x50f0/0x50f0 [ 3040.353239][T29635] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3040.360609][T29635] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3040.367985][T29635] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3040.373540][T29635] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3040.380909][T29635] ? ns_capable+0xd5/0x110 [ 3040.385323][T29635] genl_rcv_msg+0x55c/0x800 [ 3040.389820][T29635] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3040.395710][T29635] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3040.401597][T29635] netlink_rcv_skb+0x16b/0x440 [ 3040.406352][T29635] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3040.412239][T29635] ? netlink_ack+0x1370/0x1370 [ 3040.416994][T29635] ? rcu_is_watching+0x12/0xb0 [ 3040.421749][T29635] ? down_write+0x200/0x200 [ 3040.426242][T29635] ? netlink_deliver_tap+0x1b1/0xd10 [ 3040.431525][T29635] genl_rcv+0x28/0x40 [ 3040.435499][T29635] netlink_unicast+0x536/0x810 [ 3040.440263][T29635] ? netlink_attachskb+0x870/0x870 [ 3040.445366][T29635] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3040.451252][T29635] ? __phys_addr_symbol+0x30/0x70 [ 3040.456264][T29635] ? __check_object_size+0x323/0x730 [ 3040.461541][T29635] netlink_sendmsg+0x93c/0xe40 [ 3040.466303][T29635] ? netlink_unicast+0x810/0x810 [ 3040.471238][T29635] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3040.476522][T29635] ? netlink_unicast+0x810/0x810 [ 3040.481453][T29635] sock_sendmsg+0xd9/0x180 [ 3040.485879][T29635] ____sys_sendmsg+0x6ac/0x940 [ 3040.490647][T29635] ? copy_msghdr_from_user+0x10b/0x160 [ 3040.496101][T29635] ? kernel_sendmsg+0x50/0x50 [ 3040.500768][T29635] ? plist_check_list+0x1ae/0x280 [ 3040.505783][T29635] ? schedule+0xf1/0x1b0 [ 3040.510020][T29635] ___sys_sendmsg+0x135/0x1d0 [ 3040.514694][T29635] ? do_recvmmsg+0x740/0x740 [ 3040.519276][T29635] ? rcu_is_watching+0x12/0xb0 [ 3040.524039][T29635] ? rcu_is_watching+0x12/0xb0 [ 3040.528789][T29635] ? __fget_light+0xe6/0x260 [ 3040.533371][T29635] __sys_sendmsg+0x117/0x1e0 [ 3040.537956][T29635] ? __sys_sendmsg_sock+0x30/0x30 [ 3040.542968][T29635] ? xfd_validate_state+0x5d/0x180 [ 3040.548077][T29635] ? rcu_is_watching+0x12/0xb0 [ 3040.552834][T29635] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3040.558806][T29635] do_syscall_64+0x38/0xb0 [ 3040.563215][T29635] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3040.569109][T29635] RIP: 0033:0x7fc65907cae9 [ 3040.573511][T29635] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3040.593113][T29635] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3040.601534][T29635] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3040.609496][T29635] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3040.617452][T29635] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3040.625497][T29635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3040.633462][T29635] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3040.641425][T29635] [ 3040.660333][T29636] FAT-fs (loop4): Unrecognized mount option "ioc7arset=Ep936" or missing value 20:13:48 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000561000/0x2000)=nil, 0x1000) 20:13:48 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r4, &(0x7f0000000240)={&(0x7f0000000040), 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x80, 0x0, 0x8, 0x70bd28, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'batadv0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @remote}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @remote}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'erspan0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'syzkaller0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @empty}]}, 0x80}, 0x1, 0x0, 0x0, 0x1}, 0x14000050) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) 20:13:48 executing program 5: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000380)={[{@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@uni_xlate}, {@uni_xlate}, {@shortname_lower}, {@fat=@errors_continue}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") r1 = openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000540)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645716d66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb17e17d9ad988fcffbc33f7f7b75d0a0f52d0b3a4611d8a22cb4fc34be7f170d7944b96a71c40f1227e6318515c3f5566163be82318dfcfe85db448bb3f136ec77632385ac329a63c901cbce212bc506afdbb29a16b95c987cca0925faa69ef2b70582e9d4be6dba37deb83b0fd313dd5d0e259d19820a2067b6d66dcc5dc5503b207c2d5956afc2a53a61a24b608f2faa86b17cec80e2971366e126ece251e5e01fcc6704f70d659e45ae40fae9790f7d13c3fef3feb02b23d631c6ac28a556fa1cd60d9fc4ed1d8cb3bcb9febc3f0779ec5a5a5012dd46864c4c7714a73e30cf2e7ad6da2efd38144", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_freezer_state(r1, &(0x7f0000000240)='FROZEN\x00', 0x7) pwritev(r2, &(0x7f0000001080)=[{&(0x7f0000000080)='r', 0x5800}], 0x1, 0x0, 0x0) r3 = syz_open_dev$audion(&(0x7f0000000000), 0x67, 0x800) openat$cgroup_ro(r3, &(0x7f0000000140)='blkio.bfq.io_wait_time\x00', 0x0, 0x0) write$UHID_INPUT2(r2, &(0x7f0000000280)=ANY=[@ANYBLOB='\x00\x00\x00'], 0x6) chdir(&(0x7f0000000200)='./file0\x00') 20:13:48 executing program 4: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='iocharset=iso8859-9,shortname=lower,iocharset=cp857,uni_xlate=0,uni_xlate=1,shortname=win95,utf8=0,ioc7arset=Ep936,rodir,shortname=mixed,shortname=win95,shortname=lower,check=strict,utf8=1,tz=UTC,\x00'], 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") (async) r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='iocharset=iso8859-9,shortname=lower,iocharset=cp857,uni_xlate=0,uni_xlate=1,shortname=win95,utf8=0,ioc7arset=Ep936,rodir,shortname=mixed,shortname=win95,shortname=lower,check=strict,utf8=1,tz=UTC,\x00'], 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) [ 3040.688743][T29632] syz-executor.5[29632]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set 20:13:48 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r4, &(0x7f0000000240)={&(0x7f0000000040), 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x80, 0x0, 0x8, 0x70bd28, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'batadv0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @remote}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @remote}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'erspan0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'syzkaller0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @empty}]}, 0x80}, 0x1, 0x0, 0x0, 0x1}, 0x14000050) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) (async) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r4, &(0x7f0000000240)={&(0x7f0000000040), 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x80, 0x0, 0x8, 0x70bd28, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'batadv0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @remote}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @remote}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'erspan0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'syzkaller0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @empty}]}, 0x80}, 0x1, 0x0, 0x0, 0x1}, 0x14000050) (async) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00'}) (async) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) (async) [ 3040.778347][T29657] syz-executor.4[29657]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3040.780237][T29658] syz-executor.4[29658]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3040.796805][ T2161] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 3040.808259][T29659] syz-executor.5[29659]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3040.833227][T29657] loop4: detected capacity change from 0 to 256 [ 3040.839969][T29659] loop5: detected capacity change from 0 to 256 [ 3040.860057][T29657] FAT-fs (loop4): Unrecognized mount option "ioc7arset=Ep936" or missing value [ 3040.871794][T29659] FAT-fs (loop5): Directory bread(block 64) failed [ 3040.884047][T29659] FAT-fs (loop5): Directory bread(block 65) failed [ 3040.891978][T29659] FAT-fs (loop5): Directory bread(block 66) failed [ 3040.898676][T29659] FAT-fs (loop5): Directory bread(block 67) failed [ 3040.905320][T29659] FAT-fs (loop5): Directory bread(block 68) failed [ 3040.912633][T29659] FAT-fs (loop5): Directory bread(block 69) failed [ 3040.919637][T29659] FAT-fs (loop5): Directory bread(block 70) failed [ 3040.926152][T29659] FAT-fs (loop5): Directory bread(block 71) failed [ 3040.932782][T29659] FAT-fs (loop5): Directory bread(block 72) failed [ 3040.939313][T29659] FAT-fs (loop5): Directory bread(block 73) failed [ 3040.958130][T29659] syz-executor.5: attempt to access beyond end of device [ 3040.958130][T29659] loop5: rw=2049, sector=1160, nr_sectors = 32 limit=256 [ 3040.973297][T29659] syz-executor.5: attempt to access beyond end of device [ 3040.973297][T29659] loop5: rw=2049, sector=1224, nr_sectors = 12 limit=256 [ 3040.995799][T29659] syz-executor.5: attempt to access beyond end of device [ 3040.995799][T29659] loop5: rw=2049, sector=1160, nr_sectors = 4 limit=256 [ 3041.012813][T29659] Buffer I/O error on dev loop5, logical block 290, lost async page write [ 3041.067083][ T2161] usb 3-1: Using ep0 maxpacket: 16 [ 3041.186882][ T2161] usb 3-1: config index 0 descriptor too short (expected 16456, got 72) [ 3041.195253][ T2161] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 3041.203504][ T2161] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 3041.212426][ T2161] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 3041.220603][ T2161] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 3041.229523][ T2161] usb 3-1: config 0 has no interface number 0 [ 3041.235590][ T2161] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 3041.246646][ T2161] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 3041.256501][ T2161] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 3041.266391][ T2161] usb 3-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 3041.279558][ T2161] usb 3-1: config 0 interface 125 has no altsetting 2 [ 3041.447612][ T2161] usb 3-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 3041.456699][ T2161] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3041.464747][ T2161] usb 3-1: Product: syz [ 3041.468934][ T2161] usb 3-1: Manufacturer: syz [ 3041.473506][ T2161] usb 3-1: SerialNumber: syz [ 3041.479642][ T2161] usb 3-1: config 0 descriptor?? [ 3041.518833][ T2161] usb 3-1: selecting invalid altsetting 2 [ 3042.396827][ C0] usb 3-1: async_complete: urb error -71 [ 3042.404000][ T2161] get_1284_register: usb error -71 [ 3042.409803][ T2161] parport14: fix this legacy no-device port driver! [ 3042.422215][ T2161] usb 3-1: USB disconnect, device number 13 20:13:50 executing program 2: syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 20:13:50 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) shmctl$SHM_UNLOCK(0x0, 0xc) 20:13:50 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000fffffffd0004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:13:50 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) (async) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r4, &(0x7f0000000240)={&(0x7f0000000040), 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x80, 0x0, 0x8, 0x70bd28, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'batadv0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @remote}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @remote}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'erspan0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'syzkaller0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @empty}]}, 0x80}, 0x1, 0x0, 0x0, 0x1}, 0x14000050) (async) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) 20:13:50 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='iocharset=iso8859-9,shortname=lower,iocharset=cp857,uni_xlate=0,uni_xlate=1,shortname=win95,utf8=0,ioc7arset=Ep936,rodir,shortname=mixed,shortname=win95,shortname=lower,check=strict,utf8=1,tz=UTC,\x00'], 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='iocharset=iso8859-9,shortname=lower,iocharset=cp857,uni_xlate=0,uni_xlate=1,shortname=win95,utf8=0,ioc7arset=Ep936,rodir,shortname=mixed,shortname=win95,shortname=lower,check=strict,utf8=1,tz=UTC,\x00'], 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") (async) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) (async) 20:13:50 executing program 5: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000380)={[{@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@uni_xlate}, {@uni_xlate}, {@shortname_lower}, {@fat=@errors_continue}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") r1 = openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0) (async) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000540)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645716d66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb17e17d9ad988fcffbc33f7f7b75d0a0f52d0b3a4611d8a22cb4fc34be7f170d7944b96a71c40f1227e6318515c3f5566163be82318dfcfe85db448bb3f136ec77632385ac329a63c901cbce212bc506afdbb29a16b95c987cca0925faa69ef2b70582e9d4be6dba37deb83b0fd313dd5d0e259d19820a2067b6d66dcc5dc5503b207c2d5956afc2a53a61a24b608f2faa86b17cec80e2971366e126ece251e5e01fcc6704f70d659e45ae40fae9790f7d13c3fef3feb02b23d631c6ac28a556fa1cd60d9fc4ed1d8cb3bcb9febc3f0779ec5a5a5012dd46864c4c7714a73e30cf2e7ad6da2efd38144", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) (async, rerun: 32) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) (rerun: 32) write$cgroup_freezer_state(r1, &(0x7f0000000240)='FROZEN\x00', 0x7) (async) pwritev(r2, &(0x7f0000001080)=[{&(0x7f0000000080)='r', 0x5800}], 0x1, 0x0, 0x0) r3 = syz_open_dev$audion(&(0x7f0000000000), 0x67, 0x800) openat$cgroup_ro(r3, &(0x7f0000000140)='blkio.bfq.io_wait_time\x00', 0x0, 0x0) (async) write$UHID_INPUT2(r2, &(0x7f0000000280)=ANY=[@ANYBLOB='\x00\x00\x00'], 0x6) chdir(&(0x7f0000000200)='./file0\x00') [ 3042.902067][T29670] syz-executor.5[29670]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3042.913614][T29672] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3042.926215][T29673] syz-executor.4[29673]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3042.943190][T29670] loop5: detected capacity change from 0 to 256 [ 3042.950656][T29672] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3042.954973][T29673] loop4: detected capacity change from 0 to 256 [ 3042.965025][T29672] CPU: 0 PID: 29672 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3042.965049][T29672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3042.965060][T29672] Call Trace: [ 3042.965066][T29672] [ 3042.965072][T29672] dump_stack_lvl+0x125/0x1b0 [ 3042.965103][T29672] sysfs_warn_dup+0x7f/0xa0 [ 3042.965127][T29672] sysfs_do_create_link_sd+0x11e/0x140 [ 3042.965152][T29672] sysfs_create_link+0x61/0xc0 [ 3042.965176][T29672] device_add+0x669/0x1ac0 [ 3042.977950][T29673] FAT-fs (loop4): Unrecognized mount option "ioc7arset=Ep936" or missing value [ 3042.986468][T29672] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3043.030647][T29670] FAT-fs (loop5): Directory bread(block 64) failed [ 3043.032181][T29672] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3043.041494][T29670] FAT-fs (loop5): Directory bread(block 65) failed [ 3043.044626][T29672] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3043.044664][T29672] wiphy_register+0x2095/0x2ce0 [ 3043.044695][T29672] ? wiphy_unregister+0xb70/0xb70 [ 3043.051981][T29670] FAT-fs (loop5): Directory bread(block 66) failed [ 3043.057142][T29672] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3043.057169][T29672] ieee80211_register_hw+0x24d1/0x4250 [ 3043.062401][T29670] FAT-fs (loop5): Directory bread(block 67) failed [ 3043.067015][T29672] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3043.067053][T29672] ? rcu_is_watching+0x12/0xb0 [ 3043.074010][T29670] FAT-fs (loop5): Directory bread(block 68) failed [ 3043.079577][T29672] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3043.079609][T29672] ? __hrtimer_init+0x103/0x2c0 [ 3043.085477][T29670] FAT-fs (loop5): Directory bread(block 69) failed [ 3043.091528][T29672] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3043.091566][T29672] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3043.091589][T29672] ? rcu_is_watching+0x12/0xb0 [ 3043.097702][T29670] FAT-fs (loop5): Directory bread(block 70) failed [ 3043.101866][T29672] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3043.101892][T29672] hwsim_new_radio_nl+0xaf8/0x1240 [ 3043.109530][T29670] FAT-fs (loop5): Directory bread(block 71) failed [ 3043.114484][T29672] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3043.114513][T29672] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3043.119814][T29670] FAT-fs (loop5): Directory bread(block 72) failed [ 3043.125830][T29672] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3043.133729][T29670] FAT-fs (loop5): Directory bread(block 73) failed 20:13:50 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) 20:13:50 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) 20:13:50 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) shmctl$SHM_LOCK(r0, 0xb) [ 3043.137325][T29672] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3043.137359][T29672] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3043.212615][T29672] ? ns_capable+0xd5/0x110 [ 3043.217050][T29672] genl_rcv_msg+0x55c/0x800 [ 3043.221576][T29672] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3043.227486][T29672] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3043.233402][T29672] netlink_rcv_skb+0x16b/0x440 [ 3043.238176][T29672] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3043.244171][T29672] ? netlink_ack+0x1370/0x1370 [ 3043.248942][T29672] ? rcu_is_watching+0x12/0xb0 20:13:50 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_LOCK(r0, 0xb) [ 3043.253714][T29672] ? down_write+0x200/0x200 [ 3043.258229][T29672] ? netlink_deliver_tap+0x1b1/0xd10 [ 3043.263525][T29672] genl_rcv+0x28/0x40 [ 3043.267520][T29672] netlink_unicast+0x536/0x810 [ 3043.272303][T29672] ? netlink_attachskb+0x870/0x870 [ 3043.277437][T29672] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3043.283353][T29672] ? __phys_addr_symbol+0x30/0x70 [ 3043.288388][T29672] ? __check_object_size+0x323/0x730 [ 3043.293712][T29672] netlink_sendmsg+0x93c/0xe40 [ 3043.298491][T29672] ? netlink_unicast+0x810/0x810 20:13:50 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$SHM_LOCK(r0, 0xb) [ 3043.303448][T29672] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3043.308751][T29672] ? netlink_unicast+0x810/0x810 [ 3043.313704][T29672] sock_sendmsg+0xd9/0x180 [ 3043.318138][T29672] ____sys_sendmsg+0x6ac/0x940 [ 3043.322925][T29672] ? copy_msghdr_from_user+0x10b/0x160 [ 3043.328395][T29672] ? kernel_sendmsg+0x50/0x50 [ 3043.333100][T29672] ? plist_check_list+0x1ae/0x280 [ 3043.338149][T29672] ? schedule+0xf1/0x1b0 [ 3043.342412][T29672] ___sys_sendmsg+0x135/0x1d0 [ 3043.347115][T29672] ? do_recvmmsg+0x740/0x740 20:13:50 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) shmctl$SHM_LOCK(r0, 0xb) [ 3043.351719][T29672] ? rcu_is_watching+0x12/0xb0 [ 3043.356497][T29672] ? rcu_is_watching+0x12/0xb0 [ 3043.361273][T29672] ? __fget_light+0xe6/0x260 [ 3043.365888][T29672] __sys_sendmsg+0x117/0x1e0 [ 3043.370497][T29672] ? __sys_sendmsg_sock+0x30/0x30 [ 3043.375542][T29672] ? xfd_validate_state+0x5d/0x180 [ 3043.380673][T29672] ? rcu_is_watching+0x12/0xb0 [ 3043.385438][T29672] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3043.391424][T29672] do_syscall_64+0x38/0xb0 [ 3043.395846][T29672] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3043.401755][T29672] RIP: 0033:0x7fc65907cae9 [ 3043.406177][T29672] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3043.425962][T29672] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3043.434380][T29672] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3043.442376][T29672] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 20:13:50 executing program 2: syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 20:13:50 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r0, 0xb) [ 3043.450331][T29672] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3043.458309][T29672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3043.466304][T29672] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3043.474299][T29672] 20:13:50 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000001ff0004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:13:50 executing program 5: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000380)={[{@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@uni_xlate}, {@uni_xlate}, {@shortname_lower}, {@fat=@errors_continue}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") (async) r1 = openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000540)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645716d66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb17e17d9ad988fcffbc33f7f7b75d0a0f52d0b3a4611d8a22cb4fc34be7f170d7944b96a71c40f1227e6318515c3f5566163be82318dfcfe85db448bb3f136ec77632385ac329a63c901cbce212bc506afdbb29a16b95c987cca0925faa69ef2b70582e9d4be6dba37deb83b0fd313dd5d0e259d19820a2067b6d66dcc5dc5503b207c2d5956afc2a53a61a24b608f2faa86b17cec80e2971366e126ece251e5e01fcc6704f70d659e45ae40fae9790f7d13c3fef3feb02b23d631c6ac28a556fa1cd60d9fc4ed1d8cb3bcb9febc3f0779ec5a5a5012dd46864c4c7714a73e30cf2e7ad6da2efd38144", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) (async) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) (async) write$cgroup_freezer_state(r1, &(0x7f0000000240)='FROZEN\x00', 0x7) pwritev(r2, &(0x7f0000001080)=[{&(0x7f0000000080)='r', 0x5800}], 0x1, 0x0, 0x0) (async) r3 = syz_open_dev$audion(&(0x7f0000000000), 0x67, 0x800) openat$cgroup_ro(r3, &(0x7f0000000140)='blkio.bfq.io_wait_time\x00', 0x0, 0x0) (async) write$UHID_INPUT2(r2, &(0x7f0000000280)=ANY=[@ANYBLOB='\x00\x00\x00'], 0x6) (async, rerun: 64) chdir(&(0x7f0000000200)='./file0\x00') (rerun: 64) 20:13:50 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r0, 0xb) 20:13:50 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) 20:13:50 executing program 4: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@tz_utc}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r0, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000340)=ANY=[], 0x1, 0x0, &(0x7f0000000000)) [ 3043.556332][T29673] syz-executor.4[29673]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3043.584693][T29703] syz-executor.5[29703]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3043.593184][T29704] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. 20:13:50 executing program 5: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmctl$SHM_LOCK(r0, 0xb) 20:13:51 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0) shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmctl$SHM_LOCK(r0, 0xb) [ 3043.642272][T29713] syz-executor.4[29713]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3043.655959][T29713] loop4: detected capacity change from 0 to 256 [ 3043.671283][T29704] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3043.682429][T29713] FAT-fs (loop4): Directory bread(block 64) failed 20:13:51 executing program 5: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000561000/0x2000)=nil, 0x1000) r3 = shmget$private(0x0, 0x4000, 0x800, &(0x7f00009ff000/0x4000)=nil) shmat(r3, &(0x7f00000de000/0x4000)=nil, 0x0) shmat(r3, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_UNLOCK(0x0, 0xc) [ 3043.700993][T29713] FAT-fs (loop4): Directory bread(block 65) failed [ 3043.706263][T29704] CPU: 0 PID: 29704 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3043.717543][T29704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3043.718899][T29713] FAT-fs (loop4): Directory bread(block 66) failed [ 3043.727580][T29704] Call Trace: [ 3043.727589][T29704] [ 3043.727595][T29704] dump_stack_lvl+0x125/0x1b0 [ 3043.727630][T29704] sysfs_warn_dup+0x7f/0xa0 [ 3043.727657][T29704] sysfs_do_create_link_sd+0x11e/0x140 [ 3043.727685][T29704] sysfs_create_link+0x61/0xc0 [ 3043.727711][T29704] device_add+0x669/0x1ac0 [ 3043.727743][T29704] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3043.727776][T29704] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3043.727812][T29704] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3043.727841][T29704] wiphy_register+0x2095/0x2ce0 [ 3043.727867][T29704] ? wiphy_unregister+0xb70/0xb70 [ 3043.745463][T29713] FAT-fs (loop4): Directory bread(block 67) failed [ 3043.749755][T29704] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3043.749780][T29704] ieee80211_register_hw+0x24d1/0x4250 [ 3043.749812][T29704] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3043.749840][T29704] ? rcu_is_watching+0x12/0xb0 [ 3043.749859][T29704] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3043.762865][T29713] FAT-fs (loop4): Directory bread(block 68) failed [ 3043.764428][T29704] ? __hrtimer_init+0x103/0x2c0 [ 3043.764457][T29704] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3043.776616][T29713] FAT-fs (loop4): Directory bread(block 69) failed 20:13:51 executing program 4: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@tz_utc}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r0, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000340)=ANY=[], 0x1, 0x0, &(0x7f0000000000)) [ 3043.777230][T29704] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3043.777256][T29704] ? rcu_is_watching+0x12/0xb0 [ 3043.777274][T29704] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3043.777296][T29704] hwsim_new_radio_nl+0xaf8/0x1240 [ 3043.777317][T29704] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3043.777341][T29704] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3043.777372][T29704] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3043.777402][T29704] genl_family_rcv_msg_doit+0x1fc/0x2e0 20:13:51 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0) shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) [ 3043.785314][T29713] FAT-fs (loop4): Directory bread(block 70) failed [ 3043.788223][T29704] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3043.788263][T29704] ? ns_capable+0xd5/0x110 [ 3043.788288][T29704] genl_rcv_msg+0x55c/0x800 [ 3043.788315][T29704] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3043.788343][T29704] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3043.788368][T29704] netlink_rcv_skb+0x16b/0x440 [ 3043.788394][T29704] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3043.788421][T29704] ? netlink_ack+0x1370/0x1370 [ 3043.788444][T29704] ? rcu_is_watching+0x12/0xb0 [ 3043.788467][T29704] ? down_write+0x200/0x200 [ 3043.788487][T29704] ? netlink_deliver_tap+0x1b1/0xd10 [ 3043.788512][T29704] genl_rcv+0x28/0x40 [ 3043.788537][T29704] netlink_unicast+0x536/0x810 [ 3043.788563][T29704] ? netlink_attachskb+0x870/0x870 [ 3043.788587][T29704] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3043.795617][T29713] FAT-fs (loop4): Directory bread(block 71) failed [ 3043.800156][T29704] ? __phys_addr_symbol+0x30/0x70 [ 3043.800182][T29704] ? __check_object_size+0x323/0x730 20:13:51 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0) shmctl$SHM_LOCK(r0, 0xb) 20:13:51 executing program 5: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) r3 = shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000561000/0x2000)=nil, 0x1000) r4 = shmget$private(0x0, 0x4000, 0x800, &(0x7f00009ff000/0x4000)=nil) shmat(r4, &(0x7f00000de000/0x4000)=nil, 0x0) shmat(r4, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_UNLOCK(0x0, 0xc) shmctl$SHM_LOCK(r3, 0xb) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x233000, 0x1000, 0x0, 0x1}, 0x20) [ 3043.800209][T29704] netlink_sendmsg+0x93c/0xe40 [ 3043.800237][T29704] ? netlink_unicast+0x810/0x810 [ 3043.800264][T29704] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3043.800290][T29704] ? netlink_unicast+0x810/0x810 [ 3043.800315][T29704] sock_sendmsg+0xd9/0x180 [ 3043.800338][T29704] ____sys_sendmsg+0x6ac/0x940 [ 3043.800360][T29704] ? copy_msghdr_from_user+0x10b/0x160 [ 3043.810355][T29713] FAT-fs (loop4): Directory bread(block 72) failed [ 3043.811832][T29704] ? kernel_sendmsg+0x50/0x50 [ 3043.811856][T29704] ? plist_check_list+0x1ae/0x280 [ 3043.825858][T29713] FAT-fs (loop4): Directory bread(block 73) failed [ 3043.828077][T29704] ? schedule+0xf1/0x1b0 [ 3043.828103][T29704] ___sys_sendmsg+0x135/0x1d0 [ 3043.828132][T29704] ? do_recvmmsg+0x740/0x740 [ 3043.828156][T29704] ? rcu_is_watching+0x12/0xb0 [ 3043.828181][T29704] ? rcu_is_watching+0x12/0xb0 [ 3043.828202][T29704] ? __fget_light+0xe6/0x260 [ 3043.828223][T29704] __sys_sendmsg+0x117/0x1e0 [ 3043.828248][T29704] ? __sys_sendmsg_sock+0x30/0x30 [ 3043.828271][T29704] ? xfd_validate_state+0x5d/0x180 [ 3043.828303][T29704] ? rcu_is_watching+0x12/0xb0 [ 3044.105621][T29704] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3044.111613][T29704] do_syscall_64+0x38/0xb0 [ 3044.116125][T29704] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3044.122049][T29704] RIP: 0033:0x7fc65907cae9 [ 3044.126468][T29704] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 20:13:51 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="140100002900010000000000f0ffff0004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:13:51 executing program 2: syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 20:13:51 executing program 5: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x0) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) r3 = shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000561000/0x2000)=nil, 0x1000) r4 = shmget$private(0x0, 0x4000, 0x800, &(0x7f00009ff000/0x4000)=nil) shmat(r4, &(0x7f00000de000/0x4000)=nil, 0x0) shmat(r4, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_UNLOCK(0x0, 0xc) shmctl$SHM_LOCK(r3, 0xb) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x233000, 0x1000, 0x0, 0x1}, 0x20) [ 3044.146084][T29704] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3044.154497][T29704] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3044.162468][T29704] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3044.170440][T29704] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3044.178413][T29704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3044.186375][T29704] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3044.194332][T29704] 20:13:51 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) 20:13:51 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmctl$SHM_LOCK(r0, 0xb) 20:13:51 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00'}) (async) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) (async) 20:13:51 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) [ 3044.280152][T29741] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3044.316402][T29742] syz-executor.4[29742]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3044.333516][T29741] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3044.350111][T29742] loop4: detected capacity change from 0 to 256 [ 3044.353684][T29741] CPU: 0 PID: 29741 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3044.366402][T29741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3044.376579][T29741] Call Trace: [ 3044.379976][T29741] [ 3044.382910][T29741] dump_stack_lvl+0x125/0x1b0 [ 3044.387608][T29741] sysfs_warn_dup+0x7f/0xa0 [ 3044.392122][T29741] sysfs_do_create_link_sd+0x11e/0x140 [ 3044.397706][T29741] sysfs_create_link+0x61/0xc0 [ 3044.402460][T29741] device_add+0x669/0x1ac0 [ 3044.406873][T29741] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3044.413716][T29741] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3044.419606][T29741] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3044.425579][T29741] wiphy_register+0x2095/0x2ce0 [ 3044.430421][T29741] ? wiphy_unregister+0xb70/0xb70 [ 3044.435520][T29741] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3044.441600][T29741] ieee80211_register_hw+0x24d1/0x4250 [ 3044.447077][T29741] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3044.452614][T29741] ? rcu_is_watching+0x12/0xb0 [ 3044.457363][T29741] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3044.463335][T29741] ? __hrtimer_init+0x103/0x2c0 [ 3044.468184][T29741] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3044.473898][T29741] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3044.479604][T29741] ? rcu_is_watching+0x12/0xb0 [ 3044.484355][T29741] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3044.490290][T29741] hwsim_new_radio_nl+0xaf8/0x1240 [ 3044.495393][T29741] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3044.501277][T29741] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3044.508663][T29741] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3044.516029][T29741] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3044.521592][T29741] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3044.528961][T29741] ? ns_capable+0xd5/0x110 [ 3044.533374][T29741] genl_rcv_msg+0x55c/0x800 [ 3044.537873][T29741] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3044.543761][T29741] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3044.549646][T29741] netlink_rcv_skb+0x16b/0x440 [ 3044.554404][T29741] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3044.560400][T29741] ? netlink_ack+0x1370/0x1370 [ 3044.565166][T29741] ? rcu_is_watching+0x12/0xb0 [ 3044.569927][T29741] ? down_write+0x200/0x200 [ 3044.574417][T29741] ? netlink_deliver_tap+0x1b1/0xd10 [ 3044.579694][T29741] genl_rcv+0x28/0x40 [ 3044.583667][T29741] netlink_unicast+0x536/0x810 [ 3044.588423][T29741] ? netlink_attachskb+0x870/0x870 [ 3044.593613][T29741] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3044.599500][T29741] ? __phys_addr_symbol+0x30/0x70 [ 3044.604518][T29741] ? __check_object_size+0x323/0x730 [ 3044.609802][T29741] netlink_sendmsg+0x93c/0xe40 [ 3044.614649][T29741] ? netlink_unicast+0x810/0x810 [ 3044.619578][T29741] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3044.624860][T29741] ? netlink_unicast+0x810/0x810 [ 3044.629794][T29741] sock_sendmsg+0xd9/0x180 [ 3044.634199][T29741] ____sys_sendmsg+0x6ac/0x940 [ 3044.638956][T29741] ? copy_msghdr_from_user+0x10b/0x160 [ 3044.644613][T29741] ? kernel_sendmsg+0x50/0x50 [ 3044.649300][T29741] ? plist_check_list+0x1ae/0x280 [ 3044.654331][T29741] ? schedule+0xf1/0x1b0 [ 3044.658586][T29741] ___sys_sendmsg+0x135/0x1d0 [ 3044.663271][T29741] ? do_recvmmsg+0x740/0x740 [ 3044.667894][T29741] ? rcu_is_watching+0x12/0xb0 [ 3044.672653][T29741] ? rcu_is_watching+0x12/0xb0 [ 3044.677406][T29741] ? __fget_light+0xe6/0x260 [ 3044.682004][T29741] __sys_sendmsg+0x117/0x1e0 [ 3044.686602][T29741] ? __sys_sendmsg_sock+0x30/0x30 [ 3044.691617][T29741] ? xfd_validate_state+0x5d/0x180 [ 3044.696726][T29741] ? rcu_is_watching+0x12/0xb0 [ 3044.701487][T29741] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3044.707459][T29741] do_syscall_64+0x38/0xb0 [ 3044.711877][T29741] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3044.717770][T29741] RIP: 0033:0x7fc65907cae9 [ 3044.722191][T29741] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3044.741786][T29741] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3044.750192][T29741] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3044.758153][T29741] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3044.766117][T29741] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3044.774092][T29741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 20:13:52 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) shmctl$SHM_LOCK(r0, 0xb) [ 3044.782048][T29741] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3044.790012][T29741] [ 3044.826462][T29742] FAT-fs (loop4): Directory bread(block 64) failed [ 3044.833314][T29742] FAT-fs (loop4): Directory bread(block 65) failed [ 3044.842262][T29742] FAT-fs (loop4): Directory bread(block 66) failed [ 3044.849160][T29742] FAT-fs (loop4): Directory bread(block 67) failed [ 3044.859729][T29742] FAT-fs (loop4): Directory bread(block 68) failed [ 3044.866367][T29742] FAT-fs (loop4): Directory bread(block 69) failed 20:13:52 executing program 4: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@tz_utc}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) (async) r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r0, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000340)=ANY=[], 0x1, 0x0, &(0x7f0000000000)) 20:13:52 executing program 5: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(0x0, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x7000) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) r3 = shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000561000/0x2000)=nil, 0x1000) r4 = shmget$private(0x0, 0x4000, 0x800, &(0x7f00009ff000/0x4000)=nil) shmat(r4, &(0x7f00000de000/0x4000)=nil, 0x0) shmat(r4, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_UNLOCK(0x0, 0xc) shmctl$SHM_LOCK(r3, 0xb) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x233000, 0x1000, 0x0, 0x1}, 0x20) mbind(&(0x7f00001b9000/0x4000)=nil, 0x4000, 0x4000, 0x0, 0xfffffffffffffffc, 0x10000000003) 20:13:52 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmctl$SHM_LOCK(r0, 0xb) 20:13:52 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="4d7e0000000000000003002a00000008002f000000000005003600000000000c0005a1fa00000000000000050037000000000008000205", @ANYRES32=r4, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) 20:13:52 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="14010000290001000000007fffffff0004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3044.896200][T29742] FAT-fs (loop4): Directory bread(block 70) failed [ 3044.902971][T29742] FAT-fs (loop4): Directory bread(block 71) failed [ 3044.910464][T29742] FAT-fs (loop4): Directory bread(block 72) failed [ 3044.919616][T29742] FAT-fs (loop4): Directory bread(block 73) failed [ 3044.974990][T29758] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3045.005651][T29762] syz-executor.4[29762]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3045.023465][T29758] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3045.034387][T29762] loop4: detected capacity change from 0 to 256 [ 3045.042960][T29758] CPU: 0 PID: 29758 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3045.053034][T29758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3045.063084][T29758] Call Trace: [ 3045.066353][T29758] [ 3045.069278][T29758] dump_stack_lvl+0x125/0x1b0 [ 3045.073966][T29758] sysfs_warn_dup+0x7f/0xa0 [ 3045.078493][T29758] sysfs_do_create_link_sd+0x11e/0x140 [ 3045.083953][T29758] sysfs_create_link+0x61/0xc0 [ 3045.088713][T29758] device_add+0x669/0x1ac0 [ 3045.093132][T29758] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3045.099998][T29758] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3045.106414][T29758] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3045.112393][T29758] wiphy_register+0x2095/0x2ce0 [ 3045.117237][T29758] ? wiphy_unregister+0xb70/0xb70 [ 3045.122250][T29758] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3045.128306][T29758] ieee80211_register_hw+0x24d1/0x4250 [ 3045.133781][T29758] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3045.139339][T29758] ? rcu_is_watching+0x12/0xb0 [ 3045.144132][T29758] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3045.150132][T29758] ? __hrtimer_init+0x103/0x2c0 [ 3045.154981][T29758] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3045.160723][T29758] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3045.166446][T29758] ? rcu_is_watching+0x12/0xb0 [ 3045.171202][T29758] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3045.177091][T29758] hwsim_new_radio_nl+0xaf8/0x1240 [ 3045.182198][T29758] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3045.188609][T29758] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3045.195975][T29758] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3045.203344][T29758] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3045.208890][T29758] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3045.216260][T29758] ? ns_capable+0xd5/0x110 [ 3045.220671][T29758] genl_rcv_msg+0x55c/0x800 [ 3045.225171][T29758] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3045.231060][T29758] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3045.236971][T29758] netlink_rcv_skb+0x16b/0x440 [ 3045.241729][T29758] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3045.247618][T29758] ? netlink_ack+0x1370/0x1370 [ 3045.252375][T29758] ? rcu_is_watching+0x12/0xb0 [ 3045.257129][T29758] ? down_write+0x200/0x200 [ 3045.261623][T29758] ? netlink_deliver_tap+0x1b1/0xd10 [ 3045.266901][T29758] genl_rcv+0x28/0x40 [ 3045.270882][T29758] netlink_unicast+0x536/0x810 [ 3045.275638][T29758] ? netlink_attachskb+0x870/0x870 [ 3045.280746][T29758] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3045.286636][T29758] ? __phys_addr_symbol+0x30/0x70 [ 3045.291650][T29758] ? __check_object_size+0x323/0x730 [ 3045.296926][T29758] netlink_sendmsg+0x93c/0xe40 [ 3045.301681][T29758] ? netlink_unicast+0x810/0x810 [ 3045.306613][T29758] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3045.311889][T29758] ? netlink_unicast+0x810/0x810 [ 3045.316819][T29758] sock_sendmsg+0xd9/0x180 [ 3045.321225][T29758] ____sys_sendmsg+0x6ac/0x940 [ 3045.325979][T29758] ? copy_msghdr_from_user+0x10b/0x160 [ 3045.331430][T29758] ? kernel_sendmsg+0x50/0x50 [ 3045.336204][T29758] ? plist_check_list+0x1ae/0x280 [ 3045.341226][T29758] ? schedule+0xf1/0x1b0 [ 3045.345456][T29758] ___sys_sendmsg+0x135/0x1d0 [ 3045.350127][T29758] ? do_recvmmsg+0x740/0x740 [ 3045.354704][T29758] ? rcu_is_watching+0x12/0xb0 [ 3045.359463][T29758] ? rcu_is_watching+0x12/0xb0 [ 3045.364242][T29758] ? __fget_light+0xe6/0x260 [ 3045.368822][T29758] __sys_sendmsg+0x117/0x1e0 [ 3045.373407][T29758] ? __sys_sendmsg_sock+0x30/0x30 [ 3045.378424][T29758] ? xfd_validate_state+0x5d/0x180 [ 3045.383563][T29758] ? rcu_is_watching+0x12/0xb0 [ 3045.388314][T29758] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3045.394284][T29758] do_syscall_64+0x38/0xb0 [ 3045.398700][T29758] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3045.404589][T29758] RIP: 0033:0x7fc65907cae9 [ 3045.408988][T29758] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3045.428584][T29758] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3045.437069][T29758] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3045.445023][T29758] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3045.452980][T29758] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3045.460936][T29758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3045.468932][T29758] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3045.476895][T29758] [ 3045.493223][T29762] FAT-fs (loop4): Directory bread(block 64) failed [ 3045.508322][T29762] FAT-fs (loop4): Directory bread(block 65) failed [ 3045.514950][T29762] FAT-fs (loop4): Directory bread(block 66) failed [ 3045.525219][T29762] FAT-fs (loop4): Directory bread(block 67) failed [ 3045.547561][T29762] FAT-fs (loop4): Directory bread(block 68) failed [ 3045.555321][T29762] FAT-fs (loop4): Directory bread(block 69) failed [ 3045.564208][T29762] FAT-fs (loop4): Directory bread(block 70) failed [ 3045.571630][T29762] FAT-fs (loop4): Directory bread(block 71) failed [ 3045.580131][T29762] FAT-fs (loop4): Directory bread(block 72) failed 20:13:52 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 20:13:52 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmctl$SHM_LOCK(r0, 0xb) 20:13:52 executing program 5: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(0x0, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x7000) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) r3 = shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000561000/0x2000)=nil, 0x1000) r4 = shmget$private(0x0, 0x4000, 0x800, &(0x7f00009ff000/0x4000)=nil) shmat(r4, &(0x7f00000de000/0x4000)=nil, 0x0) shmat(r4, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_UNLOCK(0x0, 0xc) shmctl$SHM_LOCK(r3, 0xb) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x233000, 0x1000, 0x0, 0x1}, 0x20) mbind(&(0x7f00001b9000/0x4000)=nil, 0x4000, 0x4000, 0x0, 0xfffffffffffffffc, 0x10000000003) 20:13:52 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00'}) (async) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="4d7e0000000000000003002a00000008002f000000000005003600000000000c0005a1fa00000000000000050037000000000008000205", @ANYRES32=r4, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) (async) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="4d7e0000000000000003002a00000008002f000000000005003600000000000c0005a1fa00000000000000050037000000000008000205", @ANYRES32=r4, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) 20:13:52 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="140100002900010000000097ffffff0004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3045.593496][T29762] FAT-fs (loop4): Directory bread(block 73) failed [ 3045.629374][T29769] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3045.655949][T29769] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3045.664352][T29769] CPU: 0 PID: 29769 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3045.674464][T29769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3045.684560][T29769] Call Trace: [ 3045.687846][T29769] [ 3045.690777][T29769] dump_stack_lvl+0x125/0x1b0 [ 3045.695583][T29769] sysfs_warn_dup+0x7f/0xa0 [ 3045.700098][T29769] sysfs_do_create_link_sd+0x11e/0x140 [ 3045.705567][T29769] sysfs_create_link+0x61/0xc0 [ 3045.710345][T29769] device_add+0x669/0x1ac0 [ 3045.714778][T29769] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3045.721637][T29769] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3045.727531][T29769] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3045.733505][T29769] wiphy_register+0x2095/0x2ce0 [ 3045.738352][T29769] ? wiphy_unregister+0xb70/0xb70 [ 3045.743367][T29769] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3045.749421][T29769] ieee80211_register_hw+0x24d1/0x4250 [ 3045.754878][T29769] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3045.760416][T29769] ? rcu_is_watching+0x12/0xb0 [ 3045.765167][T29769] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3045.771135][T29769] ? __hrtimer_init+0x103/0x2c0 [ 3045.775979][T29769] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3045.781693][T29769] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3045.787421][T29769] ? rcu_is_watching+0x12/0xb0 [ 3045.792174][T29769] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3045.798060][T29769] hwsim_new_radio_nl+0xaf8/0x1240 [ 3045.803163][T29769] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3045.809045][T29769] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3045.816409][T29769] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3045.823777][T29769] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3045.829322][T29769] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3045.836689][T29769] ? ns_capable+0xd5/0x110 [ 3045.841095][T29769] genl_rcv_msg+0x55c/0x800 [ 3045.845595][T29769] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3045.851482][T29769] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3045.857396][T29769] netlink_rcv_skb+0x16b/0x440 [ 3045.862153][T29769] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3045.868040][T29769] ? netlink_ack+0x1370/0x1370 [ 3045.872796][T29769] ? rcu_is_watching+0x12/0xb0 [ 3045.877553][T29769] ? down_write+0x200/0x200 [ 3045.882049][T29769] ? netlink_deliver_tap+0x1b1/0xd10 [ 3045.887327][T29769] genl_rcv+0x28/0x40 [ 3045.891306][T29769] netlink_unicast+0x536/0x810 [ 3045.896069][T29769] ? netlink_attachskb+0x870/0x870 [ 3045.901176][T29769] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3045.907065][T29769] ? __phys_addr_symbol+0x30/0x70 [ 3045.912078][T29769] ? __check_object_size+0x323/0x730 [ 3045.917357][T29769] netlink_sendmsg+0x93c/0xe40 [ 3045.922123][T29769] ? netlink_unicast+0x810/0x810 [ 3045.927077][T29769] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3045.932381][T29769] ? netlink_unicast+0x810/0x810 [ 3045.937310][T29769] sock_sendmsg+0xd9/0x180 [ 3045.941719][T29769] ____sys_sendmsg+0x6ac/0x940 [ 3045.946494][T29769] ? copy_msghdr_from_user+0x10b/0x160 [ 3045.951969][T29769] ? kernel_sendmsg+0x50/0x50 [ 3045.956722][T29769] ? plist_check_list+0x1ae/0x280 [ 3045.961741][T29769] ? schedule+0xf1/0x1b0 [ 3045.965971][T29769] ___sys_sendmsg+0x135/0x1d0 [ 3045.970641][T29769] ? do_recvmmsg+0x740/0x740 [ 3045.975219][T29769] ? rcu_is_watching+0x12/0xb0 [ 3045.979974][T29769] ? rcu_is_watching+0x12/0xb0 [ 3045.984727][T29769] ? __fget_light+0xe6/0x260 [ 3045.989306][T29769] __sys_sendmsg+0x117/0x1e0 [ 3045.993890][T29769] ? __sys_sendmsg_sock+0x30/0x30 [ 3045.998911][T29769] ? xfd_validate_state+0x5d/0x180 [ 3046.004044][T29769] ? rcu_is_watching+0x12/0xb0 [ 3046.008793][T29769] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3046.014784][T29769] do_syscall_64+0x38/0xb0 [ 3046.019197][T29769] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3046.025086][T29769] RIP: 0033:0x7fc65907cae9 [ 3046.029492][T29769] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3046.049091][T29769] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e 20:13:53 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_LOCK(r0, 0xb) [ 3046.057499][T29769] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3046.065472][T29769] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3046.073540][T29769] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3046.081506][T29769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3046.090092][T29769] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3046.098056][T29769] 20:13:53 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000780)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1bb20000004fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6cf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000dd57a78fe92933e370bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66caa3486c8df5cbf437d2ed2266558fabf1a3f8b032cfd974cbb62ff5345332b8d3310d772b52ee67e20895b0af4b2868d9e93f831032", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) bind$l2tp6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}, 0x3, 0x3}, 0x20) ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82307201, &(0x7f0000000540)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) 20:13:53 executing program 5: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x7000) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) r3 = shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000561000/0x2000)=nil, 0x1000) r4 = shmget$private(0x0, 0x4000, 0x800, &(0x7f00009ff000/0x4000)=nil) shmat(r4, &(0x7f00000de000/0x4000)=nil, 0x0) shmat(r4, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_UNLOCK(0x0, 0xc) shmctl$SHM_LOCK(r3, 0xb) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x233000, 0x1000, 0x0, 0x1}, 0x20) mbind(&(0x7f00001b9000/0x4000)=nil, 0x4000, 0x4000, 0x0, 0xfffffffffffffffc, 0x10000000003) 20:13:53 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmctl$SHM_LOCK(r0, 0xb) 20:13:53 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="4d7e0000000000000003002a00000008002f000000000005003600000000000c0005a1fa00000000000000050037000000000008000205", @ANYRES32=r4, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) 20:13:53 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="14010000290001000000009effffff0004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:13:53 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmctl$SHM_LOCK(r0, 0xb) [ 3046.224074][T29786] syz-executor.4[29786]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3046.255717][T29786] loop4: detected capacity change from 0 to 256 [ 3046.306875][T29788] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3046.332795][T29788] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3046.342833][T29788] CPU: 0 PID: 29788 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3046.352905][T29788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3046.362970][T29788] Call Trace: [ 3046.366281][T29788] [ 3046.369207][T29788] dump_stack_lvl+0x125/0x1b0 [ 3046.373896][T29788] sysfs_warn_dup+0x7f/0xa0 [ 3046.378410][T29788] sysfs_do_create_link_sd+0x11e/0x140 [ 3046.383445][T29786] FAT-fs (loop4): Directory bread(block 64) failed [ 3046.383902][T29788] sysfs_create_link+0x61/0xc0 [ 3046.390495][T29786] FAT-fs (loop4): Directory bread(block 65) failed [ 3046.395116][T29788] device_add+0x669/0x1ac0 [ 3046.406047][T29788] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3046.412898][T29788] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3046.418790][T29788] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3046.424760][T29788] wiphy_register+0x2095/0x2ce0 [ 3046.429604][T29788] ? wiphy_unregister+0xb70/0xb70 [ 3046.434636][T29788] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3046.440699][T29788] ieee80211_register_hw+0x24d1/0x4250 [ 3046.446154][T29788] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3046.451691][T29788] ? rcu_is_watching+0x12/0xb0 [ 3046.456439][T29788] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3046.462405][T29788] ? __hrtimer_init+0x103/0x2c0 [ 3046.467247][T29788] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3046.472969][T29788] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3046.478681][T29788] ? rcu_is_watching+0x12/0xb0 [ 3046.483431][T29788] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3046.489310][T29788] hwsim_new_radio_nl+0xaf8/0x1240 [ 3046.494410][T29788] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3046.500314][T29788] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3046.507682][T29788] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3046.515049][T29788] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3046.520614][T29788] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3046.527981][T29788] ? ns_capable+0xd5/0x110 [ 3046.532407][T29788] genl_rcv_msg+0x55c/0x800 [ 3046.536906][T29788] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3046.542797][T29788] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3046.548713][T29788] netlink_rcv_skb+0x16b/0x440 [ 3046.553482][T29788] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3046.559382][T29788] ? netlink_ack+0x1370/0x1370 [ 3046.564577][T29788] ? rcu_is_watching+0x12/0xb0 [ 3046.569334][T29788] ? down_write+0x200/0x200 [ 3046.573848][T29788] ? netlink_deliver_tap+0x1b1/0xd10 [ 3046.579136][T29788] genl_rcv+0x28/0x40 [ 3046.583115][T29788] netlink_unicast+0x536/0x810 [ 3046.587901][T29788] ? netlink_attachskb+0x870/0x870 [ 3046.593028][T29788] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3046.598940][T29788] ? __phys_addr_symbol+0x30/0x70 [ 3046.603968][T29788] ? __check_object_size+0x323/0x730 [ 3046.609257][T29788] netlink_sendmsg+0x93c/0xe40 [ 3046.614049][T29788] ? netlink_unicast+0x810/0x810 [ 3046.618994][T29788] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3046.624277][T29788] ? netlink_unicast+0x810/0x810 [ 3046.629210][T29788] sock_sendmsg+0xd9/0x180 [ 3046.633641][T29788] ____sys_sendmsg+0x6ac/0x940 [ 3046.638424][T29788] ? copy_msghdr_from_user+0x10b/0x160 [ 3046.643911][T29788] ? kernel_sendmsg+0x50/0x50 [ 3046.648767][T29788] ? plist_check_list+0x1ae/0x280 [ 3046.653794][T29788] ? schedule+0xf1/0x1b0 [ 3046.658042][T29788] ___sys_sendmsg+0x135/0x1d0 [ 3046.662723][T29788] ? do_recvmmsg+0x740/0x740 [ 3046.667311][T29788] ? rcu_is_watching+0x12/0xb0 [ 3046.672075][T29788] ? rcu_is_watching+0x12/0xb0 [ 3046.676843][T29788] ? __fget_light+0xe6/0x260 [ 3046.681434][T29788] __sys_sendmsg+0x117/0x1e0 [ 3046.686031][T29788] ? __sys_sendmsg_sock+0x30/0x30 [ 3046.691051][T29788] ? xfd_validate_state+0x5d/0x180 [ 3046.696199][T29788] ? rcu_is_watching+0x12/0xb0 [ 3046.700961][T29788] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3046.706966][T29788] do_syscall_64+0x38/0xb0 [ 3046.711392][T29788] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3046.717307][T29788] RIP: 0033:0x7fc65907cae9 [ 3046.721709][T29788] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3046.741313][T29788] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3046.749722][T29788] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3046.757679][T29788] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3046.765638][T29788] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3046.773598][T29788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3046.781561][T29788] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3046.789532][T29788] [ 3046.798575][T29786] FAT-fs (loop4): Directory bread(block 66) failed [ 3046.811461][T29786] FAT-fs (loop4): Directory bread(block 67) failed [ 3046.822140][T29786] FAT-fs (loop4): Directory bread(block 68) failed [ 3046.829500][T29786] FAT-fs (loop4): Directory bread(block 69) failed [ 3046.836229][T29786] FAT-fs (loop4): Directory bread(block 70) failed [ 3046.843108][T29786] FAT-fs (loop4): Directory bread(block 71) failed [ 3046.850132][T29786] FAT-fs (loop4): Directory bread(block 72) failed [ 3046.856744][T29786] FAT-fs (loop4): Directory bread(block 73) failed 20:13:54 executing program 0: shmctl$SHM_LOCK(0x0, 0xb) 20:13:54 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_KEY(r6, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x44, r2, 0x10, 0x70bd2a, 0x25dfdbfe, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x2}, @IEEE802154_ATTR_SHORT_ADDR={0x6}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x7e}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40040}, 0x4000) sendmsg$NLBL_MGMT_C_LISTALL(r5, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x30, 0x0, 0x800, 0x70bd26, 0x25dfdbfe, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_DOMAIN={0xa, 0x1, 'wpan1\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @local}]}, 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x40004) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) 20:13:54 executing program 5: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x0) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x7000) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) r3 = shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000561000/0x2000)=nil, 0x1000) r4 = shmget$private(0x0, 0x4000, 0x800, &(0x7f00009ff000/0x4000)=nil) shmat(r4, &(0x7f00000de000/0x4000)=nil, 0x0) shmat(r4, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_UNLOCK(0x0, 0xc) shmctl$SHM_LOCK(r3, 0xb) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x233000, 0x1000, 0x0, 0x1}, 0x20) mbind(&(0x7f00001b9000/0x4000)=nil, 0x4000, 0x4000, 0x0, 0xfffffffffffffffc, 0x10000000003) 20:13:54 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000e4ffffff0004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:13:54 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000780)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1bb20000004fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6cf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000dd57a78fe92933e370bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66caa3486c8df5cbf437d2ed2266558fabf1a3f8b032cfd974cbb62ff5345332b8d3310d772b52ee67e20895b0af4b2868d9e93f831032", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) (async) bind$l2tp6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}, 0x3, 0x3}, 0x20) (async, rerun: 32) ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82307201, &(0x7f0000000540)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) (rerun: 32) 20:13:54 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 20:13:54 executing program 0: shmctl$SHM_LOCK(0x0, 0xb) [ 3046.936608][T29796] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3046.969670][T29801] syz-executor.4[29801]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set 20:13:54 executing program 0: shmctl$SHM_LOCK(0x0, 0xb) [ 3046.988858][T29796] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3047.026682][T29801] loop4: detected capacity change from 0 to 256 [ 3047.041598][T29796] CPU: 1 PID: 29796 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3047.051686][T29796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3047.061747][T29796] Call Trace: [ 3047.065027][T29796] [ 3047.068001][T29796] dump_stack_lvl+0x125/0x1b0 [ 3047.072739][T29796] sysfs_warn_dup+0x7f/0xa0 [ 3047.077264][T29796] sysfs_do_create_link_sd+0x11e/0x140 [ 3047.082741][T29796] sysfs_create_link+0x61/0xc0 [ 3047.087527][T29796] device_add+0x669/0x1ac0 [ 3047.091969][T29796] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3047.098813][T29796] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3047.104722][T29796] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3047.110696][T29796] wiphy_register+0x2095/0x2ce0 [ 3047.115572][T29796] ? wiphy_unregister+0xb70/0xb70 [ 3047.120593][T29796] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3047.126660][T29796] ieee80211_register_hw+0x24d1/0x4250 [ 3047.132126][T29796] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3047.137678][T29796] ? rcu_is_watching+0x12/0xb0 [ 3047.142439][T29796] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3047.148409][T29796] ? __hrtimer_init+0x103/0x2c0 [ 3047.153281][T29796] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3047.158996][T29796] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3047.164705][T29796] ? rcu_is_watching+0x12/0xb0 [ 3047.169453][T29796] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3047.175332][T29796] hwsim_new_radio_nl+0xaf8/0x1240 [ 3047.180434][T29796] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3047.186320][T29796] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3047.194031][T29796] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3047.201403][T29796] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3047.206948][T29796] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3047.214321][T29796] ? ns_capable+0xd5/0x110 [ 3047.218735][T29796] genl_rcv_msg+0x55c/0x800 [ 3047.223252][T29796] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3047.229159][T29796] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3047.235042][T29796] netlink_rcv_skb+0x16b/0x440 [ 3047.239800][T29796] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3047.245720][T29796] ? netlink_ack+0x1370/0x1370 [ 3047.250476][T29796] ? rcu_is_watching+0x12/0xb0 [ 3047.255234][T29796] ? down_write+0x200/0x200 [ 3047.259724][T29796] ? netlink_deliver_tap+0x1b1/0xd10 [ 3047.265002][T29796] genl_rcv+0x28/0x40 [ 3047.268975][T29796] netlink_unicast+0x536/0x810 [ 3047.273730][T29796] ? netlink_attachskb+0x870/0x870 [ 3047.278866][T29796] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3047.284753][T29796] ? __phys_addr_symbol+0x30/0x70 [ 3047.289768][T29796] ? __check_object_size+0x323/0x730 [ 3047.295049][T29796] netlink_sendmsg+0x93c/0xe40 [ 3047.299810][T29796] ? netlink_unicast+0x810/0x810 [ 3047.304763][T29796] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3047.310046][T29796] ? netlink_unicast+0x810/0x810 [ 3047.314978][T29796] sock_sendmsg+0xd9/0x180 [ 3047.320081][T29796] ____sys_sendmsg+0x6ac/0x940 [ 3047.324840][T29796] ? copy_msghdr_from_user+0x10b/0x160 [ 3047.330293][T29796] ? kernel_sendmsg+0x50/0x50 [ 3047.335072][T29796] ? plist_check_list+0x1ae/0x280 [ 3047.340102][T29796] ? schedule+0xf1/0x1b0 [ 3047.344334][T29796] ___sys_sendmsg+0x135/0x1d0 [ 3047.349010][T29796] ? do_recvmmsg+0x740/0x740 [ 3047.353592][T29796] ? rcu_is_watching+0x12/0xb0 [ 3047.358437][T29796] ? rcu_is_watching+0x12/0xb0 [ 3047.363214][T29796] ? __fget_light+0xe6/0x260 [ 3047.367793][T29796] __sys_sendmsg+0x117/0x1e0 [ 3047.372376][T29796] ? __sys_sendmsg_sock+0x30/0x30 [ 3047.377390][T29796] ? xfd_validate_state+0x5d/0x180 [ 3047.382497][T29796] ? rcu_is_watching+0x12/0xb0 [ 3047.387260][T29796] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3047.393230][T29796] do_syscall_64+0x38/0xb0 [ 3047.397645][T29796] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3047.403537][T29796] RIP: 0033:0x7fc65907cae9 [ 3047.407939][T29796] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3047.427542][T29796] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3047.435953][T29796] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 20:13:54 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil) shmctl$SHM_LOCK(r0, 0xb) [ 3047.443911][T29796] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3047.451868][T29796] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3047.459825][T29796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3047.467783][T29796] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3047.475749][T29796] 20:13:54 executing program 0: shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil) shmctl$SHM_LOCK(0x0, 0xb) 20:13:54 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000f0ffffff0004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:13:54 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000e4ffffff0004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3047.503562][T29801] FAT-fs (loop4): Directory bread(block 64) failed [ 3047.516800][T29801] FAT-fs (loop4): Directory bread(block 65) failed [ 3047.540687][T29801] FAT-fs (loop4): Directory bread(block 66) failed 20:13:54 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) (async, rerun: 32) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_KEY(r6, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x44, r2, 0x10, 0x70bd2a, 0x25dfdbfe, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x2}, @IEEE802154_ATTR_SHORT_ADDR={0x6}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x7e}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40040}, 0x4000) (async) sendmsg$NLBL_MGMT_C_LISTALL(r5, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x30, 0x0, 0x800, 0x70bd26, 0x25dfdbfe, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_DOMAIN={0xa, 0x1, 'wpan1\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @local}]}, 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x40004) (async) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) [ 3047.549738][T29801] FAT-fs (loop4): Directory bread(block 67) failed [ 3047.578592][T29812] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3047.590802][T29801] FAT-fs (loop4): Directory bread(block 68) failed [ 3047.604651][T29801] FAT-fs (loop4): Directory bread(block 69) failed [ 3047.613855][T29801] FAT-fs (loop4): Directory bread(block 70) failed [ 3047.620733][T29801] FAT-fs (loop4): Directory bread(block 71) failed [ 3047.634391][T29801] FAT-fs (loop4): Directory bread(block 72) failed [ 3047.644061][T29801] FAT-fs (loop4): Directory bread(block 73) failed [ 3047.652106][T29812] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' 20:13:55 executing program 0: shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil) shmctl$SHM_LOCK(0x0, 0xb) 20:13:55 executing program 0: shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil) shmctl$SHM_LOCK(0x0, 0xb) [ 3047.683212][T29812] CPU: 1 PID: 29812 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3047.693397][T29812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3047.703472][T29812] Call Trace: [ 3047.706760][T29812] [ 3047.709695][T29812] dump_stack_lvl+0x125/0x1b0 [ 3047.714389][T29812] sysfs_warn_dup+0x7f/0xa0 [ 3047.718911][T29812] sysfs_do_create_link_sd+0x11e/0x140 [ 3047.724392][T29812] sysfs_create_link+0x61/0xc0 [ 3047.729166][T29812] device_add+0x669/0x1ac0 20:13:55 executing program 0: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="14010000290001000000009effffff0004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3047.733706][T29812] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3047.740584][T29812] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3047.746499][T29812] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3047.752490][T29812] wiphy_register+0x2095/0x2ce0 [ 3047.757348][T29812] ? wiphy_unregister+0xb70/0xb70 [ 3047.762381][T29812] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3047.768468][T29812] ieee80211_register_hw+0x24d1/0x4250 [ 3047.773957][T29812] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3047.779519][T29812] ? rcu_is_watching+0x12/0xb0 [ 3047.784285][T29812] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3047.790272][T29812] ? __hrtimer_init+0x103/0x2c0 [ 3047.795342][T29812] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3047.801065][T29812] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3047.806776][T29812] ? rcu_is_watching+0x12/0xb0 [ 3047.811531][T29812] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3047.818539][T29812] hwsim_new_radio_nl+0xaf8/0x1240 [ 3047.823639][T29812] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3047.829550][T29812] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3047.836920][T29812] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3047.844315][T29812] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3047.849852][T29812] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3047.857233][T29812] ? ns_capable+0xd5/0x110 [ 3047.861660][T29812] genl_rcv_msg+0x55c/0x800 [ 3047.866198][T29812] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3047.872091][T29812] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3047.877976][T29812] netlink_rcv_skb+0x16b/0x440 [ 3047.882741][T29812] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3047.888658][T29812] ? netlink_ack+0x1370/0x1370 [ 3047.893431][T29812] ? rcu_is_watching+0x12/0xb0 [ 3047.898185][T29812] ? down_write+0x200/0x200 [ 3047.902670][T29812] ? netlink_deliver_tap+0x1b1/0xd10 [ 3047.907959][T29812] genl_rcv+0x28/0x40 [ 3047.911928][T29812] netlink_unicast+0x536/0x810 [ 3047.916689][T29812] ? netlink_attachskb+0x870/0x870 [ 3047.921796][T29812] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3047.927678][T29812] ? __phys_addr_symbol+0x30/0x70 [ 3047.932730][T29812] ? __check_object_size+0x323/0x730 [ 3047.938054][T29812] netlink_sendmsg+0x93c/0xe40 [ 3047.942839][T29812] ? netlink_unicast+0x810/0x810 [ 3047.947790][T29812] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3047.953065][T29812] ? netlink_unicast+0x810/0x810 [ 3047.957997][T29812] sock_sendmsg+0xd9/0x180 [ 3047.962419][T29812] ____sys_sendmsg+0x6ac/0x940 [ 3047.967174][T29812] ? copy_msghdr_from_user+0x10b/0x160 [ 3047.972630][T29812] ? kernel_sendmsg+0x50/0x50 [ 3047.977310][T29812] ? plist_check_list+0x1ae/0x280 [ 3047.982459][T29812] ? schedule+0xf1/0x1b0 [ 3047.986767][T29812] ___sys_sendmsg+0x135/0x1d0 [ 3047.991457][T29812] ? do_recvmmsg+0x740/0x740 [ 3047.996043][T29812] ? rcu_is_watching+0x12/0xb0 [ 3048.000798][T29812] ? rcu_is_watching+0x12/0xb0 [ 3048.005587][T29812] ? __fget_light+0xe6/0x260 [ 3048.010169][T29812] __sys_sendmsg+0x117/0x1e0 [ 3048.014751][T29812] ? __sys_sendmsg_sock+0x30/0x30 [ 3048.019772][T29812] ? xfd_validate_state+0x5d/0x180 [ 3048.024929][T29812] ? rcu_is_watching+0x12/0xb0 [ 3048.029682][T29812] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3048.035651][T29812] do_syscall_64+0x38/0xb0 [ 3048.040094][T29812] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3048.046012][T29812] RIP: 0033:0x7fc65907cae9 [ 3048.050415][T29812] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3048.070111][T29812] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3048.078544][T29812] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3048.086501][T29812] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3048.094469][T29812] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3048.102539][T29812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3048.110499][T29812] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3048.118469][T29812] [ 3048.132813][T29818] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3048.144313][T29818] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3048.155263][T29818] CPU: 1 PID: 29818 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3048.165341][T29818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3048.175385][T29818] Call Trace: [ 3048.178653][T29818] [ 3048.181572][T29818] dump_stack_lvl+0x125/0x1b0 [ 3048.186248][T29818] sysfs_warn_dup+0x7f/0xa0 [ 3048.190746][T29818] sysfs_do_create_link_sd+0x11e/0x140 [ 3048.196209][T29818] sysfs_create_link+0x61/0xc0 [ 3048.200980][T29818] device_add+0x669/0x1ac0 [ 3048.205399][T29818] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3048.212247][T29818] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3048.218151][T29818] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3048.224128][T29818] wiphy_register+0x2095/0x2ce0 [ 3048.228974][T29818] ? wiphy_unregister+0xb70/0xb70 [ 3048.234006][T29818] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3048.240064][T29818] ieee80211_register_hw+0x24d1/0x4250 [ 3048.245537][T29818] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3048.251082][T29818] ? rcu_is_watching+0x12/0xb0 [ 3048.255834][T29818] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3048.261809][T29818] ? __hrtimer_init+0x103/0x2c0 [ 3048.266652][T29818] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3048.272390][T29818] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3048.278100][T29818] ? rcu_is_watching+0x12/0xb0 [ 3048.282851][T29818] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3048.288754][T29818] hwsim_new_radio_nl+0xaf8/0x1240 [ 3048.294833][T29818] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3048.300729][T29818] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3048.308101][T29818] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3048.315473][T29818] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3048.321023][T29818] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3048.328422][T29818] ? ns_capable+0xd5/0x110 [ 3048.332833][T29818] genl_rcv_msg+0x55c/0x800 [ 3048.337339][T29818] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3048.343230][T29818] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3048.349118][T29818] netlink_rcv_skb+0x16b/0x440 [ 3048.353874][T29818] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3048.359763][T29818] ? netlink_ack+0x1370/0x1370 [ 3048.364523][T29818] ? rcu_is_watching+0x12/0xb0 [ 3048.369279][T29818] ? down_write+0x200/0x200 [ 3048.373770][T29818] ? netlink_deliver_tap+0x1b1/0xd10 [ 3048.379046][T29818] genl_rcv+0x28/0x40 [ 3048.383022][T29818] netlink_unicast+0x536/0x810 [ 3048.387781][T29818] ? netlink_attachskb+0x870/0x870 [ 3048.392898][T29818] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3048.398795][T29818] ? __phys_addr_symbol+0x30/0x70 [ 3048.403836][T29818] ? __check_object_size+0x323/0x730 [ 3048.409113][T29818] netlink_sendmsg+0x93c/0xe40 [ 3048.413873][T29818] ? netlink_unicast+0x810/0x810 [ 3048.418809][T29818] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3048.424090][T29818] ? netlink_unicast+0x810/0x810 [ 3048.429020][T29818] sock_sendmsg+0xd9/0x180 [ 3048.433431][T29818] ____sys_sendmsg+0x6ac/0x940 [ 3048.438214][T29818] ? copy_msghdr_from_user+0x10b/0x160 [ 3048.443669][T29818] ? kernel_sendmsg+0x50/0x50 [ 3048.448340][T29818] ? plist_check_list+0x1ae/0x280 [ 3048.453359][T29818] ? schedule+0xf1/0x1b0 [ 3048.457591][T29818] ___sys_sendmsg+0x135/0x1d0 [ 3048.462268][T29818] ? do_recvmmsg+0x740/0x740 [ 3048.466849][T29818] ? rcu_is_watching+0x12/0xb0 [ 3048.471610][T29818] ? rcu_is_watching+0x12/0xb0 [ 3048.476373][T29818] ? __fget_light+0xe6/0x260 [ 3048.480957][T29818] __sys_sendmsg+0x117/0x1e0 [ 3048.485543][T29818] ? __sys_sendmsg_sock+0x30/0x30 [ 3048.490559][T29818] ? xfd_validate_state+0x5d/0x180 [ 3048.495669][T29818] ? rcu_is_watching+0x12/0xb0 [ 3048.500418][T29818] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3048.506385][T29818] do_syscall_64+0x38/0xb0 [ 3048.510795][T29818] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3048.516687][T29818] RIP: 0033:0x7fc66767cae9 [ 3048.521088][T29818] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3048.540682][T29818] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3048.549083][T29818] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3048.557050][T29818] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3048.565028][T29818] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 [ 3048.573537][T29818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3048.581525][T29818] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3048.589503][T29818] [ 3048.605629][T29830] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3048.618976][T29830] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3048.653750][T29830] CPU: 0 PID: 29830 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3048.663925][T29830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3048.673980][T29830] Call Trace: [ 3048.677261][T29830] [ 3048.680190][T29830] dump_stack_lvl+0x125/0x1b0 [ 3048.684889][T29830] sysfs_warn_dup+0x7f/0xa0 [ 3048.689848][T29830] sysfs_do_create_link_sd+0x11e/0x140 [ 3048.695355][T29830] sysfs_create_link+0x61/0xc0 [ 3048.700146][T29830] device_add+0x669/0x1ac0 [ 3048.704589][T29830] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3048.711462][T29830] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3048.717381][T29830] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3048.723382][T29830] wiphy_register+0x2095/0x2ce0 [ 3048.728269][T29830] ? wiphy_unregister+0xb70/0xb70 [ 3048.733348][T29830] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3048.739413][T29830] ieee80211_register_hw+0x24d1/0x4250 [ 3048.744901][T29830] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3048.750442][T29830] ? rcu_is_watching+0x12/0xb0 [ 3048.755196][T29830] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3048.761177][T29830] ? __hrtimer_init+0x103/0x2c0 [ 3048.766023][T29830] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3048.771760][T29830] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3048.777629][T29830] ? rcu_is_watching+0x12/0xb0 [ 3048.782427][T29830] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3048.788317][T29830] hwsim_new_radio_nl+0xaf8/0x1240 [ 3048.793425][T29830] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3048.799312][T29830] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3048.806675][T29830] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3048.814046][T29830] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3048.819624][T29830] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3048.826996][T29830] ? ns_capable+0xd5/0x110 [ 3048.831411][T29830] genl_rcv_msg+0x55c/0x800 [ 3048.835909][T29830] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3048.841796][T29830] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3048.847681][T29830] netlink_rcv_skb+0x16b/0x440 [ 3048.852438][T29830] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3048.858326][T29830] ? netlink_ack+0x1370/0x1370 [ 3048.863082][T29830] ? rcu_is_watching+0x12/0xb0 [ 3048.868022][T29830] ? down_write+0x200/0x200 [ 3048.872517][T29830] ? netlink_deliver_tap+0x1b1/0xd10 [ 3048.877798][T29830] genl_rcv+0x28/0x40 [ 3048.881774][T29830] netlink_unicast+0x536/0x810 [ 3048.886536][T29830] ? netlink_attachskb+0x870/0x870 [ 3048.891635][T29830] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3048.897525][T29830] ? __phys_addr_symbol+0x30/0x70 [ 3048.902541][T29830] ? __check_object_size+0x323/0x730 [ 3048.907822][T29830] netlink_sendmsg+0x93c/0xe40 [ 3048.912606][T29830] ? netlink_unicast+0x810/0x810 [ 3048.917566][T29830] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3048.922847][T29830] ? netlink_unicast+0x810/0x810 [ 3048.927779][T29830] sock_sendmsg+0xd9/0x180 [ 3048.932185][T29830] ____sys_sendmsg+0x6ac/0x940 [ 3048.936937][T29830] ? copy_msghdr_from_user+0x10b/0x160 [ 3048.942385][T29830] ? kernel_sendmsg+0x50/0x50 [ 3048.947053][T29830] ? plist_check_list+0x1ae/0x280 [ 3048.952070][T29830] ? schedule+0xf1/0x1b0 [ 3048.956301][T29830] ___sys_sendmsg+0x135/0x1d0 [ 3048.960972][T29830] ? do_recvmmsg+0x740/0x740 [ 3048.965557][T29830] ? rcu_is_watching+0x12/0xb0 [ 3048.970323][T29830] ? rcu_is_watching+0x12/0xb0 [ 3048.975076][T29830] ? __fget_light+0xe6/0x260 [ 3048.979662][T29830] __sys_sendmsg+0x117/0x1e0 [ 3048.984244][T29830] ? __sys_sendmsg_sock+0x30/0x30 [ 3048.989267][T29830] ? xfd_validate_state+0x5d/0x180 [ 3048.994381][T29830] ? rcu_is_watching+0x12/0xb0 [ 3048.999133][T29830] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3049.005108][T29830] do_syscall_64+0x38/0xb0 [ 3049.009524][T29830] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3049.015414][T29830] RIP: 0033:0x7f1773a7cae9 [ 3049.019817][T29830] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3049.039433][T29830] RSP: 002b:00007f177476b0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e 20:13:55 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000780)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1bb20000004fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6cf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000dd57a78fe92933e370bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66caa3486c8df5cbf437d2ed2266558fabf1a3f8b032cfd974cbb62ff5345332b8d3310d772b52ee67e20895b0af4b2868d9e93f831032", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) (async, rerun: 64) bind$l2tp6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}, 0x3, 0x3}, 0x20) (async, rerun: 64) ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82307201, &(0x7f0000000540)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) 20:13:55 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 20:13:55 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000fdffffff0004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:13:55 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_KEY(r6, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x44, r2, 0x10, 0x70bd2a, 0x25dfdbfe, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x2}, @IEEE802154_ATTR_SHORT_ADDR={0x6}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x7e}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40040}, 0x4000) (async) sendmsg$IEEE802154_LLSEC_DEL_KEY(r6, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x44, r2, 0x10, 0x70bd2a, 0x25dfdbfe, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x2}, @IEEE802154_ATTR_SHORT_ADDR={0x6}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x7e}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40040}, 0x4000) sendmsg$NLBL_MGMT_C_LISTALL(r5, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x30, 0x0, 0x800, 0x70bd26, 0x25dfdbfe, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_DOMAIN={0xa, 0x1, 'wpan1\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @local}]}, 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x40004) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) [ 3049.047839][T29830] RAX: ffffffffffffffda RBX: 00007f1773b9bf80 RCX: 00007f1773a7cae9 [ 3049.055795][T29830] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3049.063759][T29830] RBP: 00007f1773ac847a R08: 0000000000000000 R09: 0000000000000000 [ 3049.071900][T29830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3049.079872][T29830] R13: 000000000000000b R14: 00007f1773b9bf80 R15: 00007ffc226675b8 [ 3049.087850][T29830] 20:13:56 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000e4ffffff0004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3049.105562][T29833] syz-executor.4[29833]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3049.144906][T29833] loop4: detected capacity change from 0 to 256 20:13:56 executing program 0: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="14010000290001000000009effffff0004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3049.170289][T29833] FAT-fs (loop4): Directory bread(block 64) failed [ 3049.177224][T29837] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3049.190526][T29833] FAT-fs (loop4): Directory bread(block 65) failed [ 3049.198597][T29837] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3049.206523][T29837] CPU: 0 PID: 29837 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3049.215005][T29833] FAT-fs (loop4): Directory bread(block 66) failed [ 3049.216573][T29837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3049.216585][T29837] Call Trace: [ 3049.216592][T29837] [ 3049.216598][T29837] dump_stack_lvl+0x125/0x1b0 [ 3049.223878][T29833] FAT-fs (loop4): Directory bread(block 67) failed [ 3049.233105][T29837] sysfs_warn_dup+0x7f/0xa0 [ 3049.233153][T29837] sysfs_do_create_link_sd+0x11e/0x140 [ 3049.233183][T29837] sysfs_create_link+0x61/0xc0 [ 3049.233211][T29837] device_add+0x669/0x1ac0 [ 3049.233248][T29837] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3049.233284][T29837] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3049.233323][T29837] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3049.233354][T29837] wiphy_register+0x2095/0x2ce0 [ 3049.233382][T29837] ? wiphy_unregister+0xb70/0xb70 [ 3049.233409][T29837] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3049.241109][T29833] FAT-fs (loop4): Directory bread(block 68) failed [ 3049.244257][T29837] ieee80211_register_hw+0x24d1/0x4250 [ 3049.244304][T29837] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3049.252803][T29833] FAT-fs (loop4): Directory bread(block 69) failed [ 3049.256003][T29837] ? rcu_is_watching+0x12/0xb0 [ 3049.256034][T29837] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3049.262066][T29833] FAT-fs (loop4): Directory bread(block 70) failed [ 3049.266198][T29837] ? __hrtimer_init+0x103/0x2c0 [ 3049.266230][T29837] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3049.273005][T29833] FAT-fs (loop4): Directory bread(block 71) failed [ 3049.277449][T29837] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 20:13:56 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") r1 = syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) r2 = open(&(0x7f00000002c0)='./file0\x00', 0x200, 0x84) ioctl$VFAT_IOCTL_READDIR_SHORT(r2, 0x82307202, &(0x7f0000000540)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), r1) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000780)={'batadv0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f00000007c0)={'wg2\x00', 0x0}) r6 = socket(0x11, 0x800000003, 0x0) bind(r6, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r6, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r8 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r8, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x66}}]}, 0x78}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000800)={'batadv0\x00', 0x0}) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r2, &(0x7f0000000880)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000840)={&(0x7f0000000c80)={0x150, r3, 0x2, 0x70bd28, 0x25dfdbfb, {}, [@HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x150}, 0x1, 0x0, 0x0, 0x80}, 0x80) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f0000000e00)=ANY=[@ANYBLOB="140000003e0000032dbd7000ffdbdf250a00000035509718f61109add3c2844ca5abbf885258e69d1f39bc22869a4625ab0b382c69f17ca985c57e7f7c04634b2d0f4719e91b8863d9a9374b2942f154ee578bcfc465ccc2a7788a0b2d2c3107b20e54d885cc3609063405c19591789a106c86346b55cefc570fbdecfbf6b6118fefae21e5b6e3d20c5df97842cde04875fd4f429c036691d464b9ad0db96decad07d0971c19d52edcd121d7dc93ea32011b3c201b95bc03ce6d27a2222c9a49e2ebbea608235493ea39e4e17951bcae8eda0c9575261ec8d1d1d58da0c0fc0d16f9ec27c86d"], 0x14}, 0x1, 0x0, 0x0, 0x24000880}, 0x1) [ 3049.277474][T29837] ? rcu_is_watching+0x12/0xb0 [ 3049.277494][T29837] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3049.283947][T29833] FAT-fs (loop4): Directory bread(block 72) failed [ 3049.289314][T29837] hwsim_new_radio_nl+0xaf8/0x1240 [ 3049.289343][T29837] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3049.289369][T29837] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3049.289401][T29837] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3049.294930][T29833] FAT-fs (loop4): Directory bread(block 73) failed [ 3049.299238][T29837] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3049.299275][T29837] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3049.431594][T29837] ? ns_capable+0xd5/0x110 [ 3049.436068][T29837] genl_rcv_msg+0x55c/0x800 [ 3049.440594][T29837] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3049.446479][T29837] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3049.452361][T29837] netlink_rcv_skb+0x16b/0x440 [ 3049.457140][T29837] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3049.463063][T29837] ? netlink_ack+0x1370/0x1370 [ 3049.467834][T29837] ? rcu_is_watching+0x12/0xb0 [ 3049.472621][T29837] ? down_write+0x200/0x200 [ 3049.477120][T29837] ? netlink_deliver_tap+0x1b1/0xd10 [ 3049.482407][T29837] genl_rcv+0x28/0x40 [ 3049.486387][T29837] netlink_unicast+0x536/0x810 [ 3049.491376][T29837] ? netlink_attachskb+0x870/0x870 [ 3049.496491][T29837] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3049.502559][T29837] ? __phys_addr_symbol+0x30/0x70 [ 3049.507569][T29837] ? __check_object_size+0x323/0x730 [ 3049.512851][T29837] netlink_sendmsg+0x93c/0xe40 [ 3049.517641][T29837] ? netlink_unicast+0x810/0x810 [ 3049.522587][T29837] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3049.527859][T29837] ? netlink_unicast+0x810/0x810 [ 3049.532794][T29837] sock_sendmsg+0xd9/0x180 [ 3049.537238][T29837] ____sys_sendmsg+0x6ac/0x940 [ 3049.542034][T29837] ? copy_msghdr_from_user+0x10b/0x160 [ 3049.548271][T29837] ? kernel_sendmsg+0x50/0x50 [ 3049.552943][T29837] ? plist_check_list+0x1ae/0x280 [ 3049.557979][T29837] ? schedule+0xf1/0x1b0 [ 3049.562206][T29837] ___sys_sendmsg+0x135/0x1d0 [ 3049.566877][T29837] ? do_recvmmsg+0x740/0x740 20:13:56 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000000)=ANY=[], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) [ 3049.571491][T29837] ? rcu_is_watching+0x12/0xb0 [ 3049.576268][T29837] ? rcu_is_watching+0x12/0xb0 [ 3049.581225][T29837] ? __fget_light+0xe6/0x260 [ 3049.585810][T29837] __sys_sendmsg+0x117/0x1e0 [ 3049.590385][T29837] ? __sys_sendmsg_sock+0x30/0x30 [ 3049.595400][T29837] ? xfd_validate_state+0x5d/0x180 [ 3049.600539][T29837] ? rcu_is_watching+0x12/0xb0 [ 3049.605299][T29837] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3049.611294][T29837] do_syscall_64+0x38/0xb0 [ 3049.615724][T29837] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3049.621636][T29837] RIP: 0033:0x7fc65907cae9 [ 3049.626060][T29837] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3049.645679][T29837] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3049.654112][T29837] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3049.662089][T29837] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3049.670086][T29837] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3049.678048][T29837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3049.686045][T29837] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3049.694032][T29837] 20:13:57 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000200000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3049.722677][T29840] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3049.734194][T29840] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3049.751470][T29840] CPU: 0 PID: 29840 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3049.761644][T29840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3049.771712][T29840] Call Trace: [ 3049.774992][T29840] [ 3049.777936][T29840] dump_stack_lvl+0x125/0x1b0 [ 3049.782637][T29840] sysfs_warn_dup+0x7f/0xa0 [ 3049.787155][T29840] sysfs_do_create_link_sd+0x11e/0x140 [ 3049.792621][T29840] sysfs_create_link+0x61/0xc0 [ 3049.797394][T29840] device_add+0x669/0x1ac0 [ 3049.801823][T29840] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3049.808691][T29840] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3049.814607][T29840] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3049.820263][T29856] syz-executor.4[29856]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3049.820598][T29840] wiphy_register+0x2095/0x2ce0 [ 3049.832953][T29856] loop4: detected capacity change from 0 to 256 [ 3049.835059][T29840] ? wiphy_unregister+0xb70/0xb70 [ 3049.835085][T29840] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3049.852378][T29840] ieee80211_register_hw+0x24d1/0x4250 [ 3049.857838][T29840] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3049.863377][T29840] ? rcu_is_watching+0x12/0xb0 [ 3049.868133][T29840] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3049.874104][T29840] ? __hrtimer_init+0x103/0x2c0 [ 3049.878946][T29840] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3049.884662][T29840] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3049.890373][T29840] ? rcu_is_watching+0x12/0xb0 [ 3049.895125][T29840] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3049.901007][T29840] hwsim_new_radio_nl+0xaf8/0x1240 [ 3049.906113][T29840] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3049.911999][T29840] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3049.919370][T29840] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3049.926999][T29840] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3049.932722][T29840] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3049.940128][T29840] ? ns_capable+0xd5/0x110 [ 3049.944536][T29840] genl_rcv_msg+0x55c/0x800 [ 3049.949037][T29840] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3049.954952][T29840] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3049.960848][T29840] netlink_rcv_skb+0x16b/0x440 [ 3049.965608][T29840] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3049.971500][T29840] ? netlink_ack+0x1370/0x1370 [ 3049.976263][T29840] ? rcu_is_watching+0x12/0xb0 [ 3049.981025][T29840] ? down_write+0x200/0x200 [ 3049.985517][T29840] ? netlink_deliver_tap+0x1b1/0xd10 [ 3049.990797][T29840] genl_rcv+0x28/0x40 [ 3049.994776][T29840] netlink_unicast+0x536/0x810 [ 3049.999538][T29840] ? netlink_attachskb+0x870/0x870 [ 3050.004642][T29840] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3050.010532][T29840] ? __phys_addr_symbol+0x30/0x70 [ 3050.015548][T29840] ? __check_object_size+0x323/0x730 [ 3050.020832][T29840] netlink_sendmsg+0x93c/0xe40 [ 3050.025594][T29840] ? netlink_unicast+0x810/0x810 [ 3050.030529][T29840] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3050.035809][T29840] ? netlink_unicast+0x810/0x810 [ 3050.040739][T29840] sock_sendmsg+0xd9/0x180 [ 3050.045184][T29840] ____sys_sendmsg+0x6ac/0x940 [ 3050.049943][T29840] ? copy_msghdr_from_user+0x10b/0x160 [ 3050.055415][T29840] ? kernel_sendmsg+0x50/0x50 [ 3050.060080][T29840] ? plist_check_list+0x1ae/0x280 [ 3050.065099][T29840] ? schedule+0xf1/0x1b0 [ 3050.069327][T29840] ___sys_sendmsg+0x135/0x1d0 [ 3050.074023][T29840] ? do_recvmmsg+0x740/0x740 [ 3050.078602][T29840] ? rcu_is_watching+0x12/0xb0 [ 3050.083359][T29840] ? rcu_is_watching+0x12/0xb0 [ 3050.088121][T29840] ? __fget_light+0xe6/0x260 [ 3050.092706][T29840] __sys_sendmsg+0x117/0x1e0 [ 3050.097292][T29840] ? __sys_sendmsg_sock+0x30/0x30 [ 3050.102326][T29840] ? xfd_validate_state+0x5d/0x180 [ 3050.107436][T29840] ? rcu_is_watching+0x12/0xb0 [ 3050.112272][T29840] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3050.118242][T29840] do_syscall_64+0x38/0xb0 [ 3050.122652][T29840] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3050.128541][T29840] RIP: 0033:0x7fc66767cae9 [ 3050.132966][T29840] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3050.152562][T29840] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3050.160959][T29840] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3050.169023][T29840] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3050.177093][T29840] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 [ 3050.185051][T29840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3050.193017][T29840] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3050.201091][T29840] [ 3050.223235][T29856] FAT-fs (loop4): Directory bread(block 64) failed [ 3050.230415][T29856] FAT-fs (loop4): Directory bread(block 65) failed [ 3050.237271][T29856] FAT-fs (loop4): Directory bread(block 66) failed [ 3050.240493][T29844] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3050.267014][T29067] usb 3-1: new high-speed USB device number 14 using dummy_hcd 20:13:57 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000e4ffffff0004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:13:57 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r7) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="4d7e00000000000000012a00000008002f000000000005003600000000000c0005000000000000000000050037000000000008000200c7a1bcf874781e10b26a6f1d27e7d8fb020ad5492389c577731892eda9f82ca7fd5e9bf54dc7ec8139ac78049a6fe02cefee33d0ded70c4d8a167eba7d429761107fe544f14a23ee6474d6fc574c02baf90f7b7a06cce045b0d5a1de0f30528d8a274787c769ce00"/173, @ANYRES32=r10, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000280)={'wpan0\x00', 0x0}) sendmsg$IEEE802154_LLSEC_GETPARAMS(r3, &(0x7f0000000580)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000300)={&(0x7f00000005c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000227bd7000fddbdf25240000000a0001007770616e3100000008000200", @ANYRES32=r10, @ANYBLOB="08000200", @ANYRES32=r11, @ANYBLOB="0a0001007770616e3400000082f5936c3ddaa596a170be98af8f2a041fd53b0237a98b2a28bb5acbb5c97d5285aaa0b2fab7a0cda820623261094adfa70f379f2fd642711d31a577db44d83ad8745d3c0af5b8c373a9e6b157f0d26c2ce2eee46d281f4aec09d3d838af4609819768b18d18f809cc477f1f15f71d6b7215fb0c53607b8c28d89df6fa5895c6658302c402f034b01f25128ad65ec571f0e138d9f547"], 0x3c}, 0x1, 0x0, 0x0, 0x24004004}, 0x40000) sendmsg$NL802154_CMD_SET_CHANNEL(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r13 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_KEY(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x24, r13, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_SEC_KEY={0x4}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x24}}, 0x0) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r5, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000380)={0x1e8, r13, 0x20, 0x70bd2c, 0x25dfdbfe, {}, [@NL802154_ATTR_SEC_DEVKEY={0x1c, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_SEC_DEVKEY={0x64, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x1c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x3}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x4}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x8}]}, @NL802154_DEVKEY_ATTR_ID={0x38, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x1000}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x59}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa1}]}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}]}, @NL802154_ATTR_SEC_DEVKEY={0x5c, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x48, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0xffff}, @NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0xffff}]}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xb38}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x7f}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x1}]}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x7fffffff}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x92}]}, @NL802154_ATTR_SEC_DEVKEY={0xf0, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x6}, @NL802154_DEVKEY_ATTR_ID={0xe4, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x48, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}]}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x38, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xffff}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}]}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x4}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x2c, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xffff}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6}]}]}]}]}, 0x1e8}, 0x1, 0x0, 0x0, 0x40}, 0xc0) [ 3050.268566][T29856] FAT-fs (loop4): Directory bread(block 67) failed [ 3050.304065][T29844] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3050.306307][T29856] FAT-fs (loop4): Directory bread(block 68) failed [ 3050.332232][T29844] CPU: 1 PID: 29844 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3050.341996][T29856] FAT-fs (loop4): Directory bread(block 69) failed [ 3050.342330][T29844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3050.349417][T29856] FAT-fs (loop4): Directory bread(block 70) failed [ 3050.359800][T29844] Call Trace: [ 3050.359810][T29844] [ 3050.359816][T29844] dump_stack_lvl+0x125/0x1b0 [ 3050.359851][T29844] sysfs_warn_dup+0x7f/0xa0 [ 3050.367000][T29856] FAT-fs (loop4): Directory bread(block 71) failed [ 3050.369610][T29844] sysfs_do_create_link_sd+0x11e/0x140 [ 3050.369640][T29844] sysfs_create_link+0x61/0xc0 [ 3050.372723][T29856] FAT-fs (loop4): Directory bread(block 72) failed [ 3050.377231][T29844] device_add+0x669/0x1ac0 [ 3050.377267][T29844] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3050.382534][T29856] FAT-fs (loop4): Directory bread(block 73) failed [ 3050.388311][T29844] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3050.388349][T29844] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3050.388377][T29844] wiphy_register+0x2095/0x2ce0 [ 3050.388403][T29844] ? wiphy_unregister+0xb70/0xb70 [ 3050.388427][T29844] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3050.388453][T29844] ieee80211_register_hw+0x24d1/0x4250 [ 3050.388487][T29844] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3050.388515][T29844] ? rcu_is_watching+0x12/0xb0 [ 3050.419706][T29856] syz-executor.4: attempt to access beyond end of device [ 3050.419706][T29856] loop4: rw=524288, sector=1160, nr_sectors = 4 limit=256 [ 3050.422921][T29844] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3050.422948][T29844] ? __hrtimer_init+0x103/0x2c0 [ 3050.428989][T29856] syz-executor.4: attempt to access beyond end of device [ 3050.428989][T29856] loop4: rw=0, sector=1160, nr_sectors = 4 limit=256 [ 3050.434820][T29844] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3050.434861][T29844] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3050.442416][ T28] audit: type=1800 audit(1693858437.770:2746): pid=29856 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.4" name="file0" dev="loop4" ino=1049442 res=0 errno=0 [ 3050.444670][T29844] ? rcu_is_watching+0x12/0xb0 [ 3050.444692][T29844] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3050.547718][T29844] hwsim_new_radio_nl+0xaf8/0x1240 [ 3050.552913][T29844] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3050.558802][T29844] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3050.566264][T29844] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3050.573662][T29844] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3050.579326][T29844] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3050.586705][T29844] ? ns_capable+0xd5/0x110 [ 3050.591123][T29844] genl_rcv_msg+0x55c/0x800 [ 3050.595635][T29844] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3050.601515][T29844] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3050.607405][T29844] netlink_rcv_skb+0x16b/0x440 [ 3050.612157][T29844] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3050.618048][T29844] ? netlink_ack+0x1370/0x1370 [ 3050.622809][T29844] ? rcu_is_watching+0x12/0xb0 [ 3050.627589][T29844] ? down_write+0x200/0x200 [ 3050.632078][T29844] ? netlink_deliver_tap+0x1b1/0xd10 [ 3050.637445][T29844] genl_rcv+0x28/0x40 [ 3050.641441][T29844] netlink_unicast+0x536/0x810 [ 3050.646194][T29844] ? netlink_attachskb+0x870/0x870 [ 3050.651290][T29844] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3050.657182][T29844] ? __phys_addr_symbol+0x30/0x70 [ 3050.662206][T29844] ? __check_object_size+0x323/0x730 [ 3050.667859][T29844] netlink_sendmsg+0x93c/0xe40 [ 3050.672611][T29844] ? netlink_unicast+0x810/0x810 [ 3050.677537][T29844] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3050.682830][T29844] ? netlink_unicast+0x810/0x810 [ 3050.687754][T29844] sock_sendmsg+0xd9/0x180 [ 3050.692187][T29844] ____sys_sendmsg+0x6ac/0x940 [ 3050.696954][T29844] ? copy_msghdr_from_user+0x10b/0x160 [ 3050.702420][T29844] ? kernel_sendmsg+0x50/0x50 [ 3050.707093][T29844] ? plist_check_list+0x1ae/0x280 [ 3050.712112][T29844] ? schedule+0xf1/0x1b0 [ 3050.716360][T29844] ___sys_sendmsg+0x135/0x1d0 [ 3050.721045][T29844] ? do_recvmmsg+0x740/0x740 [ 3050.725620][T29844] ? rcu_is_watching+0x12/0xb0 [ 3050.730393][T29844] ? rcu_is_watching+0x12/0xb0 [ 3050.735163][T29844] ? __fget_light+0xe6/0x260 [ 3050.739744][T29844] __sys_sendmsg+0x117/0x1e0 [ 3050.744329][T29844] ? __sys_sendmsg_sock+0x30/0x30 [ 3050.749344][T29844] ? xfd_validate_state+0x5d/0x180 [ 3050.754538][T29844] ? rcu_is_watching+0x12/0xb0 [ 3050.759289][T29844] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3050.765291][T29844] do_syscall_64+0x38/0xb0 [ 3050.769881][T29844] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3050.775773][T29844] RIP: 0033:0x7f1773a7cae9 [ 3050.780195][T29844] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3050.799789][T29844] RSP: 002b:00007f177476b0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3050.808233][T29844] RAX: ffffffffffffffda RBX: 00007f1773b9bf80 RCX: 00007f1773a7cae9 [ 3050.816199][T29844] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3050.824154][T29844] RBP: 00007f1773ac847a R08: 0000000000000000 R09: 0000000000000000 [ 3050.832105][T29844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3050.840058][T29844] R13: 000000000000000b R14: 00007f1773b9bf80 R15: 00007ffc226675b8 [ 3050.848016][T29844] [ 3050.862845][T29856] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3050.873646][T29854] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. 