 [ 3413.309056][T24598] ? mark_lock+0xbc/0x1220 [ 3413.313508][T24598] ___sys_sendmsg+0x100/0x170 [ 3413.318213][T24598] ? sendmsg_copy_msghdr+0x70/0x70 [ 3413.323358][T24598] ? __fget_files+0x329/0x4f0 [ 3413.328066][T24598] ? ksys_dup3+0x3c0/0x3c0 [ 3413.332497][T24598] ? lock_acquire+0x197/0x420 [ 3413.337196][T24598] ? __might_fault+0xef/0x1d0 [ 3413.341900][T24598] ? __fget_light+0x208/0x270 [ 3413.346611][T24598] __sys_sendmsg+0xec/0x1b0 [ 3413.348667][T24678] x_tables: eb_tables: mark_m.0 match: invalid size 24 (kernel) != (user) 0 [ 3413.351123][T24598] ? __sys_sendmsg_sock+0xb0/0xb0 [ 3413.351166][T24598] ? do_syscall_64+0x4f/0x7d0 [ 3413.351193][T24598] do_syscall_64+0xf6/0x7d0 [ 3413.351215][T24598] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3413.351227][T24598] RIP: 0033:0x45c849 [ 3413.351242][T24598] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3413.351249][T24598] RSP: 002b:00007fc08085dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3413.412000][T24598] RAX: ffffffffffffffda RBX: 00007fc08085e6d4 RCX: 000000000045c849 [ 3413.419979][T24598] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 3413.427956][T24598] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3413.435934][T24598] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3413.443914][T24598] R13: 00000000000009f2 R14: 00000000004ccaa4 R15: 000000000076bf0c [ 3413.453651][T24598] Kernel Offset: disabled [ 3413.462081][T24598] Rebooting in 86400 seconds..