20:13:58 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") r1 = syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) r2 = open(&(0x7f00000002c0)='./file0\x00', 0x200, 0x84) ioctl$VFAT_IOCTL_READDIR_SHORT(r2, 0x82307202, &(0x7f0000000540)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), r1) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000780)={'batadv0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f00000007c0)={'wg2\x00', 0x0}) r6 = socket(0x11, 0x800000003, 0x0) bind(r6, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r6, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r8 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r8, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x66}}]}, 0x78}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000800)={'batadv0\x00', 0x0}) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r2, &(0x7f0000000880)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000840)={&(0x7f0000000c80)={0x150, r3, 0x2, 0x70bd28, 0x25dfdbfb, {}, [@HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x150}, 0x1, 0x0, 0x0, 0x80}, 0x80) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f0000000e00)=ANY=[@ANYBLOB="140000003e0000032dbd7000ffdbdf250a00000035509718f61109add3c2844ca5abbf885258e69d1f39bc22869a4625ab0b382c69f17ca985c57e7f7c04634b2d0f4719e91b8863d9a9374b2942f154ee578bcfc465ccc2a7788a0b2d2c3107b20e54d885cc3609063405c19591789a106c86346b55cefc570fbdecfbf6b6118fefae21e5b6e3d20c5df97842cde04875fd4f429c036691d464b9ad0db96decad07d0971c19d52edcd121d7dc93ea32011b3c201b95bc03ce6d27a2222c9a49e2ebbea608235493ea39e4e17951bcae8eda0c9575261ec8d1d1d58da0c0fc0d16f9ec27c86d"], 0x14}, 0x1, 0x0, 0x0, 0x24000880}, 0x1) syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") (async) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) (async) open(&(0x7f00000002c0)='./file0\x00', 0x200, 0x84) (async) ioctl$VFAT_IOCTL_READDIR_SHORT(r2, 0x82307202, &(0x7f0000000540)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) (async) syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), r1) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000780)) (async) ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f00000007c0)={'wg2\x00'}) (async) socket(0x11, 0x800000003, 0x0) (async) bind(r6, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) (async) getsockname$packet(r6, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) (async) socket(0x10, 0x3, 0x0) (async) sendmsg$nl_route_sched(r8, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x66}}]}, 0x78}}, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000800)) (async) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r2, &(0x7f0000000880)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000840)={&(0x7f0000000c80)={0x150, r3, 0x2, 0x70bd28, 0x25dfdbfb, {}, [@HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x150}, 0x1, 0x0, 0x0, 0x80}, 0x80) (async) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f0000000e00)=ANY=[@ANYBLOB="140000003e0000032dbd7000ffdbdf250a00000035509718f61109add3c2844ca5abbf885258e69d1f39bc22869a4625ab0b382c69f17ca985c57e7f7c04634b2d0f4719e91b8863d9a9374b2942f154ee578bcfc465ccc2a7788a0b2d2c3107b20e54d885cc3609063405c19591789a106c86346b55cefc570fbdecfbf6b6118fefae21e5b6e3d20c5df97842cde04875fd4f429c036691d464b9ad0db96decad07d0971c19d52edcd121d7dc93ea32011b3c201b95bc03ce6d27a2222c9a49e2ebbea608235493ea39e4e17951bcae8eda0c9575261ec8d1d1d58da0c0fc0d16f9ec27c86d"], 0x14}, 0x1, 0x0, 0x0, 0x24000880}, 0x1) (async) [ 3050.887474][T29854] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3050.896167][T29854] CPU: 1 PID: 29854 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3050.906238][T29854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3050.916287][T29854] Call Trace: [ 3050.919554][T29854] [ 3050.922473][T29854] dump_stack_lvl+0x125/0x1b0 [ 3050.927149][T29854] sysfs_warn_dup+0x7f/0xa0 [ 3050.931645][T29854] sysfs_do_create_link_sd+0x11e/0x140 [ 3050.937363][T29854] sysfs_create_link+0x61/0xc0 [ 3050.942118][T29854] device_add+0x669/0x1ac0 [ 3050.946534][T29854] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3050.953386][T29854] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3050.959277][T29854] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3050.965249][T29854] wiphy_register+0x2095/0x2ce0 [ 3050.970108][T29854] ? wiphy_unregister+0xb70/0xb70 [ 3050.975122][T29854] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3050.981178][T29854] ieee80211_register_hw+0x24d1/0x4250 [ 3050.986628][T29854] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3050.992169][T29854] ? rcu_is_watching+0x12/0xb0 [ 3050.997008][T29854] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3051.002977][T29854] ? __hrtimer_init+0x103/0x2c0 [ 3051.007817][T29854] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3051.013535][T29854] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3051.019250][T29854] ? rcu_is_watching+0x12/0xb0 [ 3051.023998][T29854] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3051.029879][T29854] hwsim_new_radio_nl+0xaf8/0x1240 [ 3051.034982][T29854] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3051.040869][T29854] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3051.048240][T29854] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3051.055632][T29854] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3051.061178][T29854] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3051.068549][T29854] ? ns_capable+0xd5/0x110 [ 3051.072957][T29854] genl_rcv_msg+0x55c/0x800 [ 3051.077456][T29854] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3051.083344][T29854] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3051.089230][T29854] netlink_rcv_skb+0x16b/0x440 [ 3051.093992][T29854] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3051.099880][T29854] ? netlink_ack+0x1370/0x1370 [ 3051.104635][T29854] ? rcu_is_watching+0x12/0xb0 [ 3051.109481][T29854] ? down_write+0x200/0x200 [ 3051.113975][T29854] ? netlink_deliver_tap+0x1b1/0xd10 [ 3051.119254][T29854] genl_rcv+0x28/0x40 [ 3051.123229][T29854] netlink_unicast+0x536/0x810 [ 3051.127988][T29854] ? netlink_attachskb+0x870/0x870 [ 3051.133088][T29854] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3051.139000][T29854] ? __phys_addr_symbol+0x30/0x70 [ 3051.144047][T29854] ? __check_object_size+0x323/0x730 [ 3051.149343][T29854] netlink_sendmsg+0x93c/0xe40 [ 3051.154102][T29854] ? netlink_unicast+0x810/0x810 [ 3051.159052][T29854] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3051.164355][T29854] ? netlink_unicast+0x810/0x810 [ 3051.169292][T29854] sock_sendmsg+0xd9/0x180 [ 3051.173721][T29854] ____sys_sendmsg+0x6ac/0x940 [ 3051.178482][T29854] ? copy_msghdr_from_user+0x10b/0x160 [ 3051.183935][T29854] ? kernel_sendmsg+0x50/0x50 [ 3051.188601][T29854] ? plist_check_list+0x1ae/0x280 [ 3051.194399][T29854] ? schedule+0xf1/0x1b0 [ 3051.198651][T29854] ___sys_sendmsg+0x135/0x1d0 [ 3051.203343][T29854] ? do_recvmmsg+0x740/0x740 [ 3051.207931][T29854] ? rcu_is_watching+0x12/0xb0 [ 3051.212692][T29854] ? rcu_is_watching+0x12/0xb0 [ 3051.217536][T29854] ? __fget_light+0xe6/0x260 [ 3051.222139][T29854] __sys_sendmsg+0x117/0x1e0 [ 3051.226720][T29854] ? __sys_sendmsg_sock+0x30/0x30 [ 3051.231736][T29854] ? xfd_validate_state+0x5d/0x180 [ 3051.236849][T29854] ? rcu_is_watching+0x12/0xb0 [ 3051.241684][T29854] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3051.247656][T29854] do_syscall_64+0x38/0xb0 [ 3051.252086][T29854] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3051.257998][T29854] RIP: 0033:0x7fc65907cae9 [ 3051.262402][T29854] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3051.282169][T29854] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3051.290575][T29854] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3051.298536][T29854] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3051.306494][T29854] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3051.314454][T29854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3051.322408][T29854] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3051.330551][T29854] 20:13:58 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000300000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:13:58 executing program 0: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="14010000290001000000009effffff0004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3051.343468][T29861] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3051.346790][T29067] usb 3-1: device descriptor read/64, error -71 [ 3051.388028][T29861] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3051.394516][T29868] syz-executor.4[29868]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3051.418523][T29861] CPU: 0 PID: 29861 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3051.426369][T29868] loop4: detected capacity change from 0 to 256 [ 3051.428586][T29861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3051.428598][T29861] Call Trace: [ 3051.428605][T29861] [ 3051.428612][T29861] dump_stack_lvl+0x125/0x1b0 [ 3051.428645][T29861] sysfs_warn_dup+0x7f/0xa0 [ 3051.428668][T29861] sysfs_do_create_link_sd+0x11e/0x140 [ 3051.428690][T29861] sysfs_create_link+0x61/0xc0 [ 3051.428710][T29861] device_add+0x669/0x1ac0 [ 3051.428735][T29861] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3051.428761][T29861] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3051.428787][T29861] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3051.493640][T29861] wiphy_register+0x2095/0x2ce0 [ 3051.498488][T29861] ? wiphy_unregister+0xb70/0xb70 [ 3051.503502][T29861] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3051.509557][T29861] ieee80211_register_hw+0x24d1/0x4250 [ 3051.515103][T29861] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3051.520641][T29861] ? rcu_is_watching+0x12/0xb0 [ 3051.525394][T29861] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3051.531366][T29861] ? __hrtimer_init+0x103/0x2c0 [ 3051.536231][T29861] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3051.541946][T29861] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3051.547654][T29861] ? rcu_is_watching+0x12/0xb0 [ 3051.552406][T29861] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3051.558290][T29861] hwsim_new_radio_nl+0xaf8/0x1240 [ 3051.563479][T29861] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3051.569365][T29861] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3051.576844][T29861] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3051.584211][T29861] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3051.589757][T29861] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3051.597128][T29861] ? ns_capable+0xd5/0x110 [ 3051.601542][T29861] genl_rcv_msg+0x55c/0x800 [ 3051.606038][T29861] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3051.611927][T29861] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3051.617812][T29861] netlink_rcv_skb+0x16b/0x440 [ 3051.622593][T29861] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3051.628485][T29861] ? netlink_ack+0x1370/0x1370 [ 3051.633241][T29861] ? rcu_is_watching+0x12/0xb0 [ 3051.638000][T29861] ? down_write+0x200/0x200 [ 3051.642494][T29861] ? netlink_deliver_tap+0x1b1/0xd10 [ 3051.647778][T29861] genl_rcv+0x28/0x40 [ 3051.651753][T29861] netlink_unicast+0x536/0x810 [ 3051.656556][T29861] ? netlink_attachskb+0x870/0x870 [ 3051.661658][T29861] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3051.667551][T29861] ? __phys_addr_symbol+0x30/0x70 [ 3051.672571][T29861] ? __check_object_size+0x323/0x730 [ 3051.677843][T29861] netlink_sendmsg+0x93c/0xe40 [ 3051.682604][T29861] ? netlink_unicast+0x810/0x810 [ 3051.687625][T29861] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3051.692909][T29861] ? netlink_unicast+0x810/0x810 [ 3051.697839][T29861] sock_sendmsg+0xd9/0x180 [ 3051.702248][T29861] ____sys_sendmsg+0x6ac/0x940 [ 3051.707001][T29861] ? copy_msghdr_from_user+0x10b/0x160 [ 3051.712482][T29861] ? kernel_sendmsg+0x50/0x50 [ 3051.717148][T29861] ? plist_check_list+0x1ae/0x280 [ 3051.722173][T29861] ? schedule+0xf1/0x1b0 [ 3051.726405][T29861] ___sys_sendmsg+0x135/0x1d0 [ 3051.731076][T29861] ? do_recvmmsg+0x740/0x740 [ 3051.735659][T29861] ? rcu_is_watching+0x12/0xb0 [ 3051.740417][T29861] ? rcu_is_watching+0x12/0xb0 [ 3051.745260][T29861] ? __fget_light+0xe6/0x260 [ 3051.749841][T29861] __sys_sendmsg+0x117/0x1e0 [ 3051.754427][T29861] ? __sys_sendmsg_sock+0x30/0x30 [ 3051.759454][T29861] ? xfd_validate_state+0x5d/0x180 [ 3051.764586][T29861] ? rcu_is_watching+0x12/0xb0 [ 3051.769334][T29861] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3051.776086][T29861] do_syscall_64+0x38/0xb0 [ 3051.780498][T29861] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3051.786386][T29861] RIP: 0033:0x7fc66767cae9 [ 3051.790783][T29861] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3051.810377][T29861] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3051.818786][T29861] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3051.826749][T29861] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 20:13:59 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000400000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3051.834710][T29861] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 [ 3051.842666][T29861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3051.850618][T29861] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3051.858578][T29861] 20:13:59 executing program 5: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(0x0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x7000) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) r3 = shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000561000/0x2000)=nil, 0x1000) r4 = shmget$private(0x0, 0x4000, 0x800, &(0x7f00009ff000/0x4000)=nil) shmat(r4, &(0x7f00000de000/0x4000)=nil, 0x0) shmat(r4, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_UNLOCK(0x0, 0xc) shmctl$SHM_LOCK(r3, 0xb) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x233000, 0x1000, 0x0, 0x1}, 0x20) mbind(&(0x7f00001b9000/0x4000)=nil, 0x4000, 0x4000, 0x0, 0xfffffffffffffffc, 0x10000000003) 20:13:59 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) (async) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r7) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="4d7e00000000000000012a00000008002f000000000005003600000000000c0005000000000000000000050037000000000008000200c7a1bcf874781e10b26a6f1d27e7d8fb020ad5492389c577731892eda9f82ca7fd5e9bf54dc7ec8139ac78049a6fe02cefee33d0ded70c4d8a167eba7d429761107fe544f14a23ee6474d6fc574c02baf90f7b7a06cce045b0d5a1de0f30528d8a274787c769ce00"/173, @ANYRES32=r10, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) (async) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000280)={'wpan0\x00', 0x0}) sendmsg$IEEE802154_LLSEC_GETPARAMS(r3, &(0x7f0000000580)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000300)={&(0x7f00000005c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000227bd7000fddbdf25240000000a0001007770616e3100000008000200", @ANYRES32=r10, @ANYBLOB="08000200", @ANYRES32=r11, @ANYBLOB="0a0001007770616e3400000082f5936c3ddaa596a170be98af8f2a041fd53b0237a98b2a28bb5acbb5c97d5285aaa0b2fab7a0cda820623261094adfa70f379f2fd642711d31a577db44d83ad8745d3c0af5b8c373a9e6b157f0d26c2ce2eee46d281f4aec09d3d838af4609819768b18d18f809cc477f1f15f71d6b7215fb0c53607b8c28d89df6fa5895c6658302c402f034b01f25128ad65ec571f0e138d9f547"], 0x3c}, 0x1, 0x0, 0x0, 0x24004004}, 0x40000) sendmsg$NL802154_CMD_SET_CHANNEL(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r13 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_KEY(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x24, r13, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_SEC_KEY={0x4}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x24}}, 0x0) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r5, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000380)={0x1e8, r13, 0x20, 0x70bd2c, 0x25dfdbfe, {}, [@NL802154_ATTR_SEC_DEVKEY={0x1c, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_SEC_DEVKEY={0x64, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x1c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x3}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x4}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x8}]}, @NL802154_DEVKEY_ATTR_ID={0x38, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x1000}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x59}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa1}]}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}]}, @NL802154_ATTR_SEC_DEVKEY={0x5c, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x48, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0xffff}, @NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0xffff}]}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xb38}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x7f}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x1}]}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x7fffffff}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x92}]}, @NL802154_ATTR_SEC_DEVKEY={0xf0, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x6}, @NL802154_DEVKEY_ATTR_ID={0xe4, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x48, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}]}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x38, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xffff}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}]}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x4}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x2c, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xffff}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6}]}]}]}]}, 0x1e8}, 0x1, 0x0, 0x0, 0x40}, 0xc0) [ 3051.915893][T29871] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3051.941471][T29871] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3051.972584][T29868] FAT-fs (loop4): Directory bread(block 64) failed [ 3051.981889][T29868] FAT-fs (loop4): Directory bread(block 65) failed [ 3051.983647][T29871] CPU: 0 PID: 29871 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3051.989447][T29868] FAT-fs (loop4): Directory bread(block 66) failed [ 3051.998431][T29871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3051.998444][T29871] Call Trace: [ 3051.998452][T29871] [ 3051.998459][T29871] dump_stack_lvl+0x125/0x1b0 [ 3052.005779][T29868] FAT-fs (loop4): Directory bread(block 67) failed [ 3052.015083][T29871] sysfs_warn_dup+0x7f/0xa0 [ 3052.015113][T29871] sysfs_do_create_link_sd+0x11e/0x140 [ 3052.015137][T29871] sysfs_create_link+0x61/0xc0 [ 3052.015159][T29871] device_add+0x669/0x1ac0 [ 3052.015188][T29871] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3052.015220][T29871] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3052.019134][T29067] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 3052.021510][T29871] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3052.028473][T29868] FAT-fs (loop4): Directory bread(block 68) failed [ 3052.032650][T29871] wiphy_register+0x2095/0x2ce0 [ 3052.032680][T29871] ? wiphy_unregister+0xb70/0xb70 [ 3052.040079][T29868] FAT-fs (loop4): Directory bread(block 69) failed [ 3052.042611][T29871] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3052.042636][T29871] ieee80211_register_hw+0x24d1/0x4250 [ 3052.047836][T29868] FAT-fs (loop4): Directory bread(block 70) failed [ 3052.051753][T29871] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3052.059860][T29868] FAT-fs (loop4): Directory bread(block 71) failed [ 3052.064453][T29871] ? rcu_is_watching+0x12/0xb0 [ 3052.064475][T29871] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3052.072482][T29868] FAT-fs (loop4): Directory bread(block 72) failed [ 3052.077944][T29871] ? __hrtimer_init+0x103/0x2c0 [ 3052.077975][T29871] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3052.078006][T29871] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3052.078034][T29871] ? rcu_is_watching+0x12/0xb0 [ 3052.078054][T29871] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3052.078078][T29871] hwsim_new_radio_nl+0xaf8/0x1240 [ 3052.078102][T29871] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3052.078131][T29871] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3052.078167][T29871] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3052.078204][T29871] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3052.078237][T29871] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3052.078277][T29871] ? ns_capable+0xd5/0x110 [ 3052.102169][T29868] FAT-fs (loop4): Directory bread(block 73) failed [ 3052.107130][T29871] genl_rcv_msg+0x55c/0x800 [ 3052.107167][T29871] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3052.107195][T29871] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3052.107221][T29871] netlink_rcv_skb+0x16b/0x440 [ 3052.107246][T29871] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3052.107274][T29871] ? netlink_ack+0x1370/0x1370 [ 3052.133380][T29868] syz-executor.4: attempt to access beyond end of device [ 3052.133380][T29868] loop4: rw=524288, sector=1160, nr_sectors = 4 limit=256 [ 3052.135921][T29871] ? rcu_is_watching+0x12/0xb0 [ 3052.135949][T29871] ? down_write+0x200/0x200 [ 3052.154032][T29868] syz-executor.4: attempt to access beyond end of device [ 3052.154032][T29868] loop4: rw=0, sector=1160, nr_sectors = 4 limit=256 [ 3052.158886][T29871] ? netlink_deliver_tap+0x1b1/0xd10 [ 3052.158919][T29871] genl_rcv+0x28/0x40 [ 3052.190179][ T28] audit: type=1800 audit(1693858439.500:2747): pid=29868 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.4" name="file0" dev="loop4" ino=1049443 res=0 errno=0 [ 3052.193525][T29871] netlink_unicast+0x536/0x810 [ 3052.193560][T29871] ? netlink_attachskb+0x870/0x870 [ 3052.206881][T29067] usb 3-1: device descriptor read/64, error -71 [ 3052.213749][T29871] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3052.225575][T29882] syz-executor.4[29882]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3052.229102][T29871] ? __phys_addr_symbol+0x30/0x70 [ 3052.229130][T29871] ? __check_object_size+0x323/0x730 [ 3052.229156][T29871] netlink_sendmsg+0x93c/0xe40 [ 3052.229186][T29871] ? netlink_unicast+0x810/0x810 [ 3052.337198][T29067] usb usb3-port1: attempt power cycle [ 3052.338699][T29871] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3052.384818][T29871] ? netlink_unicast+0x810/0x810 [ 3052.389745][T29871] sock_sendmsg+0xd9/0x180 [ 3052.394148][T29871] ____sys_sendmsg+0x6ac/0x940 [ 3052.399333][T29871] ? copy_msghdr_from_user+0x10b/0x160 [ 3052.404789][T29871] ? kernel_sendmsg+0x50/0x50 [ 3052.409461][T29871] ? plist_check_list+0x1ae/0x280 [ 3052.414482][T29871] ? schedule+0xf1/0x1b0 [ 3052.418719][T29871] ___sys_sendmsg+0x135/0x1d0 [ 3052.423408][T29871] ? do_recvmmsg+0x740/0x740 [ 3052.427986][T29871] ? rcu_is_watching+0x12/0xb0 [ 3052.432752][T29871] ? rcu_is_watching+0x12/0xb0 [ 3052.437500][T29871] ? __fget_light+0xe6/0x260 [ 3052.442073][T29871] __sys_sendmsg+0x117/0x1e0 [ 3052.446658][T29871] ? __sys_sendmsg_sock+0x30/0x30 [ 3052.451690][T29871] ? xfd_validate_state+0x5d/0x180 [ 3052.456804][T29871] ? rcu_is_watching+0x12/0xb0 [ 3052.461574][T29871] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3052.467547][T29871] do_syscall_64+0x38/0xb0 [ 3052.472042][T29871] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3052.477921][T29871] RIP: 0033:0x7f1773a7cae9 [ 3052.482318][T29871] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3052.502201][T29871] RSP: 002b:00007f177476b0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3052.510601][T29871] RAX: ffffffffffffffda RBX: 00007f1773b9bf80 RCX: 00007f1773a7cae9 [ 3052.518556][T29871] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3052.526518][T29871] RBP: 00007f1773ac847a R08: 0000000000000000 R09: 0000000000000000 [ 3052.534469][T29871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3052.542457][T29871] R13: 000000000000000b R14: 00007f1773b9bf80 R15: 00007ffc226675b8 [ 3052.550411][T29871] [ 3052.561295][T29868] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.4'. 20:13:59 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x7000) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) r3 = shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000561000/0x2000)=nil, 0x1000) r4 = shmget$private(0x0, 0x4000, 0x800, &(0x7f00009ff000/0x4000)=nil) shmat(r4, &(0x7f00000de000/0x4000)=nil, 0x0) shmat(r4, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_UNLOCK(0x0, 0xc) shmctl$SHM_LOCK(r3, 0xb) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x233000, 0x1000, 0x0, 0x1}, 0x20) mbind(&(0x7f00001b9000/0x4000)=nil, 0x4000, 0x4000, 0x0, 0xfffffffffffffffc, 0x10000000003) [ 3052.571057][T29875] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3052.595215][T29875] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3052.608117][T29875] CPU: 1 PID: 29875 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3052.618186][T29875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3052.628241][T29875] Call Trace: [ 3052.631527][T29875] [ 3052.634461][T29875] dump_stack_lvl+0x125/0x1b0 [ 3052.639159][T29875] sysfs_warn_dup+0x7f/0xa0 20:13:59 executing program 5: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x7000) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) r3 = shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000561000/0x2000)=nil, 0x1000) r4 = shmget$private(0x0, 0x4000, 0x800, &(0x7f00009ff000/0x4000)=nil) shmat(r4, &(0x7f00000de000/0x4000)=nil, 0x0) shmat(r4, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_UNLOCK(0x0, 0xc) shmctl$SHM_LOCK(r3, 0xb) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x233000, 0x1000, 0x0, 0x1}, 0x20) mbind(&(0x7f00001b9000/0x4000)=nil, 0x4000, 0x4000, 0x0, 0xfffffffffffffffc, 0x10000000003) [ 3052.643666][T29875] sysfs_do_create_link_sd+0x11e/0x140 [ 3052.649130][T29875] sysfs_create_link+0x61/0xc0 [ 3052.653897][T29875] device_add+0x669/0x1ac0 [ 3052.658329][T29875] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3052.665201][T29875] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3052.671110][T29875] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3052.677105][T29875] wiphy_register+0x2095/0x2ce0 [ 3052.681975][T29875] ? wiphy_unregister+0xb70/0xb70 [ 3052.687019][T29875] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3052.693103][T29875] ieee80211_register_hw+0x24d1/0x4250 [ 3052.698603][T29875] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3052.704154][T29875] ? rcu_is_watching+0x12/0xb0 [ 3052.708920][T29875] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3052.714910][T29875] ? __hrtimer_init+0x103/0x2c0 [ 3052.719774][T29875] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3052.725523][T29875] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3052.731246][T29875] ? rcu_is_watching+0x12/0xb0 [ 3052.736009][T29875] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3052.741922][T29875] hwsim_new_radio_nl+0xaf8/0x1240 [ 3052.747034][T29875] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3052.752944][T29875] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3052.760322][T29875] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3052.767709][T29875] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3052.773269][T29875] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3052.780642][T29875] ? ns_capable+0xd5/0x110 [ 3052.785066][T29875] genl_rcv_msg+0x55c/0x800 [ 3052.789612][T29875] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3052.795500][T29875] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3052.801419][T29875] netlink_rcv_skb+0x16b/0x440 [ 3052.806201][T29875] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3052.812084][T29875] ? netlink_ack+0x1370/0x1370 [ 3052.816836][T29875] ? rcu_is_watching+0x12/0xb0 [ 3052.821599][T29875] ? down_write+0x200/0x200 [ 3052.826085][T29875] ? netlink_deliver_tap+0x1b1/0xd10 [ 3052.831360][T29875] genl_rcv+0x28/0x40 [ 3052.835347][T29875] netlink_unicast+0x536/0x810 [ 3052.840101][T29875] ? netlink_attachskb+0x870/0x870 [ 3052.845199][T29875] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3052.851110][T29875] ? __phys_addr_symbol+0x30/0x70 [ 3052.856213][T29875] ? __check_object_size+0x323/0x730 [ 3052.861501][T29875] netlink_sendmsg+0x93c/0xe40 [ 3052.866269][T29875] ? netlink_unicast+0x810/0x810 [ 3052.871243][T29875] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3052.876560][T29875] ? netlink_unicast+0x810/0x810 [ 3052.881508][T29875] sock_sendmsg+0xd9/0x180 [ 3052.885913][T29875] ____sys_sendmsg+0x6ac/0x940 [ 3052.890688][T29875] ? copy_msghdr_from_user+0x10b/0x160 [ 3052.896133][T29875] ? kernel_sendmsg+0x50/0x50 [ 3052.900804][T29875] ? plist_check_list+0x1ae/0x280 [ 3052.905837][T29875] ? schedule+0xf1/0x1b0 [ 3052.910061][T29875] ___sys_sendmsg+0x135/0x1d0 [ 3052.914728][T29875] ? do_recvmmsg+0x740/0x740 [ 3052.919302][T29875] ? rcu_is_watching+0x12/0xb0 [ 3052.924053][T29875] ? rcu_is_watching+0x12/0xb0 [ 3052.928814][T29875] ? __fget_light+0xe6/0x260 [ 3052.933406][T29875] __sys_sendmsg+0x117/0x1e0 [ 3052.937985][T29875] ? __sys_sendmsg_sock+0x30/0x30 [ 3052.943000][T29875] ? xfd_validate_state+0x5d/0x180 [ 3052.948138][T29875] ? rcu_is_watching+0x12/0xb0 [ 3052.952879][T29875] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3052.958846][T29875] do_syscall_64+0x38/0xb0 [ 3052.963256][T29875] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3052.969157][T29875] RIP: 0033:0x7fc65907cae9 [ 3052.973577][T29875] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 20:14:00 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000000)=ANY=[], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 20:14:00 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") r1 = syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) (async, rerun: 64) r2 = open(&(0x7f00000002c0)='./file0\x00', 0x200, 0x84) (rerun: 64) ioctl$VFAT_IOCTL_READDIR_SHORT(r2, 0x82307202, &(0x7f0000000540)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), r1) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000780)={'batadv0\x00', 0x0}) (async, rerun: 64) ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f00000007c0)={'wg2\x00', 0x0}) (async, rerun: 64) r6 = socket(0x11, 0x800000003, 0x0) bind(r6, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) (async) getsockname$packet(r6, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) (async) r8 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r8, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x66}}]}, 0x78}}, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000800)={'batadv0\x00', 0x0}) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r2, &(0x7f0000000880)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000840)={&(0x7f0000000c80)={0x150, r3, 0x2, 0x70bd28, 0x25dfdbfb, {}, [@HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x150}, 0x1, 0x0, 0x0, 0x80}, 0x80) (async, rerun: 64) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f0000000e00)=ANY=[@ANYBLOB="140000003e0000032dbd7000ffdbdf250a00000035509718f61109add3c2844ca5abbf885258e69d1f39bc22869a4625ab0b382c69f17ca985c57e7f7c04634b2d0f4719e91b8863d9a9374b2942f154ee578bcfc465ccc2a7788a0b2d2c3107b20e54d885cc3609063405c19591789a106c86346b55cefc570fbdecfbf6b6118fefae21e5b6e3d20c5df97842cde04875fd4f429c036691d464b9ad0db96decad07d0971c19d52edcd121d7dc93ea32011b3c201b95bc03ce6d27a2222c9a49e2ebbea608235493ea39e4e17951bcae8eda0c9575261ec8d1d1d58da0c0fc0d16f9ec27c86d"], 0x14}, 0x1, 0x0, 0x0, 0x24000880}, 0x1) (rerun: 64) 20:14:00 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000500000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3052.993283][T29875] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3053.001678][T29875] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3053.009629][T29875] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3053.017589][T29875] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3053.025563][T29875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3053.033562][T29875] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3053.041525][T29875] 20:14:00 executing program 5: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x7000) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) r3 = shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000561000/0x2000)=nil, 0x1000) r4 = shmget$private(0x0, 0x4000, 0x800, &(0x7f00009ff000/0x4000)=nil) shmat(r4, &(0x7f00000de000/0x4000)=nil, 0x0) shmat(r4, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_UNLOCK(0x0, 0xc) shmctl$SHM_LOCK(r3, 0xb) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x233000, 0x1000, 0x0, 0x1}, 0x20) mbind(&(0x7f00001b9000/0x4000)=nil, 0x4000, 0x4000, 0x0, 0xfffffffffffffffc, 0x10000000003) 20:14:00 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x7000) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) r3 = shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000561000/0x2000)=nil, 0x1000) r4 = shmget$private(0x0, 0x4000, 0x800, &(0x7f00009ff000/0x4000)=nil) shmat(r4, &(0x7f00000de000/0x4000)=nil, 0x0) shmat(r4, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_UNLOCK(0x0, 0xc) shmctl$SHM_LOCK(r3, 0xb) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x233000, 0x1000, 0x0, 0x1}, 0x20) mbind(&(0x7f00001b9000/0x4000)=nil, 0x4000, 0x4000, 0x0, 0xfffffffffffffffc, 0x10000000003) 20:14:00 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) (async) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r7) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="4d7e00000000000000012a00000008002f000000000005003600000000000c0005000000000000000000050037000000000008000200c7a1bcf874781e10b26a6f1d27e7d8fb020ad5492389c577731892eda9f82ca7fd5e9bf54dc7ec8139ac78049a6fe02cefee33d0ded70c4d8a167eba7d429761107fe544f14a23ee6474d6fc574c02baf90f7b7a06cce045b0d5a1de0f30528d8a274787c769ce00"/173, @ANYRES32=r10, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000280)={'wpan0\x00', 0x0}) sendmsg$IEEE802154_LLSEC_GETPARAMS(r3, &(0x7f0000000580)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000300)={&(0x7f00000005c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000227bd7000fddbdf25240000000a0001007770616e3100000008000200", @ANYRES32=r10, @ANYBLOB="08000200", @ANYRES32=r11, @ANYBLOB="0a0001007770616e3400000082f5936c3ddaa596a170be98af8f2a041fd53b0237a98b2a28bb5acbb5c97d5285aaa0b2fab7a0cda820623261094adfa70f379f2fd642711d31a577db44d83ad8745d3c0af5b8c373a9e6b157f0d26c2ce2eee46d281f4aec09d3d838af4609819768b18d18f809cc477f1f15f71d6b7215fb0c53607b8c28d89df6fa5895c6658302c402f034b01f25128ad65ec571f0e138d9f547"], 0x3c}, 0x1, 0x0, 0x0, 0x24004004}, 0x40000) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) (async) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r13 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_KEY(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x24, r13, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_SEC_KEY={0x4}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x24}}, 0x0) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r5, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000380)={0x1e8, r13, 0x20, 0x70bd2c, 0x25dfdbfe, {}, [@NL802154_ATTR_SEC_DEVKEY={0x1c, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_SEC_DEVKEY={0x64, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x1c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x3}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x4}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x8}]}, @NL802154_DEVKEY_ATTR_ID={0x38, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x1000}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x59}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa1}]}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}]}, @NL802154_ATTR_SEC_DEVKEY={0x5c, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x48, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0xffff}, @NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0xffff}]}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xb38}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x7f}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x1}]}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x7fffffff}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x92}]}, @NL802154_ATTR_SEC_DEVKEY={0xf0, 0x2d, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x6}, @NL802154_DEVKEY_ATTR_ID={0xe4, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x48, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}]}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x38, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xffff}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}]}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x4}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x2c, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xffff}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6}]}]}]}]}, 0x1e8}, 0x1, 0x0, 0x0, 0x40}, 0xc0) [ 3053.122039][T29898] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3053.198986][T29898] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3053.221660][T29898] CPU: 0 PID: 29898 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3053.231750][T29898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3053.241807][T29898] Call Trace: [ 3053.245081][T29898] [ 3053.248008][T29898] dump_stack_lvl+0x125/0x1b0 [ 3053.252707][T29898] sysfs_warn_dup+0x7f/0xa0 [ 3053.257219][T29898] sysfs_do_create_link_sd+0x11e/0x140 [ 3053.262694][T29898] sysfs_create_link+0x61/0xc0 [ 3053.267462][T29898] device_add+0x669/0x1ac0 [ 3053.271883][T29898] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3053.277050][T29067] usb usb3-port1: Cannot enable. Maybe the USB cable is bad? [ 3053.278734][T29898] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3053.278768][T29898] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3053.297949][T29898] wiphy_register+0x2095/0x2ce0 [ 3053.302812][T29898] ? wiphy_unregister+0xb70/0xb70 [ 3053.307844][T29910] syz-executor.4[29910]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3053.307854][T29898] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3053.322780][T29910] loop4: detected capacity change from 0 to 256 [ 3053.323490][T29898] ieee80211_register_hw+0x24d1/0x4250 [ 3053.323526][T29898] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3053.339091][T29910] FAT-fs (loop4): Directory bread(block 64) failed [ 3053.340714][T29898] ? rcu_is_watching+0x12/0xb0 [ 3053.340737][T29898] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3053.347376][T29910] FAT-fs (loop4): Directory bread(block 65) failed [ 3053.351942][T29898] ? __hrtimer_init+0x103/0x2c0 [ 3053.351976][T29898] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3053.359095][T29910] FAT-fs (loop4): Directory bread(block 66) failed [ 3053.364495][T29898] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3053.364518][T29898] ? rcu_is_watching+0x12/0xb0 [ 3053.364537][T29898] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3053.372705][T29910] FAT-fs (loop4): Directory bread(block 67) failed [ 3053.375034][T29898] hwsim_new_radio_nl+0xaf8/0x1240 [ 3053.375060][T29898] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3053.382242][T29910] FAT-fs (loop4): Directory bread(block 68) failed [ 3053.387405][T29898] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3053.387440][T29898] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3053.387473][T29898] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3053.387503][T29898] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3053.387538][T29898] ? ns_capable+0xd5/0x110 [ 3053.387563][T29898] genl_rcv_msg+0x55c/0x800 [ 3053.387593][T29898] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3053.387624][T29898] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3053.387651][T29898] netlink_rcv_skb+0x16b/0x440 [ 3053.387678][T29898] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3053.387709][T29898] ? netlink_ack+0x1370/0x1370 [ 3053.387735][T29898] ? rcu_is_watching+0x12/0xb0 [ 3053.387758][T29898] ? down_write+0x200/0x200 [ 3053.394125][T29910] FAT-fs (loop4): Directory bread(block 69) failed [ 3053.398352][T29898] ? netlink_deliver_tap+0x1b1/0xd10 [ 3053.398382][T29898] genl_rcv+0x28/0x40 [ 3053.398410][T29898] netlink_unicast+0x536/0x810 [ 3053.398437][T29898] ? netlink_attachskb+0x870/0x870 [ 3053.406190][T29910] FAT-fs (loop4): Directory bread(block 70) failed [ 3053.410000][T29898] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3053.410037][T29898] ? __phys_addr_symbol+0x30/0x70 [ 3053.410060][T29898] ? __check_object_size+0x323/0x730 [ 3053.410086][T29898] netlink_sendmsg+0x93c/0xe40 [ 3053.410113][T29898] ? netlink_unicast+0x810/0x810 [ 3053.410140][T29898] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3053.410166][T29898] ? netlink_unicast+0x810/0x810 [ 3053.410191][T29898] sock_sendmsg+0xd9/0x180 [ 3053.410213][T29898] ____sys_sendmsg+0x6ac/0x940 [ 3053.410235][T29898] ? copy_msghdr_from_user+0x10b/0x160 [ 3053.420409][T29910] FAT-fs (loop4): Directory bread(block 71) failed [ 3053.422577][T29898] ? kernel_sendmsg+0x50/0x50 [ 3053.422601][T29898] ? plist_check_list+0x1ae/0x280 20:14:00 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000280)={[{@shortname_mixed}, {@shortname_lower}, {@utf8no}, {@uni_xlateno}, {@uni_xlateno}, {@shortname_win95}, {@numtail}, {@utf8}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {@numtail}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'iso8859-4'}}]}, 0x1, 0x30d, &(0x7f0000000940)="$eJzs3TtoZGUUB/D/7CSZKKxJIWzp1U6QsIlYaJVlWWExhQ8GH2AR3KxIJi5scCBbJJtK7G0ErewsFATZWqxsLWxVEB/YuFYLLl65mXcm0UTMxMfvVyxnv++cuec+yEwgOUmSK9O5evv2d5mdrWVq+eJy7tQynzOpp+NmAID/kjtlmZ/LjtPuBQCYjL33/1fPnnYbAMAEHfH7/6cPXL12Ym0BACdo7P3/oZHtmdHsqf7PBAAA/17PvfjSUxdWkmeLYjbZeLPdbDfzxGD/wtW8llbWcj5zuZt0Pih0Pi1U/z55eeXS+aLy/XyaVUW7mWzstJv14fpGFjOX+W592a+vV/WLe/VFkps7e8fPRq3dnK716r+6N2tZylzuH6tPLq9cWiq6L9Dc6NXvJLuZ7Z1E1f9C5vLFK7mWVq6kqh30v71YFBfLlZH6drOxlwcAAAAAAAAAAAAAAAAAAAAAACdhoeib78+/KQfzexZ6CQ90C/rzcTr/7c732e3MByobvek8b9X3zwcq9s3XmcqZ0zttAAAAAAAAAAAAAAAAAAAA+EfZ3JrJaqu1dn1z68b6cLAztPL65x9+dk/Gc/4kmOoeY2irnn5OWe8ll/WRnPVaqqCeDJI/uNXvuLtSq+JG/ywObKNx+FardfbBb989aOu3wUo9xz3lG+sb93VaOl5VN1j645zMJuVh5dvvjFellkwd/8YdIVhO8ujmucf2Vj7tDn14+JG5579++/0fq1ZrncvQKpLcLf/SsRqpbsHg2ailE9RGn4QjvuBMtlbrX/70wicfJ0eqKodX3jg8+aP9KzO9xzhHen6m87ffnYOCc+8tr97a/uaH0a3pDK7P6FUd+iJhUAcAAAAAAAAAAAAAAAAAAEzE0O+KH8Pjz5xcRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAweYO//z8U7A6tzCQ5KGc8+HUn41uNteubhxz65V8mfK4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPx//R4AAP//Zg9ySQ==") r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r1, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000040)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRESHEX=r0, @ANYRES64=r1, @ANYRESHEX=0x0, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) 20:14:00 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nbd(&(0x7f0000000440), r4) sendmsg$IEEE802154_LLSEC_LIST_KEY(r1, &(0x7f0000000400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, r2, 0x218, 0x70bd2d, 0x25dfdbff, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4005}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9f521b915ece7492538c254b963d76632ee8a0052e6289a8ee0370212401197a01427b2e8585fc058126e3f1", @ANYRES16=r2, @ANYBLOB="4d7e0000000000f45a9d7e00002008002f000000000005003600000020000c00050000000000000000000500370000000000080002007ae033422715d417a5a26d6dd9eba5299643773c929b69b3dcf2eaa30ec5b0696a4a337e2b03f0660fd1bd7917d20b691de3a31b4802ce2407bb9e3582bf65715ceebe7f90975b", @ANYRES32=r5, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) r7 = syz_genetlink_get_family_id$nbd(&(0x7f00000004c0), r1) r8 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000500), 0xcc0c0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000580)={&(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x9, 0x80000, 0x0, 0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r4, &(0x7f0000000680)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x6c, r7, 0x400, 0x70bd2c, 0x25dfdbfb, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x100000000}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x2}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xff}, @NBD_ATTR_SOCKETS={0x1c, 0x7, 0x0, 0x1, [{0x8, 0x1, r8}, {0x8, 0x1, r9}, {0x8}]}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}]}, 0x6c}, 0x1, 0x0, 0x0, 0x5dc2c1ac3bcc6f89}, 0x10) r10 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r0) sendmsg$IEEE802154_LLSEC_ADD_KEY(r6, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x7c, r10, 0x8, 0x70bd29, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "008cce4e3dedb4ae463679c986e658263749449e6de9fcd81a145b5ba3c4f260"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x1}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4}, 0xc001) 20:14:00 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000600000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3053.430006][T29067] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 3053.437281][T29898] ? schedule+0xf1/0x1b0 [ 3053.437304][T29898] ___sys_sendmsg+0x135/0x1d0 [ 3053.444394][T29910] FAT-fs (loop4): Directory bread(block 72) failed [ 3053.450155][T29898] ? do_recvmmsg+0x740/0x740 [ 3053.450181][T29898] ? rcu_is_watching+0x12/0xb0 [ 3053.450207][T29898] ? rcu_is_watching+0x12/0xb0 [ 3053.455129][T29910] FAT-fs (loop4): Directory bread(block 73) failed [ 3053.459074][T29898] ? __fget_light+0xe6/0x260 [ 3053.459098][T29898] __sys_sendmsg+0x117/0x1e0 20:14:01 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nbd(&(0x7f0000000440), r4) (async) sendmsg$IEEE802154_LLSEC_LIST_KEY(r1, &(0x7f0000000400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, r2, 0x218, 0x70bd2d, 0x25dfdbff, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4005}, 0x0) (async) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9f521b915ece7492538c254b963d76632ee8a0052e6289a8ee0370212401197a01427b2e8585fc058126e3f1", @ANYRES16=r2, @ANYBLOB="4d7e0000000000f45a9d7e00002008002f000000000005003600000020000c00050000000000000000000500370000000000080002007ae033422715d417a5a26d6dd9eba5299643773c929b69b3dcf2eaa30ec5b0696a4a337e2b03f0660fd1bd7917d20b691de3a31b4802ce2407bb9e3582bf65715ceebe7f90975b", @ANYRES32=r5, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) (async) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) r7 = syz_genetlink_get_family_id$nbd(&(0x7f00000004c0), r1) (async) r8 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000500), 0xcc0c0, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000580)={&(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x9, 0x80000, 0x0, 0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r4, &(0x7f0000000680)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x6c, r7, 0x400, 0x70bd2c, 0x25dfdbfb, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x100000000}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x2}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xff}, @NBD_ATTR_SOCKETS={0x1c, 0x7, 0x0, 0x1, [{0x8, 0x1, r8}, {0x8, 0x1, r9}, {0x8}]}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}]}, 0x6c}, 0x1, 0x0, 0x0, 0x5dc2c1ac3bcc6f89}, 0x10) (async) r10 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r0) sendmsg$IEEE802154_LLSEC_ADD_KEY(r6, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x7c, r10, 0x8, 0x70bd29, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "008cce4e3dedb4ae463679c986e658263749449e6de9fcd81a145b5ba3c4f260"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x1}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4}, 0xc001) [ 3053.459126][T29898] ? __sys_sendmsg_sock+0x30/0x30 [ 3053.459150][T29898] ? xfd_validate_state+0x5d/0x180 [ 3053.539027][T29914] syz-executor.4: attempt to access beyond end of device [ 3053.539027][T29914] loop4: rw=524288, sector=1160, nr_sectors = 4 limit=256 [ 3053.543638][T29898] ? rcu_is_watching+0x12/0xb0 [ 3053.543664][T29898] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3053.548597][T29067] usb 3-1: device descriptor read/8, error -71 [ 3053.553312][T29898] do_syscall_64+0x38/0xb0 [ 3053.558942][T29914] syz-executor.4: attempt to access beyond end of device [ 3053.558942][T29914] loop4: rw=0, sector=1160, nr_sectors = 4 limit=256 [ 3053.563493][T29898] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3053.563529][T29898] RIP: 0033:0x7fc65907cae9 [ 3053.563545][T29898] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3053.569509][ T28] audit: type=1800 audit(1693858440.900:2748): pid=29914 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.4" name="file0" dev="loop4" ino=1049444 res=0 errno=0 [ 3053.572675][T29898] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3053.572696][T29898] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3053.572709][T29898] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3053.572721][T29898] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 20:14:01 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="140100002900010000008e260800000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3053.572732][T29898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3053.572742][T29898] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3053.572760][T29898] [ 3053.760564][T29925] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3053.767723][T29067] usb usb3-port1: unable to enumerate USB device [ 3053.843159][T29925] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' 20:14:01 executing program 0: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000200000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3053.852159][T29925] CPU: 1 PID: 29925 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3053.862226][T29925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3053.872276][T29925] Call Trace: [ 3053.875545][T29925] [ 3053.878470][T29925] dump_stack_lvl+0x125/0x1b0 [ 3053.883168][T29925] sysfs_warn_dup+0x7f/0xa0 [ 3053.887676][T29925] sysfs_do_create_link_sd+0x11e/0x140 [ 3053.893172][T29925] sysfs_create_link+0x61/0xc0 [ 3053.897942][T29925] device_add+0x669/0x1ac0 [ 3053.902376][T29925] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3053.909407][T29925] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3053.915299][T29925] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3053.921269][T29925] wiphy_register+0x2095/0x2ce0 [ 3053.926109][T29925] ? wiphy_unregister+0xb70/0xb70 [ 3053.931121][T29925] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3053.937177][T29925] ieee80211_register_hw+0x24d1/0x4250 [ 3053.942631][T29925] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3053.948170][T29925] ? rcu_is_watching+0x12/0xb0 [ 3053.952916][T29925] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3053.958884][T29925] ? __hrtimer_init+0x103/0x2c0 [ 3053.963811][T29925] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3053.969526][T29925] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3053.975234][T29925] ? rcu_is_watching+0x12/0xb0 [ 3053.979980][T29925] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3053.985861][T29925] hwsim_new_radio_nl+0xaf8/0x1240 [ 3053.990963][T29925] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3053.996848][T29925] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3054.004208][T29925] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3054.011574][T29925] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3054.017118][T29925] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3054.024483][T29925] ? ns_capable+0xd5/0x110 [ 3054.028891][T29925] genl_rcv_msg+0x55c/0x800 [ 3054.033387][T29925] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3054.039271][T29925] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3054.045155][T29925] netlink_rcv_skb+0x16b/0x440 [ 3054.049908][T29925] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3054.055818][T29925] ? netlink_ack+0x1370/0x1370 [ 3054.060594][T29925] ? rcu_is_watching+0x12/0xb0 [ 3054.065349][T29925] ? down_write+0x200/0x200 [ 3054.069847][T29925] ? netlink_deliver_tap+0x1b1/0xd10 [ 3054.075125][T29925] genl_rcv+0x28/0x40 [ 3054.079119][T29925] netlink_unicast+0x536/0x810 [ 3054.083884][T29925] ? netlink_attachskb+0x870/0x870 [ 3054.088999][T29925] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3054.094891][T29925] ? __phys_addr_symbol+0x30/0x70 [ 3054.099902][T29925] ? __check_object_size+0x323/0x730 [ 3054.105176][T29925] netlink_sendmsg+0x93c/0xe40 [ 3054.109934][T29925] ? netlink_unicast+0x810/0x810 [ 3054.114866][T29925] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3054.120144][T29925] ? netlink_unicast+0x810/0x810 [ 3054.125075][T29925] sock_sendmsg+0xd9/0x180 [ 3054.129480][T29925] ____sys_sendmsg+0x6ac/0x940 [ 3054.134234][T29925] ? copy_msghdr_from_user+0x10b/0x160 [ 3054.139681][T29925] ? kernel_sendmsg+0x50/0x50 [ 3054.144345][T29925] ? plist_check_list+0x1ae/0x280 [ 3054.149363][T29925] ? schedule+0xf1/0x1b0 [ 3054.153588][T29925] ___sys_sendmsg+0x135/0x1d0 [ 3054.158254][T29925] ? do_recvmmsg+0x740/0x740 [ 3054.162833][T29925] ? rcu_is_watching+0x12/0xb0 [ 3054.167776][T29925] ? rcu_is_watching+0x12/0xb0 [ 3054.172536][T29925] ? __fget_light+0xe6/0x260 [ 3054.177115][T29925] __sys_sendmsg+0x117/0x1e0 [ 3054.181700][T29925] ? __sys_sendmsg_sock+0x30/0x30 [ 3054.186718][T29925] ? xfd_validate_state+0x5d/0x180 [ 3054.191836][T29925] ? rcu_is_watching+0x12/0xb0 [ 3054.196584][T29925] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3054.202551][T29925] do_syscall_64+0x38/0xb0 [ 3054.206960][T29925] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3054.212853][T29925] RIP: 0033:0x7fc65907cae9 [ 3054.217268][T29925] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3054.236856][T29925] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3054.245275][T29925] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3054.253229][T29925] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3054.261201][T29925] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3054.269157][T29925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3054.277126][T29925] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3054.285087][T29925] [ 3054.321588][T29933] syz-executor.4[29933]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3054.349297][T29929] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3054.351735][T29933] loop4: detected capacity change from 0 to 256 [ 3054.378756][T29929] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3054.380141][T29933] FAT-fs (loop4): Directory bread(block 64) failed [ 3054.389409][T29929] CPU: 0 PID: 29929 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3054.398026][T29933] FAT-fs (loop4): Directory bread(block 65) failed [ 3054.403193][T29929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3054.403205][T29929] Call Trace: [ 3054.403212][T29929] [ 3054.403219][T29929] dump_stack_lvl+0x125/0x1b0 [ 3054.409950][T29933] FAT-fs (loop4): Directory bread(block 66) failed [ 3054.419738][T29929] sysfs_warn_dup+0x7f/0xa0 [ 3054.419771][T29929] sysfs_do_create_link_sd+0x11e/0x140 [ 3054.419801][T29929] sysfs_create_link+0x61/0xc0 [ 3054.419829][T29929] device_add+0x669/0x1ac0 [ 3054.419866][T29929] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3054.419901][T29929] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3054.419941][T29929] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3054.419972][T29929] wiphy_register+0x2095/0x2ce0 [ 3054.420002][T29929] ? wiphy_unregister+0xb70/0xb70 [ 3054.420026][T29929] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3054.420051][T29929] ieee80211_register_hw+0x24d1/0x4250 [ 3054.426624][T29933] FAT-fs (loop4): Directory bread(block 67) failed [ 3054.430880][T29929] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3054.430913][T29929] ? rcu_is_watching+0x12/0xb0 [ 3054.430932][T29929] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3054.430954][T29929] ? __hrtimer_init+0x103/0x2c0 [ 3054.524116][T29929] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3054.529844][T29929] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3054.535664][T29929] ? rcu_is_watching+0x12/0xb0 [ 3054.540434][T29929] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3054.546323][T29929] hwsim_new_radio_nl+0xaf8/0x1240 [ 3054.551450][T29929] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3054.557342][T29929] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3054.564737][T29929] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3054.572110][T29929] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3054.577751][T29929] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3054.585127][T29929] ? ns_capable+0xd5/0x110 [ 3054.589542][T29929] genl_rcv_msg+0x55c/0x800 [ 3054.594049][T29929] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3054.599944][T29929] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3054.605836][T29929] netlink_rcv_skb+0x16b/0x440 [ 3054.610600][T29929] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3054.616492][T29929] ? netlink_ack+0x1370/0x1370 [ 3054.621247][T29929] ? rcu_is_watching+0x12/0xb0 [ 3054.626000][T29929] ? down_write+0x200/0x200 [ 3054.630493][T29929] ? netlink_deliver_tap+0x1b1/0xd10 [ 3054.635799][T29929] genl_rcv+0x28/0x40 [ 3054.639777][T29929] netlink_unicast+0x536/0x810 [ 3054.644556][T29929] ? netlink_attachskb+0x870/0x870 [ 3054.649661][T29929] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3054.655549][T29929] ? __phys_addr_symbol+0x30/0x70 [ 3054.660567][T29929] ? __check_object_size+0x323/0x730 [ 3054.665845][T29929] netlink_sendmsg+0x93c/0xe40 [ 3054.670612][T29929] ? netlink_unicast+0x810/0x810 [ 3054.675596][T29929] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3054.680880][T29929] ? netlink_unicast+0x810/0x810 [ 3054.685812][T29929] sock_sendmsg+0xd9/0x180 [ 3054.690225][T29929] ____sys_sendmsg+0x6ac/0x940 [ 3054.695003][T29929] ? copy_msghdr_from_user+0x10b/0x160 [ 3054.700549][T29929] ? kernel_sendmsg+0x50/0x50 [ 3054.705215][T29929] ? plist_check_list+0x1ae/0x280 [ 3054.710232][T29929] ? schedule+0xf1/0x1b0 [ 3054.714463][T29929] ___sys_sendmsg+0x135/0x1d0 [ 3054.719141][T29929] ? do_recvmmsg+0x740/0x740 [ 3054.723725][T29929] ? rcu_is_watching+0x12/0xb0 [ 3054.728481][T29929] ? rcu_is_watching+0x12/0xb0 [ 3054.733237][T29929] ? __fget_light+0xe6/0x260 [ 3054.737814][T29929] __sys_sendmsg+0x117/0x1e0 [ 3054.742402][T29929] ? __sys_sendmsg_sock+0x30/0x30 [ 3054.747440][T29929] ? xfd_validate_state+0x5d/0x180 [ 3054.752546][T29929] ? rcu_is_watching+0x12/0xb0 [ 3054.757294][T29929] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3054.763284][T29929] do_syscall_64+0x38/0xb0 [ 3054.767705][T29929] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3054.773594][T29929] RIP: 0033:0x7fc66767cae9 [ 3054.777991][T29929] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3054.797608][T29929] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3054.806023][T29929] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3054.813985][T29929] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3054.821939][T29929] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 [ 3054.829987][T29929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3054.837945][T29929] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3054.845908][T29929] [ 3054.857615][T29933] FAT-fs (loop4): Directory bread(block 68) failed [ 3054.864175][T29933] FAT-fs (loop4): Directory bread(block 69) failed [ 3054.871285][T29933] FAT-fs (loop4): Directory bread(block 70) failed [ 3054.878109][T29933] FAT-fs (loop4): Directory bread(block 71) failed [ 3054.886641][T29933] FAT-fs (loop4): Directory bread(block 72) failed [ 3054.893296][T29933] FAT-fs (loop4): Directory bread(block 73) failed [ 3054.907776][T29932] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3054.937287][T29932] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3054.946162][T29932] CPU: 0 PID: 29932 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3054.956233][T29932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3054.966290][T29932] Call Trace: [ 3054.969649][T29932] [ 3054.972571][T29932] dump_stack_lvl+0x125/0x1b0 [ 3054.977257][T29932] sysfs_warn_dup+0x7f/0xa0 [ 3054.981788][T29932] sysfs_do_create_link_sd+0x11e/0x140 [ 3054.987241][T29932] sysfs_create_link+0x61/0xc0 [ 3054.992005][T29932] device_add+0x669/0x1ac0 [ 3054.996437][T29932] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3055.003272][T29932] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3055.009151][T29932] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3055.015113][T29932] wiphy_register+0x2095/0x2ce0 [ 3055.019951][T29932] ? wiphy_unregister+0xb70/0xb70 [ 3055.025003][T29932] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3055.031064][T29932] ieee80211_register_hw+0x24d1/0x4250 [ 3055.036548][T29932] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3055.042082][T29932] ? rcu_is_watching+0x12/0xb0 [ 3055.046836][T29932] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3055.052819][T29932] ? __hrtimer_init+0x103/0x2c0 [ 3055.058349][T29932] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3055.064055][T29932] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3055.069931][T29932] ? rcu_is_watching+0x12/0xb0 [ 3055.074697][T29932] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3055.080578][T29932] hwsim_new_radio_nl+0xaf8/0x1240 [ 3055.085676][T29932] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3055.091568][T29932] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3055.099012][T29932] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3055.106402][T29932] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3055.111939][T29932] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3055.119298][T29932] ? ns_capable+0xd5/0x110 [ 3055.123701][T29932] genl_rcv_msg+0x55c/0x800 [ 3055.128211][T29932] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3055.134141][T29932] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3055.140039][T29932] netlink_rcv_skb+0x16b/0x440 [ 3055.144791][T29932] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3055.150847][T29932] ? netlink_ack+0x1370/0x1370 [ 3055.155595][T29932] ? rcu_is_watching+0x12/0xb0 [ 3055.160428][T29932] ? down_write+0x200/0x200 [ 3055.164915][T29932] ? netlink_deliver_tap+0x1b1/0xd10 [ 3055.170185][T29932] genl_rcv+0x28/0x40 [ 3055.174151][T29932] netlink_unicast+0x536/0x810 [ 3055.178901][T29932] ? netlink_attachskb+0x870/0x870 [ 3055.184022][T29932] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3055.189902][T29932] ? __phys_addr_symbol+0x30/0x70 [ 3055.194915][T29932] ? __check_object_size+0x323/0x730 [ 3055.200191][T29932] netlink_sendmsg+0x93c/0xe40 [ 3055.204996][T29932] ? netlink_unicast+0x810/0x810 [ 3055.209920][T29932] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3055.215189][T29932] ? netlink_unicast+0x810/0x810 [ 3055.220132][T29932] sock_sendmsg+0xd9/0x180 [ 3055.224535][T29932] ____sys_sendmsg+0x6ac/0x940 [ 3055.229282][T29932] ? copy_msghdr_from_user+0x10b/0x160 [ 3055.234724][T29932] ? kernel_sendmsg+0x50/0x50 [ 3055.239382][T29932] ? plist_check_list+0x1ae/0x280 [ 3055.244392][T29932] ? schedule+0xf1/0x1b0 [ 3055.248702][T29932] ___sys_sendmsg+0x135/0x1d0 [ 3055.253369][T29932] ? do_recvmmsg+0x740/0x740 [ 3055.257938][T29932] ? rcu_is_watching+0x12/0xb0 [ 3055.262686][T29932] ? rcu_is_watching+0x12/0xb0 [ 3055.267443][T29932] ? __fget_light+0xe6/0x260 [ 3055.272038][T29932] __sys_sendmsg+0x117/0x1e0 [ 3055.276617][T29932] ? __sys_sendmsg_sock+0x30/0x30 [ 3055.281658][T29932] ? xfd_validate_state+0x5d/0x180 [ 3055.286789][T29932] ? rcu_is_watching+0x12/0xb0 [ 3055.291557][T29932] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3055.297531][T29932] do_syscall_64+0x38/0xb0 [ 3055.301961][T29932] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3055.307840][T29932] RIP: 0033:0x7f1773a7cae9 [ 3055.312252][T29932] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3055.331941][T29932] RSP: 002b:00007f177476b0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3055.340355][T29932] RAX: ffffffffffffffda RBX: 00007f1773b9bf80 RCX: 00007f1773a7cae9 [ 3055.348304][T29932] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3055.356254][T29932] RBP: 00007f1773ac847a R08: 0000000000000000 R09: 0000000000000000 [ 3055.364204][T29932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3055.372153][T29932] R13: 000000000000000b R14: 00007f1773b9bf80 R15: 00007ffc226675b8 [ 3055.380117][T29932] 20:14:03 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000000)=ANY=[], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 20:14:03 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000700000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:03 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nbd(&(0x7f0000000440), r4) (async) sendmsg$IEEE802154_LLSEC_LIST_KEY(r1, &(0x7f0000000400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, r2, 0x218, 0x70bd2d, 0x25dfdbff, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4005}, 0x0) (async) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9f521b915ece7492538c254b963d76632ee8a0052e6289a8ee0370212401197a01427b2e8585fc058126e3f1", @ANYRES16=r2, @ANYBLOB="4d7e0000000000f45a9d7e00002008002f000000000005003600000020000c00050000000000000000000500370000000000080002007ae033422715d417a5a26d6dd9eba5299643773c929b69b3dcf2eaa30ec5b0696a4a337e2b03f0660fd1bd7917d20b691de3a31b4802ce2407bb9e3582bf65715ceebe7f90975b", @ANYRES32=r5, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) (async) r7 = syz_genetlink_get_family_id$nbd(&(0x7f00000004c0), r1) (async) r8 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000500), 0xcc0c0, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000580)={&(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x9, 0x80000, 0x0, 0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r4, &(0x7f0000000680)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x6c, r7, 0x400, 0x70bd2c, 0x25dfdbfb, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x100000000}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x2}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xff}, @NBD_ATTR_SOCKETS={0x1c, 0x7, 0x0, 0x1, [{0x8, 0x1, r8}, {0x8, 0x1, r9}, {0x8}]}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}]}, 0x6c}, 0x1, 0x0, 0x0, 0x5dc2c1ac3bcc6f89}, 0x10) r10 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r0) sendmsg$IEEE802154_LLSEC_ADD_KEY(r6, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x7c, r10, 0x8, 0x70bd29, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "008cce4e3dedb4ae463679c986e658263749449e6de9fcd81a145b5ba3c4f260"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x1}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4}, 0xc001) 20:14:03 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="140100002900010000008e260800000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:03 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000280)={[{@shortname_mixed}, {@shortname_lower}, {@utf8no}, {@uni_xlateno}, {@uni_xlateno}, {@shortname_win95}, {@numtail}, {@utf8}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {@numtail}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'iso8859-4'}}]}, 0x1, 0x30d, &(0x7f0000000940)="$eJzs3TtoZGUUB/D/7CSZKKxJIWzp1U6QsIlYaJVlWWExhQ8GH2AR3KxIJi5scCBbJJtK7G0ErewsFATZWqxsLWxVEB/YuFYLLl65mXcm0UTMxMfvVyxnv++cuec+yEwgOUmSK9O5evv2d5mdrWVq+eJy7tQynzOpp+NmAID/kjtlmZ/LjtPuBQCYjL33/1fPnnYbAMAEHfH7/6cPXL12Ym0BACdo7P3/oZHtmdHsqf7PBAAA/17PvfjSUxdWkmeLYjbZeLPdbDfzxGD/wtW8llbWcj5zuZt0Pih0Pi1U/z55eeXS+aLy/XyaVUW7mWzstJv14fpGFjOX+W592a+vV/WLe/VFkps7e8fPRq3dnK716r+6N2tZylzuH6tPLq9cWiq6L9Dc6NXvJLuZ7Z1E1f9C5vLFK7mWVq6kqh30v71YFBfLlZH6drOxlwcAAAAAAAAAAAAAAAAAAAAAACdhoeib78+/KQfzexZ6CQ90C/rzcTr/7c732e3MByobvek8b9X3zwcq9s3XmcqZ0zttAAAAAAAAAAAAAAAAAAAA+EfZ3JrJaqu1dn1z68b6cLAztPL65x9+dk/Gc/4kmOoeY2irnn5OWe8ll/WRnPVaqqCeDJI/uNXvuLtSq+JG/ywObKNx+FardfbBb989aOu3wUo9xz3lG+sb93VaOl5VN1j645zMJuVh5dvvjFellkwd/8YdIVhO8ujmucf2Vj7tDn14+JG5579++/0fq1ZrncvQKpLcLf/SsRqpbsHg2ailE9RGn4QjvuBMtlbrX/70wicfJ0eqKodX3jg8+aP9KzO9xzhHen6m87ffnYOCc+8tr97a/uaH0a3pDK7P6FUd+iJhUAcAAAAAAAAAAAAAAAAAAEzE0O+KH8Pjz5xcRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAweYO//z8U7A6tzCQ5KGc8+HUn41uNteubhxz65V8mfK4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPx//R4AAP//Zg9ySQ==") (async) r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r1, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) (async) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000040)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRESHEX=r0, @ANYRES64=r1, @ANYRESHEX=0x0, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) 20:14:03 executing program 0: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000200000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:03 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) r5 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r5, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="40000000648caeb8cdb5980000004a566c8adf744980a1353dfa86690464d09cd479d213061df872d1cbc5a84d196b16bdec64483254e72eab740080a610db34321bd60b2e985c2d670855972dcf02c1d800005b78db0e7cc763cfd092d1c2fd60e8c9ee4abb803260fe40", @ANYRES16=r2, @ANYBLOB="4d7e00000000000000002a00007f5ef711c1023d3b49e10008002f00000000510e577346110568e4ac0005003600000001000c000500", @ANYRESDEC=r4, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) sendmsg$NL802154_CMD_GET_WPAN_PHY(r3, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="000000dcc60fcd5e3900", @ANYRES16=0x0, @ANYBLOB="000227bd7000fddbdf25010000000c000600030000000000000008000300", @ANYRES32=r4, @ANYBLOB="08000300", @ANYRES32=r4, @ANYBLOB="080001001203205e0800010002000000"], 0x40}, 0x1, 0x0, 0x0, 0x40}, 0x10) [ 3056.171929][T29943] syz-executor.4[29943]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3056.185476][T29946] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3056.204516][T29943] loop4: detected capacity change from 0 to 256 [ 3056.217342][T29946] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3056.219225][T29943] FAT-fs (loop4): Unrecognized mount option "shortnam$" or missing value [ 3056.236614][T29946] CPU: 1 PID: 29946 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3056.246683][T29946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3056.256716][T29946] Call Trace: [ 3056.259977][T29946] [ 3056.262892][T29946] dump_stack_lvl+0x125/0x1b0 [ 3056.267577][T29946] sysfs_warn_dup+0x7f/0xa0 [ 3056.272091][T29946] sysfs_do_create_link_sd+0x11e/0x140 [ 3056.277602][T29946] sysfs_create_link+0x61/0xc0 [ 3056.282366][T29946] device_add+0x669/0x1ac0 [ 3056.286778][T29946] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3056.293641][T29946] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3056.299554][T29946] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3056.305529][T29946] wiphy_register+0x2095/0x2ce0 [ 3056.310389][T29946] ? wiphy_unregister+0xb70/0xb70 [ 3056.315402][T29946] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3056.321457][T29946] ieee80211_register_hw+0x24d1/0x4250 [ 3056.326914][T29946] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3056.332448][T29946] ? rcu_is_watching+0x12/0xb0 [ 3056.337215][T29946] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3056.343199][T29946] ? __hrtimer_init+0x103/0x2c0 [ 3056.348044][T29946] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3056.353756][T29946] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3056.359466][T29946] ? rcu_is_watching+0x12/0xb0 [ 3056.364215][T29946] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3056.370095][T29946] hwsim_new_radio_nl+0xaf8/0x1240 [ 3056.375193][T29946] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3056.381074][T29946] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3056.388438][T29946] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3056.395800][T29946] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3056.401351][T29946] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3056.408720][T29946] ? ns_capable+0xd5/0x110 [ 3056.413125][T29946] genl_rcv_msg+0x55c/0x800 [ 3056.417655][T29946] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3056.423647][T29946] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3056.429532][T29946] netlink_rcv_skb+0x16b/0x440 [ 3056.434288][T29946] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3056.440173][T29946] ? netlink_ack+0x1370/0x1370 [ 3056.444932][T29946] ? rcu_is_watching+0x12/0xb0 [ 3056.449685][T29946] ? down_write+0x200/0x200 [ 3056.454174][T29946] ? netlink_deliver_tap+0x1b1/0xd10 [ 3056.459449][T29946] genl_rcv+0x28/0x40 [ 3056.463419][T29946] netlink_unicast+0x536/0x810 [ 3056.468173][T29946] ? netlink_attachskb+0x870/0x870 [ 3056.473282][T29946] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3056.479170][T29946] ? __phys_addr_symbol+0x30/0x70 [ 3056.484183][T29946] ? __check_object_size+0x323/0x730 [ 3056.489457][T29946] netlink_sendmsg+0x93c/0xe40 [ 3056.494302][T29946] ? netlink_unicast+0x810/0x810 [ 3056.499230][T29946] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3056.504505][T29946] ? netlink_unicast+0x810/0x810 [ 3056.509437][T29946] sock_sendmsg+0xd9/0x180 [ 3056.513852][T29946] ____sys_sendmsg+0x6ac/0x940 [ 3056.518602][T29946] ? copy_msghdr_from_user+0x10b/0x160 [ 3056.524047][T29946] ? kernel_sendmsg+0x50/0x50 [ 3056.528708][T29946] ? plist_check_list+0x1ae/0x280 [ 3056.533725][T29946] ? schedule+0xf1/0x1b0 [ 3056.537952][T29946] ___sys_sendmsg+0x135/0x1d0 [ 3056.542623][T29946] ? do_recvmmsg+0x740/0x740 [ 3056.547206][T29946] ? rcu_is_watching+0x12/0xb0 [ 3056.551959][T29946] ? rcu_is_watching+0x12/0xb0 [ 3056.556710][T29946] ? __fget_light+0xe6/0x260 [ 3056.561291][T29946] __sys_sendmsg+0x117/0x1e0 [ 3056.565871][T29946] ? __sys_sendmsg_sock+0x30/0x30 [ 3056.570885][T29946] ? xfd_validate_state+0x5d/0x180 [ 3056.575999][T29946] ? rcu_is_watching+0x12/0xb0 [ 3056.580837][T29946] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3056.586804][T29946] do_syscall_64+0x38/0xb0 [ 3056.591213][T29946] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3056.597095][T29946] RIP: 0033:0x7f1773a7cae9 [ 3056.601490][T29946] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3056.621168][T29946] RSP: 002b:00007f177476b0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3056.629569][T29946] RAX: ffffffffffffffda RBX: 00007f1773b9bf80 RCX: 00007f1773a7cae9 [ 3056.637528][T29946] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3056.645484][T29946] RBP: 00007f1773ac847a R08: 0000000000000000 R09: 0000000000000000 [ 3056.653525][T29946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3056.661482][T29946] R13: 000000000000000b R14: 00007f1773b9bf80 R15: 00007ffc226675b8 [ 3056.669459][T29946] [ 3056.677447][T29950] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3056.689357][T29950] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3056.700104][T29950] CPU: 1 PID: 29950 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3056.710189][T29950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3056.720324][T29950] Call Trace: [ 3056.723606][T29950] 20:14:04 executing program 0: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000001ff0000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3056.726538][T29950] dump_stack_lvl+0x125/0x1b0 [ 3056.731230][T29950] sysfs_warn_dup+0x7f/0xa0 [ 3056.735743][T29950] sysfs_do_create_link_sd+0x11e/0x140 [ 3056.741218][T29950] sysfs_create_link+0x61/0xc0 [ 3056.745985][T29950] device_add+0x669/0x1ac0 [ 3056.750425][T29950] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3056.757286][T29950] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3056.763191][T29950] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3056.769179][T29950] wiphy_register+0x2095/0x2ce0 [ 3056.774044][T29950] ? wiphy_unregister+0xb70/0xb70 [ 3056.779080][T29950] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3056.785151][T29950] ieee80211_register_hw+0x24d1/0x4250 [ 3056.790640][T29950] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3056.796171][T29950] ? rcu_is_watching+0x12/0xb0 [ 3056.800918][T29950] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3056.806894][T29950] ? __hrtimer_init+0x103/0x2c0 [ 3056.811738][T29950] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3056.817454][T29950] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3056.823177][T29950] ? rcu_is_watching+0x12/0xb0 [ 3056.827924][T29950] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3056.833802][T29950] hwsim_new_radio_nl+0xaf8/0x1240 [ 3056.838902][T29950] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3056.844784][T29950] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3056.852148][T29950] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3056.859539][T29950] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3056.865077][T29950] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3056.872446][T29950] ? ns_capable+0xd5/0x110 [ 3056.876852][T29950] genl_rcv_msg+0x55c/0x800 [ 3056.881349][T29950] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3056.887256][T29950] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3056.893137][T29950] netlink_rcv_skb+0x16b/0x440 [ 3056.897907][T29950] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3056.903791][T29950] ? netlink_ack+0x1370/0x1370 [ 3056.908545][T29950] ? rcu_is_watching+0x12/0xb0 [ 3056.913300][T29950] ? down_write+0x200/0x200 [ 3056.917787][T29950] ? netlink_deliver_tap+0x1b1/0xd10 [ 3056.923065][T29950] genl_rcv+0x28/0x40 [ 3056.927035][T29950] netlink_unicast+0x536/0x810 [ 3056.931790][T29950] ? netlink_attachskb+0x870/0x870 [ 3056.936977][T29950] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3056.942859][T29950] ? __phys_addr_symbol+0x30/0x70 [ 3056.947867][T29950] ? __check_object_size+0x323/0x730 [ 3056.953164][T29950] netlink_sendmsg+0x93c/0xe40 [ 3056.957919][T29950] ? netlink_unicast+0x810/0x810 [ 3056.962866][T29950] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3056.968144][T29950] ? netlink_unicast+0x810/0x810 [ 3056.973174][T29950] sock_sendmsg+0xd9/0x180 [ 3056.977599][T29950] ____sys_sendmsg+0x6ac/0x940 [ 3056.982351][T29950] ? copy_msghdr_from_user+0x10b/0x160 [ 3056.987800][T29950] ? kernel_sendmsg+0x50/0x50 [ 3056.992463][T29950] ? plist_check_list+0x1ae/0x280 [ 3056.997476][T29950] ? schedule+0xf1/0x1b0 [ 3057.001701][T29950] ___sys_sendmsg+0x135/0x1d0 [ 3057.006371][T29950] ? do_recvmmsg+0x740/0x740 [ 3057.010948][T29950] ? rcu_is_watching+0x12/0xb0 [ 3057.015708][T29950] ? rcu_is_watching+0x12/0xb0 [ 3057.020458][T29950] ? __fget_light+0xe6/0x260 [ 3057.025035][T29950] __sys_sendmsg+0x117/0x1e0 [ 3057.029618][T29950] ? __sys_sendmsg_sock+0x30/0x30 [ 3057.034647][T29950] ? xfd_validate_state+0x5d/0x180 [ 3057.039752][T29950] ? rcu_is_watching+0x12/0xb0 [ 3057.044497][T29950] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3057.050471][T29950] do_syscall_64+0x38/0xb0 [ 3057.054898][T29950] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3057.061759][T29950] RIP: 0033:0x7fc66767cae9 [ 3057.066160][T29950] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3057.085755][T29950] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3057.094155][T29950] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3057.102110][T29950] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3057.110064][T29950] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 [ 3057.118020][T29950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 20:14:04 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000280)={[{@shortname_mixed}, {@shortname_lower}, {@utf8no}, {@uni_xlateno}, {@uni_xlateno}, {@shortname_win95}, {@numtail}, {@utf8}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {@numtail}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'iso8859-4'}}]}, 0x1, 0x30d, &(0x7f0000000940)="$eJzs3TtoZGUUB/D/7CSZKKxJIWzp1U6QsIlYaJVlWWExhQ8GH2AR3KxIJi5scCBbJJtK7G0ErewsFATZWqxsLWxVEB/YuFYLLl65mXcm0UTMxMfvVyxnv++cuec+yEwgOUmSK9O5evv2d5mdrWVq+eJy7tQynzOpp+NmAID/kjtlmZ/LjtPuBQCYjL33/1fPnnYbAMAEHfH7/6cPXL12Ym0BACdo7P3/oZHtmdHsqf7PBAAA/17PvfjSUxdWkmeLYjbZeLPdbDfzxGD/wtW8llbWcj5zuZt0Pih0Pi1U/z55eeXS+aLy/XyaVUW7mWzstJv14fpGFjOX+W592a+vV/WLe/VFkps7e8fPRq3dnK716r+6N2tZylzuH6tPLq9cWiq6L9Dc6NXvJLuZ7Z1E1f9C5vLFK7mWVq6kqh30v71YFBfLlZH6drOxlwcAAAAAAAAAAAAAAAAAAAAAACdhoeib78+/KQfzexZ6CQ90C/rzcTr/7c732e3MByobvek8b9X3zwcq9s3XmcqZ0zttAAAAAAAAAAAAAAAAAAAA+EfZ3JrJaqu1dn1z68b6cLAztPL65x9+dk/Gc/4kmOoeY2irnn5OWe8ll/WRnPVaqqCeDJI/uNXvuLtSq+JG/ywObKNx+FardfbBb989aOu3wUo9xz3lG+sb93VaOl5VN1j645zMJuVh5dvvjFellkwd/8YdIVhO8ujmucf2Vj7tDn14+JG5579++/0fq1ZrncvQKpLcLf/SsRqpbsHg2ailE9RGn4QjvuBMtlbrX/70wicfJ0eqKodX3jg8+aP9KzO9xzhHen6m87ffnYOCc+8tr97a/uaH0a3pDK7P6FUd+iJhUAcAAAAAAAAAAAAAAAAAAEzE0O+KH8Pjz5xcRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAweYO//z8U7A6tzCQ5KGc8+HUn41uNteubhxz65V8mfK4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPx//R4AAP//Zg9ySQ==") (async) r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r1, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000040)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRESHEX=r0, @ANYRES64=r1, @ANYRESHEX=0x0, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) [ 3057.125973][T29950] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3057.133930][T29950] [ 3057.153226][T29941] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3057.188749][T29941] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3057.198982][T29958] syz-executor.4[29958]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3057.201434][T29941] CPU: 0 PID: 29941 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3057.211260][T29958] loop4: detected capacity change from 0 to 256 [ 3057.218634][T29941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3057.218646][T29941] Call Trace: [ 3057.218653][T29941] [ 3057.218660][T29941] dump_stack_lvl+0x125/0x1b0 [ 3057.245774][T29941] sysfs_warn_dup+0x7f/0xa0 [ 3057.250271][T29941] sysfs_do_create_link_sd+0x11e/0x140 [ 3057.255721][T29941] sysfs_create_link+0x61/0xc0 [ 3057.260475][T29941] device_add+0x669/0x1ac0 [ 3057.264887][T29941] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3057.271727][T29941] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3057.277622][T29941] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3057.283594][T29941] wiphy_register+0x2095/0x2ce0 [ 3057.288437][T29941] ? wiphy_unregister+0xb70/0xb70 [ 3057.293449][T29941] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3057.299503][T29941] ieee80211_register_hw+0x24d1/0x4250 [ 3057.304971][T29941] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3057.310506][T29941] ? rcu_is_watching+0x12/0xb0 [ 3057.315256][T29941] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3057.321224][T29941] ? __hrtimer_init+0x103/0x2c0 [ 3057.326064][T29941] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3057.331864][T29941] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3057.337572][T29941] ? rcu_is_watching+0x12/0xb0 [ 3057.342332][T29941] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3057.348211][T29941] hwsim_new_radio_nl+0xaf8/0x1240 [ 3057.353309][T29941] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3057.359192][T29941] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3057.366563][T29941] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3057.373927][T29941] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3057.379572][T29941] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3057.386959][T29941] ? ns_capable+0xd5/0x110 [ 3057.391377][T29941] genl_rcv_msg+0x55c/0x800 [ 3057.395877][T29941] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3057.401762][T29941] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3057.407820][T29941] netlink_rcv_skb+0x16b/0x440 [ 3057.412578][T29941] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3057.418464][T29941] ? netlink_ack+0x1370/0x1370 [ 3057.423218][T29941] ? rcu_is_watching+0x12/0xb0 [ 3057.427972][T29941] ? down_write+0x200/0x200 [ 3057.432461][T29941] ? netlink_deliver_tap+0x1b1/0xd10 [ 3057.437739][T29941] genl_rcv+0x28/0x40 [ 3057.441712][T29941] netlink_unicast+0x536/0x810 [ 3057.446490][T29941] ? netlink_attachskb+0x870/0x870 [ 3057.451590][T29941] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3057.457481][T29941] ? __phys_addr_symbol+0x30/0x70 [ 3057.462495][T29941] ? __check_object_size+0x323/0x730 [ 3057.467775][T29941] netlink_sendmsg+0x93c/0xe40 [ 3057.472533][T29941] ? netlink_unicast+0x810/0x810 [ 3057.477466][T29941] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3057.482744][T29941] ? netlink_unicast+0x810/0x810 [ 3057.487670][T29941] sock_sendmsg+0xd9/0x180 [ 3057.492072][T29941] ____sys_sendmsg+0x6ac/0x940 [ 3057.496824][T29941] ? copy_msghdr_from_user+0x10b/0x160 [ 3057.502276][T29941] ? kernel_sendmsg+0x50/0x50 [ 3057.506940][T29941] ? plist_check_list+0x1ae/0x280 [ 3057.511956][T29941] ? schedule+0xf1/0x1b0 [ 3057.516182][T29941] ___sys_sendmsg+0x135/0x1d0 [ 3057.520846][T29941] ? do_recvmmsg+0x740/0x740 [ 3057.525421][T29941] ? rcu_is_watching+0x12/0xb0 [ 3057.530175][T29941] ? rcu_is_watching+0x12/0xb0 [ 3057.534927][T29941] ? __fget_light+0xe6/0x260 [ 3057.539504][T29941] __sys_sendmsg+0x117/0x1e0 [ 3057.544086][T29941] ? __sys_sendmsg_sock+0x30/0x30 [ 3057.549101][T29941] ? xfd_validate_state+0x5d/0x180 [ 3057.554210][T29941] ? rcu_is_watching+0x12/0xb0 [ 3057.558958][T29941] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3057.564931][T29941] do_syscall_64+0x38/0xb0 [ 3057.569340][T29941] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3057.575228][T29941] RIP: 0033:0x7fc65907cae9 [ 3057.579626][T29941] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3057.599322][T29941] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3057.607719][T29941] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3057.615676][T29941] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3057.623631][T29941] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3057.631609][T29941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 20:14:05 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) (async) r5 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r5, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="40000000648caeb8cdb5980000004a566c8adf744980a1353dfa86690464d09cd479d213061df872d1cbc5a84d196b16bdec64483254e72eab740080a610db34321bd60b2e985c2d670855972dcf02c1d800005b78db0e7cc763cfd092d1c2fd60e8c9ee4abb803260fe40", @ANYRES16=r2, @ANYBLOB="4d7e00000000000000002a00007f5ef711c1023d3b49e10008002f00000000510e577346110568e4ac0005003600000001000c000500", @ANYRESDEC=r4, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) (async) sendmsg$NL802154_CMD_GET_WPAN_PHY(r3, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="000000dcc60fcd5e3900", @ANYRES16=0x0, @ANYBLOB="000227bd7000fddbdf25010000000c000600030000000000000008000300", @ANYRES32=r4, @ANYBLOB="08000300", @ANYRES32=r4, @ANYBLOB="080001001203205e0800010002000000"], 0x40}, 0x1, 0x0, 0x0, 0x40}, 0x10) 20:14:05 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="140100002900010000008e260800000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3057.639568][T29941] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3057.647529][T29941] [ 3057.665503][ T5178] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 3057.671570][T29956] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'. 20:14:05 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000800000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3057.708935][T29958] FAT-fs (loop4): Directory bread(block 64) failed [ 3057.731228][T29956] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3057.732226][T29958] FAT-fs (loop4): Directory bread(block 65) failed [ 3057.749613][T29956] CPU: 0 PID: 29956 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3057.755360][T29958] FAT-fs (loop4): Directory bread(block 66) failed [ 3057.759761][T29956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3057.759774][T29956] Call Trace: [ 3057.759781][T29956] [ 3057.759788][T29956] dump_stack_lvl+0x125/0x1b0 [ 3057.759819][T29956] sysfs_warn_dup+0x7f/0xa0 [ 3057.759842][T29956] sysfs_do_create_link_sd+0x11e/0x140 [ 3057.759865][T29956] sysfs_create_link+0x61/0xc0 [ 3057.759887][T29956] device_add+0x669/0x1ac0 [ 3057.759914][T29956] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3057.759941][T29956] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3057.767652][T29958] FAT-fs (loop4): Directory bread(block 67) failed [ 3057.776446][T29956] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3057.776476][T29956] wiphy_register+0x2095/0x2ce0 [ 3057.776501][T29956] ? wiphy_unregister+0xb70/0xb70 [ 3057.776526][T29956] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3057.776547][T29956] ieee80211_register_hw+0x24d1/0x4250 [ 3057.776581][T29956] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3057.776609][T29956] ? rcu_is_watching+0x12/0xb0 [ 3057.776631][T29956] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3057.776657][T29956] ? __hrtimer_init+0x103/0x2c0 [ 3057.776683][T29956] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3057.776716][T29956] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3057.776739][T29956] ? rcu_is_watching+0x12/0xb0 [ 3057.776757][T29956] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3057.776781][T29956] hwsim_new_radio_nl+0xaf8/0x1240 [ 3057.776806][T29956] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3057.776835][T29956] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3057.776869][T29956] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3057.776906][T29956] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3057.776940][T29956] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3057.776981][T29956] ? ns_capable+0xd5/0x110 [ 3057.777009][T29956] genl_rcv_msg+0x55c/0x800 [ 3057.777040][T29956] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3057.777080][T29956] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3057.777110][T29956] netlink_rcv_skb+0x16b/0x440 [ 3057.777140][T29956] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3057.777173][T29956] ? netlink_ack+0x1370/0x1370 [ 3057.777200][T29956] ? rcu_is_watching+0x12/0xb0 [ 3057.777227][T29956] ? down_write+0x200/0x200 [ 3057.777249][T29956] ? netlink_deliver_tap+0x1b1/0xd10 [ 3057.777281][T29956] genl_rcv+0x28/0x40 [ 3057.777309][T29956] netlink_unicast+0x536/0x810 [ 3057.777341][T29956] ? netlink_attachskb+0x870/0x870 [ 3057.777369][T29956] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3057.777402][T29956] ? __phys_addr_symbol+0x30/0x70 [ 3057.777426][T29956] ? __check_object_size+0x323/0x730 [ 3057.777455][T29956] netlink_sendmsg+0x93c/0xe40 [ 3057.777487][T29956] ? netlink_unicast+0x810/0x810 [ 3057.777518][T29956] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3057.777549][T29956] ? netlink_unicast+0x810/0x810 [ 3057.777579][T29956] sock_sendmsg+0xd9/0x180 [ 3057.777605][T29956] ____sys_sendmsg+0x6ac/0x940 [ 3057.777631][T29956] ? copy_msghdr_from_user+0x10b/0x160 [ 3057.777660][T29956] ? kernel_sendmsg+0x50/0x50 [ 3057.777685][T29956] ? plist_check_list+0x1ae/0x280 [ 3057.786135][T29958] FAT-fs (loop4): Directory bread(block 68) failed [ 3057.788525][T29956] ? schedule+0xf1/0x1b0 [ 3057.788547][T29956] ___sys_sendmsg+0x135/0x1d0 [ 3057.788574][T29956] ? do_recvmmsg+0x740/0x740 [ 3057.793580][T29958] FAT-fs (loop4): Directory bread(block 69) failed [ 3057.798562][T29956] ? rcu_is_watching+0x12/0xb0 [ 3057.798593][T29956] ? rcu_is_watching+0x12/0xb0 [ 3057.798621][T29956] ? __fget_light+0xe6/0x260 [ 3057.803899][T29958] FAT-fs (loop4): Directory bread(block 70) failed [ 3057.807741][T29956] __sys_sendmsg+0x117/0x1e0 [ 3057.807771][T29956] ? __sys_sendmsg_sock+0x30/0x30 [ 3057.807797][T29956] ? xfd_validate_state+0x5d/0x180 [ 3057.807834][T29956] ? rcu_is_watching+0x12/0xb0 [ 3057.807852][T29956] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3057.807878][T29956] do_syscall_64+0x38/0xb0 [ 3057.807908][T29956] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3057.807940][T29956] RIP: 0033:0x7f1773a7cae9 [ 3057.807956][T29956] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3057.807976][T29956] RSP: 002b:00007f177476b0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3057.807995][T29956] RAX: ffffffffffffffda RBX: 00007f1773b9bf80 RCX: 00007f1773a7cae9 [ 3057.808009][T29956] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3057.808022][T29956] RBP: 00007f1773ac847a R08: 0000000000000000 R09: 0000000000000000 [ 3057.808035][T29956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3057.808053][T29956] R13: 000000000000000b R14: 00007f1773b9bf80 R15: 00007ffc226675b8 [ 3057.808073][T29956] [ 3057.820420][T29965] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3057.838817][T29958] FAT-fs (loop4): Directory bread(block 71) failed [ 3057.838885][T29958] FAT-fs (loop4): Directory bread(block 72) failed [ 3057.838902][T29958] FAT-fs (loop4): Directory bread(block 73) failed [ 3058.257701][ T5178] usb 3-1: device descriptor read/64, error -71 [ 3058.264488][T29965] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3058.275920][T29965] CPU: 1 PID: 29965 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3058.285997][T29965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3058.296058][T29965] Call Trace: [ 3058.299337][T29965] [ 3058.302261][T29965] dump_stack_lvl+0x125/0x1b0 [ 3058.306941][T29965] sysfs_warn_dup+0x7f/0xa0 [ 3058.311437][T29965] sysfs_do_create_link_sd+0x11e/0x140 [ 3058.316876][T29965] sysfs_create_link+0x61/0xc0 [ 3058.321620][T29965] device_add+0x669/0x1ac0 [ 3058.326020][T29965] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3058.332939][T29965] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3058.338821][T29965] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3058.344810][T29965] wiphy_register+0x2095/0x2ce0 [ 3058.349642][T29965] ? wiphy_unregister+0xb70/0xb70 [ 3058.354643][T29965] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3058.360687][T29965] ieee80211_register_hw+0x24d1/0x4250 [ 3058.366133][T29965] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3058.371663][T29965] ? rcu_is_watching+0x12/0xb0 [ 3058.376403][T29965] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3058.382366][T29965] ? __hrtimer_init+0x103/0x2c0 [ 3058.387205][T29965] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3058.392907][T29965] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3058.398603][T29965] ? rcu_is_watching+0x12/0xb0 [ 3058.403344][T29965] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3058.409235][T29965] hwsim_new_radio_nl+0xaf8/0x1240 [ 3058.414323][T29965] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3058.420196][T29965] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3058.427559][T29965] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3058.434944][T29965] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3058.440476][T29965] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3058.447831][T29965] ? ns_capable+0xd5/0x110 [ 3058.452228][T29965] genl_rcv_msg+0x55c/0x800 [ 3058.456718][T29965] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3058.462600][T29965] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3058.468476][T29965] netlink_rcv_skb+0x16b/0x440 [ 3058.473281][T29965] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3058.479162][T29965] ? netlink_ack+0x1370/0x1370 [ 3058.483908][T29965] ? rcu_is_watching+0x12/0xb0 [ 3058.488654][T29965] ? down_write+0x200/0x200 [ 3058.493135][T29965] ? netlink_deliver_tap+0x1b1/0xd10 [ 3058.498434][T29965] genl_rcv+0x28/0x40 [ 3058.502501][T29965] netlink_unicast+0x536/0x810 [ 3058.507265][T29965] ? netlink_attachskb+0x870/0x870 [ 3058.512357][T29965] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3058.518236][T29965] ? __phys_addr_symbol+0x30/0x70 [ 3058.523240][T29965] ? __check_object_size+0x323/0x730 [ 3058.526799][ T5178] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 3058.528506][T29965] netlink_sendmsg+0x93c/0xe40 [ 3058.540892][T29965] ? netlink_unicast+0x810/0x810 [ 3058.545842][T29965] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3058.551113][T29965] ? netlink_unicast+0x810/0x810 [ 3058.556036][T29965] sock_sendmsg+0xd9/0x180 [ 3058.560435][T29965] ____sys_sendmsg+0x6ac/0x940 [ 3058.565181][T29965] ? copy_msghdr_from_user+0x10b/0x160 [ 3058.570626][T29965] ? kernel_sendmsg+0x50/0x50 [ 3058.575370][T29965] ? plist_check_list+0x1ae/0x280 [ 3058.580378][T29965] ? schedule+0xf1/0x1b0 [ 3058.584601][T29965] ___sys_sendmsg+0x135/0x1d0 [ 3058.589270][T29965] ? do_recvmmsg+0x740/0x740 [ 3058.593854][T29965] ? rcu_is_watching+0x12/0xb0 [ 3058.598598][T29965] ? rcu_is_watching+0x12/0xb0 [ 3058.603359][T29965] ? __fget_light+0xe6/0x260 [ 3058.607926][T29965] __sys_sendmsg+0x117/0x1e0 [ 3058.612497][T29965] ? __sys_sendmsg_sock+0x30/0x30 [ 3058.617500][T29965] ? xfd_validate_state+0x5d/0x180 [ 3058.622594][T29965] ? rcu_is_watching+0x12/0xb0 [ 3058.627336][T29965] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3058.633292][T29965] do_syscall_64+0x38/0xb0 [ 3058.637690][T29965] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3058.643563][T29965] RIP: 0033:0x7fc66767cae9 [ 3058.647956][T29965] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3058.667553][T29965] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3058.676050][T29965] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3058.684004][T29965] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3058.691960][T29965] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 [ 3058.699929][T29965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3058.707877][T29965] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3058.715828][T29965] [ 3058.716811][ T5178] usb 3-1: device descriptor read/64, error -71 [ 3058.735338][T29968] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3058.749235][T29968] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3058.757605][T29968] CPU: 1 PID: 29968 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3058.767665][T29968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3058.777708][T29968] Call Trace: [ 3058.780981][T29968] [ 3058.783887][T29968] dump_stack_lvl+0x125/0x1b0 [ 3058.788551][T29968] sysfs_warn_dup+0x7f/0xa0 [ 3058.793120][T29968] sysfs_do_create_link_sd+0x11e/0x140 [ 3058.798588][T29968] sysfs_create_link+0x61/0xc0 [ 3058.803363][T29968] device_add+0x669/0x1ac0 [ 3058.807763][T29968] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3058.814591][T29968] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3058.820568][T29968] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3058.826530][T29968] wiphy_register+0x2095/0x2ce0 [ 3058.831363][T29968] ? wiphy_unregister+0xb70/0xb70 [ 3058.836390][T29968] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3058.842445][T29968] ieee80211_register_hw+0x24d1/0x4250 [ 3058.847901][T29968] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3058.853437][T29968] ? rcu_is_watching+0x12/0xb0 [ 3058.858200][T29968] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3058.864169][T29968] ? __hrtimer_init+0x103/0x2c0 [ 3058.869009][T29968] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3058.874724][T29968] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3058.880432][T29968] ? rcu_is_watching+0x12/0xb0 [ 3058.885184][T29968] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3058.891061][T29968] hwsim_new_radio_nl+0xaf8/0x1240 [ 3058.896159][T29968] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3058.902061][T29968] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3058.909426][T29968] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3058.916805][T29968] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3058.922352][T29968] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3058.929713][T29968] ? ns_capable+0xd5/0x110 [ 3058.934118][T29968] genl_rcv_msg+0x55c/0x800 [ 3058.938612][T29968] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3058.944497][T29968] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3058.950382][T29968] netlink_rcv_skb+0x16b/0x440 [ 3058.955136][T29968] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3058.961039][T29968] ? netlink_ack+0x1370/0x1370 [ 3058.965792][T29968] ? rcu_is_watching+0x12/0xb0 [ 3058.970549][T29968] ? down_write+0x200/0x200 [ 3058.975060][T29968] ? netlink_deliver_tap+0x1b1/0xd10 [ 3058.980341][T29968] genl_rcv+0x28/0x40 [ 3058.984402][T29968] netlink_unicast+0x536/0x810 [ 3058.989158][T29968] ? netlink_attachskb+0x870/0x870 [ 3058.994259][T29968] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3059.000149][T29968] ? __phys_addr_symbol+0x30/0x70 [ 3059.005162][T29968] ? __check_object_size+0x323/0x730 [ 3059.010444][T29968] netlink_sendmsg+0x93c/0xe40 [ 3059.015201][T29968] ? netlink_unicast+0x810/0x810 [ 3059.020130][T29968] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3059.025428][T29968] ? netlink_unicast+0x810/0x810 [ 3059.030356][T29968] sock_sendmsg+0xd9/0x180 [ 3059.034848][T29968] ____sys_sendmsg+0x6ac/0x940 [ 3059.039599][T29968] ? copy_msghdr_from_user+0x10b/0x160 [ 3059.045089][T29968] ? kernel_sendmsg+0x50/0x50 [ 3059.049773][T29968] ? plist_check_list+0x1ae/0x280 [ 3059.054795][T29968] ? schedule+0xf1/0x1b0 [ 3059.059026][T29968] ___sys_sendmsg+0x135/0x1d0 [ 3059.063721][T29968] ? do_recvmmsg+0x740/0x740 [ 3059.068300][T29968] ? rcu_is_watching+0x12/0xb0 [ 3059.073056][T29968] ? rcu_is_watching+0x12/0xb0 [ 3059.077809][T29968] ? __fget_light+0xe6/0x260 [ 3059.082386][T29968] __sys_sendmsg+0x117/0x1e0 [ 3059.086970][T29968] ? __sys_sendmsg_sock+0x30/0x30 [ 3059.092005][T29968] ? xfd_validate_state+0x5d/0x180 [ 3059.097114][T29968] ? rcu_is_watching+0x12/0xb0 [ 3059.101865][T29968] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3059.107851][T29968] do_syscall_64+0x38/0xb0 [ 3059.112276][T29968] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3059.118160][T29968] RIP: 0033:0x7fc65907cae9 [ 3059.122573][T29968] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3059.142162][T29968] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3059.150646][T29968] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 20:14:06 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 20:14:06 executing program 0: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000001ff0000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:06 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='iocharset=iso8859-9,shortname=lower,iocharset=cp85\b\x00\x00\x00\x00\x00\x00\x00ate=0,uni_xlate=1,shortname=win95,utf8=0,iocharset=cp936,rodir,shortname=mixed,shortname=win95,shortname=lower,check=strict,utf8=1,tz=UTC,\x00'], 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r1, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r2, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x1a404bd, &(0x7f0000000200)=ANY=[@ANYRESDEC=r1, @ANYRES8=r0, @ANYRESOCT=r1, @ANYRES16=r1, @ANYRES16=r1], 0x1, 0x0, &(0x7f0000000000)) 20:14:06 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) r5 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r5, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) (async, rerun: 64) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="40000000648caeb8cdb5980000004a566c8adf744980a1353dfa86690464d09cd479d213061df872d1cbc5a84d196b16bdec64483254e72eab740080a610db34321bd60b2e985c2d670855972dcf02c1d800005b78db0e7cc763cfd092d1c2fd60e8c9ee4abb803260fe40", @ANYRES16=r2, @ANYBLOB="4d7e00000000000000002a00007f5ef711c1023d3b49e10008002f00000000510e577346110568e4ac0005003600000001000c000500", @ANYRESDEC=r4, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) (async, rerun: 64) sendmsg$NL802154_CMD_GET_WPAN_PHY(r3, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="000000dcc60fcd5e3900", @ANYRES16=0x0, @ANYBLOB="000227bd7000fddbdf25010000000c000600030000000000000008000300", @ANYRES32=r4, @ANYBLOB="08000300", @ANYRES32=r4, @ANYBLOB="080001001203205e0800010002000000"], 0x40}, 0x1, 0x0, 0x0, 0x40}, 0x10) 20:14:06 executing program 5: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000200)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@shortname_winnt}]}, 0x7, 0x31c, &(0x7f0000000540)="$eJzs3TtoZFUYB/D/7CQzWWFNCmHBxtFOkLCJWGhjlmWFxRQ+GHyARXCzIpm4sIGBbJFsKrEUbASt7Cy03FqsxM7CVgXxgY1r44KLV+68J481ETPx8fsV4eSc893znbmHXDIk3yTJ5elcuXXru8zMVDK1dGEptyuZy6lU03UjAMB/ye2iyM9F10nnAgBMRuf5/9qZk04DAJigQ/7+/8y+vVePLS0A4Bj1n/+/9p//D40N18ZnTw3+JgAA+Pd6/qWXnz6/nDzXaMwk62+2m+1mnhiOn7+S19PKas5lNneS7hsF3XcLyq9PXVq+eK5R+n4uzTKi3UzWt9vN6mh8PQuZzVwvvhjEV8v4hU58I8mN7c76Wa+0m9OVfvxX92Q1i5nNfXvik0vLFxcbvQs01/vx28lOZvqbKPOfz2y+eDVX08rllLHD/LcWGo0LxfJYfLtZ78wDAAAAAAAAAAAAAAAAAAAAAIDjMN8YmBvUvymG9Xvm+xMe6AUM6uN0v+3V99np1gcq6v3qPG9Vd9cHauyqrzOVUye3bQAAAAAAAAAAAAAAAAAAAPhH2disZaXVWr22sXl9bbSxPdLzxmcffXo6e+f8SWOqt8bIUDWDOUW1P7mojs1Zq6RsVJPh5A9vDjLu9VTKdn2wi33TqB881GqdefDb9/Yb+n3YU81Rt3x9bf3ebkp3mfPkcBe7hhbvvkRmkuKg1bfe3RuVSjJ19Bt3iMZSkkc3zj7W6fmkV/Th4UdmX/j6nQ9+LFPt3J/TaTWS3Cn+0lr1lLdgeDYq6TYq4yfhkBesZXOl+uVPL97/9ueHiypGemrjx3is8fHunlr/GOdQ52f6wCv/rY2z7y+t3Nz65ofxoekMX5/xV3Xkh4RCHQAAAAAAAAAAAAAAAAAAMBEj/yt+BI8/e3wZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDkDT//f6SxM9JTS7LfnL2N37azd6i+em3jgKVf+WXCewUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/rjwAAAP//2nBvrQ==") getsockopt$PNPIPE_ENCAP(0xffffffffffffffff, 0x113, 0x1, &(0x7f0000000040), &(0x7f0000000080)=0x4) mkdir(&(0x7f00000000c0)='./file0\x00', 0x4) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000880)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e4eb07787fa3ce0b7731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45ff309908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1ebe99f132c97b6eec743d132144a8427e10e8ab52650efb179a834a1", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) [ 3059.158602][T29968] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3059.166557][T29968] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3059.174511][T29968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3059.182552][T29968] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3059.190510][T29968] [ 3059.196482][ T5178] usb usb3-port1: attempt power cycle 20:14:06 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000900000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3059.258696][T29977] syz-executor.4[29977]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3059.258891][T29979] syz-executor.5[29979]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3059.270477][T29980] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3059.280269][T29977] loop4: detected capacity change from 0 to 256 [ 3059.293936][T29980] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3059.323588][T29980] CPU: 0 PID: 29980 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3059.333657][T29980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3059.343706][T29980] Call Trace: [ 3059.346983][T29980] [ 3059.349922][T29980] dump_stack_lvl+0x125/0x1b0 [ 3059.351835][T29979] loop5: detected capacity change from 0 to 256 [ 3059.354611][T29980] sysfs_warn_dup+0x7f/0xa0 [ 3059.354639][T29980] sysfs_do_create_link_sd+0x11e/0x140 20:14:06 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r6) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r7, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r12 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r11) r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r13, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r12, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r14}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) sendmsg$IEEE802154_LLSEC_DEL_KEY(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x70, r7, 0x2, 0x70bd29, 0x25dfdbfb, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r14}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x26}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0302}}]}, 0x70}, 0x1, 0x0, 0x0, 0x20000800}, 0x20040840) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) [ 3059.370799][T29980] sysfs_create_link+0x61/0xc0 [ 3059.375577][T29980] device_add+0x669/0x1ac0 [ 3059.380096][T29980] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3059.386969][T29980] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3059.392884][T29980] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3059.398875][T29980] wiphy_register+0x2095/0x2ce0 [ 3059.403729][T29980] ? wiphy_unregister+0xb70/0xb70 [ 3059.408762][T29980] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3059.414823][T29980] ieee80211_register_hw+0x24d1/0x4250 [ 3059.420282][T29980] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3059.425821][T29980] ? rcu_is_watching+0x12/0xb0 [ 3059.430572][T29980] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3059.436541][T29980] ? __hrtimer_init+0x103/0x2c0 [ 3059.441381][T29980] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3059.447090][T29980] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3059.452791][T29980] ? rcu_is_watching+0x12/0xb0 [ 3059.457536][T29980] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3059.463411][T29980] hwsim_new_radio_nl+0xaf8/0x1240 [ 3059.468509][T29980] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3059.474394][T29980] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3059.481756][T29980] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3059.489210][T29980] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3059.494749][T29980] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3059.502112][T29980] ? ns_capable+0xd5/0x110 [ 3059.506522][T29980] genl_rcv_msg+0x55c/0x800 [ 3059.511020][T29980] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3059.516921][T29980] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3059.522801][T29980] netlink_rcv_skb+0x16b/0x440 [ 3059.527559][T29980] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3059.533531][T29980] ? netlink_ack+0x1370/0x1370 [ 3059.538283][T29980] ? rcu_is_watching+0x12/0xb0 [ 3059.543036][T29980] ? down_write+0x200/0x200 [ 3059.547533][T29980] ? netlink_deliver_tap+0x1b1/0xd10 [ 3059.552983][T29980] genl_rcv+0x28/0x40 [ 3059.556967][T29980] netlink_unicast+0x536/0x810 [ 3059.561723][T29980] ? netlink_attachskb+0x870/0x870 [ 3059.566824][T29980] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3059.572714][T29980] ? __phys_addr_symbol+0x30/0x70 [ 3059.577726][T29980] ? __check_object_size+0x323/0x730 [ 3059.583004][T29980] netlink_sendmsg+0x93c/0xe40 [ 3059.587767][T29980] ? netlink_unicast+0x810/0x810 [ 3059.592696][T29980] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3059.598058][T29980] ? netlink_unicast+0x810/0x810 [ 3059.602987][T29980] sock_sendmsg+0xd9/0x180 [ 3059.607413][T29980] ____sys_sendmsg+0x6ac/0x940 [ 3059.612167][T29980] ? copy_msghdr_from_user+0x10b/0x160 [ 3059.617616][T29980] ? kernel_sendmsg+0x50/0x50 [ 3059.622281][T29980] ? plist_check_list+0x1ae/0x280 [ 3059.627298][T29980] ? schedule+0xf1/0x1b0 [ 3059.631531][T29980] ___sys_sendmsg+0x135/0x1d0 [ 3059.636197][T29980] ? do_recvmmsg+0x740/0x740 [ 3059.640779][T29980] ? rcu_is_watching+0x12/0xb0 [ 3059.645538][T29980] ? rcu_is_watching+0x12/0xb0 [ 3059.650286][T29980] ? __fget_light+0xe6/0x260 [ 3059.654863][T29980] __sys_sendmsg+0x117/0x1e0 [ 3059.659445][T29980] ? __sys_sendmsg_sock+0x30/0x30 [ 3059.664460][T29980] ? xfd_validate_state+0x5d/0x180 [ 3059.669567][T29980] ? rcu_is_watching+0x12/0xb0 [ 3059.674315][T29980] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3059.680282][T29980] do_syscall_64+0x38/0xb0 [ 3059.684691][T29980] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3059.690576][T29980] RIP: 0033:0x7f1773a7cae9 [ 3059.694975][T29980] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3059.714654][T29980] RSP: 002b:00007f177476b0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3059.723071][T29980] RAX: ffffffffffffffda RBX: 00007f1773b9bf80 RCX: 00007f1773a7cae9 [ 3059.731029][T29980] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3059.739073][T29980] RBP: 00007f1773ac847a R08: 0000000000000000 R09: 0000000000000000 [ 3059.747026][T29980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3059.754979][T29980] R13: 000000000000000b R14: 00007f1773b9bf80 R15: 00007ffc226675b8 [ 3059.762938][T29980] 20:14:07 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x7000) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) r3 = shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000561000/0x2000)=nil, 0x1000) r4 = shmget$private(0x0, 0x4000, 0x800, &(0x7f00009ff000/0x4000)=nil) shmat(r4, &(0x7f00000de000/0x4000)=nil, 0x0) shmat(r4, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_UNLOCK(0x0, 0xc) shmctl$SHM_LOCK(r3, 0xb) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x233000, 0x1000, 0x0, 0x1}, 0x20) mbind(&(0x7f00001b9000/0x4000)=nil, 0x4000, 0x4000, 0x0, 0xfffffffffffffffc, 0x10000000003) [ 3059.788809][T29982] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3059.814327][T29982] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3059.856860][T29982] CPU: 0 PID: 29982 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3059.867056][T29982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3059.877142][T29982] Call Trace: [ 3059.880424][T29982] [ 3059.883353][T29982] dump_stack_lvl+0x125/0x1b0 [ 3059.888052][T29982] sysfs_warn_dup+0x7f/0xa0 [ 3059.892563][T29982] sysfs_do_create_link_sd+0x11e/0x140 [ 3059.898035][T29982] sysfs_create_link+0x61/0xc0 [ 3059.902808][T29982] device_add+0x669/0x1ac0 [ 3059.907236][T29982] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3059.914094][T29982] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3059.920013][T29982] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3059.923721][T29979] FAT-fs (loop5): Directory bread(block 64) failed [ 3059.925992][T29982] wiphy_register+0x2095/0x2ce0 [ 3059.926024][T29982] ? wiphy_unregister+0xb70/0xb70 [ 3059.932659][T29979] FAT-fs (loop5): Directory bread(block 65) failed [ 3059.937327][T29982] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3059.937352][T29982] ieee80211_register_hw+0x24d1/0x4250 [ 3059.937385][T29982] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3059.944519][T29979] FAT-fs (loop5): Directory bread(block 66) failed [ 3059.948834][T29982] ? rcu_is_watching+0x12/0xb0 [ 3059.948855][T29982] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3059.948878][T29982] ? __hrtimer_init+0x103/0x2c0 [ 3059.955428][T29979] FAT-fs (loop5): Directory bread(block 67) failed [ 3059.960341][T29982] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3059.960377][T29982] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3059.966438][T29979] FAT-fs (loop5): Directory bread(block 68) failed [ 3059.972371][T29982] ? rcu_is_watching+0x12/0xb0 [ 3059.972392][T29982] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3059.972420][T29982] hwsim_new_radio_nl+0xaf8/0x1240 [ 3059.972444][T29982] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3059.972470][T29982] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3059.972505][T29982] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3059.972546][T29982] genl_family_rcv_msg_doit+0x1fc/0x2e0 20:14:07 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000e00000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3059.972583][T29982] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3059.972627][T29982] ? ns_capable+0xd5/0x110 [ 3059.972658][T29982] genl_rcv_msg+0x55c/0x800 [ 3059.972694][T29982] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3059.972728][T29982] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3059.972756][T29982] netlink_rcv_skb+0x16b/0x440 [ 3059.972789][T29982] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3059.972827][T29982] ? netlink_ack+0x1370/0x1370 [ 3059.972856][T29982] ? rcu_is_watching+0x12/0xb0 [ 3059.972884][T29982] ? down_write+0x200/0x200 [ 3059.972919][T29982] ? netlink_deliver_tap+0x1b1/0xd10 [ 3059.972956][T29982] genl_rcv+0x28/0x40 [ 3059.972988][T29982] netlink_unicast+0x536/0x810 [ 3059.984962][T29979] FAT-fs (loop5): Directory bread(block 69) failed [ 3059.988561][T29982] ? netlink_attachskb+0x870/0x870 [ 3059.988590][T29982] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3059.995749][T29979] FAT-fs (loop5): Directory bread(block 70) failed [ 3060.000853][T29982] ? __phys_addr_symbol+0x30/0x70 20:14:07 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) (async) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r6) (async) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r7, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r12 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r11) (async) r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r13, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r12, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r14}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) (async) sendmsg$IEEE802154_LLSEC_DEL_KEY(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x70, r7, 0x2, 0x70bd29, 0x25dfdbfb, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r14}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x26}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0302}}]}, 0x70}, 0x1, 0x0, 0x0, 0x20000800}, 0x20040840) (async) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) [ 3060.000880][T29982] ? __check_object_size+0x323/0x730 [ 3060.000909][T29982] netlink_sendmsg+0x93c/0xe40 [ 3060.007161][T29979] FAT-fs (loop5): Directory bread(block 71) failed [ 3060.013072][T29982] ? netlink_unicast+0x810/0x810 [ 3060.013105][T29982] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3060.020483][T29979] FAT-fs (loop5): Directory bread(block 72) failed [ 3060.023701][T29982] ? netlink_unicast+0x810/0x810 [ 3060.023729][T29982] sock_sendmsg+0xd9/0x180 [ 3060.023752][T29982] ____sys_sendmsg+0x6ac/0x940 [ 3060.023773][T29982] ? copy_msghdr_from_user+0x10b/0x160 [ 3060.023797][T29982] ? kernel_sendmsg+0x50/0x50 [ 3060.023817][T29982] ? plist_check_list+0x1ae/0x280 [ 3060.023842][T29982] ? schedule+0xf1/0x1b0 [ 3060.023859][T29982] ___sys_sendmsg+0x135/0x1d0 [ 3060.023884][T29982] ? do_recvmmsg+0x740/0x740 [ 3060.023906][T29982] ? rcu_is_watching+0x12/0xb0 [ 3060.023930][T29982] ? rcu_is_watching+0x12/0xb0 [ 3060.023951][T29982] ? __fget_light+0xe6/0x260 [ 3060.023970][T29982] __sys_sendmsg+0x117/0x1e0 [ 3060.024000][T29982] ? __sys_sendmsg_sock+0x30/0x30 20:14:07 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r6) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r7, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r12 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r11) r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r13, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r12, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r14}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) sendmsg$IEEE802154_LLSEC_DEL_KEY(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x70, r7, 0x2, 0x70bd29, 0x25dfdbfb, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r14}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x26}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0302}}]}, 0x70}, 0x1, 0x0, 0x0, 0x20000800}, 0x20040840) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) [ 3060.024024][T29982] ? xfd_validate_state+0x5d/0x180 [ 3060.024055][T29982] ? rcu_is_watching+0x12/0xb0 [ 3060.024072][T29982] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3060.024094][T29982] do_syscall_64+0x38/0xb0 [ 3060.024118][T29982] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3060.024145][T29982] RIP: 0033:0x7fc65907cae9 [ 3060.024159][T29982] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 20:14:07 executing program 5: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000200)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@shortname_winnt}]}, 0x7, 0x31c, &(0x7f0000000540)="$eJzs3TtoZFUYB/D/7CQzWWFNCmHBxtFOkLCJWGhjlmWFxRQ+GHyARXCzIpm4sIGBbJFsKrEUbASt7Cy03FqsxM7CVgXxgY1r44KLV+68J481ETPx8fsV4eSc893znbmHXDIk3yTJ5elcuXXru8zMVDK1dGEptyuZy6lU03UjAMB/ye2iyM9F10nnAgBMRuf5/9qZk04DAJigQ/7+/8y+vVePLS0A4Bj1n/+/9p//D40N18ZnTw3+JgAA+Pd6/qWXnz6/nDzXaMwk62+2m+1mnhiOn7+S19PKas5lNneS7hsF3XcLyq9PXVq+eK5R+n4uzTKi3UzWt9vN6mh8PQuZzVwvvhjEV8v4hU58I8mN7c76Wa+0m9OVfvxX92Q1i5nNfXvik0vLFxcbvQs01/vx28lOZvqbKPOfz2y+eDVX08rllLHD/LcWGo0LxfJYfLtZ78wDAAAAAAAAAAAAAAAAAAAAAIDjMN8YmBvUvymG9Xvm+xMe6AUM6uN0v+3V99np1gcq6v3qPG9Vd9cHauyqrzOVUye3bQAAAAAAAAAAAAAAAAAAAPhH2disZaXVWr22sXl9bbSxPdLzxmcffXo6e+f8SWOqt8bIUDWDOUW1P7mojs1Zq6RsVJPh5A9vDjLu9VTKdn2wi33TqB881GqdefDb9/Yb+n3YU81Rt3x9bf3ebkp3mfPkcBe7hhbvvkRmkuKg1bfe3RuVSjJ19Bt3iMZSkkc3zj7W6fmkV/Th4UdmX/j6nQ9+LFPt3J/TaTWS3Cn+0lr1lLdgeDYq6TYq4yfhkBesZXOl+uVPL97/9ueHiypGemrjx3is8fHunlr/GOdQ52f6wCv/rY2z7y+t3Nz65ofxoekMX5/xV3Xkh4RCHQAAAAAAAAAAAAAAAAAAMBEj/yt+BI8/e3wZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDkDT//f6SxM9JTS7LfnL2N37azd6i+em3jgKVf+WXCewUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/rjwAAAP//2nBvrQ==") getsockopt$PNPIPE_ENCAP(0xffffffffffffffff, 0x113, 0x1, &(0x7f0000000040), &(0x7f0000000080)=0x4) mkdir(&(0x7f00000000c0)='./file0\x00', 0x4) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000880)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e4eb07787fa3ce0b7731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45ff309908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1ebe99f132c97b6eec743d132144a8427e10e8ab52650efb179a834a1", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) [ 3060.024176][T29982] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3060.024194][T29982] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3060.024206][T29982] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3060.024217][T29982] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3060.024228][T29982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3060.024239][T29982] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3060.024257][T29982] [ 3060.081041][T29991] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3060.103682][T29979] FAT-fs (loop5): Directory bread(block 73) failed [ 3060.155104][T29977] FAT-fs (loop4): IO charset cp85 not found [ 3060.326999][ T5178] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 3060.339824][T29991] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3060.409388][T29991] CPU: 0 PID: 29991 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3060.419474][T29991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3060.428940][T30002] syz-executor.5[30002]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3060.429518][T29991] Call Trace: [ 3060.429526][T29991] [ 3060.443572][T30002] loop5: detected capacity change from 0 to 256 [ 3060.445318][T29991] dump_stack_lvl+0x125/0x1b0 [ 3060.456413][T29991] sysfs_warn_dup+0x7f/0xa0 [ 3060.460915][T29991] sysfs_do_create_link_sd+0x11e/0x140 [ 3060.466377][T29991] sysfs_create_link+0x61/0xc0 [ 3060.471139][T29991] device_add+0x669/0x1ac0 [ 3060.475564][T29991] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3060.482495][T29991] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3060.488387][T29991] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3060.494358][T29991] wiphy_register+0x2095/0x2ce0 [ 3060.499201][T29991] ? wiphy_unregister+0xb70/0xb70 [ 3060.504215][T29991] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3060.510271][T29991] ieee80211_register_hw+0x24d1/0x4250 [ 3060.515724][T29991] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3060.521263][T29991] ? rcu_is_watching+0x12/0xb0 [ 3060.526012][T29991] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3060.531984][T29991] ? __hrtimer_init+0x103/0x2c0 [ 3060.536832][T29991] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3060.542548][T29991] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3060.548251][T29991] ? rcu_is_watching+0x12/0xb0 [ 3060.553031][T29991] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3060.558910][T29991] hwsim_new_radio_nl+0xaf8/0x1240 [ 3060.564010][T29991] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3060.569898][T29991] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3060.577350][T29991] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3060.584753][T29991] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3060.590298][T29991] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3060.597662][T29991] ? ns_capable+0xd5/0x110 [ 3060.602067][T29991] genl_rcv_msg+0x55c/0x800 [ 3060.606562][T29991] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3060.612445][T29991] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3060.618331][T29991] netlink_rcv_skb+0x16b/0x440 [ 3060.623085][T29991] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3060.628973][T29991] ? netlink_ack+0x1370/0x1370 [ 3060.633723][T29991] ? rcu_is_watching+0x12/0xb0 [ 3060.638494][T29991] ? down_write+0x200/0x200 [ 3060.642985][T29991] ? netlink_deliver_tap+0x1b1/0xd10 [ 3060.648290][T29991] genl_rcv+0x28/0x40 [ 3060.652351][T29991] netlink_unicast+0x536/0x810 [ 3060.657109][T29991] ? netlink_attachskb+0x870/0x870 [ 3060.662342][T29991] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3060.668226][T29991] ? __phys_addr_symbol+0x30/0x70 [ 3060.673243][T29991] ? __check_object_size+0x323/0x730 [ 3060.678522][T29991] netlink_sendmsg+0x93c/0xe40 [ 3060.683284][T29991] ? netlink_unicast+0x810/0x810 [ 3060.688218][T29991] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3060.693497][T29991] ? netlink_unicast+0x810/0x810 [ 3060.698439][T29991] sock_sendmsg+0xd9/0x180 [ 3060.702846][T29991] ____sys_sendmsg+0x6ac/0x940 [ 3060.707621][T29991] ? copy_msghdr_from_user+0x10b/0x160 [ 3060.713076][T29991] ? kernel_sendmsg+0x50/0x50 [ 3060.717748][T29991] ? plist_check_list+0x1ae/0x280 [ 3060.722775][T29991] ? schedule+0xf1/0x1b0 [ 3060.727005][T29991] ___sys_sendmsg+0x135/0x1d0 [ 3060.731675][T29991] ? do_recvmmsg+0x740/0x740 [ 3060.736259][T29991] ? rcu_is_watching+0x12/0xb0 [ 3060.741015][T29991] ? rcu_is_watching+0x12/0xb0 [ 3060.745770][T29991] ? __fget_light+0xe6/0x260 [ 3060.750352][T29991] __sys_sendmsg+0x117/0x1e0 [ 3060.754936][T29991] ? __sys_sendmsg_sock+0x30/0x30 [ 3060.759950][T29991] ? xfd_validate_state+0x5d/0x180 [ 3060.765076][T29991] ? rcu_is_watching+0x12/0xb0 [ 3060.769824][T29991] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3060.775797][T29991] do_syscall_64+0x38/0xb0 [ 3060.780206][T29991] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3060.786143][T29991] RIP: 0033:0x7fc65907cae9 [ 3060.790557][T29991] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3060.810149][T29991] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3060.818547][T29991] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3060.826505][T29991] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3060.834463][T29991] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3060.842422][T29991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3060.850387][T29991] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3060.858348][T29991] [ 3060.880670][ T5178] usb 3-1: device descriptor read/8, error -71 [ 3060.935563][T30002] FAT-fs (loop5): Directory bread(block 64) failed [ 3060.944441][T30002] FAT-fs (loop5): Directory bread(block 65) failed [ 3060.965075][T30002] FAT-fs (loop5): Directory bread(block 66) failed [ 3060.974461][T30002] FAT-fs (loop5): Directory bread(block 67) failed [ 3060.981555][T30002] FAT-fs (loop5): Directory bread(block 68) failed [ 3060.990073][T30002] FAT-fs (loop5): Directory bread(block 69) failed [ 3060.996902][T30002] FAT-fs (loop5): Directory bread(block 70) failed [ 3061.003410][T30002] FAT-fs (loop5): Directory bread(block 71) failed [ 3061.010174][T30002] FAT-fs (loop5): Directory bread(block 72) failed [ 3061.017037][T30002] FAT-fs (loop5): Directory bread(block 73) failed [ 3061.156835][ T5178] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 3061.246929][ T5178] usb 3-1: device descriptor read/8, error -71 [ 3061.367221][ T5178] usb usb3-port1: unable to enumerate USB device 20:14:09 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 20:14:09 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='iocharset=iso8859-9,shortname=lower,iocharset=cp85\b\x00\x00\x00\x00\x00\x00\x00ate=0,uni_xlate=1,shortname=win95,utf8=0,iocharset=cp936,rodir,shortname=mixed,shortname=win95,shortname=lower,check=strict,utf8=1,tz=UTC,\x00'], 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") (async) r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r1, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r2, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) (async) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x1a404bd, &(0x7f0000000200)=ANY=[@ANYRESDEC=r1, @ANYRES8=r0, @ANYRESOCT=r1, @ANYRES16=r1, @ANYRES16=r1], 0x1, 0x0, &(0x7f0000000000)) 20:14:09 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r6) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r7, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r12 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r11) r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r13, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r12, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r14}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) sendmsg$IEEE802154_LLSEC_DEL_KEY(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x70, r7, 0x2, 0x70bd29, 0x25dfdbfb, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r14}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x26}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0302}}]}, 0x70}, 0x1, 0x0, 0x0, 0x20000800}, 0x20040840) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00'}) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r6) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000340)={'wpan1\x00'}) (async) sendmsg$IEEE802154_LLSEC_ADD_DEV(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r7, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r11) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$sock_SIOCGIFINDEX_802154(r13, 0x8933, &(0x7f0000000340)={'wpan1\x00'}) (async) sendmsg$IEEE802154_LLSEC_ADD_DEV(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r12, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r14}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) (async) sendmsg$IEEE802154_LLSEC_DEL_KEY(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x70, r7, 0x2, 0x70bd29, 0x25dfdbfb, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r14}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x26}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0302}}]}, 0x70}, 0x1, 0x0, 0x0, 0x20000800}, 0x20040840) (async) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) (async) 20:14:09 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000004800000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:09 executing program 0: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="14010000290001000000007a0000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:09 executing program 5: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000200)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@shortname_winnt}]}, 0x7, 0x31c, &(0x7f0000000540)="$eJzs3TtoZFUYB/D/7CQzWWFNCmHBxtFOkLCJWGhjlmWFxRQ+GHyARXCzIpm4sIGBbJFsKrEUbASt7Cy03FqsxM7CVgXxgY1r44KLV+68J481ETPx8fsV4eSc893znbmHXDIk3yTJ5elcuXXru8zMVDK1dGEptyuZy6lU03UjAMB/ye2iyM9F10nnAgBMRuf5/9qZk04DAJigQ/7+/8y+vVePLS0A4Bj1n/+/9p//D40N18ZnTw3+JgAA+Pd6/qWXnz6/nDzXaMwk62+2m+1mnhiOn7+S19PKas5lNneS7hsF3XcLyq9PXVq+eK5R+n4uzTKi3UzWt9vN6mh8PQuZzVwvvhjEV8v4hU58I8mN7c76Wa+0m9OVfvxX92Q1i5nNfXvik0vLFxcbvQs01/vx28lOZvqbKPOfz2y+eDVX08rllLHD/LcWGo0LxfJYfLtZ78wDAAAAAAAAAAAAAAAAAAAAAIDjMN8YmBvUvymG9Xvm+xMe6AUM6uN0v+3V99np1gcq6v3qPG9Vd9cHauyqrzOVUye3bQAAAAAAAAAAAAAAAAAAAPhH2disZaXVWr22sXl9bbSxPdLzxmcffXo6e+f8SWOqt8bIUDWDOUW1P7mojs1Zq6RsVJPh5A9vDjLu9VTKdn2wi33TqB881GqdefDb9/Yb+n3YU81Rt3x9bf3ebkp3mfPkcBe7hhbvvkRmkuKg1bfe3RuVSjJ19Bt3iMZSkkc3zj7W6fmkV/Th4UdmX/j6nQ9+LFPt3J/TaTWS3Cn+0lr1lLdgeDYq6TYq4yfhkBesZXOl+uVPL97/9ueHiypGemrjx3is8fHunlr/GOdQ52f6wCv/rY2z7y+t3Nz65ofxoekMX5/xV3Xkh4RCHQAAAAAAAAAAAAAAAAAAMBEj/yt+BI8/e3wZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDkDT//f6SxM9JTS7LfnL2N37azd6i+em3jgKVf+WXCewUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/rjwAAAP//2nBvrQ==") getsockopt$PNPIPE_ENCAP(0xffffffffffffffff, 0x113, 0x1, &(0x7f0000000040), &(0x7f0000000080)=0x4) mkdir(&(0x7f00000000c0)='./file0\x00', 0x4) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000880)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e4eb07787fa3ce0b7731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45ff309908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1ebe99f132c97b6eec743d132144a8427e10e8ab52650efb179a834a1", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) [ 3062.262756][T30010] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3062.264047][T30008] syz-executor.4[30008]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3062.273706][T30013] syz-executor.5[30013]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3062.295578][T30008] loop4: detected capacity change from 0 to 256 [ 3062.305304][T30010] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3062.318103][T30013] loop5: detected capacity change from 0 to 256 [ 3062.322661][T30010] CPU: 1 PID: 30010 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3062.333943][T30013] FAT-fs (loop5): Directory bread(block 64) failed [ 3062.334366][T30010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3062.334378][T30010] Call Trace: [ 3062.334385][T30010] [ 3062.334391][T30010] dump_stack_lvl+0x125/0x1b0 [ 3062.341385][T30013] FAT-fs (loop5): Directory bread(block 65) failed [ 3062.350889][T30010] sysfs_warn_dup+0x7f/0xa0 [ 3062.350922][T30010] sysfs_do_create_link_sd+0x11e/0x140 [ 3062.350950][T30010] sysfs_create_link+0x61/0xc0 [ 3062.350977][T30010] device_add+0x669/0x1ac0 [ 3062.351013][T30010] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3062.351048][T30010] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3062.351087][T30010] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3062.351114][T30010] wiphy_register+0x2095/0x2ce0 [ 3062.360116][T30013] FAT-fs (loop5): Directory bread(block 66) failed [ 3062.361946][T30010] ? wiphy_unregister+0xb70/0xb70 [ 3062.361972][T30010] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3062.368920][T30013] FAT-fs (loop5): Directory bread(block 67) failed [ 3062.372937][T30010] ieee80211_register_hw+0x24d1/0x4250 [ 3062.372975][T30010] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3062.380288][T30013] FAT-fs (loop5): Directory bread(block 68) failed [ 3062.383133][T30010] ? rcu_is_watching+0x12/0xb0 [ 3062.383155][T30010] ? trace_irq_enable.constprop.0+0xd0/0x100 20:14:09 executing program 5: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000200)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@shortname_winnt}]}, 0x7, 0x31c, &(0x7f0000000540)="$eJzs3TtoZFUYB/D/7CQzWWFNCmHBxtFOkLCJWGhjlmWFxRQ+GHyARXCzIpm4sIGBbJFsKrEUbASt7Cy03FqsxM7CVgXxgY1r44KLV+68J481ETPx8fsV4eSc893znbmHXDIk3yTJ5elcuXXru8zMVDK1dGEptyuZy6lU03UjAMB/ye2iyM9F10nnAgBMRuf5/9qZk04DAJigQ/7+/8y+vVePLS0A4Bj1n/+/9p//D40N18ZnTw3+JgAA+Pd6/qWXnz6/nDzXaMwk62+2m+1mnhiOn7+S19PKas5lNneS7hsF3XcLyq9PXVq+eK5R+n4uzTKi3UzWt9vN6mh8PQuZzVwvvhjEV8v4hU58I8mN7c76Wa+0m9OVfvxX92Q1i5nNfXvik0vLFxcbvQs01/vx28lOZvqbKPOfz2y+eDVX08rllLHD/LcWGo0LxfJYfLtZ78wDAAAAAAAAAAAAAAAAAAAAAIDjMN8YmBvUvymG9Xvm+xMe6AUM6uN0v+3V99np1gcq6v3qPG9Vd9cHauyqrzOVUye3bQAAAAAAAAAAAAAAAAAAAPhH2disZaXVWr22sXl9bbSxPdLzxmcffXo6e+f8SWOqt8bIUDWDOUW1P7mojs1Zq6RsVJPh5A9vDjLu9VTKdn2wi33TqB881GqdefDb9/Yb+n3YU81Rt3x9bf3ebkp3mfPkcBe7hhbvvkRmkuKg1bfe3RuVSjJ19Bt3iMZSkkc3zj7W6fmkV/Th4UdmX/j6nQ9+LFPt3J/TaTWS3Cn+0lr1lLdgeDYq6TYq4yfhkBesZXOl+uVPL97/9ueHiypGemrjx3is8fHunlr/GOdQ52f6wCv/rY2z7y+t3Nz65ofxoekMX5/xV3Xkh4RCHQAAAAAAAAAAAAAAAAAAMBEj/yt+BI8/e3wZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDkDT//f6SxM9JTS7LfnL2N37azd6i+em3jgKVf+WXCewUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/rjwAAAP//2nBvrQ==") getsockopt$PNPIPE_ENCAP(0xffffffffffffffff, 0x113, 0x1, &(0x7f0000000040), &(0x7f0000000080)=0x4) mkdir(&(0x7f00000000c0)='./file0\x00', 0x4) [ 3062.388115][T30013] FAT-fs (loop5): Directory bread(block 69) failed [ 3062.394363][T30010] ? __hrtimer_init+0x103/0x2c0 [ 3062.394395][T30010] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3062.401456][T30013] FAT-fs (loop5): Directory bread(block 70) failed [ 3062.406207][T30010] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3062.406233][T30010] ? rcu_is_watching+0x12/0xb0 [ 3062.414783][T30013] FAT-fs (loop5): Directory bread(block 71) failed [ 3062.417518][T30010] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3062.417543][T30010] hwsim_new_radio_nl+0xaf8/0x1240 [ 3062.417569][T30010] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3062.417593][T30010] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3062.417624][T30010] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3062.424428][T30013] FAT-fs (loop5): Directory bread(block 72) failed [ 3062.428674][T30010] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3062.428710][T30010] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3062.428744][T30010] ? ns_capable+0xd5/0x110 [ 3062.428770][T30010] genl_rcv_msg+0x55c/0x800 [ 3062.428800][T30010] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3062.436004][T30013] FAT-fs (loop5): Directory bread(block 73) failed [ 3062.440704][T30010] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3062.440734][T30010] netlink_rcv_skb+0x16b/0x440 [ 3062.440763][T30010] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3062.440791][T30010] ? netlink_ack+0x1370/0x1370 [ 3062.516634][T30008] FAT-fs (loop4): IO charset cp85 not found [ 3062.520721][T30010] ? rcu_is_watching+0x12/0xb0 [ 3062.520751][T30010] ? down_write+0x200/0x200 [ 3062.520772][T30010] ? netlink_deliver_tap+0x1b1/0xd10 [ 3062.520801][T30010] genl_rcv+0x28/0x40 [ 3062.621630][T30010] netlink_unicast+0x536/0x810 [ 3062.626405][T30010] ? netlink_attachskb+0x870/0x870 [ 3062.631513][T30010] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3062.637408][T30010] ? __phys_addr_symbol+0x30/0x70 [ 3062.642445][T30010] ? __check_object_size+0x323/0x730 [ 3062.647717][T30010] netlink_sendmsg+0x93c/0xe40 [ 3062.652473][T30010] ? netlink_unicast+0x810/0x810 [ 3062.657397][T30010] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3062.662665][T30010] ? netlink_unicast+0x810/0x810 [ 3062.667603][T30010] sock_sendmsg+0xd9/0x180 [ 3062.672041][T30010] ____sys_sendmsg+0x6ac/0x940 [ 3062.676811][T30010] ? copy_msghdr_from_user+0x10b/0x160 [ 3062.682258][T30010] ? kernel_sendmsg+0x50/0x50 [ 3062.686836][ T2161] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 3062.687085][T30010] ? plist_check_list+0x1ae/0x280 [ 3062.699619][T30010] ? schedule+0xf1/0x1b0 [ 3062.703874][T30010] ___sys_sendmsg+0x135/0x1d0 [ 3062.708549][T30010] ? do_recvmmsg+0x740/0x740 [ 3062.713163][T30010] ? rcu_is_watching+0x12/0xb0 [ 3062.717910][T30010] ? rcu_is_watching+0x12/0xb0 [ 3062.722657][T30010] ? __fget_light+0xe6/0x260 [ 3062.727231][T30010] __sys_sendmsg+0x117/0x1e0 [ 3062.731815][T30010] ? __sys_sendmsg_sock+0x30/0x30 [ 3062.736866][T30010] ? xfd_validate_state+0x5d/0x180 [ 3062.741968][T30010] ? rcu_is_watching+0x12/0xb0 [ 3062.746710][T30010] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3062.752677][T30010] do_syscall_64+0x38/0xb0 [ 3062.757081][T30010] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3062.762961][T30010] RIP: 0033:0x7fc65907cae9 [ 3062.767362][T30010] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3062.786953][T30010] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3062.795348][T30010] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3062.803300][T30010] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3062.811254][T30010] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3062.819212][T30010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3062.827187][T30010] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3062.835142][T30010] [ 3062.848421][T30009] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'. 20:14:10 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000004c00000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:10 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='iocharset=iso8859-9,shortname=lower,iocharset=cp85\b\x00\x00\x00\x00\x00\x00\x00ate=0,uni_xlate=1,shortname=win95,utf8=0,iocharset=cp936,rodir,shortname=mixed,shortname=win95,shortname=lower,check=strict,utf8=1,tz=UTC,\x00'], 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") (async) r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r1, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r2, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x1a404bd, &(0x7f0000000200)=ANY=[@ANYRESDEC=r1, @ANYRES8=r0, @ANYRESOCT=r1, @ANYRES16=r1, @ANYRES16=r1], 0x1, 0x0, &(0x7f0000000000)) [ 3062.870819][T30024] syz-executor.5[30024]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3062.880808][ T2161] usb 3-1: device descriptor read/64, error -71 [ 3062.901357][T30009] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3062.923251][T30009] CPU: 0 PID: 30009 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3062.933449][T30009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3062.943509][T30009] Call Trace: [ 3062.946792][T30009] [ 3062.949729][T30009] dump_stack_lvl+0x125/0x1b0 [ 3062.954514][T30009] sysfs_warn_dup+0x7f/0xa0 [ 3062.959039][T30009] sysfs_do_create_link_sd+0x11e/0x140 [ 3062.963895][T30024] loop5: detected capacity change from 0 to 256 [ 3062.964504][T30009] sysfs_create_link+0x61/0xc0 [ 3062.975945][T30009] device_add+0x669/0x1ac0 [ 3062.980365][T30009] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3062.987210][T30009] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3062.993103][T30009] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3062.999119][T30009] wiphy_register+0x2095/0x2ce0 [ 3063.003960][T30009] ? wiphy_unregister+0xb70/0xb70 [ 3063.008972][T30009] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3063.015026][T30009] ieee80211_register_hw+0x24d1/0x4250 [ 3063.020482][T30009] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3063.026026][T30009] ? rcu_is_watching+0x12/0xb0 [ 3063.030773][T30009] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3063.036738][T30009] ? __hrtimer_init+0x103/0x2c0 [ 3063.041585][T30009] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3063.047296][T30009] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3063.053001][T30009] ? rcu_is_watching+0x12/0xb0 [ 3063.057748][T30009] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3063.063629][T30009] hwsim_new_radio_nl+0xaf8/0x1240 [ 3063.068728][T30009] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3063.074611][T30009] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3063.081975][T30009] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3063.089354][T30009] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3063.094896][T30009] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3063.102276][T30009] ? ns_capable+0xd5/0x110 [ 3063.106681][T30009] genl_rcv_msg+0x55c/0x800 [ 3063.111183][T30009] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3063.117085][T30009] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3063.122968][T30009] netlink_rcv_skb+0x16b/0x440 [ 3063.127721][T30009] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3063.133607][T30009] ? netlink_ack+0x1370/0x1370 [ 3063.138356][T30009] ? rcu_is_watching+0x12/0xb0 [ 3063.143106][T30009] ? down_write+0x200/0x200 [ 3063.147592][T30009] ? netlink_deliver_tap+0x1b1/0xd10 [ 3063.152863][T30009] genl_rcv+0x28/0x40 [ 3063.156838][T30009] netlink_unicast+0x536/0x810 [ 3063.161590][T30009] ? netlink_attachskb+0x870/0x870 [ 3063.166689][T30009] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3063.172576][T30009] ? __phys_addr_symbol+0x30/0x70 [ 3063.177587][T30009] ? __check_object_size+0x323/0x730 [ 3063.182860][T30009] netlink_sendmsg+0x93c/0xe40 [ 3063.187615][T30009] ? netlink_unicast+0x810/0x810 [ 3063.192545][T30009] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3063.197825][T30009] ? netlink_unicast+0x810/0x810 [ 3063.202779][T30009] sock_sendmsg+0xd9/0x180 [ 3063.207187][T30009] ____sys_sendmsg+0x6ac/0x940 [ 3063.211940][T30009] ? copy_msghdr_from_user+0x10b/0x160 [ 3063.217405][T30009] ? kernel_sendmsg+0x50/0x50 [ 3063.222075][T30009] ? plist_check_list+0x1ae/0x280 [ 3063.227091][T30009] ? schedule+0xf1/0x1b0 [ 3063.231319][T30009] ___sys_sendmsg+0x135/0x1d0 [ 3063.235983][T30009] ? do_recvmmsg+0x740/0x740 [ 3063.240561][T30009] ? rcu_is_watching+0x12/0xb0 [ 3063.245312][T30009] ? rcu_is_watching+0x12/0xb0 [ 3063.250082][T30009] ? __fget_light+0xe6/0x260 [ 3063.254660][T30009] __sys_sendmsg+0x117/0x1e0 [ 3063.259242][T30009] ? __sys_sendmsg_sock+0x30/0x30 [ 3063.264257][T30009] ? xfd_validate_state+0x5d/0x180 [ 3063.269365][T30009] ? rcu_is_watching+0x12/0xb0 [ 3063.274126][T30009] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3063.280095][T30009] do_syscall_64+0x38/0xb0 [ 3063.284504][T30009] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3063.290394][T30009] RIP: 0033:0x7f1773a7cae9 [ 3063.294793][T30009] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3063.314385][T30009] RSP: 002b:00007f177476b0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3063.322783][T30009] RAX: ffffffffffffffda RBX: 00007f1773b9bf80 RCX: 00007f1773a7cae9 [ 3063.330741][T30009] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3063.338699][T30009] RBP: 00007f1773ac847a R08: 0000000000000000 R09: 0000000000000000 [ 3063.346653][T30009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3063.354619][T30009] R13: 000000000000000b R14: 00007f1773b9bf80 R15: 00007ffc226675b8 [ 3063.362591][T30009] [ 3063.384142][T30028] syz-executor.4[30028]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3063.404991][T30028] loop4: detected capacity change from 0 to 256 [ 3063.413775][T30026] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. 20:14:10 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x7000) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000561000/0x2000)=nil, 0x1000) r3 = shmget$private(0x0, 0x4000, 0x800, &(0x7f00009ff000/0x4000)=nil) shmat(r3, &(0x7f00000de000/0x4000)=nil, 0x0) shmat(r3, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_UNLOCK(0x0, 0xc) shmctl$SHM_LOCK(0x0, 0xb) r4 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x233000, 0x1000, 0x0, 0x1}, 0x20) mbind(&(0x7f00001b9000/0x4000)=nil, 0x4000, 0x4000, 0x0, 0xfffffffffffffffc, 0x10000000003) [ 3063.438776][T30026] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3063.457886][T30028] FAT-fs (loop4): IO charset cp85 not found [ 3063.464322][T30026] CPU: 1 PID: 30026 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3063.474393][T30026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3063.484452][T30026] Call Trace: [ 3063.487738][T30026] [ 3063.490680][T30026] dump_stack_lvl+0x125/0x1b0 [ 3063.495389][T30026] sysfs_warn_dup+0x7f/0xa0 [ 3063.499908][T30026] sysfs_do_create_link_sd+0x11e/0x140 [ 3063.505381][T30026] sysfs_create_link+0x61/0xc0 [ 3063.510164][T30026] device_add+0x669/0x1ac0 [ 3063.514591][T30026] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3063.521453][T30026] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3063.527356][T30026] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3063.533346][T30026] wiphy_register+0x2095/0x2ce0 [ 3063.538194][T30026] ? wiphy_unregister+0xb70/0xb70 [ 3063.543209][T30026] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3063.549261][T30026] ieee80211_register_hw+0x24d1/0x4250 [ 3063.554717][T30026] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3063.560257][T30026] ? rcu_is_watching+0x12/0xb0 [ 3063.565011][T30026] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3063.571074][T30026] ? __hrtimer_init+0x103/0x2c0 [ 3063.575915][T30026] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3063.581627][T30026] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3063.587334][T30026] ? rcu_is_watching+0x12/0xb0 [ 3063.592082][T30026] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3063.597966][T30026] hwsim_new_radio_nl+0xaf8/0x1240 [ 3063.603063][T30026] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3063.608944][T30026] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3063.616313][T30026] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3063.623676][T30026] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3063.629246][T30026] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3063.636616][T30026] ? ns_capable+0xd5/0x110 [ 3063.641022][T30026] genl_rcv_msg+0x55c/0x800 [ 3063.645520][T30026] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3063.651407][T30026] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3063.657296][T30026] netlink_rcv_skb+0x16b/0x440 [ 3063.662055][T30026] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3063.667942][T30026] ? netlink_ack+0x1370/0x1370 [ 3063.672694][T30026] ? rcu_is_watching+0x12/0xb0 [ 3063.677449][T30026] ? down_write+0x200/0x200 [ 3063.681940][T30026] ? netlink_deliver_tap+0x1b1/0xd10 [ 3063.687216][T30026] genl_rcv+0x28/0x40 [ 3063.691191][T30026] netlink_unicast+0x536/0x810 [ 3063.695945][T30026] ? netlink_attachskb+0x870/0x870 [ 3063.701045][T30026] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3063.706929][T30026] ? __phys_addr_symbol+0x30/0x70 [ 3063.711943][T30026] ? __check_object_size+0x323/0x730 [ 3063.717242][T30026] netlink_sendmsg+0x93c/0xe40 [ 3063.721998][T30026] ? netlink_unicast+0x810/0x810 [ 3063.726927][T30026] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3063.732204][T30026] ? netlink_unicast+0x810/0x810 [ 3063.737131][T30026] sock_sendmsg+0xd9/0x180 [ 3063.741537][T30026] ____sys_sendmsg+0x6ac/0x940 [ 3063.746287][T30026] ? copy_msghdr_from_user+0x10b/0x160 [ 3063.751736][T30026] ? kernel_sendmsg+0x50/0x50 [ 3063.756402][T30026] ? plist_check_list+0x1ae/0x280 [ 3063.761422][T30026] ? schedule+0xf1/0x1b0 [ 3063.765649][T30026] ___sys_sendmsg+0x135/0x1d0 [ 3063.770314][T30026] ? do_recvmmsg+0x740/0x740 [ 3063.774891][T30026] ? rcu_is_watching+0x12/0xb0 [ 3063.779657][T30026] ? rcu_is_watching+0x12/0xb0 [ 3063.784406][T30026] ? __fget_light+0xe6/0x260 [ 3063.788982][T30026] __sys_sendmsg+0x117/0x1e0 [ 3063.793559][T30026] ? __sys_sendmsg_sock+0x30/0x30 [ 3063.798568][T30026] ? xfd_validate_state+0x5d/0x180 [ 3063.803673][T30026] ? rcu_is_watching+0x12/0xb0 [ 3063.808417][T30026] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3063.814383][T30026] do_syscall_64+0x38/0xb0 [ 3063.818792][T30026] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3063.824680][T30026] RIP: 0033:0x7fc65907cae9 [ 3063.829080][T30026] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3063.848674][T30026] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3063.857069][T30026] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3063.865020][T30026] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3063.873000][T30026] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3063.880965][T30026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 20:14:10 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r3) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wpan0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000002c0)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r0, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80802}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x3c, r4, 0x8, 0x70bd27, 0x25dfdbff, {}, [@NL802154_ATTR_MAX_BE={0x5, 0x10, 0x19}, @NL802154_ATTR_MAX_BE={0x5, 0x10, 0x5}, @NL802154_ATTR_MAX_BE={0x5, 0x10, 0x7f}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) sendmsg$NL802154_CMD_SET_CCA_MODE(r7, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x3c, r4, 0x200, 0x70bd2c, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x1}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) 20:14:11 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000006000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3063.888922][T30026] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3063.896889][T30026] [ 3063.899941][ T2161] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 3063.953615][T30024] FAT-fs (loop5): Directory bread(block 64) failed [ 3063.960208][T30024] FAT-fs (loop5): Directory bread(block 65) failed [ 3063.969978][T30037] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3063.982943][T30037] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3063.998900][T30024] FAT-fs (loop5): Directory bread(block 66) failed [ 3064.005757][T30037] CPU: 1 PID: 30037 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3064.014162][T30024] FAT-fs (loop5): Directory bread(block 67) failed [ 3064.015820][T30037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3064.024892][T30024] FAT-fs (loop5): Directory bread(block 68) failed [ 3064.032354][T30037] Call Trace: [ 3064.032361][T30037] [ 3064.032368][T30037] dump_stack_lvl+0x125/0x1b0 [ 3064.032402][T30037] sysfs_warn_dup+0x7f/0xa0 [ 3064.039487][T30024] FAT-fs (loop5): Directory bread(block 69) failed [ 3064.042136][T30037] sysfs_do_create_link_sd+0x11e/0x140 [ 3064.045105][T30024] FAT-fs (loop5): Directory bread(block 70) failed [ 3064.049690][T30037] sysfs_create_link+0x61/0xc0 [ 3064.049719][T30037] device_add+0x669/0x1ac0 [ 3064.054577][T30024] FAT-fs (loop5): Directory bread(block 71) failed [ 3064.060869][T30037] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3064.060905][T30037] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3064.076869][T30024] FAT-fs (loop5): Directory bread(block 72) failed [ 3064.077543][T30037] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3064.081935][T30024] FAT-fs (loop5): Directory bread(block 73) failed [ 3064.088398][T30037] wiphy_register+0x2095/0x2ce0 [ 3064.088427][T30037] ? wiphy_unregister+0xb70/0xb70 [ 3064.129999][T30037] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3064.136067][T30037] ieee80211_register_hw+0x24d1/0x4250 [ 3064.136799][ T2161] usb 3-1: device descriptor read/64, error -71 [ 3064.141520][T30037] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3064.153272][T30037] ? rcu_is_watching+0x12/0xb0 [ 3064.158057][T30037] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3064.164022][T30037] ? __hrtimer_init+0x103/0x2c0 [ 3064.168861][T30037] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3064.174570][T30037] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3064.180278][T30037] ? rcu_is_watching+0x12/0xb0 [ 3064.185027][T30037] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3064.190916][T30037] hwsim_new_radio_nl+0xaf8/0x1240 [ 3064.196013][T30037] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3064.201895][T30037] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3064.209269][T30037] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3064.216664][T30037] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3064.222388][T30037] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3064.229886][T30037] ? ns_capable+0xd5/0x110 [ 3064.234291][T30037] genl_rcv_msg+0x55c/0x800 [ 3064.238794][T30037] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3064.244701][T30037] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3064.250588][T30037] netlink_rcv_skb+0x16b/0x440 [ 3064.255344][T30037] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3064.261230][T30037] ? netlink_ack+0x1370/0x1370 [ 3064.266001][T30037] ? rcu_is_watching+0x12/0xb0 [ 3064.267925][ T2161] usb usb3-port1: attempt power cycle [ 3064.270753][T30037] ? down_write+0x200/0x200 [ 3064.280593][T30037] ? netlink_deliver_tap+0x1b1/0xd10 [ 3064.285862][T30037] genl_rcv+0x28/0x40 [ 3064.289833][T30037] netlink_unicast+0x536/0x810 [ 3064.294588][T30037] ? netlink_attachskb+0x870/0x870 [ 3064.299778][T30037] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3064.305664][T30037] ? __phys_addr_symbol+0x30/0x70 [ 3064.310675][T30037] ? __check_object_size+0x323/0x730 [ 3064.315978][T30037] netlink_sendmsg+0x93c/0xe40 [ 3064.320731][T30037] ? netlink_unicast+0x810/0x810 [ 3064.325659][T30037] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3064.330926][T30037] ? netlink_unicast+0x810/0x810 [ 3064.335850][T30037] sock_sendmsg+0xd9/0x180 [ 3064.340251][T30037] ____sys_sendmsg+0x6ac/0x940 [ 3064.344999][T30037] ? copy_msghdr_from_user+0x10b/0x160 [ 3064.350448][T30037] ? kernel_sendmsg+0x50/0x50 [ 3064.355109][T30037] ? plist_check_list+0x1ae/0x280 [ 3064.360135][T30037] ? schedule+0xf1/0x1b0 [ 3064.364372][T30037] ___sys_sendmsg+0x135/0x1d0 [ 3064.369042][T30037] ? do_recvmmsg+0x740/0x740 [ 3064.373620][T30037] ? rcu_is_watching+0x12/0xb0 [ 3064.378418][T30037] ? rcu_is_watching+0x12/0xb0 [ 3064.383192][T30037] ? __fget_light+0xe6/0x260 [ 3064.387763][T30037] __sys_sendmsg+0x117/0x1e0 [ 3064.392336][T30037] ? __sys_sendmsg_sock+0x30/0x30 [ 3064.397427][T30037] ? xfd_validate_state+0x5d/0x180 [ 3064.402528][T30037] ? rcu_is_watching+0x12/0xb0 [ 3064.407271][T30037] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3064.413227][T30037] do_syscall_64+0x38/0xb0 [ 3064.417627][T30037] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3064.423501][T30037] RIP: 0033:0x7fc65907cae9 [ 3064.427902][T30037] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3064.447501][T30037] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3064.455892][T30037] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3064.463844][T30037] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3064.471797][T30037] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3064.479749][T30037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3064.487702][T30037] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3064.495660][T30037] [ 3064.679018][ T2161] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 3064.776933][ T2161] usb 3-1: device descriptor read/8, error -71 [ 3065.047012][ T2161] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 3065.136926][ T2161] usb 3-1: device descriptor read/8, error -71 20:14:12 executing program 4: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="696f636861727365743d69736f383834392d39a0f0686f72746e616d653d6c6f7765722c696f636861727365743d63703835372c756e695f786c6174653d7e2c756e695f786c6174653d312c73686f72746e616d653d77696e58352c757466383d302c696f636861727365743d63703933362c726f6469722c73686f72746e615c653d6d697865642c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c6368656366383d312c747a3d5554432c00"], 0x0, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r0, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r1, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r2, &(0x7f0000000040)={0x24, @short={0x2, 0x2, 0xaaa1}}, 0x14) bind$802154_raw(r2, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) syz_mount_image$hfs(&(0x7f00000001c0), &(0x7f0000002380)='./file0/file0\x00', 0x800001, &(0x7f0000000680)={[{@gid}, {@creator={'creator', 0x3d, "652df4db"}}, {@type={'type', 0x3d, "2982541d"}}, {@codepage={'codepage', 0x3d, 'koi8-u'}}, {@creator={'creator', 0x3d, "5e2dfe47"}}, {@dir_umask={'dir_umask', 0x3d, 0x800}}, {@umask={'umask', 0x3d, 0x80}}, {@iocharset={'iocharset', 0x3d, 'cp869'}}]}, 0x1, 0x300, &(0x7f00000002c0)="$eJzs3T1PFEEcx/Hf7C13nBA8HgyJJUJiYZSHxBgbiaH0BVhYiHAmxAsmgolQobUxdr4CO1uNra2V8Q2IjZWVFbE5M7O7594xe3eLwIJ8Pwnr7O48/d3b2ZlLYAXgzLq99O3twg/7Y6SSSpJuSoGkQSmUdEGTg0/XN9d2G/XVzFqqtqwtYX+MopJmX7aV9Xr7gYrb2nKuRKxm90INp495LYzkCxb7NJvN5m7PXL/SO9Wj7A+K4e5+jyC6Se2d6M67ezXenk7GMzCdEakrbPa0p2diAAWAMy5+/gfxU2I4nr8HgTQTP/BTz3+n1+z8JLqSJPaK7UfhWs//INpvGnt9z7tTbr23add7JrncQbJK7FGtdw5ZVvTJajuZasXP9SWoPlxr1K/uuApe6FYslW3CbVeVBOL06O1Uvilgn7F7DLkYBmwM8xn9H8/Zolt9vfE311dU5rP5ImnH7STzv7Bp7GVyV6rWcaWi/s9m1+iirEW52qIM3w/EWUZdIxfjFvTxXY8o5Yaaku2LT9mOPqMdQ1At6efrcmYpaayjVBTdXHZ0rtS4t9R8a/+3t9REZ6no07zyuJH9VcpBlaTe63jLvDJ3zZR+6oOWUvP/wNYwo+w7s23NZ1zO+JPRNZ7Q5cy4jm2CvrqPw/FSD3RDIxtb24+WG436k66JT33k8SS+K3WknLt4AQlJ0/Z/56T0J06EOo62ksH675Fk9Cr9S82VjaSaja3ta9eTU4v+UmVt26yLko4y5DvynCrP+BqVt57kWXtI/Qnzliqp4u/YYSWOfURCAVJD3+S9ojuDIth5l4nWf6n1yqwb4Oym1mWe3kylvd8HpGqci9YGrbngYvzvmNuey7WCG8pe6wwliR5rrkuXpel4pTC4r8XnndXW4n7+J8ySvuo+3/8DAAAAAAAAAAAAAAAAAACcNnl/MaC6HB7kl2pO8x8MAQAAAAAAAAAAAAAAAAAAAACgcH2//7fLm5qcLu//bSUqne//jRzo/b9mJ2ekADr9CQAA//8Qg2k3") bind$802154_raw(r3, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a04cbc, &(0x7f0000000140)=ANY=[@ANYRES64=r3], 0x0, 0x0, &(0x7f0000000000)) 20:14:12 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x7000) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) r3 = shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000561000/0x2000)=nil, 0x1000) r4 = shmget$private(0x0, 0x4000, 0x800, &(0x7f00009ff000/0x4000)=nil) shmat(r4, &(0x7f00000de000/0x4000)=nil, 0x0) shmat(r4, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_UNLOCK(0x0, 0xc) shmctl$SHM_LOCK(r3, 0xb) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x233000, 0x1000, 0x0, 0x1}, 0x20) mbind(&(0x7f00001b9000/0x4000)=nil, 0x4000, 0x4000, 0x0, 0xfffffffffffffffc, 0x10000000003) 20:14:12 executing program 5: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000200)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@shortname_winnt}]}, 0x7, 0x31c, &(0x7f0000000540)="$eJzs3TtoZFUYB/D/7CQzWWFNCmHBxtFOkLCJWGhjlmWFxRQ+GHyARXCzIpm4sIGBbJFsKrEUbASt7Cy03FqsxM7CVgXxgY1r44KLV+68J481ETPx8fsV4eSc893znbmHXDIk3yTJ5elcuXXru8zMVDK1dGEptyuZy6lU03UjAMB/ye2iyM9F10nnAgBMRuf5/9qZk04DAJigQ/7+/8y+vVePLS0A4Bj1n/+/9p//D40N18ZnTw3+JgAA+Pd6/qWXnz6/nDzXaMwk62+2m+1mnhiOn7+S19PKas5lNneS7hsF3XcLyq9PXVq+eK5R+n4uzTKi3UzWt9vN6mh8PQuZzVwvvhjEV8v4hU58I8mN7c76Wa+0m9OVfvxX92Q1i5nNfXvik0vLFxcbvQs01/vx28lOZvqbKPOfz2y+eDVX08rllLHD/LcWGo0LxfJYfLtZ78wDAAAAAAAAAAAAAAAAAAAAAIDjMN8YmBvUvymG9Xvm+xMe6AUM6uN0v+3V99np1gcq6v3qPG9Vd9cHauyqrzOVUye3bQAAAAAAAAAAAAAAAAAAAPhH2disZaXVWr22sXl9bbSxPdLzxmcffXo6e+f8SWOqt8bIUDWDOUW1P7mojs1Zq6RsVJPh5A9vDjLu9VTKdn2wi33TqB881GqdefDb9/Yb+n3YU81Rt3x9bf3ebkp3mfPkcBe7hhbvvkRmkuKg1bfe3RuVSjJ19Bt3iMZSkkc3zj7W6fmkV/Th4UdmX/j6nQ9+LFPt3J/TaTWS3Cn+0lr1lLdgeDYq6TYq4yfhkBesZXOl+uVPL97/9ueHiypGemrjx3is8fHunlr/GOdQ52f6wCv/rY2z7y+t3Nz65ofxoekMX5/xV3Xkh4RCHQAAAAAAAAAAAAAAAAAAMBEj/yt+BI8/e3wZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDkDT//f6SxM9JTS7LfnL2N37azd6i+em3jgKVf+WXCewUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/rjwAAAP//2nBvrQ==") mkdir(&(0x7f00000000c0)='./file0\x00', 0x4) 20:14:12 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r3) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wpan0\x00', 0x0}) (async) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000002c0)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r0, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80802}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x3c, r4, 0x8, 0x70bd27, 0x25dfdbff, {}, [@NL802154_ATTR_MAX_BE={0x5, 0x10, 0x19}, @NL802154_ATTR_MAX_BE={0x5, 0x10, 0x5}, @NL802154_ATTR_MAX_BE={0x5, 0x10, 0x7f}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) (async) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) (async) sendmsg$NL802154_CMD_SET_CCA_MODE(r7, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x3c, r4, 0x200, 0x70bd2c, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x1}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) 20:14:12 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000006800000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:12 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) [ 3065.257276][ T2161] usb usb3-port1: unable to enumerate USB device 20:14:12 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r3) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wpan0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000002c0)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r0, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80802}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x3c, r4, 0x8, 0x70bd27, 0x25dfdbff, {}, [@NL802154_ATTR_MAX_BE={0x5, 0x10, 0x19}, @NL802154_ATTR_MAX_BE={0x5, 0x10, 0x5}, @NL802154_ATTR_MAX_BE={0x5, 0x10, 0x7f}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) sendmsg$NL802154_CMD_SET_CCA_MODE(r7, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x3c, r4, 0x200, 0x70bd2c, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x1}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) (async) syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r3) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wpan0\x00'}) (async) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000002c0)={'wpan1\x00'}) (async) sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r0, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80802}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x3c, r4, 0x8, 0x70bd27, 0x25dfdbff, {}, [@NL802154_ATTR_MAX_BE={0x5, 0x10, 0x19}, @NL802154_ATTR_MAX_BE={0x5, 0x10, 0x5}, @NL802154_ATTR_MAX_BE={0x5, 0x10, 0x7f}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) (async) sendmsg$NL802154_CMD_SET_CCA_MODE(r7, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x3c, r4, 0x200, 0x70bd2c, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x1}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000340)={'wpan1\x00'}) (async) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) (async) [ 3065.320014][T30048] syz-executor.5[30048]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3065.336045][T30050] syz-executor.4[30050]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3065.339942][T30049] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3065.356302][T30048] loop5: detected capacity change from 0 to 256 [ 3065.378439][T30050] loop4: detected capacity change from 0 to 256 [ 3065.393705][T30050] FAT-fs (loop4): Unrecognized mount option "uni_xlate=~" or missing value [ 3065.405055][T30049] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3065.414255][T30049] CPU: 1 PID: 30049 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3065.423612][T30048] FAT-fs (loop5): Directory bread(block 64) failed [ 3065.424319][T30049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3065.424331][T30049] Call Trace: [ 3065.424338][T30049] [ 3065.424345][T30049] dump_stack_lvl+0x125/0x1b0 [ 3065.432913][T30048] FAT-fs (loop5): Directory bread(block 65) failed [ 3065.440967][T30049] sysfs_warn_dup+0x7f/0xa0 [ 3065.440996][T30049] sysfs_do_create_link_sd+0x11e/0x140 [ 3065.441022][T30049] sysfs_create_link+0x61/0xc0 [ 3065.445401][T30048] FAT-fs (loop5): Directory bread(block 66) failed [ 3065.447367][T30049] device_add+0x669/0x1ac0 [ 3065.447400][T30049] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3065.447429][T30049] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3065.447459][T30049] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3065.447484][T30049] wiphy_register+0x2095/0x2ce0 [ 3065.447506][T30049] ? wiphy_unregister+0xb70/0xb70 [ 3065.447532][T30049] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3065.447553][T30049] ieee80211_register_hw+0x24d1/0x4250 [ 3065.447581][T30049] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3065.447607][T30049] ? rcu_is_watching+0x12/0xb0 [ 3065.447625][T30049] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3065.447646][T30049] ? __hrtimer_init+0x103/0x2c0 [ 3065.457522][T30048] FAT-fs (loop5): Directory bread(block 67) failed [ 3065.458766][T30049] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3065.458799][T30049] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3065.463391][T30048] FAT-fs (loop5): Directory bread(block 68) failed [ 3065.468699][T30049] ? rcu_is_watching+0x12/0xb0 [ 3065.468723][T30049] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3065.468749][T30049] hwsim_new_radio_nl+0xaf8/0x1240 [ 3065.468777][T30049] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3065.468807][T30049] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3065.468845][T30049] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3065.468885][T30049] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3065.468924][T30049] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3065.468968][T30049] ? ns_capable+0xd5/0x110 [ 3065.468999][T30049] genl_rcv_msg+0x55c/0x800 [ 3065.469034][T30049] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3065.469070][T30049] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3065.469103][T30049] netlink_rcv_skb+0x16b/0x440 [ 3065.469136][T30049] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3065.469173][T30049] ? netlink_ack+0x1370/0x1370 [ 3065.469204][T30049] ? rcu_is_watching+0x12/0xb0 [ 3065.469234][T30049] ? down_write+0x200/0x200 [ 3065.469259][T30049] ? netlink_deliver_tap+0x1b1/0xd10 [ 3065.469294][T30049] genl_rcv+0x28/0x40 [ 3065.469326][T30049] netlink_unicast+0x536/0x810 [ 3065.469361][T30049] ? netlink_attachskb+0x870/0x870 [ 3065.469393][T30049] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3065.469431][T30049] ? __phys_addr_symbol+0x30/0x70 [ 3065.469459][T30049] ? __check_object_size+0x323/0x730 [ 3065.469491][T30049] netlink_sendmsg+0x93c/0xe40 [ 3065.469533][T30049] ? netlink_unicast+0x810/0x810 [ 3065.469570][T30049] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3065.469604][T30049] ? netlink_unicast+0x810/0x810 [ 3065.469636][T30049] sock_sendmsg+0xd9/0x180 [ 3065.484118][T30048] FAT-fs (loop5): Directory bread(block 69) failed [ 3065.485279][T30049] ____sys_sendmsg+0x6ac/0x940 [ 3065.485307][T30049] ? copy_msghdr_from_user+0x10b/0x160 [ 3065.492622][T30048] FAT-fs (loop5): Directory bread(block 70) failed [ 3065.498002][T30049] ? kernel_sendmsg+0x50/0x50 [ 3065.498029][T30049] ? plist_check_list+0x1ae/0x280 [ 3065.498062][T30049] ? schedule+0xf1/0x1b0 [ 3065.498085][T30049] ___sys_sendmsg+0x135/0x1d0 [ 3065.498120][T30049] ? do_recvmmsg+0x740/0x740 [ 3065.498152][T30049] ? rcu_is_watching+0x12/0xb0 [ 3065.498184][T30049] ? rcu_is_watching+0x12/0xb0 [ 3065.498213][T30049] ? __fget_light+0xe6/0x260 [ 3065.498240][T30049] __sys_sendmsg+0x117/0x1e0 [ 3065.498274][T30049] ? __sys_sendmsg_sock+0x30/0x30 [ 3065.498306][T30049] ? xfd_validate_state+0x5d/0x180 [ 3065.498343][T30049] ? rcu_is_watching+0x12/0xb0 [ 3065.804160][T30049] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3065.810138][T30049] do_syscall_64+0x38/0xb0 [ 3065.814566][T30049] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3065.820468][T30049] RIP: 0033:0x7fc65907cae9 [ 3065.824867][T30049] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3065.844480][T30049] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3065.852880][T30049] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3065.860834][T30049] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3065.868793][T30049] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 20:14:13 executing program 0: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000200)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@shortname_winnt}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") pipe(&(0x7f0000000100)={0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r3, 0x0, 0xf3a, 0x0) splice(r1, 0x0, r3, 0x0, 0x82, 0x0) write(r3, &(0x7f0000000140)="ce", 0x1) read$rfkill(r3, &(0x7f0000000040), 0x8) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000540)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRES32=r0, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000d3000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a15bfd094f3f32d87f960fc05f96fff210f3ac83850fcde491c798df120ba80361c10ee5a8b1206b197cb82186d6e2172e0abb83875d5706af52be02b571570fe15600ea729630721fb60446da5d544638336507090f0e521c6988b6249d2fbb87c113b7676d0a0dc832d333a36a0593528b09bb96f8b14607134f16ba564df8cd92fd48ad56b8dadaa0ba90540aaf8515f3e73e46d081567284af146e78aab04a", @ANYRESOCT, @ANYRES8=r0, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) [ 3065.876754][T30049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3065.884718][T30049] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3065.892677][T30049] [ 3065.905963][T30048] FAT-fs (loop5): Directory bread(block 71) failed [ 3065.912583][T30048] FAT-fs (loop5): Directory bread(block 72) failed [ 3065.920627][T30048] FAT-fs (loop5): Directory bread(block 73) failed 20:14:13 executing program 5: mkdir(&(0x7f00000000c0)='./file0\x00', 0x4) 20:14:13 executing program 4: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="696f636861727365743d69736f383834392d39a0f0686f72746e616d653d6c6f7765722c696f636861727365743d63703835372c756e695f786c6174653d7e2c756e695f786c6174653d312c73686f72746e616d653d77696e58352c757466383d302c696f636861727365743d63703933362c726f6469722c73686f72746e615c653d6d697865642c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c6368656366383d312c747a3d5554432c00"], 0x0, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r0, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r1, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r2, &(0x7f0000000040)={0x24, @short={0x2, 0x2, 0xaaa1}}, 0x14) (async, rerun: 32) bind$802154_raw(r2, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) (rerun: 32) r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) syz_mount_image$hfs(&(0x7f00000001c0), &(0x7f0000002380)='./file0/file0\x00', 0x800001, &(0x7f0000000680)={[{@gid}, {@creator={'creator', 0x3d, "652df4db"}}, {@type={'type', 0x3d, "2982541d"}}, {@codepage={'codepage', 0x3d, 'koi8-u'}}, {@creator={'creator', 0x3d, "5e2dfe47"}}, {@dir_umask={'dir_umask', 0x3d, 0x800}}, {@umask={'umask', 0x3d, 0x80}}, {@iocharset={'iocharset', 0x3d, 'cp869'}}]}, 0x1, 0x300, &(0x7f00000002c0)="$eJzs3T1PFEEcx/Hf7C13nBA8HgyJJUJiYZSHxBgbiaH0BVhYiHAmxAsmgolQobUxdr4CO1uNra2V8Q2IjZWVFbE5M7O7594xe3eLwIJ8Pwnr7O48/d3b2ZlLYAXgzLq99O3twg/7Y6SSSpJuSoGkQSmUdEGTg0/XN9d2G/XVzFqqtqwtYX+MopJmX7aV9Xr7gYrb2nKuRKxm90INp495LYzkCxb7NJvN5m7PXL/SO9Wj7A+K4e5+jyC6Se2d6M67ezXenk7GMzCdEakrbPa0p2diAAWAMy5+/gfxU2I4nr8HgTQTP/BTz3+n1+z8JLqSJPaK7UfhWs//INpvGnt9z7tTbr23add7JrncQbJK7FGtdw5ZVvTJajuZasXP9SWoPlxr1K/uuApe6FYslW3CbVeVBOL06O1Uvilgn7F7DLkYBmwM8xn9H8/Zolt9vfE311dU5rP5ImnH7STzv7Bp7GVyV6rWcaWi/s9m1+iirEW52qIM3w/EWUZdIxfjFvTxXY8o5Yaaku2LT9mOPqMdQ1At6efrcmYpaayjVBTdXHZ0rtS4t9R8a/+3t9REZ6no07zyuJH9VcpBlaTe63jLvDJ3zZR+6oOWUvP/wNYwo+w7s23NZ1zO+JPRNZ7Q5cy4jm2CvrqPw/FSD3RDIxtb24+WG436k66JT33k8SS+K3WknLt4AQlJ0/Z/56T0J06EOo62ksH675Fk9Cr9S82VjaSaja3ta9eTU4v+UmVt26yLko4y5DvynCrP+BqVt57kWXtI/Qnzliqp4u/YYSWOfURCAVJD3+S9ojuDIth5l4nWf6n1yqwb4Oym1mWe3kylvd8HpGqci9YGrbngYvzvmNuey7WCG8pe6wwliR5rrkuXpel4pTC4r8XnndXW4n7+J8ySvuo+3/8DAAAAAAAAAAAAAAAAAACcNnl/MaC6HB7kl2pO8x8MAQAAAAAAAAAAAAAAAAAAAACgcH2//7fLm5qcLu//bSUqne//jRzo/b9mJ2ekADr9CQAA//8Qg2k3") bind$802154_raw(r3, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) (async) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a04cbc, &(0x7f0000000140)=ANY=[@ANYRES64=r3], 0x0, 0x0, &(0x7f0000000000)) [ 3065.955654][T30050] syz-executor.4[30050]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3065.992061][T30060] syz-executor.0[30060]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set 20:14:13 executing program 5: mkdir(&(0x7f00000000c0)='./file0\x00', 0x4) 20:14:13 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r0) sendmsg$IEEE802154_START_REQ(r4, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x64, r5, 0x8, 0x70bd2b, 0x25dfdbfb, {}, [@IEEE802154_ATTR_COORD_PAN_ID={0x6}, @IEEE802154_ATTR_COORD_REALIGN={0x5, 0x1b, 0x2}, @IEEE802154_ATTR_COORD_REALIGN={0x5, 0x1b, 0x80}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x1d}, @IEEE802154_ATTR_COORD_PAN_ID={0x6, 0xa, 0x2}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0x80}, @IEEE802154_ATTR_BCN_ORD={0x5, 0x17, 0x7}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0xda}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0x85}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x1e}]}, 0x64}, 0x1, 0x0, 0x0, 0x8d1}, 0x40091) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="4d7e00000000200000002a0000000dcc8ffff56fec9405003600000000000c0005000000000000000000050037000000000008000200", @ANYRES32=r6, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) [ 3066.031627][T30060] loop0: detected capacity change from 0 to 256 [ 3066.042625][T30062] syz-executor.4[30062]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set 20:14:13 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000006c00000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3066.099768][T30062] loop4: detected capacity change from 0 to 256 [ 3066.128573][T30062] FAT-fs (loop4): Unrecognized mount option "uni_xlate=~" or missing value [ 3066.132995][T30067] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.3'. 20:14:13 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) (async) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r0) sendmsg$IEEE802154_START_REQ(r4, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x64, r5, 0x8, 0x70bd2b, 0x25dfdbfb, {}, [@IEEE802154_ATTR_COORD_PAN_ID={0x6}, @IEEE802154_ATTR_COORD_REALIGN={0x5, 0x1b, 0x2}, @IEEE802154_ATTR_COORD_REALIGN={0x5, 0x1b, 0x80}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x1d}, @IEEE802154_ATTR_COORD_PAN_ID={0x6, 0xa, 0x2}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0x80}, @IEEE802154_ATTR_BCN_ORD={0x5, 0x17, 0x7}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0xda}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0x85}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x1e}]}, 0x64}, 0x1, 0x0, 0x0, 0x8d1}, 0x40091) (async) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="4d7e00000000200000002a0000000dcc8ffff56fec9405003600000000000c0005000000000000000000050037000000000008000200", @ANYRES32=r6, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) 20:14:13 executing program 5: mkdir(&(0x7f00000000c0)='./file0\x00', 0x4) [ 3066.149835][T30069] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3066.161852][T30060] FAT-fs (loop0): Directory bread(block 64) failed [ 3066.178120][T30060] FAT-fs (loop0): Directory bread(block 65) failed [ 3066.190262][T30060] FAT-fs (loop0): Directory bread(block 66) failed 20:14:13 executing program 5: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000200)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@shortname_winnt}]}, 0x7, 0x31c, &(0x7f0000000540)="$eJzs3TtoZFUYB/D/7CQzWWFNCmHBxtFOkLCJWGhjlmWFxRQ+GHyARXCzIpm4sIGBbJFsKrEUbASt7Cy03FqsxM7CVgXxgY1r44KLV+68J481ETPx8fsV4eSc893znbmHXDIk3yTJ5elcuXXru8zMVDK1dGEptyuZy6lU03UjAMB/ye2iyM9F10nnAgBMRuf5/9qZk04DAJigQ/7+/8y+vVePLS0A4Bj1n/+/9p//D40N18ZnTw3+JgAA+Pd6/qWXnz6/nDzXaMwk62+2m+1mnhiOn7+S19PKas5lNneS7hsF3XcLyq9PXVq+eK5R+n4uzTKi3UzWt9vN6mh8PQuZzVwvvhjEV8v4hU58I8mN7c76Wa+0m9OVfvxX92Q1i5nNfXvik0vLFxcbvQs01/vx28lOZvqbKPOfz2y+eDVX08rllLHD/LcWGo0LxfJYfLtZ78wDAAAAAAAAAAAAAAAAAAAAAIDjMN8YmBvUvymG9Xvm+xMe6AUM6uN0v+3V99np1gcq6v3qPG9Vd9cHauyqrzOVUye3bQAAAAAAAAAAAAAAAAAAAPhH2disZaXVWr22sXl9bbSxPdLzxmcffXo6e+f8SWOqt8bIUDWDOUW1P7mojs1Zq6RsVJPh5A9vDjLu9VTKdn2wi33TqB881GqdefDb9/Yb+n3YU81Rt3x9bf3ebkp3mfPkcBe7hhbvvkRmkuKg1bfe3RuVSjJ19Bt3iMZSkkc3zj7W6fmkV/Th4UdmX/j6nQ9+LFPt3J/TaTWS3Cn+0lr1lLdgeDYq6TYq4yfhkBesZXOl+uVPL97/9ueHiypGemrjx3is8fHunlr/GOdQ52f6wCv/rY2z7y+t3Nz65ofxoekMX5/xV3Xkh4RCHQAAAAAAAAAAAAAAAAAAMBEj/yt+BI8/e3wZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDkDT//f6SxM9JTS7LfnL2N37azd6i+em3jgKVf+WXCewUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/rjwAAAP//2nBvrQ==") mkdir(0x0, 0x4) [ 3066.191703][T30069] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3066.204557][T30060] FAT-fs (loop0): Directory bread(block 67) failed [ 3066.220574][T30060] FAT-fs (loop0): Directory bread(block 68) failed [ 3066.227509][T29067] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 3066.231577][T30069] CPU: 0 PID: 30069 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3066.245096][T30069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3066.245095][T30060] FAT-fs (loop0): Directory bread(block 69) failed [ 3066.245170][T30060] FAT-fs (loop0): Directory bread(block 70) failed [ 3066.255137][T30069] Call Trace: [ 3066.255145][T30069] [ 3066.255153][T30069] dump_stack_lvl+0x125/0x1b0 [ 3066.255190][T30069] sysfs_warn_dup+0x7f/0xa0 [ 3066.262480][T30060] FAT-fs (loop0): Directory bread(block 71) failed [ 3066.268124][T30069] sysfs_do_create_link_sd+0x11e/0x140 [ 3066.268156][T30069] sysfs_create_link+0x61/0xc0 [ 3066.273822][T30060] FAT-fs (loop0): Directory bread(block 72) failed [ 3066.274331][T30069] device_add+0x669/0x1ac0 [ 3066.284032][T30060] FAT-fs (loop0): Directory bread(block 73) failed [ 3066.290006][T30069] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3066.290047][T30069] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3066.330362][T30069] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3066.334952][T30081] syz-executor.5[30081]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3066.336350][T30069] wiphy_register+0x2095/0x2ce0 [ 3066.336380][T30069] ? wiphy_unregister+0xb70/0xb70 [ 3066.349366][T30081] loop5: detected capacity change from 0 to 256 [ 3066.350835][T30069] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3066.350863][T30069] ieee80211_register_hw+0x24d1/0x4250 [ 3066.373589][T30069] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3066.379149][T30069] ? rcu_is_watching+0x12/0xb0 [ 3066.383917][T30069] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3066.389910][T30069] ? __hrtimer_init+0x103/0x2c0 [ 3066.394755][T30069] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3066.400469][T30069] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3066.406171][T30069] ? rcu_is_watching+0x12/0xb0 [ 3066.410921][T30069] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3066.416811][T30069] hwsim_new_radio_nl+0xaf8/0x1240 [ 3066.421911][T30069] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3066.427790][T30069] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3066.435155][T30069] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3066.442540][T30069] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3066.448085][T30069] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3066.455449][T30069] ? ns_capable+0xd5/0x110 [ 3066.459871][T30069] genl_rcv_msg+0x55c/0x800 [ 3066.464369][T30069] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3066.470255][T30069] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3066.476224][T30069] netlink_rcv_skb+0x16b/0x440 [ 3066.480984][T30069] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3066.486871][T30069] ? netlink_ack+0x1370/0x1370 [ 3066.491621][T30069] ? rcu_is_watching+0x12/0xb0 [ 3066.496370][T30069] ? down_write+0x200/0x200 [ 3066.500860][T30069] ? netlink_deliver_tap+0x1b1/0xd10 [ 3066.506133][T30069] genl_rcv+0x28/0x40 [ 3066.510107][T30069] netlink_unicast+0x536/0x810 [ 3066.514862][T30069] ? netlink_attachskb+0x870/0x870 [ 3066.519964][T30069] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3066.525935][T30069] ? __phys_addr_symbol+0x30/0x70 [ 3066.530951][T30069] ? __check_object_size+0x323/0x730 [ 3066.536312][T30069] netlink_sendmsg+0x93c/0xe40 [ 3066.541067][T30069] ? netlink_unicast+0x810/0x810 [ 3066.546001][T30069] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3066.551280][T30069] ? netlink_unicast+0x810/0x810 [ 3066.556300][T30069] sock_sendmsg+0xd9/0x180 [ 3066.560708][T30069] ____sys_sendmsg+0x6ac/0x940 [ 3066.565459][T30069] ? copy_msghdr_from_user+0x10b/0x160 [ 3066.570905][T30069] ? kernel_sendmsg+0x50/0x50 [ 3066.575569][T30069] ? plist_check_list+0x1ae/0x280 [ 3066.580585][T30069] ? schedule+0xf1/0x1b0 [ 3066.584819][T30069] ___sys_sendmsg+0x135/0x1d0 [ 3066.589493][T30069] ? do_recvmmsg+0x740/0x740 [ 3066.594070][T30069] ? rcu_is_watching+0x12/0xb0 [ 3066.598825][T30069] ? rcu_is_watching+0x12/0xb0 [ 3066.603578][T30069] ? __fget_light+0xe6/0x260 [ 3066.608176][T30069] __sys_sendmsg+0x117/0x1e0 [ 3066.612755][T30069] ? __sys_sendmsg_sock+0x30/0x30 [ 3066.617767][T30069] ? xfd_validate_state+0x5d/0x180 [ 3066.622874][T30069] ? rcu_is_watching+0x12/0xb0 [ 3066.627619][T30069] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3066.633583][T30069] do_syscall_64+0x38/0xb0 [ 3066.637992][T30069] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3066.643880][T30069] RIP: 0033:0x7fc65907cae9 [ 3066.648279][T30069] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3066.667874][T30069] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3066.676273][T30069] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3066.684231][T30069] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3066.692189][T30069] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3066.700146][T30069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3066.708103][T30069] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3066.716061][T30069] 20:14:14 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r0) sendmsg$IEEE802154_START_REQ(r4, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x64, r5, 0x8, 0x70bd2b, 0x25dfdbfb, {}, [@IEEE802154_ATTR_COORD_PAN_ID={0x6}, @IEEE802154_ATTR_COORD_REALIGN={0x5, 0x1b, 0x2}, @IEEE802154_ATTR_COORD_REALIGN={0x5, 0x1b, 0x80}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x1d}, @IEEE802154_ATTR_COORD_PAN_ID={0x6, 0xa, 0x2}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0x80}, @IEEE802154_ATTR_BCN_ORD={0x5, 0x17, 0x7}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0xda}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0x85}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x1e}]}, 0x64}, 0x1, 0x0, 0x0, 0x8d1}, 0x40091) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="4d7e00000000200000002a0000000dcc8ffff56fec9405003600000000000c0005000000000000000000050037000000000008000200", @ANYRES32=r6, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) (async) syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r0) (async) sendmsg$IEEE802154_START_REQ(r4, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x64, r5, 0x8, 0x70bd2b, 0x25dfdbfb, {}, [@IEEE802154_ATTR_COORD_PAN_ID={0x6}, @IEEE802154_ATTR_COORD_REALIGN={0x5, 0x1b, 0x2}, @IEEE802154_ATTR_COORD_REALIGN={0x5, 0x1b, 0x80}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x1d}, @IEEE802154_ATTR_COORD_PAN_ID={0x6, 0xa, 0x2}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0x80}, @IEEE802154_ATTR_BCN_ORD={0x5, 0x17, 0x7}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0xda}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0x85}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x1e}]}, 0x64}, 0x1, 0x0, 0x0, 0x8d1}, 0x40091) (async) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00'}) (async) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="4d7e00000000200000002a0000000dcc8ffff56fec9405003600000000000c0005000000000000000000050037000000000008000200", @ANYRES32=r6, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) (async) [ 3066.748601][T30062] syz-executor.4[30062]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3066.779370][T30081] FAT-fs (loop5): Directory bread(block 64) failed [ 3066.786522][T30085] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3066.791327][T30085] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3066.799228][T30081] FAT-fs (loop5): Directory bread(block 65) failed [ 3066.812260][T30081] FAT-fs (loop5): Directory bread(block 66) failed [ 3066.818887][T30081] FAT-fs (loop5): Directory bread(block 67) failed [ 3066.834799][T30081] FAT-fs (loop5): Directory bread(block 68) failed [ 3066.841509][T29067] usb 3-1: device descriptor read/64, error -71 [ 3066.849720][T30081] FAT-fs (loop5): Directory bread(block 69) failed [ 3066.856435][T30081] FAT-fs (loop5): Directory bread(block 70) failed [ 3066.863129][T30081] FAT-fs (loop5): Directory bread(block 71) failed [ 3066.872898][T30081] FAT-fs (loop5): Directory bread(block 72) failed [ 3066.879524][T30081] FAT-fs (loop5): Directory bread(block 73) failed [ 3067.127002][T29067] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 3067.317038][T29067] usb 3-1: device descriptor read/64, error -71 [ 3067.436996][T29067] usb usb3-port1: attempt power cycle [ 3067.856810][T29067] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 3067.957476][T29067] usb 3-1: device descriptor read/8, error -71 [ 3068.236828][T29067] usb 3-1: new high-speed USB device number 29 using dummy_hcd 20:14:15 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000060f94d100d05020027230102030109024840020000000009047d00031d5abf0009050400005539"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 20:14:15 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000007400000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:15 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r6) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r7, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="4d7e00000000000000002a00000008002f0000000000050036000000000002000500000000000000000008000200", @ANYRES32=r9, @ANYBLOB="0800020064943230e675f6ec7b27d7750c05fce52a8b8ea794a674ec8409ee27a2686be7168d721b14c096f0f734aeafcc008ffbdc3e198ba8c65e", @ANYRES32=r4, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) 20:14:15 executing program 4: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="696f636861727365743d69736f383834392d39a0f0686f72746e616d653d6c6f7765722c696f636861727365743d63703835372c756e695f786c6174653d7e2c756e695f786c6174653d312c73686f72746e616d653d77696e58352c757466383d302c696f636861727365743d63703933362c726f6469722c73686f72746e615c653d6d697865642c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c6368656366383d312c747a3d5554432c00"], 0x0, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) (async) r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r0, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) (async) r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r1, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) (async) bind$802154_raw(r1, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r2, &(0x7f0000000040)={0x24, @short={0x2, 0x2, 0xaaa1}}, 0x14) bind$802154_raw(r2, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) (async) bind$802154_raw(r2, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) syz_mount_image$hfs(&(0x7f00000001c0), &(0x7f0000002380)='./file0/file0\x00', 0x800001, &(0x7f0000000680)={[{@gid}, {@creator={'creator', 0x3d, "652df4db"}}, {@type={'type', 0x3d, "2982541d"}}, {@codepage={'codepage', 0x3d, 'koi8-u'}}, {@creator={'creator', 0x3d, "5e2dfe47"}}, {@dir_umask={'dir_umask', 0x3d, 0x800}}, {@umask={'umask', 0x3d, 0x80}}, {@iocharset={'iocharset', 0x3d, 'cp869'}}]}, 0x1, 0x300, &(0x7f00000002c0)="$eJzs3T1PFEEcx/Hf7C13nBA8HgyJJUJiYZSHxBgbiaH0BVhYiHAmxAsmgolQobUxdr4CO1uNra2V8Q2IjZWVFbE5M7O7594xe3eLwIJ8Pwnr7O48/d3b2ZlLYAXgzLq99O3twg/7Y6SSSpJuSoGkQSmUdEGTg0/XN9d2G/XVzFqqtqwtYX+MopJmX7aV9Xr7gYrb2nKuRKxm90INp495LYzkCxb7NJvN5m7PXL/SO9Wj7A+K4e5+jyC6Se2d6M67ezXenk7GMzCdEakrbPa0p2diAAWAMy5+/gfxU2I4nr8HgTQTP/BTz3+n1+z8JLqSJPaK7UfhWs//INpvGnt9z7tTbr23add7JrncQbJK7FGtdw5ZVvTJajuZasXP9SWoPlxr1K/uuApe6FYslW3CbVeVBOL06O1Uvilgn7F7DLkYBmwM8xn9H8/Zolt9vfE311dU5rP5ImnH7STzv7Bp7GVyV6rWcaWi/s9m1+iirEW52qIM3w/EWUZdIxfjFvTxXY8o5Yaaku2LT9mOPqMdQ1At6efrcmYpaayjVBTdXHZ0rtS4t9R8a/+3t9REZ6no07zyuJH9VcpBlaTe63jLvDJ3zZR+6oOWUvP/wNYwo+w7s23NZ1zO+JPRNZ7Q5cy4jm2CvrqPw/FSD3RDIxtb24+WG436k66JT33k8SS+K3WknLt4AQlJ0/Z/56T0J06EOo62ksH675Fk9Cr9S82VjaSaja3ta9eTU4v+UmVt26yLko4y5DvynCrP+BqVt57kWXtI/Qnzliqp4u/YYSWOfURCAVJD3+S9ojuDIth5l4nWf6n1yqwb4Oym1mWe3kylvd8HpGqci9YGrbngYvzvmNuey7WCG8pe6wwliR5rrkuXpel4pTC4r8XnndXW4n7+J8ySvuo+3/8DAAAAAAAAAAAAAAAAAACcNnl/MaC6HB7kl2pO8x8MAQAAAAAAAAAAAAAAAAAAAACgcH2//7fLm5qcLu//bSUqne//jRzo/b9mJ2ekADr9CQAA//8Qg2k3") bind$802154_raw(r3, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a04cbc, &(0x7f0000000140)=ANY=[@ANYRES64=r3], 0x0, 0x0, &(0x7f0000000000)) 20:14:15 executing program 5: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000200)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@shortname_winnt}]}, 0x7, 0x31c, &(0x7f0000000540)="$eJzs3TtoZFUYB/D/7CQzWWFNCmHBxtFOkLCJWGhjlmWFxRQ+GHyARXCzIpm4sIGBbJFsKrEUbASt7Cy03FqsxM7CVgXxgY1r44KLV+68J481ETPx8fsV4eSc893znbmHXDIk3yTJ5elcuXXru8zMVDK1dGEptyuZy6lU03UjAMB/ye2iyM9F10nnAgBMRuf5/9qZk04DAJigQ/7+/8y+vVePLS0A4Bj1n/+/9p//D40N18ZnTw3+JgAA+Pd6/qWXnz6/nDzXaMwk62+2m+1mnhiOn7+S19PKas5lNneS7hsF3XcLyq9PXVq+eK5R+n4uzTKi3UzWt9vN6mh8PQuZzVwvvhjEV8v4hU58I8mN7c76Wa+0m9OVfvxX92Q1i5nNfXvik0vLFxcbvQs01/vx28lOZvqbKPOfz2y+eDVX08rllLHD/LcWGo0LxfJYfLtZ78wDAAAAAAAAAAAAAAAAAAAAAIDjMN8YmBvUvymG9Xvm+xMe6AUM6uN0v+3V99np1gcq6v3qPG9Vd9cHauyqrzOVUye3bQAAAAAAAAAAAAAAAAAAAPhH2disZaXVWr22sXl9bbSxPdLzxmcffXo6e+f8SWOqt8bIUDWDOUW1P7mojs1Zq6RsVJPh5A9vDjLu9VTKdn2wi33TqB881GqdefDb9/Yb+n3YU81Rt3x9bf3ebkp3mfPkcBe7hhbvvkRmkuKg1bfe3RuVSjJ19Bt3iMZSkkc3zj7W6fmkV/Th4UdmX/j6nQ9+LFPt3J/TaTWS3Cn+0lr1lLdgeDYq6TYq4yfhkBesZXOl+uVPL97/9ueHiypGemrjx3is8fHunlr/GOdQ52f6wCv/rY2z7y+t3Nz65ofxoekMX5/xV3Xkh4RCHQAAAAAAAAAAAAAAAAAAMBEj/yt+BI8/e3wZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDkDT//f6SxM9JTS7LfnL2N37azd6i+em3jgKVf+WXCewUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/rjwAAAP//2nBvrQ==") mkdir(0x0, 0x4) 20:14:15 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x7000) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) r3 = shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000561000/0x2000)=nil, 0x1000) r4 = shmget$private(0x0, 0x4000, 0x800, &(0x7f00009ff000/0x4000)=nil) shmat(r4, &(0x7f00000de000/0x4000)=nil, 0x0) shmat(r4, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_UNLOCK(0x0, 0xc) shmctl$SHM_LOCK(r3, 0xb) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x233000, 0x1000, 0x0, 0x1}, 0x20) mbind(&(0x7f00001b9000/0x4000)=nil, 0x4000, 0x4000, 0x0, 0xfffffffffffffffc, 0x10000000003) [ 3068.326882][T29067] usb 3-1: device descriptor read/8, error -71 [ 3068.379781][T30097] syz-executor.5[30097]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3068.383948][T30099] syz-executor.4[30099]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3068.405401][T30096] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3068.408152][T30097] loop5: detected capacity change from 0 to 256 20:14:15 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) (async) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r6) (async) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r7, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) (async) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="4d7e00000000000000002a00000008002f0000000000050036000000000002000500000000000000000008000200", @ANYRES32=r9, @ANYBLOB="0800020064943230e675f6ec7b27d7750c05fce52a8b8ea794a674ec8409ee27a2686be7168d721b14c096f0f734aeafcc008ffbdc3e198ba8c65e", @ANYRES32=r4, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) [ 3068.428156][T30099] loop4: detected capacity change from 0 to 256 [ 3068.435349][T30100] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3068.447908][T29067] usb usb3-port1: unable to enumerate USB device [ 3068.454722][T30099] FAT-fs (loop4): Unrecognized mount option "uni_xlate=~" or missing value [ 3068.461991][T30097] FAT-fs (loop5): Directory bread(block 64) failed [ 3068.473367][T30100] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3068.485558][T30097] FAT-fs (loop5): Directory bread(block 65) failed [ 3068.492261][T30100] CPU: 1 PID: 30100 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3068.502327][T30100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3068.510744][T30097] FAT-fs (loop5): Directory bread(block 66) failed [ 3068.512361][T30100] Call Trace: [ 3068.512369][T30100] [ 3068.512376][T30100] dump_stack_lvl+0x125/0x1b0 [ 3068.518996][T30097] FAT-fs (loop5): Directory bread(block 67) failed [ 3068.522122][T30100] sysfs_warn_dup+0x7f/0xa0 [ 3068.522155][T30100] sysfs_do_create_link_sd+0x11e/0x140 [ 3068.522182][T30100] sysfs_create_link+0x61/0xc0 [ 3068.522211][T30100] device_add+0x669/0x1ac0 [ 3068.522244][T30100] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3068.522281][T30100] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3068.522315][T30100] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3068.522347][T30100] wiphy_register+0x2095/0x2ce0 20:14:15 executing program 5: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000200)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@shortname_winnt}]}, 0x7, 0x31c, &(0x7f0000000540)="$eJzs3TtoZFUYB/D/7CQzWWFNCmHBxtFOkLCJWGhjlmWFxRQ+GHyARXCzIpm4sIGBbJFsKrEUbASt7Cy03FqsxM7CVgXxgY1r44KLV+68J481ETPx8fsV4eSc893znbmHXDIk3yTJ5elcuXXru8zMVDK1dGEptyuZy6lU03UjAMB/ye2iyM9F10nnAgBMRuf5/9qZk04DAJigQ/7+/8y+vVePLS0A4Bj1n/+/9p//D40N18ZnTw3+JgAA+Pd6/qWXnz6/nDzXaMwk62+2m+1mnhiOn7+S19PKas5lNneS7hsF3XcLyq9PXVq+eK5R+n4uzTKi3UzWt9vN6mh8PQuZzVwvvhjEV8v4hU58I8mN7c76Wa+0m9OVfvxX92Q1i5nNfXvik0vLFxcbvQs01/vx28lOZvqbKPOfz2y+eDVX08rllLHD/LcWGo0LxfJYfLtZ78wDAAAAAAAAAAAAAAAAAAAAAIDjMN8YmBvUvymG9Xvm+xMe6AUM6uN0v+3V99np1gcq6v3qPG9Vd9cHauyqrzOVUye3bQAAAAAAAAAAAAAAAAAAAPhH2disZaXVWr22sXl9bbSxPdLzxmcffXo6e+f8SWOqt8bIUDWDOUW1P7mojs1Zq6RsVJPh5A9vDjLu9VTKdn2wi33TqB881GqdefDb9/Yb+n3YU81Rt3x9bf3ebkp3mfPkcBe7hhbvvkRmkuKg1bfe3RuVSjJ19Bt3iMZSkkc3zj7W6fmkV/Th4UdmX/j6nQ9+LFPt3J/TaTWS3Cn+0lr1lLdgeDYq6TYq4yfhkBesZXOl+uVPL97/9ueHiypGemrjx3is8fHunlr/GOdQ52f6wCv/rY2z7y+t3Nz65ofxoekMX5/xV3Xkh4RCHQAAAAAAAAAAAAAAAAAAMBEj/yt+BI8/e3wZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDkDT//f6SxM9JTS7LfnL2N37azd6i+em3jgKVf+WXCewUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/rjwAAAP//2nBvrQ==") mkdir(0x0, 0x4) [ 3068.522377][T30100] ? wiphy_unregister+0xb70/0xb70 [ 3068.522404][T30100] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3068.522431][T30100] ieee80211_register_hw+0x24d1/0x4250 [ 3068.522471][T30100] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3068.522508][T30100] ? rcu_is_watching+0x12/0xb0 [ 3068.522531][T30100] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3068.522560][T30100] ? __hrtimer_init+0x103/0x2c0 [ 3068.522592][T30100] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3068.522631][T30100] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3068.522658][T30100] ? rcu_is_watching+0x12/0xb0 [ 3068.522682][T30100] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3068.522711][T30100] hwsim_new_radio_nl+0xaf8/0x1240 [ 3068.522741][T30100] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3068.522772][T30100] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3068.522813][T30100] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3068.522857][T30100] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3068.522896][T30100] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3068.522938][T30100] ? ns_capable+0xd5/0x110 [ 3068.522968][T30100] genl_rcv_msg+0x55c/0x800 [ 3068.523002][T30100] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3068.523041][T30100] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3068.523072][T30100] netlink_rcv_skb+0x16b/0x440 [ 3068.523102][T30100] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3068.526852][T30097] FAT-fs (loop5): Directory bread(block 68) failed [ 3068.530666][T30100] ? netlink_ack+0x1370/0x1370 [ 3068.530700][T30100] ? rcu_is_watching+0x12/0xb0 [ 3068.537310][T30097] FAT-fs (loop5): Directory bread(block 69) failed [ 3068.541746][T30100] ? down_write+0x200/0x200 [ 3068.541779][T30100] ? netlink_deliver_tap+0x1b1/0xd10 [ 3068.547417][T30097] FAT-fs (loop5): Directory bread(block 70) failed [ 3068.552031][T30100] genl_rcv+0x28/0x40 [ 3068.552072][T30100] netlink_unicast+0x536/0x810 [ 3068.556566][T30097] FAT-fs (loop5): Directory bread(block 71) failed [ 3068.563278][T30100] ? netlink_attachskb+0x870/0x870 [ 3068.563312][T30100] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3068.569386][T30097] FAT-fs (loop5): Directory bread(block 72) failed [ 3068.575133][T30100] ? __phys_addr_symbol+0x30/0x70 [ 3068.575163][T30100] ? __check_object_size+0x323/0x730 [ 3068.580150][T30097] FAT-fs (loop5): Directory bread(block 73) failed [ 3068.584998][T30100] netlink_sendmsg+0x93c/0xe40 [ 3068.585046][T30100] ? netlink_unicast+0x810/0x810 [ 3068.807023][T30100] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3068.812309][T30100] ? netlink_unicast+0x810/0x810 [ 3068.817242][T30100] sock_sendmsg+0xd9/0x180 [ 3068.821673][T30100] ____sys_sendmsg+0x6ac/0x940 [ 3068.826429][T30100] ? copy_msghdr_from_user+0x10b/0x160 [ 3068.831892][T30100] ? kernel_sendmsg+0x50/0x50 [ 3068.836603][T30100] ? plist_check_list+0x1ae/0x280 [ 3068.841616][T30100] ? schedule+0xf1/0x1b0 [ 3068.845847][T30100] ___sys_sendmsg+0x135/0x1d0 [ 3068.850521][T30100] ? do_recvmmsg+0x740/0x740 [ 3068.855109][T30100] ? rcu_is_watching+0x12/0xb0 [ 3068.859861][T30100] ? rcu_is_watching+0x12/0xb0 [ 3068.864609][T30100] ? __fget_light+0xe6/0x260 [ 3068.869183][T30100] __sys_sendmsg+0x117/0x1e0 [ 3068.873761][T30100] ? __sys_sendmsg_sock+0x30/0x30 [ 3068.878774][T30100] ? xfd_validate_state+0x5d/0x180 [ 3068.883878][T30100] ? rcu_is_watching+0x12/0xb0 [ 3068.888641][T30100] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3068.894611][T30100] do_syscall_64+0x38/0xb0 [ 3068.899018][T30100] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3068.904904][T30100] RIP: 0033:0x7fc65907cae9 [ 3068.909304][T30100] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3068.928898][T30100] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3068.937300][T30100] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3068.945251][T30100] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3068.953231][T30100] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3068.961232][T30100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3068.969189][T30100] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3068.977151][T30100] 20:14:16 executing program 0: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="14010000290001000000003f0000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:16 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000007a00000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:16 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) (async) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r6) (async) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r7, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="4d7e00000000000000002a00000008002f0000000000050036000000000002000500000000000000000008000200", @ANYRES32=r9, @ANYBLOB="0800020064943230e675f6ec7b27d7750c05fce52a8b8ea794a674ec8409ee27a2686be7168d721b14c096f0f734aeafcc008ffbdc3e198ba8c65e", @ANYRES32=r4, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) 20:14:16 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080), 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000200)={@desc={0x1, 0x0, @desc2}, 0x40, 0x0, '\x00', @a}) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) [ 3069.037575][T30099] syz-executor.4[30099]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3069.115651][T30113] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3069.124234][T30119] syz-executor.5[30119]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3069.154893][T30120] syz-executor.4[30120]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3069.164147][T30119] loop5: detected capacity change from 0 to 256 [ 3069.183253][T30113] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3069.192600][T30120] loop4: detected capacity change from 0 to 256 [ 3069.205742][T30119] FAT-fs (loop5): Directory bread(block 64) failed [ 3069.214416][T30119] FAT-fs (loop5): Directory bread(block 65) failed [ 3069.222604][T30113] CPU: 1 PID: 30113 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3069.224068][T30119] FAT-fs (loop5): Directory bread(block 66) failed [ 3069.232662][T30113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3069.232677][T30113] Call Trace: [ 3069.232685][T30113] [ 3069.232693][T30113] dump_stack_lvl+0x125/0x1b0 [ 3069.241460][T30119] FAT-fs (loop5): Directory bread(block 67) failed [ 3069.249213][T30113] sysfs_warn_dup+0x7f/0xa0 [ 3069.249252][T30113] sysfs_do_create_link_sd+0x11e/0x140 [ 3069.253204][T30119] FAT-fs (loop5): Directory bread(block 68) failed [ 3069.255461][T30113] sysfs_create_link+0x61/0xc0 [ 3069.255497][T30113] device_add+0x669/0x1ac0 [ 3069.260755][T30119] FAT-fs (loop5): Directory bread(block 69) failed [ 3069.266639][T30113] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3069.266685][T30113] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3069.281994][T30120] FAT-fs (loop4): Directory bread(block 64) failed [ 3069.283068][T30113] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3069.283098][T30113] wiphy_register+0x2095/0x2ce0 [ 3069.288053][T30119] FAT-fs (loop5): Directory bread(block 70) failed [ 3069.292225][T30113] ? wiphy_unregister+0xb70/0xb70 [ 3069.292261][T30113] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3069.299688][T30120] FAT-fs (loop4): Directory bread(block 65) failed [ 3069.305562][T30113] ieee80211_register_hw+0x24d1/0x4250 [ 3069.305620][T30113] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3069.312082][T30119] FAT-fs (loop5): Directory bread(block 71) failed [ 3069.317958][T30113] ? rcu_is_watching+0x12/0xb0 [ 3069.317986][T30113] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3069.318019][T30113] ? __hrtimer_init+0x103/0x2c0 [ 3069.318054][T30113] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3069.318099][T30113] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3069.318129][T30113] ? rcu_is_watching+0x12/0xb0 [ 3069.318156][T30113] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3069.318188][T30113] hwsim_new_radio_nl+0xaf8/0x1240 [ 3069.318222][T30113] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3069.318260][T30113] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3069.318308][T30113] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3069.318354][T30113] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3069.318398][T30113] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3069.318451][T30113] ? ns_capable+0xd5/0x110 [ 3069.318488][T30113] genl_rcv_msg+0x55c/0x800 [ 3069.318536][T30113] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3069.318580][T30113] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3069.318618][T30113] netlink_rcv_skb+0x16b/0x440 [ 3069.318657][T30113] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3069.318699][T30113] ? netlink_ack+0x1370/0x1370 [ 3069.318735][T30113] ? rcu_is_watching+0x12/0xb0 [ 3069.318766][T30113] ? down_write+0x200/0x200 [ 3069.330431][T30120] FAT-fs (loop4): Directory bread(block 66) failed [ 3069.336031][T30113] ? netlink_deliver_tap+0x1b1/0xd10 [ 3069.336069][T30113] genl_rcv+0x28/0x40 [ 3069.343727][T30119] FAT-fs (loop5): Directory bread(block 72) failed [ 3069.347114][T30113] netlink_unicast+0x536/0x810 [ 3069.347158][T30113] ? netlink_attachskb+0x870/0x870 [ 3069.347186][T30113] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3069.354343][T30120] FAT-fs (loop4): Directory bread(block 67) failed [ 3069.359125][T30113] ? __phys_addr_symbol+0x30/0x70 [ 3069.359158][T30113] ? __check_object_size+0x323/0x730 [ 3069.359192][T30113] netlink_sendmsg+0x93c/0xe40 [ 3069.365357][T30119] FAT-fs (loop5): Directory bread(block 73) failed [ 3069.371199][T30113] ? netlink_unicast+0x810/0x810 [ 3069.371241][T30113] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3069.371275][T30113] ? netlink_unicast+0x810/0x810 [ 3069.371310][T30113] sock_sendmsg+0xd9/0x180 [ 3069.371344][T30113] ____sys_sendmsg+0x6ac/0x940 [ 3069.371378][T30113] ? copy_msghdr_from_user+0x10b/0x160 [ 3069.371418][T30113] ? kernel_sendmsg+0x50/0x50 [ 3069.371450][T30113] ? plist_check_list+0x1ae/0x280 [ 3069.371490][T30113] ? schedule+0xf1/0x1b0 [ 3069.371518][T30113] ___sys_sendmsg+0x135/0x1d0 [ 3069.371565][T30113] ? do_recvmmsg+0x740/0x740 [ 3069.371596][T30113] ? rcu_is_watching+0x12/0xb0 [ 3069.616075][T30113] ? rcu_is_watching+0x12/0xb0 [ 3069.620841][T30113] ? __fget_light+0xe6/0x260 [ 3069.625424][T30113] __sys_sendmsg+0x117/0x1e0 [ 3069.630011][T30113] ? __sys_sendmsg_sock+0x30/0x30 [ 3069.635027][T30113] ? xfd_validate_state+0x5d/0x180 [ 3069.640138][T30113] ? rcu_is_watching+0x12/0xb0 [ 3069.644888][T30113] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3069.650863][T30113] do_syscall_64+0x38/0xb0 [ 3069.655275][T30113] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3069.661169][T30113] RIP: 0033:0x7fc65907cae9 [ 3069.665573][T30113] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3069.685208][T30113] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3069.693699][T30113] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3069.701658][T30113] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3069.709616][T30113] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3069.717572][T30113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3069.725525][T30113] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3069.733553][T30113] [ 3069.744162][T29067] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 3069.753750][T30114] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3069.754217][T30120] FAT-fs (loop4): Directory bread(block 68) failed [ 3069.770814][T30114] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3069.776820][T30120] FAT-fs (loop4): Directory bread(block 69) failed [ 3069.780178][T30114] CPU: 0 PID: 30114 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3069.786165][T30120] FAT-fs (loop4): Directory bread(block 70) failed [ 3069.795210][T30114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3069.795225][T30114] Call Trace: [ 3069.795235][T30114] [ 3069.795244][T30114] dump_stack_lvl+0x125/0x1b0 [ 3069.795287][T30114] sysfs_warn_dup+0x7f/0xa0 [ 3069.795321][T30114] sysfs_do_create_link_sd+0x11e/0x140 [ 3069.795356][T30114] sysfs_create_link+0x61/0xc0 [ 3069.795388][T30114] device_add+0x669/0x1ac0 [ 3069.795428][T30114] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3069.795470][T30114] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3069.795514][T30114] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3069.795548][T30114] wiphy_register+0x2095/0x2ce0 [ 3069.804085][T30120] FAT-fs (loop4): Directory bread(block 71) failed [ 3069.812061][T30114] ? wiphy_unregister+0xb70/0xb70 [ 3069.812090][T30114] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3069.812114][T30114] ieee80211_register_hw+0x24d1/0x4250 [ 3069.815777][T30120] FAT-fs (loop4): Directory bread(block 72) failed [ 3069.818311][T30114] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3069.818347][T30114] ? rcu_is_watching+0x12/0xb0 [ 3069.818367][T30114] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3069.818390][T30114] ? __hrtimer_init+0x103/0x2c0 [ 3069.818417][T30114] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3069.818453][T30114] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3069.818478][T30114] ? rcu_is_watching+0x12/0xb0 [ 3069.818500][T30114] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3069.818525][T30114] hwsim_new_radio_nl+0xaf8/0x1240 [ 3069.818553][T30114] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3069.818585][T30114] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3069.818624][T30114] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3069.818662][T30114] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3069.825251][T30120] FAT-fs (loop4): Directory bread(block 73) failed [ 3069.827795][T30114] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3069.827835][T30114] ? ns_capable+0xd5/0x110 [ 3069.827859][T30114] genl_rcv_msg+0x55c/0x800 [ 3069.827885][T30114] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3069.827911][T30114] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3069.827935][T30114] netlink_rcv_skb+0x16b/0x440 [ 3070.009410][T30114] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3070.015306][T30114] ? netlink_ack+0x1370/0x1370 [ 3070.020061][T30114] ? rcu_is_watching+0x12/0xb0 [ 3070.024812][T30114] ? down_write+0x200/0x200 [ 3070.029301][T30114] ? netlink_deliver_tap+0x1b1/0xd10 [ 3070.034660][T30114] genl_rcv+0x28/0x40 [ 3070.038670][T29067] usb 3-1: Using ep0 maxpacket: 16 [ 3070.038709][T30114] netlink_unicast+0x536/0x810 [ 3070.048566][T30114] ? netlink_attachskb+0x870/0x870 [ 3070.053664][T30114] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3070.059554][T30114] ? __phys_addr_symbol+0x30/0x70 [ 3070.064666][T30114] ? __check_object_size+0x323/0x730 [ 3070.069943][T30114] netlink_sendmsg+0x93c/0xe40 [ 3070.074735][T30114] ? netlink_unicast+0x810/0x810 [ 3070.079676][T30114] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3070.084964][T30114] ? netlink_unicast+0x810/0x810 [ 3070.089886][T30114] sock_sendmsg+0xd9/0x180 [ 3070.094289][T30114] ____sys_sendmsg+0x6ac/0x940 [ 3070.099048][T30114] ? copy_msghdr_from_user+0x10b/0x160 [ 3070.104492][T30114] ? kernel_sendmsg+0x50/0x50 [ 3070.109153][T30114] ? plist_check_list+0x1ae/0x280 [ 3070.114164][T30114] ? schedule+0xf1/0x1b0 [ 3070.118397][T30114] ___sys_sendmsg+0x135/0x1d0 [ 3070.123077][T30114] ? do_recvmmsg+0x740/0x740 [ 3070.127677][T30114] ? rcu_is_watching+0x12/0xb0 [ 3070.132453][T30114] ? rcu_is_watching+0x12/0xb0 [ 3070.137220][T30114] ? __fget_light+0xe6/0x260 [ 3070.141819][T30114] __sys_sendmsg+0x117/0x1e0 [ 3070.146396][T30114] ? __sys_sendmsg_sock+0x30/0x30 [ 3070.151405][T30114] ? xfd_validate_state+0x5d/0x180 [ 3070.156512][T30114] ? rcu_is_watching+0x12/0xb0 [ 3070.159035][T29067] usb 3-1: config index 0 descriptor too short (expected 16456, got 72) [ 3070.161258][T30114] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3070.161284][T30114] do_syscall_64+0x38/0xb0 [ 3070.161309][T30114] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3070.161335][T30114] RIP: 0033:0x7f1773a7cae9 [ 3070.161350][T30114] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3070.161367][T30114] RSP: 002b:00007f177476b0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3070.161384][T30114] RAX: ffffffffffffffda RBX: 00007f1773b9bf80 RCX: 00007f1773a7cae9 [ 3070.161396][T30114] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3070.161407][T30114] RBP: 00007f1773ac847a R08: 0000000000000000 R09: 0000000000000000 [ 3070.161418][T30114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3070.161429][T30114] R13: 000000000000000b R14: 00007f1773b9bf80 R15: 00007ffc226675b8 [ 3070.161447][T30114] [ 3070.173494][T30117] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3070.225072][T29067] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 3070.292317][T29067] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 3070.307199][T29067] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 3070.316070][T29067] usb 3-1: config 0 has no interface number 0 [ 3070.322623][T29067] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 3070.333741][T29067] usb 3-1: config 0 interface 125 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 3070.516924][T29067] usb 3-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 3070.526162][T29067] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3070.534366][T29067] usb 3-1: Product: syz [ 3070.538563][T29067] usb 3-1: Manufacturer: syz [ 3070.543158][T29067] usb 3-1: SerialNumber: syz [ 3070.549301][T29067] usb 3-1: config 0 descriptor?? 20:14:19 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000060f94d100d05020027230102030109024840020000000009047d00031d5abf0009050400005539"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 20:14:19 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="140100002900010000000000f000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:19 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080), 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000200)={@desc={0x1, 0x0, @desc2}, 0x40, 0x0, '\x00', @a}) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) 20:14:19 executing program 5: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000200)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@shortname_winnt}]}, 0x7, 0x31c, &(0x7f0000000540)="$eJzs3TtoZFUYB/D/7CQzWWFNCmHBxtFOkLCJWGhjlmWFxRQ+GHyARXCzIpm4sIGBbJFsKrEUbASt7Cy03FqsxM7CVgXxgY1r44KLV+68J481ETPx8fsV4eSc893znbmHXDIk3yTJ5elcuXXru8zMVDK1dGEptyuZy6lU03UjAMB/ye2iyM9F10nnAgBMRuf5/9qZk04DAJigQ/7+/8y+vVePLS0A4Bj1n/+/9p//D40N18ZnTw3+JgAA+Pd6/qWXnz6/nDzXaMwk62+2m+1mnhiOn7+S19PKas5lNneS7hsF3XcLyq9PXVq+eK5R+n4uzTKi3UzWt9vN6mh8PQuZzVwvvhjEV8v4hU58I8mN7c76Wa+0m9OVfvxX92Q1i5nNfXvik0vLFxcbvQs01/vx28lOZvqbKPOfz2y+eDVX08rllLHD/LcWGo0LxfJYfLtZ78wDAAAAAAAAAAAAAAAAAAAAAIDjMN8YmBvUvymG9Xvm+xMe6AUM6uN0v+3V99np1gcq6v3qPG9Vd9cHauyqrzOVUye3bQAAAAAAAAAAAAAAAAAAAPhH2disZaXVWr22sXl9bbSxPdLzxmcffXo6e+f8SWOqt8bIUDWDOUW1P7mojs1Zq6RsVJPh5A9vDjLu9VTKdn2wi33TqB881GqdefDb9/Yb+n3YU81Rt3x9bf3ebkp3mfPkcBe7hhbvvkRmkuKg1bfe3RuVSjJ19Bt3iMZSkkc3zj7W6fmkV/Th4UdmX/j6nQ9+LFPt3J/TaTWS3Cn+0lr1lLdgeDYq6TYq4yfhkBesZXOl+uVPL97/9ueHiypGemrjx3is8fHunlr/GOdQ52f6wCv/rY2z7y+t3Nz65ofxoekMX5/xV3Xkh4RCHQAAAAAAAAAAAAAAAAAAMBEj/yt+BI8/e3wZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDkDT//f6SxM9JTS7LfnL2N37azd6i+em3jgKVf+WXCewUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/rjwAAAP//2nBvrQ==") mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) 20:14:19 executing program 0: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="14010000290001000000003f0000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:19 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) r5 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000000c0), r3) sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x74, r5, 0x2, 0x70bd26, 0x25dfdbfe, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x5}, @NLBL_MGMT_A_DOMAIN={0x11, 0x1, '802.15.4 MAC\x00'}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x26}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x18}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}}, @NLBL_MGMT_A_DOMAIN={0xe, 0x1, '@-}#8#^!\xf7\x00'}]}, 0x74}, 0x1, 0x0, 0x0, 0x40}, 0x20000080) [ 3071.806506][ T2161] usb 3-1: USB disconnect, device number 30 [ 3071.835142][T30128] syz-executor.5[30128]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3071.840930][T30131] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3071.864749][T30128] loop5: detected capacity change from 0 to 256 [ 3071.871217][T30132] syz-executor.4[30132]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3071.874356][T30132] loop4: detected capacity change from 0 to 256 [ 3071.894494][T30131] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3071.904730][T30131] CPU: 0 PID: 30131 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3071.912374][T30128] FAT-fs (loop5): Directory bread(block 64) failed [ 3071.914880][T30131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3071.914892][T30131] Call Trace: [ 3071.914899][T30131] [ 3071.914905][T30131] dump_stack_lvl+0x125/0x1b0 [ 3071.921465][T30128] FAT-fs (loop5): Directory bread(block 65) failed [ 3071.931404][T30131] sysfs_warn_dup+0x7f/0xa0 [ 3071.931433][T30131] sysfs_do_create_link_sd+0x11e/0x140 [ 3071.931459][T30131] sysfs_create_link+0x61/0xc0 [ 3071.935772][T30128] FAT-fs (loop5): Directory bread(block 66) failed [ 3071.937615][T30131] device_add+0x669/0x1ac0 [ 3071.937649][T30131] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3071.942433][T30128] FAT-fs (loop5): Directory bread(block 67) failed [ 3071.948775][T30131] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3071.948814][T30131] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3071.948843][T30131] wiphy_register+0x2095/0x2ce0 [ 3071.948868][T30131] ? wiphy_unregister+0xb70/0xb70 [ 3071.948893][T30131] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3071.948918][T30131] ieee80211_register_hw+0x24d1/0x4250 [ 3071.948956][T30131] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3071.948990][T30131] ? rcu_is_watching+0x12/0xb0 [ 3071.949013][T30131] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3071.949038][T30131] ? __hrtimer_init+0x103/0x2c0 [ 3071.949069][T30131] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3071.949105][T30131] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3071.949129][T30131] ? rcu_is_watching+0x12/0xb0 [ 3071.949147][T30131] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3071.949170][T30131] hwsim_new_radio_nl+0xaf8/0x1240 [ 3071.949196][T30131] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3071.949226][T30131] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3071.949263][T30131] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3071.949295][T30131] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3071.949327][T30131] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3071.958973][T30128] FAT-fs (loop5): Directory bread(block 68) failed [ 3071.959224][T30131] ? ns_capable+0xd5/0x110 [ 3071.964076][T30128] FAT-fs (loop5): Directory bread(block 69) failed [ 3071.970414][T30131] genl_rcv_msg+0x55c/0x800 [ 3071.970452][T30131] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3071.975635][T30128] FAT-fs (loop5): Directory bread(block 70) failed [ 3071.981665][T30131] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3071.981702][T30131] netlink_rcv_skb+0x16b/0x440 [ 3071.988626][T30128] FAT-fs (loop5): Directory bread(block 71) failed [ 3071.994130][T30131] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3071.994170][T30131] ? netlink_ack+0x1370/0x1370 [ 3072.165051][T30131] ? rcu_is_watching+0x12/0xb0 [ 3072.169817][T30131] ? down_write+0x200/0x200 [ 3072.174310][T30131] ? netlink_deliver_tap+0x1b1/0xd10 [ 3072.179588][T30131] genl_rcv+0x28/0x40 [ 3072.183569][T30131] netlink_unicast+0x536/0x810 [ 3072.188333][T30131] ? netlink_attachskb+0x870/0x870 [ 3072.193433][T30131] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3072.199324][T30131] ? __phys_addr_symbol+0x30/0x70 [ 3072.204343][T30131] ? __check_object_size+0x323/0x730 [ 3072.209625][T30131] netlink_sendmsg+0x93c/0xe40 [ 3072.214388][T30131] ? netlink_unicast+0x810/0x810 [ 3072.219322][T30131] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3072.224606][T30131] ? netlink_unicast+0x810/0x810 [ 3072.229539][T30131] sock_sendmsg+0xd9/0x180 [ 3072.233943][T30131] ____sys_sendmsg+0x6ac/0x940 [ 3072.238694][T30131] ? copy_msghdr_from_user+0x10b/0x160 [ 3072.244145][T30131] ? kernel_sendmsg+0x50/0x50 [ 3072.248810][T30131] ? plist_check_list+0x1ae/0x280 [ 3072.253829][T30131] ? schedule+0xf1/0x1b0 [ 3072.258081][T30131] ___sys_sendmsg+0x135/0x1d0 [ 3072.262750][T30131] ? do_recvmmsg+0x740/0x740 [ 3072.267330][T30131] ? rcu_is_watching+0x12/0xb0 [ 3072.272084][T30131] ? rcu_is_watching+0x12/0xb0 [ 3072.276855][T30131] ? __fget_light+0xe6/0x260 [ 3072.281448][T30131] __sys_sendmsg+0x117/0x1e0 [ 3072.286029][T30131] ? __sys_sendmsg_sock+0x30/0x30 [ 3072.291045][T30131] ? xfd_validate_state+0x5d/0x180 [ 3072.296154][T30131] ? rcu_is_watching+0x12/0xb0 [ 3072.300906][T30131] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3072.306877][T30131] do_syscall_64+0x38/0xb0 [ 3072.311294][T30131] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3072.317286][T30131] RIP: 0033:0x7fc65907cae9 [ 3072.321689][T30131] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3072.341288][T30131] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3072.349690][T30131] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3072.357681][T30131] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3072.365675][T30131] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3072.373650][T30131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3072.381606][T30131] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3072.389570][T30131] [ 3072.398619][T30128] FAT-fs (loop5): Directory bread(block 72) failed [ 3072.405527][T30128] FAT-fs (loop5): Directory bread(block 73) failed 20:14:19 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000003000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:19 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000074000000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3072.430959][T30126] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3072.443789][T30132] FAT-fs (loop4): Directory bread(block 64) failed [ 3072.451226][T30126] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3072.466380][T30132] FAT-fs (loop4): Directory bread(block 65) failed [ 3072.472738][T30126] CPU: 1 PID: 30126 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3072.482967][T30126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3072.487949][T30132] FAT-fs (loop4): Directory bread(block 66) failed [ 3072.493029][T30126] Call Trace: [ 3072.493038][T30126] [ 3072.493048][T30126] dump_stack_lvl+0x125/0x1b0 [ 3072.510364][T30126] sysfs_warn_dup+0x7f/0xa0 [ 3072.514860][T30126] sysfs_do_create_link_sd+0x11e/0x140 [ 3072.520309][T30126] sysfs_create_link+0x61/0xc0 [ 3072.525063][T30126] device_add+0x669/0x1ac0 [ 3072.529474][T30126] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3072.536312][T30126] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3072.542200][T30126] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3072.548264][T30126] wiphy_register+0x2095/0x2ce0 [ 3072.553105][T30126] ? wiphy_unregister+0xb70/0xb70 [ 3072.558118][T30126] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3072.564176][T30126] ieee80211_register_hw+0x24d1/0x4250 [ 3072.569631][T30126] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3072.575193][T30126] ? rcu_is_watching+0x12/0xb0 [ 3072.579945][T30126] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3072.585915][T30126] ? __hrtimer_init+0x103/0x2c0 [ 3072.590758][T30126] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3072.596478][T30126] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3072.602184][T30126] ? rcu_is_watching+0x12/0xb0 [ 3072.606944][T30126] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3072.612830][T30126] hwsim_new_radio_nl+0xaf8/0x1240 [ 3072.617931][T30126] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3072.623908][T30126] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3072.631277][T30126] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3072.638648][T30126] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3072.644185][T30126] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3072.651556][T30126] ? ns_capable+0xd5/0x110 [ 3072.655968][T30126] genl_rcv_msg+0x55c/0x800 [ 3072.660470][T30126] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3072.666355][T30126] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3072.672241][T30126] netlink_rcv_skb+0x16b/0x440 [ 3072.677000][T30126] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3072.682888][T30126] ? netlink_ack+0x1370/0x1370 [ 3072.687645][T30126] ? rcu_is_watching+0x12/0xb0 [ 3072.692401][T30126] ? down_write+0x200/0x200 [ 3072.696898][T30126] ? netlink_deliver_tap+0x1b1/0xd10 [ 3072.702184][T30126] genl_rcv+0x28/0x40 [ 3072.706158][T30126] netlink_unicast+0x536/0x810 [ 3072.710919][T30126] ? netlink_attachskb+0x870/0x870 [ 3072.716026][T30126] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3072.721917][T30126] ? __phys_addr_symbol+0x30/0x70 [ 3072.726935][T30126] ? __check_object_size+0x323/0x730 [ 3072.732212][T30126] netlink_sendmsg+0x93c/0xe40 [ 3072.736973][T30126] ? netlink_unicast+0x810/0x810 [ 3072.741908][T30126] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3072.747189][T30126] ? netlink_unicast+0x810/0x810 [ 3072.752120][T30126] sock_sendmsg+0xd9/0x180 [ 3072.756530][T30126] ____sys_sendmsg+0x6ac/0x940 [ 3072.761292][T30126] ? copy_msghdr_from_user+0x10b/0x160 [ 3072.766741][T30126] ? kernel_sendmsg+0x50/0x50 [ 3072.771411][T30126] ? plist_check_list+0x1ae/0x280 [ 3072.776429][T30126] ? schedule+0xf1/0x1b0 [ 3072.780659][T30126] ___sys_sendmsg+0x135/0x1d0 [ 3072.785324][T30126] ? do_recvmmsg+0x740/0x740 [ 3072.789902][T30126] ? rcu_is_watching+0x12/0xb0 [ 3072.794655][T30126] ? rcu_is_watching+0x12/0xb0 [ 3072.799409][T30126] ? __fget_light+0xe6/0x260 [ 3072.803990][T30126] __sys_sendmsg+0x117/0x1e0 [ 3072.808581][T30126] ? __sys_sendmsg_sock+0x30/0x30 [ 3072.813595][T30126] ? xfd_validate_state+0x5d/0x180 [ 3072.818707][T30126] ? rcu_is_watching+0x12/0xb0 [ 3072.823470][T30126] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3072.829463][T30126] do_syscall_64+0x38/0xb0 [ 3072.833963][T30126] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3072.839853][T30126] RIP: 0033:0x7f1773a7cae9 [ 3072.844258][T30126] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3072.863935][T30126] RSP: 002b:00007f177476b0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3072.872347][T30126] RAX: ffffffffffffffda RBX: 00007f1773b9bf80 RCX: 00007f1773a7cae9 [ 3072.880303][T30126] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3072.888259][T30126] RBP: 00007f1773ac847a R08: 0000000000000000 R09: 0000000000000000 [ 3072.896215][T30126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3072.904166][T30126] R13: 000000000000000b R14: 00007f1773b9bf80 R15: 00007ffc226675b8 [ 3072.912127][T30126] [ 3072.943123][T30132] FAT-fs (loop4): Directory bread(block 67) failed [ 3072.952610][T30132] FAT-fs (loop4): Directory bread(block 68) failed [ 3072.961131][T30132] FAT-fs (loop4): Directory bread(block 69) failed [ 3072.968086][T30132] FAT-fs (loop4): Directory bread(block 70) failed [ 3072.979746][T30132] FAT-fs (loop4): Directory bread(block 71) failed 20:14:20 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) (async) r5 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000000c0), r3) sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x74, r5, 0x2, 0x70bd26, 0x25dfdbfe, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x5}, @NLBL_MGMT_A_DOMAIN={0x11, 0x1, '802.15.4 MAC\x00'}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x26}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x18}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}}, @NLBL_MGMT_A_DOMAIN={0xe, 0x1, '@-}#8#^!\xf7\x00'}]}, 0x74}, 0x1, 0x0, 0x0, 0x40}, 0x20000080) 20:14:20 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080), 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000200)={@desc={0x1, 0x0, @desc2}, 0x40, 0x0, '\x00', @a}) (async) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) 20:14:20 executing program 0: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="14010000290001000000003f0000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3072.985442][T30139] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3072.986295][T30132] FAT-fs (loop4): Directory bread(block 72) failed [ 3073.002254][T30132] FAT-fs (loop4): Directory bread(block 73) failed [ 3073.012407][T30139] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3073.062040][T30139] CPU: 0 PID: 30139 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3073.067731][T30143] syz-executor.4[30143]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3073.072141][T30139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3073.072154][T30139] Call Trace: [ 3073.072161][T30139] [ 3073.072168][T30139] dump_stack_lvl+0x125/0x1b0 [ 3073.084591][T30143] loop4: detected capacity change from 0 to 256 [ 3073.091814][T30139] sysfs_warn_dup+0x7f/0xa0 [ 3073.091843][T30139] sysfs_do_create_link_sd+0x11e/0x140 [ 3073.091869][T30139] sysfs_create_link+0x61/0xc0 [ 3073.123579][T30139] device_add+0x669/0x1ac0 [ 3073.128203][T30139] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3073.135149][T30139] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3073.141044][T30139] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3073.147017][T30139] wiphy_register+0x2095/0x2ce0 [ 3073.151861][T30139] ? wiphy_unregister+0xb70/0xb70 [ 3073.156874][T30139] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3073.162941][T30139] ieee80211_register_hw+0x24d1/0x4250 [ 3073.168400][T30139] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3073.173936][T30139] ? rcu_is_watching+0x12/0xb0 [ 3073.178685][T30139] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3073.184656][T30139] ? __hrtimer_init+0x103/0x2c0 [ 3073.189495][T30139] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3073.195229][T30139] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3073.200944][T30139] ? rcu_is_watching+0x12/0xb0 [ 3073.205691][T30139] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3073.211571][T30139] hwsim_new_radio_nl+0xaf8/0x1240 [ 3073.216669][T30139] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3073.222561][T30139] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3073.229924][T30139] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3073.237566][T30139] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3073.243106][T30139] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3073.250494][T30139] ? ns_capable+0xd5/0x110 [ 3073.254903][T30139] genl_rcv_msg+0x55c/0x800 [ 3073.259399][T30139] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3073.265369][T30139] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3073.271255][T30139] netlink_rcv_skb+0x16b/0x440 [ 3073.276011][T30139] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3073.281895][T30139] ? netlink_ack+0x1370/0x1370 [ 3073.286648][T30139] ? rcu_is_watching+0x12/0xb0 [ 3073.291397][T30139] ? down_write+0x200/0x200 [ 3073.295902][T30139] ? netlink_deliver_tap+0x1b1/0xd10 [ 3073.301177][T30139] genl_rcv+0x28/0x40 [ 3073.305148][T30139] netlink_unicast+0x536/0x810 [ 3073.309902][T30139] ? netlink_attachskb+0x870/0x870 [ 3073.315004][T30139] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3073.320893][T30139] ? __phys_addr_symbol+0x30/0x70 [ 3073.325905][T30139] ? __check_object_size+0x323/0x730 [ 3073.331181][T30139] netlink_sendmsg+0x93c/0xe40 [ 3073.335939][T30139] ? netlink_unicast+0x810/0x810 [ 3073.340873][T30139] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3073.346148][T30139] ? netlink_unicast+0x810/0x810 [ 3073.351073][T30139] sock_sendmsg+0xd9/0x180 [ 3073.355482][T30139] ____sys_sendmsg+0x6ac/0x940 [ 3073.360235][T30139] ? copy_msghdr_from_user+0x10b/0x160 [ 3073.365683][T30139] ? kernel_sendmsg+0x50/0x50 [ 3073.370349][T30139] ? plist_check_list+0x1ae/0x280 [ 3073.375456][T30139] ? schedule+0xf1/0x1b0 [ 3073.379693][T30139] ___sys_sendmsg+0x135/0x1d0 [ 3073.384372][T30139] ? do_recvmmsg+0x740/0x740 [ 3073.388951][T30139] ? rcu_is_watching+0x12/0xb0 [ 3073.393796][T30139] ? rcu_is_watching+0x12/0xb0 [ 3073.398549][T30139] ? __fget_light+0xe6/0x260 [ 3073.403210][T30139] __sys_sendmsg+0x117/0x1e0 [ 3073.407790][T30139] ? __sys_sendmsg_sock+0x30/0x30 [ 3073.412801][T30139] ? xfd_validate_state+0x5d/0x180 [ 3073.417913][T30139] ? rcu_is_watching+0x12/0xb0 [ 3073.422661][T30139] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3073.428628][T30139] do_syscall_64+0x38/0xb0 [ 3073.433038][T30139] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3073.439008][T30139] RIP: 0033:0x7fc66767cae9 [ 3073.443406][T30139] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3073.463033][T30139] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3073.471441][T30139] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3073.479429][T30139] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3073.487389][T30139] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 [ 3073.495344][T30139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3073.503299][T30139] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3073.511267][T30139] [ 3073.530426][ T2161] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 3073.556824][T30140] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3073.569349][T30140] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' 20:14:20 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000074000000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3073.586603][T30143] FAT-fs (loop4): Directory bread(block 64) failed [ 3073.593978][T30143] FAT-fs (loop4): Directory bread(block 65) failed [ 3073.606211][T30140] CPU: 0 PID: 30140 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3073.613193][T30143] FAT-fs (loop4): Directory bread(block 66) failed [ 3073.616278][T30140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3073.616290][T30140] Call Trace: [ 3073.616296][T30140] [ 3073.616302][T30140] dump_stack_lvl+0x125/0x1b0 [ 3073.622949][T30143] FAT-fs (loop4): Directory bread(block 67) failed [ 3073.632829][T30140] sysfs_warn_dup+0x7f/0xa0 [ 3073.632862][T30140] sysfs_do_create_link_sd+0x11e/0x140 [ 3073.632885][T30140] sysfs_create_link+0x61/0xc0 [ 3073.636369][T30143] FAT-fs (loop4): Directory bread(block 68) failed [ 3073.639069][T30140] device_add+0x669/0x1ac0 [ 3073.639104][T30140] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3073.639132][T30140] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3073.645809][T30143] FAT-fs (loop4): Directory bread(block 69) failed [ 3073.650250][T30140] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3073.650280][T30140] wiphy_register+0x2095/0x2ce0 [ 3073.650304][T30140] ? wiphy_unregister+0xb70/0xb70 [ 3073.654997][T30143] FAT-fs (loop4): Directory bread(block 70) failed [ 3073.660237][T30140] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3073.660264][T30140] ieee80211_register_hw+0x24d1/0x4250 [ 3073.660293][T30140] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3073.660317][T30140] ? rcu_is_watching+0x12/0xb0 [ 3073.660336][T30140] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3073.660357][T30140] ? __hrtimer_init+0x103/0x2c0 [ 3073.660383][T30140] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3073.660416][T30140] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3073.660438][T30140] ? rcu_is_watching+0x12/0xb0 [ 3073.660457][T30140] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3073.660481][T30140] hwsim_new_radio_nl+0xaf8/0x1240 [ 3073.660505][T30140] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3073.660540][T30140] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3073.660571][T30140] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3073.668751][T30143] FAT-fs (loop4): Directory bread(block 71) failed [ 3073.671799][T30140] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3073.677004][T30143] FAT-fs (loop4): Directory bread(block 72) failed [ 3073.683119][T30140] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3073.689149][T30143] FAT-fs (loop4): Directory bread(block 73) failed [ 3073.695922][T30140] ? ns_capable+0xd5/0x110 [ 3073.695959][T30140] genl_rcv_msg+0x55c/0x800 [ 3073.695994][T30140] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3073.845748][T30140] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3073.851644][T30140] netlink_rcv_skb+0x16b/0x440 [ 3073.856405][T30140] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3073.862333][T30140] ? netlink_ack+0x1370/0x1370 [ 3073.867092][T30140] ? rcu_is_watching+0x12/0xb0 [ 3073.871848][T30140] ? down_write+0x200/0x200 [ 3073.876361][T30140] ? netlink_deliver_tap+0x1b1/0xd10 [ 3073.881643][T30140] genl_rcv+0x28/0x40 [ 3073.885644][T30140] netlink_unicast+0x536/0x810 [ 3073.890407][T30140] ? netlink_attachskb+0x870/0x870 [ 3073.895511][T30140] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3073.901409][T30140] ? __phys_addr_symbol+0x30/0x70 [ 3073.906427][T30140] ? __check_object_size+0x323/0x730 [ 3073.911709][T30140] netlink_sendmsg+0x93c/0xe40 [ 3073.916507][T30140] ? netlink_unicast+0x810/0x810 [ 3073.921495][T30140] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3073.926786][T30140] ? netlink_unicast+0x810/0x810 [ 3073.931722][T30140] sock_sendmsg+0xd9/0x180 [ 3073.936128][T30140] ____sys_sendmsg+0x6ac/0x940 [ 3073.940881][T30140] ? copy_msghdr_from_user+0x10b/0x160 [ 3073.946327][T30140] ? kernel_sendmsg+0x50/0x50 [ 3073.950996][T30140] ? plist_check_list+0x1ae/0x280 [ 3073.956048][T30140] ? schedule+0xf1/0x1b0 [ 3073.960453][T30140] ___sys_sendmsg+0x135/0x1d0 [ 3073.965171][T30140] ? do_recvmmsg+0x740/0x740 [ 3073.969761][T30140] ? rcu_is_watching+0x12/0xb0 [ 3073.974547][T30140] ? rcu_is_watching+0x12/0xb0 [ 3073.979310][T30140] ? __fget_light+0xe6/0x260 [ 3073.983889][T30140] __sys_sendmsg+0x117/0x1e0 [ 3073.988499][T30140] ? __sys_sendmsg_sock+0x30/0x30 [ 3073.993575][T30140] ? xfd_validate_state+0x5d/0x180 [ 3073.998693][T30140] ? rcu_is_watching+0x12/0xb0 [ 3074.003451][T30140] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3074.009422][T30140] do_syscall_64+0x38/0xb0 [ 3074.013840][T30140] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3074.019768][T30140] RIP: 0033:0x7fc65907cae9 [ 3074.024171][T30140] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3074.043761][T30140] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3074.052162][T30140] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3074.060135][T30140] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3074.068104][T30140] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3074.076054][T30140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3074.084002][T30140] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3074.092149][T30140] [ 3074.104818][T30146] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3074.118858][T30146] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3074.131040][T30146] CPU: 0 PID: 30146 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3074.141110][T30146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3074.151162][T30146] Call Trace: [ 3074.154439][T30146] [ 3074.157362][T30146] dump_stack_lvl+0x125/0x1b0 [ 3074.162028][T30146] sysfs_warn_dup+0x7f/0xa0 [ 3074.166516][T30146] sysfs_do_create_link_sd+0x11e/0x140 [ 3074.171969][T30146] sysfs_create_link+0x61/0xc0 [ 3074.176739][T30146] device_add+0x669/0x1ac0 [ 3074.181182][T30146] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3074.188023][T30146] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3074.193930][T30146] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3074.199925][T30146] wiphy_register+0x2095/0x2ce0 [ 3074.204764][T30146] ? wiphy_unregister+0xb70/0xb70 [ 3074.209780][T30146] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3074.215831][T30146] ieee80211_register_hw+0x24d1/0x4250 [ 3074.221286][T30146] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3074.226824][T30146] ? rcu_is_watching+0x12/0xb0 [ 3074.231572][T30146] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3074.237558][T30146] ? __hrtimer_init+0x103/0x2c0 [ 3074.242428][T30146] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3074.248143][T30146] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3074.253851][T30146] ? rcu_is_watching+0x12/0xb0 [ 3074.258604][T30146] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3074.264487][T30146] hwsim_new_radio_nl+0xaf8/0x1240 [ 3074.269592][T30146] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3074.275492][T30146] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3074.282869][T30146] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3074.290234][T30146] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3074.295774][T30146] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3074.303141][T30146] ? ns_capable+0xd5/0x110 [ 3074.307563][T30146] genl_rcv_msg+0x55c/0x800 [ 3074.312059][T30146] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3074.317946][T30146] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3074.323833][T30146] netlink_rcv_skb+0x16b/0x440 [ 3074.328620][T30146] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3074.334531][T30146] ? netlink_ack+0x1370/0x1370 [ 3074.339298][T30146] ? rcu_is_watching+0x12/0xb0 [ 3074.344069][T30146] ? down_write+0x200/0x200 [ 3074.348568][T30146] ? netlink_deliver_tap+0x1b1/0xd10 [ 3074.353852][T30146] genl_rcv+0x28/0x40 [ 3074.357828][T30146] netlink_unicast+0x536/0x810 [ 3074.362588][T30146] ? netlink_attachskb+0x870/0x870 [ 3074.367695][T30146] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3074.373585][T30146] ? __phys_addr_symbol+0x30/0x70 [ 3074.378601][T30146] ? __check_object_size+0x323/0x730 [ 3074.383879][T30146] netlink_sendmsg+0x93c/0xe40 [ 3074.388639][T30146] ? netlink_unicast+0x810/0x810 [ 3074.393569][T30146] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3074.398848][T30146] ? netlink_unicast+0x810/0x810 [ 3074.403779][T30146] sock_sendmsg+0xd9/0x180 [ 3074.408182][T30146] ____sys_sendmsg+0x6ac/0x940 [ 3074.412934][T30146] ? copy_msghdr_from_user+0x10b/0x160 [ 3074.418385][T30146] ? kernel_sendmsg+0x50/0x50 [ 3074.423137][T30146] ? plist_check_list+0x1ae/0x280 [ 3074.428155][T30146] ? schedule+0xf1/0x1b0 [ 3074.432386][T30146] ___sys_sendmsg+0x135/0x1d0 [ 3074.437059][T30146] ? do_recvmmsg+0x740/0x740 [ 3074.441642][T30146] ? rcu_is_watching+0x12/0xb0 [ 3074.446397][T30146] ? rcu_is_watching+0x12/0xb0 [ 3074.451149][T30146] ? __fget_light+0xe6/0x260 [ 3074.455730][T30146] __sys_sendmsg+0x117/0x1e0 [ 3074.460315][T30146] ? __sys_sendmsg_sock+0x30/0x30 [ 3074.465330][T30146] ? xfd_validate_state+0x5d/0x180 [ 3074.470443][T30146] ? rcu_is_watching+0x12/0xb0 [ 3074.475196][T30146] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3074.481165][T30146] do_syscall_64+0x38/0xb0 [ 3074.485575][T30146] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3074.491463][T30146] RIP: 0033:0x7f1773a7cae9 [ 3074.495860][T30146] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3074.515454][T30146] RSP: 002b:00007f177476b0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3074.523849][T30146] RAX: ffffffffffffffda RBX: 00007f1773b9bf80 RCX: 00007f1773a7cae9 [ 3074.531803][T30146] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3074.539758][T30146] RBP: 00007f1773ac847a R08: 0000000000000000 R09: 0000000000000000 [ 3074.547712][T30146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3074.555669][T30146] R13: 000000000000000b R14: 00007f1773b9bf80 R15: 00007ffc226675b8 [ 3074.563628][T30146] [ 3074.583864][T30149] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3074.608932][T30149] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3074.616881][ T2161] usb 3-1: Using ep0 maxpacket: 16 [ 3074.622418][T30149] CPU: 0 PID: 30149 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3074.632491][T30149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3074.642555][T30149] Call Trace: [ 3074.645833][T30149] [ 3074.648777][T30149] dump_stack_lvl+0x125/0x1b0 [ 3074.653469][T30149] sysfs_warn_dup+0x7f/0xa0 [ 3074.657977][T30149] sysfs_do_create_link_sd+0x11e/0x140 [ 3074.663461][T30149] sysfs_create_link+0x61/0xc0 [ 3074.668216][T30149] device_add+0x669/0x1ac0 [ 3074.672626][T30149] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3074.679465][T30149] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3074.685361][T30149] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3074.691333][T30149] wiphy_register+0x2095/0x2ce0 [ 3074.696164][T30149] ? wiphy_unregister+0xb70/0xb70 [ 3074.701168][T30149] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3074.707218][T30149] ieee80211_register_hw+0x24d1/0x4250 [ 3074.712661][T30149] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3074.718192][T30149] ? rcu_is_watching+0x12/0xb0 [ 3074.722933][T30149] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3074.728898][T30149] ? __hrtimer_init+0x103/0x2c0 [ 3074.733743][T30149] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3074.739458][T30149] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3074.745150][T30149] ? rcu_is_watching+0x12/0xb0 [ 3074.749897][T30149] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3074.755776][T30149] hwsim_new_radio_nl+0xaf8/0x1240 [ 3074.760878][T30149] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3074.766760][T30149] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3074.774126][T30149] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3074.781482][T30149] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3074.787014][T30149] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3074.794477][T30149] ? ns_capable+0xd5/0x110 [ 3074.798897][T30149] genl_rcv_msg+0x55c/0x800 [ 3074.803459][T30149] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3074.809336][T30149] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3074.815245][T30149] netlink_rcv_skb+0x16b/0x440 [ 3074.819993][T30149] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3074.825878][T30149] ? netlink_ack+0x1370/0x1370 [ 3074.830630][T30149] ? rcu_is_watching+0x12/0xb0 [ 3074.835393][T30149] ? down_write+0x200/0x200 [ 3074.839879][T30149] ? netlink_deliver_tap+0x1b1/0xd10 [ 3074.845259][T30149] genl_rcv+0x28/0x40 [ 3074.849223][T30149] netlink_unicast+0x536/0x810 [ 3074.853986][T30149] ? netlink_attachskb+0x870/0x870 [ 3074.859077][T30149] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3074.864994][T30149] ? __phys_addr_symbol+0x30/0x70 [ 3074.870023][T30149] ? __check_object_size+0x323/0x730 [ 3074.875320][T30149] netlink_sendmsg+0x93c/0xe40 [ 3074.880074][T30149] ? netlink_unicast+0x810/0x810 [ 3074.885035][T30149] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3074.890301][T30149] ? netlink_unicast+0x810/0x810 [ 3074.895309][T30149] sock_sendmsg+0xd9/0x180 [ 3074.899703][T30149] ____sys_sendmsg+0x6ac/0x940 [ 3074.904455][T30149] ? copy_msghdr_from_user+0x10b/0x160 [ 3074.909897][T30149] ? kernel_sendmsg+0x50/0x50 [ 3074.914557][T30149] ? plist_check_list+0x1ae/0x280 [ 3074.919575][T30149] ? schedule+0xf1/0x1b0 [ 3074.923805][T30149] ___sys_sendmsg+0x135/0x1d0 [ 3074.928475][T30149] ? do_recvmmsg+0x740/0x740 [ 3074.933183][T30149] ? rcu_is_watching+0x12/0xb0 [ 3074.937952][T30149] ? rcu_is_watching+0x12/0xb0 [ 3074.942698][T30149] ? __fget_light+0xe6/0x260 [ 3074.947308][T30149] __sys_sendmsg+0x117/0x1e0 [ 3074.951885][T30149] ? __sys_sendmsg_sock+0x30/0x30 [ 3074.956914][T30149] ? xfd_validate_state+0x5d/0x180 [ 3074.962015][T30149] ? rcu_is_watching+0x12/0xb0 [ 3074.966773][T30149] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3074.972744][T30149] do_syscall_64+0x38/0xb0 [ 3074.977155][T30149] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3074.983054][T30149] RIP: 0033:0x7fc66767cae9 [ 3074.987452][T30149] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3075.007073][T30149] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3075.015491][T30149] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3075.023484][T30149] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3075.031477][T30149] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 [ 3075.039443][T30149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3075.047409][T30149] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3075.055368][T30149] [ 3075.156908][ T2161] usb 3-1: config index 0 descriptor too short (expected 16456, got 72) [ 3075.165287][ T2161] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 3075.174292][ T2161] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 3075.186179][ T2161] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 3075.195191][ T2161] usb 3-1: config 0 has no interface number 0 [ 3075.201300][ T2161] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 3075.212339][ T2161] usb 3-1: config 0 interface 125 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 3075.377289][ T2161] usb 3-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 3075.388354][ T2161] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3075.396351][ T2161] usb 3-1: Product: syz [ 3075.400536][ T2161] usb 3-1: Manufacturer: syz [ 3075.405123][ T2161] usb 3-1: SerialNumber: syz [ 3075.411118][ T2161] usb 3-1: config 0 descriptor?? [ 3075.651941][T18894] usb 3-1: USB disconnect, device number 31 20:14:23 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000005000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:23 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) statfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000200)=""/197) 20:14:23 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async, rerun: 32) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) (async) r5 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000000c0), r3) sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x74, r5, 0x2, 0x70bd26, 0x25dfdbfe, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x5}, @NLBL_MGMT_A_DOMAIN={0x11, 0x1, '802.15.4 MAC\x00'}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x26}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x18}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}}, @NLBL_MGMT_A_DOMAIN={0xe, 0x1, '@-}#8#^!\xf7\x00'}]}, 0x74}, 0x1, 0x0, 0x0, 0x40}, 0x20000080) 20:14:23 executing program 0: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x7000) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) r3 = shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000561000/0x2000)=nil, 0x1000) r4 = shmget$private(0x0, 0x4000, 0x800, &(0x7f00009ff000/0x4000)=nil) shmat(r4, &(0x7f00000de000/0x4000)=nil, 0x0) shmat(r4, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_LOCK(r3, 0xb) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x233000, 0x1000, 0x0, 0x1}, 0x20) mbind(&(0x7f00001b9000/0x4000)=nil, 0x4000, 0x4000, 0x0, 0xfffffffffffffffc, 0x10000000003) 20:14:23 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000060f94d100d05020027230102030109024840020000000009047d00031d5abf0009050400005539"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 20:14:23 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000074000000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3076.187222][T30159] syz-executor.4[30159]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3076.202029][T30159] loop4: detected capacity change from 0 to 256 [ 3076.223674][T30161] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3076.237118][T30161] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3076.246001][T30161] CPU: 0 PID: 30161 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3076.253553][T30159] FAT-fs (loop4): Directory bread(block 64) failed [ 3076.256063][T30161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3076.256077][T30161] Call Trace: [ 3076.256084][T30161] [ 3076.256091][T30161] dump_stack_lvl+0x125/0x1b0 [ 3076.266677][T30159] FAT-fs (loop4): Directory bread(block 65) failed [ 3076.272590][T30161] sysfs_warn_dup+0x7f/0xa0 [ 3076.272619][T30161] sysfs_do_create_link_sd+0x11e/0x140 [ 3076.272644][T30161] sysfs_create_link+0x61/0xc0 [ 3076.276303][T30159] FAT-fs (loop4): Directory bread(block 66) failed [ 3076.278904][T30161] device_add+0x669/0x1ac0 [ 3076.278941][T30161] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3076.278980][T30161] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3076.279019][T30161] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3076.279066][T30161] wiphy_register+0x2095/0x2ce0 [ 3076.279096][T30161] ? wiphy_unregister+0xb70/0xb70 [ 3076.279126][T30161] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3076.285157][T30159] FAT-fs (loop4): Directory bread(block 67) failed [ 3076.290262][T30161] ieee80211_register_hw+0x24d1/0x4250 [ 3076.290299][T30161] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3076.290329][T30161] ? rcu_is_watching+0x12/0xb0 [ 3076.295812][T30159] FAT-fs (loop4): Directory bread(block 68) failed [ 3076.300218][T30161] ? trace_irq_enable.constprop.0+0xd0/0x100 20:14:23 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) statfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000200)=""/197) (async) statfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000200)=""/197) [ 3076.300245][T30161] ? __hrtimer_init+0x103/0x2c0 [ 3076.300273][T30161] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3076.300307][T30161] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3076.300330][T30161] ? rcu_is_watching+0x12/0xb0 [ 3076.300351][T30161] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3076.300377][T30161] hwsim_new_radio_nl+0xaf8/0x1240 [ 3076.300404][T30161] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3076.308301][T30159] FAT-fs (loop4): Directory bread(block 69) failed [ 3076.311622][T30161] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3076.311656][T30161] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3076.316218][T30159] FAT-fs (loop4): Directory bread(block 70) failed [ 3076.322863][T30161] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3076.322901][T30161] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3076.322947][T30161] ? ns_capable+0xd5/0x110 [ 3076.322979][T30161] genl_rcv_msg+0x55c/0x800 [ 3076.331848][T30159] FAT-fs (loop4): Directory bread(block 71) failed [ 3076.334878][T30161] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3076.334912][T30161] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3076.339946][T30159] FAT-fs (loop4): Directory bread(block 72) failed [ 3076.344732][T30161] netlink_rcv_skb+0x16b/0x440 [ 3076.344770][T30161] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3076.366564][T30159] FAT-fs (loop4): Directory bread(block 73) failed [ 3076.368242][T30161] ? netlink_ack+0x1370/0x1370 [ 3076.368273][T30161] ? rcu_is_watching+0x12/0xb0 [ 3076.368299][T30161] ? down_write+0x200/0x200 [ 3076.368320][T30161] ? netlink_deliver_tap+0x1b1/0xd10 [ 3076.368346][T30161] genl_rcv+0x28/0x40 [ 3076.368371][T30161] netlink_unicast+0x536/0x810 [ 3076.368398][T30161] ? netlink_attachskb+0x870/0x870 [ 3076.368422][T30161] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3076.368451][T30161] ? __phys_addr_symbol+0x30/0x70 [ 3076.368472][T30161] ? __check_object_size+0x323/0x730 [ 3076.368497][T30161] netlink_sendmsg+0x93c/0xe40 [ 3076.368524][T30161] ? netlink_unicast+0x810/0x810 [ 3076.368551][T30161] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3076.368577][T30161] ? netlink_unicast+0x810/0x810 [ 3076.479559][T18894] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 3076.485326][T30161] sock_sendmsg+0xd9/0x180 [ 3076.485358][T30161] ____sys_sendmsg+0x6ac/0x940 [ 3076.600599][T30161] ? copy_msghdr_from_user+0x10b/0x160 [ 3076.606051][T30161] ? kernel_sendmsg+0x50/0x50 [ 3076.610713][T30161] ? plist_check_list+0x1ae/0x280 [ 3076.615727][T30161] ? schedule+0xf1/0x1b0 [ 3076.619956][T30161] ___sys_sendmsg+0x135/0x1d0 [ 3076.624622][T30161] ? do_recvmmsg+0x740/0x740 [ 3076.629199][T30161] ? rcu_is_watching+0x12/0xb0 [ 3076.633966][T30161] ? rcu_is_watching+0x12/0xb0 [ 3076.638715][T30161] ? __fget_light+0xe6/0x260 [ 3076.643287][T30161] __sys_sendmsg+0x117/0x1e0 [ 3076.647875][T30161] ? __sys_sendmsg_sock+0x30/0x30 [ 3076.652911][T30161] ? xfd_validate_state+0x5d/0x180 [ 3076.658013][T30161] ? rcu_is_watching+0x12/0xb0 [ 3076.662764][T30161] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3076.668736][T30161] do_syscall_64+0x38/0xb0 [ 3076.673244][T30161] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3076.679139][T30161] RIP: 0033:0x7fc65907cae9 [ 3076.683538][T30161] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3076.703137][T30161] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3076.711556][T30161] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3076.719508][T30161] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3076.726922][T18894] usb 3-1: Using ep0 maxpacket: 16 20:14:24 executing program 0: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) statfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000200)=""/197) [ 3076.727547][T30161] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3076.727562][T30161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3076.748544][T30161] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3076.756499][T30161] [ 3076.766189][T30155] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. 20:14:24 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000006000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3076.804433][T30155] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3076.853490][T30171] syz-executor.4[30171]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3076.865442][T30155] CPU: 1 PID: 30155 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3076.866188][T30171] loop4: detected capacity change from 0 to 256 [ 3076.875516][T30155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3076.875529][T30155] Call Trace: [ 3076.875541][T30155] [ 3076.875548][T30155] dump_stack_lvl+0x125/0x1b0 [ 3076.885645][T30173] syz-executor.0[30173]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3076.891816][T30155] sysfs_warn_dup+0x7f/0xa0 [ 3076.891846][T30155] sysfs_do_create_link_sd+0x11e/0x140 [ 3076.891871][T30155] sysfs_create_link+0x61/0xc0 [ 3076.900373][T30173] loop0: detected capacity change from 0 to 256 [ 3076.902718][T30155] device_add+0x669/0x1ac0 [ 3076.902751][T30155] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3076.944619][T30155] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3076.950554][T30155] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3076.956534][T30155] wiphy_register+0x2095/0x2ce0 [ 3076.961381][T30155] ? wiphy_unregister+0xb70/0xb70 [ 3076.966422][T30155] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3076.972481][T30155] ieee80211_register_hw+0x24d1/0x4250 [ 3076.978034][T30155] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3076.983582][T30155] ? rcu_is_watching+0x12/0xb0 [ 3076.988336][T30155] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3076.994309][T30155] ? __hrtimer_init+0x103/0x2c0 [ 3076.999156][T30155] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3077.004874][T30155] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3077.010587][T30155] ? rcu_is_watching+0x12/0xb0 [ 3077.015340][T30155] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3077.021224][T30155] hwsim_new_radio_nl+0xaf8/0x1240 [ 3077.026334][T30155] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3077.032244][T30155] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3077.039615][T30155] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3077.046986][T30155] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3077.052529][T30155] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3077.059905][T30155] ? ns_capable+0xd5/0x110 [ 3077.064317][T30155] genl_rcv_msg+0x55c/0x800 [ 3077.068819][T30155] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3077.074707][T30155] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3077.080616][T30155] netlink_rcv_skb+0x16b/0x440 [ 3077.085379][T30155] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3077.091280][T30155] ? netlink_ack+0x1370/0x1370 [ 3077.096039][T30155] ? rcu_is_watching+0x12/0xb0 [ 3077.100795][T30155] ? down_write+0x200/0x200 [ 3077.105290][T30155] ? netlink_deliver_tap+0x1b1/0xd10 [ 3077.110573][T30155] genl_rcv+0x28/0x40 [ 3077.114561][T30155] netlink_unicast+0x536/0x810 [ 3077.119324][T30155] ? netlink_attachskb+0x870/0x870 [ 3077.124431][T30155] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3077.130325][T30155] ? __phys_addr_symbol+0x30/0x70 [ 3077.135345][T30155] ? __check_object_size+0x323/0x730 [ 3077.140629][T30155] netlink_sendmsg+0x93c/0xe40 [ 3077.145739][T30155] ? netlink_unicast+0x810/0x810 [ 3077.150674][T30155] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3077.155957][T30155] ? netlink_unicast+0x810/0x810 [ 3077.160978][T30155] sock_sendmsg+0xd9/0x180 [ 3077.165391][T30155] ____sys_sendmsg+0x6ac/0x940 [ 3077.170151][T30155] ? copy_msghdr_from_user+0x10b/0x160 [ 3077.175606][T30155] ? kernel_sendmsg+0x50/0x50 [ 3077.180268][T30155] ? plist_check_list+0x1ae/0x280 [ 3077.185284][T30155] ? schedule+0xf1/0x1b0 [ 3077.189516][T30155] ___sys_sendmsg+0x135/0x1d0 [ 3077.194195][T30155] ? do_recvmmsg+0x740/0x740 [ 3077.198795][T30155] ? rcu_is_watching+0x12/0xb0 [ 3077.203561][T30155] ? rcu_is_watching+0x12/0xb0 [ 3077.208316][T30155] ? __fget_light+0xe6/0x260 [ 3077.212891][T30155] __sys_sendmsg+0x117/0x1e0 [ 3077.217475][T30155] ? __sys_sendmsg_sock+0x30/0x30 [ 3077.222583][T30155] ? xfd_validate_state+0x5d/0x180 [ 3077.227697][T30155] ? rcu_is_watching+0x12/0xb0 [ 3077.232450][T30155] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3077.238424][T30155] do_syscall_64+0x38/0xb0 [ 3077.242841][T30155] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3077.248751][T30155] RIP: 0033:0x7fc66767cae9 [ 3077.253164][T30155] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3077.272791][T30155] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3077.281191][T30155] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3077.289152][T30155] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3077.297203][T30155] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 [ 3077.305164][T30155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3077.313122][T30155] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3077.321719][T30155] [ 3077.332319][T18894] usb 3-1: config index 0 descriptor too short (expected 16456, got 72) [ 3077.343519][T18894] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 3077.351782][T18894] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 3077.362685][T18894] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 3077.371594][T18894] usb 3-1: config 0 has no interface number 0 [ 3077.377741][T18894] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 3077.378523][T30170] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. 20:14:24 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_KEY(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x0, 0x4, 0x70bd25, 0x25dfdbfe, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x1) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r2) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000340)={'wpan1\x00'}) sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4100}, 0xc, &(0x7f0000000240)={&(0x7f0000000380)={0x248, 0x0, 0x400, 0x70bd29, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_MLSCATLST={0x34, 0xc, 0x0, 0x1, [{0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xb820}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x18f62ff8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xb910}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x2dd8}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x53eac19a}]}]}, @NLBL_CIPSOV4_A_MLSLVLLST={0x34, 0x8, 0x0, 0x1, [{0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x70}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x3b}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5de8eed7}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xbf}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x4d}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}, @NLBL_CIPSOV4_A_MLSCATLST={0x90, 0xc, 0x0, 0x1, [{0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xdb548ca}]}, {0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x583d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x86d4}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xd21d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8eac}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x445b8de6}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xd8aa}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6afd}]}, {0x44, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5a602e2a}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6254}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7e0ccad}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xcb19}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x78ad}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3b2fae76}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4825a26}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x43a6}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5, 0x3, 0xd}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x2}]}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CIPSOV4_A_MLSCATLST={0xd4, 0xc, 0x0, 0x1, [{0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1c7445f5}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x221b9021}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x95bb}]}, {0x34, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x86fce0b}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x184ab1b9}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x75ca88f0}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xaaca}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6382}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1fa2}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5bea}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xcec5}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x38e6040}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x14570cc}]}, {0x4}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x44fda170}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x88a1}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5a8b4088}]}, {0x34, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1e8e}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x57df3ce5}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x620b}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2da7f663}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x50b2be32}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc131}]}]}]}, 0x248}, 0x1, 0x0, 0x0, 0x40}, 0x800) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f00000001c0)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0xfdfa, &(0x7f0000000200)={&(0x7f0000000600)=ANY=[@ANYBLOB="40000000628b7ce048739002b6f3da939900739d526856bfab1d7433dd45c3f435d92bf44334c159c3075de64862e90f894f169ac5ff4be08535c54072f0a59b768b", @ANYRES16=r3, @ANYBLOB="4d7e00000000000000002a00000000002f003e09000005003600000000000c0005000000000000000000000005000200aaaaaaaaaaaa08000200", @ANYRES32=r5, @ANYBLOB="000001007770616e34000000"], 0x40}, 0x4, 0x700000000000000}, 0x0) [ 3077.388822][T18894] usb 3-1: config 0 interface 125 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 3077.420567][T30171] FAT-fs (loop4): Directory bread(block 64) failed [ 3077.427522][T30171] FAT-fs (loop4): Directory bread(block 65) failed [ 3077.429409][T30173] FAT-fs (loop0): Directory bread(block 64) failed [ 3077.435970][T30171] FAT-fs (loop4): Directory bread(block 66) failed 20:14:24 executing program 5: r0 = shmget$private(0x0, 0x400000, 0x1, &(0x7f000000e000/0x400000)=nil) shmat(r0, &(0x7f0000a95000/0x3000)=nil, 0x3000) shmat(r0, &(0x7f0000e17000/0x2000)=nil, 0x2000) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) shmat(0x0, &(0x7f0000813000/0x4000)=nil, 0x0) r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r1, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x7000) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/162) shmat(r2, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x7000) shmat(r2, &(0x7f0000a2f000/0x1000)=nil, 0x4000) r3 = shmget(0x1, 0x3000, 0x8, &(0x7f0000103000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f00009c5000/0x4000)=nil) shmctl$SHM_LOCK(r0, 0xb) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0xffffffffffffff11) shmctl$SHM_UNLOCK(0x0, 0xc) shmat(0x0, &(0x7f0000561000/0x2000)=nil, 0x1000) r4 = shmget$private(0x0, 0x4000, 0x800, &(0x7f00009ff000/0x4000)=nil) shmat(r4, &(0x7f00000de000/0x4000)=nil, 0x0) shmat(r4, &(0x7f0000000000/0x13000)=nil, 0x4000) shmctl$SHM_LOCK(r3, 0xb) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x233000, 0x1000, 0x0, 0x1}, 0x20) mbind(&(0x7f00001b9000/0x4000)=nil, 0x4000, 0x4000, 0x0, 0xfffffffffffffffc, 0x10000000003) [ 3077.453976][T30171] FAT-fs (loop4): Directory bread(block 67) failed [ 3077.459518][T30173] FAT-fs (loop0): Directory bread(block 65) failed [ 3077.460609][T30171] FAT-fs (loop4): Directory bread(block 68) failed [ 3077.474555][T30171] FAT-fs (loop4): Directory bread(block 69) failed [ 3077.481419][T30171] FAT-fs (loop4): Directory bread(block 70) failed [ 3077.488138][T30171] FAT-fs (loop4): Directory bread(block 71) failed [ 3077.492707][T30173] FAT-fs (loop0): Directory bread(block 66) failed [ 3077.494740][T30171] FAT-fs (loop4): Directory bread(block 72) failed [ 3077.508201][T30173] FAT-fs (loop0): Directory bread(block 67) failed [ 3077.512785][T30171] FAT-fs (loop4): Directory bread(block 73) failed [ 3077.522521][T30170] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3077.536417][T30173] FAT-fs (loop0): Directory bread(block 68) failed [ 3077.543102][T30173] FAT-fs (loop0): Directory bread(block 69) failed [ 3077.550174][T18894] usb 3-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 3077.563908][T18894] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3077.572364][T18894] usb 3-1: Product: syz [ 3077.576628][T18894] usb 3-1: Manufacturer: syz [ 3077.577531][T30170] CPU: 0 PID: 30170 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3077.581363][T18894] usb 3-1: SerialNumber: syz [ 3077.591254][T30170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3077.591268][T30170] Call Trace: [ 3077.591278][T30170] [ 3077.591287][T30170] dump_stack_lvl+0x125/0x1b0 [ 3077.591330][T30170] sysfs_warn_dup+0x7f/0xa0 [ 3077.598383][T30173] FAT-fs (loop0): Directory bread(block 70) failed [ 3077.606010][T30170] sysfs_do_create_link_sd+0x11e/0x140 [ 3077.606047][T30170] sysfs_create_link+0x61/0xc0 [ 3077.610310][T30173] FAT-fs (loop0): Directory bread(block 71) failed [ 3077.612232][T30170] device_add+0x669/0x1ac0 [ 3077.612270][T30170] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 20:14:25 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) statfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000200)=""/197) [ 3077.617142][T30173] FAT-fs (loop0): Directory bread(block 72) failed [ 3077.621417][T30170] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3077.621465][T30170] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3077.628411][T30173] FAT-fs (loop0): Directory bread(block 73) failed [ 3077.633372][T30170] wiphy_register+0x2095/0x2ce0 [ 3077.633411][T30170] ? wiphy_unregister+0xb70/0xb70 [ 3077.641448][T18894] usb 3-1: config 0 descriptor?? [ 3077.644622][T30170] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3077.701734][T30170] ieee80211_register_hw+0x24d1/0x4250 20:14:25 executing program 0: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) statfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000200)=""/197) [ 3077.707301][T30170] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3077.712864][T30170] ? rcu_is_watching+0x12/0xb0 [ 3077.717640][T30170] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3077.723633][T30170] ? __hrtimer_init+0x103/0x2c0 [ 3077.728508][T30170] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3077.734244][T30170] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3077.740329][T30170] ? rcu_is_watching+0x12/0xb0 [ 3077.747098][T30170] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3077.752998][T30170] hwsim_new_radio_nl+0xaf8/0x1240 [ 3077.758121][T30170] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3077.764016][T30170] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3077.771400][T30170] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3077.778770][T30170] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3077.784351][T30170] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3077.791717][T30170] ? ns_capable+0xd5/0x110 [ 3077.796154][T30170] genl_rcv_msg+0x55c/0x800 [ 3077.800654][T30170] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3077.806552][T30170] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3077.812457][T30170] netlink_rcv_skb+0x16b/0x440 [ 3077.817262][T30170] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3077.823151][T30170] ? netlink_ack+0x1370/0x1370 [ 3077.828102][T30170] ? rcu_is_watching+0x12/0xb0 [ 3077.832874][T30170] ? down_write+0x200/0x200 [ 3077.837373][T30170] ? netlink_deliver_tap+0x1b1/0xd10 [ 3077.842651][T30170] genl_rcv+0x28/0x40 [ 3077.846632][T30170] netlink_unicast+0x536/0x810 [ 3077.851405][T30170] ? netlink_attachskb+0x870/0x870 [ 3077.856548][T30170] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3077.862459][T30170] ? __phys_addr_symbol+0x30/0x70 [ 3077.867592][T30170] ? __check_object_size+0x323/0x730 [ 3077.872889][T30170] netlink_sendmsg+0x93c/0xe40 [ 3077.877669][T30170] ? netlink_unicast+0x810/0x810 [ 3077.882602][T30170] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3077.887890][T30170] ? netlink_unicast+0x810/0x810 [ 3077.892848][T30170] sock_sendmsg+0xd9/0x180 [ 3077.897251][T30170] ____sys_sendmsg+0x6ac/0x940 [ 3077.902026][T30170] ? copy_msghdr_from_user+0x10b/0x160 [ 3077.907499][T30170] ? kernel_sendmsg+0x50/0x50 [ 3077.912162][T30170] ? plist_check_list+0x1ae/0x280 [ 3077.917183][T30170] ? schedule+0xf1/0x1b0 [ 3077.921435][T30170] ___sys_sendmsg+0x135/0x1d0 [ 3077.926145][T30170] ? do_recvmmsg+0x740/0x740 [ 3077.930726][T30170] ? rcu_is_watching+0x12/0xb0 [ 3077.935486][T30170] ? rcu_is_watching+0x12/0xb0 [ 3077.940244][T30170] ? __fget_light+0xe6/0x260 [ 3077.944843][T30170] __sys_sendmsg+0x117/0x1e0 [ 3077.949433][T30170] ? __sys_sendmsg_sock+0x30/0x30 [ 3077.954480][T30170] ? xfd_validate_state+0x5d/0x180 [ 3077.959715][T30170] ? rcu_is_watching+0x12/0xb0 [ 3077.964492][T30170] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3077.970480][T30170] do_syscall_64+0x38/0xb0 [ 3077.974939][T30170] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3077.980843][T30170] RIP: 0033:0x7fc65907cae9 [ 3077.985245][T30170] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3078.004939][T30170] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3078.013382][T30170] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3078.021342][T30170] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3078.029312][T30170] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3078.037733][T30170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3078.045700][T30170] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3078.053683][T30170] 20:14:25 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000007000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:25 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_KEY(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x0, 0x4, 0x70bd25, 0x25dfdbfe, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x1) (async) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r2) (async) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000340)={'wpan1\x00'}) (async) sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4100}, 0xc, &(0x7f0000000240)={&(0x7f0000000380)={0x248, 0x0, 0x400, 0x70bd29, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_MLSCATLST={0x34, 0xc, 0x0, 0x1, [{0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xb820}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x18f62ff8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xb910}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x2dd8}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x53eac19a}]}]}, @NLBL_CIPSOV4_A_MLSLVLLST={0x34, 0x8, 0x0, 0x1, [{0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x70}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x3b}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5de8eed7}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xbf}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x4d}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}, @NLBL_CIPSOV4_A_MLSCATLST={0x90, 0xc, 0x0, 0x1, [{0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xdb548ca}]}, {0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x583d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x86d4}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xd21d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8eac}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x445b8de6}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xd8aa}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6afd}]}, {0x44, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5a602e2a}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6254}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7e0ccad}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xcb19}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x78ad}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3b2fae76}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4825a26}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x43a6}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5, 0x3, 0xd}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x2}]}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CIPSOV4_A_MLSCATLST={0xd4, 0xc, 0x0, 0x1, [{0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1c7445f5}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x221b9021}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x95bb}]}, {0x34, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x86fce0b}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x184ab1b9}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x75ca88f0}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xaaca}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6382}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1fa2}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5bea}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xcec5}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x38e6040}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x14570cc}]}, {0x4}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x44fda170}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x88a1}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5a8b4088}]}, {0x34, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1e8e}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x57df3ce5}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x620b}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2da7f663}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x50b2be32}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc131}]}]}]}, 0x248}, 0x1, 0x0, 0x0, 0x40}, 0x800) (async) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f00000001c0)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0xfdfa, &(0x7f0000000200)={&(0x7f0000000600)=ANY=[@ANYBLOB="40000000628b7ce048739002b6f3da939900739d526856bfab1d7433dd45c3f435d92bf44334c159c3075de64862e90f894f169ac5ff4be08535c54072f0a59b768b", @ANYRES16=r3, @ANYBLOB="4d7e00000000000000002a00000000002f003e09000005003600000000000c0005000000000000000000000005000200aaaaaaaaaaaa08000200", @ANYRES32=r5, @ANYBLOB="000001007770616e34000000"], 0x40}, 0x4, 0x700000000000000}, 0x0) 20:14:25 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000002000000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3078.131489][T30181] syz-executor.4[30181]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3078.169141][T30184] syz-executor.0[30184]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3078.201469][T30181] loop4: detected capacity change from 0 to 256 [ 3078.206609][T30184] loop0: detected capacity change from 0 to 256 [ 3078.211387][T30188] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3078.243722][T30188] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3078.244713][T30184] FAT-fs (loop0): Directory bread(block 64) failed [ 3078.254208][T30188] CPU: 1 PID: 30188 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3078.266577][T30181] FAT-fs (loop4): Directory bread(block 64) failed [ 3078.268923][T30188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3078.268935][T30188] Call Trace: [ 3078.268942][T30188] [ 3078.268948][T30188] dump_stack_lvl+0x125/0x1b0 [ 3078.268980][T30188] sysfs_warn_dup+0x7f/0xa0 [ 3078.275518][T30181] FAT-fs (loop4): Directory bread(block 65) failed [ 3078.285517][T30188] sysfs_do_create_link_sd+0x11e/0x140 [ 3078.285551][T30188] sysfs_create_link+0x61/0xc0 [ 3078.289478][T30184] FAT-fs (loop0): Directory bread(block 65) failed [ 3078.291740][T30188] device_add+0x669/0x1ac0 [ 3078.296632][T30181] FAT-fs (loop4): Directory bread(block 66) failed [ 3078.300968][T30188] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3078.341985][T30188] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3078.347928][T30188] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3078.353985][T30188] wiphy_register+0x2095/0x2ce0 [ 3078.358872][T30188] ? wiphy_unregister+0xb70/0xb70 [ 3078.363905][T30188] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3078.370003][T30188] ieee80211_register_hw+0x24d1/0x4250 [ 3078.375512][T30188] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3078.381081][T30188] ? rcu_is_watching+0x12/0xb0 [ 3078.385937][T30188] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3078.391973][T30188] ? __hrtimer_init+0x103/0x2c0 [ 3078.396823][T30188] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3078.402556][T30188] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3078.408273][T30188] ? rcu_is_watching+0x12/0xb0 [ 3078.413033][T30188] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3078.419240][T30188] hwsim_new_radio_nl+0xaf8/0x1240 [ 3078.424351][T30188] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3078.430245][T30188] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3078.437624][T30188] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3078.444997][T30188] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3078.451455][T30188] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3078.458839][T30188] ? ns_capable+0xd5/0x110 [ 3078.463255][T30188] genl_rcv_msg+0x55c/0x800 [ 3078.467758][T30188] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3078.473653][T30188] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3078.479543][T30188] netlink_rcv_skb+0x16b/0x440 [ 3078.484302][T30188] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3078.490218][T30188] ? netlink_ack+0x1370/0x1370 [ 3078.494991][T30188] ? rcu_is_watching+0x12/0xb0 [ 3078.499776][T30188] ? down_write+0x200/0x200 [ 3078.504291][T30188] ? netlink_deliver_tap+0x1b1/0xd10 [ 3078.509604][T30188] genl_rcv+0x28/0x40 [ 3078.513624][T30188] netlink_unicast+0x536/0x810 [ 3078.518396][T30188] ? netlink_attachskb+0x870/0x870 [ 3078.523510][T30188] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3078.529428][T30188] ? __phys_addr_symbol+0x30/0x70 [ 3078.534467][T30188] ? __check_object_size+0x323/0x730 [ 3078.539768][T30188] netlink_sendmsg+0x93c/0xe40 [ 3078.544607][T30188] ? netlink_unicast+0x810/0x810 [ 3078.549655][T30188] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3078.554980][T30188] ? netlink_unicast+0x810/0x810 [ 3078.559951][T30188] sock_sendmsg+0xd9/0x180 [ 3078.564402][T30188] ____sys_sendmsg+0x6ac/0x940 [ 3078.569168][T30188] ? copy_msghdr_from_user+0x10b/0x160 [ 3078.574640][T30188] ? kernel_sendmsg+0x50/0x50 [ 3078.579307][T30188] ? plist_check_list+0x1ae/0x280 [ 3078.584329][T30188] ? schedule+0xf1/0x1b0 [ 3078.588560][T30188] ___sys_sendmsg+0x135/0x1d0 [ 3078.593500][T30188] ? do_recvmmsg+0x740/0x740 [ 3078.598086][T30188] ? rcu_is_watching+0x12/0xb0 [ 3078.602843][T30188] ? rcu_is_watching+0x12/0xb0 [ 3078.607601][T30188] ? __fget_light+0xe6/0x260 [ 3078.612184][T30188] __sys_sendmsg+0x117/0x1e0 [ 3078.616773][T30188] ? __sys_sendmsg_sock+0x30/0x30 [ 3078.622334][T30188] ? xfd_validate_state+0x5d/0x180 [ 3078.627511][T30188] ? rcu_is_watching+0x12/0xb0 [ 3078.632264][T30188] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3078.638243][T30188] do_syscall_64+0x38/0xb0 [ 3078.642665][T30188] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3078.648558][T30188] RIP: 0033:0x7fc65907cae9 [ 3078.652963][T30188] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3078.672583][T30188] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3078.680999][T30188] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3078.688979][T30188] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3078.696956][T30188] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3078.704942][T30188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3078.712902][T30188] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3078.720870][T30188] [ 3078.727797][T30184] FAT-fs (loop0): Directory bread(block 66) failed [ 3078.737763][T30181] FAT-fs (loop4): Directory bread(block 67) failed [ 3078.744454][T30184] FAT-fs (loop0): Directory bread(block 67) failed [ 3078.748917][T30187] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3078.755877][T30181] FAT-fs (loop4): Directory bread(block 68) failed [ 3078.768264][T30184] FAT-fs (loop0): Directory bread(block 68) failed [ 3078.775735][T30184] FAT-fs (loop0): Directory bread(block 69) failed [ 3078.783260][T30181] FAT-fs (loop4): Directory bread(block 69) failed [ 3078.789975][T30184] FAT-fs (loop0): Directory bread(block 70) failed [ 3078.789998][T30184] FAT-fs (loop0): Directory bread(block 71) failed [ 3078.790066][T30184] FAT-fs (loop0): Directory bread(block 72) failed [ 3078.808262][T30187] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3078.816219][T30181] FAT-fs (loop4): Directory bread(block 70) failed [ 3078.823476][T30187] CPU: 0 PID: 30187 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3078.825418][T30181] FAT-fs (loop4): Directory bread(block 71) failed [ 3078.834781][T30187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3078.834795][T30187] Call Trace: [ 3078.834803][T30187] [ 3078.834811][T30187] dump_stack_lvl+0x125/0x1b0 [ 3078.834847][T30187] sysfs_warn_dup+0x7f/0xa0 [ 3078.843008][T30184] FAT-fs (loop0): Directory bread(block 73) failed [ 3078.851446][T30187] sysfs_do_create_link_sd+0x11e/0x140 [ 3078.851486][T30187] sysfs_create_link+0x61/0xc0 [ 3078.854897][T30181] FAT-fs (loop4): Directory bread(block 72) failed [ 3078.857689][T30187] device_add+0x669/0x1ac0 [ 3078.857734][T30187] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3078.857777][T30187] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3078.857821][T30187] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3078.866580][T30181] FAT-fs (loop4): Directory bread(block 73) failed [ 3078.866965][T30187] wiphy_register+0x2095/0x2ce0 [ 3078.866993][T30187] ? wiphy_unregister+0xb70/0xb70 [ 3078.929939][T30187] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3078.936041][T30187] ieee80211_register_hw+0x24d1/0x4250 [ 3078.941536][T30187] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3078.947096][T30187] ? rcu_is_watching+0x12/0xb0 [ 3078.951873][T30187] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3078.957865][T30187] ? __hrtimer_init+0x103/0x2c0 [ 3078.962788][T30187] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3078.968648][T30187] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3078.974367][T30187] ? rcu_is_watching+0x12/0xb0 [ 3078.979112][T30187] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3078.984990][T30187] hwsim_new_radio_nl+0xaf8/0x1240 [ 3078.990100][T30187] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3078.996011][T30187] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3079.003412][T30187] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3079.010802][T30187] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3079.016340][T30187] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3079.023704][T30187] ? ns_capable+0xd5/0x110 [ 3079.028108][T30187] genl_rcv_msg+0x55c/0x800 [ 3079.032603][T30187] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3079.038486][T30187] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3079.044372][T30187] netlink_rcv_skb+0x16b/0x440 [ 3079.049129][T30187] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3079.055013][T30187] ? netlink_ack+0x1370/0x1370 [ 3079.059773][T30187] ? rcu_is_watching+0x12/0xb0 [ 3079.064529][T30187] ? down_write+0x200/0x200 [ 3079.069015][T30187] ? netlink_deliver_tap+0x1b1/0xd10 [ 3079.074294][T30187] genl_rcv+0x28/0x40 [ 3079.078269][T30187] netlink_unicast+0x536/0x810 [ 3079.083042][T30187] ? netlink_attachskb+0x870/0x870 [ 3079.088229][T30187] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3079.094118][T30187] ? __phys_addr_symbol+0x30/0x70 [ 3079.099140][T30187] ? __check_object_size+0x323/0x730 [ 3079.104536][T30187] netlink_sendmsg+0x93c/0xe40 [ 3079.109305][T30187] ? netlink_unicast+0x810/0x810 [ 3079.114269][T30187] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3079.119556][T30187] ? netlink_unicast+0x810/0x810 [ 3079.124522][T30187] sock_sendmsg+0xd9/0x180 [ 3079.129023][T30187] ____sys_sendmsg+0x6ac/0x940 [ 3079.133784][T30187] ? copy_msghdr_from_user+0x10b/0x160 [ 3079.139240][T30187] ? kernel_sendmsg+0x50/0x50 [ 3079.143911][T30187] ? plist_check_list+0x1ae/0x280 [ 3079.148933][T30187] ? schedule+0xf1/0x1b0 [ 3079.153177][T30187] ___sys_sendmsg+0x135/0x1d0 [ 3079.157847][T30187] ? do_recvmmsg+0x740/0x740 [ 3079.162426][T30187] ? rcu_is_watching+0x12/0xb0 [ 3079.167198][T30187] ? rcu_is_watching+0x12/0xb0 [ 3079.171982][T30187] ? __fget_light+0xe6/0x260 [ 3079.176590][T30187] __sys_sendmsg+0x117/0x1e0 [ 3079.181228][T30187] ? __sys_sendmsg_sock+0x30/0x30 [ 3079.186239][T30187] ? xfd_validate_state+0x5d/0x180 [ 3079.191359][T30187] ? rcu_is_watching+0x12/0xb0 20:14:26 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000060f94d100d05020027230102030109024840020000000009047d00031d5abf0009050400005539000009050b00000000000009050200000005000009"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 20:14:26 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_KEY(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x0, 0x4, 0x70bd25, 0x25dfdbfe, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x1) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r2) (async) r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r2) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000340)={'wpan1\x00'}) sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4100}, 0xc, &(0x7f0000000240)={&(0x7f0000000380)={0x248, 0x0, 0x400, 0x70bd29, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_MLSCATLST={0x34, 0xc, 0x0, 0x1, [{0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xb820}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x18f62ff8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xb910}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x2dd8}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x53eac19a}]}]}, @NLBL_CIPSOV4_A_MLSLVLLST={0x34, 0x8, 0x0, 0x1, [{0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x70}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x3b}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5de8eed7}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xbf}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x4d}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}, @NLBL_CIPSOV4_A_MLSCATLST={0x90, 0xc, 0x0, 0x1, [{0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xdb548ca}]}, {0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x583d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x86d4}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xd21d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8eac}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x445b8de6}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xd8aa}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6afd}]}, {0x44, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5a602e2a}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6254}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7e0ccad}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xcb19}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x78ad}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3b2fae76}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4825a26}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x43a6}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5, 0x3, 0xd}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x2}]}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CIPSOV4_A_MLSCATLST={0xd4, 0xc, 0x0, 0x1, [{0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1c7445f5}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x221b9021}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x95bb}]}, {0x34, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x86fce0b}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x184ab1b9}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x75ca88f0}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xaaca}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6382}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1fa2}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5bea}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xcec5}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x38e6040}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x14570cc}]}, {0x4}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x44fda170}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x88a1}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5a8b4088}]}, {0x34, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1e8e}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x57df3ce5}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x620b}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2da7f663}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x50b2be32}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc131}]}]}]}, 0x248}, 0x1, 0x0, 0x0, 0x40}, 0x800) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f00000001c0)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0xfdfa, &(0x7f0000000200)={&(0x7f0000000600)=ANY=[@ANYBLOB="40000000628b7ce048739002b6f3da939900739d526856bfab1d7433dd45c3f435d92bf44334c159c3075de64862e90f894f169ac5ff4be08535c54072f0a59b768b", @ANYRES16=r3, @ANYBLOB="4d7e00000000000000002a00000000002f003e09000005003600000000000c0005000000000000000000000005000200aaaaaaaaaaaa08000200", @ANYRES32=r5, @ANYBLOB="000001007770616e34000000"], 0x40}, 0x4, 0x700000000000000}, 0x0) 20:14:26 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000009000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:26 executing program 0: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) statfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000200)=""/197) 20:14:26 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r1, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000200)='.\x00', 0x1a404bc, &(0x7f0000000540)=ANY=[@ANYRESDEC=r1, @ANYRES64=r1, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRES8=r0, @ANYRES16=r1, @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000340)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="0077945b06cbf125c774eb9b2bc61e7443f9f376dc23b454ed29a91efa726d9c291a8213f10a2ccc8a487cbfa1c89680ff00000000000000b7b30bad442c953bd3d69942993876c50953df294ddf2a9f8aaefd"]) bind$802154_raw(r2, &(0x7f0000000280)={0x24, @short={0x2, 0x2, 0x555c}}, 0x14) memfd_secret(0x0) [ 3079.196107][T30187] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3079.202084][T30187] do_syscall_64+0x38/0xb0 [ 3079.206517][T30187] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3079.207619][ T5129] usb 3-1: USB disconnect, device number 32 [ 3079.212411][T30187] RIP: 0033:0x7fc66767cae9 [ 3079.212428][T30187] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3079.242342][T30187] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3079.251104][T30187] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3079.259076][T30187] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3079.267053][T30187] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 [ 3079.275033][T30187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3079.283003][T30187] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3079.290995][T30187] 20:14:26 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000002000000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:26 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_ADD_DEV(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x40, r1, 0x10, 0x0, 0x25dfdbff, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x1}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x40}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5, 0x37, 0x2}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) [ 3079.323727][T30201] syz-executor.0[30201]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3079.341750][T30199] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3079.372829][T30199] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3079.413729][T30201] loop0: detected capacity change from 0 to 256 [ 3079.420578][T30199] CPU: 1 PID: 30199 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3079.423576][T30207] syz-executor.4[30207]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3079.430636][T30199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3079.430649][T30199] Call Trace: [ 3079.430658][T30199] [ 3079.430666][T30199] dump_stack_lvl+0x125/0x1b0 [ 3079.430706][T30199] sysfs_warn_dup+0x7f/0xa0 [ 3079.430735][T30199] sysfs_do_create_link_sd+0x11e/0x140 [ 3079.430766][T30199] sysfs_create_link+0x61/0xc0 [ 3079.430795][T30199] device_add+0x669/0x1ac0 [ 3079.430832][T30199] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3079.430869][T30199] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3079.430907][T30199] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3079.443839][T30207] loop4: detected capacity change from 0 to 256 [ 3079.450541][T30199] wiphy_register+0x2095/0x2ce0 [ 3079.450574][T30199] ? wiphy_unregister+0xb70/0xb70 [ 3079.450601][T30199] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3079.521160][T30199] ieee80211_register_hw+0x24d1/0x4250 [ 3079.526627][T30199] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3079.532167][T30199] ? rcu_is_watching+0x12/0xb0 [ 3079.536918][T30199] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3079.542886][T30199] ? __hrtimer_init+0x103/0x2c0 [ 3079.547731][T30199] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3079.553446][T30199] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3079.559160][T30199] ? rcu_is_watching+0x12/0xb0 [ 3079.563910][T30199] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3079.569792][T30199] hwsim_new_radio_nl+0xaf8/0x1240 [ 3079.574897][T30199] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3079.580794][T30199] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3079.588160][T30199] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3079.595533][T30199] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3079.601076][T30199] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3079.608440][T30199] ? ns_capable+0xd5/0x110 [ 3079.612843][T30199] genl_rcv_msg+0x55c/0x800 [ 3079.617341][T30199] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3079.623228][T30199] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3079.629110][T30199] netlink_rcv_skb+0x16b/0x440 [ 3079.633863][T30199] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3079.639749][T30199] ? netlink_ack+0x1370/0x1370 [ 3079.644508][T30199] ? rcu_is_watching+0x12/0xb0 [ 3079.649280][T30199] ? down_write+0x200/0x200 [ 3079.653769][T30199] ? netlink_deliver_tap+0x1b1/0xd10 [ 3079.659047][T30199] genl_rcv+0x28/0x40 [ 3079.663021][T30199] netlink_unicast+0x536/0x810 [ 3079.667791][T30199] ? netlink_attachskb+0x870/0x870 [ 3079.672891][T30199] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3079.678774][T30199] ? __phys_addr_symbol+0x30/0x70 [ 3079.683791][T30199] ? __check_object_size+0x323/0x730 [ 3079.689082][T30199] netlink_sendmsg+0x93c/0xe40 [ 3079.693842][T30199] ? netlink_unicast+0x810/0x810 [ 3079.698773][T30199] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3079.704049][T30199] ? netlink_unicast+0x810/0x810 [ 3079.708977][T30199] sock_sendmsg+0xd9/0x180 [ 3079.713384][T30199] ____sys_sendmsg+0x6ac/0x940 [ 3079.718134][T30199] ? copy_msghdr_from_user+0x10b/0x160 [ 3079.723580][T30199] ? kernel_sendmsg+0x50/0x50 [ 3079.728241][T30199] ? plist_check_list+0x1ae/0x280 [ 3079.733256][T30199] ? schedule+0xf1/0x1b0 [ 3079.737487][T30199] ___sys_sendmsg+0x135/0x1d0 [ 3079.742157][T30199] ? do_recvmmsg+0x740/0x740 [ 3079.746737][T30199] ? rcu_is_watching+0x12/0xb0 [ 3079.751492][T30199] ? rcu_is_watching+0x12/0xb0 [ 3079.756242][T30199] ? __fget_light+0xe6/0x260 [ 3079.760833][T30199] __sys_sendmsg+0x117/0x1e0 [ 3079.765418][T30199] ? __sys_sendmsg_sock+0x30/0x30 [ 3079.770432][T30199] ? xfd_validate_state+0x5d/0x180 [ 3079.775719][T30199] ? rcu_is_watching+0x12/0xb0 [ 3079.780469][T30199] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3079.786444][T30199] do_syscall_64+0x38/0xb0 [ 3079.790869][T30199] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3079.796761][T30199] RIP: 0033:0x7fc65907cae9 [ 3079.801164][T30199] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3079.820844][T30199] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3079.829241][T30199] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3079.837198][T30199] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3079.845150][T30199] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3079.853100][T30199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3079.861052][T30199] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3079.869011][T30199] 20:14:27 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="140100002900010000000000000e000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3079.894089][T30203] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3079.913829][T30201] FAT-fs (loop0): Directory bread(block 64) failed [ 3079.920954][T30201] FAT-fs (loop0): Directory bread(block 65) failed [ 3079.921810][T30207] FAT-fs (loop4): Directory bread(block 64) failed [ 3079.935499][T30203] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3079.936306][T30207] FAT-fs (loop4): Directory bread(block 65) failed [ 3079.944474][T30201] FAT-fs (loop0): Directory bread(block 66) failed [ 3079.954563][T30207] FAT-fs (loop4): Directory bread(block 66) failed [ 3079.957382][T30203] CPU: 1 PID: 30203 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3079.963545][T30207] FAT-fs (loop4): Directory bread(block 67) failed [ 3079.973545][T30203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3079.973557][T30203] Call Trace: [ 3079.973566][T30203] [ 3079.973574][T30203] dump_stack_lvl+0x125/0x1b0 [ 3079.980153][T30207] FAT-fs (loop4): Directory bread(block 68) failed [ 3079.990083][T30203] sysfs_warn_dup+0x7f/0xa0 [ 3079.990114][T30203] sysfs_do_create_link_sd+0x11e/0x140 [ 3079.994766][T30207] FAT-fs (loop4): Directory bread(block 69) failed [ 3079.996274][T30203] sysfs_create_link+0x61/0xc0 [ 3080.001022][T30207] FAT-fs (loop4): Directory bread(block 70) failed [ 3080.007395][T30203] device_add+0x669/0x1ac0 [ 3080.007430][T30203] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3080.007466][T30203] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3080.007504][T30203] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3080.007542][T30203] wiphy_register+0x2095/0x2ce0 [ 3080.007572][T30203] ? wiphy_unregister+0xb70/0xb70 [ 3080.007599][T30203] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3080.007626][T30203] ieee80211_register_hw+0x24d1/0x4250 [ 3080.007664][T30203] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3080.007695][T30203] ? rcu_is_watching+0x12/0xb0 [ 3080.007719][T30203] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3080.007746][T30203] ? __hrtimer_init+0x103/0x2c0 [ 3080.007776][T30203] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3080.007813][T30203] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3080.007835][T30203] ? rcu_is_watching+0x12/0xb0 [ 3080.007852][T30203] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3080.007879][T30203] hwsim_new_radio_nl+0xaf8/0x1240 [ 3080.029249][T30201] FAT-fs (loop0): Directory bread(block 67) failed [ 3080.035472][T30203] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3080.035506][T30203] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3080.147724][T30203] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3080.155108][T30203] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3080.160656][T30203] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3080.168033][T30203] ? ns_capable+0xd5/0x110 [ 3080.172443][T30203] genl_rcv_msg+0x55c/0x800 [ 3080.176944][T30203] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3080.182832][T30203] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3080.188719][T30203] netlink_rcv_skb+0x16b/0x440 [ 3080.193506][T30203] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3080.199395][T30203] ? netlink_ack+0x1370/0x1370 [ 3080.204150][T30203] ? rcu_is_watching+0x12/0xb0 [ 3080.208902][T30203] ? down_write+0x200/0x200 [ 3080.213397][T30203] ? netlink_deliver_tap+0x1b1/0xd10 [ 3080.218673][T30203] genl_rcv+0x28/0x40 [ 3080.222652][T30203] netlink_unicast+0x536/0x810 [ 3080.227413][T30203] ? netlink_attachskb+0x870/0x870 [ 3080.232516][T30203] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3080.238404][T30203] ? __phys_addr_symbol+0x30/0x70 [ 3080.243458][T30203] ? __check_object_size+0x323/0x730 [ 3080.248740][T30203] netlink_sendmsg+0x93c/0xe40 [ 3080.253500][T30203] ? netlink_unicast+0x810/0x810 [ 3080.258519][T30203] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3080.263883][T30203] ? netlink_unicast+0x810/0x810 [ 3080.268812][T30203] sock_sendmsg+0xd9/0x180 [ 3080.273336][T30203] ____sys_sendmsg+0x6ac/0x940 [ 3080.278185][T30203] ? copy_msghdr_from_user+0x10b/0x160 [ 3080.283640][T30203] ? kernel_sendmsg+0x50/0x50 [ 3080.288304][T30203] ? plist_check_list+0x1ae/0x280 [ 3080.293327][T30203] ? schedule+0xf1/0x1b0 [ 3080.297561][T30203] ___sys_sendmsg+0x135/0x1d0 [ 3080.302241][T30203] ? do_recvmmsg+0x740/0x740 [ 3080.306832][T30203] ? rcu_is_watching+0x12/0xb0 [ 3080.311591][T30203] ? rcu_is_watching+0x12/0xb0 [ 3080.316345][T30203] ? __fget_light+0xe6/0x260 [ 3080.320926][T30203] __sys_sendmsg+0x117/0x1e0 [ 3080.325516][T30203] ? __sys_sendmsg_sock+0x30/0x30 [ 3080.330536][T30203] ? xfd_validate_state+0x5d/0x180 [ 3080.335646][T30203] ? rcu_is_watching+0x12/0xb0 [ 3080.340401][T30203] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3080.346375][T30203] do_syscall_64+0x38/0xb0 [ 3080.350786][T30203] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3080.356787][T30203] RIP: 0033:0x7fc66767cae9 [ 3080.361226][T30203] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3080.381006][T30203] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3080.389495][T30203] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3080.397460][T30203] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3080.405420][T30203] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 [ 3080.413386][T30203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3080.421348][T30203] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3080.429343][T30203] 20:14:27 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000002000000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:27 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r0) (async) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) (async) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_ADD_DEV(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x40, r1, 0x10, 0x0, 0x25dfdbff, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x1}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x40}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5, 0x37, 0x2}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) [ 3080.441327][T30201] FAT-fs (loop0): Directory bread(block 68) failed [ 3080.448052][T30201] FAT-fs (loop0): Directory bread(block 69) failed [ 3080.454732][T30210] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3080.480259][T30207] FAT-fs (loop4): Directory bread(block 71) failed [ 3080.493758][T30207] FAT-fs (loop4): Directory bread(block 72) failed [ 3080.501062][T30210] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3080.513838][T30201] FAT-fs (loop0): Directory bread(block 70) failed [ 3080.524114][T30207] FAT-fs (loop4): Directory bread(block 73) failed [ 3080.525014][T30210] CPU: 0 PID: 30210 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3080.532030][T30201] FAT-fs (loop0): Directory bread(block 71) failed 20:14:27 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r1, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) (async) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000200)='.\x00', 0x1a404bc, &(0x7f0000000540)=ANY=[@ANYRESDEC=r1, @ANYRES64=r1, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRES8=r0, @ANYRES16=r1, @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) (async, rerun: 32) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000340)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="0077945b06cbf125c774eb9b2bc61e7443f9f376dc23b454ed29a91efa726d9c291a8213f10a2ccc8a487cbfa1c89680ff00000000000000b7b30bad442c953bd3d69942993876c50953df294ddf2a9f8aaefd"]) (rerun: 32) bind$802154_raw(r2, &(0x7f0000000280)={0x24, @short={0x2, 0x2, 0x555c}}, 0x14) (async) memfd_secret(0x0) [ 3080.540662][T30210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3080.540674][T30210] Call Trace: [ 3080.540682][T30210] [ 3080.540689][T30210] dump_stack_lvl+0x125/0x1b0 [ 3080.558342][ T5129] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 3080.560485][T30210] sysfs_warn_dup+0x7f/0xa0 [ 3080.580127][T30210] sysfs_do_create_link_sd+0x11e/0x140 [ 3080.581313][T30201] FAT-fs (loop0): Directory bread(block 72) failed [ 3080.585682][T30210] sysfs_create_link+0x61/0xc0 [ 3080.585714][T30210] device_add+0x669/0x1ac0 [ 3080.593311][T30201] FAT-fs (loop0): Directory bread(block 73) failed [ 3080.596944][T30210] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3080.596982][T30210] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3080.597019][T30210] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3080.597051][T30210] wiphy_register+0x2095/0x2ce0 [ 3080.597080][T30210] ? wiphy_unregister+0xb70/0xb70 [ 3080.597107][T30210] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3080.597132][T30210] ieee80211_register_hw+0x24d1/0x4250 [ 3080.597170][T30210] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3080.597204][T30210] ? rcu_is_watching+0x12/0xb0 [ 3080.597226][T30210] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3080.664495][T30210] ? __hrtimer_init+0x103/0x2c0 [ 3080.669344][T30210] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3080.675063][T30210] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3080.680775][T30210] ? rcu_is_watching+0x12/0xb0 [ 3080.685537][T30210] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3080.691440][T30210] hwsim_new_radio_nl+0xaf8/0x1240 [ 3080.696541][T30210] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3080.702515][T30210] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3080.709910][T30210] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3080.717291][T30210] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3080.722824][T30210] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3080.730187][T30210] ? ns_capable+0xd5/0x110 [ 3080.734595][T30210] genl_rcv_msg+0x55c/0x800 [ 3080.739094][T30210] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3080.744976][T30210] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3080.750882][T30210] netlink_rcv_skb+0x16b/0x440 [ 3080.755635][T30210] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3080.761550][T30210] ? netlink_ack+0x1370/0x1370 [ 3080.766303][T30210] ? rcu_is_watching+0x12/0xb0 [ 3080.771316][T30210] ? down_write+0x200/0x200 [ 3080.775807][T30210] ? netlink_deliver_tap+0x1b1/0xd10 [ 3080.781089][T30210] genl_rcv+0x28/0x40 [ 3080.785070][T30210] netlink_unicast+0x536/0x810 [ 3080.789830][T30210] ? netlink_attachskb+0x870/0x870 [ 3080.794931][T30210] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3080.800819][T30210] ? __phys_addr_symbol+0x30/0x70 [ 3080.805835][T30210] ? __check_object_size+0x323/0x730 [ 3080.811129][T30210] netlink_sendmsg+0x93c/0xe40 [ 3080.815932][T30210] ? netlink_unicast+0x810/0x810 [ 3080.820406][ T5129] usb 3-1: Using ep0 maxpacket: 16 [ 3080.820854][T30210] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3080.831215][T30210] ? netlink_unicast+0x810/0x810 [ 3080.836141][T30210] sock_sendmsg+0xd9/0x180 [ 3080.840680][T30210] ____sys_sendmsg+0x6ac/0x940 [ 3080.845462][T30210] ? copy_msghdr_from_user+0x10b/0x160 [ 3080.850912][T30210] ? kernel_sendmsg+0x50/0x50 [ 3080.855602][T30210] ? plist_check_list+0x1ae/0x280 [ 3080.860648][T30210] ? schedule+0xf1/0x1b0 [ 3080.864890][T30210] ___sys_sendmsg+0x135/0x1d0 [ 3080.869564][T30210] ? do_recvmmsg+0x740/0x740 [ 3080.874144][T30210] ? rcu_is_watching+0x12/0xb0 [ 3080.878897][T30210] ? rcu_is_watching+0x12/0xb0 [ 3080.883666][T30210] ? __fget_light+0xe6/0x260 [ 3080.888276][T30210] __sys_sendmsg+0x117/0x1e0 [ 3080.892859][T30210] ? __sys_sendmsg_sock+0x30/0x30 [ 3080.897877][T30210] ? xfd_validate_state+0x5d/0x180 [ 3080.902992][T30210] ? rcu_is_watching+0x12/0xb0 [ 3080.907765][T30210] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3080.913778][T30210] do_syscall_64+0x38/0xb0 [ 3080.918208][T30210] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3080.924105][T30210] RIP: 0033:0x7fc65907cae9 [ 3080.928515][T30210] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3080.936844][ T5129] usb 3-1: config index 0 descriptor too short (expected 16456, got 72) [ 3080.948200][T30210] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3080.948223][T30210] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3080.948240][T30210] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3080.948255][T30210] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3080.956804][ T5129] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 20:14:28 executing program 0: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") statfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000200)=""/197) [ 3080.964941][T30210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3080.964958][T30210] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3080.975951][ T5129] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 3080.980858][T30210] [ 3081.067405][T30212] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3081.078948][T30212] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3081.084870][T30219] syz-executor.4[30219]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3081.091989][T30212] CPU: 0 PID: 30212 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3081.104849][T30219] loop4: detected capacity change from 0 to 256 [ 3081.106716][T30212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3081.106729][T30212] Call Trace: [ 3081.106735][T30212] [ 3081.106742][T30212] dump_stack_lvl+0x125/0x1b0 [ 3081.106774][T30212] sysfs_warn_dup+0x7f/0xa0 [ 3081.114241][ T5129] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 3081.123012][T30212] sysfs_do_create_link_sd+0x11e/0x140 [ 3081.123055][T30212] sysfs_create_link+0x61/0xc0 [ 3081.123084][T30212] device_add+0x669/0x1ac0 [ 3081.123123][T30212] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3081.123161][T30212] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3081.123202][T30212] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3081.123238][T30212] wiphy_register+0x2095/0x2ce0 [ 3081.123271][T30212] ? wiphy_unregister+0xb70/0xb70 [ 3081.123301][T30212] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3081.123331][T30212] ieee80211_register_hw+0x24d1/0x4250 [ 3081.123377][T30212] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3081.123416][T30212] ? rcu_is_watching+0x12/0xb0 [ 3081.123443][T30212] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3081.123474][T30212] ? __hrtimer_init+0x103/0x2c0 [ 3081.123509][T30212] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3081.123550][T30212] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3081.123579][T30212] ? rcu_is_watching+0x12/0xb0 [ 3081.123603][T30212] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3081.123635][T30212] hwsim_new_radio_nl+0xaf8/0x1240 [ 3081.123668][T30212] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3081.123706][T30212] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3081.123753][T30212] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3081.123803][T30212] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3081.123847][T30212] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3081.123901][T30212] ? ns_capable+0xd5/0x110 [ 3081.123938][T30212] genl_rcv_msg+0x55c/0x800 [ 3081.123981][T30212] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3081.124026][T30212] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3081.124065][T30212] netlink_rcv_skb+0x16b/0x440 [ 3081.124098][T30212] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3081.124135][T30212] ? netlink_ack+0x1370/0x1370 [ 3081.124168][T30212] ? rcu_is_watching+0x12/0xb0 [ 3081.124197][T30212] ? down_write+0x200/0x200 [ 3081.124224][T30212] ? netlink_deliver_tap+0x1b1/0xd10 [ 3081.124258][T30212] genl_rcv+0x28/0x40 [ 3081.124291][T30212] netlink_unicast+0x536/0x810 [ 3081.124327][T30212] ? netlink_attachskb+0x870/0x870 [ 3081.124359][T30212] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3081.128699][ T5129] usb 3-1: config 0 has no interface number 0 [ 3081.130620][T30212] ? __phys_addr_symbol+0x30/0x70 [ 3081.130646][T30212] ? __check_object_size+0x323/0x730 [ 3081.135365][ T5129] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 3081.139763][T30212] netlink_sendmsg+0x93c/0xe40 [ 3081.139802][T30212] ? netlink_unicast+0x810/0x810 [ 3081.174421][ T5129] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 3081.175906][T30212] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3081.200980][ T5129] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 3081.203183][T30212] ? netlink_unicast+0x810/0x810 [ 3081.236496][T30219] FAT-fs (loop4): Directory bread(block 64) failed [ 3081.240370][T30212] sock_sendmsg+0xd9/0x180 [ 3081.240398][T30212] ____sys_sendmsg+0x6ac/0x940 [ 3081.240423][T30212] ? copy_msghdr_from_user+0x10b/0x160 [ 3081.240449][T30212] ? kernel_sendmsg+0x50/0x50 [ 3081.240471][T30212] ? plist_check_list+0x1ae/0x280 [ 3081.246408][T30219] FAT-fs (loop4): Directory bread(block 65) failed [ 3081.251430][T30212] ? schedule+0xf1/0x1b0 [ 3081.251461][T30212] ___sys_sendmsg+0x135/0x1d0 [ 3081.251500][T30212] ? do_recvmmsg+0x740/0x740 [ 3081.251533][T30212] ? rcu_is_watching+0x12/0xb0 [ 3081.251569][T30212] ? rcu_is_watching+0x12/0xb0 [ 3081.251602][T30212] ? __fget_light+0xe6/0x260 [ 3081.251631][T30212] __sys_sendmsg+0x117/0x1e0 [ 3081.251668][T30212] ? __sys_sendmsg_sock+0x30/0x30 [ 3081.251704][T30212] ? xfd_validate_state+0x5d/0x180 [ 3081.251758][T30212] ? rcu_is_watching+0x12/0xb0 [ 3081.251782][T30212] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3081.264169][T30219] FAT-fs (loop4): Directory bread(block 66) failed [ 3081.264981][T30212] do_syscall_64+0x38/0xb0 [ 3081.272447][T30219] FAT-fs (loop4): Directory bread(block 67) failed [ 3081.277846][T30212] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3081.277883][T30212] RIP: 0033:0x7fc66767cae9 [ 3081.277901][T30212] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3081.277923][T30212] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3081.277946][T30212] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3081.277961][T30212] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3081.277976][T30212] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 [ 3081.277990][T30212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3081.278005][T30212] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3081.278027][T30212] [ 3081.340939][T30221] syz-executor.0[30221]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3081.349605][T30219] FAT-fs (loop4): Directory bread(block 68) failed [ 3081.373238][T30221] loop0: detected capacity change from 0 to 256 [ 3081.382635][T30219] FAT-fs (loop4): Directory bread(block 69) failed [ 3081.397669][T30221] FAT-fs (loop0): Directory bread(block 64) failed [ 3081.406880][T30219] FAT-fs (loop4): Directory bread(block 70) failed [ 3081.413144][T30221] FAT-fs (loop0): Directory bread(block 65) failed [ 3081.420474][ T5129] usb 3-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 3081.442230][T30221] FAT-fs (loop0): Directory bread(block 66) failed [ 3081.442251][T30221] FAT-fs (loop0): Directory bread(block 67) failed [ 3081.442313][T30221] FAT-fs (loop0): Directory bread(block 68) failed [ 3081.442330][T30221] FAT-fs (loop0): Directory bread(block 69) failed [ 3081.442391][T30221] FAT-fs (loop0): Directory bread(block 70) failed [ 3081.449381][ T5129] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3081.453102][T30221] FAT-fs (loop0): Directory bread(block 71) failed [ 3081.457917][T30219] FAT-fs (loop4): Directory bread(block 71) failed [ 3081.457990][T30219] FAT-fs (loop4): Directory bread(block 72) failed [ 3081.466399][T30221] FAT-fs (loop0): Directory bread(block 72) failed [ 3081.468908][ T5129] usb 3-1: Product: syz [ 3081.468923][ T5129] usb 3-1: Manufacturer: syz [ 3081.468936][ T5129] usb 3-1: SerialNumber: syz [ 3081.470425][ T5129] usb 3-1: config 0 descriptor?? [ 3081.478841][T30221] FAT-fs (loop0): Directory bread(block 73) failed [ 3081.490896][T30219] FAT-fs (loop4): Directory bread(block 73) failed [ 3082.112420][ T1223] ieee802154 phy0 wpan0: encryption failed: -22 [ 3082.118791][ T1223] ieee802154 phy1 wpan1: encryption failed: -22 20:14:30 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_ADD_DEV(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x40, r1, 0x10, 0x0, 0x25dfdbff, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x1}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x40}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5, 0x37, 0x2}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) 20:14:30 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000008611000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:30 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x400300) 20:14:30 executing program 0: statfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000200)=""/197) 20:14:30 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r1, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) (async) bind$802154_raw(r1, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000200)='.\x00', 0x1a404bc, &(0x7f0000000540)=ANY=[@ANYRESDEC=r1, @ANYRES64=r1, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRES8=r0, @ANYRES16=r1, @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) (async) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000200)='.\x00', 0x1a404bc, &(0x7f0000000540)=ANY=[@ANYRESDEC=r1, @ANYRES64=r1, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRES8=r0, @ANYRES16=r1, @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000340)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="0077945b06cbf125c774eb9b2bc61e7443f9f376dc23b454ed29a91efa726d9c291a8213f10a2ccc8a487cbfa1c89680ff00000000000000b7b30bad442c953bd3d69942993876c50953df294ddf2a9f8aaefd"]) bind$802154_raw(r2, &(0x7f0000000280)={0x24, @short={0x2, 0x2, 0x555c}}, 0x14) memfd_secret(0x0) 20:14:30 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000060f94d100d05020027230102030109024840020000000009047d00031d5abf0009050400005539000009050b00000000000009050200000005000009"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) [ 3083.018122][T18894] usb 3-1: USB disconnect, device number 33 [ 3083.052870][T30234] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. 20:14:30 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="410f009c15488c0f8949b85c4eb34134285ae20021ea3f978352b0f968997793", @ANYRES16=r2, @ANYBLOB="4d7e00000000000000002a00000008002f000000000005003600000000000c0005000000000000000000050037000000000008000200", @ANYRES32=r4, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000040), r5) 20:14:30 executing program 0: statfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000200)=""/197) [ 3083.061564][T30235] syz-executor.4[30235]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set 20:14:30 executing program 0: statfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000200)=""/197) [ 3083.105976][T30234] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3083.116374][T30235] loop4: detected capacity change from 0 to 256 [ 3083.134119][T30234] CPU: 0 PID: 30234 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3083.144186][T30234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3083.154225][T30234] Call Trace: [ 3083.157489][T30234] [ 3083.160406][T30234] dump_stack_lvl+0x125/0x1b0 [ 3083.165078][T30234] sysfs_warn_dup+0x7f/0xa0 [ 3083.169581][T30234] sysfs_do_create_link_sd+0x11e/0x140 [ 3083.175031][T30234] sysfs_create_link+0x61/0xc0 [ 3083.179791][T30234] device_add+0x669/0x1ac0 [ 3083.184204][T30234] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3083.191056][T30234] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3083.196949][T30234] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3083.202926][T30234] wiphy_register+0x2095/0x2ce0 [ 3083.207767][T30234] ? wiphy_unregister+0xb70/0xb70 [ 3083.212778][T30234] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3083.218828][T30234] ieee80211_register_hw+0x24d1/0x4250 [ 3083.224279][T30234] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3083.229815][T30234] ? rcu_is_watching+0x12/0xb0 [ 3083.234562][T30234] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3083.240529][T30234] ? __hrtimer_init+0x103/0x2c0 [ 3083.245368][T30234] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3083.251079][T30234] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3083.256784][T30234] ? rcu_is_watching+0x12/0xb0 [ 3083.261536][T30234] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3083.267416][T30234] hwsim_new_radio_nl+0xaf8/0x1240 [ 3083.272513][T30234] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3083.278394][T30234] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3083.285756][T30234] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3083.293121][T30234] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3083.298675][T30234] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3083.306044][T30234] ? ns_capable+0xd5/0x110 [ 3083.310454][T30234] genl_rcv_msg+0x55c/0x800 [ 3083.314948][T30234] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3083.320832][T30234] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3083.326719][T30234] netlink_rcv_skb+0x16b/0x440 [ 3083.331480][T30234] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3083.337367][T30234] ? netlink_ack+0x1370/0x1370 [ 3083.342122][T30234] ? rcu_is_watching+0x12/0xb0 [ 3083.346873][T30234] ? down_write+0x200/0x200 [ 3083.351363][T30234] ? netlink_deliver_tap+0x1b1/0xd10 [ 3083.356648][T30234] genl_rcv+0x28/0x40 [ 3083.360626][T30234] netlink_unicast+0x536/0x810 [ 3083.365386][T30234] ? netlink_attachskb+0x870/0x870 [ 3083.370504][T30234] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3083.376430][T30234] ? __phys_addr_symbol+0x30/0x70 [ 3083.381447][T30234] ? __check_object_size+0x323/0x730 [ 3083.386727][T30234] netlink_sendmsg+0x93c/0xe40 [ 3083.391506][T30234] ? netlink_unicast+0x810/0x810 [ 3083.396437][T30234] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3083.401717][T30234] ? netlink_unicast+0x810/0x810 [ 3083.406646][T30234] sock_sendmsg+0xd9/0x180 [ 3083.411053][T30234] ____sys_sendmsg+0x6ac/0x940 [ 3083.415809][T30234] ? copy_msghdr_from_user+0x10b/0x160 [ 3083.421261][T30234] ? kernel_sendmsg+0x50/0x50 [ 3083.425926][T30234] ? plist_check_list+0x1ae/0x280 [ 3083.430943][T30234] ? schedule+0xf1/0x1b0 [ 3083.435174][T30234] ___sys_sendmsg+0x135/0x1d0 [ 3083.439845][T30234] ? do_recvmmsg+0x740/0x740 [ 3083.444428][T30234] ? rcu_is_watching+0x12/0xb0 [ 3083.449338][T30234] ? rcu_is_watching+0x12/0xb0 [ 3083.454123][T30234] ? __fget_light+0xe6/0x260 [ 3083.458735][T30234] __sys_sendmsg+0x117/0x1e0 [ 3083.463332][T30234] ? __sys_sendmsg_sock+0x30/0x30 [ 3083.468359][T30234] ? xfd_validate_state+0x5d/0x180 [ 3083.473472][T30234] ? rcu_is_watching+0x12/0xb0 [ 3083.478232][T30234] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3083.484208][T30234] do_syscall_64+0x38/0xb0 [ 3083.488791][T30234] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3083.494677][T30234] RIP: 0033:0x7fc65907cae9 [ 3083.499126][T30234] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3083.518726][T30234] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3083.527122][T30234] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3083.535081][T30234] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3083.543045][T30234] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 20:14:30 executing program 0: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") statfs(0x0, &(0x7f0000000200)=""/197) [ 3083.551005][T30234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3083.558967][T30234] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3083.566933][T30234] 20:14:30 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="410f009c15488c0f8949b85c4eb34134285ae20021ea3f978352b0f968997793", @ANYRES16=r2, @ANYBLOB="4d7e00000000000000002a00000008002f000000000005003600000000000c0005000000000000000000050037000000000008000200", @ANYRES32=r4, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) (async) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000040), r5) 20:14:30 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000005d12000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:31 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="410f009c15488c0f8949b85c4eb34134285ae20021ea3f978352b0f968997793", @ANYRES16=r2, @ANYBLOB="4d7e00000000000000002a00000008002f000000000005003600000000000c0005000000000000000000050037000000000008000200", @ANYRES32=r4, @ANYBLOB], 0x40}, 0x4, 0x700000000000000}, 0x0) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) (async) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000040), r5) [ 3083.651923][T30249] syz-executor.0[30249]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3083.659155][T30251] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3083.675130][T30249] loop0: detected capacity change from 0 to 256 [ 3083.697854][T30235] FAT-fs (loop4): Directory bread(block 64) failed [ 3083.704691][T30235] FAT-fs (loop4): Directory bread(block 65) failed [ 3083.714868][T30251] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3083.720012][T30235] FAT-fs (loop4): Directory bread(block 66) failed [ 3083.723065][T30251] CPU: 0 PID: 30251 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3083.739326][T30251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3083.749463][T30251] Call Trace: [ 3083.752869][T30251] [ 3083.755404][T30235] FAT-fs (loop4): Directory bread(block 67) failed [ 3083.755857][T30251] dump_stack_lvl+0x125/0x1b0 [ 3083.764412][T30235] FAT-fs (loop4): Directory bread(block 68) failed [ 3083.767130][T30251] sysfs_warn_dup+0x7f/0xa0 [ 3083.767185][T30251] sysfs_do_create_link_sd+0x11e/0x140 [ 3083.767208][T30251] sysfs_create_link+0x61/0xc0 [ 3083.767227][T30251] device_add+0x669/0x1ac0 [ 3083.767272][T30251] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3083.775898][T30235] FAT-fs (loop4): Directory bread(block 69) failed [ 3083.778349][T30251] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3083.778416][T30251] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3083.778455][T30251] wiphy_register+0x2095/0x2ce0 [ 3083.778484][T30251] ? wiphy_unregister+0xb70/0xb70 [ 3083.778529][T30251] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3083.778553][T30251] ieee80211_register_hw+0x24d1/0x4250 [ 3083.778597][T30251] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3083.778624][T30251] ? rcu_is_watching+0x12/0xb0 20:14:31 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="14010000290001000097ffffff00000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3083.778648][T30251] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3083.778674][T30251] ? __hrtimer_init+0x103/0x2c0 [ 3083.778702][T30251] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3083.778742][T30251] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3083.800657][T30235] FAT-fs (loop4): Directory bread(block 70) failed [ 3083.806927][T30251] ? rcu_is_watching+0x12/0xb0 [ 3083.806978][T30251] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3083.807002][T30251] hwsim_new_radio_nl+0xaf8/0x1240 [ 3083.807033][T30251] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3083.807057][T30251] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3083.807088][T30251] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3083.807116][T30251] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3083.807143][T30251] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3083.814525][T30235] FAT-fs (loop4): Directory bread(block 71) failed [ 3083.819098][T30251] ? ns_capable+0xd5/0x110 [ 3083.819128][T30251] genl_rcv_msg+0x55c/0x800 [ 3083.819157][T30251] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3083.824760][T30235] FAT-fs (loop4): Directory bread(block 72) failed [ 3083.829012][T30251] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3083.829044][T30251] netlink_rcv_skb+0x16b/0x440 [ 3083.829072][T30251] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3083.829100][T30251] ? netlink_ack+0x1370/0x1370 [ 3083.829126][T30251] ? rcu_is_watching+0x12/0xb0 [ 3083.829152][T30251] ? down_write+0x200/0x200 [ 3083.829177][T30251] ? netlink_deliver_tap+0x1b1/0xd10 [ 3083.829212][T30251] genl_rcv+0x28/0x40 20:14:31 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="140100002900010000000000651d000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3083.829245][T30251] netlink_unicast+0x536/0x810 [ 3083.829281][T30251] ? netlink_attachskb+0x870/0x870 [ 3083.829310][T30251] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3083.829349][T30251] ? __phys_addr_symbol+0x30/0x70 [ 3083.829378][T30251] ? __check_object_size+0x323/0x730 [ 3083.829402][T30251] netlink_sendmsg+0x93c/0xe40 [ 3083.829428][T30251] ? netlink_unicast+0x810/0x810 [ 3083.841067][T30235] FAT-fs (loop4): Directory bread(block 73) failed [ 3083.846466][T30251] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3083.846506][T30251] ? netlink_unicast+0x810/0x810 [ 3083.884568][T30249] FAT-fs (loop0): Directory bread(block 64) failed [ 3083.884747][T30251] sock_sendmsg+0xd9/0x180 [ 3083.890908][T30249] FAT-fs (loop0): Directory bread(block 65) failed [ 3083.895802][T30251] ____sys_sendmsg+0x6ac/0x940 [ 3083.895836][T30251] ? copy_msghdr_from_user+0x10b/0x160 [ 3083.934200][T30249] FAT-fs (loop0): Directory bread(block 66) failed [ 3083.936117][T30251] ? kernel_sendmsg+0x50/0x50 [ 3083.936183][T30251] ? plist_check_list+0x1ae/0x280 [ 3083.936226][T30251] ? schedule+0xf1/0x1b0 [ 3083.936251][T30251] ___sys_sendmsg+0x135/0x1d0 [ 3083.952510][T30249] FAT-fs (loop0): Directory bread(block 67) failed [ 3083.957816][T30251] ? do_recvmmsg+0x740/0x740 [ 3083.957890][T30251] ? rcu_is_watching+0x12/0xb0 [ 3083.957928][T30251] ? rcu_is_watching+0x12/0xb0 [ 3083.957948][T30251] ? __fget_light+0xe6/0x260 [ 3083.957973][T30251] __sys_sendmsg+0x117/0x1e0 [ 3083.958007][T30251] ? __sys_sendmsg_sock+0x30/0x30 [ 3083.958028][T30251] ? xfd_validate_state+0x5d/0x180 20:14:31 executing program 0: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") statfs(0x0, &(0x7f0000000200)=""/197) [ 3083.967399][T30249] FAT-fs (loop0): Directory bread(block 68) failed [ 3083.968784][T30251] ? rcu_is_watching+0x12/0xb0 [ 3083.968832][T30251] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3083.968862][T30251] do_syscall_64+0x38/0xb0 [ 3083.968912][T30251] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3083.975295][T30249] FAT-fs (loop0): Directory bread(block 69) failed [ 3083.979626][T30251] RIP: 0033:0x7fc65907cae9 20:14:31 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") r1 = syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161553aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) bind$802154_raw(0xffffffffffffffff, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) r3 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setresuid(0x0, r4, 0x0) r5 = socket(0x10, 0x0, 0x0) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, 0x0, r6) setregid(0xffffffffffffffff, r6) r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000004200)='/proc/bus/input/handlers\x00', 0x0, 0x0) r8 = getpid() sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x4) r9 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setresuid(0x0, r10, 0x0) r11 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r11, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) r12 = open_tree(r0, &(0x7f0000004240)='./file0\x00', 0x801) r13 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r13, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) r14 = syz_open_dev$sndctrl(&(0x7f0000004840), 0x8000, 0x288300) r15 = fsmount(0xffffffffffffffff, 0x1, 0x1) r16 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r16, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000048c0)={&(0x7f0000004880)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x800, 0x0, 0xffffffffffffffff}) r18 = openat$null(0xffffffffffffff9c, &(0x7f0000004900), 0x404001, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004980)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000200)="d1dbb94ee6ab9cee56cae49a4a84d793510b7efac524efc022757512b1d00e52fed74feae94d024d61e78b7877c4d5cdfcc65a63f5a41517496b1170a9149724156f0d74743baa5aa11d95d728e59ea74afd5a", 0x53}, {&(0x7f0000000280)="98ddc33de3292af754ca0c412b631044a57cdc8aaf694dd41dcabde0b6a1303daec73ccef656e8bb4a26d526fae40fe0ab62067afb098e7867b480a3a9d101ca1da7d106095eca112ba0fb03f212e0272f75ea4620df6034dac376c63141a49d44b7d995f5346dca63d22752a51556ba980aad10cd000e0c3740beb5ba32", 0x7e}, {&(0x7f0000000300)="e2a450d5749afa3ecd92019986fec6d34c114d0ff4f09de6ea50f13a803171159ed02e11a42dab7d95447153b0351e8246704843edfd802e2661592d6bf55e028df1048a772cf26a682e457c7c2099b28d21460e833a2c88f38faac3830fe9318770f09b6e22140348581be88fb782e9bfd0b41266daa230", 0x78}, {&(0x7f0000000040)="f4886e3f7c9a50d6dbf45e30953774865d2a071091ef6c02c74a6db738374a816caf41f7e56072278ed7", 0x2a}], 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="14000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="000000001c00000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x98, 0x4000000}}, {{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000740)="693cb84232d9b4a3e37712a657c68530ca9cadd8b0d96f5ab59f939d477ce880269fdb190813c03e20fe29796e3b4bdfea1d41bb478a49bde443dba335bcca", 0x3f}, {&(0x7f0000000780)="b2de0d7734541bbcfcf57cbf81eb9e52943106d85736e0092ab03dcb25fa637a89506400937d1d616db61d820280a303a5b04e4d4cfdff39b2d4d5b072e89bd1b10f142ea3faf99f9c75dd0012be9db40530a6db54cb8ff90a4a07da3e17c5498228e6fd2756d3cd42a8d647f35c0cfc428ea2a75f950c49cd8c8844d7237e187a2dfa1d0c18cc6b18a70e4149c7cab924f3c10a4fadaf69790a625ed7", 0x9d}], 0x2, &(0x7f0000002d00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, r1, r0, 0xffffffffffffffff]}}], 0x70, 0x8c0}}, {{&(0x7f0000002d80)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000003e40)=[{&(0x7f0000002e00)="961f5bc287ef4132659151f611e2cc1ad2872f45643654c25d727c46750209c40d4d56a4899952c5762ba02d5344fdabc0f955f9dcfb1e9d6c972e12270e84d669e9c2ba3646a2801acd2d302cee995cae0d98d7d7062e050e7e649b8d9721499071e84d6a5d51d2b10031673f6baacc031f5f6d45a1d422aa53db6e88e1d64785946c15a004a6a20ec4122bcf6f35b8d941adbb4921eb27e207d2b4ee10dddbca0bc478266a8246a22336e7e9ea5accda583b1adb88c6f44e5f26f1fe2f5de1aa8d66f5b3508eb03d58b2adf8f82945391cf799fc90bef54882d1078bcac4454e0589b870bf80928f7cf3069d8936e2cdb03adc82a330f568c54e897ba445a8a982a738b569aacddf40ac8d8072aea8806ec890a363437be88f7712a88fd552336aef6628b65622012c2092ff98c0aac57fd1e49ead741f5a7770c8aa37c2759d81feea033eb2112458da8a078f94fc619bdc86f57e951ef0766250b0e8ba98b661a4a3946e0f7c20227ae327a38b066d651a89ff4248a3c9b13ff854e276e10a0599daec747c80ab07cc425ad5c59d21bcfa9c68376018384afcfd16c38d155cc8cbe0bccaca59a3553ad6306ac8f8b49b3bb17cd1a1d91d1fb2b6ddb1e22de6985ff956e0fd205bfdeaef38a353414740f6a9c4bc94efb225c94f7ea36f0505a07edeeb21628ac6d1c055279730febcb3ba458a280e26a7ab020977a31f4dc73e06a4777a7ed465e85400c0b002567d6447bd3e30959555f251300bce87c1d3b4bbe15e9521c4e9e62b60603a438e00c368bcac19126acf0a93bf293203e3901335b6287edb3a80139f57fb1d5ef9095737c7cbd17976e900725e6ea9ad2b1bbc5d647536b0fbaf426c73337c028c1fe6a608d9e9306dee9c69f0e531689954c309a4235107bfce6ade923d528d36da5fff76d50b12e817d919f450dfac2f86e37730e20ab87be6667b28ecb0203b23f49fa3e6ebcfd9d707f0c76e51b459699ce9a50ecda452da4e87f121887ee54c4505a59b2b02a873366b73d00eead8d5b35597ae6b5fa2b4c45199bfb35c4947b25bc7ffd74845919885ae650573fa0a802ce0b00d6fb149de92ebf4d26ff9a50259e22d3d6ecd348bda522f1d91ade3e459fa0ecde1d3ed089f4a283414c1deca4db7721d8a6a47bbedb62b258092938a7bd87c2caca2e7c31030495f15d194cbf0b85959734400cf9d1afb41c6087bb18fec30759f59b7968ef3d11d512e99e44d01c8b9b2988b2754150208ce36f60f4ccfbf2f0b32990e2f6988a6db2d1925a8a752977162363f3388ca00c72ab7d94a02b4881c3741f2642183e4db0ecb62696cae7829a8f248b62b10a648d79dc7973411f567effc52eb186bf95821be8426e8e756716d031a47dbd4976a88ebe620f21a17abadaf4078c64996ab0c95d04fbecf0f8397edb1c2675d4cc9b91112921891c931eb9acc6fb6192efd28964532a9b151e78cd1fb95709dd7ff569205fcb0c22a5dc9ca1e7a12f5835ed8edda8d1eb7a2bc93f9b6571eee983a19615ca839d8d4a7513b0711154e5b243c464dcf06018a53544de9cd88d368addc0f9b706732d82dd82c54cf5dcbfe97436cc36fce1dc60bf44b09c699c258df25e355c5ac96e97d9b7fb687b54f4696cef95fccf9e8d29adb3c2cce599b8c8a6b414edbd1252ed1f275d5962fa529fad181efa016d42dff0637b451d2ca3110f7ca28c7dfa25f74d8eb5fbce9a8133368bd43cf711d4263568c6542d049d393ace5c7294939ee163fd8e1ad852d62ce45e8eb5cf6fd2c00c387c934c9a5f5c631f00c0032c9878b69fd68d9af187d87ecaeb0b6790461a208f38b93dd07ce8767c47fea407655a4c1db58edb6f91bbd4c9c98ab97dbc4d3d00036924b20e05c348c43713b89164471574a5016d14ae181cbbd24a811201939eac1b6771ac2562fbd722d8013703c9d32e0d4c15a436252de697d9da5a0a5626407a6ff7b5cac7b27c6be7d9bff99f8fdeb53efced619bdf0300c37c92154c5576d6cb2dbcfd82a58753848269474819e4d5d18b9b15d1e373107352a9972d1c113f092706b31768311dbd08c7387b69dc6a723f01c60a9db17298f9855f8ffff3f74bff1764a2a7809128ea12974fc65bccfcb772401acd28d6e7be0ab514c7e0b6a7785f58c861e33ee107f1a6342b5ebeab8ad810391945a79afabf22f7db1b494ea56615424b445e5c86f6c509f5bdea3fed65fef45ecea67d297e8c3a8dc2334c24e63a4a832bc8ac5af8672831078fcdbe1ccecf204dc02404a0dae32231ab2ad629b03f2935ed6b671420cb4055977d0a518eaec74ef1bdfd1fafd0d99c7517298599af558db193fc8026a6f81df1a9c83d9359a55b5e5761f589292af5409428708ef7b1a996ae50b71728fcc6882bb0eff0b1e77287b39d379e8c26b6bd53181668d6dbaa799390d58719f269170bb9107af9d3af2dff9979768d3bf645f697ccf4143fea1c4c07916f177b586f5c3058845438a4402fb613b05b12933156a57018f42fbad5f94aab29dc722153a0fa080c70e75be4ac23e7e219bf607beb5e9be79ceb95b391b0f20cb1bdd6e9d3cfe89ca126883b7030ad2c2dd059dafecd26a0cd40d1633a1c1ad279b8989a861241da88d948eb388f1b049f94c4442a2d1a8fdddfe050fcbc8d576ac9afcc9ca2bea87b1a34ad8da17144b003f98367e9e2d80ae6b5f2f923576bcd866877e4a8d55a5368d0372f5049bd36aa5132a3b7ce00ec2ddc7f16e8c64caeadc006adb8c6889bb383f417b0525aa5d5083e09d7d642ec891a5a88faa0f161ba23f2d2f75e3b96cd637443edab2bad6a7cc90ec183d83d764f86f7af8309065be13532d3f968d32730bd88de1cddb48e52239d093deb29db9c28c2890d5bda3fe864bce1bb520c77402e3892d1c845fda13a7ab7bd1f64a1f518fd635c535bf619e2aaed1496855e6e3ebd270071fca5a512d8fb348b3421c7b12582d7fce2799d4692610d316de627c91144c12faa6a6f4012e57b0a3c7c1829e32a354f3ffe537fcef24d439923777b5bbbef75328602ee71f2b800f3bf78912474768b3a6dfe3970dde8e726c99d332c67af91e98fb9a49cdad32fed7f318c8227c771fe4e3a1ef0c0769d2139edf083c7b3b96ed048fadcd76905b1d1a0ef5b2be12daafb6c85485b56851a3b7ad857a89a81dafe3f4b1c6890fd91147f0770c4144213cb5c16814c64ed7d88d496e8fd38bc340b9c855da362f11a8cbdef0e4fe545ca8b168de47d09efd2ac635fc5fa27897280fd4b8cd34a922da6e0d3cf0e29fbbaaf04bce38b32b6f303cff4b276e9d98f423c107a67e138d67f6aaa365e9627fd55150153318f88c3e861f7673933230f85bae3fc128a015118cc1103bc6ead91dbce103a1ae1fbf19860b45dcb0c4efe906a3ece6ae9da3f3ee7193c4db89133096fe6be5a8f59277bfae8c1c190a45b8448ecf6977ea628082cd74f374a294a821a4fc6dea56bf9366a6a0bad3c6706b292544c0b40546d119aeabd012f2e731e9cd59d9b7fe42ff67f2e90cc709121948ed47f2b23616bd03e740bbf046808336623e3f1c2e466614bae67ca814afc750e0fde4f4d410b5a07eb8fbf49d75a04024a3e243bfea49e70c5af60aa8b1ad2b91055babff678fd06fc4a76eb8943a673c032db1ed15f811b24b16a39d7562768137e6763602d429ac7a4357ff03570877ee473c0c450172cf378532c4aa64f88a20a812cb9545001247064951d52f7ea77d5a76486789136f4b3d584a49b430638c7f73a569df6a16e27aa2e58451873052be3016f389d7da4304cbfa546e82c48d1e2d5c37aef2d207b99ce831de8dadb5e03c8ec8c5fc14e1c1056f493b9c22d2531e8e1e801505d8430ec6c656a326156895ee987d48ce696ac8651b4860d0ec8559c63a3a88793930747baff2fce0fb258025a3b09035aebbb40ede7c1e802fec711b06397edddc62f3c7f992693fec044dc6e8af95a8bb34368a8a7a2feef21a739edd0458dcbf1808e45868768017bbc3fda31f3d55e94e4f8c68772e19038c3d8aff5de988bf8d5bc5d92b24df95fd344d0f901e983b4dcf1a3fbc1f5e5125774db410df62b436da8f6d5ccdd6d2f0470ff55b7bfd71ea7fe179e4033674b2049822d59650602ddd13f53afffe9c3faae3d5a6deb53d50183bdaa7128fd6d1d1bd7dea347a3f2d664bd0a6be98f7a516b99abdcd69459bebcde08d8dcc6fdd80529f55870c50a8acdf8c051d9fc48172dda7a48b5ae28908feb0ccf9900cc30538e186eedc9244f3db96b246cbb6957aeb3efae81596533aba34f381cc49720fe3a5267d0529225e49b600211aed1a4331ae6ddf1f97af29643322b8adffa10a9397015d4078cd271ebc744788c7aa19b59e44f742e987211bfea155bd72c9f2dabaa6067d10da94d0109fd96d591fbb83f11417cf0467a20a8c290b21c489d24502af0ed6932feb44bb80e1c24194e461979c1d3959bfdf8c3d99edd2327eefae9fc5ca3fa4e0a2141be1210764259f19913388e26603cb53766bbb37e51276adb8ff5258f995501b92e21e01d613dd16beefba6c0071f211afc830de400970acff9bd015708fecc1fc5f340a27e526e7dbb3c4d24aa8f3f693bc69aa1f3826dcbc12ba6dd5846e8c4f37fd4c4e3dd9f9c2b86032e15e3f48491976d3e9e3f2b29a31ccf0ce323c6c99c1a136ac8601d8a8a13a5fc62f92a7845222f36e0ba861b1c472b863a675efbad648cd159490a211e0d0c6ab403342661c45340d217053ef26be30735d02d10dfb8151e2f3ef958b4adcb438c5e9734d2e1f0959ca3ac2bc6ff1f432f82f9b9df568f8251150bbf49757c90bcaba76bfea6fd3ddb433c166ef78dd5162a337f4b319058ef67b92cddc1bb48ef36c0b8b4afa2494a1b09f777bbc486fc2c8a47e9a4b51351a60853dd6978ea6c8b08fd8b14170264d6092279e526ea2db005f6d7d9e03cf881966077a9841ffef7065a60096a9bc2b7e48bd7203250027bce83093bb06e9ca1cfc829bc7f8beeebf493462c7d41d1ffa57e3f6339f5f48a90fee07b16e79009d8d70689a128bbaff1cfa268d10142cd9a02d2fae8b08730e1eada2f2e775e0e950053d1f54416ba526bbb46755911bcc7229ffbd620b9e1ccaf5ace8fbca880daf4ed83b5583ad1836c58ec7cbc3f2d794bb094f06d7960e9f736e480c249cfbe8309c8f89a35b5c63bd55a2689a30a5e8bd51d8d09732e976ea0672377df66ad1065d316265737da2d84a718ccf80d13539d4592c8e23c47caa65b753445024a1b38e4bc1af11cc55ce8abb0fdb085f63344cad2bbd910d6b10ba7482050baff72e45d7ac2d81673ef95b4fd181be36b82cd2ba3d22a2038c46c707facf5c45107c46556a28cb7b3254ebcaa1196077d4fbd5f3c18d0e09522c52639ee7fb36b9469d623411525959d81fe6f178eaac9c28407e0aa1777cfc7c2f31b4f63a14b554f102f833fb69a2db164c12209bbda662c0abf4d9b0f8f55eb900b5926b148f2b89329ec04be765e36c80d2dfbd3ba7e01ac90a87c01ab1f766c57451c4ca8036f6691635693e93f29661b618ccfdadada254f230194a163a0623b8fc2bd2b7c98d188310ca754f93303b8058ee4a59f8c48ea4bf67448b9d5a9b5380be155c80168992f2779611abca6f111e7e13e111a5827eb9dfad6a4a3783e1212bc353fb8b16b8f57807cc557f8e523638cc16e7a722290ed1b95cf11260dec7fc510495488749318eae8fd641ec9b9c7ffcbc8c38", 0x1000}, {&(0x7f0000003e00)="f170facd9f3dffbb79e5b5ab9263998a3d9ee2046dc389ec478d5d57990c040f12b2c7d67722b57a9151b417", 0x2c}], 0x2, 0x0, 0x0, 0x8000}}, {{0x0, 0x0, &(0x7f00000041c0)=[{&(0x7f0000003e80)="83d22758160220f0e49935961d36dc3c9840412ab969e299f92c57258d1ed58dc2f7855f2992e66a5bd56c94dbfad27d4aab107b2d54c587dc15d88577daa02b65f7b0e48171894488eb36e57dd797021d03eaccf6965ed53f06cba15bb5d3c99dfbb686ef24222c946afc7b2c0609659e98323419", 0x75}, {&(0x7f0000003f00)="9e091a65255f455753d166d01c602900170a7ff3d793ad1a67437da02e26d915426ac0eda01e11c71480a5d35badeadfeff2d3c8b70c48a10ad3741909889c8b7392a7629f2f5e98328bd8ef75156cf50b59f58e9430ecc021af4ad7f93ed6f9463f8488af18071bdd190158bd212a97a8af9d79efc8949c3fbca32f4539867750ab222648a374b04a7d86d1fea320fe9e23ea030da84b2586ff187dc23fce9b223985003736965311931535ec4778eceb257fbac375190b470995e7933ae440c333f5538653e57e1a73eb8e86cfcc4184594409396e15b5", 0xd8}, {&(0x7f0000004000)="b2ddb56df2e7630282f79e7354a980c496c0d04657ca9dc0cb56ee20e858c885e924b06f099277d77d4d0cc3440d7fb3fb3fa1d26d899570dfd977240fd789c7cfe752ca67940aa0e1aaef60abc714e5d2935e40242c7c71e4a59c49e47edd0dbe576c785f2e82220f490ffa93fa029803bec9efe11710ec43b61fed74f5b3a16181678d0306b623659fb3afffa23255cd56b31d83639077086ad043cb6fd8a51811b3993264fe2f2bcb260161b32764c658530a40d441bd830410a0c6b5dfc60d1b3032ce8e7565d69fa92747e11337a742ee303e95f0d9c2fff3b07b08bd2679cf768417cfef9343", 0xe9}, {&(0x7f0000004100)="a6699fa2a1eca34c96079aab170800e5363231356d0c81e1a964806b1df819e49888071200b5fda5528c1cfa1fb9d3da0b94ebab7e00a369408321c34de92c7ce2e0de28ae7b0b1bcbdfff0cb27720890eef1dfae0500429af82611ae7b97aa28a07886e484170965353caf01eb841f27dafb2e1dc69f134802bf71dcd997966e7e03463fde379990dca2bfe4f155274992b2d37b11511a18dea317612a3fc7641455b83bec2ab68a50d86aafaf84dcd17421fd284f42fc960ee237e", 0xbc}], 0x4, &(0x7f0000004280)=[@cred={{0x1c, 0x1, 0x2, {r2, r4, 0xee01}}}, @rights={{0x14, 0x1, 0x1, [r0]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0x0, r6}}}, @rights={{0x14, 0x1, 0x1, [r7]}}, @cred={{0x1c, 0x1, 0x2, {r8, r10}}}, @rights={{0x14, 0x1, 0x1, [r11]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xffffffffffffffff}}}, @rights={{0x14, 0x1, 0x1, [r1]}}, @rights={{0x1c, 0x1, 0x1, [r1, r0, r12]}}], 0x100, 0xc1}}, {{&(0x7f0000004380)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000047c0)=[{&(0x7f0000004400)="65cc71b1094ba5f33c0f3de31ae34f269a19b7f1184d7d352cd9524af19a47d3964d73b1d7e64499eb5b0cb8386d22b950b548140b2b04389fa6fafaed71bdb383672591a8b8513471f8a3c973400883c88284186f413b5d7d03464816227fda8c1758464699e62c54c9ea79afcf460069ddf110199a5bb2c3eeeb52ab5d716f72502c883afcb9180fcfb0c5b37c050985b3834816d7e12d6480d7d77c62f64128d69fb0ef44db9ed5c3de0bed8989e3b0665f6a2270f58e5e08f7ef52a25b95c1158db422", 0xc5}, {&(0x7f0000004500)="8ddfaa3038a9ecf8d65c3717ea007f906b8106d3331ae0158521d862557db228", 0x20}, {&(0x7f0000004540)="d06345715927494c", 0x8}, {&(0x7f0000004580)="1da1072d5fef14538ad316730f42dfb2e21990e351e8230dc4e2a44b841aca267ce5eda40e1dc704ce33c2cdd996b13b60b837d3b9b66d183910d7e160f7a302c165967a1030fba1e4476d7e2a23feb86d6860545667ae682537732a7dd2097a8b5d6c9fe3f2b1a6786738ed6ae64f18d7c9b0b00d1fb64f9dec3fdbe9bd5b35ff249b4ed2d0eb92d115632edbe740fbb0de7ae26ecef1b3f449968d02f1eafce20b6c0d0fde0f67cbf67627582e0999bdd24f363708e5", 0xb7}, {&(0x7f0000004640)="2e2ed5b65232cac3b573836e7f7a04602430a27546e85ec927a629b02bcc668012785c2908f980abcf75fbe696016e97ca067ef2782614a92f5ae434058757fd07fa18640d9bce604ac80d0d96dffd4b9f0b1dcf0f386c2589b2d0cc0fd2a25c", 0x60}, {&(0x7f00000046c0)="aa89942f4d8cdd2c7c9cb3d864bf51dcca8a980e82abde0af3aaa143ffa2a3935ea9a0bce4bcd5bc9ae2e83b98abe1da97bf634a6b39bd264e078fd76d4979eda097136540197f0b63d2182d8b03e4db871eaf6ec86caa83fdd600cd1380f0de8233cd4e03a302fbffbafe23343ab28cc0a3a0ceea7fa8070b", 0x79}, {&(0x7f0000004740)="22caab43e7124434508474dd5b3fae6678b0bb1eabaa3b31530410d6831f17eb9479fa40c77045f73bd5967e4e2a65fa2a7887751c50395f1e8da0ec333dc67b6e3e1540bb0fa19b22b712f9", 0x4c}], 0x7, &(0x7f0000004940)=[@rights={{0x24, 0x1, 0x1, [r13, r14, r15, r16, r17]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r18]}}], 0x40, 0xc001}}], 0x5, 0x8811) [ 3083.979670][T30251] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3083.979688][T30251] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3083.979713][T30251] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3083.979725][T30251] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3083.979737][T30251] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3083.979747][T30251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3083.979759][T30251] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3083.979777][T30251] [ 3084.015602][T30256] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3084.017231][T18894] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 3084.095425][T30249] FAT-fs (loop0): Directory bread(block 70) failed [ 3084.105892][T30256] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3084.109900][T30249] FAT-fs (loop0): Directory bread(block 71) failed [ 3084.116000][T30256] CPU: 0 PID: 30256 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3084.123148][T30249] FAT-fs (loop0): Directory bread(block 72) failed [ 3084.125290][T30256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3084.125303][T30256] Call Trace: [ 3084.125310][T30256] [ 3084.125316][T30256] dump_stack_lvl+0x125/0x1b0 [ 3084.130719][T30249] FAT-fs (loop0): Directory bread(block 73) failed [ 3084.134627][T30256] sysfs_warn_dup+0x7f/0xa0 [ 3084.134660][T30256] sysfs_do_create_link_sd+0x11e/0x140 [ 3084.350176][T30256] sysfs_create_link+0x61/0xc0 [ 3084.354958][T30256] device_add+0x669/0x1ac0 [ 3084.359403][T30256] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3084.366245][T30256] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3084.366836][T18894] usb 3-1: Using ep0 maxpacket: 16 [ 3084.372123][T30256] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3084.372162][T30256] wiphy_register+0x2095/0x2ce0 [ 3084.388046][T30256] ? wiphy_unregister+0xb70/0xb70 [ 3084.393058][T30256] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3084.399122][T30256] ieee80211_register_hw+0x24d1/0x4250 [ 3084.404618][T30256] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3084.410212][T30256] ? rcu_is_watching+0x12/0xb0 [ 3084.414997][T30256] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3084.420961][T30256] ? __hrtimer_init+0x103/0x2c0 [ 3084.425802][T30256] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3084.431549][T30256] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3084.437342][T30256] ? rcu_is_watching+0x12/0xb0 [ 3084.442087][T30256] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3084.447969][T30256] hwsim_new_radio_nl+0xaf8/0x1240 [ 3084.453062][T30256] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3084.458952][T30256] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3084.466341][T30256] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3084.473719][T30256] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3084.479296][T30256] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3084.486699][T30256] ? ns_capable+0xd5/0x110 [ 3084.491108][T30256] genl_rcv_msg+0x55c/0x800 [ 3084.495604][T30256] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3084.501485][T30256] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3084.507362][T30256] netlink_rcv_skb+0x16b/0x440 [ 3084.512117][T30256] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3084.518001][T30256] ? netlink_ack+0x1370/0x1370 [ 3084.522774][T30256] ? rcu_is_watching+0x12/0xb0 [ 3084.527543][T30256] ? down_write+0x200/0x200 [ 3084.532035][T30256] ? netlink_deliver_tap+0x1b1/0xd10 [ 3084.537319][T30256] genl_rcv+0x28/0x40 [ 3084.541319][T30256] netlink_unicast+0x536/0x810 [ 3084.546086][T30256] ? netlink_attachskb+0x870/0x870 [ 3084.551188][T30256] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3084.557075][T30256] ? __phys_addr_symbol+0x30/0x70 [ 3084.562256][T30256] ? __check_object_size+0x323/0x730 [ 3084.567544][T30256] netlink_sendmsg+0x93c/0xe40 [ 3084.572302][T30256] ? netlink_unicast+0x810/0x810 [ 3084.577238][T30256] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3084.582558][T30256] ? netlink_unicast+0x810/0x810 [ 3084.587487][T30256] sock_sendmsg+0xd9/0x180 [ 3084.591911][T30256] ____sys_sendmsg+0x6ac/0x940 [ 3084.596664][T30256] ? copy_msghdr_from_user+0x10b/0x160 [ 3084.602109][T30256] ? kernel_sendmsg+0x50/0x50 [ 3084.606774][T30256] ? plist_check_list+0x1ae/0x280 [ 3084.611794][T30256] ? schedule+0xf1/0x1b0 [ 3084.616031][T30256] ___sys_sendmsg+0x135/0x1d0 [ 3084.620830][T30256] ? do_recvmmsg+0x740/0x740 [ 3084.625405][T30256] ? rcu_is_watching+0x12/0xb0 [ 3084.630154][T30256] ? rcu_is_watching+0x12/0xb0 [ 3084.634920][T30256] ? __fget_light+0xe6/0x260 [ 3084.639533][T30256] __sys_sendmsg+0x117/0x1e0 [ 3084.644121][T30256] ? __sys_sendmsg_sock+0x30/0x30 [ 3084.649132][T30256] ? xfd_validate_state+0x5d/0x180 [ 3084.654240][T30256] ? rcu_is_watching+0x12/0xb0 [ 3084.658984][T30256] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3084.664949][T30256] do_syscall_64+0x38/0xb0 [ 3084.667658][T18894] usb 3-1: config index 0 descriptor too short (expected 16456, got 72) [ 3084.669350][T30256] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3084.677909][T18894] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 3084.683503][T30256] RIP: 0033:0x7fc66767cae9 [ 3084.683521][T30256] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3084.683548][T30256] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 [ 3084.707955][T18894] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 3084.715630][T30256] ORIG_RAX: 000000000000002e [ 3084.715639][T30256] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3084.715653][T30256] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3084.715666][T30256] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 [ 3084.722421][T18894] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 3084.731727][T30256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3084.731741][T30256] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3084.731765][T30256] [ 3084.775112][T30260] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3084.786681][T18894] usb 3-1: config 0 has no interface number 0 [ 3084.806443][T30260] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3084.817249][T30260] CPU: 0 PID: 30260 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3084.827318][T30260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3084.837371][T30260] Call Trace: [ 3084.840652][T30260] [ 3084.843581][T30260] dump_stack_lvl+0x125/0x1b0 [ 3084.848278][T30260] sysfs_warn_dup+0x7f/0xa0 [ 3084.852786][T30260] sysfs_do_create_link_sd+0x11e/0x140 [ 3084.858249][T30260] sysfs_create_link+0x61/0xc0 [ 3084.863021][T30260] device_add+0x669/0x1ac0 [ 3084.867455][T30260] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3084.874321][T30260] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3084.880226][T30260] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3084.886219][T30260] wiphy_register+0x2095/0x2ce0 [ 3084.888466][T18894] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 3084.891073][T30260] ? wiphy_unregister+0xb70/0xb70 [ 3084.891098][T30260] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3084.903294][T18894] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 3084.907083][T30260] ieee80211_register_hw+0x24d1/0x4250 [ 3084.907118][T30260] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3084.907144][T30260] ? rcu_is_watching+0x12/0xb0 [ 3084.907163][T30260] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3084.907185][T30260] ? __hrtimer_init+0x103/0x2c0 [ 3084.907210][T30260] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3084.907238][T30260] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3084.907258][T30260] ? rcu_is_watching+0x12/0xb0 [ 3084.907275][T30260] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3084.907297][T30260] hwsim_new_radio_nl+0xaf8/0x1240 [ 3084.907319][T30260] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3084.907345][T30260] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3084.907376][T30260] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3084.907410][T30260] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3084.907440][T30260] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3084.907477][T30260] ? ns_capable+0xd5/0x110 [ 3084.907501][T30260] genl_rcv_msg+0x55c/0x800 [ 3084.907531][T30260] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3084.907567][T30260] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3084.907592][T30260] netlink_rcv_skb+0x16b/0x440 [ 3084.907619][T30260] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3084.907649][T30260] ? netlink_ack+0x1370/0x1370 [ 3084.907674][T30260] ? rcu_is_watching+0x12/0xb0 [ 3084.907698][T30260] ? down_write+0x200/0x200 [ 3084.907719][T30260] ? netlink_deliver_tap+0x1b1/0xd10 [ 3084.907746][T30260] genl_rcv+0x28/0x40 [ 3084.907772][T30260] netlink_unicast+0x536/0x810 [ 3084.907801][T30260] ? netlink_attachskb+0x870/0x870 [ 3084.907827][T30260] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3084.907856][T30260] ? __phys_addr_symbol+0x30/0x70 [ 3084.907879][T30260] ? __check_object_size+0x323/0x730 [ 3084.907905][T30260] netlink_sendmsg+0x93c/0xe40 [ 3084.907934][T30260] ? netlink_unicast+0x810/0x810 [ 3084.907963][T30260] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3084.907990][T30260] ? netlink_unicast+0x810/0x810 [ 3084.908017][T30260] sock_sendmsg+0xd9/0x180 [ 3084.908040][T30260] ____sys_sendmsg+0x6ac/0x940 [ 3084.908064][T30260] ? copy_msghdr_from_user+0x10b/0x160 [ 3084.908091][T30260] ? kernel_sendmsg+0x50/0x50 [ 3084.908112][T30260] ? plist_check_list+0x1ae/0x280 [ 3084.908138][T30260] ? schedule+0xf1/0x1b0 [ 3084.919165][T18894] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 3084.923944][T30260] ___sys_sendmsg+0x135/0x1d0 [ 3084.966720][T30264] syz-executor.0[30264]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3084.972458][T30260] ? do_recvmmsg+0x740/0x740 [ 3084.980363][T30264] loop0: detected capacity change from 0 to 256 [ 3084.983465][T30260] ? rcu_is_watching+0x12/0xb0 [ 3084.983495][T30260] ? rcu_is_watching+0x12/0xb0 [ 3084.992997][T30263] syz-executor.4[30263]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3084.998166][T30260] ? __fget_light+0xe6/0x260 [ 3084.998192][T30260] __sys_sendmsg+0x117/0x1e0 [ 3085.006518][T30263] loop4: detected capacity change from 0 to 256 [ 3085.011053][T30260] ? __sys_sendmsg_sock+0x30/0x30 [ 3085.011081][T30260] ? xfd_validate_state+0x5d/0x180 [ 3085.011115][T30260] ? rcu_is_watching+0x12/0xb0 [ 3085.011135][T30260] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3085.011159][T30260] do_syscall_64+0x38/0xb0 [ 3085.011188][T30260] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3085.011217][T30260] RIP: 0033:0x7fc65907cae9 [ 3085.011232][T30260] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3085.011250][T30260] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3085.011271][T30260] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3085.011285][T30260] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3085.011298][T30260] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3085.011311][T30260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3085.011323][T30260] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3085.011344][T30260] [ 3085.049334][T30264] FAT-fs (loop0): Directory bread(block 64) failed [ 3085.069299][T30263] FAT-fs (loop4): Directory bread(block 64) failed [ 3085.083654][T30264] FAT-fs (loop0): Directory bread(block 65) failed [ 3085.095175][T30263] FAT-fs (loop4): Directory bread(block 65) failed [ 3085.144908][T30264] FAT-fs (loop0): Directory bread(block 66) failed [ 3085.144937][T30264] FAT-fs (loop0): Directory bread(block 67) failed [ 3085.145001][T30264] FAT-fs (loop0): Directory bread(block 68) failed [ 3085.156522][T30263] FAT-fs (loop4): Directory bread(block 66) failed [ 3085.162701][T30264] FAT-fs (loop0): Directory bread(block 69) failed [ 3085.170522][T30263] FAT-fs (loop4): Directory bread(block 67) failed [ 3085.175891][T30264] FAT-fs (loop0): Directory bread(block 70) failed [ 3085.183731][T30263] FAT-fs (loop4): Directory bread(block 68) failed [ 3085.187712][T30264] FAT-fs (loop0): Directory bread(block 71) failed [ 3085.190222][T30263] FAT-fs (loop4): Directory bread(block 69) failed [ 3085.201823][T30264] FAT-fs (loop0): Directory bread(block 72) failed [ 3085.204646][T30263] FAT-fs (loop4): Directory bread(block 70) failed [ 3085.210071][T30264] FAT-fs (loop0): Directory bread(block 73) failed [ 3085.217385][T30263] FAT-fs (loop4): Directory bread(block 71) failed [ 3085.441978][T18894] usb 3-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 3085.456410][T18894] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3085.464445][T18894] usb 3-1: Product: syz [ 3085.467001][T30263] FAT-fs (loop4): Directory bread(block 72) failed [ 3085.468611][T18894] usb 3-1: Manufacturer: syz [ 3085.475147][T30263] FAT-fs (loop4): Directory bread(block 73) failed [ 3085.480123][T18894] usb 3-1: SerialNumber: syz [ 3085.481700][T18894] usb 3-1: config 0 descriptor?? 20:14:34 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="14010000290001000097ffffff00000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:34 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CCA_MODE(r5, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x4c, 0x0, 0x100, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_CCA_OPT={0x8}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x1}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x1}, @NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x4}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x20008050) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) 20:14:34 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="140100002900010000000000001f000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:34 executing program 0: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") statfs(0x0, &(0x7f0000000200)=""/197) 20:14:34 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") r1 = syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161553aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) (async) bind$802154_raw(0xffffffffffffffff, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) (async) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) r3 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setresuid(0x0, r4, 0x0) (async) r5 = socket(0x10, 0x0, 0x0) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, 0x0, r6) setregid(0xffffffffffffffff, r6) (async) r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000004200)='/proc/bus/input/handlers\x00', 0x0, 0x0) (async) r8 = getpid() sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x4) (async) r9 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setresuid(0x0, r10, 0x0) (async) r11 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r11, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) (async) r12 = open_tree(r0, &(0x7f0000004240)='./file0\x00', 0x801) (async) r13 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r13, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) (async) r14 = syz_open_dev$sndctrl(&(0x7f0000004840), 0x8000, 0x288300) (async) r15 = fsmount(0xffffffffffffffff, 0x1, 0x1) (async) r16 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r16, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000048c0)={&(0x7f0000004880)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x800, 0x0, 0xffffffffffffffff}) (async) r18 = openat$null(0xffffffffffffff9c, &(0x7f0000004900), 0x404001, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004980)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000200)="d1dbb94ee6ab9cee56cae49a4a84d793510b7efac524efc022757512b1d00e52fed74feae94d024d61e78b7877c4d5cdfcc65a63f5a41517496b1170a9149724156f0d74743baa5aa11d95d728e59ea74afd5a", 0x53}, {&(0x7f0000000280)="98ddc33de3292af754ca0c412b631044a57cdc8aaf694dd41dcabde0b6a1303daec73ccef656e8bb4a26d526fae40fe0ab62067afb098e7867b480a3a9d101ca1da7d106095eca112ba0fb03f212e0272f75ea4620df6034dac376c63141a49d44b7d995f5346dca63d22752a51556ba980aad10cd000e0c3740beb5ba32", 0x7e}, {&(0x7f0000000300)="e2a450d5749afa3ecd92019986fec6d34c114d0ff4f09de6ea50f13a803171159ed02e11a42dab7d95447153b0351e8246704843edfd802e2661592d6bf55e028df1048a772cf26a682e457c7c2099b28d21460e833a2c88f38faac3830fe9318770f09b6e22140348581be88fb782e9bfd0b41266daa230", 0x78}, {&(0x7f0000000040)="f4886e3f7c9a50d6dbf45e30953774865d2a071091ef6c02c74a6db738374a816caf41f7e56072278ed7", 0x2a}], 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="14000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="000000001c00000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x98, 0x4000000}}, {{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000740)="693cb84232d9b4a3e37712a657c68530ca9cadd8b0d96f5ab59f939d477ce880269fdb190813c03e20fe29796e3b4bdfea1d41bb478a49bde443dba335bcca", 0x3f}, {&(0x7f0000000780)="b2de0d7734541bbcfcf57cbf81eb9e52943106d85736e0092ab03dcb25fa637a89506400937d1d616db61d820280a303a5b04e4d4cfdff39b2d4d5b072e89bd1b10f142ea3faf99f9c75dd0012be9db40530a6db54cb8ff90a4a07da3e17c5498228e6fd2756d3cd42a8d647f35c0cfc428ea2a75f950c49cd8c8844d7237e187a2dfa1d0c18cc6b18a70e4149c7cab924f3c10a4fadaf69790a625ed7", 0x9d}], 0x2, &(0x7f0000002d00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, r1, r0, 0xffffffffffffffff]}}], 0x70, 0x8c0}}, {{&(0x7f0000002d80)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000003e40)=[{&(0x7f0000002e00)="961f5bc287ef4132659151f611e2cc1ad2872f45643654c25d727c46750209c40d4d56a4899952c5762ba02d5344fdabc0f955f9dcfb1e9d6c972e12270e84d669e9c2ba3646a2801acd2d302cee995cae0d98d7d7062e050e7e649b8d9721499071e84d6a5d51d2b10031673f6baacc031f5f6d45a1d422aa53db6e88e1d64785946c15a004a6a20ec4122bcf6f35b8d941adbb4921eb27e207d2b4ee10dddbca0bc478266a8246a22336e7e9ea5accda583b1adb88c6f44e5f26f1fe2f5de1aa8d66f5b3508eb03d58b2adf8f82945391cf799fc90bef54882d1078bcac4454e0589b870bf80928f7cf3069d8936e2cdb03adc82a330f568c54e897ba445a8a982a738b569aacddf40ac8d8072aea8806ec890a363437be88f7712a88fd552336aef6628b65622012c2092ff98c0aac57fd1e49ead741f5a7770c8aa37c2759d81feea033eb2112458da8a078f94fc619bdc86f57e951ef0766250b0e8ba98b661a4a3946e0f7c20227ae327a38b066d651a89ff4248a3c9b13ff854e276e10a0599daec747c80ab07cc425ad5c59d21bcfa9c68376018384afcfd16c38d155cc8cbe0bccaca59a3553ad6306ac8f8b49b3bb17cd1a1d91d1fb2b6ddb1e22de6985ff956e0fd205bfdeaef38a353414740f6a9c4bc94efb225c94f7ea36f0505a07edeeb21628ac6d1c055279730febcb3ba458a280e26a7ab020977a31f4dc73e06a4777a7ed465e85400c0b002567d6447bd3e30959555f251300bce87c1d3b4bbe15e9521c4e9e62b60603a438e00c368bcac19126acf0a93bf293203e3901335b6287edb3a80139f57fb1d5ef9095737c7cbd17976e900725e6ea9ad2b1bbc5d647536b0fbaf426c73337c028c1fe6a608d9e9306dee9c69f0e531689954c309a4235107bfce6ade923d528d36da5fff76d50b12e817d919f450dfac2f86e37730e20ab87be6667b28ecb0203b23f49fa3e6ebcfd9d707f0c76e51b459699ce9a50ecda452da4e87f121887ee54c4505a59b2b02a873366b73d00eead8d5b35597ae6b5fa2b4c45199bfb35c4947b25bc7ffd74845919885ae650573fa0a802ce0b00d6fb149de92ebf4d26ff9a50259e22d3d6ecd348bda522f1d91ade3e459fa0ecde1d3ed089f4a283414c1deca4db7721d8a6a47bbedb62b258092938a7bd87c2caca2e7c31030495f15d194cbf0b85959734400cf9d1afb41c6087bb18fec30759f59b7968ef3d11d512e99e44d01c8b9b2988b2754150208ce36f60f4ccfbf2f0b32990e2f6988a6db2d1925a8a752977162363f3388ca00c72ab7d94a02b4881c3741f2642183e4db0ecb62696cae7829a8f248b62b10a648d79dc7973411f567effc52eb186bf95821be8426e8e756716d031a47dbd4976a88ebe620f21a17abadaf4078c64996ab0c95d04fbecf0f8397edb1c2675d4cc9b91112921891c931eb9acc6fb6192efd28964532a9b151e78cd1fb95709dd7ff569205fcb0c22a5dc9ca1e7a12f5835ed8edda8d1eb7a2bc93f9b6571eee983a19615ca839d8d4a7513b0711154e5b243c464dcf06018a53544de9cd88d368addc0f9b706732d82dd82c54cf5dcbfe97436cc36fce1dc60bf44b09c699c258df25e355c5ac96e97d9b7fb687b54f4696cef95fccf9e8d29adb3c2cce599b8c8a6b414edbd1252ed1f275d5962fa529fad181efa016d42dff0637b451d2ca3110f7ca28c7dfa25f74d8eb5fbce9a8133368bd43cf711d4263568c6542d049d393ace5c7294939ee163fd8e1ad852d62ce45e8eb5cf6fd2c00c387c934c9a5f5c631f00c0032c9878b69fd68d9af187d87ecaeb0b6790461a208f38b93dd07ce8767c47fea407655a4c1db58edb6f91bbd4c9c98ab97dbc4d3d00036924b20e05c348c43713b89164471574a5016d14ae181cbbd24a811201939eac1b6771ac2562fbd722d8013703c9d32e0d4c15a436252de697d9da5a0a5626407a6ff7b5cac7b27c6be7d9bff99f8fdeb53efced619bdf0300c37c92154c5576d6cb2dbcfd82a58753848269474819e4d5d18b9b15d1e373107352a9972d1c113f092706b31768311dbd08c7387b69dc6a723f01c60a9db17298f9855f8ffff3f74bff1764a2a7809128ea12974fc65bccfcb772401acd28d6e7be0ab514c7e0b6a7785f58c861e33ee107f1a6342b5ebeab8ad810391945a79afabf22f7db1b494ea56615424b445e5c86f6c509f5bdea3fed65fef45ecea67d297e8c3a8dc2334c24e63a4a832bc8ac5af8672831078fcdbe1ccecf204dc02404a0dae32231ab2ad629b03f2935ed6b671420cb4055977d0a518eaec74ef1bdfd1fafd0d99c7517298599af558db193fc8026a6f81df1a9c83d9359a55b5e5761f589292af5409428708ef7b1a996ae50b71728fcc6882bb0eff0b1e77287b39d379e8c26b6bd53181668d6dbaa799390d58719f269170bb9107af9d3af2dff9979768d3bf645f697ccf4143fea1c4c07916f177b586f5c3058845438a4402fb613b05b12933156a57018f42fbad5f94aab29dc722153a0fa080c70e75be4ac23e7e219bf607beb5e9be79ceb95b391b0f20cb1bdd6e9d3cfe89ca126883b7030ad2c2dd059dafecd26a0cd40d1633a1c1ad279b8989a861241da88d948eb388f1b049f94c4442a2d1a8fdddfe050fcbc8d576ac9afcc9ca2bea87b1a34ad8da17144b003f98367e9e2d80ae6b5f2f923576bcd866877e4a8d55a5368d0372f5049bd36aa5132a3b7ce00ec2ddc7f16e8c64caeadc006adb8c6889bb383f417b0525aa5d5083e09d7d642ec891a5a88faa0f161ba23f2d2f75e3b96cd637443edab2bad6a7cc90ec183d83d764f86f7af8309065be13532d3f968d32730bd88de1cddb48e52239d093deb29db9c28c2890d5bda3fe864bce1bb520c77402e3892d1c845fda13a7ab7bd1f64a1f518fd635c535bf619e2aaed1496855e6e3ebd270071fca5a512d8fb348b3421c7b12582d7fce2799d4692610d316de627c91144c12faa6a6f4012e57b0a3c7c1829e32a354f3ffe537fcef24d439923777b5bbbef75328602ee71f2b800f3bf78912474768b3a6dfe3970dde8e726c99d332c67af91e98fb9a49cdad32fed7f318c8227c771fe4e3a1ef0c0769d2139edf083c7b3b96ed048fadcd76905b1d1a0ef5b2be12daafb6c85485b56851a3b7ad857a89a81dafe3f4b1c6890fd91147f0770c4144213cb5c16814c64ed7d88d496e8fd38bc340b9c855da362f11a8cbdef0e4fe545ca8b168de47d09efd2ac635fc5fa27897280fd4b8cd34a922da6e0d3cf0e29fbbaaf04bce38b32b6f303cff4b276e9d98f423c107a67e138d67f6aaa365e9627fd55150153318f88c3e861f7673933230f85bae3fc128a015118cc1103bc6ead91dbce103a1ae1fbf19860b45dcb0c4efe906a3ece6ae9da3f3ee7193c4db89133096fe6be5a8f59277bfae8c1c190a45b8448ecf6977ea628082cd74f374a294a821a4fc6dea56bf9366a6a0bad3c6706b292544c0b40546d119aeabd012f2e731e9cd59d9b7fe42ff67f2e90cc709121948ed47f2b23616bd03e740bbf046808336623e3f1c2e466614bae67ca814afc750e0fde4f4d410b5a07eb8fbf49d75a04024a3e243bfea49e70c5af60aa8b1ad2b91055babff678fd06fc4a76eb8943a673c032db1ed15f811b24b16a39d7562768137e6763602d429ac7a4357ff03570877ee473c0c450172cf378532c4aa64f88a20a812cb9545001247064951d52f7ea77d5a76486789136f4b3d584a49b430638c7f73a569df6a16e27aa2e58451873052be3016f389d7da4304cbfa546e82c48d1e2d5c37aef2d207b99ce831de8dadb5e03c8ec8c5fc14e1c1056f493b9c22d2531e8e1e801505d8430ec6c656a326156895ee987d48ce696ac8651b4860d0ec8559c63a3a88793930747baff2fce0fb258025a3b09035aebbb40ede7c1e802fec711b06397edddc62f3c7f992693fec044dc6e8af95a8bb34368a8a7a2feef21a739edd0458dcbf1808e45868768017bbc3fda31f3d55e94e4f8c68772e19038c3d8aff5de988bf8d5bc5d92b24df95fd344d0f901e983b4dcf1a3fbc1f5e5125774db410df62b436da8f6d5ccdd6d2f0470ff55b7bfd71ea7fe179e4033674b2049822d59650602ddd13f53afffe9c3faae3d5a6deb53d50183bdaa7128fd6d1d1bd7dea347a3f2d664bd0a6be98f7a516b99abdcd69459bebcde08d8dcc6fdd80529f55870c50a8acdf8c051d9fc48172dda7a48b5ae28908feb0ccf9900cc30538e186eedc9244f3db96b246cbb6957aeb3efae81596533aba34f381cc49720fe3a5267d0529225e49b600211aed1a4331ae6ddf1f97af29643322b8adffa10a9397015d4078cd271ebc744788c7aa19b59e44f742e987211bfea155bd72c9f2dabaa6067d10da94d0109fd96d591fbb83f11417cf0467a20a8c290b21c489d24502af0ed6932feb44bb80e1c24194e461979c1d3959bfdf8c3d99edd2327eefae9fc5ca3fa4e0a2141be1210764259f19913388e26603cb53766bbb37e51276adb8ff5258f995501b92e21e01d613dd16beefba6c0071f211afc830de400970acff9bd015708fecc1fc5f340a27e526e7dbb3c4d24aa8f3f693bc69aa1f3826dcbc12ba6dd5846e8c4f37fd4c4e3dd9f9c2b86032e15e3f48491976d3e9e3f2b29a31ccf0ce323c6c99c1a136ac8601d8a8a13a5fc62f92a7845222f36e0ba861b1c472b863a675efbad648cd159490a211e0d0c6ab403342661c45340d217053ef26be30735d02d10dfb8151e2f3ef958b4adcb438c5e9734d2e1f0959ca3ac2bc6ff1f432f82f9b9df568f8251150bbf49757c90bcaba76bfea6fd3ddb433c166ef78dd5162a337f4b319058ef67b92cddc1bb48ef36c0b8b4afa2494a1b09f777bbc486fc2c8a47e9a4b51351a60853dd6978ea6c8b08fd8b14170264d6092279e526ea2db005f6d7d9e03cf881966077a9841ffef7065a60096a9bc2b7e48bd7203250027bce83093bb06e9ca1cfc829bc7f8beeebf493462c7d41d1ffa57e3f6339f5f48a90fee07b16e79009d8d70689a128bbaff1cfa268d10142cd9a02d2fae8b08730e1eada2f2e775e0e950053d1f54416ba526bbb46755911bcc7229ffbd620b9e1ccaf5ace8fbca880daf4ed83b5583ad1836c58ec7cbc3f2d794bb094f06d7960e9f736e480c249cfbe8309c8f89a35b5c63bd55a2689a30a5e8bd51d8d09732e976ea0672377df66ad1065d316265737da2d84a718ccf80d13539d4592c8e23c47caa65b753445024a1b38e4bc1af11cc55ce8abb0fdb085f63344cad2bbd910d6b10ba7482050baff72e45d7ac2d81673ef95b4fd181be36b82cd2ba3d22a2038c46c707facf5c45107c46556a28cb7b3254ebcaa1196077d4fbd5f3c18d0e09522c52639ee7fb36b9469d623411525959d81fe6f178eaac9c28407e0aa1777cfc7c2f31b4f63a14b554f102f833fb69a2db164c12209bbda662c0abf4d9b0f8f55eb900b5926b148f2b89329ec04be765e36c80d2dfbd3ba7e01ac90a87c01ab1f766c57451c4ca8036f6691635693e93f29661b618ccfdadada254f230194a163a0623b8fc2bd2b7c98d188310ca754f93303b8058ee4a59f8c48ea4bf67448b9d5a9b5380be155c80168992f2779611abca6f111e7e13e111a5827eb9dfad6a4a3783e1212bc353fb8b16b8f57807cc557f8e523638cc16e7a722290ed1b95cf11260dec7fc510495488749318eae8fd641ec9b9c7ffcbc8c38", 0x1000}, {&(0x7f0000003e00)="f170facd9f3dffbb79e5b5ab9263998a3d9ee2046dc389ec478d5d57990c040f12b2c7d67722b57a9151b417", 0x2c}], 0x2, 0x0, 0x0, 0x8000}}, {{0x0, 0x0, &(0x7f00000041c0)=[{&(0x7f0000003e80)="83d22758160220f0e49935961d36dc3c9840412ab969e299f92c57258d1ed58dc2f7855f2992e66a5bd56c94dbfad27d4aab107b2d54c587dc15d88577daa02b65f7b0e48171894488eb36e57dd797021d03eaccf6965ed53f06cba15bb5d3c99dfbb686ef24222c946afc7b2c0609659e98323419", 0x75}, {&(0x7f0000003f00)="9e091a65255f455753d166d01c602900170a7ff3d793ad1a67437da02e26d915426ac0eda01e11c71480a5d35badeadfeff2d3c8b70c48a10ad3741909889c8b7392a7629f2f5e98328bd8ef75156cf50b59f58e9430ecc021af4ad7f93ed6f9463f8488af18071bdd190158bd212a97a8af9d79efc8949c3fbca32f4539867750ab222648a374b04a7d86d1fea320fe9e23ea030da84b2586ff187dc23fce9b223985003736965311931535ec4778eceb257fbac375190b470995e7933ae440c333f5538653e57e1a73eb8e86cfcc4184594409396e15b5", 0xd8}, {&(0x7f0000004000)="b2ddb56df2e7630282f79e7354a980c496c0d04657ca9dc0cb56ee20e858c885e924b06f099277d77d4d0cc3440d7fb3fb3fa1d26d899570dfd977240fd789c7cfe752ca67940aa0e1aaef60abc714e5d2935e40242c7c71e4a59c49e47edd0dbe576c785f2e82220f490ffa93fa029803bec9efe11710ec43b61fed74f5b3a16181678d0306b623659fb3afffa23255cd56b31d83639077086ad043cb6fd8a51811b3993264fe2f2bcb260161b32764c658530a40d441bd830410a0c6b5dfc60d1b3032ce8e7565d69fa92747e11337a742ee303e95f0d9c2fff3b07b08bd2679cf768417cfef9343", 0xe9}, {&(0x7f0000004100)="a6699fa2a1eca34c96079aab170800e5363231356d0c81e1a964806b1df819e49888071200b5fda5528c1cfa1fb9d3da0b94ebab7e00a369408321c34de92c7ce2e0de28ae7b0b1bcbdfff0cb27720890eef1dfae0500429af82611ae7b97aa28a07886e484170965353caf01eb841f27dafb2e1dc69f134802bf71dcd997966e7e03463fde379990dca2bfe4f155274992b2d37b11511a18dea317612a3fc7641455b83bec2ab68a50d86aafaf84dcd17421fd284f42fc960ee237e", 0xbc}], 0x4, &(0x7f0000004280)=[@cred={{0x1c, 0x1, 0x2, {r2, r4, 0xee01}}}, @rights={{0x14, 0x1, 0x1, [r0]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0x0, r6}}}, @rights={{0x14, 0x1, 0x1, [r7]}}, @cred={{0x1c, 0x1, 0x2, {r8, r10}}}, @rights={{0x14, 0x1, 0x1, [r11]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xffffffffffffffff}}}, @rights={{0x14, 0x1, 0x1, [r1]}}, @rights={{0x1c, 0x1, 0x1, [r1, r0, r12]}}], 0x100, 0xc1}}, {{&(0x7f0000004380)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000047c0)=[{&(0x7f0000004400)="65cc71b1094ba5f33c0f3de31ae34f269a19b7f1184d7d352cd9524af19a47d3964d73b1d7e64499eb5b0cb8386d22b950b548140b2b04389fa6fafaed71bdb383672591a8b8513471f8a3c973400883c88284186f413b5d7d03464816227fda8c1758464699e62c54c9ea79afcf460069ddf110199a5bb2c3eeeb52ab5d716f72502c883afcb9180fcfb0c5b37c050985b3834816d7e12d6480d7d77c62f64128d69fb0ef44db9ed5c3de0bed8989e3b0665f6a2270f58e5e08f7ef52a25b95c1158db422", 0xc5}, {&(0x7f0000004500)="8ddfaa3038a9ecf8d65c3717ea007f906b8106d3331ae0158521d862557db228", 0x20}, {&(0x7f0000004540)="d06345715927494c", 0x8}, {&(0x7f0000004580)="1da1072d5fef14538ad316730f42dfb2e21990e351e8230dc4e2a44b841aca267ce5eda40e1dc704ce33c2cdd996b13b60b837d3b9b66d183910d7e160f7a302c165967a1030fba1e4476d7e2a23feb86d6860545667ae682537732a7dd2097a8b5d6c9fe3f2b1a6786738ed6ae64f18d7c9b0b00d1fb64f9dec3fdbe9bd5b35ff249b4ed2d0eb92d115632edbe740fbb0de7ae26ecef1b3f449968d02f1eafce20b6c0d0fde0f67cbf67627582e0999bdd24f363708e5", 0xb7}, {&(0x7f0000004640)="2e2ed5b65232cac3b573836e7f7a04602430a27546e85ec927a629b02bcc668012785c2908f980abcf75fbe696016e97ca067ef2782614a92f5ae434058757fd07fa18640d9bce604ac80d0d96dffd4b9f0b1dcf0f386c2589b2d0cc0fd2a25c", 0x60}, {&(0x7f00000046c0)="aa89942f4d8cdd2c7c9cb3d864bf51dcca8a980e82abde0af3aaa143ffa2a3935ea9a0bce4bcd5bc9ae2e83b98abe1da97bf634a6b39bd264e078fd76d4979eda097136540197f0b63d2182d8b03e4db871eaf6ec86caa83fdd600cd1380f0de8233cd4e03a302fbffbafe23343ab28cc0a3a0ceea7fa8070b", 0x79}, {&(0x7f0000004740)="22caab43e7124434508474dd5b3fae6678b0bb1eabaa3b31530410d6831f17eb9479fa40c77045f73bd5967e4e2a65fa2a7887751c50395f1e8da0ec333dc67b6e3e1540bb0fa19b22b712f9", 0x4c}], 0x7, &(0x7f0000004940)=[@rights={{0x24, 0x1, 0x1, [r13, r14, r15, r16, r17]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r18]}}], 0x40, 0xc001}}], 0x5, 0x8811) 20:14:34 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000060f94d100d05020027230102030109024840020000000009047d00031d5abf0009050400005539000009050b00000000000009050200000005000009"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) [ 3086.742321][ T2161] usb 3-1: USB disconnect, device number 34 [ 3086.768399][T30269] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3086.779040][T30272] syz-executor.0[30272]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3086.799846][T30272] loop0: detected capacity change from 0 to 256 [ 3086.806245][T30276] syz-executor.4[30276]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3086.822576][T30269] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3086.831837][T30269] CPU: 1 PID: 30269 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3086.836088][T30272] FAT-fs (loop0): Directory bread(block 64) failed [ 3086.841894][T30269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3086.841907][T30269] Call Trace: [ 3086.841913][T30269] [ 3086.841920][T30269] dump_stack_lvl+0x125/0x1b0 [ 3086.841955][T30269] sysfs_warn_dup+0x7f/0xa0 [ 3086.841981][T30269] sysfs_do_create_link_sd+0x11e/0x140 [ 3086.842007][T30269] sysfs_create_link+0x61/0xc0 [ 3086.842034][T30269] device_add+0x669/0x1ac0 [ 3086.842067][T30269] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3086.842102][T30269] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3086.842139][T30269] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3086.842170][T30269] wiphy_register+0x2095/0x2ce0 [ 3086.842196][T30269] ? wiphy_unregister+0xb70/0xb70 [ 3086.842221][T30269] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3086.854183][T30276] loop4: detected capacity change from 0 to 256 [ 3086.858753][T30269] ieee80211_register_hw+0x24d1/0x4250 [ 3086.858794][T30269] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3086.870033][T30272] FAT-fs (loop0): Directory bread(block 65) failed [ 3086.874170][T30269] ? rcu_is_watching+0x12/0xb0 [ 3086.874196][T30269] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3086.891109][T30276] FAT-fs (loop4): Directory bread(block 64) failed [ 3086.895598][T30269] ? __hrtimer_init+0x103/0x2c0 [ 3086.895632][T30269] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3086.904359][T30272] FAT-fs (loop0): Directory bread(block 66) failed [ 3086.907550][T30269] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3086.907577][T30269] ? rcu_is_watching+0x12/0xb0 20:14:34 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000008268f00000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3086.907596][T30269] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3086.907618][T30269] hwsim_new_radio_nl+0xaf8/0x1240 [ 3086.907639][T30269] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3086.907663][T30269] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3086.907696][T30269] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3086.907728][T30269] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3086.907761][T30269] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3086.907797][T30269] ? ns_capable+0xd5/0x110 [ 3086.907822][T30269] genl_rcv_msg+0x55c/0x800 [ 3086.907853][T30269] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3086.907883][T30269] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3086.907909][T30269] netlink_rcv_skb+0x16b/0x440 [ 3086.907936][T30269] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3086.907966][T30269] ? netlink_ack+0x1370/0x1370 [ 3086.916314][T30272] FAT-fs (loop0): Directory bread(block 67) failed [ 3086.917793][T30269] ? rcu_is_watching+0x12/0xb0 [ 3086.917820][T30269] ? down_write+0x200/0x200 [ 3086.917841][T30269] ? netlink_deliver_tap+0x1b1/0xd10 [ 3086.924139][T30272] FAT-fs (loop0): Directory bread(block 68) failed [ 3086.930112][T30269] genl_rcv+0x28/0x40 [ 3086.930145][T30269] netlink_unicast+0x536/0x810 [ 3086.930173][T30269] ? netlink_attachskb+0x870/0x870 [ 3086.930200][T30269] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3086.930233][T30269] ? __phys_addr_symbol+0x30/0x70 [ 3086.930260][T30269] ? __check_object_size+0x323/0x730 [ 3086.930293][T30269] netlink_sendmsg+0x93c/0xe40 [ 3086.930329][T30269] ? netlink_unicast+0x810/0x810 [ 3086.930366][T30269] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3086.930401][T30269] ? netlink_unicast+0x810/0x810 [ 3086.930436][T30269] sock_sendmsg+0xd9/0x180 [ 3086.938915][T30276] FAT-fs (loop4): Directory bread(block 65) failed [ 3086.941411][T30269] ____sys_sendmsg+0x6ac/0x940 [ 3086.941440][T30269] ? copy_msghdr_from_user+0x10b/0x160 [ 3086.941465][T30269] ? kernel_sendmsg+0x50/0x50 [ 3086.941485][T30269] ? plist_check_list+0x1ae/0x280 [ 3086.941512][T30269] ? schedule+0xf1/0x1b0 [ 3086.941537][T30269] ___sys_sendmsg+0x135/0x1d0 [ 3086.941564][T30269] ? do_recvmmsg+0x740/0x740 [ 3086.941588][T30269] ? rcu_is_watching+0x12/0xb0 [ 3086.941612][T30269] ? rcu_is_watching+0x12/0xb0 [ 3086.941633][T30269] ? __fget_light+0xe6/0x260 [ 3086.941654][T30269] __sys_sendmsg+0x117/0x1e0 [ 3086.941680][T30269] ? __sys_sendmsg_sock+0x30/0x30 [ 3086.941703][T30269] ? xfd_validate_state+0x5d/0x180 [ 3086.941734][T30269] ? rcu_is_watching+0x12/0xb0 [ 3086.941751][T30269] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3086.941775][T30269] do_syscall_64+0x38/0xb0 20:14:34 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000020000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3086.941799][T30269] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3086.941827][T30269] RIP: 0033:0x7fc66767cae9 [ 3086.941843][T30269] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3086.941859][T30269] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3086.941877][T30269] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3086.941890][T30269] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 20:14:34 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CCA_MODE(r5, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x4c, 0x0, 0x100, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_CCA_OPT={0x8}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x1}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x1}, @NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x4}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x20008050) (async) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) 20:14:34 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") r1 = syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161553aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) (async) bind$802154_raw(0xffffffffffffffff, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) (async) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) (async) r3 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setresuid(0x0, r4, 0x0) r5 = socket(0x10, 0x0, 0x0) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, 0x0, r6) (async) setregid(0xffffffffffffffff, r6) (async) r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000004200)='/proc/bus/input/handlers\x00', 0x0, 0x0) r8 = getpid() sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x4) (async) r9 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setresuid(0x0, r10, 0x0) (async) r11 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r11, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) (async) r12 = open_tree(r0, &(0x7f0000004240)='./file0\x00', 0x801) (async, rerun: 32) r13 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) (rerun: 32) bind$802154_raw(r13, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) r14 = syz_open_dev$sndctrl(&(0x7f0000004840), 0x8000, 0x288300) (async) r15 = fsmount(0xffffffffffffffff, 0x1, 0x1) r16 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r16, &(0x7f0000000300)={0x24, @short={0x2, 0x0, 0xffff}}, 0x14) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000048c0)={&(0x7f0000004880)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x800, 0x0, 0xffffffffffffffff}) (async, rerun: 64) r18 = openat$null(0xffffffffffffff9c, &(0x7f0000004900), 0x404001, 0x0) (rerun: 64) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004980)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000200)="d1dbb94ee6ab9cee56cae49a4a84d793510b7efac524efc022757512b1d00e52fed74feae94d024d61e78b7877c4d5cdfcc65a63f5a41517496b1170a9149724156f0d74743baa5aa11d95d728e59ea74afd5a", 0x53}, {&(0x7f0000000280)="98ddc33de3292af754ca0c412b631044a57cdc8aaf694dd41dcabde0b6a1303daec73ccef656e8bb4a26d526fae40fe0ab62067afb098e7867b480a3a9d101ca1da7d106095eca112ba0fb03f212e0272f75ea4620df6034dac376c63141a49d44b7d995f5346dca63d22752a51556ba980aad10cd000e0c3740beb5ba32", 0x7e}, {&(0x7f0000000300)="e2a450d5749afa3ecd92019986fec6d34c114d0ff4f09de6ea50f13a803171159ed02e11a42dab7d95447153b0351e8246704843edfd802e2661592d6bf55e028df1048a772cf26a682e457c7c2099b28d21460e833a2c88f38faac3830fe9318770f09b6e22140348581be88fb782e9bfd0b41266daa230", 0x78}, {&(0x7f0000000040)="f4886e3f7c9a50d6dbf45e30953774865d2a071091ef6c02c74a6db738374a816caf41f7e56072278ed7", 0x2a}], 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="14000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="000000001c00000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x98, 0x4000000}}, {{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000740)="693cb84232d9b4a3e37712a657c68530ca9cadd8b0d96f5ab59f939d477ce880269fdb190813c03e20fe29796e3b4bdfea1d41bb478a49bde443dba335bcca", 0x3f}, {&(0x7f0000000780)="b2de0d7734541bbcfcf57cbf81eb9e52943106d85736e0092ab03dcb25fa637a89506400937d1d616db61d820280a303a5b04e4d4cfdff39b2d4d5b072e89bd1b10f142ea3faf99f9c75dd0012be9db40530a6db54cb8ff90a4a07da3e17c5498228e6fd2756d3cd42a8d647f35c0cfc428ea2a75f950c49cd8c8844d7237e187a2dfa1d0c18cc6b18a70e4149c7cab924f3c10a4fadaf69790a625ed7", 0x9d}], 0x2, &(0x7f0000002d00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, r1, r0, 0xffffffffffffffff]}}], 0x70, 0x8c0}}, {{&(0x7f0000002d80)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000003e40)=[{&(0x7f0000002e00)="961f5bc287ef4132659151f611e2cc1ad2872f45643654c25d727c46750209c40d4d56a4899952c5762ba02d5344fdabc0f955f9dcfb1e9d6c972e12270e84d669e9c2ba3646a2801acd2d302cee995cae0d98d7d7062e050e7e649b8d9721499071e84d6a5d51d2b10031673f6baacc031f5f6d45a1d422aa53db6e88e1d64785946c15a004a6a20ec4122bcf6f35b8d941adbb4921eb27e207d2b4ee10dddbca0bc478266a8246a22336e7e9ea5accda583b1adb88c6f44e5f26f1fe2f5de1aa8d66f5b3508eb03d58b2adf8f82945391cf799fc90bef54882d1078bcac4454e0589b870bf80928f7cf3069d8936e2cdb03adc82a330f568c54e897ba445a8a982a738b569aacddf40ac8d8072aea8806ec890a363437be88f7712a88fd552336aef6628b65622012c2092ff98c0aac57fd1e49ead741f5a7770c8aa37c2759d81feea033eb2112458da8a078f94fc619bdc86f57e951ef0766250b0e8ba98b661a4a3946e0f7c20227ae327a38b066d651a89ff4248a3c9b13ff854e276e10a0599daec747c80ab07cc425ad5c59d21bcfa9c68376018384afcfd16c38d155cc8cbe0bccaca59a3553ad6306ac8f8b49b3bb17cd1a1d91d1fb2b6ddb1e22de6985ff956e0fd205bfdeaef38a353414740f6a9c4bc94efb225c94f7ea36f0505a07edeeb21628ac6d1c055279730febcb3ba458a280e26a7ab020977a31f4dc73e06a4777a7ed465e85400c0b002567d6447bd3e30959555f251300bce87c1d3b4bbe15e9521c4e9e62b60603a438e00c368bcac19126acf0a93bf293203e3901335b6287edb3a80139f57fb1d5ef9095737c7cbd17976e900725e6ea9ad2b1bbc5d647536b0fbaf426c73337c028c1fe6a608d9e9306dee9c69f0e531689954c309a4235107bfce6ade923d528d36da5fff76d50b12e817d919f450dfac2f86e37730e20ab87be6667b28ecb0203b23f49fa3e6ebcfd9d707f0c76e51b459699ce9a50ecda452da4e87f121887ee54c4505a59b2b02a873366b73d00eead8d5b35597ae6b5fa2b4c45199bfb35c4947b25bc7ffd74845919885ae650573fa0a802ce0b00d6fb149de92ebf4d26ff9a50259e22d3d6ecd348bda522f1d91ade3e459fa0ecde1d3ed089f4a283414c1deca4db7721d8a6a47bbedb62b258092938a7bd87c2caca2e7c31030495f15d194cbf0b85959734400cf9d1afb41c6087bb18fec30759f59b7968ef3d11d512e99e44d01c8b9b2988b2754150208ce36f60f4ccfbf2f0b32990e2f6988a6db2d1925a8a752977162363f3388ca00c72ab7d94a02b4881c3741f2642183e4db0ecb62696cae7829a8f248b62b10a648d79dc7973411f567effc52eb186bf95821be8426e8e756716d031a47dbd4976a88ebe620f21a17abadaf4078c64996ab0c95d04fbecf0f8397edb1c2675d4cc9b91112921891c931eb9acc6fb6192efd28964532a9b151e78cd1fb95709dd7ff569205fcb0c22a5dc9ca1e7a12f5835ed8edda8d1eb7a2bc93f9b6571eee983a19615ca839d8d4a7513b0711154e5b243c464dcf06018a53544de9cd88d368addc0f9b706732d82dd82c54cf5dcbfe97436cc36fce1dc60bf44b09c699c258df25e355c5ac96e97d9b7fb687b54f4696cef95fccf9e8d29adb3c2cce599b8c8a6b414edbd1252ed1f275d5962fa529fad181efa016d42dff0637b451d2ca3110f7ca28c7dfa25f74d8eb5fbce9a8133368bd43cf711d4263568c6542d049d393ace5c7294939ee163fd8e1ad852d62ce45e8eb5cf6fd2c00c387c934c9a5f5c631f00c0032c9878b69fd68d9af187d87ecaeb0b6790461a208f38b93dd07ce8767c47fea407655a4c1db58edb6f91bbd4c9c98ab97dbc4d3d00036924b20e05c348c43713b89164471574a5016d14ae181cbbd24a811201939eac1b6771ac2562fbd722d8013703c9d32e0d4c15a436252de697d9da5a0a5626407a6ff7b5cac7b27c6be7d9bff99f8fdeb53efced619bdf0300c37c92154c5576d6cb2dbcfd82a58753848269474819e4d5d18b9b15d1e373107352a9972d1c113f092706b31768311dbd08c7387b69dc6a723f01c60a9db17298f9855f8ffff3f74bff1764a2a7809128ea12974fc65bccfcb772401acd28d6e7be0ab514c7e0b6a7785f58c861e33ee107f1a6342b5ebeab8ad810391945a79afabf22f7db1b494ea56615424b445e5c86f6c509f5bdea3fed65fef45ecea67d297e8c3a8dc2334c24e63a4a832bc8ac5af8672831078fcdbe1ccecf204dc02404a0dae32231ab2ad629b03f2935ed6b671420cb4055977d0a518eaec74ef1bdfd1fafd0d99c7517298599af558db193fc8026a6f81df1a9c83d9359a55b5e5761f589292af5409428708ef7b1a996ae50b71728fcc6882bb0eff0b1e77287b39d379e8c26b6bd53181668d6dbaa799390d58719f269170bb9107af9d3af2dff9979768d3bf645f697ccf4143fea1c4c07916f177b586f5c3058845438a4402fb613b05b12933156a57018f42fbad5f94aab29dc722153a0fa080c70e75be4ac23e7e219bf607beb5e9be79ceb95b391b0f20cb1bdd6e9d3cfe89ca126883b7030ad2c2dd059dafecd26a0cd40d1633a1c1ad279b8989a861241da88d948eb388f1b049f94c4442a2d1a8fdddfe050fcbc8d576ac9afcc9ca2bea87b1a34ad8da17144b003f98367e9e2d80ae6b5f2f923576bcd866877e4a8d55a5368d0372f5049bd36aa5132a3b7ce00ec2ddc7f16e8c64caeadc006adb8c6889bb383f417b0525aa5d5083e09d7d642ec891a5a88faa0f161ba23f2d2f75e3b96cd637443edab2bad6a7cc90ec183d83d764f86f7af8309065be13532d3f968d32730bd88de1cddb48e52239d093deb29db9c28c2890d5bda3fe864bce1bb520c77402e3892d1c845fda13a7ab7bd1f64a1f518fd635c535bf619e2aaed1496855e6e3ebd270071fca5a512d8fb348b3421c7b12582d7fce2799d4692610d316de627c91144c12faa6a6f4012e57b0a3c7c1829e32a354f3ffe537fcef24d439923777b5bbbef75328602ee71f2b800f3bf78912474768b3a6dfe3970dde8e726c99d332c67af91e98fb9a49cdad32fed7f318c8227c771fe4e3a1ef0c0769d2139edf083c7b3b96ed048fadcd76905b1d1a0ef5b2be12daafb6c85485b56851a3b7ad857a89a81dafe3f4b1c6890fd91147f0770c4144213cb5c16814c64ed7d88d496e8fd38bc340b9c855da362f11a8cbdef0e4fe545ca8b168de47d09efd2ac635fc5fa27897280fd4b8cd34a922da6e0d3cf0e29fbbaaf04bce38b32b6f303cff4b276e9d98f423c107a67e138d67f6aaa365e9627fd55150153318f88c3e861f7673933230f85bae3fc128a015118cc1103bc6ead91dbce103a1ae1fbf19860b45dcb0c4efe906a3ece6ae9da3f3ee7193c4db89133096fe6be5a8f59277bfae8c1c190a45b8448ecf6977ea628082cd74f374a294a821a4fc6dea56bf9366a6a0bad3c6706b292544c0b40546d119aeabd012f2e731e9cd59d9b7fe42ff67f2e90cc709121948ed47f2b23616bd03e740bbf046808336623e3f1c2e466614bae67ca814afc750e0fde4f4d410b5a07eb8fbf49d75a04024a3e243bfea49e70c5af60aa8b1ad2b91055babff678fd06fc4a76eb8943a673c032db1ed15f811b24b16a39d7562768137e6763602d429ac7a4357ff03570877ee473c0c450172cf378532c4aa64f88a20a812cb9545001247064951d52f7ea77d5a76486789136f4b3d584a49b430638c7f73a569df6a16e27aa2e58451873052be3016f389d7da4304cbfa546e82c48d1e2d5c37aef2d207b99ce831de8dadb5e03c8ec8c5fc14e1c1056f493b9c22d2531e8e1e801505d8430ec6c656a326156895ee987d48ce696ac8651b4860d0ec8559c63a3a88793930747baff2fce0fb258025a3b09035aebbb40ede7c1e802fec711b06397edddc62f3c7f992693fec044dc6e8af95a8bb34368a8a7a2feef21a739edd0458dcbf1808e45868768017bbc3fda31f3d55e94e4f8c68772e19038c3d8aff5de988bf8d5bc5d92b24df95fd344d0f901e983b4dcf1a3fbc1f5e5125774db410df62b436da8f6d5ccdd6d2f0470ff55b7bfd71ea7fe179e4033674b2049822d59650602ddd13f53afffe9c3faae3d5a6deb53d50183bdaa7128fd6d1d1bd7dea347a3f2d664bd0a6be98f7a516b99abdcd69459bebcde08d8dcc6fdd80529f55870c50a8acdf8c051d9fc48172dda7a48b5ae28908feb0ccf9900cc30538e186eedc9244f3db96b246cbb6957aeb3efae81596533aba34f381cc49720fe3a5267d0529225e49b600211aed1a4331ae6ddf1f97af29643322b8adffa10a9397015d4078cd271ebc744788c7aa19b59e44f742e987211bfea155bd72c9f2dabaa6067d10da94d0109fd96d591fbb83f11417cf0467a20a8c290b21c489d24502af0ed6932feb44bb80e1c24194e461979c1d3959bfdf8c3d99edd2327eefae9fc5ca3fa4e0a2141be1210764259f19913388e26603cb53766bbb37e51276adb8ff5258f995501b92e21e01d613dd16beefba6c0071f211afc830de400970acff9bd015708fecc1fc5f340a27e526e7dbb3c4d24aa8f3f693bc69aa1f3826dcbc12ba6dd5846e8c4f37fd4c4e3dd9f9c2b86032e15e3f48491976d3e9e3f2b29a31ccf0ce323c6c99c1a136ac8601d8a8a13a5fc62f92a7845222f36e0ba861b1c472b863a675efbad648cd159490a211e0d0c6ab403342661c45340d217053ef26be30735d02d10dfb8151e2f3ef958b4adcb438c5e9734d2e1f0959ca3ac2bc6ff1f432f82f9b9df568f8251150bbf49757c90bcaba76bfea6fd3ddb433c166ef78dd5162a337f4b319058ef67b92cddc1bb48ef36c0b8b4afa2494a1b09f777bbc486fc2c8a47e9a4b51351a60853dd6978ea6c8b08fd8b14170264d6092279e526ea2db005f6d7d9e03cf881966077a9841ffef7065a60096a9bc2b7e48bd7203250027bce83093bb06e9ca1cfc829bc7f8beeebf493462c7d41d1ffa57e3f6339f5f48a90fee07b16e79009d8d70689a128bbaff1cfa268d10142cd9a02d2fae8b08730e1eada2f2e775e0e950053d1f54416ba526bbb46755911bcc7229ffbd620b9e1ccaf5ace8fbca880daf4ed83b5583ad1836c58ec7cbc3f2d794bb094f06d7960e9f736e480c249cfbe8309c8f89a35b5c63bd55a2689a30a5e8bd51d8d09732e976ea0672377df66ad1065d316265737da2d84a718ccf80d13539d4592c8e23c47caa65b753445024a1b38e4bc1af11cc55ce8abb0fdb085f63344cad2bbd910d6b10ba7482050baff72e45d7ac2d81673ef95b4fd181be36b82cd2ba3d22a2038c46c707facf5c45107c46556a28cb7b3254ebcaa1196077d4fbd5f3c18d0e09522c52639ee7fb36b9469d623411525959d81fe6f178eaac9c28407e0aa1777cfc7c2f31b4f63a14b554f102f833fb69a2db164c12209bbda662c0abf4d9b0f8f55eb900b5926b148f2b89329ec04be765e36c80d2dfbd3ba7e01ac90a87c01ab1f766c57451c4ca8036f6691635693e93f29661b618ccfdadada254f230194a163a0623b8fc2bd2b7c98d188310ca754f93303b8058ee4a59f8c48ea4bf67448b9d5a9b5380be155c80168992f2779611abca6f111e7e13e111a5827eb9dfad6a4a3783e1212bc353fb8b16b8f57807cc557f8e523638cc16e7a722290ed1b95cf11260dec7fc510495488749318eae8fd641ec9b9c7ffcbc8c38", 0x1000}, {&(0x7f0000003e00)="f170facd9f3dffbb79e5b5ab9263998a3d9ee2046dc389ec478d5d57990c040f12b2c7d67722b57a9151b417", 0x2c}], 0x2, 0x0, 0x0, 0x8000}}, {{0x0, 0x0, &(0x7f00000041c0)=[{&(0x7f0000003e80)="83d22758160220f0e49935961d36dc3c9840412ab969e299f92c57258d1ed58dc2f7855f2992e66a5bd56c94dbfad27d4aab107b2d54c587dc15d88577daa02b65f7b0e48171894488eb36e57dd797021d03eaccf6965ed53f06cba15bb5d3c99dfbb686ef24222c946afc7b2c0609659e98323419", 0x75}, {&(0x7f0000003f00)="9e091a65255f455753d166d01c602900170a7ff3d793ad1a67437da02e26d915426ac0eda01e11c71480a5d35badeadfeff2d3c8b70c48a10ad3741909889c8b7392a7629f2f5e98328bd8ef75156cf50b59f58e9430ecc021af4ad7f93ed6f9463f8488af18071bdd190158bd212a97a8af9d79efc8949c3fbca32f4539867750ab222648a374b04a7d86d1fea320fe9e23ea030da84b2586ff187dc23fce9b223985003736965311931535ec4778eceb257fbac375190b470995e7933ae440c333f5538653e57e1a73eb8e86cfcc4184594409396e15b5", 0xd8}, {&(0x7f0000004000)="b2ddb56df2e7630282f79e7354a980c496c0d04657ca9dc0cb56ee20e858c885e924b06f099277d77d4d0cc3440d7fb3fb3fa1d26d899570dfd977240fd789c7cfe752ca67940aa0e1aaef60abc714e5d2935e40242c7c71e4a59c49e47edd0dbe576c785f2e82220f490ffa93fa029803bec9efe11710ec43b61fed74f5b3a16181678d0306b623659fb3afffa23255cd56b31d83639077086ad043cb6fd8a51811b3993264fe2f2bcb260161b32764c658530a40d441bd830410a0c6b5dfc60d1b3032ce8e7565d69fa92747e11337a742ee303e95f0d9c2fff3b07b08bd2679cf768417cfef9343", 0xe9}, {&(0x7f0000004100)="a6699fa2a1eca34c96079aab170800e5363231356d0c81e1a964806b1df819e49888071200b5fda5528c1cfa1fb9d3da0b94ebab7e00a369408321c34de92c7ce2e0de28ae7b0b1bcbdfff0cb27720890eef1dfae0500429af82611ae7b97aa28a07886e484170965353caf01eb841f27dafb2e1dc69f134802bf71dcd997966e7e03463fde379990dca2bfe4f155274992b2d37b11511a18dea317612a3fc7641455b83bec2ab68a50d86aafaf84dcd17421fd284f42fc960ee237e", 0xbc}], 0x4, &(0x7f0000004280)=[@cred={{0x1c, 0x1, 0x2, {r2, r4, 0xee01}}}, @rights={{0x14, 0x1, 0x1, [r0]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0x0, r6}}}, @rights={{0x14, 0x1, 0x1, [r7]}}, @cred={{0x1c, 0x1, 0x2, {r8, r10}}}, @rights={{0x14, 0x1, 0x1, [r11]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xffffffffffffffff}}}, @rights={{0x14, 0x1, 0x1, [r1]}}, @rights={{0x1c, 0x1, 0x1, [r1, r0, r12]}}], 0x100, 0xc1}}, {{&(0x7f0000004380)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000047c0)=[{&(0x7f0000004400)="65cc71b1094ba5f33c0f3de31ae34f269a19b7f1184d7d352cd9524af19a47d3964d73b1d7e64499eb5b0cb8386d22b950b548140b2b04389fa6fafaed71bdb383672591a8b8513471f8a3c973400883c88284186f413b5d7d03464816227fda8c1758464699e62c54c9ea79afcf460069ddf110199a5bb2c3eeeb52ab5d716f72502c883afcb9180fcfb0c5b37c050985b3834816d7e12d6480d7d77c62f64128d69fb0ef44db9ed5c3de0bed8989e3b0665f6a2270f58e5e08f7ef52a25b95c1158db422", 0xc5}, {&(0x7f0000004500)="8ddfaa3038a9ecf8d65c3717ea007f906b8106d3331ae0158521d862557db228", 0x20}, {&(0x7f0000004540)="d06345715927494c", 0x8}, {&(0x7f0000004580)="1da1072d5fef14538ad316730f42dfb2e21990e351e8230dc4e2a44b841aca267ce5eda40e1dc704ce33c2cdd996b13b60b837d3b9b66d183910d7e160f7a302c165967a1030fba1e4476d7e2a23feb86d6860545667ae682537732a7dd2097a8b5d6c9fe3f2b1a6786738ed6ae64f18d7c9b0b00d1fb64f9dec3fdbe9bd5b35ff249b4ed2d0eb92d115632edbe740fbb0de7ae26ecef1b3f449968d02f1eafce20b6c0d0fde0f67cbf67627582e0999bdd24f363708e5", 0xb7}, {&(0x7f0000004640)="2e2ed5b65232cac3b573836e7f7a04602430a27546e85ec927a629b02bcc668012785c2908f980abcf75fbe696016e97ca067ef2782614a92f5ae434058757fd07fa18640d9bce604ac80d0d96dffd4b9f0b1dcf0f386c2589b2d0cc0fd2a25c", 0x60}, {&(0x7f00000046c0)="aa89942f4d8cdd2c7c9cb3d864bf51dcca8a980e82abde0af3aaa143ffa2a3935ea9a0bce4bcd5bc9ae2e83b98abe1da97bf634a6b39bd264e078fd76d4979eda097136540197f0b63d2182d8b03e4db871eaf6ec86caa83fdd600cd1380f0de8233cd4e03a302fbffbafe23343ab28cc0a3a0ceea7fa8070b", 0x79}, {&(0x7f0000004740)="22caab43e7124434508474dd5b3fae6678b0bb1eabaa3b31530410d6831f17eb9479fa40c77045f73bd5967e4e2a65fa2a7887751c50395f1e8da0ec333dc67b6e3e1540bb0fa19b22b712f9", 0x4c}], 0x7, &(0x7f0000004940)=[@rights={{0x24, 0x1, 0x1, [r13, r14, r15, r16, r17]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r18]}}], 0x40, 0xc001}}], 0x5, 0x8811) [ 3086.941901][T30269] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 [ 3086.941912][T30269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3086.941922][T30269] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3086.941939][T30269] [ 3086.973466][T30274] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3086.995508][T30272] FAT-fs (loop0): Directory bread(block 69) failed [ 3087.035088][T30272] FAT-fs (loop0): Directory bread(block 70) failed [ 3087.069409][T30274] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3087.076129][T30276] FAT-fs (loop4): Directory bread(block 66) failed [ 3087.083981][T30274] CPU: 1 PID: 30274 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3087.085796][T30276] FAT-fs (loop4): Directory bread(block 67) failed [ 3087.090326][T30274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3087.090338][T30274] Call Trace: [ 3087.090347][T30274] 20:14:34 executing program 0: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") statfs(&(0x7f0000000040)='./file0\x00', 0x0) [ 3087.090354][T30274] dump_stack_lvl+0x125/0x1b0 [ 3087.090384][T30274] sysfs_warn_dup+0x7f/0xa0 [ 3087.090406][T30274] sysfs_do_create_link_sd+0x11e/0x140 [ 3087.090428][T30274] sysfs_create_link+0x61/0xc0 [ 3087.090449][T30274] device_add+0x669/0x1ac0 [ 3087.090479][T30274] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3087.090506][T30274] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3087.090535][T30274] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3087.090560][T30274] wiphy_register+0x2095/0x2ce0 [ 3087.090582][T30274] ? wiphy_unregister+0xb70/0xb70 [ 3087.090602][T30274] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3087.090623][T30274] ieee80211_register_hw+0x24d1/0x4250 [ 3087.090651][T30274] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3087.090677][T30274] ? rcu_is_watching+0x12/0xb0 [ 3087.090694][T30274] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3087.090715][T30274] ? __hrtimer_init+0x103/0x2c0 [ 3087.090738][T30274] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3087.090766][T30274] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3087.090785][T30274] ? rcu_is_watching+0x12/0xb0 [ 3087.096065][T30276] FAT-fs (loop4): Directory bread(block 68) failed [ 3087.100632][T30274] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3087.100661][T30274] hwsim_new_radio_nl+0xaf8/0x1240 [ 3087.100683][T30274] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3087.100707][T30274] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3087.100737][T30274] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3087.100770][T30274] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3087.100805][T30274] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3087.107528][T30276] FAT-fs (loop4): Directory bread(block 69) failed [ 3087.111247][T30274] ? ns_capable+0xd5/0x110 [ 3087.111278][T30274] genl_rcv_msg+0x55c/0x800 [ 3087.116214][T30272] FAT-fs (loop0): Directory bread(block 71) failed [ 3087.121226][T30274] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3087.121261][T30274] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3087.121287][T30274] netlink_rcv_skb+0x16b/0x440 [ 3087.121312][T30274] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3087.121339][T30274] ? netlink_ack+0x1370/0x1370 [ 3087.121361][T30274] ? rcu_is_watching+0x12/0xb0 [ 3087.127899][T30276] FAT-fs (loop4): Directory bread(block 70) failed [ 3087.132238][T30274] ? down_write+0x200/0x200 [ 3087.132262][T30274] ? netlink_deliver_tap+0x1b1/0xd10 [ 3087.138525][T30276] FAT-fs (loop4): Directory bread(block 71) failed [ 3087.142284][T30274] genl_rcv+0x28/0x40 [ 3087.142315][T30274] netlink_unicast+0x536/0x810 [ 3087.147545][T30272] FAT-fs (loop0): Directory bread(block 72) failed [ 3087.152506][T30274] ? netlink_attachskb+0x870/0x870 [ 3087.152537][T30274] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3087.157765][T30276] FAT-fs (loop4): Directory bread(block 72) failed [ 3087.161865][T30274] ? __phys_addr_symbol+0x30/0x70 [ 3087.161891][T30274] ? __check_object_size+0x323/0x730 [ 3087.161916][T30274] netlink_sendmsg+0x93c/0xe40 [ 3087.161945][T30274] ? netlink_unicast+0x810/0x810 [ 3087.161974][T30274] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3087.162001][T30274] ? netlink_unicast+0x810/0x810 [ 3087.162028][T30274] sock_sendmsg+0xd9/0x180 [ 3087.162054][T30274] ____sys_sendmsg+0x6ac/0x940 [ 3087.162074][T30274] ? copy_msghdr_from_user+0x10b/0x160 [ 3087.162102][T30274] ? kernel_sendmsg+0x50/0x50 [ 3087.162125][T30274] ? plist_check_list+0x1ae/0x280 [ 3087.162154][T30274] ? schedule+0xf1/0x1b0 [ 3087.162176][T30274] ___sys_sendmsg+0x135/0x1d0 [ 3087.162204][T30274] ? do_recvmmsg+0x740/0x740 [ 3087.162231][T30274] ? rcu_is_watching+0x12/0xb0 [ 3087.162256][T30274] ? rcu_is_watching+0x12/0xb0 [ 3087.162281][T30274] ? __fget_light+0xe6/0x260 [ 3087.162303][T30274] __sys_sendmsg+0x117/0x1e0 [ 3087.162332][T30274] ? __sys_sendmsg_sock+0x30/0x30 [ 3087.162359][T30274] ? xfd_validate_state+0x5d/0x180 [ 3087.162396][T30274] ? rcu_is_watching+0x12/0xb0 [ 3087.162414][T30274] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3087.162441][T30274] do_syscall_64+0x38/0xb0 [ 3087.162468][T30274] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3087.162508][T30274] RIP: 0033:0x7fc65907cae9 [ 3087.162524][T30274] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3087.162543][T30274] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3087.162564][T30274] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3087.162578][T30274] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3087.162591][T30274] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3087.162604][T30274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3087.162617][T30274] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3087.162636][T30274] [ 3087.196298][T30272] FAT-fs (loop0): Directory bread(block 73) failed [ 3087.203790][T30276] FAT-fs (loop4): Directory bread(block 73) failed [ 3087.208393][T30282] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3087.276876][ T2161] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 3087.556820][ T2161] usb 3-1: Using ep0 maxpacket: 16 [ 3087.567920][T30282] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3087.708292][ T2161] usb 3-1: config index 0 descriptor too short (expected 16456, got 72) [ 3087.733116][T30293] syz-executor.4[30293]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3087.748313][ T2161] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 3087.755623][T30293] loop4: detected capacity change from 0 to 256 [ 3087.767256][T30282] CPU: 0 PID: 30282 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3087.767289][T30282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3087.767303][T30282] Call Trace: [ 3087.767312][T30282] [ 3087.767321][T30282] dump_stack_lvl+0x125/0x1b0 [ 3087.767363][T30282] sysfs_warn_dup+0x7f/0xa0 [ 3087.767400][T30282] sysfs_do_create_link_sd+0x11e/0x140 [ 3087.984832][T30282] sysfs_create_link+0x61/0xc0 [ 3087.989600][T30282] device_add+0x669/0x1ac0 [ 3087.994017][T30282] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3088.000884][T30282] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3088.006769][T30282] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3088.012740][T30282] wiphy_register+0x2095/0x2ce0 [ 3088.017582][T30282] ? wiphy_unregister+0xb70/0xb70 [ 3088.022595][T30282] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3088.028649][T30282] ieee80211_register_hw+0x24d1/0x4250 [ 3088.034105][T30282] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3088.039648][T30282] ? rcu_is_watching+0x12/0xb0 [ 3088.044399][T30282] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3088.050394][T30282] ? __hrtimer_init+0x103/0x2c0 [ 3088.055257][T30282] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3088.060985][T30282] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3088.066706][T30282] ? rcu_is_watching+0x12/0xb0 [ 3088.071466][T30282] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3088.077356][T30282] hwsim_new_radio_nl+0xaf8/0x1240 [ 3088.082465][T30282] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3088.088379][T30282] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3088.095784][T30282] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3088.103160][T30282] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3088.108712][T30282] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3088.116091][T30282] ? ns_capable+0xd5/0x110 [ 3088.120502][T30282] genl_rcv_msg+0x55c/0x800 [ 3088.125005][T30282] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3088.130894][T30282] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3088.136784][T30282] netlink_rcv_skb+0x16b/0x440 [ 3088.141557][T30282] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3088.147451][T30282] ? netlink_ack+0x1370/0x1370 [ 3088.152207][T30282] ? rcu_is_watching+0x12/0xb0 [ 3088.156963][T30282] ? down_write+0x200/0x200 [ 3088.161455][T30282] ? netlink_deliver_tap+0x1b1/0xd10 [ 3088.166742][T30282] genl_rcv+0x28/0x40 [ 3088.170731][T30282] netlink_unicast+0x536/0x810 [ 3088.175492][T30282] ? netlink_attachskb+0x870/0x870 [ 3088.180601][T30282] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3088.186495][T30282] ? __phys_addr_symbol+0x30/0x70 [ 3088.191510][T30282] ? __check_object_size+0x323/0x730 [ 3088.196792][T30282] netlink_sendmsg+0x93c/0xe40 [ 3088.201556][T30282] ? netlink_unicast+0x810/0x810 [ 3088.206487][T30282] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3088.211769][T30282] ? netlink_unicast+0x810/0x810 [ 3088.216705][T30282] sock_sendmsg+0xd9/0x180 [ 3088.221120][T30282] ____sys_sendmsg+0x6ac/0x940 [ 3088.225879][T30282] ? copy_msghdr_from_user+0x10b/0x160 [ 3088.231330][T30282] ? kernel_sendmsg+0x50/0x50 [ 3088.236000][T30282] ? plist_check_list+0x1ae/0x280 [ 3088.241019][T30282] ? schedule+0xf1/0x1b0 [ 3088.245253][T30282] ___sys_sendmsg+0x135/0x1d0 [ 3088.249929][T30282] ? do_recvmmsg+0x740/0x740 [ 3088.254513][T30282] ? rcu_is_watching+0x12/0xb0 [ 3088.259272][T30282] ? rcu_is_watching+0x12/0xb0 [ 3088.264028][T30282] ? __fget_light+0xe6/0x260 [ 3088.268611][T30282] __sys_sendmsg+0x117/0x1e0 [ 3088.273285][T30282] ? __sys_sendmsg_sock+0x30/0x30 [ 3088.278303][T30282] ? xfd_validate_state+0x5d/0x180 [ 3088.283414][T30282] ? rcu_is_watching+0x12/0xb0 [ 3088.288191][T30282] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3088.294174][T30282] do_syscall_64+0x38/0xb0 [ 3088.298600][T30282] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3088.304495][T30282] RIP: 0033:0x7fc66767cae9 [ 3088.308895][T30282] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3088.328493][T30282] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3088.336893][T30282] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3088.344849][T30282] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3088.352894][T30282] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 [ 3088.360853][T30282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3088.368816][T30282] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3088.376785][T30282] [ 3088.395004][ T2161] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 3088.405154][ T2161] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 3088.414293][ T2161] usb 3-1: config 0 has no interface number 0 [ 3088.420425][ T2161] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 3088.431568][ T2161] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 3088.441458][ T2161] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 20:14:35 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) (async) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CCA_MODE(r5, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x4c, 0x0, 0x100, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_CCA_OPT={0x8}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x1}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x1}, @NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x4}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x20008050) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) 20:14:35 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000008268f00000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3088.452195][T30290] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3088.463746][T30290] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3088.472205][T30290] CPU: 0 PID: 30290 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3088.482275][T30290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3088.492340][T30290] Call Trace: [ 3088.495612][T30290] [ 3088.498629][T30290] dump_stack_lvl+0x125/0x1b0 [ 3088.500347][T30293] FAT-fs (loop4): Directory bread(block 64) failed [ 3088.503304][T30290] sysfs_warn_dup+0x7f/0xa0 [ 3088.503333][T30290] sysfs_do_create_link_sd+0x11e/0x140 [ 3088.512178][T30293] FAT-fs (loop4): Directory bread(block 65) failed [ 3088.514296][T30290] sysfs_create_link+0x61/0xc0 [ 3088.521149][T30293] FAT-fs (loop4): Directory bread(block 66) failed [ 3088.526227][T30290] device_add+0x669/0x1ac0 [ 3088.526266][T30290] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3088.548719][T30290] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3088.554615][T30290] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3088.560593][T30290] wiphy_register+0x2095/0x2ce0 [ 3088.565440][T30290] ? wiphy_unregister+0xb70/0xb70 [ 3088.570458][T30290] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3088.576517][T30290] ieee80211_register_hw+0x24d1/0x4250 [ 3088.581979][T30290] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3088.587522][T30290] ? rcu_is_watching+0x12/0xb0 [ 3088.592295][T30290] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3088.598268][T30290] ? __hrtimer_init+0x103/0x2c0 [ 3088.603111][T30290] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3088.608829][T30290] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3088.614547][T30290] ? rcu_is_watching+0x12/0xb0 [ 3088.619339][T30290] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3088.625241][T30290] hwsim_new_radio_nl+0xaf8/0x1240 [ 3088.630348][T30290] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3088.636324][T30290] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3088.643692][T30290] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3088.651239][T30290] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3088.656786][T30290] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3088.664157][T30290] ? ns_capable+0xd5/0x110 [ 3088.668567][T30290] genl_rcv_msg+0x55c/0x800 [ 3088.673068][T30290] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3088.679052][T30290] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3088.684943][T30290] netlink_rcv_skb+0x16b/0x440 [ 3088.689876][T30290] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3088.695868][T30290] ? netlink_ack+0x1370/0x1370 [ 3088.700648][T30290] ? rcu_is_watching+0x12/0xb0 [ 3088.705408][T30290] ? down_write+0x200/0x200 [ 3088.709898][T30290] ? netlink_deliver_tap+0x1b1/0xd10 [ 3088.715177][T30290] genl_rcv+0x28/0x40 [ 3088.719152][T30290] netlink_unicast+0x536/0x810 [ 3088.724169][T30290] ? netlink_attachskb+0x870/0x870 [ 3088.729272][T30290] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3088.735334][T30290] ? __phys_addr_symbol+0x30/0x70 [ 3088.740350][T30290] ? __check_object_size+0x323/0x730 [ 3088.745654][T30290] netlink_sendmsg+0x93c/0xe40 [ 3088.750415][T30290] ? netlink_unicast+0x810/0x810 [ 3088.755347][T30290] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3088.760627][T30290] ? netlink_unicast+0x810/0x810 [ 3088.765556][T30290] sock_sendmsg+0xd9/0x180 [ 3088.769985][T30290] ____sys_sendmsg+0x6ac/0x940 [ 3088.774737][T30290] ? copy_msghdr_from_user+0x10b/0x160 [ 3088.780190][T30290] ? kernel_sendmsg+0x50/0x50 [ 3088.784858][T30290] ? plist_check_list+0x1ae/0x280 [ 3088.789871][T30290] ? schedule+0xf1/0x1b0 [ 3088.794099][T30290] ___sys_sendmsg+0x135/0x1d0 [ 3088.798769][T30290] ? do_recvmmsg+0x740/0x740 [ 3088.803349][T30290] ? rcu_is_watching+0x12/0xb0 [ 3088.808108][T30290] ? rcu_is_watching+0x12/0xb0 [ 3088.812860][T30290] ? __fget_light+0xe6/0x260 [ 3088.817527][T30290] __sys_sendmsg+0x117/0x1e0 [ 3088.822110][T30290] ? __sys_sendmsg_sock+0x30/0x30 [ 3088.827126][T30290] ? xfd_validate_state+0x5d/0x180 [ 3088.832258][T30290] ? rcu_is_watching+0x12/0xb0 [ 3088.837098][T30290] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3088.843066][T30290] do_syscall_64+0x38/0xb0 [ 3088.847474][T30290] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3088.853450][T30290] RIP: 0033:0x7fc65907cae9 [ 3088.857847][T30290] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3088.877439][T30290] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3088.885834][T30290] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3088.893809][T30290] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3088.901784][T30290] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3088.909755][T30290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3088.917718][T30290] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3088.925681][T30290] [ 3088.938086][T30293] FAT-fs (loop4): Directory bread(block 67) failed [ 3088.944815][T30293] FAT-fs (loop4): Directory bread(block 68) failed [ 3088.951501][T30293] FAT-fs (loop4): Directory bread(block 69) failed [ 3088.958241][T30293] FAT-fs (loop4): Directory bread(block 70) failed [ 3088.964817][T30293] FAT-fs (loop4): Directory bread(block 71) failed [ 3088.971482][T30293] FAT-fs (loop4): Directory bread(block 72) failed [ 3088.978070][T30293] FAT-fs (loop4): Directory bread(block 73) failed 20:14:36 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001280)={0x0, 0x27}, 0x1, 0x0, 0xf0}, 0x0) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x40, 0x0, 0x4, 0x70bd2c, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x40}, 0x1, 0x0, 0x0, 0xe65f2f99adb14361}, 0x84) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r2) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000280), r1) r8 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r8, 0x0, &(0x7f00000000c0)=0x0) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r10) sendmsg$NFC_CMD_DEV_UP(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x1c, r11, 0x1, 0x0, 0x0, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}]}, 0x1c}}, 0x0) sendmsg$NFC_CMD_VENDOR(r6, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000380)={0x10c, r7, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@NFC_ATTR_VENDOR_DATA={0xe6, 0x1f, "15eced76d858056cc523b41ce911a27faf4d0bd38388ded99f113b6244429f2342f422def563864dc0b946eccc6d99266521c7716a90a0fbca693c2fcea88b4bc37e74c3c1e08a5866a042d2062875335deec988ce255ca012fbb8ce2547ee1abe095a3eb371c5daeb0649d34fefdadafba1970816f32e647716e9141494d8f96bdb11975c6b47a032a5f17d7c1c8d7d08e8f162fa54e250146397a4c5d24617c9f77126e848d20c8bfeded46a04abf22d53fd355dfb260d50f2c991ad628cc00e3e7a8f3093f0eb87608c2b9db50402d88f5b84fdadb95dc6af3a2af5a79ba0f752"}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}, @NFC_ATTR_VENDOR_ID={0x8, 0x1d, 0x1}]}, 0x10c}, 0x1, 0x0, 0x0, 0x4000004}, 0x800) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, r3, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}]}, 0x1c}, 0x4, 0x700000000000000}, 0x0) 20:14:36 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="140100002900010000000000003f000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3089.006686][T30303] syz-executor.0[30303]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3089.027793][T30303] loop0: detected capacity change from 0 to 256 [ 3089.029034][T30296] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3089.064926][T30296] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3089.077759][ T2161] usb 3-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 3089.086640][T30296] CPU: 1 PID: 30296 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3089.086840][ T2161] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3089.096822][T30296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3089.096833][T30296] Call Trace: [ 3089.096841][T30296] [ 3089.096847][T30296] dump_stack_lvl+0x125/0x1b0 [ 3089.096883][T30296] sysfs_warn_dup+0x7f/0xa0 [ 3089.121547][ T2161] usb 3-1: Product: syz [ 3089.125696][T30296] sysfs_do_create_link_sd+0x11e/0x140 [ 3089.130502][ T2161] usb 3-1: Manufacturer: syz [ 3089.134312][T30296] sysfs_create_link+0x61/0xc0 [ 3089.134347][T30296] device_add+0x669/0x1ac0 [ 3089.140246][ T2161] usb 3-1: SerialNumber: syz [ 3089.144340][T30296] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3089.164957][T30296] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3089.169617][T30303] FAT-fs (loop0): Directory bread(block 64) failed [ 3089.170851][T30296] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3089.170881][T30296] wiphy_register+0x2095/0x2ce0 [ 3089.188296][T30296] ? wiphy_unregister+0xb70/0xb70 [ 3089.193314][T30296] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3089.199367][T30296] ieee80211_register_hw+0x24d1/0x4250 [ 3089.204823][T30296] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3089.210364][T30296] ? rcu_is_watching+0x12/0xb0 [ 3089.215120][T30296] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3089.221093][T30296] ? __hrtimer_init+0x103/0x2c0 [ 3089.225934][T30296] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3089.231651][T30296] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3089.237361][T30296] ? rcu_is_watching+0x12/0xb0 [ 3089.242111][T30296] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3089.248009][T30296] hwsim_new_radio_nl+0xaf8/0x1240 [ 3089.253112][T30296] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3089.258994][T30296] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3089.266370][T30296] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3089.273740][T30296] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3089.279283][T30296] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3089.286649][T30296] ? ns_capable+0xd5/0x110 [ 3089.291058][T30296] genl_rcv_msg+0x55c/0x800 [ 3089.295558][T30296] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3089.301446][T30296] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3089.307333][T30296] netlink_rcv_skb+0x16b/0x440 [ 3089.312091][T30296] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3089.317979][T30296] ? netlink_ack+0x1370/0x1370 [ 3089.322730][T30296] ? rcu_is_watching+0x12/0xb0 [ 3089.327483][T30296] ? down_write+0x200/0x200 [ 3089.331973][T30296] ? netlink_deliver_tap+0x1b1/0xd10 [ 3089.337246][T30296] genl_rcv+0x28/0x40 [ 3089.341217][T30296] netlink_unicast+0x536/0x810 [ 3089.345967][T30296] ? netlink_attachskb+0x870/0x870 [ 3089.351066][T30296] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3089.356953][T30296] ? __phys_addr_symbol+0x30/0x70 [ 3089.361963][T30296] ? __check_object_size+0x323/0x730 [ 3089.367240][T30296] netlink_sendmsg+0x93c/0xe40 [ 3089.371995][T30296] ? netlink_unicast+0x810/0x810 [ 3089.377009][T30296] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3089.382378][T30296] ? netlink_unicast+0x810/0x810 [ 3089.387306][T30296] sock_sendmsg+0xd9/0x180 [ 3089.391712][T30296] ____sys_sendmsg+0x6ac/0x940 [ 3089.396465][T30296] ? copy_msghdr_from_user+0x10b/0x160 [ 3089.401911][T30296] ? kernel_sendmsg+0x50/0x50 [ 3089.406577][T30296] ? plist_check_list+0x1ae/0x280 [ 3089.411611][T30296] ? schedule+0xf1/0x1b0 [ 3089.415842][T30296] ___sys_sendmsg+0x135/0x1d0 [ 3089.420514][T30296] ? do_recvmmsg+0x740/0x740 [ 3089.425098][T30296] ? rcu_is_watching+0x12/0xb0 [ 3089.429850][T30296] ? rcu_is_watching+0x12/0xb0 [ 3089.434597][T30296] ? __fget_light+0xe6/0x260 [ 3089.439174][T30296] __sys_sendmsg+0x117/0x1e0 [ 3089.443752][T30296] ? __sys_sendmsg_sock+0x30/0x30 [ 3089.448765][T30296] ? xfd_validate_state+0x5d/0x180 [ 3089.453868][T30296] ? rcu_is_watching+0x12/0xb0 [ 3089.458616][T30296] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3089.464585][T30296] do_syscall_64+0x38/0xb0 [ 3089.469017][T30296] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3089.474908][T30296] RIP: 0033:0x7fc66767cae9 [ 3089.479305][T30296] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3089.498895][T30296] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3089.507293][T30296] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3089.515250][T30296] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3089.523206][T30296] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 [ 3089.531159][T30296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3089.539114][T30296] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3089.547079][T30296] [ 3089.559911][ T2161] usb 3-1: config 0 descriptor?? [ 3089.560129][T30303] FAT-fs (loop0): Directory bread(block 65) failed [ 3089.579382][T30303] FAT-fs (loop0): Directory bread(block 66) failed [ 3089.585944][T30303] FAT-fs (loop0): Directory bread(block 67) failed [ 3089.592585][T30303] FAT-fs (loop0): Directory bread(block 68) failed [ 3089.606605][T30303] FAT-fs (loop0): Directory bread(block 69) failed 20:14:36 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000048000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3089.613313][T30303] FAT-fs (loop0): Directory bread(block 70) failed [ 3089.621417][T30303] FAT-fs (loop0): Directory bread(block 71) failed [ 3089.639082][T30303] FAT-fs (loop0): Directory bread(block 72) failed [ 3089.646263][T30303] FAT-fs (loop0): Directory bread(block 73) failed [ 3089.653864][T30313] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. 20:14:37 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000, 0x0, 0x700}, 0x0) [ 3089.668843][T30313] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3089.699618][T30313] CPU: 0 PID: 30313 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3089.709710][T30313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3089.719763][T30313] Call Trace: [ 3089.723036][T30313] [ 3089.725964][T30313] dump_stack_lvl+0x125/0x1b0 [ 3089.730664][T30313] sysfs_warn_dup+0x7f/0xa0 [ 3089.735186][T30313] sysfs_do_create_link_sd+0x11e/0x140 [ 3089.740659][T30313] sysfs_create_link+0x61/0xc0 [ 3089.745428][T30313] device_add+0x669/0x1ac0 [ 3089.749883][T30313] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3089.756747][T30313] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3089.762651][T30313] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3089.768652][T30313] wiphy_register+0x2095/0x2ce0 [ 3089.773516][T30313] ? wiphy_unregister+0xb70/0xb70 [ 3089.778565][T30313] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3089.784647][T30313] ieee80211_register_hw+0x24d1/0x4250 [ 3089.790102][T30313] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3089.795640][T30313] ? rcu_is_watching+0x12/0xb0 [ 3089.800396][T30313] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3089.806384][T30313] ? __hrtimer_init+0x103/0x2c0 [ 3089.811238][T30313] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3089.816983][T30313] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3089.822707][T30313] ? rcu_is_watching+0x12/0xb0 [ 3089.824494][T29067] usb 3-1: USB disconnect, device number 35 [ 3089.827457][T30313] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3089.827484][T30313] hwsim_new_radio_nl+0xaf8/0x1240 [ 3089.844457][T30313] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3089.850386][T30313] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3089.857773][T30313] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 20:14:37 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000060f94d100d05020027230102030109024840020000000009047d00031d5abf0009050400005539000009050b00000000000009050200000005000009047d01013481af0009a00e"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 20:14:37 executing program 3: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100008e26080000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:37 executing program 0: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") statfs(&(0x7f0000000040)='./file0\x00', 0x0) [ 3089.865166][T30313] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3089.870725][T30313] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3089.878123][T30313] ? ns_capable+0xd5/0x110 [ 3089.882565][T30313] genl_rcv_msg+0x55c/0x800 [ 3089.887100][T30313] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3089.893113][T30313] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3089.899045][T30313] netlink_rcv_skb+0x16b/0x440 [ 3089.903822][T30313] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3089.909729][T30313] ? netlink_ack+0x1370/0x1370 [ 3089.914477][T30313] ? rcu_is_watching+0x12/0xb0 [ 3089.919229][T30313] ? down_write+0x200/0x200 [ 3089.923729][T30313] ? netlink_deliver_tap+0x1b1/0xd10 [ 3089.929205][T30313] genl_rcv+0x28/0x40 [ 3089.933204][T30313] netlink_unicast+0x536/0x810 [ 3089.937955][T30313] ? netlink_attachskb+0x870/0x870 [ 3089.943056][T30313] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3089.948945][T30313] ? __phys_addr_symbol+0x30/0x70 [ 3089.954010][T30313] ? __check_object_size+0x323/0x730 [ 3089.959307][T30313] netlink_sendmsg+0x93c/0xe40 [ 3089.964073][T30313] ? netlink_unicast+0x810/0x810 [ 3089.969031][T30313] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3089.974341][T30313] ? netlink_unicast+0x810/0x810 [ 3089.979264][T30313] sock_sendmsg+0xd9/0x180 [ 3089.983672][T30313] ____sys_sendmsg+0x6ac/0x940 [ 3089.988425][T30313] ? copy_msghdr_from_user+0x10b/0x160 [ 3089.993881][T30313] ? kernel_sendmsg+0x50/0x50 [ 3089.998572][T30313] ? plist_check_list+0x1ae/0x280 [ 3090.003596][T30313] ? schedule+0xf1/0x1b0 [ 3090.007821][T30313] ___sys_sendmsg+0x135/0x1d0 [ 3090.012484][T30313] ? do_recvmmsg+0x740/0x740 [ 3090.017102][T30313] ? rcu_is_watching+0x12/0xb0 [ 3090.021888][T30313] ? rcu_is_watching+0x12/0xb0 [ 3090.026661][T30313] ? __fget_light+0xe6/0x260 [ 3090.031276][T30313] __sys_sendmsg+0x117/0x1e0 [ 3090.035973][T30313] ? __sys_sendmsg_sock+0x30/0x30 [ 3090.041070][T30313] ? xfd_validate_state+0x5d/0x180 [ 3090.046198][T30313] ? rcu_is_watching+0x12/0xb0 [ 3090.050967][T30313] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3090.056947][T30313] do_syscall_64+0x38/0xb0 [ 3090.061391][T30313] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3090.067298][T30313] RIP: 0033:0x7fc65907cae9 [ 3090.071697][T30313] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3090.091297][T30313] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3090.099746][T30313] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3090.107717][T30313] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3090.115698][T30313] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3090.123653][T30313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3090.131605][T30313] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3090.139584][T30313] 20:14:37 executing program 4: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100008b26080000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3090.174281][T30325] syz-executor.0[30325]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3090.187175][T30325] loop0: detected capacity change from 0 to 256 [ 3090.188300][T30322] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.3'. 20:14:37 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r2, 0x0, 0xf3a, 0x0) splice(r0, 0x0, r2, 0x0, 0x82, 0x0) write(r2, &(0x7f0000000140)="ce", 0x1) syz_open_pts(r2, 0x10000) r3 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000380)=ANY=[@ANYRES64=r3, @ANYRES64=r3, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1eb", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwritev(r4, &(0x7f0000001080)=[{&(0x7f0000000080)='r', 0x5800}], 0x1, 0x0, 0x0) write$UHID_INPUT2(r4, &(0x7f0000000280)=ANY=[@ANYBLOB='\x00\x00\x00'], 0x6) 20:14:37 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="140100002900010000000000004c000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3090.223753][T30325] FAT-fs (loop0): Directory bread(block 64) failed [ 3090.234417][T30322] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3090.254494][T30325] FAT-fs (loop0): Directory bread(block 65) failed [ 3090.259448][T30322] CPU: 1 PID: 30322 Comm: syz-executor.3 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3090.271064][T30322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3090.281117][T30322] Call Trace: [ 3090.284385][T30322] [ 3090.287311][T30322] dump_stack_lvl+0x125/0x1b0 [ 3090.291993][T30322] sysfs_warn_dup+0x7f/0xa0 [ 3090.296488][T30322] sysfs_do_create_link_sd+0x11e/0x140 [ 3090.301951][T30322] sysfs_create_link+0x61/0xc0 [ 3090.306709][T30322] device_add+0x669/0x1ac0 [ 3090.311161][T30322] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3090.318014][T30322] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3090.323906][T30322] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3090.329877][T30322] wiphy_register+0x2095/0x2ce0 [ 3090.334722][T30322] ? wiphy_unregister+0xb70/0xb70 [ 3090.339751][T30322] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3090.345808][T30322] ieee80211_register_hw+0x24d1/0x4250 [ 3090.351269][T30322] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3090.356810][T30322] ? rcu_is_watching+0x12/0xb0 [ 3090.361558][T30322] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3090.367528][T30322] ? __hrtimer_init+0x103/0x2c0 [ 3090.372375][T30322] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3090.378098][T30322] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3090.383805][T30322] ? rcu_is_watching+0x12/0xb0 [ 3090.388561][T30322] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3090.394446][T30322] hwsim_new_radio_nl+0xaf8/0x1240 [ 3090.399550][T30322] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3090.405440][T30322] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3090.412814][T30322] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3090.420213][T30322] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3090.425762][T30322] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3090.433136][T30322] ? ns_capable+0xd5/0x110 [ 3090.437579][T30322] genl_rcv_msg+0x55c/0x800 [ 3090.442088][T30322] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3090.448001][T30322] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3090.453886][T30322] netlink_rcv_skb+0x16b/0x440 [ 3090.458642][T30322] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3090.464542][T30322] ? netlink_ack+0x1370/0x1370 [ 3090.469298][T30322] ? rcu_is_watching+0x12/0xb0 [ 3090.474059][T30322] ? down_write+0x200/0x200 [ 3090.478557][T30322] ? netlink_deliver_tap+0x1b1/0xd10 [ 3090.483846][T30322] genl_rcv+0x28/0x40 [ 3090.487826][T30322] netlink_unicast+0x536/0x810 [ 3090.492587][T30322] ? netlink_attachskb+0x870/0x870 [ 3090.497693][T30322] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3090.503607][T30322] ? __phys_addr_symbol+0x30/0x70 [ 3090.508624][T30322] ? __check_object_size+0x323/0x730 [ 3090.513902][T30322] netlink_sendmsg+0x93c/0xe40 [ 3090.518668][T30322] ? netlink_unicast+0x810/0x810 [ 3090.523608][T30322] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3090.528891][T30322] ? netlink_unicast+0x810/0x810 [ 3090.533826][T30322] sock_sendmsg+0xd9/0x180 [ 3090.538243][T30322] ____sys_sendmsg+0x6ac/0x940 [ 3090.543007][T30322] ? copy_msghdr_from_user+0x10b/0x160 [ 3090.548463][T30322] ? kernel_sendmsg+0x50/0x50 [ 3090.553137][T30322] ? plist_check_list+0x1ae/0x280 [ 3090.558184][T30322] ? schedule+0xf1/0x1b0 [ 3090.562417][T30322] ___sys_sendmsg+0x135/0x1d0 [ 3090.567097][T30322] ? do_recvmmsg+0x740/0x740 [ 3090.571677][T30322] ? rcu_is_watching+0x12/0xb0 [ 3090.576434][T30322] ? rcu_is_watching+0x12/0xb0 [ 3090.581197][T30322] ? __fget_light+0xe6/0x260 [ 3090.585779][T30322] __sys_sendmsg+0x117/0x1e0 [ 3090.590365][T30322] ? __sys_sendmsg_sock+0x30/0x30 [ 3090.595403][T30322] ? xfd_validate_state+0x5d/0x180 [ 3090.600516][T30322] ? rcu_is_watching+0x12/0xb0 [ 3090.605268][T30322] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3090.611271][T30322] do_syscall_64+0x38/0xb0 [ 3090.615686][T30322] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3090.621576][T30322] RIP: 0033:0x7f594487cae9 [ 3090.625974][T30322] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3090.645572][T30322] RSP: 002b:00007f59455230c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3090.653978][T30322] RAX: ffffffffffffffda RBX: 00007f594499bf80 RCX: 00007f594487cae9 [ 3090.661962][T30322] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3090.669959][T30322] RBP: 00007f59448c847a R08: 0000000000000000 R09: 0000000000000000 [ 3090.677941][T30322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3090.685896][T30322] R13: 000000000000000b R14: 00007f594499bf80 R15: 00007ffc9f4734e8 [ 3090.693870][T30322] [ 3090.703881][T30329] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3090.713569][T30325] FAT-fs (loop0): Directory bread(block 66) failed [ 3090.713700][T29067] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 3090.731577][T30329] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3090.732210][T30325] FAT-fs (loop0): Directory bread(block 67) failed [ 3090.739575][T30329] CPU: 1 PID: 30329 Comm: syz-executor.4 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3090.756293][T30329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3090.766343][T30329] Call Trace: [ 3090.769617][T30329] [ 3090.772554][T30329] dump_stack_lvl+0x125/0x1b0 [ 3090.777253][T30329] sysfs_warn_dup+0x7f/0xa0 [ 3090.781768][T30329] sysfs_do_create_link_sd+0x11e/0x140 [ 3090.787247][T30329] sysfs_create_link+0x61/0xc0 [ 3090.792017][T30329] device_add+0x669/0x1ac0 [ 3090.796429][T30329] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3090.803270][T30329] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3090.809160][T30329] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3090.815136][T30329] wiphy_register+0x2095/0x2ce0 [ 3090.819986][T30329] ? wiphy_unregister+0xb70/0xb70 [ 3090.825002][T30329] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3090.831061][T30329] ieee80211_register_hw+0x24d1/0x4250 [ 3090.836522][T30329] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3090.842064][T30329] ? rcu_is_watching+0x12/0xb0 [ 3090.846819][T30329] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3090.852875][T30329] ? __hrtimer_init+0x103/0x2c0 [ 3090.857722][T30329] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3090.863474][T30329] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3090.869184][T30329] ? rcu_is_watching+0x12/0xb0 [ 3090.873934][T30329] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3090.879815][T30329] hwsim_new_radio_nl+0xaf8/0x1240 [ 3090.884941][T30329] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3090.890826][T30329] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3090.898193][T30329] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3090.905560][T30329] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3090.911111][T30329] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3090.918487][T30329] ? ns_capable+0xd5/0x110 [ 3090.922897][T30329] genl_rcv_msg+0x55c/0x800 [ 3090.927400][T30329] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3090.933288][T30329] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3090.939174][T30329] netlink_rcv_skb+0x16b/0x440 [ 3090.943936][T30329] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3090.949823][T30329] ? netlink_ack+0x1370/0x1370 [ 3090.954578][T30329] ? rcu_is_watching+0x12/0xb0 [ 3090.959342][T30329] ? down_write+0x200/0x200 [ 3090.963833][T30329] ? netlink_deliver_tap+0x1b1/0xd10 [ 3090.969115][T30329] genl_rcv+0x28/0x40 [ 3090.973095][T30329] netlink_unicast+0x536/0x810 [ 3090.977857][T30329] ? netlink_attachskb+0x870/0x870 [ 3090.982965][T30329] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3090.988858][T30329] ? __phys_addr_symbol+0x30/0x70 [ 3090.993877][T30329] ? __check_object_size+0x323/0x730 [ 3090.999163][T30329] netlink_sendmsg+0x93c/0xe40 [ 3091.003926][T30329] ? netlink_unicast+0x810/0x810 [ 3091.008863][T30329] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3091.014142][T30329] ? netlink_unicast+0x810/0x810 [ 3091.019104][T30329] sock_sendmsg+0xd9/0x180 [ 3091.023517][T30329] ____sys_sendmsg+0x6ac/0x940 [ 3091.028271][T30329] ? copy_msghdr_from_user+0x10b/0x160 [ 3091.033730][T30329] ? kernel_sendmsg+0x50/0x50 [ 3091.038397][T30329] ? plist_check_list+0x1ae/0x280 [ 3091.043459][T30329] ? schedule+0xf1/0x1b0 [ 3091.047798][T30329] ___sys_sendmsg+0x135/0x1d0 [ 3091.052494][T30329] ? do_recvmmsg+0x740/0x740 [ 3091.057083][T30329] ? rcu_is_watching+0x12/0xb0 [ 3091.061847][T30329] ? rcu_is_watching+0x12/0xb0 [ 3091.066603][T30329] ? __fget_light+0xe6/0x260 [ 3091.071186][T30329] __sys_sendmsg+0x117/0x1e0 [ 3091.075776][T30329] ? __sys_sendmsg_sock+0x30/0x30 [ 3091.080799][T30329] ? xfd_validate_state+0x5d/0x180 [ 3091.085911][T30329] ? rcu_is_watching+0x12/0xb0 [ 3091.090665][T30329] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3091.096638][T30329] do_syscall_64+0x38/0xb0 [ 3091.101055][T30329] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3091.106952][T30329] RIP: 0033:0x7f6413c7cae9 [ 3091.111352][T30329] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3091.130951][T30329] RSP: 002b:00007f64127fe0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3091.139354][T30329] RAX: ffffffffffffffda RBX: 00007f6413d9bf80 RCX: 00007f6413c7cae9 [ 3091.147313][T30329] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3091.155272][T30329] RBP: 00007f6413cc847a R08: 0000000000000000 R09: 0000000000000000 [ 3091.163232][T30329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3091.171189][T30329] R13: 000000000000000b R14: 00007f6413d9bf80 R15: 00007ffcadac3dd8 [ 3091.179153][T30329] 20:14:38 executing program 3: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100007c89000000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3091.201969][T30331] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3091.207346][T30325] FAT-fs (loop0): Directory bread(block 68) failed [ 3091.231348][T30325] FAT-fs (loop0): Directory bread(block 69) failed 20:14:38 executing program 4: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100008b26080000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3091.246100][T30325] FAT-fs (loop0): Directory bread(block 70) failed [ 3091.260605][T30325] FAT-fs (loop0): Directory bread(block 71) failed [ 3091.267647][T30325] FAT-fs (loop0): Directory bread(block 72) failed [ 3091.269918][T30331] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3091.274294][T30325] FAT-fs (loop0): Directory bread(block 73) failed [ 3091.295469][T30331] CPU: 0 PID: 30331 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3091.302222][T30338] syz-executor.5[30338]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3091.305523][T30331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3091.305536][T30331] Call Trace: [ 3091.305544][T30331] [ 3091.305551][T30331] dump_stack_lvl+0x125/0x1b0 [ 3091.319092][T30338] loop5: detected capacity change from 0 to 256 [ 3091.325189][T30331] sysfs_warn_dup+0x7f/0xa0 [ 3091.325222][T30331] sysfs_do_create_link_sd+0x11e/0x140 [ 3091.352211][T30331] sysfs_create_link+0x61/0xc0 [ 3091.356972][T30331] device_add+0x669/0x1ac0 [ 3091.361392][T30331] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3091.368236][T30331] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3091.374139][T30331] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3091.380112][T30331] wiphy_register+0x2095/0x2ce0 [ 3091.384957][T30331] ? wiphy_unregister+0xb70/0xb70 [ 3091.389976][T30331] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3091.396035][T30331] ieee80211_register_hw+0x24d1/0x4250 [ 3091.401497][T30331] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3091.407038][T30331] ? rcu_is_watching+0x12/0xb0 [ 3091.411792][T30331] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3091.417763][T30331] ? __hrtimer_init+0x103/0x2c0 [ 3091.422610][T30331] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3091.428329][T30331] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3091.434036][T30331] ? rcu_is_watching+0x12/0xb0 [ 3091.438788][T30331] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3091.444685][T30331] hwsim_new_radio_nl+0xaf8/0x1240 [ 3091.449785][T30331] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3091.455672][T30331] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3091.463040][T30331] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3091.470412][T30331] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3091.475957][T30331] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3091.483328][T30331] ? ns_capable+0xd5/0x110 [ 3091.487742][T30331] genl_rcv_msg+0x55c/0x800 [ 3091.492243][T30331] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3091.498135][T30331] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3091.504022][T30331] netlink_rcv_skb+0x16b/0x440 [ 3091.508785][T30331] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3091.514674][T30331] ? netlink_ack+0x1370/0x1370 [ 3091.519516][T30331] ? rcu_is_watching+0x12/0xb0 [ 3091.524273][T30331] ? down_write+0x200/0x200 [ 3091.528767][T30331] ? netlink_deliver_tap+0x1b1/0xd10 [ 3091.534047][T30331] genl_rcv+0x28/0x40 [ 3091.538058][T30331] netlink_unicast+0x536/0x810 [ 3091.542840][T30331] ? netlink_attachskb+0x870/0x870 [ 3091.547944][T30331] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3091.553832][T30331] ? __phys_addr_symbol+0x30/0x70 [ 3091.558848][T30331] ? __check_object_size+0x323/0x730 [ 3091.564126][T30331] netlink_sendmsg+0x93c/0xe40 [ 3091.568885][T30331] ? netlink_unicast+0x810/0x810 [ 3091.573817][T30331] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3091.579093][T30331] ? netlink_unicast+0x810/0x810 [ 3091.584024][T30331] sock_sendmsg+0xd9/0x180 [ 3091.588436][T30331] ____sys_sendmsg+0x6ac/0x940 [ 3091.593365][T30331] ? copy_msghdr_from_user+0x10b/0x160 [ 3091.598822][T30331] ? kernel_sendmsg+0x50/0x50 [ 3091.603483][T30331] ? plist_check_list+0x1ae/0x280 [ 3091.608501][T30331] ? schedule+0xf1/0x1b0 [ 3091.612727][T30331] ___sys_sendmsg+0x135/0x1d0 [ 3091.617400][T30331] ? do_recvmmsg+0x740/0x740 [ 3091.621977][T30331] ? rcu_is_watching+0x12/0xb0 [ 3091.626741][T30331] ? rcu_is_watching+0x12/0xb0 [ 3091.631497][T30331] ? __fget_light+0xe6/0x260 [ 3091.636078][T30331] __sys_sendmsg+0x117/0x1e0 [ 3091.640666][T30331] ? __sys_sendmsg_sock+0x30/0x30 [ 3091.645685][T30331] ? xfd_validate_state+0x5d/0x180 [ 3091.650800][T30331] ? rcu_is_watching+0x12/0xb0 [ 3091.655555][T30331] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3091.661527][T30331] do_syscall_64+0x38/0xb0 [ 3091.665946][T30331] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3091.671878][T30331] RIP: 0033:0x7fc65907cae9 [ 3091.676282][T30331] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3091.695906][T30331] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e 20:14:39 executing program 0: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") statfs(&(0x7f0000000040)='./file0\x00', 0x0) [ 3091.704320][T30331] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3091.712286][T30331] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3091.720249][T30331] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3091.728305][T30331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3091.736266][T30331] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3091.744230][T30331] 20:14:39 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="140100002900010000000000125d000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3091.800422][T30335] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3091.805274][T30338] FAT-fs (loop5): Directory bread(block 64) failed [ 3091.818849][T30338] FAT-fs (loop5): Directory bread(block 65) failed [ 3091.826377][T30338] FAT-fs (loop5): Directory bread(block 66) failed [ 3091.833151][T30335] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3091.833691][T30338] FAT-fs (loop5): Directory bread(block 67) failed [ 3091.860876][T29067] usb 3-1: Using ep0 maxpacket: 16 [ 3091.871943][T30338] FAT-fs (loop5): Directory bread(block 68) failed [ 3091.878997][T30338] FAT-fs (loop5): Directory bread(block 69) failed [ 3091.884598][T30342] syz-executor.0[30342]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3091.885713][T30338] FAT-fs (loop5): Directory bread(block 70) failed [ 3091.900157][T30342] loop0: detected capacity change from 0 to 256 [ 3091.904596][T30338] FAT-fs (loop5): Directory bread(block 71) failed [ 3091.910303][T30335] CPU: 1 PID: 30335 Comm: syz-executor.3 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3091.915133][T30338] FAT-fs (loop5): Directory bread(block 72) failed [ 3091.924999][T30335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3091.925012][T30335] Call Trace: [ 3091.925019][T30335] [ 3091.925027][T30335] dump_stack_lvl+0x125/0x1b0 [ 3091.925065][T30335] sysfs_warn_dup+0x7f/0xa0 [ 3091.925099][T30335] sysfs_do_create_link_sd+0x11e/0x140 [ 3091.925130][T30335] sysfs_create_link+0x61/0xc0 [ 3091.925159][T30335] device_add+0x669/0x1ac0 [ 3091.925194][T30335] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3091.925231][T30335] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3091.925269][T30335] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3091.925301][T30335] wiphy_register+0x2095/0x2ce0 [ 3091.925330][T30335] ? wiphy_unregister+0xb70/0xb70 [ 3091.925357][T30335] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3091.925383][T30335] ieee80211_register_hw+0x24d1/0x4250 [ 3091.925420][T30335] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3091.925454][T30335] ? rcu_is_watching+0x12/0xb0 [ 3091.925477][T30335] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3091.933998][T30338] FAT-fs (loop5): Directory bread(block 73) failed [ 3091.941985][T30335] ? __hrtimer_init+0x103/0x2c0 [ 3091.942020][T30335] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3091.942052][T30335] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3092.050849][T30335] ? rcu_is_watching+0x12/0xb0 [ 3092.055608][T30335] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3092.061490][T30335] hwsim_new_radio_nl+0xaf8/0x1240 [ 3092.066592][T30335] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3092.072475][T30335] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3092.079868][T30335] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3092.087236][T30335] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3092.092778][T30335] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3092.100145][T30335] ? ns_capable+0xd5/0x110 [ 3092.104571][T30335] genl_rcv_msg+0x55c/0x800 [ 3092.109070][T30335] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3092.114961][T30335] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3092.120845][T30335] netlink_rcv_skb+0x16b/0x440 [ 3092.125598][T30335] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3092.131485][T30335] ? netlink_ack+0x1370/0x1370 [ 3092.136263][T30335] ? rcu_is_watching+0x12/0xb0 [ 3092.141029][T30335] ? down_write+0x200/0x200 [ 3092.145525][T30335] ? netlink_deliver_tap+0x1b1/0xd10 [ 3092.150807][T30335] genl_rcv+0x28/0x40 [ 3092.154782][T30335] netlink_unicast+0x536/0x810 [ 3092.159546][T30335] ? netlink_attachskb+0x870/0x870 [ 3092.164653][T30335] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3092.170543][T30335] ? __phys_addr_symbol+0x30/0x70 [ 3092.175559][T30335] ? __check_object_size+0x323/0x730 [ 3092.180839][T30335] netlink_sendmsg+0x93c/0xe40 [ 3092.185595][T30335] ? netlink_unicast+0x810/0x810 [ 3092.190524][T30335] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3092.195803][T30335] ? netlink_unicast+0x810/0x810 [ 3092.200730][T30335] sock_sendmsg+0xd9/0x180 [ 3092.205134][T30335] ____sys_sendmsg+0x6ac/0x940 [ 3092.209888][T30335] ? copy_msghdr_from_user+0x10b/0x160 [ 3092.215337][T30335] ? kernel_sendmsg+0x50/0x50 [ 3092.220000][T30335] ? plist_check_list+0x1ae/0x280 [ 3092.225110][T30335] ? schedule+0xf1/0x1b0 [ 3092.229339][T30335] ___sys_sendmsg+0x135/0x1d0 [ 3092.234010][T30335] ? do_recvmmsg+0x740/0x740 [ 3092.238593][T30335] ? rcu_is_watching+0x12/0xb0 [ 3092.243345][T30335] ? rcu_is_watching+0x12/0xb0 [ 3092.248096][T30335] ? __fget_light+0xe6/0x260 [ 3092.252693][T30335] __sys_sendmsg+0x117/0x1e0 [ 3092.257275][T30335] ? __sys_sendmsg_sock+0x30/0x30 [ 3092.262287][T30335] ? xfd_validate_state+0x5d/0x180 [ 3092.267392][T30335] ? rcu_is_watching+0x12/0xb0 [ 3092.272146][T30335] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3092.278116][T30335] do_syscall_64+0x38/0xb0 [ 3092.282524][T30335] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3092.288432][T30335] RIP: 0033:0x7f594487cae9 [ 3092.292830][T30335] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3092.312424][T30335] RSP: 002b:00007f59455230c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3092.320819][T30335] RAX: ffffffffffffffda RBX: 00007f594499bf80 RCX: 00007f594487cae9 [ 3092.328878][T30335] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3092.336833][T30335] RBP: 00007f59448c847a R08: 0000000000000000 R09: 0000000000000000 [ 3092.344787][T30335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3092.352748][T30335] R13: 000000000000000b R14: 00007f594499bf80 R15: 00007ffc9f4734e8 [ 3092.360707][T30335] [ 3092.379582][T30337] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.4'. 20:14:39 executing program 3: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100007c89000000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3092.406031][T30337] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3092.417281][T30337] CPU: 0 PID: 30337 Comm: syz-executor.4 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3092.423015][T30342] FAT-fs (loop0): Directory bread(block 64) failed [ 3092.427337][T30337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3092.427349][T30337] Call Trace: [ 3092.427357][T30337] [ 3092.427364][T30337] dump_stack_lvl+0x125/0x1b0 [ 3092.427396][T30337] sysfs_warn_dup+0x7f/0xa0 [ 3092.427419][T30337] sysfs_do_create_link_sd+0x11e/0x140 [ 3092.427442][T30337] sysfs_create_link+0x61/0xc0 [ 3092.427464][T30337] device_add+0x669/0x1ac0 [ 3092.427491][T30337] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3092.427519][T30337] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3092.427552][T30337] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3092.427578][T30337] wiphy_register+0x2095/0x2ce0 [ 3092.427600][T30337] ? wiphy_unregister+0xb70/0xb70 [ 3092.427620][T30337] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3092.427640][T30337] ieee80211_register_hw+0x24d1/0x4250 [ 3092.427669][T30337] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3092.427694][T30337] ? rcu_is_watching+0x12/0xb0 [ 3092.427712][T30337] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3092.427734][T30337] ? __hrtimer_init+0x103/0x2c0 [ 3092.436283][T30342] FAT-fs (loop0): Directory bread(block 65) failed [ 3092.444234][T30337] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3092.444269][T30337] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3092.452203][T30342] FAT-fs (loop0): Directory bread(block 66) failed [ 3092.455079][T30337] ? rcu_is_watching+0x12/0xb0 [ 3092.455101][T30337] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3092.459944][T30342] FAT-fs (loop0): Directory bread(block 67) failed [ 3092.464993][T30337] hwsim_new_radio_nl+0xaf8/0x1240 [ 3092.470123][T30342] FAT-fs (loop0): Directory bread(block 68) failed [ 3092.474145][T30337] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3092.490093][T30342] FAT-fs (loop0): Directory bread(block 69) failed [ 3092.492800][T30337] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3092.506297][T30342] FAT-fs (loop0): Directory bread(block 70) failed [ 3092.508670][T30337] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3092.508707][T30337] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3092.516951][T30342] FAT-fs (loop0): Directory bread(block 71) failed [ 3092.519657][T30337] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3092.641265][T30337] ? ns_capable+0xd5/0x110 [ 3092.645791][T30337] genl_rcv_msg+0x55c/0x800 [ 3092.650304][T30337] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3092.656196][T30337] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3092.662082][T30337] netlink_rcv_skb+0x16b/0x440 [ 3092.666838][T30337] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3092.672728][T30337] ? netlink_ack+0x1370/0x1370 [ 3092.677487][T30337] ? rcu_is_watching+0x12/0xb0 [ 3092.682244][T30337] ? down_write+0x200/0x200 [ 3092.686743][T30337] ? netlink_deliver_tap+0x1b1/0xd10 [ 3092.692023][T30337] genl_rcv+0x28/0x40 [ 3092.696000][T30337] netlink_unicast+0x536/0x810 [ 3092.700792][T30337] ? netlink_attachskb+0x870/0x870 [ 3092.705899][T30337] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3092.711788][T30337] ? __phys_addr_symbol+0x30/0x70 [ 3092.716802][T30337] ? __check_object_size+0x323/0x730 [ 3092.722082][T30337] netlink_sendmsg+0x93c/0xe40 [ 3092.726843][T30337] ? netlink_unicast+0x810/0x810 [ 3092.731777][T30337] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3092.737061][T30337] ? netlink_unicast+0x810/0x810 [ 3092.742010][T30337] sock_sendmsg+0xd9/0x180 [ 3092.746426][T30337] ____sys_sendmsg+0x6ac/0x940 [ 3092.751182][T30337] ? copy_msghdr_from_user+0x10b/0x160 [ 3092.756637][T30337] ? kernel_sendmsg+0x50/0x50 [ 3092.761301][T30337] ? plist_check_list+0x1ae/0x280 [ 3092.766322][T30337] ? schedule+0xf1/0x1b0 [ 3092.770556][T30337] ___sys_sendmsg+0x135/0x1d0 [ 3092.775231][T30337] ? do_recvmmsg+0x740/0x740 [ 3092.779811][T30337] ? rcu_is_watching+0x12/0xb0 [ 3092.784572][T30337] ? rcu_is_watching+0x12/0xb0 [ 3092.789329][T30337] ? __fget_light+0xe6/0x260 [ 3092.793910][T30337] __sys_sendmsg+0x117/0x1e0 [ 3092.798499][T30337] ? __sys_sendmsg_sock+0x30/0x30 [ 3092.803540][T30337] ? xfd_validate_state+0x5d/0x180 [ 3092.808679][T30337] ? rcu_is_watching+0x12/0xb0 [ 3092.813441][T30337] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3092.819412][T30337] do_syscall_64+0x38/0xb0 [ 3092.823827][T30337] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3092.829719][T30337] RIP: 0033:0x7f6413c7cae9 [ 3092.834126][T30337] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3092.853813][T30337] RSP: 002b:00007f64127fe0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3092.862214][T30337] RAX: ffffffffffffffda RBX: 00007f6413d9bf80 RCX: 00007f6413c7cae9 [ 3092.870188][T30337] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3092.878146][T30337] RBP: 00007f6413cc847a R08: 0000000000000000 R09: 0000000000000000 [ 3092.886101][T30337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3092.894066][T30337] R13: 000000000000000b R14: 00007f6413d9bf80 R15: 00007ffcadac3dd8 [ 3092.902055][T30337] 20:14:40 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000060f94d100d05020027230102030109024840020000000009047d00031d5abf0009050400005539000009050b00000000000009050200000005000009047d01013481af0009a00e"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) [ 3092.910949][T30342] FAT-fs (loop0): Directory bread(block 72) failed [ 3092.917593][T30342] FAT-fs (loop0): Directory bread(block 73) failed 20:14:40 executing program 0: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000540)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a2b70738c0c29ef3cb487e1fd790611d1b8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d161453aee64757e6e2d26de0788d19a4f06547797cfc1473954c3d7ec3a45f3b4e908619a10a2f92f46e7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a52e07848d478b467b417d2585022d696dd4a70b30ace66cba3486c8df5cbf437d2ed2266558fabf1a3f8b032cf5332b8d331d9e93f831032a915a1ebd131c6a2c865acbd29f5b9f24362", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwritev(r1, &(0x7f0000001080)=[{&(0x7f0000000080)='r', 0x5800}], 0x1, 0x0, 0x0) write$UHID_INPUT2(r1, &(0x7f0000000280)=ANY=[@ANYBLOB='\x00\x00\x00'], 0x6) mount$overlay(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x800000, &(0x7f00000002c0)={[{@redirect_dir={'redirect_dir', 0x3d, './file0'}}, {@nfs_export_off}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@default_permissions}, {@metacopy_off}, {@nfs_export_on}, {@nfs_export_off}], [{@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}]}) [ 3092.964452][T30343] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3092.977064][T30338] syz-executor.5: attempt to access beyond end of device [ 3092.977064][T30338] loop5: rw=2049, sector=1160, nr_sectors = 32 limit=256 [ 3092.994142][T30343] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3093.004261][T29067] usb 3-1: unable to read config index 0 descriptor/all 20:14:40 executing program 4: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100008b26080000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3093.013828][T29067] usb 3-1: can't read configurations, error -71 [ 3093.038132][T30338] syz-executor.5: attempt to access beyond end of device [ 3093.038132][T30338] loop5: rw=2049, sector=1224, nr_sectors = 12 limit=256 [ 3093.044522][T30343] CPU: 1 PID: 30343 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3093.055476][T30350] syz-executor.0[30350]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3093.062149][T30343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3093.062163][T30343] Call Trace: [ 3093.062171][T30343] [ 3093.062178][T30343] dump_stack_lvl+0x125/0x1b0 [ 3093.062210][T30343] sysfs_warn_dup+0x7f/0xa0 [ 3093.097290][T30343] sysfs_do_create_link_sd+0x11e/0x140 [ 3093.102755][T30343] sysfs_create_link+0x61/0xc0 [ 3093.107513][T30343] device_add+0x669/0x1ac0 [ 3093.111942][T30343] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3093.118784][T30343] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3093.124671][T30343] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3093.130644][T30343] wiphy_register+0x2095/0x2ce0 [ 3093.135482][T30343] ? wiphy_unregister+0xb70/0xb70 [ 3093.140494][T30343] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3093.146548][T30343] ieee80211_register_hw+0x24d1/0x4250 [ 3093.151998][T30343] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3093.157545][T30343] ? rcu_is_watching+0x12/0xb0 [ 3093.162295][T30343] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3093.168260][T30343] ? __hrtimer_init+0x103/0x2c0 [ 3093.173102][T30343] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3093.178816][T30343] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3093.184545][T30343] ? rcu_is_watching+0x12/0xb0 [ 3093.189292][T30343] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3093.195195][T30343] hwsim_new_radio_nl+0xaf8/0x1240 [ 3093.200313][T30343] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3093.206195][T30343] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3093.213571][T30343] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3093.220938][T30343] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3093.226513][T30343] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3093.234080][T30343] ? ns_capable+0xd5/0x110 [ 3093.238498][T30343] genl_rcv_msg+0x55c/0x800 [ 3093.243009][T30343] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3093.248902][T30343] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3093.254790][T30343] netlink_rcv_skb+0x16b/0x440 [ 3093.259553][T30343] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3093.265442][T30343] ? netlink_ack+0x1370/0x1370 [ 3093.270200][T30343] ? rcu_is_watching+0x12/0xb0 [ 3093.274959][T30343] ? down_write+0x200/0x200 [ 3093.279481][T30343] ? netlink_deliver_tap+0x1b1/0xd10 [ 3093.284767][T30343] genl_rcv+0x28/0x40 [ 3093.288744][T30343] netlink_unicast+0x536/0x810 [ 3093.293500][T30343] ? netlink_attachskb+0x870/0x870 [ 3093.298610][T30343] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3093.304501][T30343] ? __phys_addr_symbol+0x30/0x70 [ 3093.309529][T30343] ? __check_object_size+0x323/0x730 [ 3093.314807][T30343] netlink_sendmsg+0x93c/0xe40 [ 3093.319569][T30343] ? netlink_unicast+0x810/0x810 [ 3093.324500][T30343] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3093.329785][T30343] ? netlink_unicast+0x810/0x810 [ 3093.334717][T30343] sock_sendmsg+0xd9/0x180 [ 3093.339126][T30343] ____sys_sendmsg+0x6ac/0x940 [ 3093.343895][T30343] ? copy_msghdr_from_user+0x10b/0x160 [ 3093.349367][T30343] ? kernel_sendmsg+0x50/0x50 [ 3093.354054][T30343] ? plist_check_list+0x1ae/0x280 [ 3093.359087][T30343] ? schedule+0xf1/0x1b0 [ 3093.363330][T30343] ___sys_sendmsg+0x135/0x1d0 [ 3093.368010][T30343] ? do_recvmmsg+0x740/0x740 [ 3093.372593][T30343] ? rcu_is_watching+0x12/0xb0 [ 3093.377348][T30343] ? rcu_is_watching+0x12/0xb0 [ 3093.382109][T30343] ? __fget_light+0xe6/0x260 [ 3093.386686][T30343] __sys_sendmsg+0x117/0x1e0 [ 3093.391273][T30343] ? __sys_sendmsg_sock+0x30/0x30 [ 3093.396288][T30343] ? xfd_validate_state+0x5d/0x180 [ 3093.401399][T30343] ? rcu_is_watching+0x12/0xb0 [ 3093.406153][T30343] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3093.412124][T30343] do_syscall_64+0x38/0xb0 [ 3093.416544][T30343] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3093.422443][T30343] RIP: 0033:0x7fc65907cae9 [ 3093.426841][T30343] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3093.446453][T30343] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3093.454941][T30343] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3093.462911][T30343] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3093.470885][T30343] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3093.478844][T30343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3093.486801][T30343] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3093.494765][T30343] [ 3093.527569][T30350] loop0: detected capacity change from 0 to 256 20:14:40 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000060000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3093.543846][T30348] syz-executor.5: attempt to access beyond end of device [ 3093.543846][T30348] loop5: rw=2049, sector=1160, nr_sectors = 4 limit=256 [ 3093.558000][T30348] Buffer I/O error on dev loop5, logical block 290, lost async page write [ 3093.566971][T30345] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3093.619346][T30345] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3093.642239][T30350] FAT-fs (loop0): Directory bread(block 64) failed [ 3093.656720][T30345] CPU: 1 PID: 30345 Comm: syz-executor.3 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3093.666841][T30345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3093.676908][T30345] Call Trace: [ 3093.680207][T30345] [ 3093.683318][T30345] dump_stack_lvl+0x125/0x1b0 [ 3093.686131][T30350] FAT-fs (loop0): Directory bread(block 65) failed [ 3093.688002][T30345] sysfs_warn_dup+0x7f/0xa0 [ 3093.688030][T30345] sysfs_do_create_link_sd+0x11e/0x140 [ 3093.688054][T30345] sysfs_create_link+0x61/0xc0 [ 3093.688075][T30345] device_add+0x669/0x1ac0 [ 3093.688101][T30345] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3093.688129][T30345] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3093.688158][T30345] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3093.688183][T30345] wiphy_register+0x2095/0x2ce0 [ 3093.688206][T30345] ? wiphy_unregister+0xb70/0xb70 [ 3093.688226][T30345] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3093.696354][T30350] FAT-fs (loop0): Directory bread(block 66) failed [ 3093.699219][T30345] ieee80211_register_hw+0x24d1/0x4250 [ 3093.699254][T30345] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3093.699280][T30345] ? rcu_is_watching+0x12/0xb0 [ 3093.699298][T30345] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3093.699320][T30345] ? __hrtimer_init+0x103/0x2c0 [ 3093.699343][T30345] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3093.699372][T30345] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3093.705513][T30350] FAT-fs (loop0): Directory bread(block 67) failed [ 3093.709629][T30345] ? rcu_is_watching+0x12/0xb0 [ 3093.709653][T30345] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3093.709673][T30345] hwsim_new_radio_nl+0xaf8/0x1240 [ 3093.709697][T30345] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3093.709720][T30345] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3093.709751][T30345] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3093.709784][T30345] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3093.709814][T30345] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3093.709850][T30345] ? ns_capable+0xd5/0x110 [ 3093.709873][T30345] genl_rcv_msg+0x55c/0x800 [ 3093.718955][T30350] FAT-fs (loop0): Directory bread(block 68) failed [ 3093.721225][T30345] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3093.728754][T30350] FAT-fs (loop0): Directory bread(block 69) failed [ 3093.733187][T30345] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3093.733221][T30345] netlink_rcv_skb+0x16b/0x440 [ 3093.887779][T30345] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3093.893685][T30345] ? netlink_ack+0x1370/0x1370 [ 3093.898626][T30345] ? rcu_is_watching+0x12/0xb0 [ 3093.903402][T30345] ? down_write+0x200/0x200 [ 3093.907901][T30345] ? netlink_deliver_tap+0x1b1/0xd10 [ 3093.913211][T30345] genl_rcv+0x28/0x40 [ 3093.917198][T30345] netlink_unicast+0x536/0x810 [ 3093.921964][T30345] ? netlink_attachskb+0x870/0x870 [ 3093.927074][T30345] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3093.932971][T30345] ? __phys_addr_symbol+0x30/0x70 [ 3093.937991][T30345] ? __check_object_size+0x323/0x730 [ 3093.943276][T30345] netlink_sendmsg+0x93c/0xe40 [ 3093.948226][T30345] ? netlink_unicast+0x810/0x810 [ 3093.953206][T30345] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3093.958506][T30345] ? netlink_unicast+0x810/0x810 [ 3093.963451][T30345] sock_sendmsg+0xd9/0x180 [ 3093.967858][T30345] ____sys_sendmsg+0x6ac/0x940 [ 3093.972614][T30345] ? copy_msghdr_from_user+0x10b/0x160 [ 3093.978066][T30345] ? kernel_sendmsg+0x50/0x50 [ 3093.982732][T30345] ? plist_check_list+0x1ae/0x280 [ 3093.987747][T30345] ? schedule+0xf1/0x1b0 [ 3093.991983][T30345] ___sys_sendmsg+0x135/0x1d0 [ 3093.996661][T30345] ? do_recvmmsg+0x740/0x740 [ 3094.001250][T30345] ? rcu_is_watching+0x12/0xb0 [ 3094.006006][T30345] ? rcu_is_watching+0x12/0xb0 [ 3094.010762][T30345] ? __fget_light+0xe6/0x260 [ 3094.015342][T30345] __sys_sendmsg+0x117/0x1e0 [ 3094.019942][T30345] ? __sys_sendmsg_sock+0x30/0x30 [ 3094.024977][T30345] ? xfd_validate_state+0x5d/0x180 [ 3094.030090][T30345] ? rcu_is_watching+0x12/0xb0 [ 3094.034849][T30345] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3094.040844][T30345] do_syscall_64+0x38/0xb0 [ 3094.045263][T30345] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3094.051154][T30345] RIP: 0033:0x7f594487cae9 [ 3094.055565][T30345] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3094.075169][T30345] RSP: 002b:00007f59455230c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3094.083569][T30345] RAX: ffffffffffffffda RBX: 00007f594499bf80 RCX: 00007f594487cae9 [ 3094.091527][T30345] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3094.099492][T30345] RBP: 00007f59448c847a R08: 0000000000000000 R09: 0000000000000000 [ 3094.107447][T30345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 20:14:41 executing program 3: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100007c89000000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:41 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000007000000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3094.115404][T30345] R13: 000000000000000b R14: 00007f594499bf80 R15: 00007ffc9f4734e8 [ 3094.123366][T30345] [ 3094.129807][T30350] FAT-fs (loop0): Directory bread(block 70) failed [ 3094.138511][T30350] FAT-fs (loop0): Directory bread(block 71) failed [ 3094.145780][T30350] FAT-fs (loop0): Directory bread(block 72) failed [ 3094.152366][T30350] FAT-fs (loop0): Directory bread(block 73) failed [ 3094.184949][T30352] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3094.206040][T30350] syz-executor.0: attempt to access beyond end of device [ 3094.206040][T30350] loop0: rw=2049, sector=1160, nr_sectors = 32 limit=256 [ 3094.222333][T30350] syz-executor.0: attempt to access beyond end of device [ 3094.222333][T30350] loop0: rw=2049, sector=1224, nr_sectors = 12 limit=256 [ 3094.243348][T30352] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3094.251614][T29067] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 3094.266226][T30350] syz-executor.0: attempt to access beyond end of device [ 3094.266226][T30350] loop0: rw=2049, sector=1160, nr_sectors = 4 limit=256 [ 3094.281007][T30350] Buffer I/O error on dev loop0, logical block 290, lost async page write [ 3094.293841][T30352] CPU: 1 PID: 30352 Comm: syz-executor.4 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3094.303948][T30352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3094.308502][T30350] overlay: Bad value for 'redirect_dir' [ 3094.314001][T30352] Call Trace: [ 3094.314018][T30352] [ 3094.314024][T30352] dump_stack_lvl+0x125/0x1b0 [ 3094.314055][T30352] sysfs_warn_dup+0x7f/0xa0 [ 3094.314078][T30352] sysfs_do_create_link_sd+0x11e/0x140 [ 3094.340470][T30352] sysfs_create_link+0x61/0xc0 [ 3094.345282][T30352] device_add+0x669/0x1ac0 [ 3094.349705][T30352] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3094.356560][T30352] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3094.362504][T30352] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3094.368487][T30352] wiphy_register+0x2095/0x2ce0 [ 3094.373440][T30352] ? wiphy_unregister+0xb70/0xb70 [ 3094.378500][T30352] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3094.384576][T30352] ieee80211_register_hw+0x24d1/0x4250 [ 3094.390053][T30352] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3094.395599][T30352] ? rcu_is_watching+0x12/0xb0 [ 3094.400351][T30352] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3094.406350][T30352] ? __hrtimer_init+0x103/0x2c0 [ 3094.411191][T30352] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3094.417269][T30352] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3094.423013][T30352] ? rcu_is_watching+0x12/0xb0 [ 3094.427758][T30352] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3094.433745][T30352] hwsim_new_radio_nl+0xaf8/0x1240 [ 3094.438848][T30352] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3094.444754][T30352] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3094.452166][T30352] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3094.459525][T30352] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3094.465073][T30352] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3094.472447][T30352] ? ns_capable+0xd5/0x110 [ 3094.476859][T30352] genl_rcv_msg+0x55c/0x800 [ 3094.481373][T30352] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3094.487436][T30352] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3094.493578][T30352] netlink_rcv_skb+0x16b/0x440 [ 3094.498520][T30352] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3094.504546][T30352] ? netlink_ack+0x1370/0x1370 [ 3094.509436][T30352] ? rcu_is_watching+0x12/0xb0 [ 3094.514329][T30352] ? down_write+0x200/0x200 [ 3094.519167][T30352] ? netlink_deliver_tap+0x1b1/0xd10 [ 3094.524545][T30352] genl_rcv+0x28/0x40 [ 3094.528612][T30352] netlink_unicast+0x536/0x810 [ 3094.533476][T30352] ? netlink_attachskb+0x870/0x870 [ 3094.538680][T30352] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3094.544772][T30352] ? __phys_addr_symbol+0x30/0x70 [ 3094.549918][T30352] ? __check_object_size+0x323/0x730 [ 3094.555389][T30352] netlink_sendmsg+0x93c/0xe40 [ 3094.560270][T30352] ? netlink_unicast+0x810/0x810 [ 3094.565317][T30352] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3094.570849][T30352] ? netlink_unicast+0x810/0x810 [ 3094.575883][T30352] sock_sendmsg+0xd9/0x180 [ 3094.580404][T30352] ____sys_sendmsg+0x6ac/0x940 [ 3094.585411][T30352] ? copy_msghdr_from_user+0x10b/0x160 [ 3094.590960][T30352] ? kernel_sendmsg+0x50/0x50 [ 3094.595730][T30352] ? plist_check_list+0x1ae/0x280 [ 3094.600866][T30352] ? schedule+0xf1/0x1b0 [ 3094.605212][T30352] ___sys_sendmsg+0x135/0x1d0 [ 3094.610571][T30352] ? do_recvmmsg+0x740/0x740 [ 3094.615263][T30352] ? rcu_is_watching+0x12/0xb0 [ 3094.620090][T30352] ? rcu_is_watching+0x12/0xb0 [ 3094.624954][T30352] ? __fget_light+0xe6/0x260 [ 3094.629551][T30352] __sys_sendmsg+0x117/0x1e0 [ 3094.634314][T30352] ? __sys_sendmsg_sock+0x30/0x30 [ 3094.639356][T30352] ? xfd_validate_state+0x5d/0x180 [ 3094.644497][T30352] ? rcu_is_watching+0x12/0xb0 [ 3094.649350][T30352] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3094.655345][T30352] do_syscall_64+0x38/0xb0 [ 3094.659753][T30352] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3094.665643][T30352] RIP: 0033:0x7f6413c7cae9 [ 3094.670065][T30352] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3094.689811][T30352] RSP: 002b:00007f64127fe0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3094.698251][T30352] RAX: ffffffffffffffda RBX: 00007f6413d9bf80 RCX: 00007f6413c7cae9 [ 3094.706217][T30352] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3094.714198][T30352] RBP: 00007f6413cc847a R08: 0000000000000000 R09: 0000000000000000 [ 3094.722173][T30352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 20:14:42 executing program 0: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000e00000000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:42 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000540)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a3b70738c0c29ef3cb487e1fd790611d1b855f5dc052a941ebbcf5fd8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d641453aee6475700e2d26de0788d19a4f06547797cfc1473954c3d7ec3a55f3b4e908619a10a2f92f46e766f580500052eda7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a5204000000000000000000005022e1a3caab0096dd4a70b30ace66cba3486c8df5cbf437d2ed2278558fabf1a3f8b032cf9abfc84d259d802faf49665a0b5332b8d331d9e9", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) syz_open_dev$audion(&(0x7f00000002c0), 0x1, 0x200) openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x80000, 0x50) creat(&(0x7f0000000040)='./file0\x00', 0x0) [ 3094.730130][T30352] R13: 000000000000000b R14: 00007f6413d9bf80 R15: 00007ffcadac3dd8 [ 3094.738096][T30352] [ 3094.749326][T30354] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3094.784828][T30354] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3094.796318][T30354] CPU: 1 PID: 30354 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3094.806413][T30354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3094.816495][T30354] Call Trace: [ 3094.819808][T30354] [ 3094.822754][T30354] dump_stack_lvl+0x125/0x1b0 [ 3094.827469][T30354] sysfs_warn_dup+0x7f/0xa0 [ 3094.832025][T30354] sysfs_do_create_link_sd+0x11e/0x140 [ 3094.837526][T30354] sysfs_create_link+0x61/0xc0 [ 3094.842326][T30354] device_add+0x669/0x1ac0 [ 3094.846788][T30354] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3094.853676][T30354] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3094.859603][T30354] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3094.865600][T30354] wiphy_register+0x2095/0x2ce0 [ 3094.869453][T30360] syz-executor.4[30360]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3094.870454][T30354] ? wiphy_unregister+0xb70/0xb70 [ 3094.870491][T30354] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3094.883357][T30360] loop4: detected capacity change from 0 to 256 [ 3094.885115][T30354] ieee80211_register_hw+0x24d1/0x4250 [ 3094.885158][T30354] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3094.908465][T30354] ? rcu_is_watching+0x12/0xb0 [ 3094.913239][T30354] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3094.919219][T30354] ? __hrtimer_init+0x103/0x2c0 [ 3094.924068][T30354] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3094.929791][T30354] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3094.935508][T30354] ? rcu_is_watching+0x12/0xb0 [ 3094.940267][T30354] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3094.946177][T30354] hwsim_new_radio_nl+0xaf8/0x1240 [ 3094.951312][T30354] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3094.957220][T30354] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3094.964599][T30354] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3094.971980][T30354] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3094.977588][T30354] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3094.984973][T30354] ? ns_capable+0xd5/0x110 [ 3094.989391][T30354] genl_rcv_msg+0x55c/0x800 [ 3094.993903][T30354] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3094.999802][T30354] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3095.005704][T30354] netlink_rcv_skb+0x16b/0x440 [ 3095.010487][T30354] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3095.016387][T30354] ? netlink_ack+0x1370/0x1370 [ 3095.021152][T30354] ? rcu_is_watching+0x12/0xb0 [ 3095.025918][T30354] ? down_write+0x200/0x200 [ 3095.030424][T30354] ? netlink_deliver_tap+0x1b1/0xd10 [ 3095.035724][T30354] genl_rcv+0x28/0x40 [ 3095.039724][T30354] netlink_unicast+0x536/0x810 [ 3095.044510][T30354] ? netlink_attachskb+0x870/0x870 [ 3095.049634][T30354] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3095.055543][T30354] ? __phys_addr_symbol+0x30/0x70 [ 3095.060583][T30354] ? __check_object_size+0x323/0x730 [ 3095.065862][T30354] netlink_sendmsg+0x93c/0xe40 [ 3095.070634][T30354] ? netlink_unicast+0x810/0x810 [ 3095.075579][T30354] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3095.080881][T30354] ? netlink_unicast+0x810/0x810 [ 3095.085830][T30354] sock_sendmsg+0xd9/0x180 [ 3095.090243][T30354] ____sys_sendmsg+0x6ac/0x940 [ 3095.095005][T30354] ? copy_msghdr_from_user+0x10b/0x160 [ 3095.100542][T30354] ? kernel_sendmsg+0x50/0x50 [ 3095.105209][T30354] ? plist_check_list+0x1ae/0x280 [ 3095.110256][T30354] ? schedule+0xf1/0x1b0 [ 3095.114500][T30354] ___sys_sendmsg+0x135/0x1d0 [ 3095.119180][T30354] ? do_recvmmsg+0x740/0x740 [ 3095.123766][T30354] ? rcu_is_watching+0x12/0xb0 [ 3095.128527][T30354] ? rcu_is_watching+0x12/0xb0 [ 3095.133317][T30354] ? __fget_light+0xe6/0x260 [ 3095.137895][T30354] __sys_sendmsg+0x117/0x1e0 [ 3095.142572][T30354] ? __sys_sendmsg_sock+0x30/0x30 [ 3095.147591][T30354] ? xfd_validate_state+0x5d/0x180 [ 3095.152721][T30354] ? rcu_is_watching+0x12/0xb0 [ 3095.157737][T30354] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3095.163746][T30354] do_syscall_64+0x38/0xb0 [ 3095.168187][T30354] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3095.174093][T30354] RIP: 0033:0x7fc65907cae9 [ 3095.178504][T30354] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3095.198235][T30354] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3095.206665][T30354] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3095.214629][T30354] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3095.222589][T30354] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 20:14:42 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000001d65000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3095.230553][T30354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3095.238512][T30354] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3095.246477][T30354] [ 3095.257179][T30356] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3095.276033][T30356] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3095.284388][T30356] CPU: 1 PID: 30356 Comm: syz-executor.3 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3095.294858][T30356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3095.304919][T30356] Call Trace: [ 3095.308201][T30356] [ 3095.311163][T30356] dump_stack_lvl+0x125/0x1b0 [ 3095.315885][T30356] sysfs_warn_dup+0x7f/0xa0 [ 3095.320403][T30356] sysfs_do_create_link_sd+0x11e/0x140 [ 3095.325878][T30356] sysfs_create_link+0x61/0xc0 [ 3095.330653][T30356] device_add+0x669/0x1ac0 [ 3095.332436][T30360] FAT-fs (loop4): Directory bread(block 64) failed [ 3095.335080][T30356] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3095.341836][T30360] FAT-fs (loop4): Directory bread(block 65) failed [ 3095.348450][T30356] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3095.348487][T30356] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3095.348518][T30356] wiphy_register+0x2095/0x2ce0 [ 3095.348547][T30356] ? wiphy_unregister+0xb70/0xb70 [ 3095.348574][T30356] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3095.348600][T30356] ieee80211_register_hw+0x24d1/0x4250 [ 3095.348637][T30356] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3095.348671][T30356] ? rcu_is_watching+0x12/0xb0 [ 3095.348695][T30356] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3095.348722][T30356] ? __hrtimer_init+0x103/0x2c0 [ 3095.348753][T30356] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3095.348787][T30356] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3095.359269][T30360] FAT-fs (loop4): Directory bread(block 66) failed [ 3095.361127][T30356] ? rcu_is_watching+0x12/0xb0 [ 3095.361150][T30356] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3095.367849][T30360] FAT-fs (loop4): Directory bread(block 67) failed [ 3095.371930][T30356] hwsim_new_radio_nl+0xaf8/0x1240 [ 3095.371958][T30356] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3095.378547][T30360] FAT-fs (loop4): Directory bread(block 68) failed [ 3095.383006][T30356] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3095.389257][T30360] FAT-fs (loop4): Directory bread(block 69) failed [ 3095.393973][T30356] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3095.394013][T30356] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3095.400377][T30360] FAT-fs (loop4): Directory bread(block 70) failed [ 3095.404693][T30356] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3095.410280][T30360] FAT-fs (loop4): Directory bread(block 71) failed [ 3095.415236][T30356] ? ns_capable+0xd5/0x110 [ 3095.415267][T30356] genl_rcv_msg+0x55c/0x800 [ 3095.422544][T30360] FAT-fs (loop4): Directory bread(block 72) failed [ 3095.427421][T30356] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3095.427453][T30356] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3095.427481][T30356] netlink_rcv_skb+0x16b/0x440 [ 3095.427506][T30356] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3095.427534][T30356] ? netlink_ack+0x1370/0x1370 [ 3095.432914][T30360] FAT-fs (loop4): Directory bread(block 73) failed [ 3095.438134][T30356] ? rcu_is_watching+0x12/0xb0 [ 3095.438163][T30356] ? down_write+0x200/0x200 [ 3095.438186][T30356] ? netlink_deliver_tap+0x1b1/0xd10 [ 3095.438216][T30356] genl_rcv+0x28/0x40 [ 3095.438245][T30356] netlink_unicast+0x536/0x810 [ 3095.438276][T30356] ? netlink_attachskb+0x870/0x870 [ 3095.438304][T30356] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3095.438337][T30356] ? __phys_addr_symbol+0x30/0x70 [ 3095.492667][T30360] syz-executor.4: attempt to access beyond end of device [ 3095.492667][T30360] loop4: rw=524288, sector=1160, nr_sectors = 4 limit=256 [ 3095.495898][T30356] ? __check_object_size+0x323/0x730 [ 3095.495931][T30356] netlink_sendmsg+0x93c/0xe40 [ 3095.505190][T30360] syz-executor.4: attempt to access beyond end of device [ 3095.505190][T30360] loop4: rw=0, sector=1160, nr_sectors = 4 limit=256 [ 3095.509750][T30356] ? netlink_unicast+0x810/0x810 [ 3095.509785][T30356] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3095.509813][T30356] ? netlink_unicast+0x810/0x810 [ 3095.509838][T30356] sock_sendmsg+0xd9/0x180 [ 3095.509861][T30356] ____sys_sendmsg+0x6ac/0x940 [ 3095.509884][T30356] ? copy_msghdr_from_user+0x10b/0x160 [ 3095.515047][ T28] audit: type=1800 audit(1693858482.840:2749): pid=30360 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.4" name="file0" dev="loop4" ino=1049457 res=0 errno=0 [ 3095.519006][T30356] ? kernel_sendmsg+0x50/0x50 [ 3095.519032][T30356] ? plist_check_list+0x1ae/0x280 [ 3095.519062][T30356] ? schedule+0xf1/0x1b0 [ 3095.519084][T30356] ___sys_sendmsg+0x135/0x1d0 [ 3095.519122][T30356] ? do_recvmmsg+0x740/0x740 [ 3095.519149][T30356] ? rcu_is_watching+0x12/0xb0 [ 3095.519177][T30356] ? rcu_is_watching+0x12/0xb0 [ 3095.519198][T30356] ? __fget_light+0xe6/0x260 [ 3095.535177][ T28] audit: type=1804 audit(1693858482.860:2750): pid=30360 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir3524904456/syzkaller.xqgizm/3209/file0/file0" dev="loop4" ino=1049457 res=1 errno=0 [ 3095.537527][T30356] __sys_sendmsg+0x117/0x1e0 [ 3095.537558][T30356] ? __sys_sendmsg_sock+0x30/0x30 [ 3095.537583][T30356] ? xfd_validate_state+0x5d/0x180 [ 3095.537615][T30356] ? rcu_is_watching+0x12/0xb0 [ 3095.537634][T30356] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3095.537657][T30356] do_syscall_64+0x38/0xb0 [ 3095.779949][T30356] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3095.785840][T30356] RIP: 0033:0x7f594487cae9 [ 3095.790233][T30356] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3095.809836][T30356] RSP: 002b:00007f59455230c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3095.818228][T30356] RAX: ffffffffffffffda RBX: 00007f594499bf80 RCX: 00007f594487cae9 [ 3095.826180][T30356] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 20:14:43 executing program 4: r0 = syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uni_xlateno}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@rodir}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@fat=@check_strict}, {@utf8}, {@fat=@tz_utc}]}, 0x7, 0x311, &(0x7f0000000940)="$eJzs3TtoZPUXB/Dv7CSZ/P+wJoWwYOPVTpCwiVholWVZYTGFDwYfYBHcrEgmLmxwIFskm0osBRtBKzsLLbcWK7GzsFVBfGDjWi24eOVm3plEEzETH59PsZz9/c6Ze+6DzASSkyS5Mp2rt29/m9nZWqaWLy7nTi3zOZN6Om4GAPg3uVOW+ansOO1eAIDJ2Hv/f+XsabcBAEzQEb//f+rA1Wsn1hYAcILG3v8fHNmeGc2e6v9MAADwz/XsCy8+eWEleaYoZpONN9rNdjOPD/YvXM2raWUt5zOXu0nng0Ln00L17xOXVy6dLyrfzadZVbSbycZOu1kfrm9kMXOZ79aX/fp6Vb+4V18kubmzd/xs1NrN6Vqv/sv/Zy1Lmcu9Y/XJ5ZVLS0X3BZobvfqdZDezvZOo+l/IXD5/OdfSypVUtYP+txeL4mK5MlLfbjb28gAAAAAAAAAAAAAAAAAAAAAA4CQsFH3z/fk35WB+z0Iv4f5uQX8+Tue/3fk+u535QGWjN53nzfr++UDFvvk6UzlzeqcNAAAAAAAAAAAAAAAAAAAAfyubWzNZbbXWrm9u3VgfDnaGVl779MNP/pfxnD8IprrHGNqqp59T1nvJZX0kZ72WKqgng+QPbvU77q7UqrjRP4sD22gcvtVqnX3gm3cP2vp1sFLPcU/5xvrGPZ2WjlfVDZZ+PyezSXlY+fY741WpJVPHv3FHCJaTPLJ57tG9lY+7Qx8eenjuua/efv+HqtVa5zK0iiR3yz91rEaqWzB4NmrpBLXRJ+GILziTrdX6Fz8+f99bnx2tqhxeef3w5I/2r8z0HuMc6fmZzl9+dw4Kzr23vHpr++vvR7emM7g+o1d16IuEQR0AAAAAAAAAAAAAAAAAADARQ78rfgyPPX1yHQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5A3+/v9QsDu0MpPkoJzx4JedjG811q5vHnLol36e8LkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf9VsAAAD//1z+ctE=") openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a404bc, &(0x7f0000000540)=ANY=[@ANYRES64=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="6c625ae87ec6a3b70738c0c29ef3cb487e1fd790611d1b855f5dc052a941ebbcf5fd8aff2aa44fe4bdd1933c0b355ebb53e275cccbfc1e731e2525b40a8e2fc49645616f66af80df6dc5df9aee179174b198d2aee692c07e9892b5e21da6d0b323efd161b70b43aa92fccf24bf926e9c2d641453aee6475700e2d26de0788d19a4f06547797cfc1473954c3d7ec3a55f3b4e908619a10a2f92f46e766f580500052eda7e8993c33ee806e29434480b7557bee774c8f92a759a03000000000000000bdd49445d2e33730adb6a5204000000000000000000005022e1a3caab0096dd4a70b30ace66cba3486c8df5cbf437d2ed2278558fabf1a3f8b032cf9abfc84d259d802faf49665a0b5332b8d331d9e9", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) r1 = syz_open_dev$audion(&(0x7f00000002c0), 0x1, 0x200) openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x80000, 0x50) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x200000c, 0x1010, r1, 0x90dba000) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwritev(r2, &(0x7f0000001080)=[{&(0x7f0000000080)='r', 0x5800}], 0x1, 0x0, 0x0) 20:14:43 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x1c}, 0x4, 0x700000000000000}, 0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CHANNEL(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}, 0x1, 0x0, 0xf0}, 0x0) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r0) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r8) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r10, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r9, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r11}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r14 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r13) r15 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r15, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r14, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r16}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r5, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)={0xc0, r6, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@NL802154_ATTR_SEC_LEVEL={0xc, 0x2b, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x1}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r11}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_SEC_LEVEL={0x3c, 0x2b, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_FRAME={0x8}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x2}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x2}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r16}, @NL802154_ATTR_SEC_LEVEL={0x4c, 0x2b, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x6}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x3}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x3}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x1f}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x7}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x4}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x1}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x20000040}, 0x44000) ioctl$sock_SIOCGIFINDEX_802154(r12, 0x8933, &(0x7f0000000300)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEV(r13, &(0x7f0000000440)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100040}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x50, r6, 0x827ebb76dcca183a, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x74c97f9b01e0d595}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r16}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r11}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r17}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x50}}, 0x80010) [ 3095.834131][T30356] RBP: 00007f59448c847a R08: 0000000000000000 R09: 0000000000000000 [ 3095.842079][T30356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3095.850031][T30356] R13: 000000000000000b R14: 00007f594499bf80 R15: 00007ffc9f4734e8 [ 3095.858007][T30356] [ 3095.872124][T30358] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3095.892519][T30358] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3095.901856][T30358] CPU: 1 PID: 30358 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3095.911928][T30358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3095.922003][T30358] Call Trace: [ 3095.925301][T30358] [ 3095.928244][T30358] dump_stack_lvl+0x125/0x1b0 [ 3095.932948][T30358] sysfs_warn_dup+0x7f/0xa0 [ 3095.937477][T30358] sysfs_do_create_link_sd+0x11e/0x140 [ 3095.942984][T30358] sysfs_create_link+0x61/0xc0 [ 3095.947774][T30358] device_add+0x669/0x1ac0 [ 3095.952214][T30358] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3095.958060][T30367] syz-executor.4[30367]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3095.959073][T30358] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3095.959112][T30358] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3095.980589][T30358] wiphy_register+0x2095/0x2ce0 [ 3095.985444][T30358] ? wiphy_unregister+0xb70/0xb70 [ 3095.990467][T30358] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3095.996622][T30358] ieee80211_register_hw+0x24d1/0x4250 [ 3096.002094][T30358] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3096.007647][T30358] ? rcu_is_watching+0x12/0xb0 [ 3096.012402][T30358] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3096.018383][T30358] ? __hrtimer_init+0x103/0x2c0 [ 3096.023320][T30358] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3096.029044][T30358] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3096.034757][T30358] ? rcu_is_watching+0x12/0xb0 [ 3096.039520][T30358] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3096.045409][T30358] hwsim_new_radio_nl+0xaf8/0x1240 [ 3096.050694][T30358] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3096.056587][T30358] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3096.063994][T30358] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3096.071377][T30358] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3096.076936][T30358] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3096.084403][T30358] ? ns_capable+0xd5/0x110 [ 3096.088824][T30358] genl_rcv_msg+0x55c/0x800 [ 3096.093334][T30358] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3096.099329][T30358] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3096.105257][T30358] netlink_rcv_skb+0x16b/0x440 [ 3096.110031][T30358] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3096.115926][T30358] ? netlink_ack+0x1370/0x1370 [ 3096.120687][T30358] ? rcu_is_watching+0x12/0xb0 [ 3096.125442][T30358] ? down_write+0x200/0x200 [ 3096.129931][T30358] ? netlink_deliver_tap+0x1b1/0xd10 [ 3096.135211][T30358] genl_rcv+0x28/0x40 [ 3096.139190][T30358] netlink_unicast+0x536/0x810 [ 3096.143952][T30358] ? netlink_attachskb+0x870/0x870 [ 3096.149059][T30358] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3096.154947][T30358] ? __phys_addr_symbol+0x30/0x70 [ 3096.159967][T30358] ? __check_object_size+0x323/0x730 [ 3096.165248][T30358] netlink_sendmsg+0x93c/0xe40 [ 3096.170007][T30358] ? netlink_unicast+0x810/0x810 [ 3096.174965][T30358] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3096.180246][T30358] ? netlink_unicast+0x810/0x810 [ 3096.185207][T30358] sock_sendmsg+0xd9/0x180 [ 3096.189622][T30358] ____sys_sendmsg+0x6ac/0x940 [ 3096.194380][T30358] ? copy_msghdr_from_user+0x10b/0x160 [ 3096.199835][T30358] ? kernel_sendmsg+0x50/0x50 [ 3096.204502][T30358] ? plist_check_list+0x1ae/0x280 [ 3096.209520][T30358] ? schedule+0xf1/0x1b0 [ 3096.213751][T30358] ___sys_sendmsg+0x135/0x1d0 [ 3096.218430][T30358] ? do_recvmmsg+0x740/0x740 [ 3096.223011][T30358] ? rcu_is_watching+0x12/0xb0 [ 3096.227771][T30358] ? rcu_is_watching+0x12/0xb0 [ 3096.232521][T30358] ? __fget_light+0xe6/0x260 [ 3096.237112][T30358] __sys_sendmsg+0x117/0x1e0 [ 3096.241692][T30358] ? __sys_sendmsg_sock+0x30/0x30 [ 3096.246705][T30358] ? xfd_validate_state+0x5d/0x180 [ 3096.251827][T30358] ? rcu_is_watching+0x12/0xb0 [ 3096.256584][T30358] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3096.262557][T30358] do_syscall_64+0x38/0xb0 [ 3096.266968][T30358] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3096.272858][T30358] RIP: 0033:0x7fc66767cae9 [ 3096.277269][T30358] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3096.296950][T30358] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3096.305346][T30358] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3096.313303][T30358] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3096.321285][T30358] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 [ 3096.329237][T30358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3096.337193][T30358] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3096.345153][T30358] 20:14:43 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000060f94d100d05020027230102030109024840020000000009047d00031d5abf0009050400005539000009050b00000000000009050200000005000009047d01013481af0009a00e"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) [ 3096.370827][T30367] loop4: detected capacity change from 0 to 256 [ 3096.378196][T29067] usb 3-1: Using ep0 maxpacket: 16 20:14:43 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000007000000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3096.414829][T30362] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3096.425258][T30367] FAT-fs (loop4): Directory bread(block 64) failed [ 3096.433870][T30367] FAT-fs (loop4): Directory bread(block 65) failed [ 3096.441560][T30367] FAT-fs (loop4): Directory bread(block 66) failed [ 3096.442800][T30362] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3096.448127][T30367] FAT-fs (loop4): Directory bread(block 67) failed [ 3096.448209][T30367] FAT-fs (loop4): Directory bread(block 68) failed [ 3096.448229][T30367] FAT-fs (loop4): Directory bread(block 69) failed [ 3096.448298][T30367] FAT-fs (loop4): Directory bread(block 70) failed [ 3096.448317][T30367] FAT-fs (loop4): Directory bread(block 71) failed [ 3096.448385][T30367] FAT-fs (loop4): Directory bread(block 72) failed [ 3096.470635][T30362] CPU: 0 PID: 30362 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3096.505849][T30362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3096.515895][T30362] Call Trace: [ 3096.519162][T30362] [ 3096.522082][T30362] dump_stack_lvl+0x125/0x1b0 [ 3096.526758][T30362] sysfs_warn_dup+0x7f/0xa0 [ 3096.531253][T30362] sysfs_do_create_link_sd+0x11e/0x140 [ 3096.536703][T30362] sysfs_create_link+0x61/0xc0 [ 3096.541462][T30362] device_add+0x669/0x1ac0 [ 3096.545926][T30362] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3096.552776][T30362] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3096.558716][T30362] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3096.564702][T30362] wiphy_register+0x2095/0x2ce0 [ 3096.569569][T30362] ? wiphy_unregister+0xb70/0xb70 [ 3096.574630][T30362] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3096.580703][T30362] ieee80211_register_hw+0x24d1/0x4250 [ 3096.586186][T30362] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3096.591725][T30362] ? rcu_is_watching+0x12/0xb0 [ 3096.596480][T30362] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3096.602450][T30362] ? __hrtimer_init+0x103/0x2c0 [ 3096.607326][T30362] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3096.613043][T30362] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3096.618750][T30362] ? rcu_is_watching+0x12/0xb0 [ 3096.623502][T30362] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3096.629383][T30362] hwsim_new_radio_nl+0xaf8/0x1240 [ 3096.634484][T30362] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3096.640394][T30362] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3096.647763][T30362] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3096.655132][T30362] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3096.660678][T30362] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3096.668055][T30362] ? ns_capable+0xd5/0x110 [ 3096.672468][T30362] genl_rcv_msg+0x55c/0x800 [ 3096.677075][T30362] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3096.683006][T30362] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3096.688919][T30362] netlink_rcv_skb+0x16b/0x440 [ 3096.693679][T30362] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3096.699572][T30362] ? netlink_ack+0x1370/0x1370 [ 3096.704329][T30362] ? rcu_is_watching+0x12/0xb0 [ 3096.709089][T30362] ? down_write+0x200/0x200 [ 3096.713590][T30362] ? netlink_deliver_tap+0x1b1/0xd10 [ 3096.718870][T30362] genl_rcv+0x28/0x40 [ 3096.722845][T30362] netlink_unicast+0x536/0x810 [ 3096.727612][T30362] ? netlink_attachskb+0x870/0x870 [ 3096.732715][T30362] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3096.738602][T30362] ? __phys_addr_symbol+0x30/0x70 [ 3096.743613][T30362] ? __check_object_size+0x323/0x730 [ 3096.748892][T30362] netlink_sendmsg+0x93c/0xe40 [ 3096.753654][T30362] ? netlink_unicast+0x810/0x810 [ 3096.758583][T30362] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3096.763861][T30362] ? netlink_unicast+0x810/0x810 [ 3096.768792][T30362] sock_sendmsg+0xd9/0x180 [ 3096.773202][T30362] ____sys_sendmsg+0x6ac/0x940 [ 3096.777954][T30362] ? copy_msghdr_from_user+0x10b/0x160 [ 3096.783403][T30362] ? kernel_sendmsg+0x50/0x50 [ 3096.788093][T30362] ? plist_check_list+0x1ae/0x280 [ 3096.793140][T30362] ? schedule+0xf1/0x1b0 [ 3096.797414][T30362] ___sys_sendmsg+0x135/0x1d0 [ 3096.802105][T30362] ? do_recvmmsg+0x740/0x740 [ 3096.806686][T30362] ? rcu_is_watching+0x12/0xb0 [ 3096.811458][T30362] ? rcu_is_watching+0x12/0xb0 [ 3096.816226][T30362] ? __fget_light+0xe6/0x260 [ 3096.820816][T30362] __sys_sendmsg+0x117/0x1e0 [ 3096.825413][T30362] ? __sys_sendmsg_sock+0x30/0x30 [ 3096.830450][T30362] ? xfd_validate_state+0x5d/0x180 [ 3096.835571][T30362] ? rcu_is_watching+0x12/0xb0 [ 3096.840343][T30362] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3096.846331][T30362] do_syscall_64+0x38/0xb0 [ 3096.850751][T30362] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3096.856756][T30362] RIP: 0033:0x7f1773a7cae9 [ 3096.861268][T30362] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3096.880876][T30362] RSP: 002b:00007f177476b0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3096.889287][T30362] RAX: ffffffffffffffda RBX: 00007f1773b9bf80 RCX: 00007f1773a7cae9 [ 3096.897274][T30362] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3096.905239][T30362] RBP: 00007f1773ac847a R08: 0000000000000000 R09: 0000000000000000 [ 3096.913214][T30362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3096.921177][T30362] R13: 000000000000000b R14: 00007f1773b9bf80 R15: 00007ffc226675b8 [ 3096.929264][T30362] [ 3096.946933][T30367] FAT-fs (loop4): Directory bread(block 73) failed [ 3096.951190][T30364] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. 20:14:44 executing program 0: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000e00000000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3096.953575][T29067] usb 3-1: device descriptor read/all, error -71 [ 3096.972837][T30364] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3097.016319][T30364] CPU: 1 PID: 30364 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3097.026629][T30364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3097.036714][T30364] Call Trace: [ 3097.040013][T30364] [ 3097.043076][T30364] dump_stack_lvl+0x125/0x1b0 [ 3097.047802][T30364] sysfs_warn_dup+0x7f/0xa0 [ 3097.052343][T30364] sysfs_do_create_link_sd+0x11e/0x140 [ 3097.057833][T30364] sysfs_create_link+0x61/0xc0 [ 3097.062638][T30364] device_add+0x669/0x1ac0 [ 3097.067078][T30364] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3097.073192][T30367] syz-executor.4: attempt to access beyond end of device [ 3097.073192][T30367] loop4: rw=524288, sector=1160, nr_sectors = 4 limit=256 [ 3097.073977][T30364] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3097.074015][T30364] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3097.088438][T30367] syz-executor.4: attempt to access beyond end of device [ 3097.088438][T30367] loop4: rw=0, sector=1160, nr_sectors = 4 limit=256 [ 3097.094062][T30364] wiphy_register+0x2095/0x2ce0 [ 3097.094106][T30364] ? wiphy_unregister+0xb70/0xb70 [ 3097.094126][T30364] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3097.094148][T30364] ieee80211_register_hw+0x24d1/0x4250 [ 3097.094178][T30364] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3097.094208][T30364] ? rcu_is_watching+0x12/0xb0 [ 3097.094230][T30364] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3097.094256][T30364] ? __hrtimer_init+0x103/0x2c0 [ 3097.094287][T30364] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3097.094319][T30364] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3097.094340][T30364] ? rcu_is_watching+0x12/0xb0 [ 3097.094362][T30364] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3097.094390][T30364] hwsim_new_radio_nl+0xaf8/0x1240 [ 3097.094413][T30364] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3097.094445][T30364] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3097.094490][T30364] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3097.094533][T30364] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3097.094572][T30364] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3097.094618][T30364] ? ns_capable+0xd5/0x110 [ 3097.094648][T30364] genl_rcv_msg+0x55c/0x800 [ 3097.094686][T30364] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3097.094724][T30364] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3097.094758][T30364] netlink_rcv_skb+0x16b/0x440 [ 3097.094792][T30364] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3097.094831][T30364] ? netlink_ack+0x1370/0x1370 [ 3097.094864][T30364] ? rcu_is_watching+0x12/0xb0 [ 3097.094892][T30364] ? down_write+0x200/0x200 [ 3097.094918][T30364] ? netlink_deliver_tap+0x1b1/0xd10 [ 3097.094952][T30364] genl_rcv+0x28/0x40 [ 3097.094983][T30364] netlink_unicast+0x536/0x810 [ 3097.095019][T30364] ? netlink_attachskb+0x870/0x870 [ 3097.095052][T30364] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3097.095090][T30364] ? __phys_addr_symbol+0x30/0x70 [ 3097.095118][T30364] ? __check_object_size+0x323/0x730 [ 3097.095151][T30364] netlink_sendmsg+0x93c/0xe40 [ 3097.095187][T30364] ? netlink_unicast+0x810/0x810 [ 3097.095219][T30364] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3097.095248][T30364] ? netlink_unicast+0x810/0x810 [ 3097.095276][T30364] sock_sendmsg+0xd9/0x180 [ 3097.095300][T30364] ____sys_sendmsg+0x6ac/0x940 [ 3097.327409][T30364] ? copy_msghdr_from_user+0x10b/0x160 [ 3097.332872][T30364] ? kernel_sendmsg+0x50/0x50 [ 3097.337536][T30364] ? plist_check_list+0x1ae/0x280 [ 3097.342560][T30364] ? schedule+0xf1/0x1b0 [ 3097.346792][T30364] ___sys_sendmsg+0x135/0x1d0 [ 3097.351461][T30364] ? do_recvmmsg+0x740/0x740 [ 3097.356040][T30364] ? rcu_is_watching+0x12/0xb0 [ 3097.360795][T30364] ? rcu_is_watching+0x12/0xb0 [ 3097.365647][T30364] ? __fget_light+0xe6/0x260 [ 3097.370241][T30364] __sys_sendmsg+0x117/0x1e0 [ 3097.374827][T30364] ? __sys_sendmsg_sock+0x30/0x30 [ 3097.379844][T30364] ? xfd_validate_state+0x5d/0x180 [ 3097.385040][T30364] ? rcu_is_watching+0x12/0xb0 [ 3097.389795][T30364] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3097.395765][T30364] do_syscall_64+0x38/0xb0 [ 3097.400274][T30364] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3097.406235][T30364] RIP: 0033:0x7fc65907cae9 [ 3097.410674][T30364] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3097.430299][T30364] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3097.438720][T30364] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3097.446773][T30364] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3097.454747][T30364] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3097.462715][T30364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3097.470680][T30364] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3097.478658][T30364] [ 3097.494590][T29067] usb usb3-port1: attempt power cycle 20:14:44 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000068000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3097.513765][ T28] audit: type=1800 audit(1693858484.820:2751): pid=30367 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.4" name="file0" dev="loop4" ino=1049458 res=0 errno=0 [ 3097.534631][T30376] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3097.543674][ T28] audit: type=1804 audit(1693858484.840:2752): pid=30367 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir3524904456/syzkaller.xqgizm/3210/file0/file0" dev="loop4" ino=1049458 res=1 errno=0 [ 3097.583818][T30376] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3097.594475][T30376] CPU: 1 PID: 30376 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3097.604575][T30376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3097.614638][T30376] Call Trace: [ 3097.617920][T30376] [ 3097.620848][T30376] dump_stack_lvl+0x125/0x1b0 [ 3097.625540][T30376] sysfs_warn_dup+0x7f/0xa0 [ 3097.630047][T30376] sysfs_do_create_link_sd+0x11e/0x140 [ 3097.635528][T30376] sysfs_create_link+0x61/0xc0 [ 3097.640303][T30376] device_add+0x669/0x1ac0 [ 3097.644735][T30376] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3097.651607][T30376] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3097.657533][T30376] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3097.663533][T30376] wiphy_register+0x2095/0x2ce0 [ 3097.668407][T30376] ? wiphy_unregister+0xb70/0xb70 [ 3097.673507][T30376] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3097.679596][T30376] ieee80211_register_hw+0x24d1/0x4250 [ 3097.685064][T30376] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3097.690617][T30376] ? rcu_is_watching+0x12/0xb0 [ 3097.695366][T30376] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3097.701339][T30376] ? __hrtimer_init+0x103/0x2c0 [ 3097.706183][T30376] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3097.711924][T30376] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3097.717643][T30376] ? rcu_is_watching+0x12/0xb0 [ 3097.722414][T30376] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3097.728299][T30376] hwsim_new_radio_nl+0xaf8/0x1240 [ 3097.733403][T30376] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3097.739298][T30376] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3097.746758][T30376] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3097.754188][T30376] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3097.759728][T30376] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3097.767094][T30376] ? ns_capable+0xd5/0x110 [ 3097.771519][T30376] genl_rcv_msg+0x55c/0x800 [ 3097.776015][T30376] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3097.781904][T30376] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3097.787786][T30376] netlink_rcv_skb+0x16b/0x440 [ 3097.792541][T30376] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3097.798427][T30376] ? netlink_ack+0x1370/0x1370 [ 3097.803180][T30376] ? rcu_is_watching+0x12/0xb0 [ 3097.807941][T30376] ? down_write+0x200/0x200 [ 3097.812432][T30376] ? netlink_deliver_tap+0x1b1/0xd10 [ 3097.817720][T30376] genl_rcv+0x28/0x40 [ 3097.821698][T30376] netlink_unicast+0x536/0x810 [ 3097.826456][T30376] ? netlink_attachskb+0x870/0x870 [ 3097.831561][T30376] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3097.837447][T30376] ? __phys_addr_symbol+0x30/0x70 [ 3097.842460][T30376] ? __check_object_size+0x323/0x730 [ 3097.847744][T30376] netlink_sendmsg+0x93c/0xe40 [ 3097.852553][T30376] ? netlink_unicast+0x810/0x810 [ 3097.857526][T30376] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3097.862811][T30376] ? netlink_unicast+0x810/0x810 [ 3097.867742][T30376] sock_sendmsg+0xd9/0x180 [ 3097.872165][T30376] ____sys_sendmsg+0x6ac/0x940 [ 3097.876932][T30376] ? copy_msghdr_from_user+0x10b/0x160 [ 3097.882405][T30376] ? kernel_sendmsg+0x50/0x50 [ 3097.887105][T30376] ? plist_check_list+0x1ae/0x280 [ 3097.892122][T30376] ? schedule+0xf1/0x1b0 [ 3097.896353][T30376] ___sys_sendmsg+0x135/0x1d0 [ 3097.901021][T30376] ? do_recvmmsg+0x740/0x740 [ 3097.905619][T30376] ? rcu_is_watching+0x12/0xb0 [ 3097.910427][T30376] ? rcu_is_watching+0x12/0xb0 [ 3097.915197][T30376] ? __fget_light+0xe6/0x260 [ 3097.919781][T30376] __sys_sendmsg+0x117/0x1e0 [ 3097.924398][T30376] ? __sys_sendmsg_sock+0x30/0x30 [ 3097.929413][T30376] ? xfd_validate_state+0x5d/0x180 [ 3097.934526][T30376] ? rcu_is_watching+0x12/0xb0 [ 3097.939275][T30376] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3097.945275][T30376] do_syscall_64+0x38/0xb0 [ 3097.949737][T30376] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3097.955669][T30376] RIP: 0033:0x7fc66767cae9 [ 3097.960085][T30376] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3097.979766][T30376] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3097.988182][T30376] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3097.996139][T30376] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3098.004110][T30376] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 [ 3098.012115][T30376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 20:14:45 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x40, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xf000}}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x40}, 0x4, 0x700000000000000}, 0x0) [ 3098.020070][T30376] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3098.028026][T30376] [ 3098.042572][T30378] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'. 20:14:45 executing program 3: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100ffffffff8a80000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3098.068447][T30378] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3098.081536][T30378] CPU: 1 PID: 30378 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3098.091609][T30378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3098.101664][T30378] Call Trace: [ 3098.104941][T30378] [ 3098.107870][T30378] dump_stack_lvl+0x125/0x1b0 [ 3098.112581][T30378] sysfs_warn_dup+0x7f/0xa0 [ 3098.117105][T30378] sysfs_do_create_link_sd+0x11e/0x140 [ 3098.122593][T30378] sysfs_create_link+0x61/0xc0 [ 3098.127361][T30378] device_add+0x669/0x1ac0 [ 3098.131808][T30378] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3098.138667][T30378] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3098.144576][T30378] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3098.150551][T30378] wiphy_register+0x2095/0x2ce0 [ 3098.155397][T30378] ? wiphy_unregister+0xb70/0xb70 [ 3098.160414][T30378] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3098.166472][T30378] ieee80211_register_hw+0x24d1/0x4250 [ 3098.171932][T30378] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3098.177475][T30378] ? rcu_is_watching+0x12/0xb0 [ 3098.182227][T30378] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3098.188198][T30378] ? __hrtimer_init+0x103/0x2c0 [ 3098.193048][T30378] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3098.198770][T30378] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3098.204485][T30378] ? rcu_is_watching+0x12/0xb0 [ 3098.209237][T30378] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3098.215119][T30378] hwsim_new_radio_nl+0xaf8/0x1240 [ 3098.220309][T30378] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3098.226196][T30378] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3098.233565][T30378] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3098.240946][T30378] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3098.246489][T30378] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3098.253862][T30378] ? ns_capable+0xd5/0x110 [ 3098.258272][T30378] genl_rcv_msg+0x55c/0x800 [ 3098.262896][T30378] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3098.268810][T30378] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3098.274715][T30378] netlink_rcv_skb+0x16b/0x440 [ 3098.279579][T30378] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3098.285480][T30378] ? netlink_ack+0x1370/0x1370 [ 3098.290243][T30378] ? rcu_is_watching+0x12/0xb0 [ 3098.295031][T30378] ? down_write+0x200/0x200 [ 3098.299578][T30378] ? netlink_deliver_tap+0x1b1/0xd10 [ 3098.304862][T30378] genl_rcv+0x28/0x40 [ 3098.308842][T30378] netlink_unicast+0x536/0x810 [ 3098.313706][T30378] ? netlink_attachskb+0x870/0x870 [ 3098.318822][T30378] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3098.324735][T30378] ? __phys_addr_symbol+0x30/0x70 [ 3098.329777][T30378] ? __check_object_size+0x323/0x730 [ 3098.335056][T30378] netlink_sendmsg+0x93c/0xe40 [ 3098.339813][T30378] ? netlink_unicast+0x810/0x810 [ 3098.344751][T30378] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3098.350036][T30378] ? netlink_unicast+0x810/0x810 [ 3098.354993][T30378] sock_sendmsg+0xd9/0x180 [ 3098.359414][T30378] ____sys_sendmsg+0x6ac/0x940 [ 3098.364172][T30378] ? copy_msghdr_from_user+0x10b/0x160 [ 3098.369626][T30378] ? kernel_sendmsg+0x50/0x50 [ 3098.374321][T30378] ? plist_check_list+0x1ae/0x280 [ 3098.379372][T30378] ? schedule+0xf1/0x1b0 [ 3098.383605][T30378] ___sys_sendmsg+0x135/0x1d0 [ 3098.388283][T30378] ? do_recvmmsg+0x740/0x740 [ 3098.392872][T30378] ? rcu_is_watching+0x12/0xb0 [ 3098.397629][T30378] ? rcu_is_watching+0x12/0xb0 [ 3098.402559][T30378] ? __fget_light+0xe6/0x260 [ 3098.407144][T30378] __sys_sendmsg+0x117/0x1e0 [ 3098.411729][T30378] ? __sys_sendmsg_sock+0x30/0x30 [ 3098.416747][T30378] ? xfd_validate_state+0x5d/0x180 [ 3098.421856][T30378] ? rcu_is_watching+0x12/0xb0 [ 3098.426611][T30378] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3098.432584][T30378] do_syscall_64+0x38/0xb0 [ 3098.437007][T30378] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3098.442895][T30378] RIP: 0033:0x7f1773a7cae9 [ 3098.447296][T30378] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3098.466893][T30378] RSP: 002b:00007f177476b0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3098.475313][T30378] RAX: ffffffffffffffda RBX: 00007f1773b9bf80 RCX: 00007f1773a7cae9 [ 3098.483270][T30378] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3098.491231][T30378] RBP: 00007f1773ac847a R08: 0000000000000000 R09: 0000000000000000 [ 3098.499187][T30378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3098.507235][T30378] R13: 000000000000000b R14: 00007f1773b9bf80 R15: 00007ffc226675b8 [ 3098.515211][T30378] 20:14:45 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100ffffffe40000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3098.524288][T30383] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3098.539849][T30383] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3098.582660][T30383] CPU: 0 PID: 30383 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3098.592745][T30383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3098.602780][T30383] Call Trace: [ 3098.606046][T30383] [ 3098.608990][T30383] dump_stack_lvl+0x125/0x1b0 [ 3098.613664][T30383] sysfs_warn_dup+0x7f/0xa0 [ 3098.618165][T30383] sysfs_do_create_link_sd+0x11e/0x140 [ 3098.623617][T30383] sysfs_create_link+0x61/0xc0 [ 3098.628385][T30383] device_add+0x669/0x1ac0 [ 3098.632833][T30383] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3098.639713][T30383] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3098.640308][T29067] usb 3-1: new high-speed USB device number 38 using dummy_hcd [ 3098.645608][T30383] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3098.659101][T30383] wiphy_register+0x2095/0x2ce0 [ 3098.663953][T30383] ? wiphy_unregister+0xb70/0xb70 [ 3098.668981][T30383] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3098.675053][T30383] ieee80211_register_hw+0x24d1/0x4250 [ 3098.680509][T30383] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3098.686049][T30383] ? rcu_is_watching+0x12/0xb0 [ 3098.690800][T30383] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3098.696777][T30383] ? __hrtimer_init+0x103/0x2c0 [ 3098.701620][T30383] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3098.707338][T30383] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3098.713045][T30383] ? rcu_is_watching+0x12/0xb0 [ 3098.717794][T30383] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3098.723702][T30383] hwsim_new_radio_nl+0xaf8/0x1240 [ 3098.728803][T30383] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3098.734691][T30383] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3098.742140][T30383] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3098.749569][T30383] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3098.755137][T30383] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3098.762509][T30383] ? ns_capable+0xd5/0x110 [ 3098.766934][T30383] genl_rcv_msg+0x55c/0x800 [ 3098.771437][T30383] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3098.777325][T30383] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3098.783239][T30383] netlink_rcv_skb+0x16b/0x440 [ 3098.788006][T30383] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3098.793922][T30383] ? netlink_ack+0x1370/0x1370 [ 3098.798694][T30383] ? rcu_is_watching+0x12/0xb0 [ 3098.803444][T30383] ? down_write+0x200/0x200 [ 3098.807937][T30383] ? netlink_deliver_tap+0x1b1/0xd10 [ 3098.813215][T30383] genl_rcv+0x28/0x40 [ 3098.817193][T30383] netlink_unicast+0x536/0x810 [ 3098.821954][T30383] ? netlink_attachskb+0x870/0x870 [ 3098.827053][T30383] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3098.832952][T30383] ? __phys_addr_symbol+0x30/0x70 [ 3098.836974][T29067] usb 3-1: Using ep0 maxpacket: 16 [ 3098.838092][T30383] ? __check_object_size+0x323/0x730 [ 3098.838122][T30383] netlink_sendmsg+0x93c/0xe40 [ 3098.853429][T30383] ? netlink_unicast+0x810/0x810 [ 3098.858375][T30383] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3098.863649][T30383] ? netlink_unicast+0x810/0x810 [ 3098.868578][T30383] sock_sendmsg+0xd9/0x180 [ 3098.872986][T30383] ____sys_sendmsg+0x6ac/0x940 [ 3098.877739][T30383] ? copy_msghdr_from_user+0x10b/0x160 [ 3098.883188][T30383] ? kernel_sendmsg+0x50/0x50 [ 3098.887855][T30383] ? plist_check_list+0x1ae/0x280 [ 3098.892872][T30383] ? schedule+0xf1/0x1b0 [ 3098.897135][T30383] ___sys_sendmsg+0x135/0x1d0 [ 3098.901809][T30383] ? do_recvmmsg+0x740/0x740 [ 3098.906436][T30383] ? rcu_is_watching+0x12/0xb0 [ 3098.911199][T30383] ? rcu_is_watching+0x12/0xb0 [ 3098.915953][T30383] ? __fget_light+0xe6/0x260 [ 3098.920530][T30383] __sys_sendmsg+0x117/0x1e0 [ 3098.925128][T30383] ? __sys_sendmsg_sock+0x30/0x30 [ 3098.930181][T30383] ? xfd_validate_state+0x5d/0x180 [ 3098.935309][T30383] ? rcu_is_watching+0x12/0xb0 [ 3098.940097][T30383] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3098.946074][T30383] do_syscall_64+0x38/0xb0 [ 3098.950479][T30383] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3098.956367][T30383] RIP: 0033:0x7fc65907cae9 [ 3098.960848][T30383] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3098.980475][T30383] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3098.989160][T30383] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3098.997144][T30383] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3099.005137][T30383] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3099.013120][T30383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3099.021094][T30383] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3099.029059][T30383] [ 3099.046707][T30386] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3099.058344][T30386] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3099.066246][T30386] CPU: 0 PID: 30386 Comm: syz-executor.3 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3099.076310][T30386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3099.086361][T30386] Call Trace: [ 3099.089638][T30386] [ 3099.092571][T30386] dump_stack_lvl+0x125/0x1b0 20:14:46 executing program 0: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000e00000000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:46 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="140100002900010000000000006c000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3099.097268][T30386] sysfs_warn_dup+0x7f/0xa0 [ 3099.101823][T30386] sysfs_do_create_link_sd+0x11e/0x140 [ 3099.107310][T30386] sysfs_create_link+0x61/0xc0 [ 3099.112109][T30386] device_add+0x669/0x1ac0 [ 3099.116561][T30386] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3099.117063][T29067] usb 3-1: config index 0 descriptor too short (expected 16456, got 72) [ 3099.123446][T30386] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3099.137198][T29067] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 3099.137635][T30386] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3099.137666][T30386] wiphy_register+0x2095/0x2ce0 [ 3099.149178][T29067] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 3099.151740][T30386] ? wiphy_unregister+0xb70/0xb70 [ 3099.151767][T30386] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3099.156671][T29067] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 3099.164753][T30386] ieee80211_register_hw+0x24d1/0x4250 [ 3099.164800][T30386] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3099.196999][T30386] ? rcu_is_watching+0x12/0xb0 [ 3099.201758][T30386] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3099.207819][T30386] ? __hrtimer_init+0x103/0x2c0 [ 3099.212665][T30386] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3099.218388][T30386] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3099.224099][T30386] ? rcu_is_watching+0x12/0xb0 [ 3099.229459][T30386] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3099.235347][T30386] hwsim_new_radio_nl+0xaf8/0x1240 [ 3099.240463][T30386] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3099.246353][T30386] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3099.253720][T30386] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3099.261095][T30386] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3099.266639][T30386] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3099.274011][T30386] ? ns_capable+0xd5/0x110 [ 3099.278455][T30386] genl_rcv_msg+0x55c/0x800 [ 3099.282957][T30386] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3099.288849][T30386] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3099.294756][T30386] netlink_rcv_skb+0x16b/0x440 [ 3099.299515][T30386] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3099.305407][T30386] ? netlink_ack+0x1370/0x1370 [ 3099.310166][T30386] ? rcu_is_watching+0x12/0xb0 [ 3099.314924][T30386] ? down_write+0x200/0x200 [ 3099.319417][T30386] ? netlink_deliver_tap+0x1b1/0xd10 [ 3099.324876][T30386] genl_rcv+0x28/0x40 [ 3099.328853][T30386] netlink_unicast+0x536/0x810 [ 3099.333614][T30386] ? netlink_attachskb+0x870/0x870 [ 3099.338721][T30386] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3099.344622][T30386] ? __phys_addr_symbol+0x30/0x70 [ 3099.349664][T30386] ? __check_object_size+0x323/0x730 [ 3099.354948][T30386] netlink_sendmsg+0x93c/0xe40 [ 3099.359724][T30386] ? netlink_unicast+0x810/0x810 [ 3099.364666][T30386] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3099.369957][T30386] ? netlink_unicast+0x810/0x810 [ 3099.374890][T30386] sock_sendmsg+0xd9/0x180 [ 3099.379302][T30386] ____sys_sendmsg+0x6ac/0x940 [ 3099.384060][T30386] ? copy_msghdr_from_user+0x10b/0x160 [ 3099.389515][T30386] ? kernel_sendmsg+0x50/0x50 [ 3099.394185][T30386] ? plist_check_list+0x1ae/0x280 [ 3099.399206][T30386] ? schedule+0xf1/0x1b0 [ 3099.403466][T30386] ___sys_sendmsg+0x135/0x1d0 [ 3099.408138][T30386] ? do_recvmmsg+0x740/0x740 [ 3099.412724][T30386] ? rcu_is_watching+0x12/0xb0 [ 3099.417485][T30386] ? rcu_is_watching+0x12/0xb0 [ 3099.422243][T30386] ? __fget_light+0xe6/0x260 [ 3099.426825][T30386] __sys_sendmsg+0x117/0x1e0 [ 3099.431411][T30386] ? __sys_sendmsg_sock+0x30/0x30 [ 3099.436430][T30386] ? xfd_validate_state+0x5d/0x180 [ 3099.441544][T30386] ? rcu_is_watching+0x12/0xb0 [ 3099.446307][T30386] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3099.452282][T30386] do_syscall_64+0x38/0xb0 [ 3099.456957][T30386] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3099.462846][T30386] RIP: 0033:0x7f594487cae9 [ 3099.467257][T30386] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3099.486858][T30386] RSP: 002b:00007f59455230c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3099.495433][T30386] RAX: ffffffffffffffda RBX: 00007f594499bf80 RCX: 00007f594487cae9 [ 3099.503396][T30386] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3099.511363][T30386] RBP: 00007f59448c847a R08: 0000000000000000 R09: 0000000000000000 [ 3099.519324][T30386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3099.527285][T30386] R13: 000000000000000b R14: 00007f594499bf80 R15: 00007ffc9f4734e8 [ 3099.535246][T30386] [ 3099.552059][T30391] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3099.552936][T29067] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 3099.571832][T29067] usb 3-1: config 0 has no interface number 0 [ 3099.578346][T29067] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 3099.589603][T29067] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 3099.600804][T29067] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 3099.616789][T29067] usb 3-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 3099.637312][T30391] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3099.651397][T30391] CPU: 1 PID: 30391 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3099.661498][T30391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3099.671559][T30391] Call Trace: [ 3099.674846][T30391] [ 3099.677780][T30391] dump_stack_lvl+0x125/0x1b0 [ 3099.682482][T30391] sysfs_warn_dup+0x7f/0xa0 [ 3099.687002][T30391] sysfs_do_create_link_sd+0x11e/0x140 [ 3099.692477][T30391] sysfs_create_link+0x61/0xc0 [ 3099.697252][T30391] device_add+0x669/0x1ac0 20:14:47 executing program 4: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000826920000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) 20:14:47 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000060f94d100d05020027230102030109024840020000000009047d00031d5abf0009050400005539000009050b00000000000009050200000005000009047d01013481af0009a00e0023000069"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 20:14:47 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000000000074000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3099.701718][T30391] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3099.708580][T30391] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3099.714488][T30391] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3099.720511][T30391] wiphy_register+0x2095/0x2ce0 [ 3099.725359][T30391] ? wiphy_unregister+0xb70/0xb70 [ 3099.730374][T30391] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3099.736431][T30391] ieee80211_register_hw+0x24d1/0x4250 [ 3099.741899][T30391] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3099.747444][T30391] ? rcu_is_watching+0x12/0xb0 [ 3099.752200][T30391] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3099.758174][T30391] ? __hrtimer_init+0x103/0x2c0 [ 3099.763018][T30391] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3099.768823][T30391] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3099.774534][T30391] ? rcu_is_watching+0x12/0xb0 [ 3099.779316][T30391] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3099.785201][T30391] hwsim_new_radio_nl+0xaf8/0x1240 [ 3099.790309][T30391] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3099.796198][T30391] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3099.803567][T30391] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3099.811124][T30391] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3099.816670][T30391] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3099.824044][T30391] ? ns_capable+0xd5/0x110 [ 3099.828461][T30391] genl_rcv_msg+0x55c/0x800 [ 3099.832992][T30391] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3099.838891][T30391] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3099.844782][T30391] netlink_rcv_skb+0x16b/0x440 [ 3099.849556][T30391] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3099.855449][T30391] ? netlink_ack+0x1370/0x1370 [ 3099.860210][T30391] ? rcu_is_watching+0x12/0xb0 [ 3099.864981][T30391] ? down_write+0x200/0x200 [ 3099.869474][T30391] ? netlink_deliver_tap+0x1b1/0xd10 [ 3099.874848][T30391] genl_rcv+0x28/0x40 [ 3099.878826][T30391] netlink_unicast+0x536/0x810 [ 3099.883591][T30391] ? netlink_attachskb+0x870/0x870 [ 3099.888697][T30391] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3099.894593][T30391] ? __phys_addr_symbol+0x30/0x70 [ 3099.899618][T30391] ? __check_object_size+0x323/0x730 [ 3099.904899][T30391] netlink_sendmsg+0x93c/0xe40 [ 3099.909676][T30391] ? netlink_unicast+0x810/0x810 [ 3099.914613][T30391] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3099.919897][T30391] ? netlink_unicast+0x810/0x810 [ 3099.924835][T30391] sock_sendmsg+0xd9/0x180 [ 3099.929398][T30391] ____sys_sendmsg+0x6ac/0x940 [ 3099.934272][T30391] ? copy_msghdr_from_user+0x10b/0x160 [ 3099.939731][T30391] ? kernel_sendmsg+0x50/0x50 [ 3099.944419][T30391] ? plist_check_list+0x1ae/0x280 [ 3099.949541][T30391] ? schedule+0xf1/0x1b0 [ 3099.953781][T30391] ___sys_sendmsg+0x135/0x1d0 [ 3099.958457][T30391] ? do_recvmmsg+0x740/0x740 [ 3099.963041][T30391] ? rcu_is_watching+0x12/0xb0 [ 3099.967809][T30391] ? rcu_is_watching+0x12/0xb0 [ 3099.972569][T30391] ? __fget_light+0xe6/0x260 [ 3099.977152][T30391] __sys_sendmsg+0x117/0x1e0 [ 3099.981744][T30391] ? __sys_sendmsg_sock+0x30/0x30 [ 3099.986769][T30391] ? xfd_validate_state+0x5d/0x180 [ 3099.991884][T30391] ? rcu_is_watching+0x12/0xb0 [ 3099.996634][T30391] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3100.002607][T30391] do_syscall_64+0x38/0xb0 [ 3100.007049][T30391] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3100.013050][T30391] RIP: 0033:0x7fc66767cae9 [ 3100.017454][T30391] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3100.037082][T30391] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3100.045484][T30391] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3100.053463][T30391] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3100.061445][T30391] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 [ 3100.069516][T30391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3100.077510][T30391] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3100.085486][T30391] 20:14:47 executing program 3: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100ffffffff8a80000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3100.102871][T29067] usb 3-1: string descriptor 0 read error: -71 [ 3100.115521][T29067] usb 3-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 3100.130261][T30394] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3100.139646][T29067] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 20:14:47 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100ffffffe40000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3100.153567][T30394] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3100.156056][T29067] usb 3-1: config 0 descriptor?? [ 3100.184068][T30394] CPU: 1 PID: 30394 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3100.194181][T30394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3100.204286][T30394] Call Trace: [ 3100.207568][T30394] [ 3100.210508][T30394] dump_stack_lvl+0x125/0x1b0 [ 3100.215205][T30394] sysfs_warn_dup+0x7f/0xa0 [ 3100.219726][T30394] sysfs_do_create_link_sd+0x11e/0x140 [ 3100.225296][T30394] sysfs_create_link+0x61/0xc0 [ 3100.230079][T30394] device_add+0x669/0x1ac0 [ 3100.234496][T30394] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3100.241365][T30394] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3100.247267][T30394] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3100.253239][T30394] wiphy_register+0x2095/0x2ce0 [ 3100.258105][T30394] ? wiphy_unregister+0xb70/0xb70 [ 3100.263119][T30394] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3100.269173][T30394] ieee80211_register_hw+0x24d1/0x4250 [ 3100.274645][T30394] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3100.280210][T30394] ? rcu_is_watching+0x12/0xb0 [ 3100.284978][T30394] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3100.290945][T30394] ? __hrtimer_init+0x103/0x2c0 [ 3100.295881][T30394] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3100.301630][T30394] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3100.307341][T30394] ? rcu_is_watching+0x12/0xb0 [ 3100.312185][T30394] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3100.318101][T30394] hwsim_new_radio_nl+0xaf8/0x1240 [ 3100.323204][T30394] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3100.329187][T30394] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3100.336829][T30394] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3100.344209][T30394] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3100.349758][T30394] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3100.357126][T30394] ? ns_capable+0xd5/0x110 [ 3100.361531][T30394] genl_rcv_msg+0x55c/0x800 [ 3100.366026][T30394] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3100.371938][T30394] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3100.377919][T30394] netlink_rcv_skb+0x16b/0x440 [ 3100.382713][T30394] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3100.388599][T30394] ? netlink_ack+0x1370/0x1370 [ 3100.393361][T30394] ? rcu_is_watching+0x12/0xb0 [ 3100.398120][T30394] ? down_write+0x200/0x200 [ 3100.402628][T30394] ? netlink_deliver_tap+0x1b1/0xd10 [ 3100.408360][T30394] genl_rcv+0x28/0x40 [ 3100.412333][T30394] netlink_unicast+0x536/0x810 [ 3100.417098][T30394] ? netlink_attachskb+0x870/0x870 [ 3100.422300][T30394] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3100.428181][T30394] ? __phys_addr_symbol+0x30/0x70 [ 3100.433233][T30394] ? __check_object_size+0x323/0x730 [ 3100.438516][T30394] netlink_sendmsg+0x93c/0xe40 [ 3100.443303][T30394] ? netlink_unicast+0x810/0x810 [ 3100.448268][T30394] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3100.453571][T30394] ? netlink_unicast+0x810/0x810 [ 3100.458513][T30394] sock_sendmsg+0xd9/0x180 [ 3100.462966][T30394] ____sys_sendmsg+0x6ac/0x940 [ 3100.467769][T30394] ? copy_msghdr_from_user+0x10b/0x160 [ 3100.473215][T30394] ? kernel_sendmsg+0x50/0x50 [ 3100.477889][T30394] ? plist_check_list+0x1ae/0x280 [ 3100.482936][T30394] ? schedule+0xf1/0x1b0 [ 3100.487165][T30394] ___sys_sendmsg+0x135/0x1d0 [ 3100.491836][T30394] ? do_recvmmsg+0x740/0x740 [ 3100.496443][T30394] ? rcu_is_watching+0x12/0xb0 [ 3100.501212][T30394] ? rcu_is_watching+0x12/0xb0 [ 3100.506008][T30394] ? __fget_light+0xe6/0x260 [ 3100.510632][T30394] __sys_sendmsg+0x117/0x1e0 [ 3100.515221][T30394] ? __sys_sendmsg_sock+0x30/0x30 [ 3100.520270][T30394] ? xfd_validate_state+0x5d/0x180 [ 3100.525405][T30394] ? rcu_is_watching+0x12/0xb0 [ 3100.530180][T30394] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3100.536321][T30394] do_syscall_64+0x38/0xb0 [ 3100.540728][T30394] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3100.546616][T30394] RIP: 0033:0x7f1773a7cae9 [ 3100.551019][T30394] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3100.570620][T30394] RSP: 002b:00007f177476b0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3100.579021][T30394] RAX: ffffffffffffffda RBX: 00007f1773b9bf80 RCX: 00007f1773a7cae9 [ 3100.587007][T30394] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3100.595164][T30394] RBP: 00007f1773ac847a R08: 0000000000000000 R09: 0000000000000000 20:14:47 executing program 0: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000826910000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3100.603140][T30394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3100.611092][T30394] R13: 000000000000000b R14: 00007f1773b9bf80 R15: 00007ffc226675b8 [ 3100.619074][T30394] [ 3100.629964][T29067] usb 3-1: can't set config #0, error -71 [ 3100.637368][T29067] usb 3-1: USB disconnect, device number 38 [ 3100.645869][T30400] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3100.663306][T30400] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3100.672358][T30400] CPU: 0 PID: 30400 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3100.682703][T30400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3100.692796][T30400] Call Trace: [ 3100.696088][T30400] [ 3100.699023][T30400] dump_stack_lvl+0x125/0x1b0 [ 3100.703709][T30400] sysfs_warn_dup+0x7f/0xa0 [ 3100.708200][T30400] sysfs_do_create_link_sd+0x11e/0x140 [ 3100.713649][T30400] sysfs_create_link+0x61/0xc0 [ 3100.718401][T30400] device_add+0x669/0x1ac0 [ 3100.722809][T30400] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3100.729653][T30400] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3100.735557][T30400] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3100.741539][T30400] wiphy_register+0x2095/0x2ce0 [ 3100.746393][T30400] ? wiphy_unregister+0xb70/0xb70 [ 3100.751422][T30400] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3100.757477][T30400] ieee80211_register_hw+0x24d1/0x4250 [ 3100.762931][T30400] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3100.768471][T30400] ? rcu_is_watching+0x12/0xb0 [ 3100.773225][T30400] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3100.779212][T30400] ? __hrtimer_init+0x103/0x2c0 [ 3100.784069][T30400] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3100.789792][T30400] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3100.795504][T30400] ? rcu_is_watching+0x12/0xb0 [ 3100.800278][T30400] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3100.806161][T30400] hwsim_new_radio_nl+0xaf8/0x1240 [ 3100.811269][T30400] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3100.817153][T30400] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3100.824522][T30400] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3100.831894][T30400] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3100.837442][T30400] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3100.845338][T30400] ? ns_capable+0xd5/0x110 [ 3100.849845][T30400] genl_rcv_msg+0x55c/0x800 [ 3100.854344][T30400] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3100.860237][T30400] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3100.866124][T30400] netlink_rcv_skb+0x16b/0x440 [ 3100.870884][T30400] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3100.876780][T30400] ? netlink_ack+0x1370/0x1370 [ 3100.881551][T30400] ? rcu_is_watching+0x12/0xb0 [ 3100.886329][T30400] ? down_write+0x200/0x200 [ 3100.890935][T30400] ? netlink_deliver_tap+0x1b1/0xd10 [ 3100.896304][T30400] genl_rcv+0x28/0x40 [ 3100.900281][T30400] netlink_unicast+0x536/0x810 [ 3100.905042][T30400] ? netlink_attachskb+0x870/0x870 [ 3100.910145][T30400] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3100.916034][T30400] ? __phys_addr_symbol+0x30/0x70 [ 3100.921048][T30400] ? __check_object_size+0x323/0x730 [ 3100.926331][T30400] netlink_sendmsg+0x93c/0xe40 [ 3100.931090][T30400] ? netlink_unicast+0x810/0x810 [ 3100.936022][T30400] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3100.941325][T30400] ? netlink_unicast+0x810/0x810 [ 3100.946261][T30400] sock_sendmsg+0xd9/0x180 [ 3100.951213][T30400] ____sys_sendmsg+0x6ac/0x940 [ 3100.955974][T30400] ? copy_msghdr_from_user+0x10b/0x160 [ 3100.961431][T30400] ? kernel_sendmsg+0x50/0x50 [ 3100.966097][T30400] ? plist_check_list+0x1ae/0x280 [ 3100.971117][T30400] ? schedule+0xf1/0x1b0 [ 3100.975355][T30400] ___sys_sendmsg+0x135/0x1d0 [ 3100.980033][T30400] ? do_recvmmsg+0x740/0x740 [ 3100.984619][T30400] ? rcu_is_watching+0x12/0xb0 [ 3100.989381][T30400] ? rcu_is_watching+0x12/0xb0 [ 3100.994134][T30400] ? __fget_light+0xe6/0x260 [ 3100.998798][T30400] __sys_sendmsg+0x117/0x1e0 [ 3101.003386][T30400] ? __sys_sendmsg_sock+0x30/0x30 [ 3101.008412][T30400] ? xfd_validate_state+0x5d/0x180 [ 3101.013519][T30400] ? rcu_is_watching+0x12/0xb0 [ 3101.018320][T30400] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3101.024298][T30400] do_syscall_64+0x38/0xb0 [ 3101.028746][T30400] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3101.034640][T30400] RIP: 0033:0x7fc65907cae9 [ 3101.039044][T30400] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3101.058639][T30400] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3101.067039][T30400] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3101.075004][T30400] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3101.083830][T30400] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 [ 3101.092665][T30400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3101.100640][T30400] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3101.108616][T30400] 20:14:48 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="140100002900010000000000007a000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3101.129000][T30401] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3101.142370][T30401] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3101.150486][T30401] CPU: 1 PID: 30401 Comm: syz-executor.4 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3101.160552][T30401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3101.170610][T30401] Call Trace: [ 3101.173879][T30401] [ 3101.176797][T30401] dump_stack_lvl+0x125/0x1b0 [ 3101.181471][T30401] sysfs_warn_dup+0x7f/0xa0 [ 3101.187237][T30401] sysfs_do_create_link_sd+0x11e/0x140 [ 3101.192732][T30401] sysfs_create_link+0x61/0xc0 [ 3101.197482][T30401] device_add+0x669/0x1ac0 [ 3101.201898][T30401] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3101.208744][T30401] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3101.216218][T30401] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3101.222284][T30401] wiphy_register+0x2095/0x2ce0 [ 3101.227215][T30401] ? wiphy_unregister+0xb70/0xb70 [ 3101.232267][T30401] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3101.238346][T30401] ieee80211_register_hw+0x24d1/0x4250 [ 3101.243811][T30401] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3101.249409][T30401] ? rcu_is_watching+0x12/0xb0 [ 3101.254168][T30401] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3101.260145][T30401] ? __hrtimer_init+0x103/0x2c0 [ 3101.264992][T30401] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3101.270711][T30401] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3101.276423][T30401] ? rcu_is_watching+0x12/0xb0 [ 3101.281264][T30401] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3101.287152][T30401] hwsim_new_radio_nl+0xaf8/0x1240 [ 3101.292262][T30401] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3101.298151][T30401] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3101.305530][T30401] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3101.312907][T30401] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3101.318457][T30401] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3101.325851][T30401] ? ns_capable+0xd5/0x110 [ 3101.330268][T30401] genl_rcv_msg+0x55c/0x800 [ 3101.334861][T30401] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3101.340757][T30401] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3101.346651][T30401] netlink_rcv_skb+0x16b/0x440 [ 3101.351543][T30401] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3101.357452][T30401] ? netlink_ack+0x1370/0x1370 [ 3101.362221][T30401] ? rcu_is_watching+0x12/0xb0 [ 3101.366981][T30401] ? down_write+0x200/0x200 [ 3101.371481][T30401] ? netlink_deliver_tap+0x1b1/0xd10 [ 3101.376857][T30401] genl_rcv+0x28/0x40 [ 3101.380839][T30401] netlink_unicast+0x536/0x810 [ 3101.386388][T30401] ? netlink_attachskb+0x870/0x870 [ 3101.391500][T30401] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3101.397413][T30401] ? __phys_addr_symbol+0x30/0x70 [ 3101.402439][T30401] ? __check_object_size+0x323/0x730 [ 3101.407721][T30401] netlink_sendmsg+0x93c/0xe40 [ 3101.412484][T30401] ? netlink_unicast+0x810/0x810 [ 3101.417418][T30401] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3101.422700][T30401] ? netlink_unicast+0x810/0x810 [ 3101.427634][T30401] sock_sendmsg+0xd9/0x180 [ 3101.432043][T30401] ____sys_sendmsg+0x6ac/0x940 [ 3101.436838][T30401] ? copy_msghdr_from_user+0x10b/0x160 [ 3101.442291][T30401] ? kernel_sendmsg+0x50/0x50 [ 3101.446960][T30401] ? plist_check_list+0x1ae/0x280 [ 3101.451984][T30401] ? schedule+0xf1/0x1b0 [ 3101.456220][T30401] ___sys_sendmsg+0x135/0x1d0 [ 3101.460897][T30401] ? do_recvmmsg+0x740/0x740 [ 3101.465486][T30401] ? rcu_is_watching+0x12/0xb0 [ 3101.470291][T30401] ? rcu_is_watching+0x12/0xb0 [ 3101.475084][T30401] ? __fget_light+0xe6/0x260 [ 3101.479671][T30401] __sys_sendmsg+0x117/0x1e0 [ 3101.484283][T30401] ? __sys_sendmsg_sock+0x30/0x30 [ 3101.489302][T30401] ? xfd_validate_state+0x5d/0x180 [ 3101.494417][T30401] ? rcu_is_watching+0x12/0xb0 [ 3101.499191][T30401] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3101.505175][T30401] do_syscall_64+0x38/0xb0 [ 3101.509773][T30401] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3101.515667][T30401] RIP: 0033:0x7f6413c7cae9 [ 3101.520111][T30401] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3101.539752][T30401] RSP: 002b:00007f64127fe0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3101.548174][T30401] RAX: ffffffffffffffda RBX: 00007f6413d9bf80 RCX: 00007f6413c7cae9 [ 3101.556231][T30401] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3101.564916][T30401] RBP: 00007f6413cc847a R08: 0000000000000000 R09: 0000000000000000 [ 3101.572882][T30401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3101.580857][T30401] R13: 000000000000000b R14: 00007f6413d9bf80 R15: 00007ffcadac3dd8 [ 3101.588832][T30401] [ 3101.612143][T30405] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3101.623899][T30405] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3101.632806][T30405] CPU: 1 PID: 30405 Comm: syz-executor.3 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3101.643083][T30405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3101.653280][T30405] Call Trace: [ 3101.656602][T30405] [ 3101.659541][T30405] dump_stack_lvl+0x125/0x1b0 [ 3101.664331][T30405] sysfs_warn_dup+0x7f/0xa0 [ 3101.668913][T30405] sysfs_do_create_link_sd+0x11e/0x140 [ 3101.674409][T30405] sysfs_create_link+0x61/0xc0 20:14:49 executing program 4: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000826920000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3101.679209][T30405] device_add+0x669/0x1ac0 [ 3101.683646][T30405] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3101.690520][T30405] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3101.696449][T30405] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3101.702452][T30405] wiphy_register+0x2095/0x2ce0 [ 3101.707310][T30405] ? wiphy_unregister+0xb70/0xb70 [ 3101.712384][T30405] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3101.719250][T30405] ieee80211_register_hw+0x24d1/0x4250 [ 3101.724713][T30405] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3101.730265][T30405] ? rcu_is_watching+0x12/0xb0 [ 3101.735022][T30405] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3101.741001][T30405] ? __hrtimer_init+0x103/0x2c0 [ 3101.745852][T30405] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3101.751565][T30405] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3101.757303][T30405] ? rcu_is_watching+0x12/0xb0 [ 3101.762092][T30405] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3101.768005][T30405] hwsim_new_radio_nl+0xaf8/0x1240 [ 3101.773151][T30405] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3101.779081][T30405] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3101.786452][T30405] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3101.793849][T30405] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3101.799381][T30405] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3101.806751][T30405] ? ns_capable+0xd5/0x110 [ 3101.811549][T30405] genl_rcv_msg+0x55c/0x800 [ 3101.816044][T30405] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3101.821930][T30405] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3101.827817][T30405] netlink_rcv_skb+0x16b/0x440 [ 3101.832594][T30405] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3101.838500][T30405] ? netlink_ack+0x1370/0x1370 [ 3101.843297][T30405] ? rcu_is_watching+0x12/0xb0 [ 3101.848100][T30405] ? down_write+0x200/0x200 [ 3101.852627][T30405] ? netlink_deliver_tap+0x1b1/0xd10 [ 3101.857919][T30405] genl_rcv+0x28/0x40 [ 3101.861891][T30405] netlink_unicast+0x536/0x810 [ 3101.866677][T30405] ? netlink_attachskb+0x870/0x870 [ 3101.871840][T30405] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3101.877731][T30405] ? __phys_addr_symbol+0x30/0x70 [ 3101.882807][T30405] ? __check_object_size+0x323/0x730 [ 3101.888100][T30405] netlink_sendmsg+0x93c/0xe40 [ 3101.892884][T30405] ? netlink_unicast+0x810/0x810 [ 3101.897810][T30405] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3101.903118][T30405] ? netlink_unicast+0x810/0x810 [ 3101.908054][T30405] sock_sendmsg+0xd9/0x180 [ 3101.913030][T30405] ____sys_sendmsg+0x6ac/0x940 [ 3101.917801][T30405] ? copy_msghdr_from_user+0x10b/0x160 [ 3101.923249][T30405] ? kernel_sendmsg+0x50/0x50 [ 3101.928012][T30405] ? plist_check_list+0x1ae/0x280 [ 3101.933067][T30405] ? schedule+0xf1/0x1b0 [ 3101.937318][T30405] ___sys_sendmsg+0x135/0x1d0 [ 3101.941991][T30405] ? do_recvmmsg+0x740/0x740 [ 3101.946571][T30405] ? rcu_is_watching+0x12/0xb0 [ 3101.951341][T30405] ? rcu_is_watching+0x12/0xb0 [ 3101.956193][T30405] ? __fget_light+0xe6/0x260 [ 3101.960768][T30405] __sys_sendmsg+0x117/0x1e0 [ 3101.965348][T30405] ? __sys_sendmsg_sock+0x30/0x30 [ 3101.970363][T30405] ? xfd_validate_state+0x5d/0x180 [ 3101.975465][T30405] ? rcu_is_watching+0x12/0xb0 [ 3101.980228][T30405] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3101.986997][T30405] do_syscall_64+0x38/0xb0 [ 3101.991479][T30405] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3101.997372][T30405] RIP: 0033:0x7f594487cae9 [ 3102.001772][T30405] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3102.021367][T30405] RSP: 002b:00007f59455230c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3102.029777][T30405] RAX: ffffffffffffffda RBX: 00007f594499bf80 RCX: 00007f594487cae9 [ 3102.037819][T30405] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3102.045799][T30405] RBP: 00007f59448c847a R08: 0000000000000000 R09: 0000000000000000 [ 3102.053777][T30405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3102.061755][T30405] R13: 000000000000000b R14: 00007f594499bf80 R15: 00007ffc9f4734e8 [ 3102.069737][T30405] 20:14:49 executing program 3: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100ffffffff8a80000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3102.084044][T30407] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3102.102643][T30407] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3102.112894][T30407] CPU: 1 PID: 30407 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3102.122959][T30407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3102.133020][T30407] Call Trace: [ 3102.136284][T30407] [ 3102.139211][T30407] dump_stack_lvl+0x125/0x1b0 [ 3102.143914][T30407] sysfs_warn_dup+0x7f/0xa0 [ 3102.148410][T30407] sysfs_do_create_link_sd+0x11e/0x140 [ 3102.153870][T30407] sysfs_create_link+0x61/0xc0 [ 3102.158620][T30407] device_add+0x669/0x1ac0 [ 3102.163052][T30407] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3102.169897][T30407] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3102.175865][T30407] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3102.181839][T30407] wiphy_register+0x2095/0x2ce0 [ 3102.186689][T30407] ? wiphy_unregister+0xb70/0xb70 [ 3102.191716][T30407] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3102.197778][T30407] ieee80211_register_hw+0x24d1/0x4250 [ 3102.203236][T30407] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3102.208780][T30407] ? rcu_is_watching+0x12/0xb0 [ 3102.213581][T30407] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3102.219586][T30407] ? __hrtimer_init+0x103/0x2c0 [ 3102.224436][T30407] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3102.230159][T30407] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3102.235871][T30407] ? rcu_is_watching+0x12/0xb0 [ 3102.240678][T30407] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3102.246570][T30407] hwsim_new_radio_nl+0xaf8/0x1240 [ 3102.251675][T30407] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3102.257575][T30407] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3102.264945][T30407] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3102.272404][T30407] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3102.277951][T30407] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3102.285332][T30407] ? ns_capable+0xd5/0x110 [ 3102.289839][T30407] genl_rcv_msg+0x55c/0x800 [ 3102.294343][T30407] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3102.300257][T30407] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3102.306145][T30407] netlink_rcv_skb+0x16b/0x440 [ 3102.311260][T30407] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3102.317415][T30407] ? netlink_ack+0x1370/0x1370 [ 3102.322184][T30407] ? rcu_is_watching+0x12/0xb0 [ 3102.327033][T30407] ? down_write+0x200/0x200 [ 3102.331534][T30407] ? netlink_deliver_tap+0x1b1/0xd10 [ 3102.336818][T30407] genl_rcv+0x28/0x40 [ 3102.340801][T30407] netlink_unicast+0x536/0x810 [ 3102.345565][T30407] ? netlink_attachskb+0x870/0x870 [ 3102.350672][T30407] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3102.356576][T30407] ? __phys_addr_symbol+0x30/0x70 [ 3102.361606][T30407] ? __check_object_size+0x323/0x730 [ 3102.366890][T30407] netlink_sendmsg+0x93c/0xe40 [ 3102.371651][T30407] ? netlink_unicast+0x810/0x810 [ 3102.376594][T30407] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3102.381881][T30407] ? netlink_unicast+0x810/0x810 [ 3102.386819][T30407] sock_sendmsg+0xd9/0x180 [ 3102.391230][T30407] ____sys_sendmsg+0x6ac/0x940 [ 3102.395987][T30407] ? copy_msghdr_from_user+0x10b/0x160 [ 3102.401445][T30407] ? kernel_sendmsg+0x50/0x50 [ 3102.406113][T30407] ? plist_check_list+0x1ae/0x280 [ 3102.411130][T30407] ? schedule+0xf1/0x1b0 [ 3102.415369][T30407] ___sys_sendmsg+0x135/0x1d0 [ 3102.420079][T30407] ? do_recvmmsg+0x740/0x740 [ 3102.424664][T30407] ? rcu_is_watching+0x12/0xb0 [ 3102.429423][T30407] ? rcu_is_watching+0x12/0xb0 [ 3102.434182][T30407] ? __fget_light+0xe6/0x260 [ 3102.438767][T30407] __sys_sendmsg+0x117/0x1e0 [ 3102.443356][T30407] ? __sys_sendmsg_sock+0x30/0x30 [ 3102.448550][T30407] ? xfd_validate_state+0x5d/0x180 [ 3102.454801][T30407] ? rcu_is_watching+0x12/0xb0 [ 3102.459561][T30407] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3102.465537][T30407] do_syscall_64+0x38/0xb0 [ 3102.469952][T30407] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3102.475844][T30407] RIP: 0033:0x7fc66767cae9 [ 3102.480247][T30407] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3102.499869][T30407] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3102.508272][T30407] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3102.516230][T30407] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3102.524191][T30407] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 20:14:49 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100ffffffe40000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3102.532151][T30407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3102.540116][T30407] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3102.548206][T30407] [ 3102.558853][T29067] usb 3-1: new high-speed USB device number 39 using dummy_hcd [ 3102.576832][T30409] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3102.598294][T30409] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3102.609112][T30409] CPU: 1 PID: 30409 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3102.619186][T30409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3102.629334][T30409] Call Trace: [ 3102.632627][T30409] [ 3102.635562][T30409] dump_stack_lvl+0x125/0x1b0 [ 3102.640284][T30409] sysfs_warn_dup+0x7f/0xa0 [ 3102.644795][T30409] sysfs_do_create_link_sd+0x11e/0x140 [ 3102.650345][T30409] sysfs_create_link+0x61/0xc0 [ 3102.655127][T30409] device_add+0x669/0x1ac0 [ 3102.659563][T30409] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3102.666411][T30409] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3102.672335][T30409] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3102.678326][T30409] wiphy_register+0x2095/0x2ce0 [ 3102.683210][T30409] ? wiphy_unregister+0xb70/0xb70 [ 3102.688239][T30409] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 20:14:50 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000060f94d100d05020027230102030109024840020000000009047d00031d5abf0009050400005539000009050b00000000000009050200000005000009047d01013481af0009a00e0023000069"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) [ 3102.694320][T30409] ieee80211_register_hw+0x24d1/0x4250 [ 3102.700168][T30409] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3102.705729][T30409] ? rcu_is_watching+0x12/0xb0 [ 3102.710502][T30409] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3102.716494][T30409] ? __hrtimer_init+0x103/0x2c0 [ 3102.721369][T30409] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3102.727135][T30409] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3102.732952][T30409] ? rcu_is_watching+0x12/0xb0 [ 3102.737736][T30409] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3102.743641][T30409] hwsim_new_radio_nl+0xaf8/0x1240 [ 3102.748769][T30409] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3102.754684][T30409] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3102.762864][T30409] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3102.770225][T30409] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3102.775774][T30409] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3102.783153][T30409] ? ns_capable+0xd5/0x110 [ 3102.787747][T30409] genl_rcv_msg+0x55c/0x800 [ 3102.792275][T30409] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3102.798158][T30409] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3102.804128][T30409] netlink_rcv_skb+0x16b/0x440 [ 3102.810377][T30409] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3102.816273][T30409] ? netlink_ack+0x1370/0x1370 [ 3102.821049][T30409] ? rcu_is_watching+0x12/0xb0 [ 3102.825829][T30409] ? down_write+0x200/0x200 [ 3102.830339][T30409] ? netlink_deliver_tap+0x1b1/0xd10 [ 3102.835609][T30409] genl_rcv+0x28/0x40 [ 3102.839576][T30409] netlink_unicast+0x536/0x810 [ 3102.844337][T30409] ? netlink_attachskb+0x870/0x870 [ 3102.849469][T30409] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3102.855352][T30409] ? __phys_addr_symbol+0x30/0x70 [ 3102.860367][T30409] ? __check_object_size+0x323/0x730 [ 3102.865656][T30409] netlink_sendmsg+0x93c/0xe40 [ 3102.870416][T30409] ? netlink_unicast+0x810/0x810 [ 3102.875376][T30409] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3102.880658][T30409] ? netlink_unicast+0x810/0x810 [ 3102.885770][T30409] sock_sendmsg+0xd9/0x180 [ 3102.890172][T30409] ____sys_sendmsg+0x6ac/0x940 [ 3102.894933][T30409] ? copy_msghdr_from_user+0x10b/0x160 [ 3102.900391][T30409] ? kernel_sendmsg+0x50/0x50 [ 3102.905098][T30409] ? plist_check_list+0x1ae/0x280 [ 3102.910111][T30409] ? schedule+0xf1/0x1b0 [ 3102.914343][T30409] ___sys_sendmsg+0x135/0x1d0 [ 3102.919015][T30409] ? do_recvmmsg+0x740/0x740 [ 3102.923613][T30409] ? rcu_is_watching+0x12/0xb0 [ 3102.928364][T30409] ? rcu_is_watching+0x12/0xb0 [ 3102.933126][T30409] ? __fget_light+0xe6/0x260 [ 3102.937713][T30409] __sys_sendmsg+0x117/0x1e0 [ 3102.942323][T30409] ? __sys_sendmsg_sock+0x30/0x30 [ 3102.947344][T30409] ? xfd_validate_state+0x5d/0x180 [ 3102.952486][T30409] ? rcu_is_watching+0x12/0xb0 [ 3102.957245][T30409] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3102.963238][T30409] do_syscall_64+0x38/0xb0 [ 3102.967657][T30409] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3102.973654][T30409] RIP: 0033:0x7f1773a7cae9 [ 3102.978069][T30409] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3102.997684][T30409] RSP: 002b:00007f177476b0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3103.006145][T30409] RAX: ffffffffffffffda RBX: 00007f1773b9bf80 RCX: 00007f1773a7cae9 [ 3103.014122][T30409] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3103.022097][T30409] RBP: 00007f1773ac847a R08: 0000000000000000 R09: 0000000000000000 [ 3103.030073][T30409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3103.038115][T30409] R13: 000000000000000b R14: 00007f1773b9bf80 R15: 00007ffc226675b8 [ 3103.046165][T30409] 20:14:50 executing program 0: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000826910000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3103.059913][T30411] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3103.075687][T30411] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3103.084579][T30411] CPU: 0 PID: 30411 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3103.094739][T30411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3103.104858][T30411] Call Trace: [ 3103.108170][T30411] [ 3103.111116][T30411] dump_stack_lvl+0x125/0x1b0 [ 3103.115835][T30411] sysfs_warn_dup+0x7f/0xa0 [ 3103.120341][T30411] sysfs_do_create_link_sd+0x11e/0x140 [ 3103.125789][T30411] sysfs_create_link+0x61/0xc0 [ 3103.130540][T30411] device_add+0x669/0x1ac0 [ 3103.134959][T30411] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3103.141862][T30411] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3103.147945][T30411] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3103.153946][T30411] wiphy_register+0x2095/0x2ce0 [ 3103.158786][T30411] ? wiphy_unregister+0xb70/0xb70 [ 3103.163818][T30411] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3103.169882][T30411] ieee80211_register_hw+0x24d1/0x4250 [ 3103.175352][T30411] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3103.180908][T30411] ? rcu_is_watching+0x12/0xb0 [ 3103.185682][T30411] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3103.191653][T30411] ? __hrtimer_init+0x103/0x2c0 [ 3103.196518][T30411] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3103.202230][T30411] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3103.207945][T30411] ? rcu_is_watching+0x12/0xb0 [ 3103.212707][T30411] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3103.218771][T30411] hwsim_new_radio_nl+0xaf8/0x1240 [ 3103.223883][T30411] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3103.229797][T30411] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3103.237165][T30411] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3103.244575][T30411] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3103.250171][T30411] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3103.257588][T30411] ? ns_capable+0xd5/0x110 [ 3103.262055][T30411] genl_rcv_msg+0x55c/0x800 [ 3103.266602][T30411] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3103.272525][T30411] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3103.278408][T30411] netlink_rcv_skb+0x16b/0x440 [ 3103.283174][T30411] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3103.289136][T30411] ? netlink_ack+0x1370/0x1370 [ 3103.293890][T30411] ? rcu_is_watching+0x12/0xb0 [ 3103.298761][T30411] ? down_write+0x200/0x200 [ 3103.303267][T30411] ? netlink_deliver_tap+0x1b1/0xd10 [ 3103.309351][T30411] genl_rcv+0x28/0x40 [ 3103.313334][T30411] netlink_unicast+0x536/0x810 [ 3103.318089][T30411] ? netlink_attachskb+0x870/0x870 [ 3103.323189][T30411] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3103.329076][T30411] ? __phys_addr_symbol+0x30/0x70 [ 3103.334129][T30411] ? __check_object_size+0x323/0x730 [ 3103.340165][T30411] netlink_sendmsg+0x93c/0xe40 [ 3103.344985][T30411] ? netlink_unicast+0x810/0x810 [ 3103.349941][T30411] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3103.355282][T30411] ? netlink_unicast+0x810/0x810 [ 3103.360317][T30411] sock_sendmsg+0xd9/0x180 [ 3103.364756][T30411] ____sys_sendmsg+0x6ac/0x940 [ 3103.369526][T30411] ? copy_msghdr_from_user+0x10b/0x160 [ 3103.374983][T30411] ? kernel_sendmsg+0x50/0x50 [ 3103.379648][T30411] ? plist_check_list+0x1ae/0x280 [ 3103.384661][T30411] ? schedule+0xf1/0x1b0 [ 3103.388901][T30411] ___sys_sendmsg+0x135/0x1d0 [ 3103.393622][T30411] ? do_recvmmsg+0x740/0x740 [ 3103.398202][T30411] ? rcu_is_watching+0x12/0xb0 [ 3103.402957][T30411] ? rcu_is_watching+0x12/0xb0 [ 3103.407721][T30411] ? __fget_light+0xe6/0x260 [ 3103.412299][T30411] __sys_sendmsg+0x117/0x1e0 [ 3103.416893][T30411] ? __sys_sendmsg_sock+0x30/0x30 [ 3103.421912][T30411] ? xfd_validate_state+0x5d/0x180 [ 3103.427159][T30411] ? rcu_is_watching+0x12/0xb0 [ 3103.431943][T30411] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3103.437978][T30411] do_syscall_64+0x38/0xb0 [ 3103.442394][T30411] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3103.448318][T30411] RIP: 0033:0x7fc65907cae9 [ 3103.452717][T30411] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3103.472340][T30411] RSP: 002b:00007fc659d390c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3103.480770][T30411] RAX: ffffffffffffffda RBX: 00007fc65919bf80 RCX: 00007fc65907cae9 [ 3103.486943][T29067] usb 3-1: Using ep0 maxpacket: 16 [ 3103.488717][T30411] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3103.488733][T30411] RBP: 00007fc6590c847a R08: 0000000000000000 R09: 0000000000000000 20:14:50 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="140100002900010000000000897c000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3103.488748][T30411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3103.488762][T30411] R13: 000000000000000b R14: 00007fc65919bf80 R15: 00007fffaf4b2ed8 [ 3103.526247][T30411] [ 3103.535409][T30413] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3103.548430][T30413] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3103.557329][T30413] CPU: 0 PID: 30413 Comm: syz-executor.4 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3103.567416][T30413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3103.577468][T30413] Call Trace: [ 3103.580746][T30413] [ 3103.583686][T30413] dump_stack_lvl+0x125/0x1b0 [ 3103.588395][T30413] sysfs_warn_dup+0x7f/0xa0 [ 3103.592912][T30413] sysfs_do_create_link_sd+0x11e/0x140 [ 3103.598361][T30413] sysfs_create_link+0x61/0xc0 [ 3103.603138][T30413] device_add+0x669/0x1ac0 [ 3103.607670][T30413] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3103.614538][T30413] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3103.620441][T30413] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3103.626544][T30413] wiphy_register+0x2095/0x2ce0 [ 3103.631380][T30413] ? wiphy_unregister+0xb70/0xb70 [ 3103.636398][T30413] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3103.642454][T30413] ieee80211_register_hw+0x24d1/0x4250 [ 3103.647926][T30413] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3103.653553][T30413] ? rcu_is_watching+0x12/0xb0 [ 3103.658332][T30413] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3103.664319][T30413] ? __hrtimer_init+0x103/0x2c0 [ 3103.669165][T30413] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3103.674888][T30413] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3103.680626][T30413] ? rcu_is_watching+0x12/0xb0 [ 3103.685396][T30413] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3103.691277][T30413] hwsim_new_radio_nl+0xaf8/0x1240 [ 3103.696472][T30413] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3103.702379][T30413] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3103.709770][T30413] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3103.717177][T30413] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3103.722722][T30413] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3103.730092][T30413] ? ns_capable+0xd5/0x110 [ 3103.734506][T30413] genl_rcv_msg+0x55c/0x800 [ 3103.739021][T30413] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3103.744913][T30413] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3103.750825][T30413] netlink_rcv_skb+0x16b/0x440 [ 3103.755606][T30413] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3103.761501][T30413] ? netlink_ack+0x1370/0x1370 [ 3103.766259][T30413] ? rcu_is_watching+0x12/0xb0 [ 3103.771019][T30413] ? down_write+0x200/0x200 [ 3103.776029][T30413] ? netlink_deliver_tap+0x1b1/0xd10 [ 3103.781577][T30413] genl_rcv+0x28/0x40 [ 3103.785554][T30413] netlink_unicast+0x536/0x810 [ 3103.790319][T30413] ? netlink_attachskb+0x870/0x870 [ 3103.795513][T30413] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3103.802784][T30413] ? __phys_addr_symbol+0x30/0x70 [ 3103.807802][T30413] ? __check_object_size+0x323/0x730 [ 3103.813084][T30413] netlink_sendmsg+0x93c/0xe40 [ 3103.817844][T30413] ? netlink_unicast+0x810/0x810 [ 3103.822800][T30413] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3103.828078][T30413] ? netlink_unicast+0x810/0x810 [ 3103.833007][T30413] sock_sendmsg+0xd9/0x180 [ 3103.837419][T30413] ____sys_sendmsg+0x6ac/0x940 [ 3103.842174][T30413] ? copy_msghdr_from_user+0x10b/0x160 [ 3103.847629][T30413] ? kernel_sendmsg+0x50/0x50 [ 3103.852300][T30413] ? plist_check_list+0x1ae/0x280 [ 3103.857323][T30413] ? schedule+0xf1/0x1b0 [ 3103.861553][T30413] ___sys_sendmsg+0x135/0x1d0 [ 3103.866233][T30413] ? do_recvmmsg+0x740/0x740 [ 3103.870820][T30413] ? rcu_is_watching+0x12/0xb0 [ 3103.875584][T30413] ? rcu_is_watching+0x12/0xb0 [ 3103.880340][T30413] ? __fget_light+0xe6/0x260 [ 3103.884920][T30413] __sys_sendmsg+0x117/0x1e0 [ 3103.889527][T30413] ? __sys_sendmsg_sock+0x30/0x30 [ 3103.894562][T30413] ? xfd_validate_state+0x5d/0x180 [ 3103.900202][T30413] ? rcu_is_watching+0x12/0xb0 [ 3103.904960][T30413] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3103.911029][T30413] do_syscall_64+0x38/0xb0 [ 3103.915466][T30413] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3103.921375][T30413] RIP: 0033:0x7f6413c7cae9 [ 3103.925780][T30413] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3103.945382][T30413] RSP: 002b:00007f64127fe0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3103.953805][T30413] RAX: ffffffffffffffda RBX: 00007f6413d9bf80 RCX: 00007f6413c7cae9 20:14:51 executing program 4: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000826920000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3103.961766][T30413] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3103.969729][T30413] RBP: 00007f6413cc847a R08: 0000000000000000 R09: 0000000000000000 [ 3103.977690][T30413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3103.985663][T30413] R13: 000000000000000b R14: 00007f6413d9bf80 R15: 00007ffcadac3dd8 [ 3103.993629][T30413] [ 3104.005321][T30415] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3104.018681][T30415] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3104.030919][T29067] usb 3-1: config index 0 descriptor too short (expected 16456, got 72) [ 3104.051529][T29067] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 3104.064838][T30415] CPU: 0 PID: 30415 Comm: syz-executor.3 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3104.071792][T29067] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 3104.074993][T30415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3104.083527][T29067] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 3104.093148][T30415] Call Trace: [ 3104.093158][T30415] [ 3104.093186][T30415] dump_stack_lvl+0x125/0x1b0 [ 3104.104113][T29067] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 3104.106807][T30415] sysfs_warn_dup+0x7f/0xa0 [ 3104.106843][T30415] sysfs_do_create_link_sd+0x11e/0x140 [ 3104.106876][T30415] sysfs_create_link+0x61/0xc0 [ 3104.106908][T30415] device_add+0x669/0x1ac0 [ 3104.106950][T30415] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3104.106991][T30415] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3104.107034][T30415] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3104.107068][T30415] wiphy_register+0x2095/0x2ce0 [ 3104.107099][T30415] ? wiphy_unregister+0xb70/0xb70 [ 3104.107126][T30415] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3104.107156][T30415] ieee80211_register_hw+0x24d1/0x4250 [ 3104.107194][T30415] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3104.111545][T29067] usb 3-1: config 0 has no interface number 0 [ 3104.114849][T30415] ? rcu_is_watching+0x12/0xb0 [ 3104.114874][T30415] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3104.125220][T29067] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 3104.129613][T30415] ? __hrtimer_init+0x103/0x2c0 [ 3104.129652][T30415] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3104.135523][T29067] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 3104.139838][T30415] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3104.144567][T29067] usb 3-1: config 0 interface 125 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 3104.151076][T30415] ? rcu_is_watching+0x12/0xb0 [ 3104.151104][T30415] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3104.161782][T29067] usb 3-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 3104.163714][T30415] hwsim_new_radio_nl+0xaf8/0x1240 [ 3104.282910][T30415] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3104.288797][T30415] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3104.296160][T30415] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3104.303526][T30415] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3104.309075][T30415] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3104.316457][T30415] ? ns_capable+0xd5/0x110 [ 3104.320858][T30415] genl_rcv_msg+0x55c/0x800 [ 3104.325359][T30415] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3104.331303][T30415] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3104.337202][T30415] netlink_rcv_skb+0x16b/0x440 [ 3104.341982][T30415] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3104.347891][T30415] ? netlink_ack+0x1370/0x1370 [ 3104.352653][T30415] ? rcu_is_watching+0x12/0xb0 [ 3104.357515][T30415] ? down_write+0x200/0x200 [ 3104.362039][T30415] ? netlink_deliver_tap+0x1b1/0xd10 [ 3104.368078][T30415] genl_rcv+0x28/0x40 [ 3104.372047][T30415] netlink_unicast+0x536/0x810 [ 3104.376806][T30415] ? netlink_attachskb+0x870/0x870 [ 3104.381922][T30415] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3104.387813][T30415] ? __phys_addr_symbol+0x30/0x70 [ 3104.392848][T30415] ? __check_object_size+0x323/0x730 [ 3104.398188][T30415] netlink_sendmsg+0x93c/0xe40 [ 3104.403121][T30415] ? netlink_unicast+0x810/0x810 [ 3104.408064][T30415] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3104.413374][T30415] ? netlink_unicast+0x810/0x810 [ 3104.418322][T30415] sock_sendmsg+0xd9/0x180 [ 3104.422755][T30415] ____sys_sendmsg+0x6ac/0x940 [ 3104.427514][T30415] ? copy_msghdr_from_user+0x10b/0x160 [ 3104.432964][T30415] ? kernel_sendmsg+0x50/0x50 [ 3104.437628][T30415] ? plist_check_list+0x1ae/0x280 [ 3104.442661][T30415] ? schedule+0xf1/0x1b0 [ 3104.446893][T30415] ___sys_sendmsg+0x135/0x1d0 [ 3104.451571][T30415] ? do_recvmmsg+0x740/0x740 [ 3104.456160][T30415] ? rcu_is_watching+0x12/0xb0 [ 3104.460922][T30415] ? rcu_is_watching+0x12/0xb0 [ 3104.465678][T30415] ? __fget_light+0xe6/0x260 [ 3104.470271][T30415] __sys_sendmsg+0x117/0x1e0 [ 3104.474936][T30415] ? __sys_sendmsg_sock+0x30/0x30 [ 3104.479950][T30415] ? xfd_validate_state+0x5d/0x180 [ 3104.485091][T30415] ? rcu_is_watching+0x12/0xb0 [ 3104.489868][T30415] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3104.495841][T30415] do_syscall_64+0x38/0xb0 [ 3104.500261][T30415] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3104.506155][T30415] RIP: 0033:0x7f594487cae9 [ 3104.510566][T30415] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3104.530259][T30415] RSP: 002b:00007f59455230c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3104.538665][T30415] RAX: ffffffffffffffda RBX: 00007f594499bf80 RCX: 00007f594487cae9 [ 3104.546727][T30415] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3104.554747][T30415] RBP: 00007f59448c847a R08: 0000000000000000 R09: 0000000000000000 [ 3104.557286][T29067] usb 3-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 3104.562703][T30415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3104.562719][T30415] R13: 000000000000000b R14: 00007f594499bf80 R15: 00007ffc9f4734e8 [ 3104.575100][T29067] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3104.579672][T30415] [ 3104.585935][T30417] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3104.609822][T29067] usb 3-1: Product: syz 20:14:51 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0) ioctl$RTC_ALM_READ(r0, 0x80247008, &(0x7f00000000c0)) syz_mount_image$gfs2(&(0x7f0000000000), &(0x7f0000012700)='./bus\x00', 0x800004, &(0x7f0000000040)=ANY=[], 0xff, 0x125e7, &(0x7f0000012740)="$eJzs/XkYqHO9L36756XMQyKUQlIiEkoyVhIZkiGVUIiKUIYypCQNpDKmQpmSJCkRyixEppQ5UohIosJz7bPf6+z7Oft+9n32Pmc/1339fq/XH/tz77X5budc51zv93strTULAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzDLLLMXzFtzlX07vh7b719M9Z5ZZup3/9Xuuf/kvs/X+mvJfz4wF/388m7921iV2/vC2O73nQx/+l/Nf+ufbba+9X7vbXnv/l/7e/x0ve3SjVX+24Nued+QbTj9zkSt/uvZ/2/8iAAAAAAAAAPhvlF//L3s/dMX/8pd0s8wyY47/5cfmnWWWGbPNMktZXXXN937xf/K/f7NN+X+1vz77f/L/fAAAAPjflP1f937ksP7/OHfeWWY5YP9/9+P/80dmtP/yX7f9+KOPD92e5+evf/6//VD57z7+G82XO3/u83IX+P/+5wMAAID/Z8n+b3o/0t/sM//z/QvlviB34dxFchfNfWHui3IXy31x7ktyF89dInfJ3JfmLpX7stylc1+e+4rcZXJfmbts7nK5r8pdPneF3Ffnrpj7mtyVclfOXSX3tbmvy1019/W5q+W+IXf13DVy18xdK3fm7zOwTu4bc9+U++bcdXPfkrte7ltz18/dIPdtuRvmbpS7ce4muW/P3TT3Hbmb5W6eu0XulrnvzN0q91257859T+7Wue/N3SZ329z8HhOzvC/3/bnb5+6Qu2PuB3Jn/iYS+X0pZvlg7odyP5y7S+6uuR/J3S1399w9cj+a+7HcPXP3yp35G1Dsk/vx3E/k7pu7X+7Mnxk7IPeTuQfmfir307kH5X4m9+Dcz+Yekvu53M/nfiH3i7mH5s78Obwv5R6e++Xcr+R+NfeI3CNzj8o9OveY3GNzv5Z7XO7Xc7+R+83c43NPyD0x91u53849Kffk3FNyT809Lfc7uafnfjf3jNzv5Z6Z+/3cs3J/kHt27g9zz8n9Ue6Pc8/N/Unuebnn5/4094LcC3Mvyv1Z7s9zL869JPfS3MtyL8+d+e9gXZl7Ve7Mf9fq6txrcq/N/WXudbnX5/4q94bcG3Nvyr0595bcX+femvub3N/m3pZ7e+4duXfm3pV7d+49ub/LvTf3vtzf596f+4fcP+Y+kPtg7kO5f8p9OPeR3D/nPpr7WO5fcmdm3F9zn8j9W+6TuU/l/j33H7n/zH0695nc/MtMM3/avMhHkZ/bLqrc/Hx7kdwt2twud0burLnPyX1ubn5/nWL23Pz7ecWcuXPlzp07T+68ufl58CI/D17k58GL/Dx4kZ8HL5L/RfK/SP4Xyf8i+V8k/4vkf5H8L5L/RfK/SP4Xyf8i+V8k/4vkf5H8L5L/RfK/SP4Xyf8i+V8k/4vkf5H8L5L/RfK/SP4Xyf8i+V8k/4vkf5H8L5L/RfK/SP4Xyf8i+V8k/4vkf5H8L5L/RfK/SP4Xyf8i+V8k/4vkf5H8L5L/RfK/SP4Xyf8i+V8k/4vkf5H8L5L/RfK/SP4Xyf8i+V8k/4vkf5H8L5L/RfK/SP4Xyf8i+V8k/4vkf5H8L5L/RfK/SP4Xyf8i+V8k/4vkf5H8L5L/RfK/SP4Xyf8i+V8k/4vkf5H8L5L/RfK/SP4Xyf8i+V8k/4vkf5H8L5L/RfK/SP4Xyf8i+V8k/4vkf5H8L5L/RfK/SP4Xyf8i+V8k/4vkf5H8L5L/RfK/SP4Xyf8i+V8k/4vk/8xfwyuS/0Xyv0j+F8n/IvlfJP+L5H+R/C+S/0Xyv0j+F8n/IvlfJP+L5H+R/C+S/0Xyv0j+F8n/IvlfJP+L5H+R/C+S/0Xyv0j+F8n/IvlfJP+L5H+R/C+S/0Xyv0j+F8n/IvlfJP+L5H+R/C+S/0Xyv0j+F8n/IvlfJP+L5H+R/C+S/0Xyv0j+F8n/IvlfJP+L5H+R/C+S/0Xyv0j+F8n/IvlfJP+L5H+R/C+S/0Xyv0j+F8n/IvlfJP+L5H+R/C+S/0Xyv0j+F8n/IvlfJP+L5H+R/C+S/0Xyv0j+F8n/IvlfJP+L5H+R/C+S/0Xyv0j+F8n/IvlfJP+L5H+R/C+S/0Xyv0j+z9y4RfK/SP4Xyf8i+V8k/4vkf5H8L5L/RfK/SP4Xyf+Zv5RdJv/L/ECZ/C+T/2Xyv0z+l8n/MvlfJv/L5H+Z/C+T/2Xyv0z+l8n/MvlfJv/L5H+Z/C+T/+X8//H+L9MLyvSCMr2gTC8o0wvK9IIyvaBMLyjTC8r0gjK9oEwvKNMLyvSCMr2gTC8o0wvK9IIyvaBMLyjTC8r0gjK9oEwvKNMLyvSCMr2gTC8o0wvK9IIyvaBMLyjTC8r0gjK9oEwvKNMLyvSCMr2gTC8o0wvK9IIyvaBMLyjTC8r0gjK9oEwvKNMLyvSCMr2gTC8o0wvK9IIyvaBMLyjTC8r0gjK9oEwvKNMLyvSCMr2gTC8o0wvK9IIyvaBMLyjTC8r0gjK9oEwvKNMLyvSCMr2gTC8o0wvK9IIyvaBMLyjTC8r0gjK9oEwvKNMLyvSCMr2gTC8o0wvK9IIyvaBMLyjTC8r0gjK9oEwvKNMLyvSCMr2gTC8o0wvK9IIyvaBMLyjTC8r0gjK9oEwvKNMLyvSCMr2gTC8o0wvK9IIyvaBMLyjTC8r0gjK9oEwvKNMLyvSCMr2gTC8o0wvK9IIyvaBMLyjTC8r0gjK9oEwvKNMLyvSCMr2gTC8o0wvK9IIyvaBMLyjTC8r0gjK9oEwvKNMLyvSCMr2gTC8o0wvK9IIyvaBMLyjTC8r0gjK9oEwvKNMLyvSCMr2gTC8o0wvK9IIyvaBMLyjTC8r0gjK9oEwvKNMLyvSCMr2gTC8o0wvK9IIyvaBMLyjTC8r0gjK9oEwvKNMLyvSCMr2gTC8o0wvK9IIyvaBMLyjTC8r0gjK9oEwvKNMLyvSCMr2gTC8o0wvK9IIyvaBMLyjTC8r0gjK9oEwvKNMLyvSCMr2gTC8o0wvK9IIyvaBMLyjTC8r0gjK9oEwvKNMLyvSCMr2gTC8o0wvK9IIy2VemF5TpBWV6QZleUKYXlOkFZXpBmV5QpheU6QVlekHif5YqvaBKL6jyP6jSC6rkcZVeUKUXVOkFVXpBlV5QpRdU6QVVekGVXlClF1TpBVV6QZVeUKUXVOkFVX5eoEr+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv7rgX/8/fJX8r5L/VfK/Sv5Xyf8q+V8l/6vkf5X8r5L/VfK/Sv5Xyf8q+V8l/6vkf5X8r5L/VfK/Sv5Xyf8q+V8l/6vkf5X8r5L/VfK/Sv5Xyf8q+V8l/6vkf5X8r5L/VfK/Sv5Xyf8q+V8l/6vkf5X8r5L/VfK/eiCBGFXyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/KvlfJf+r5H+V/K+S/1Xyv0r+V8n/Kvk/81+zr5P/dfK/Tv7X+Qvq5H+d/K+T/3X+j1sn/+vkf538r5P/dfK/Tv7Xyf86+V8n/+t5/uP9X6cX1OkFdXpBnV5QpxfU6QV1ekGdXlCnF9TpBXV6QZ1eUKcX1OkFdXpBnV5QpxfU6QV1ekGdXlCnF9TpBXV6QZ1eUKcX1OkFdXpBnV5QpxfU6QV1ekGdXlCnF9TpBXV6QZ1eUKcX1OkFdXpBnV5QpxfU6QV1ekGdXlCnF9TpBXV6QZ1eUKcX1OkFdXpBnV5QpxfU6QV1ekGdXlCnF9TpBXV6QZ1eUKcX1OkFdXpBnV5QpxfU6QV1ekGdXlCnF9TpBXV6QZ1eUKcX1OkFdXpBnV5QpxfU6QV1ekGdXlCnF9TpBXV6QZ1eUKcX1OkFdXpBnV5QpxfU6QV1ekGdXlCnF9TpBXV6QZ1eUKcX1OkFdXpBnV5QpxfU6QV1ekGdXlCnF9TpBXV6QZ1eUKcX1OkFdXpBnV5QpxfU6QV1ekGdXlCnF9TpBXV6QZ1eUKcX1OkFdXpBnV5QpxfU6QV1ekGdXlCnF9TpBXV6QZ1eUKcX1OkFdXpBnV5QpxfU6QV1ekGdXlCnF9TpBXV6QZ1eUKcX1OkFdXpBnV5QpxfU6QV1ekGdXlCnF9TpBXV6QZ1eUKcX1OkFdXpBnV5QpxfU6QV1ekGdXlCnF9TpBXV6QZ1eUKcX1OkFdXpBnZ8XqNML6vSCOr2gTi+o0wvq9II6vaBOL6jTC+r0gjq9oE4vqNML6vSCOr2gTi+o0wvq9II6vaBOL6jTC+r0gjq9oE4vqNML6vSCOr2gTi+o0wvq9II6vaBOL6jTC+r0gjq9oE4vqNML6vSCOr2gTi+o0wvq9II6vaDOzwvU+XmBOr2gTi+o0wvqR/41eOv0gjq9oE4vqNML6mRinV5QpxfU6QV1ekGdXlCnF9TpBXV6QZ1eUKcX1OkFM+O3SS9o0gua9IImvaDJX9ikFzTpBU16QZNe0KQXNOkFTXpBk17QpBc06QVNekGTXtDk5wWa5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv0n+N8n/JvnfJP+b5H+T/G+S/03yv8nPCzTJ/yb53yT/m+R/k/xvkv9N8r9J/jfJ/yb53yT/m+R/k/xvkv9N8r9J/ifOZ2mT/23yv03+t8n/Nvnf5m9ok/9t8r9N/rfJ/zb53yb/2+R/m/xv5xzY/3/4t+82vaBNL2jTC9r0gja9oE0vaNML2vSCNr2gTS9o0wva9II2vaBNL2jTC9r0gja9oE0vaNML2vSCNr2gTS9o0wva9II2vaBNL2jTC9r0gja9oE0vaNML2vSCNr2gTS9o0wva9II2vaBNL2jTC9r0gja9oE0vaNML2vSCNr2gTS9o0wva9II2vaBNL2jTC9r0gja9oE0vaNML2vSCNr2gTS9o0wva9II2vaBNL2jTC9r0gja9oE0vaNML2vSCNr2gTS9o0wva9II2vaBNL2jTC9r0gja9oE0vaNML2vSCNr2gTS9o0wva9II2vaBNL2jTC9r0gja9oE0vaNML2vSCNr2gTS9o0wva9II2vaBNL2jTC9r0gja9oE0vaNML2vSCNr2gTS9o0wva9II2vaBNL2jTC9r0gja9oE0vaNML2vSCNr2gTS9o0wva9II2vaBNL2jTC9r0gja9oE0vaNML2vSCNr2gTS9o0wva9II2vaBNL2jTC9r0gja9oE0vaNML2vSCNr2gTS9o0wva9II2vaBNL2jTC9r0gja9oE0vaNML2vSCNr2gTS9o0wva9II2vaBNL2jTC9r0gja9oE0vaNML2vSCNr2gTS9o0wva9II2vaBNL2jTC9r0gja9oE0vaNML2vSCNr2gTS9o0wva9II2vaBNL2jTC9r0gja9oE0vaNML2vSCNr2gTS9o0wva9II2vaBNL2jTC9r0gja9oE0vaNML2vSCNr2gTS9o0wva9II2vaBNL2jTC9r0gja9oE0vaNML2vSCNr2gTS9o0wva9II2WdamF7Trbf6v/8pvekGbXtCmF7TpBW16QZte0KYXtOkFbXpBm17Qphe06QVtekGbXtCmF7TpBW16QZte0KYXtOkFbXpB4n2WLr2gSy/o0gu69IIu+d2lF3T5G7v0gi69oEsv6NILuvSCLr2gSy/o8vMCXfK/S/53yf8u+d8l/7vkf5f875L/XfK/S/53yf8u+d8l/7vkf5f875L/XfK/S/53yf8u+d8l/7vkf5f875L/XfK/S/53yf8u+d8l/7vkf5f875L/XfK/S/53yf8u+d8l/7vkf5f875L/XfK/S/53yf8u+d8l/7vkf5f875L/XfK/S/53yf8u+d8l/7vkf5f875L/XfK/S/53yf8u+d8l/7vkf5f87/4l//f79kPzJ/+75H+X/O82+V/+OZP/XfK/S/53yf8u+d8l/7vkf5f875L/XfK/S/53yf8u+d8l/7vkfzfzz6pO/nfJ/y753yX/u+R/l/zvkv8z/3zrLvnfJf+75H+X/O+S/13yv0v+d8n/LvnfJf+75H+X/O+S/13yv0v+d8n/LvnfJf+75H+X/O+S/13yv0v+d8n/LvnfJf+75H+X/O+S/13yv0v+d8n/LvnfJf+75H+X/O+S/13yv0v+d8n/LvnfJf+75H+X/O+S/13yv0v+d8n/LvnfJf+75H+X/O+S/13yv0v+d8n/LvnfJf+75H+X/O+S/13yv0v+d8n/LvnfJf+75H+X/O+S/13yv0v+d8n/LvnfJf+75H+X/O+S/13yv0v+d8n/LvnfJf+75H+X/O+S/13yv0v+d8n/LvnfJf+75H+X/O+S/13yv0v+d8n/LvnfJf+75H+X/O+S/13yv0v+d8n/LvnfJf+75H+X/O+S/13yv0v+d8n/Lvnf3fFvW/h//PfJ/y753yX/u+R/l/zvkv9d8r9L/nfJ/y753+XnBbrkf5f875L/XfK/S/53yf8u+d8l/7vkf5f875L/XfK/S/53yf8u+d8l/7vkf5f875L/XfK/S/7P/LcbZiT/Z8z8c/eT/zOS/zOS/zPyf3kzkv8z8sCM5P+M5P+Mmfl/23/86/8z0gtm/v7/M9ILZqQXzEgvmJFeMCO9YEZ6wYz0ghnpBTPSC2b4ffYAAADg/4+y/3v/MYqZ/xm9Wf7Hr+/t/2+/mdEsJ98+132Lr7bj8gPPzPx9Auf97/xnBQAAAP5rRvb/V3v7v1jkBY89b+3DXr/EwDMz/3wA+x8AAAAmaGT/H9Hb/+Wsi92w5lEb3faZgWdm/rmA9j8AAABM0Mj+P7K3/6sf3P+q73/66q8+d+CZ/D4+9j8AAABM0cj+P6q3/+vL17lj9y1m3/3UgWfy+/fa/wAAADBFI/v/6N7+bz5x4KqfWeXEF10w8Ez+3B77HwAAAKZoZP8f09v/7Y7nLnLDfdv8bOGBZ/Ln9dr/AAAAMEUj+//Y3v7vbtjv2RfNN/8lfx54ZubfY/8DAADABI3s/6/19v+MXX8630+uuHGJjQeeWSzX/gcAAIAJGtn/x/X2/6y/2OeJdU/Ze9d1Bp55ca79DwAAABM0sv+/3tv/z7lzjVsW2f28w+4feOYlufY/AAAATNDI/v9Gb/8/932fWfHhHZe8daeBZxbPtf8BAABggkb2/zd7+3+2pW7Z9fQf3r/ylQPPLJFr/wMAAMAEjez/43v7f/bD5/7ye25ad+c7Bp5ZMtf+BwAAgAka2f8n9Pb/HAe9/KznznrwFz4+8MxLc+1/AAAAmKCR/X9ib//PueqfNnzy4d2evWzgmaVy7X8AAACYoJH9/63e/p/rmV++4q7lz1p0u4FnXpZr/wMAAMAEjez/b/f2/9xrz3rtvBsv/JbdBp5ZOtf+BwAAgAka2f8n9fb/PBuu8Mibvnj7d64feOblufY/AAAATNDI/j+5t//nfeCvs5/95dXvedfAM6+Y+df8t/7DAgAAAP8lI/v/lN7+n+/rm92z69sOqJ4deGaZXPsfAAAAJmhk/5/a2//zL/6lWT657LKb/WHgmVfm2v8AAAAwQSP7/7Te/n/ect9Z7Oa/PHzOWwaeWTbX/gcAAIAJGtn/3+nt/wUO+eDFS9y34iUfHHhmuVz7HwAAACZoZP+f3tv/z1/qe0tduMrjS/xy4JlX5dr/AAAAMEEj+/+7vf2/4OE7XvXWLbbc9dcDzyyfa/8DAADABI3s/zN6+3+hgzZ58PmfPvawvQeeWSHX/gcAAIAJGtn/3+vt/xes+tVZHzyqvfWJgWdenWv/AwAAwASN7P8ze/t/4fe8f79N1r585bcPPLNirv0PAAAAEzSy/7/f2/+L3PfN4765+I47rzXwzGty7X8AAACYoJH9f1Zv/y/66DHnP/7kKV+4e+CZlXLtfwAAAJigkf3/g97+f+F6W727e+Emz75z4JmVc+1/AAAAmKCR/X92b/+/6M0Xzv6Ciw9f9KmBZ1bJtf8BAABggkb2/w97+3+xx/Z65A8nrvqWhweeeW2u/Q8AAAATNLL/z+nt/xf/fq1rz9/v6e+8deCZ1+Xa/wAAADBBI/v/R739/5KtPv2Kt22z9T0XDTyzaq79DwAAABM0sv9/3Nv/iy/10osPueD4apuBZ16fa/8DAADABI3s/3N7+3+Jw+9ebK875txsj4FnVsu1/wEAAGCCRvb/T3r7f8mDfjvLMuW159wy8Mwbcu1/AAAAmKCR/X9eb/+/dNVF7rljldmX3mrgmdVz7X8AAACYoJH9f35v/y/19TtnXfu+q3/xzMAza+Ta/wAAADBBI/v/p739/7LFF3zwR5/e5ht/HHhmzVz7HwAAACZoZP9f0Nv/Sy/3kqt+t8WJ+6438MxaufY/AAAATNDI/r+wt/9ffsh9S8219morXT7wzNq59j8AAABM0Mj+v6i3/19xzF9mPemoZ29+38Az6+Ta/wAAADBBI/v/Z739v8yLVnxw0yc3+uRHBp55Y679DwAAABM0sv9/3tv/r3z1nFcVix+27XUDz7wp1/4HAACACRrZ/xf39v+yX7xyqccu3mnuDww88+Zc+x8AAAAmaGT/X9Lb/8u99cG3P/DC0/58xcAz6+ba/wAAADBBI/v/0t7+f9UTy5yz4H71t+4ceOYtufY/AAAATNDI/r+st/+Xv2eBI9c/8dJ1PjHwzHq59j8AAABM0Mj+v7y3/1fY/Po9Lrhg89keHXjmrbn2PwAAAEzQyP6/orf/X/2K3Y7ZZ5uj/7TJwDPr59r/AAAAMEEj+//K3v5f8Ygf7nlwudK5aw88s0Gu/Q8AAAATNLL/r+rt/9d88tAtbrvjic1/P/DM23LtfwAAAJigkf3/i97+X2nldc9b9opllv7ZwDMb5tr/AAAAMEEj+//q3v5f+ZjPbfjD+R76xbYDz2yUa/8DAADABI3s/2t6+3+VF61/1ht3X/Mbuw88s3Gu/Q8AAAATNLL/r+3t/9e++mNfnueUA/e9eeCZmX8mgP0PAAAAEzSy/3/Z2/+v++L3d737h4uutOXAM2/Ptf8BAABggkb2/3W9/b/qn9bsttjxzpufHHhm01z7HwAAACZoZP9f39v/r9/sU/edNuuun3xk4Jl35Nr/AAAAMEEj+/9Xvf2/2loXXPLMTWduu/7AM5vl2v8AAAAwQSP7/4be/n/DU3suOfvy6839t4FnNs+1/wEAAGCCRvb/jb39v/oJOyyz+cOH/HnTgWe2yLX/AQAAYIJG9v9Nvf2/xvPP+OV3vrj4t9YceGbmnwlg/wMAAMAEjez/m3v7f83ZvvLwsxvft85dA8+8M9f+BwAAgAka2f+39Pb/WudsPNtsb9tztp0Hntkq1/4HAACACRrZ/7/u7f+1f/7n31355XP/dO3AM+/Ktf8BAABggkb2/629/b/Onq8pXvuXBc69deCZd+fa/wAAADBBI/v/N739/8adZ3vRh5a9efN9Bp55T679DwAAABM0sv9/29v/b7r5qp8fd8fx7zpy4Jmtc+1/AAAAmKCR/X9bb/+/efcZL+vKrc9fceCZ9+ba/wAAADBBI/v/9t7+X/faa3/x+DbX/uHFA89sk2v/AwAAwASN7P87evv/Lb95/IFvXjDnrPsPPLNtrv0PAAAAEzSy/+/s7f/1tl5+xiYnHr76bAPPbJdr/wMAAMAEjez/u3r7/63LbPPWuffb5PgzBp55X679DwAAABM0sv/v7u3/9Y/81hn3vPDpv5478Mz7c+1/AAAAmKCR/X9Pb/9vcODXDz3n4lXne8HAM9vn2v8AAAAwQSP7/3e9/f+2VTb/4DqLX/7+4wee2SHX/gcAAIAJGtn/9/b2/4b/2Hvudz3ZfqYaeGbHXPsfAAAAJmhk/9/X2/8brXH+X8446pQb5ht45gO59j8AAABM0Mj+/31v/2+86UG/+vvaOy5/zsAzO+Xa/wAAADBBI/v//t7+3+SR1ZebdYvH93ntwDM75/67/V/83/4HBgAAAP7TRvb/H3r7/+3H3nPn1Z9e8ZijBp75YK5f/wcAAIAJGtn/f+zt/00XW/z1b7jv2GsPHXjmQ7n2PwAAAEzQyP5/oLf/37HiogvvtMqWyy4z8MyHc+1/AAAAmKCR/f9gb/9vduivnzlq2QPe9ZyBZ3bJtf8BAABggkb2/0O9/b/5MgvNX/5l9fNPGXhm11z7HwAAACZoZP//qbf/tzjytr89+uWH/3DhwDMfybX/AQAAYIJG9v/Dvf2/5YG/v/nbb1t21kUGntkt1/4HAACACRrZ/4/09v87V3nRq9+x8Vmrf2ngmd1z7X8AAACYoJH9/+fe/t9qyxvWfPiLux2/wsAze+Ta/wAAADBBI/v/0d7+f9dd839zkYdv/+viA898NNf+BwAAgAka2f+P9fb/ux9f9oB1l194voMGnvlYrv0PAAAAEzSy///S2//v2eCP2/7kpvvfv+rAM3vm2v8AAAAwQSP7//He/t96/ecsd9KsS37m6wPP7JVr/wMAAMAEjez/v/b2/3v/dvWvNt3x4Bs+O/DM3rn2PwAAAEzQyP5/orf/t/ndE38pfrju8i8feGafXPsfAAAAJmhk//+tt/+33WK5uR875cZ9Th545uO59j8AAABM0Mj+f7K3/7db5vBnVtp9/mOagWc+kWv/AwAAwASN7P+nevv/fUe+feFL5jvv2nkGntk31/4HAACACRrZ/3/v7f/3H/ih1x92xd7LnjnwzH659j8AAABM0Mj+/0dv/2+/yil3brvtqn+rB57ZP9f+BwAAgAka2f//7O3/HY79wKufuvDp55008MwBufY/AAAATNDI/n+6t/93XOz0m59z5yZrfn/gmU/m2v8AAAAwQSP7/5ne/v/Aikf87d3V4ScObfwDc+1/AAAAmKCR/f9sb//vdOiG83930Tkf+MbAM5/Ktf8BAABggv7j/d/N0tv/O1911Lrz/Pza575+4JlP59r/AAAAMEEj+7/o7f8P7vLu79x9wtbvWXrgmYNy7X8AAACYoJH9X/b2/4e22+6QH+57/AUHDzzzmVz7HwAAACZoZP9Xvf3/4TtO2OGNR2959fIDz8z8OQH7HwAAACZoZP/Xvf2/y8L7z/fudY5d5rCBZz6ba/8DAADABI3s/6a3/3c96Y1PfHeJFff6zMAzh+Ta/wAAADBBI/u/7e3/j5z18Vueeurxo5YYeOZzufY/AAAATNDI/u96+3+3GT9Z8Tn37nj9qQPPfD7X/gcAAIAJGtn/M3r7f/ePP/83v1z5lOWeO/DMF3LtfwAAAJigkf0/a2//73HZHSuvunm73cIDz3wx1/4HAACACRrZ/8/p7f+P/ureBXf41OWfvmDgmUNz7X8AAACYoJH9/9ze/v/YDi/+x7GHL/y3oweemflnAtr/AAAAMEEj+3+23v7f86q75io2uP15rxt45ku59j8AAABM0Mj+n723//faZcnHHnvlbmu+YuCZw3PtfwAAAJigkf0/R2//773dwjec9NhZJ35x4Jkv59r/AAAAMEEj+3/O3v7f547fvGrTR5Z9oBx45iu59j8AAABM0Mj+n6u3/z/+05e96U8rPPzcbw4889Vc+x8AAAAmaGT/z93b/5/oHvn2opus/p4fDTxzRK79DwAAABM0sv/n6e3/fee96VNvOfSAC+YfeObIXPsfAAAAJmhk/8/b2//7nTrv+8/dYe+rvzfwzFG59j8AAABM0Mj+n6+3//df677b9z37vGVmH3jm6Fz7HwAAACZoZP/P39v/Bzz1kjd84cb591po4Jljcu1/AAAAmKCR/f+83v7/5J8WXPTWGTce9eOBZ47N7e3/9r/nHxgAAAD4TxvZ/wv09v+Bm935z6XnX/f6Vw8887Vcv/4PAAAAEzSy/5/f2/+feskn5n3kyoOXO2LgmeNy7X8AAACYoJH9v2Bv/3/66PMeXfjUJbc7YOCZr+fa/wAAADBBI/t/od7+P+gLB1z35j3u//RLBp75Rq79DwAAABM0sv9f0Nv/n1npTcuf96nD9v/lwDPfzLX/AQAAYIJG9v/Cvf1/8Fc/fetim2/03g8OPHN8rv0PAAAAEzSy/xfp7f/PLrvW63618rMr7j3wzAm59j8AAABM0Mj+X7S3/w953V4LHXTvajf+euCZE3PtfwAAAJigkf3/wt7+/9wBFz65x1MnHvf2f/fIfrN8K1/2PwAAAEzQyP5/UW//f/7qR85faYltPv7EwDPfzrX/AQAAYIJG9v9ivf3/hY++7N2XrHP1UncPPHNSrv0PAAAAEzSy/1/c2/9f3Gbe/Q47evYr1xp45uRc+x8AAAAmaGT/v6S3/w/99U3HbbvvE+c9NfDMKbn2PwAAAEzQyP5fvLf/D1vob3fvc8JKW75z4JlTc+1/AAAAmKCR/b9Eb/9/6Zuvqg7++dFzvHXgmdNy7X8AAACYoJH9v2Rv/x9+9nNffNuimz/y8MAz38m1/wEAAGCCRvb/S3v7/8tzXHPRstWlJ20z8MzpufY/AAAATNDI/l+qt/+/sveHl33gzvpNFw08891c+x8AAAAmaGT/v6y3/7960anXLHjhafPeMvDMGbn2PwAAAEzQyP5furf/j7jxyw+tv+1Oj+0x8Mz3cu1/AAAAmKCR/f/y3v4/8kObznHBHmfuv/HAM2fm2v8AAAAwQSP7/xW9/X/U1Ufet/ipu773zwPPfD/X/gcAAIAJGtn/y/T2/9Ef3ai75co7V7x/4Jmzcu1/AAAAmKCR/f/K3v4/Zpudljxw/kVvXGfgmR/k2v8AAAAwQSP7f9ne/j/219+9ZJcZBx535cAzZ+fa/wAAADBBI/t/ud7+/9p57z7rihvX/PhOA8/8MNf+BwAAgAka2f+v6u3/44qjNnzd2Q8t9fGBZ87Jtf8BAABggkb2//K9/f/1+U/Y9cM7LHPlHQPP/CjX/gcAAIAJGtn/K/T2/ze+t92Xv3bozedtN/DMj3PtfwAAAJigkf3/6t7+/+bpn7lo/00W2PKygWfOzbX/AQAAYIJG9v+Kvf1//PPWePFuK5w7x/UDz/wk1/4HAACACRrZ/6/p7f8Tyn2qlz6y5yO7DTxzXq79DwAAABM0sv9X6u3/E3/807tvfOy+k54deOb8XPsfAAAAJmhk/6/c2//fuvqFc8z9ysXf9K6BZ36aa/8DAADABI3s/1V6+//bH731oXs2OGTetww8c0Gu/Q8AAAATNLL/X9vb/ydt87trzjl8vcf+MPDMhbn2PwAAAEzQyP5/XW//n/zrJZZd59SDP7TtwDMX5dr/AAAAMEEj+3/V3v4/Ze/7L7lzj3UP/dnAMzN/zP4HAACACRrZ/6/v7f9TL1psyVfMf/9vbx545ue59j8AAABM0Mj+X623/0+78QXdnlcu+drdB565ONf+BwAAgAka2f9v6O3/73zo9vs+d+N5uz058MwlufY/AAAATNDI/l+9t/9P3/cXl7x+xt6HbznwzKW59j8AAABM0Mj+X6O3/797yexLXrvDjZetP/DMZbn2PwAAAEzQyP5fs7f/z7hupe6Ys+d/6SMDz1ye++/3/7Vv+7/8TwwAAAD8Z43s/7V6+/97H3j0vh03eXjTTQeeuSLXr/8DAADABI3s/7V7+//MU244etdDlz37bwPPXJlr/wMAAMAEjez/dXr7//vzzL/PJx854K67Bp65Ktf+BwAAgAka2f9v7O3/s9plt7x5hdWLNQee+UWu/Q8AAAATNLL/39Tb/z84/48/XuKVt7/52oFnrs61/wEAAGCCRvb/m3v7/+wr1tvsrscWPnXngWeuybX/AQAAYIJG9v+6vf3/w4984YfzHn7W0/sMPDPz3wmw/wEAAGCCRvb/W3r7/5z3/+grb9pgt4VvHXjml7n2PwAAAEzQyP5fr7f/f3Tbrh89e/NTPvTMwDPX5dr/AAAAMEEj+/+tvf3/431/cNwrP7XjoVsNPHN9rv0PAAAAEzSy/9fv7f9zL9ljv9vvvfy36w0886tc+x8AAAAmaGT/b9Db/z+57m3v/uzK7Wv/OPDMDbn2PwAAAEzQyP5/W2//n/eBz56/9xLH7va+gWduzLX/AQAAYIJG9v+Gvf1//qx7X/Xzp7Y8/PKBZ27Ktf8BAABggkb2/0a9/f/TH5y/1KuOfvyy6waeuTnX/gcAAIAJGtn/G/f2/wUnHzTr+9ZZ8aUfGXjmllz7HwAAACZoZP9v0tv/Fy6y+oNHnHDtplcMPPPrXPsfAAAAJmhk/7+9t/8veuOGd12875xnf2DgmVtz7X8AAACYoJH9v2lv///sn0eUyy16/F2fGHjmN7n2PwAAAEzQyP5/R2////wPp79ku59vXdw58Mxvc+1/AAAAmKCR/b9Zb/9fvPEHfnbknU+/eZOBZ27Ltf8BAABggkb2/+a9/X/Jkle8cuNq1VMfHXjm9lz7HwAAACZoZP9v0dv/l35tjquP3/bwp38/8MwdufY/AAAATNDI/t+yt/8vO/jVf/rrhZssvPbAMzN/TwD7HwAAACZoZP+/s7f/L1/+sTnbDRZf8JSBZ+7Ktf8BAABggkb2/1a9/X/FYcvd+7XD73vyOQPP3J1r/wMAAMAEjez/d/X2/5VLP9F++LH1Tl9k4Jl7cu1/AAAAmKCR/f/u3v6/arWrX/q6Vx6y/oUDz/wu1/4HAACACRrZ/+/p7f9ffOo5l16xwgL1CgPP3Jtr/wMAAMAEjez/rXv7/+ortzzgkEduvu9LA8/cl2v/AwAAwASN7P/39vb/Nbt9bdu9Dt3z+wcNPPP7XPsfAAAAJmhk/2/T2//Xbn/Smstscu6Giw88c3+u/Q8AAAATNLL/t+3t/1/evvU37zh7zRd/feCZP+Ta/wAAADBBI/t/u97+v+6Fa9522Q4HXrzqwDN/zLX/AQAAYIJG9v/7evv/+m9/arUVZyxz5MsHnnkg1/4HAACACRrZ/+/v7f9fff+CF773xoc++tmBZx7Mtf8BAABggkb2//a9/X/Dc/d8+vArd31DM/DMQ7n2PwAAAEzQyP7fobf/b9zvN/NsNv+Zd5w88Myfcu1/AAAAmKCR/b9jb//fdOnCf/7WHosecubAMw/n2v8AAAAwQSP7/wO9/X/z9Ute/+dT79xpnoFnHsm1/wEAAGCCRvb/Tr39f8tOd61QXVgvuOLAM3/Otf8BAABggkb2/869/f/rK1/866O3vfTJIweeeTTX/gcAAIAJGtn/H+zt/1t3u/e1H6h2On3/gWcey7X/AQAAYIJG9v+Hevv/N9vf8YLV7jxt/RcPPPOXXPsfAAAAJmhk/3+4t/9/e/vzn7rm5yvVZww883iu/Q8AAAATNLL/d+nt/9suePDQPRZ94r7ZBp75a679DwAAABM0sv937e3/2+tlPnjQvpt//wUDzzyRa/8DAADABI3s/4/09v8dcy3w1l+dcPSG5w4887dc+x8AAAAmaGT/79bb/3eedv0Zi62zzYurgWeezLX/AQAAYIJG9v/uvf1/16nLP/36o0+8+PiBZ57Ktf8BAABggkb2/x69/X/3vI+/8NqnZj/ynIFn/p5r/wMAAMAEjez/j/b2/z3dtasds8TVH51v4Jl/5Nr/AAAAMEEj+/9jvf3/u5/OuG3HlTd6w1EDz/wz1/4HAACACRrZ/3v29v+9V562wun3HnbHaweeeTrX/gcAAIAJGtn/e/X2/3277Xz9ez612iHLDDzzTK79DwAAABM0sv/37u3/32//jj8/d/Nndzp04Jlnc+1/AAAAmKCR/b9Pb//ff/th8zx55vw/+tzAKzM/7H8AAACYoJH9//He/v/Dfhs/tc3ON77jZQOvzPxr7H8AAACYoJH9/4ne/v/jpV95wZdm27tcbeCVMh//mf3/7LP/tX9kAAAA4D9pZP/v29v/D1x/xmsvve68331t4JUqH379HwAAACZoZP/v19v/D+60w69fc82Sp8018EqdD/sfAAAAJmhk/+/f2/8P/eyx5XeY+/71zhp4pcmH/Q8AAAATNLL/D+jt/z/t8+rrjt113Rd+e+CVNh/2PwAAAEzQyP7/ZG//P/zhOR795XcPfqYbeGXmj9n/AAAAMEEj+//A3v5/5KYr5l31Lbt9/qcDr8z8++1/AAAAmKCR/f+p3v7/8wIPfHjxI8764AsHXpk1H/Y/AAAATNDI/v90b/8/+t1XfOGWJxZeZcbAK8/Jh/0PAAAAEzSy/w/q7f/Hzn3e6QcuffuvTxt45bn5sP8BAABggkb2/2d6+/8v1XUb7LLS6l9acuCV2fJh/wMAAMAEjez/g3v7//GPfeT4Hz54wC6fGnhl9nzY/wAAADBBI/v/s739/9drzl7rjZ9bdvEvD7wyRz7sfwAAAJigkf1/SG//P3HrF7eZZ7OHL33VwCtz5sP+BwAAgAka2f+f6+3/v2375v3vXmPFHz1v4JW58mH/AwAAwASN7P/P9/b/kz87ZKd9jnv8HWcPvDJ3Pux/AAAAmKCR/f+F3v5/ap+3fvbgp7csTxx4ZZ582P8AAAAwQSP7/4u9/f/3D3/0lNsWO/Z3xcArM3e//Q8AAAATNLL/D/2X/d/863/zj5vOfMuyq7anfWHglfnyYf8DAADABI3s/8N6v/7/z3PWWvXIuy5fb9mBV+bPh/0PAAAAEzSy/7/U2/9Pz/bpO7bbf8cXrjz0Sj7sfwAAAJigkf1/eG//P/P8C59dbqtTnjlm4JUF8mH/AwAAwASN7P8v9/b/syfstcjF523y+RcNvPL8fNj/AAAAMEEj+/8r/7b/i1kOvGGP47c//IOfHHhlwXzY/wAAADBBI/v/q739X6wy/5Ebd6uu8tWBVxbKh/0PAAAAEzSy/4/o7f9ymWXPaX/79K9XGnjlBfmw/wEAAGCCRvb/kb39Xx35x7f/9bKtv3TewCsL58P+BwAAgAka2f9H9fZ//bv1zltuoeN3WXDglUXyYf8DAADABI3s/6N7+7/Z4gtbXLz3nIvPMfDKovmw/wEAAGCCRvb/Mb39367/oz2PPOnaS08feOWF+bD/AQAAYIJG9v+xvf3f/W3XY7bb7NyLVh94ZebfY/8DAADABI3s/6/19v+MTX+w6zOf23OxewZeWSwf9j8AAABM0Mj+P663/2d9ZI8vz/7gzXv8deCVF+fD/gcAAIAJGtn/X+/t/+f8421nbbHSAl/ZbOCVl+TD/gcAAIAJGtn/3+jt/+eu8dkNT1v6kNt/O/DK4vmw/wEAAGCCRvb/N3v7f7bZbp3vD0+st+peA68skQ/7HwAAACZoZP8f39v/s5/zwidecMR9O3xo4JUl82H/AwAAwASN7P8Tevt/jhOWuOVtb1n8s1cPvPLSfNj/AAAAMEEj+//E3v6f8/m/W/H87975j48OvLJUPux/AAAAmKCR/f+t3v6f6zc/W/dbuy660I0Dr7wsH/Y/AAAATNDI/v92b//PvXX3nc3mPnODiwdeWTof9j8AAABM0Mj+P6m3/+fZ/fWHVNfs+r33Drzy8nzY/wAAADBBI/v/5N7+n/faf+zw5+se+v2fBl55RT7sfwAAAJigkf1/Sm//z/eTLT6z4mzLdG8beGWZfNj/AAAAMEEj+//U/f/n/6SYf5ZvvO+ynQ/cZPOBV16ZD/sfAAAAJmhk/5/W+/X/58337bUPP3PNs/4+8Mqy+bD/AQAAYIJG9v93evt/gTO2Pem9Jx190e0DryyXD/sfAAAAJmhk/5/e2//Pn+349f+x9+aL7TfwyqvyYf8DAADABI3s/+/29v+C52z/vRkLPbHHDgOvLJ8P+x8AAAAmaGT/n9Hb/wud8K4vbnXZSl+5auCVFfJh/wMAAMAEjez/7/X2/wuef+zO3/vtabe/ceCVV+fD/gcAAIAJGtn/Z/b2/8L77LDQAt1Oq9478MqK+bD/AQAAYIJG9v/3e/t/kZ+d8eS921+6w18GXnlNPux/AAAAmKCR/X9Wb/8vetNXbj3zvPqzGw28slI+7H8AAACYoJH9/4Pe/n/hhzd+3VpbPfuPBwdeWTkf9j8AAABM0Mj+P7u3/1+08/d3eM/+qy207sArq+TD/gcAAIAJGtn/P+zt/8Vu/tghp9912AbvHnjltfmw/wEAAGCCRvb/Ob39/+Kfr/+dJ1fd6Hv/HHjldfmw/wEAAGCCRvb/j3r7/yV7fm7d5y529e93GXhl1XzY/wAAADBBI/v/x739v/hsLzvp2qdn73418Mrr82H/AwAAwASN7P9ze/t/iXMeWfv1x524yaUDr6yWD/sfAAAAJmhk//+kt/+XPOGm9+24xjZnbT/wyhvyYf8DAADABI3s//N6+/+lz5/3M8fsffwrHxp4ZfV82P8AAAAwQSP7//ze/l/qJ9fvPMtJW/9yg4FX1siH/Q8AAAATNLL/f9rb/y+bZYEv/uWya4/dYuCVNfNh/wMAAMAEjez/C3r7f+n5lvneyQvNufc/Bl5ZKx/2PwAAAEzQyP6/sLf/X37Gg+u/vTt8hY8NvLJ2Pux/AAAAmKCR/X9Rb/+/4oKnd77nt5v86qaBV9bJh/0PAAAAEzSy/3/W2//L1K/74tznPX3QzwdeeWM+7H8AAACYoJH9//Pe/n/lXMX31tl+1e23HnjlTfmw/wEAAGCCRvb/xb39v+xpl69/zv6Xz/+bgVfenA/7HwAAACZoZP9f0tv/y+1w36vO2Kp9fM+BV9bNh/0PAAAAEzSy/y/t7f9X/eolN7xr1VO++eGBV96SD/sfAAAAJmhk/1/W2//LX7bgY7PeteMa1wy8sl4+7H8AAACYoJH9f3lv/6/w8Tvn+vvTj89YY+CVt+bD/gcAAIAJGtn/V/T2/6tnfOLZNyy24h9/N/DK+vmw/wEAAGCCRvb/lb39v+JZ5y1y9RrH/vTxgVc2yIf9DwAAABM0sv+v6u3/15x0wKpHHbflVu8YeOVt+bD/AQAAYIJG9v8vevt/pYXfdMdOnzvglbsOvLJhPux/AAAAmKCR/X91b/+vfMGnV3x0s9V/ecPAKxvlw/4HAACACRrZ/9f09v8q9Vq3lCs9fOwlA69snA/7HwAAACZoZP9f29v/r51rryfe8eCye79/4JVN8mH/AwAAwASN7P9f9vb/6067cL5vP3HWCg8MvPL2fNj/AAAAMEEj+/+63v5f9cq3brPI0rv96s0Dr2yaD/sfAAAAJmhk/1/f2/+v3+2Q/R9+y+0HvWfglZl/JqD9DwAAABM0sv9/1dv/q21/5vE/OWLh7Z8eeGWzfNj/AAAAMEEj+/+G3v5/w+0fXWvdXe+f/00Dr2yeD/sfAAAAJmhk/9/Y2/+rH/T+Ny/83SUfv2/glS3yYf8DAADABI3s/5t6+3+NVb952iPXHPzNxwZe2TIf9j8AAABM0Mj+v7m3/9dc6pjPnTf3umtsOPDKO/Nh/wMAAMAEjez/W3r7f63Dt9rxzbPdOOO2gVe2yof9DwAAABM0sv9/3dv/a//+mYO+cN38f9x34JV35cP+BwAAgAka2f+39vb/OlutvN2+Z5730x0HXnl3Pux/AAAAmKCR/f+b3v5/45vLdZbeee+tfjHwynvyYf8DAADABI3s/9/29v+bHrvk5FuPm32Llw68snU+7H8AAACYoJH9f1tv/795w/ata61x9Y8/PfDKe/Nh/wMAAMAEjez/23v7f90HLjrjzMW2eejwgVe2yYf9DwAAABM0sv/v6O3/tzzz90PvffrE2ZcbeGXbfNj/AAAAMEEj+//O3v5fb+1VP7jAXautff7AK9vlw/4HAACACRrZ/3f19v9bZ935ZZuu+uy3Fx145X35sP8BAABggkb2/929/b/+D077xUlbbfTorAOvvD8f9j8AAABM0Mj+v6e3/zc4+bAHHtv/sLm+M/DK9vmw/wEAAGCCRvb/73r7/22LvGNGsf1O28w98MoO+bD/AQAAYIJG9v+9vf2/4Z27777geacd+IOBV3bMh/0PAAAAEzSy/+/r7f+N3nfWEQ/8tr7lWwOvfCAf9j8AAABM0Mj+/31v/2+868E/uqC79DXtwCs75cP+BwAAgAka2f/39/b/Jr/YYNP1F9p8v0MGXtk5H/Y/AAAATNDI/v9Db/+//cKHfnLwZUd/famBVz6YD/sfAAAAJmhk//+xt/83bZbefJ+TVrrqDQOvfCgf9j8AAABM0Mj+f6C3/98x91x7Lbv3Ey8/buCVD+fD/gcAAIAJGtn/D/b2/2bfufnY23ZeZoufDLyySz7sfwAAAJigkf3/UG//bz7rfLu88cyHfvz8gVd2zYf9DwAAABM0sv//1Nv/W/zgV4f/8Lo1H5pz4JWP5MP+BwAAgAka2f8P9/b/lif/4Qd3z3bg7N8deGW3fNj/AAAAMEEj+/+R3v5/5yKv3GieuRdde7GBV3bPh/0PAAAAEzSy///c2/9b7Xv7S0+75s5vHzjwyh75sP8BAABggkb2/6O9/f+uS15w6Rbf3fXRrwy88tF82P8AAAAwQSP7/7He/n/3dYvdO/uuZ871moFXPpYP+x8AAAAmaGT//6W3/9/zgfvbZ45Yb5vPD7yyZz7sfwAAAJigkf3/eG//b71jvek9bznkwFcOvLJXPux/AAAAmKCR/f/X3v5/7w0//9HcSy9+yyoDr+ydD/sfAAAAJmhk/z/R2//bXP7kEes8cd9rjh14ZZ982P8AAAAwQSP7/2+9/b/tJ1bb/ZwH99xvgYFXPp4P+x8AAAAmaGT/P9nb/9vN+rVjd1vp3K//cOCVT+TD/gcAAIAJGtn/T/X2//t+sOVe+2+2wFUnDLyybz7sfwAAAJigkf3/997+f//JW29+4+dufvnQK/vlw/4HAACACRrZ///o7f/tFznpJy990WF/OXvglf3zYf8DAADABI3s/3/29v8OF2630U//udE8zxt45YB82P8AAAAwQSP7/+ne/t+xOeEHG3zt2TcWA698Mh/2PwAAAEzQyP5/prf/PzD3UYcvtPpqJ5848MqB+bD/AQAAYIJG9v+zvf2/03fevcsf33Xiw8sOvPKpfNj/AAAAMEH/8f6fZZbe/t/5rgcOu+GAbeb8wsArn86H/Q8AAAATNLL/i97+/+CWr/jIi+6++p3HDLxyUD7sfwAAAJigkf1f9vb/hzZ43ia7v372n6w88Mpn8mH/AwAAwASN7P+qt/8//Ph13//Mb5644pMDrxycD/sfAAAAJmhk/9e9/b/Lax675hvtSi970cArn82H/Q8AAAATNLL/m97+3/Xzr1525/cf/YmVBl45JB/2PwAAAEzQyP5ve/v/I0fNMcfKP9n8a18deOVz+bD/AQAAYIJG9n/X2/+7vfiKh35x8qU3LTjwyufzYf8DAADABI3s/xm9/b/7Oz5QzbFP/erzBl75Qj7sfwAAAJigkf0/a2//7/HQ6Xc//YLTtj594JUv5sP+BwAAgAka2f/P6e3/jz55xEWnXr7TAXMMvHJoPux/AAAAmKCR/f/c3v7/2JobvnjL68/8y8sGXjksH/Y/AAAATNDI/p+tt//3vOvwKy+afdd5PjfwypfyYf8DAADABI3s/9l7+3+vLd/+8hU+eOcbvzbwyuH5sP8BAABggkb2/xy9/b/3Bh96zvbfX/Tk1QZe+XI+7H8AAACYoJH9P2dv/+/z+Cl/+MrpBz581sArX8mH/Q8AAAATNLL/5+rt/48f+c6vv2KXNeeca+CVr+bD/gcAAIAJGtn/c/f2/yeWOe7jd8710Du7gVeOyIf9z/+HvT+Pvnr8/75/XtuUeciUqQglUxKZp8yShAzJPMucIUOmRHyKovQhM2XKFB8ypEKhCBkzRRmKEEqKfuu31uE6j/M69voe1/e8zvNaxx+321qtnr3Xez/W/vf+3u/dBgAAoECZ/l8x6v/Lthly5PXjNxlxf52VgeHQ/wAAAFCgTP+vFPV/j6uOGXlhiw/GrVNn5dZ/vv//7LMFAAAA/ldk+r9h1P+XnzJwkZFzVm3+Yp2VQeHQ/wAAAFCgTP+vHPX/Fe91+Ga/gc9d+lCdlX+HQ/8DAABAgTL9v0rU/1eOPW3savteePsSdVZuC4f+BwAAgAJl+n/VqP+vuvTR9WccMu39q+us3B4O/Q8AAAAFyvT/alH/X91guTc27d10yw3qrAwOh/4HAACAAmX6f/Wo/3s+9Xqzz6b3PrplnZU7wqH/AQAAoECZ/m8U9f81Q35tcN1W+17Rv87KneHQ/wAAAFCgTP+vEfV/r7Vaz+g+dvure9RZuSsc+h8AAAAKlOn/NaP+v3bknIW+XOOvEz6rs3J3OPQ/AAAAFCjT/2tF/X/doi2/Wuniji3fqLNyTzj0PwAAABQo0/9rR/3fe4Wlxuw5pN/Ek+us3BsO/Q8AAAAFyvT/OlH/X//whCbDRyw3aGqdlfvCof8BAACgQJn+bxz1/w3fDD5h9olvXbhHnZX7w6H/AQAAoECZ/m8S9f+/Oh/Ra9HFjt64Q52VB8Kh/wEAAKBAmf5fN+r/Pnsd80CHT+6e8GudlSHh0P8AAABQoEz/rxf1f99ZQ9res8PhI/euszI0HPofAAAACpTp/6ZR/9+4ec82I6bc1mVGnZUHw6H/AQAAoECZ/l8/6v+beu/2yd5XtF5yfp2Vh8Kh/wEAAKBAmf7fIOr/fndcNG+tI3+b0aXOysPh0P8AAABQoEz/bxj1f/+mI1efufMp97xbZ+WRcOh/AAAAKFCm/5tF/X/zAWvNbnH70N3OqrPyaDj0PwAAABQo0//No/6/Zfrkhh/NX2zVk+qsDAuH/gcAAIACZfp/o6j/B/w9pfUNjcfOfrXOymPh0P8AAABQoEz/t4j6f2DbDT/ssdWaV39VZ+XxcOh/AAAAKFCm/zeO+v/Wb6ZtP236ZyfsXGfliXDofwAAAChQpv83ifp/UOf1Pl+l97ktO9VZeTIc+h8AAAAKlOn/TaP+//deqy/Y9ZAnJ/5eZ+WpcOh/AAAAKFCm/zeL+v+2WV+s9cS+mw26qM7K8HDofwAAAChQpv83j/r/9ps2Pq3BwJkXTq6z8nQ49D8AAAAUKNP/LaP+H9xi+nV/ztl54/F1Vp4Jh/4HAACAAmX6f4uo/+/YaeLQYS2umHBGnZX/hEP/AwAAQIEy/d8q6v87e66yz5Hju4+cVGfl2XDofwAAAChQpv+3jPr/rmt+X32X5Z/vcn6dlefCof8BAACgQJn+bx31/93bt5r35FkrL3lMnZUR4dD/AAAAUKBM/28V9f89zRp88s0jk2aMqbPyfDj0PwAAABQo0/9bR/1/b7+326z8xN73tK+z8kI49D8AAAAUKNP/baL+v++brh9O7Hrtbj/WWXkxHPofAAAACpTp/22i/r+/88Ot11tmg1X/rLPyUjj0PwAAABQo0//bRv3/wF43NbzgnW9nH1pnZWQ49D8AAAAUKNP/20X9P2RWp9lXT2966nt1Vl4Oh/4HAACAAmX6f/uo/4cecMtaa2817fqz66yMCof+BwAAgAJl+n+HqP8fnN5xwY+H7PvFiXVWRodD/wMAAECBMv2/Y9T/D/19yufP9e694yt1VsaEQ/8DAABAgTL9v1PU/w+3fWz7fQauesFedVb++ZmA/gcAAIACZfp/56j/HznoubXm7/vBgOl1Vl4Nh/4HAACAAmX6f5eo/x+d2WPBci0uHP1XnZXXwqH/AQAAoECZ/t816v9hf+7++RFznlvvqDorY8Oh/wEAAKBAmf7fLer/x3a+avuhy+/aYVqdlXHh0P8AAABQoEz/t436//Er79758fFXPb5nnZXXw6H/AQAAoECZ/t896v8n2px0z26PbDL1gDorb4RD/wMAAECBMv2/R9T/T2585FWrnvXDorPqrLwZDv0PAAAABcr0/55R/z814LZjpnY9e7/L6qyMD4f+BwAAgAJl+n+vqP+Hf7VNnyZPPP7op3VWJoRD/wMAAECBMv2/d9T/Tx+64PR331l77pt1Vt4Kh/4HAACAAmX6f5+o/5/Z79V21yzzxWqn1Fl5Oxz6HwAAAAqU6f99o/7/z+zaY93WWOTU/eusTAyH/gcAAIACZfp/v6j/nz1oVNufxr56/Q91Vt4Jh/4HAACAAmX6v13U/8/NXPyBNYec9sW8OivvhkP/AwAAQIEy/b9/1P8j/tyh114XP7TjYXVW3guH/gcAAIACZfq/fdT/z+8874TnT9z6gvfrrEwKh/4HAACAAmX6/4Co/19Yb4mVaiNmD7igzso/PxPQ/wAAAFCgTP93iPr/xUFv/fLzJ4eOPrrOygfh0P8AAABQoEz/Hxj1/0v/+m3ifYsNWm90nZUPw6H/AQAAoECZ/u8Y9f/IrbfYotOUYztcWGflo3DofwAAAChQpv8Pivr/5dPX3aba4d7HP6mz8nE49D8AAAAUKNP/B0f9P+qDqZN/OXKZqRPqrPzzMwH9DwAAAAXK9P8hUf+PHv35n/dfMX7RM+usTA6H/gcAAIACZfq/U9T/Yy5cbbVDbu+w39d1Vj4Nh/4HAACAAmX6/9Co/19ZesSc/jvf+OgudVY+C4f+BwAAgAJl+v+wqP9ffeaSlY9uvOPcQ+qsfB4O/Q8AAAAFyvT/4VH/v3bPHltuOX/Bar/VWfkiHPofAAAACpTp/yOi/h+72uUfjF3m2rVWq7PyZTj0PwAAABQo0/+do/4fN2LXHY58Z+/5I+qsTAmH/gcAAIACZfr/yKj/X1/o6i+GPfHt0EfrrHwVDv0PAAAABcr0f5eo/99o+NLff3bdYO/l6qz885mA+h8AAAAKlOn/o6L+f3PYhWs2OOv5ha6qszI1HPofAAAACpTp/6Oj/h//dbND932k+5QmdVamhUP/AwAAQIEy/X9M1P8TDps54tnxk57eqs7KN+HQ/wAAAFCgTP8fG/X/W+0m3fbD8isfdHOdlW/Dof8BAACgQJn+Py7q/7fnrHjROnNmbrBpnZXvwqH/AQAAoECZ/j8+6v+JrTdfdPEWm429oc7K9+HQ/wAAAFCgTP+fEPX/O31nf/vbvlf0v63OyvRw6H8AAAAoUKb/T4z6/93bxr9218Cdz9mmzsqMcOh/AAAAKFCm/0+K+v+9Jks27dj7s+2errPyQzj0PwAAABQo0/8nR/0/6eChbw44ZM1PVq2z8mM49D8AAAAUKNP/p0T9//5PZzQ/Yasn+9RbmRkO/Q8AAAAFyvT/qVH/fzDvoCVaTj/3zHvqrPwUDv0PAAAABcr0/2lR/3+4S7/po+cPXatnnZWfw6H/AQAAoECZ/j896v+Pvj5g4UMbnzJ/wzorv4RD/wMAAECBMv3fNer/jw8b8PXDO48dunmdlVnh0P8AAABQoEz/nxH1/yftHhm94PbF9u5XZ+XXcOh/AAAAKFCm/8+M+n/ynFMbL33FbQutXWflt3DofwAAAChQpv/Pivr/05sHHTL8yMOnvFBn5fdw6H8AAAAoUKb/z476/7PLjxq+5w6/Pf1wnZXZ4dD/AAAAUKBM/58T9f/n255wy0pTWh/UoM7KnHDofwAAAChQpv/Pjfr/i8vvveDLxd7a4Kk6K3+EQ/8DAABAgTL9f17U/19etXPT+Z8sN3aFOitzw6H/AQAAoECZ/u8W9f+Uba55bbkRd/dfrM7Kn+HQ/wAAAFCgTP+fH/X/V5u88O0RJx59zn11VuaFQ/8DAABAgTL9f0HU/18P7L7o0Iv/2q5ZnZX54dD/AAAAUKBM/18Y9f/Urz+a3nXI9p/0rrPyVzj0PwAAABQo0/8XRf0/7bC1l7hjbL8+g+us/B0O/Q8AAAAFyvR/96j/v2nXtPkba3Q8c6c6KwvCof8BAACgQJn+vzjq/2/nfPXmNudNGXFEulL9c+h/AAAAKFCm/y+J+v+7gxs3vndo4yPmpitV+B79DwAAACXK9P+lUf9//9M3ow8Y12e5melK9c8vAOh/AAAAKFCm/y+L+n/6vE+/XqRh+5n7pStVLRz6HwAAAAqU6f8eUf/P2KXRwnMavDvk5XSlWiQc+h8AAAAKlOn/y6P+/2HG5TMefH+lPY5NV6pFw6H/AQAAoECZ/r8i6v8fO+zR4PCnX1yxW7pSLRYO/Q8AAAAFyvT/lVH/z9z9kmbLnnLJrx+mK9Xi4dD/AAAAUKBM/18V9f9PC0a88VefXld0TVeqfx6v/wEAAKBAmf6/Our/n3e49ZlpB+5x9NvpStUgHPofAAAACpTp/55R///Sq8tBq2zx3ZYfpSvVkuHQ/wAAAFCgTP9fE/X/rP7Hd9t1ZvP3u6cr1VLh0P8AAABQoEz/94r6/9fm9wx84tfht89OV6qlw6H/AQAAoECZ/r826v/fjlzowvM263bpQelKtUw49D8AAAAUKNP/10X9//u3r/27V/vJzXdLV6plw6H/AQAAoECZ/u8d9f/sX+c//17/RuOmpCvVcuHQ/wAAAFCgTP9fH/X/nL23Paxxz1EjXktXquXDof8BAACgQJn+vyHq/z9m/PHkiMMWOuL4dKVaIRz6HwAAAAqU6f9/Rf0/t8OOB+y9zbDlzk1XqhXDof8BAACgQJn+7xP1/5+7L3L2WtPOnPlOulL90/36HwAAAAqU6f++Uf/PWzC6/8w/Zg05Ml2pGoZD/wMAAECBMv1/Y9T/829vOe2Qpq32WJCuVCuHQ/8DAABAgTL9f1PU/39tMGfx+9sOXvG7dKVaJRz6HwAAAAqU6f9+Uf//vcWEDX65tfOv+6Qr1arh0P8AAABQoEz/94/6f8G1S71S9Rhyxc/pSrVaOPQ/AAAAFCjT/zf/j/6vFpp6yjKn3Xvi0QemK9Xq4dD/AAAAUKBM/98S9f/CXR776dYx47bcPV2pGoVD/wMAAECBMv0/IOr/ap9b3hq/ToP3v01XqjXCof8BAACgQJn+Hxj1f+3njhvvVN18+2npSrVmOPQ/AAAAFCjT/7dG/b/I1b+M+fPzgy99PV2p1gqH/gcAAIACZfp/UNT/i+64dZMGL81r/nm6Uq0dDv0PAAAABcr0/7+j/l9so2UWOvLYbcddkq5U64RD/wMAAECBMv1/W9T/i9/45lfD+rebcGO6Uv3zGP0PAAAABcr0/+1R/y+xRYMGW7a/YeMt0pWqSTj0PwAAABQo0/+Do/5vcO3bM8Zutu6F66cr1brh0P8AAABQoEz/3xH1/5K3//5G/1+/HtQrXaleDwP6HwAAAAqU6f87o/5faoNWzY6eednEpdKVqmk49D8AAAAUKNP/d0X9v/Rpx52+7hYjWz6YrlT/vCdA/wMAAECBMv1/d9T/y7xzf593DlzhhJfSlWqDcOh/AAAAKFCm/++J+n/ZV+98rGefiVevma5UG4ZD/wMAAECBMv1/b9T/y/U4rN35p7SY/UC6UjULh/4HAACAAmX6/76o/5d/8eKWZzw9fdVF0pWqeTj+i/5v8L/pGQMAAAD/XZn+vz/q/xUWf/G9we+33a1O41cbhcPr/wAAAFCghVdZ+P/2lf+p/x+I+n/FlXrNer1Bz3ueSFeqFuHQ/wAAAFCgzOv/Q6L+X+nBXZbftuFqM3ZIV6qNw6H/AQAAoECZ/h8a9X/Dz75esGDcx0vema5Um4RD/wMAAECBMv3/YNT/K5+0/lpLD72gy7XpSrVpOPQ/AAAAFCjT/w9F/b/Kuetsf+h5z4zcKF2pNguH/gcAAIACZfr/4aj/V339488fPrbrhGXSlWrzcOh/AAAAKFCm/x+J+n+109Zo3fKlRzZ+LF2pWoZD/wMAAECBMv3/aNT/q7/z2YejP68ufDZdqbYIh/4HAACAAmX6f1jU/41e/Xb2gGrMoEbpStUqHPofAAAACpTp/8ei/l+jR5OGJ6zTZeKAdKXaMhz6HwAAAAqU6f/Ho/5fc813j/1szJ0tt0xXqtbh0P8AAABQoEz/PxH1/1oPNLx803tbnrBeulJtFQ79DwAAAAXK9P+TUf+v/eSmd3fv8fPVV6Qr1dbh0P8AAABQoEz/PxX1/zpLfLfbdbcuNXu7dKVqEw79DwAAAAXK9P/wqP8bL7XU8re0fWPVQelKtU049D8AAAAUKNP/T0f93+SJCbNObHr8bn3SlWrbcOh/AAAAKFCm/5+J+n/d++e8t8Uf99+zcbpS/fOeAP0PAAAABcr0/3+i/l9vnZYtR01rM+OudKXaPhz6HwAAAAqU6f9no/5velr/zxfZZu6SVbpS7RAO/Q8AAAAFyvT/c1H/r//OwdvPOaxTl5XTlWrHcOh/AAAAKFCm/0dE/b/Bq2eudW/PASP/k65UO4VD/wMAAECBMv3/fNT/G/Z4cMEBLx283vbpSrVzOPQ/AAAAFCjT/y9E/d/ss9MavnHszaPvSFeqXcKh/wEAAKBAmf5/Mer/5ic9OnubatsB16Ur1a7h0P8AAABQoEz/vxT1/0bnDvyw6+fzLmiRrlS7hUP/AwAAQIEy/T8y6v8Wr3dofceYE3cckq5UbcOh/wEAAKBAmf5/Oer/jT/es2GzdYZ8sWi6Uu0eDv0PAAAABcr0/6io/zc57orZk3s0uH7FdKXaIxz6HwAAAAqU6f/RUf9vesHzH/a9d9ypj6cr1Z7h0P8AAABQoEz/j4n6f7MJl7a+pG2r1ZZMV6q9wqH/AQAAoECZ/n8l6v/Nlztq7+NvnTV3aLpS7R0O/Q8AAAAFyvT/q1H/t3x60MMD/+j86Mh0pdonHPofAAAACpTp/9ei/t/i7nt7j2k6eL+10pVq33DofwAAAChQpv/HRv3fao0TTt58m4UWvSldqfYLh/4HAACAAmX6f1zU/1ueObbX79NGTW2VrlTtwqH/AQAAoECZ/n896v/W7y98wmI9z3y8abpS7R8O/Q8AAAAFyvT/G1H/bzVqu7YHHjaswzXpStU+HPofAAAACpTp/zej/t/64r8euLt9t/XuTleqA8Kh/wEAAKBAmf4fH/V/m493ardd/+Gja+lK1SEc+h8AAAAKlOn/CVH/b3Pc3MfG/dpoQMN0pTowHPofAAAACpTp/7ei/t/2gjF9bt9s8gXPpCtVx3DofwAAAChQpv/fjvp/uwmLnn7mFnvsuG26Uh0UDv0PAAAABcr0/8So/7cfNrvRhzN7fXFrulIdHA79DwAAAAXK9P87Uf/v0HDzP5r2aX5933SlOiQc+h8AAAAKlOn/d6P+33GhJT8+68DvTt0kXak6hUP/AwAAQIEy/f9e1P87jRi/3VVPr7TawHSlOjQc+h8AAAAKlOn/SVH/7zzl080/OOXdua3TleqwcOh/AAAAKFCm/9+P+n+XIxq9u36DSx5dN12pDg+H/gcAAIACZfr/g6j/d23f+Nez339xv8vTleqIcOh/AAAAKFCm/z+M+n+3379Z4cpxjRddOl2pOodD/wMAAECBMv3/UdT/ba9o+/eeDadMHZauVEeGQ/8DAABAgTL9/3HU/7tvd+Waw89r//hz6UrVJRz6HwAAAAqU6f9Pov7fY7Nnd/hyaJ8Oa6Qr1VHh0P8AAABQoEz/T476f89bLvtipcPmHjQnXamODof+BwAAgAJl+v/TqP/32vqFLa/r2ebpg9OV6phw6H8AAAAoUKb/P4v6f+9/df+g+7QBU3ZNV6pjw6H/AQAAoECZ/v886v99Bu08Z9NtOi30ZbpSHRcO/Q8AAAAFyvT/F1H/77veNSt/1vSNvU9PV6rjw6H/AQAAoECZ/v8y6v/9zvigw51/LDX0rXSlOiEc+h8AAAAKlOn/KVH/t5u0/FOn33r//I/TlerEcOh/AAAAKFCm/7+K+n//lzfq16bt8WtdnK5UJ4VD/wMAAECBMv3/ddT/7bv/cNab99555qh0pTo5HPofAAAACpTp/6lR/x/w7FtLv9ejS5/j0pXqlHDofwAAAChQpv+nRf3foVpiZuN1fv7kvHSlOjUc+h8AAAAKlOn/b6L+P3CVLd4+b0zL7T5IV6rTwqH/AQAAoECZ/v826v+Oj/y2Sa/PHznn8HSlOj0c+h8AAAAKlOn/76L+P+ijQ0bvWnXt/0e6UnUNh/4HAACAAmX6//uo/w8+9sbGTxw7ZuxP6Up1Rjj0PwAAABQo0//To/4/5PyHFp72UrVBu3SlOjMc+h8AAAAKlOn/GVH/dxp/+terDP34oFPTleqscOh/AAAAKFCm/3+I+v/QM4YtccN5qz09Ll2pzg6H/gcAAIACZfr/x6j/D5t08vQeDZ+Z8kW6Up0TDv0PAAAABcr0/8yo/w9/+cA3W4y7YKFL05Xq3HDofwAAAChQpv9/ivr/iO43N//o/el7/5KuVOeFQ/8DAABAgTL9/3PU/51XP+mooxu0GNoxXam6hUP/AwAAQIEy/f9L1P9H3nv3i/1P6Tm/bbpSnR8O/Q8AAAAFyvT/rKj/u/znttvHPt12rW/SleqCcOh/AAAAKFCm/3+N+v+oZY68bMsDR57ZOV2pLgyH/gcAAIACZfr/t6j/j172pU2a9bmsz9/pSnVROPQ/AAAAFCjT/79H/X/M8Avfnjxz4iffpytV93DofwAAAChQpv9nR/1/7F27zuy7xQrb7fs/L1T//z8Xh3/ofwAAAChQpv/nRP1/XKOrl75ksxvOGZuuVJeEQ/8DAABAgTL9/0fU/8efscHXz/3arv8J6Up1aTj0PwAAABQo0/9zo/4/YdKXC+/T/+ux56Qr1WXh0P8AAABQoEz//xn1/4kvf9J47fbrbjAxXal6hEP/AwAAQIEy/T8v6v+Tuq85+sepx/99fLpSXR4O/Q8AAAAFyvT//Kj/T/7o8+YXtLl/ndfSleqKcOh/AAAAKFCm//+K+v+UY1d78+pDl9r3nXSlujIc+h8AAAAKlOn/v6P+P/X8dadPvPqNh85NV6qrwqH/AQAAoECZ/l8Q9f9p46cusd6gTl8vSFeqq8Oh/wEAAKBA/3X/L7xQ1P+nX7fxQbfvPqA6Ml2peoZD/wMAAECBMv2/cNT/XVtNf+bM9dscsk+6Ul0TDv0PAAAABcr0fxX1/xkbThy43dy5//kuXal6hUP/AwAAQIEy/V+L+v/Mwat0G7d29eqB6Up1bTj0PwAAABQo0/+LRP1/1lFbNpg4ekzTn9OV6rpw6H8AAAAoUKb/F436/+xps2asd0/Xs75NV6re4dD/AAAAUKBM/y8W9f85v4x744LLHrlp93Sluj4c+h8AAAAKlOn/xaP+P3ffZZtdfVzLj15PV6obwqH/AQAAoECZ/l8i6v/zdnpk7C4jf97mtHSl+lc49D8AAAAUKNP/DaL+79bz1PWf/KJL10vSlapPOPQ/AAAAFCjT/0tG/X/+TQcs8k3tzhs+T1eqvuHQ/wAAAFCgTP8vFfX/BS0GfLPyym3/npuuVDeGQ/8DAABAgTL9v3TU/xded9AyfV/vuc4R6Up1Uzj0PwAAABQo0//LRP1/Uat+P13yYIt990tXqn7h0P8AAABQoEz/Lxv1f/cNh77VrNv0h2amK1X/cOh/AAAAKFCm/5eL+v/iwWdsPPnkC74+Nl2pbg6H/gcAAIACZfp/+aj/L/l78OHHDX+mejldqW4Jh/4HAACAAmX6f4Wo/y9te8SzN05a7ZAP05VqQDj0PwAAABQo0/8rRv1/2QHHDHpliY//0y1dqQaGQ/8DAABAgTL9v1LU/z2mD7l465/WffXtdKW6NRz6HwAAAAqU6f+GUf9fvlCHl39u9XXTrulKNSgc+h8AAAAKlOn/laP+v2LEwHVrHdud1T1dqf4dDv0PAAAABcr0/ypR/1857NFap7433PRRulLdFg79DwAAAAXK9P+qUf9f1fC0Kff1W+Gjg9KV6vZw6H8AAAAoUKb/V4v6/+qjX1/2mP0nbjO7zszg8Lf+BwAAgAJl+n/1qP97frLcD/02vazrlHSluiMc+h8AAAAKlOn/RlH/X/NW6wmvzRp5w27pSnVnOPQ/AAAAFCjT/2tE/d/rvF83a10bd91j6Up1Vzj0PwAAABQo0/9rRv1/7QctX3nsiwYnL5OuVHeHQ/8DAABAgTL9v1bU/9edPmeDziOHbN8oXanuCYf+BwAAgAJl+n/tqP97Xzhh8SWOO/GzZ9OV6t5w6H8AAAAoUKb/14n6//rRS02bd9m8m7dMV6r7wqH/AQAAoECZ/m8c9f8NfY+4+7l7tu02IF2p7g+H/gcAAIACZfq/SdT//2o9eLd9Rt/c5Ip0pXogHPofAAAACpTp/3Wj/u/TZMixa6998MvrpSvVkHDofwAAAChQpv/Xi/q/723HXP7j3GFPDkpXqqHh0P8AAABQoEz/N436/8bDdpv/+/pndtwuXakeDIf+BwAAgAJl+n/9qP9v+rrn2ovtPmrxjdOV6qFw6H8AAAAoUKb/N4j6v9+ckTsdOGihb/qkK9XD4dD/AAAAUKBM/28Y9X//dhd9dvfVgx+r0pXqkXDofwAAAChQpv+bRf1/8zaTtzj+0M7735WuVI+GQ/8DAABAgTL93zzq/1uuWmviwDazGv0nXamGhUP/AwAAQIEy/b9R1P8DBm74y5ipreatnK5Uj4VD/wMAAECBMv3fIur/gZtMWWnzWd9dt0W6Uj0eDv0PAAAABcr0/8ZR/9/ad70/Htq0+ck3pivVE+HQ/wAAAFCgTP9vEvX/oNbTGh22f6/te6Ur1ZPh0P8AAABQoEz/bxr1/7+bfLHdMv32+Gz9dKV6Khz6HwAAAAqU6f/Nov6/7bbVP/677+SbH0xXquHh0P8AAABQoEz/bx71/+1/TH9sj46Nui2VrlRPh0P/AwAAQIEy/d8y6v/Bu27c7ulWw5usma5Uz4RD/wMAAECBMv2/RdT/dxyyyulTfur28kvpSvWfcOh/AAAAKFCm/1tF/X/nDxP7rLhEnycXSVeqZ8Oh/wEAAKBAmf7fMur/u35q9dmyk9p3fCBdqZ4Lh/4HAACAAmX6v3XU/3cf/PtOfw2fsvgT6Uo1Ihz6HwAAAAqU6f+tov6/Z5e3137w5Mbf1Gn86vlw6H8AAAAoUKb/t476/955DeYf3u3Fx+5MV6oXwqH/AQAAoECZ/m8T9f99fR9e6c4HL9l/h3SlejEc+h8AAAAKlOn/baL+v791119Of/3dRhulK9U/nwmo/wEAAKBAmf7fNur/B5p0mthm5ZXmXZuuVCPDof8BAACgQJn+3y7q/yG33bTFm5tOPKmWrlQvh0P/AwAAQIEy/b991P9Dt+n4cYdZK1xzd7pSjQqH/gcAAIACZfp/h6j/H7zqlu3u6Tfy3WfSlWp0OPQ/AAAAFCjT/ztG/f/QwMcazd7/slYN05VqTDj0PwAAABQo0/87Rf3/8Can/LFox6+735quVK+EQ/8DAABAgTL9v3PU/4/s0OPjp/que9u26Ur1ajj0PwAAABQo0/+7RP3/aK/nttv5pxve3iRdqV4Lh/4HAACAAmX6f9eo/4f1v6pRw1btNu2brlRjw6H/AQAAoECZ/t8t6v/Hmu/+x7eTnuncOl2pxoVD/wMAAECBMv3fNur/x2ecdPWCJS54cWC6Ur0eDv0PAAAABcr0/+5R/z/R4e4Tlz754+8vT1eqN8Kh/wEAAKBAmf7fI+r/J3e/bc9Dh6+2xLrpSvVmOPQ/AAAAFCjT/3tG/f/UgiPvf/jBnrsMS1eq8eHQ/wAAAFCgTP/vFfX/8OsX7HNGt7Z3LZ2uVBPCof8BAACgQJn+3zvq/6dbbjN08MrTf1sjXaneCof+BwAAgAJl+n+fqP+fWb923euvt1j5uXSlejsc+h8AAAAKlOn/faP+/8+dr5627Rc/n3RHulJNDIf+BwAAgAJl+n+/qP+f3WHxy++qtbxm+3Sleicc+h8AAAAKlOn/dlH/P9dr1LEdj7vz3RbpSvVuOPQ/AAAAFCjT//tH/T+i/7zdFh/ZpdV16Ur1Xjj0PwAAABQo0//to/5/vvkOd/92z5jui6Yr1aRw6H8AAAAoUKb/D4j6/4V93vpwv8uq24akK9X74dD/AAAAUKBM/3eI+v/Fn5doPXLtR95+PF2pPgiH/gcAAIACZfr/wKj/X5q6RcMZo7tuumK6Un0YDv0PAAAABcr0f8eo/0d2+W32ausP6Dw0Xak+Cof+BwAAgAJl+v+gqP9fXnTqX+3mdnpxyXSl+jgc+h8AAAAKlOn/g6P+HzVy3XVeGjT3+7XSleqTcOh/AAAAKFCm/w+J+n/0w6vtOH33NkuMTFeqyeHQ/wAAAFCgTP93ivp/zAqff7r6offv0ipdqT4Nh/4HAACAAmX6/9Co/1854ZJWn159/F03pSvVZ+HQ/wAAAFCgTP8fFvX/q1+MeGezqW/8dk26Un0eDv0PAAAABcr0/+FR/7/25uU/X9xmqZWbpivVF+HQ/wAAAFCgTP8fEfX/2LP3WPHa1y9Zfly6Un0ZDv0PAAAABcr0f+eo/8e9d/XcFVd+8ZdT05VqSjj0PwAAABQo0/9HRv3/+im7rjGl20r3X5quVF+FQ/8DAABAgTL93yXq/zcuvXDbpx98t+0X6Ur1dTj0PwAAABQo0/9HRf3/5tiXPtpjePtlOqYr1dRw6H8AAAAoUKb/j476f3zvmbcvcnKfH35JV6pp4dD/AAAAUKBM/x8T9f+EzZtdNmeJxs9+k65U/3xN/wMAAECBMv1/bNT/bzVd8ah7J005rG26Un0bjmz/f3j0nS2W3PO2Zv/vnzkAAADw/1Sm/4+L+v/tOya9eECrRi3+Tleq78Lh9X8AAAAoUKb/j4/6f2Ln2aP2+mnyG53Tler7cOh/AAAAKFCm/0+I+v+dbzZf7/m+3e7YN12ppodD/wMAAECBMv1/YtT/785asvqp4/Ae36cr1Yxw6H8AAAAoUKb/T4r6/729xn+55v7NtzohXal+CIf+BwAAgAJl+v/kqP8nbX/Gch/3++7DselK9WM49D8AAAAUKNP/p0T9//41Q3/caNYeV01MV6qZ4dD/AAAAUKBM/58a9f8H/fqNv2zTXseek65UP4VD/wMAAECBMv1/WtT/HzY7aNN/tem8/MHpSvVzOFZq8H/4+QIAAAD/fZn+Pz3q/496D3h11amDf5mTrlS/hMPr/wAAAFCgTP93jfr/480P2HDq1a3u/zJdqWaFQ/8DAABAgTL9f0bU/580PXWxxw+d1XbXdKX6NRz6HwAAAAqU6f8zo/6ffMcjU3fb/cxl3kpXqt/Cof8BAACgQJn+Pyvq/0//OqrfvEHDfjg9Xal+D4f+BwAAgAJl+v/sqP8/23PQWUvMXejZi9OVanY49D8AAAAUKNP/50T9/3nHezt0Xn/UYR+nK9U/nwmg/wEAAKBAmf4/N+r/L74/4anHRm/b4rh0pfojHPofAAAACpTp//Oi/v9y+jVfPrX2vDdGpSvV3HDofwAAAChQpv+7Rf0/5YCdq50vO/iOD9KV6s9w6H8AAAAoUKb/z4/6/6u23ddreM/NPc5LV6p54dD/AAAAUKBM/18Q9f/Xf78w6tuRDbb6I12p5odD/wMAAECBMv1/YdT/U3uvvem6x4378PB0pforHPofAAAACpTp/4ui/p+2+Ufj36mdeFW7dKX6Oxz6HwAAAAqU6f/uUf9/0/SrH3t+MeTYn9KVakE49D8AAAAUKNP/F0f9/+0dTZc7f+t2L81IV2r/HPofAAAACpTp/0ui/v9u+2+m/jDjhqP2Tldq4Xv0PwAAAJQo0/+XRv3//TWNF1vn+nWX6pKu1Kpw6H8AAAAoUKb/L4v6f3q/Rhvu2+nr6fPTldo/bwDQ/wAAAFCgTP/3iPp/RrNPX312n8vuPStdqS0SDv0PAAAABcr0/+VR//9w5R6bfTNg5K7vpiu1RcOh/wEAAKBAmf6/Iur/H9tcPmHl2Sus8mq6UlssHPofAAAACpTp/yuj/p+58Ygfdtlo4pyT0pXa4uHQ/wAAAFCgTP9fFfX/TwMuWfbJCS16fpau1P55vP4HAACAAmX6/+qo/38+qMs5D60w/fge6UqtQTj0PwAAABQo0/89o/7/ZeatNx52dtvNT05XakuGQ/8DAABAgTL9f03U/7P+vOeJZR7t+c4b6UptqXDofwAAAChQpv97Rf3/687Hd/z78dVu3SNdqS0dDv0PAAAABcr0/7VR//+25WsvbHf6xxdNTVdqy4RD/wMAAECBMv1/XdT/v/dZqMu4pS/Y5Nd0pbZsOPQ/AAAAFCjT/72j/p/972173D7xmfEd0pXacuHQ/wAAAFCgTP9fH/X/nMbzB5/5WteXzk9XasuHQ/8DAABAgTL9f0PU/39cueP5vzd65KhJ6UpthXDofwAAAChQpv//FfX/3DZ/3LxY92qpMelKbcVw6H8AAAAoUKb/+0T9/+fGo58+8IEx049JV2r/dL/+BwAAgAJl+r9v1P/zBizS6e7nu9z7Y7pSaxgO/Q8AAAAFyvT/jVH/z/99TpPVT7pz1/bpSm3lcOh/AAAAKFCm/2+K+v+v9i3HTF+85SqHpiu1VcKh/wEAAKBAmf7vF/X/30cs9dVLk3+e82e6Uls1HPofAAAACpTp//5R/y+YMmGhdtsv1XPndKW2Wjj0PwAAABQo0/83/4/+ry308kknb/blG8d/la7UVg+H/gcAAIACZfr/lqj/F+5+d+9PLz9+89/TlVqjcOh/AAAAKFCm/wdE/V+dcdvD13a+/51O6UptjXDofwAAAChQpv8HRv1fm3Tk3hfv0ubWyelKbc1w6H8AAAAoUKb/b436f5G7Fjzw0uC5F12UrtTWCof+BwAAgAJl+n9Q1P+LNtqmbbu/Om1yRrpSWzsc+h8AAAAKlOn/f0f9v9iytRNWbzJg/Ph0pbZOOPQ/AAAAFCjT/7dF/b/48Fd7TZ845fXG6cr/9Rj9DwAAAAXK9P/tUf8vscrip5+1dONmV6YrtSbh0P8AAABQoEz/D476v8Ejo/pcdXqfS25JV2rrhkP/AwAAQIEy/X9H1P9LPjvvsQ8fbz9463Sltl449D8AAAAUKNP/d0b9v1S1Q7umj7476fl0pdY0HPofAAAACpTp/7ui/l+6fdcGJ569UuvV05Xa+uHQ/wAAAFCgTP/fHfX/Mr8/POOWFV48Ztl0pbZBOPQ/AAAAFCjT//dE/b/slJveGDXhkssfSVdqG4ZD/wMAAECBMv1/b9T/yx3RqdkWG/WatUq6UmsWDv0PAAAABcr0/31R/y8/qNtBG83eY6Xh6UqteTj0PwAAABQo0//3R/2/wnpPPfPxgO/2vDddqW0UDv0PAAAABcr0/wNR/6+49XUD/7VP8wcWTldqLcKh/wEAAKBAmf4fEvX/Sv9q3+2yTsN/+le6Uts4HPofAAAACpTp/6FR/zec++O/n7++27KbpSu1TcKh/wEAAKBAmf5/MOr/lXdrceFeMyYf3iZdqW0aDv0PAAAABcr0/0NR/6/SaYXD1ty60fP/Tldq//xOgP4HAACAAmX6/+Go/1f98cPnf2oy6vUX05Xa5uHQ/wAAAFCgTP8/EvX/au1XPqDbXws1WyddqbUMh/4HAACAAmX6/9Go/1f//b0nrxk87JIl0pXaFuHQ/wAAAFCgTP8Pi/q/0ZTv+7+7y5mDH0pXaq3Cof8BAACgQJn+fyzq/zWO2OzsJp1nTdogXaltGQ79DwAAAAXK9P/jUf+v2ebTxQdd3qr11elKrXU49D8AAAAUKNP/T0T9v9aVjaad+uXgY/qnK7WtwqH/AQAAoECZ/n8y6v+1BzR+ZcftO1/eMl2pbR0O/Q8AAAAFyvT/U1H/r7PxNxtMmDxk1vXpSq1NOPQ/AAAAFCjT/8Oj/m+82aLd3ln8xJWapyu1bcKh/wEAAKBAmf5/Our/JreMGbjuSeP23DFdqW0bDv0PAAAABcr0/zNR/697xdxnzn++wQO3pyu17cKh/wEAAKBAmf7/T9T/622300E9H7j5p+XTldr24dD/AAAAUKBM/z8b9X/T9oOf37n7wcs+ma7UdgiH/gcAAIACZfr/uaj/1//9iMOeajTv8PvTldo//yeA/gcAAIACZfp/RNT/G0w55sJvX9v2+cXTldpO4dD/AAAAUKBM/z8f9f+GRwz5d8O/5m54Q7pS2zkc+h8AAAAKlOn/F6L+bzb3hLP7NGnz2qbpSm2XcOh/AAAAKFCm/1+M+r/5bvf2v3SXAf22SVdqu4ZD/wMAAECBMv3/UtT/G3Ua9GTzwZ3OvS1dqe0WDv0PAAAABcr0/8io/1v8eNTcBQsWbLtqulJrGw79DwAAAAXK9P/LUf9v/NfeZ5/eeanJT6crtd3Dof8BAACgQJn+HxX1/yZ79u1/5/b3970nXantEQ79DwAAAAXK9P/oqP837fj0k29+efwZdVZqe4ZD/wMAAECBMv0/Jur/zb4/94A2i9+55oh0pbZXOPQ/AAAAFCjT/69E/b95iw4bN57c5a/V0pXa3uHQ/wAAAFCgTP+/GvV/y5sGvvXe8z8/uFy6UtsnHPofAAAACpTp/9ei/t+i56M/9Tqp5V6Ppiu1fcOh/wEAAKBAmf4fG/V/q51OW+a87o8s3CRdqe0XDv0PAAAABcr0/7io/7fc9/Wvnnig65dXpSu1duHQ/wAAAFCgTP+/HvV/61+WW2jX18YMvzldqe0fDv0PAAAABcr0/xtR/281rXWTVRpVB2+VrtTah0P/AwAAQIEy/f9m1P9bH/XrmGlLf7zhCulK7YBw6H8AAAAoUKb/x0f93+avls16TFzttafSlVqHcOh/AAAAKFCm/ydE/b/NnnPeuOHxZ/rdl67UDgyH/gcAAIACZfr/raj/t+04YcZHp19w7mLpSq1jOPQ/AAAAFCjT/29H/b/d90s1aHH29G17pyu1g8Kh/wEAAKBAmf6fGPX/9r3/6NH/0RaTm6UrtYPDof8BAACgQJn+fyfq/x0233Hw0RN69t0pXakdEg79DwAAAAVK+r+2UNz/70b9v2PTRV7YcoW2ZwxOV2qdwqH/AQAAoECZ1//fi/p/pztGdxk7e+SaG6YrtUPDof8BAACgQJn+nxT1/86vvntwv40u+6tnulI7LBz6HwAAAAqU6f/3o/7fpUfD/xyzz8QH+6UrtcPDof8BAACgQJn+/yDq/11P23RA6wEr7LV5ulI7Ihz6HwAAAAqU6f8Po/7f7Z3vznvt+hsWfiFdqXUOh/4HAACAAmX6/6Oo/9vev89ttU7tvlw7XakdGQ79DwAAAAXK9P/HUf/vvs4NF/289dfDG6QrtS7h0P8AAABQoEz/fxL1/x5LPXPofTPWPfjhdKV2VDj0PwAAABQo0/+To/7f84mzRnRqdPABe6YrtaPDof8BAACgQJn+/zTq/71WerLDhNdufmJaulI7Jhz6HwAAAAqU6f/Pov7f+8HzntrxgW2nzUpXaseGQ/8DAABAgTL9/3nU//u8uH+/U7vPW+SAdKV2XDj0PwAAABQo0/9fRP2/7+LXnjXopBPbfZqu1I4Ph/4HAACAAmX6/8uo//fb56MtJz8/5JHL0pXaCeH4L/u/w/+epwwAAAD8N2X6f0rU/+1+XvuDZpMb/HFKulI7MRxe/wcAAIACZfr/q6j/95/adM4li49b/c10pXZSOPQ/AAAAFCjT/19H/d++y1cr9/2y1Wlnpyu1k8Oh/wEAAKBAmf6fGvX/Abe/fMrA7Wf1fi9dqf3zngD9DwAAAAXK9P+0qP87bLDY9cd37vz5K+lK7dRw6H8AAAAoUKb/v4n6/8Attn9o88sH73RiulI7LRz6HwAAAAqU6f9vo/7veO2fe40ZvND509OV2unh0P8AAABQoEz/fxf1/0HzDx2y2C6jBu6VrtS6hkP/AwAAQIEy/f991P8H73HH7r83OXPMUelK7Yxw6H8AAAAoUKb/p0f9f8iB9x1/91/D1v0rXamdGQ79DwAAAAXK9P+MqP87fXfsNQfO6HbAJ+lK7axw6H8AAAAoUKb/f4j6/9B97uo6buvhT1yYrtTODof+BwAAgAJl+v/HqP8P+/nEvtt1ajTtzHSldk449D8AAAAUKNP/M6P+P3xq52FnXj95kQnpSu3ccOh/AAAAKFCm/3+K+v+ILv/e7/YBe7TbJV2pnRcO/Q8AAAAFyvT/z1H/d97hlG2b7tPrka/TlVq3cOh/AAAAKFCm/3+J+v/IXo999OFGzf/4LV2pnR8O/Q8AAAAFyvT/rKj/u/S/Ze5Vs79b/ZB0pXZBOPQ/AAAAFCjT/79G/X9U845rnLXCSqf9kK7U/vlMQP0PAAAABcr0/29R/x+90eN7nT7h3d77pyu1i8Kh/wEAAKBAmf7/Per/Y248/6E7H73k88PSlVr3cOh/AAAAKFCm/2dH/X/s1ftd/+bZL+40L12pXRwO/Q8AAAAFyvT/nKj/j9ux9yltTm98/gXpSu2ScOh/AAAAKFCm//+I+v/4fZpd89fjUwa+n67ULg2H/gcAAIACZfp/btT/J/w88/hlJ7YfMzpdqV0WDv0PAAAABcr0/59R/584ddLuhy/dZ92j05Vaj/8PnioAAADwvyjT//Oi/j+py4pDHhwy7s9J6Urt8nB4/R8AAAAKlOn/+VH/nzx/4n6tLm6wxvnpSu2KcOh/AAAAKFCm//+K+v+UPVYZ9vIaQ9ofk67UrgyH/gcAAIACZfr/76j/Tz1w4743jz1x2Jh0pXZVOPQ/AAAAFCjT/wui/j/tu+ldT/pk3rft05Xa1eHQ/wAAAFCg/7r/q4Wi/j996OzDj1hs28V+TFdqPcOh/wEAAKBAmf5fOOr/ritu/uzQE28+8M90pXZNOPQ/AAAAFCjT/1XU/2cstuSg+SMOfurQdKXWKxz6HwAAAAqU6f9a1P9nvjD+4uWOHDbqq3Sldm049D8AAAAUKNP/i0T9f9ZlMxdf9YozG++crtSuC4f+BwAAgAJl+n/RqP/PfqXZtKlTRp3XKV2p9Q6H/gcAAIACZfp/saj/z5m44iuP77DQLb+nK7Xrw6H/AQAAoECZ/l886v9zT520wW6NB396UbpSuyEc+h8AAAAKlOn/JaL+P2/t81+/Zn7nHSanK7V/hUP/AwAAQIEy/d8g6v9u9z3eotvts04Zn67U+oRD/wMAAECBMv2/ZNT/5z/ee8kmO7e69ox0pdY3HPofAAAACpTp/6Wi/r9gyf2+e/eQ7/7cO12p3RgO/Q8AAAAFyvT/0lH/Xzi0T22v3s3XmJGu1G4Kh/4HAACAAmX6f5mo/y9aca8pz0/v1X5+ulLrFw79DwAAAAXK9P+yUf93X+ycl3/aao9hXdKVWv9w6H8AAAAoUKb/l4v6/+IXhq+7ZovJ376brtRuDof+BwAAgAJl+n/5qP8v+WLPg+6b02ixs9KV2i3h0P8AAABQoEz/rxD1/6UnXPFMp4HDDzwpXakNCIf+BwAAgAJl+n/FqP8vO/v5gbV9uz31arpSGxgO/Q8AAAAFyvT/SlH/93jz0m4/P9JnVI90pXZrOPQ/AAAAFCjT/w2j/r+8yfVvbX1W+8afpSu1QeHQ/wAA/P/Yu9Oorcf+7/u0//aIQpQhZM5YmTOERKZMGct8limZIiRExmRKxpQhkciQmUjmDBkjcxnKEEKIkO51rbW1rm3d2/86t3Xd636wPXi9Hn3X0bF/1vH0fexHvx2AAmX6v3nU/wOG7bHBi0t90ee1dKV2Uzj0PwAAABQo0//LRv1//lVnNBk8adXrjk1XasPCof8BAACgQJn+Xy7q/ws2e/CnHu+M/3R6ulIbHg79DwAAAAXK9P/yUf9fuP0yC41qcvY2O6UrtZvDof8BAACgQJn+XyHq/4v+fv/L/U94t2eXdKV2Szj0PwAAABQo0/8tov6/+KefXlj4wWUG/pqu1G4Nh/4HAACAAmX6f8Wo/y/Zf93VZnc48opV0pXabeHQ/wAAAFCgTP+vFPX/wD++f+3Y4XcePz5dqY0Ih/4HAACAAmX6f+Wo/y/do/U6w/5ZfIt70pXa7eHQ/wAAAFCgTP+3jPp/ULflGr216msfLZqu1EaGQ/8DAABAgTL9v0rU/5d99c737bc5cPCF6UrtjnDofwAAAChQpv9Xjfr/8vsHPND/i+t7t0pXaneGQ/8DAABAgTL9v1rU/1c023mPKwZssdZG6UptVDj0PwAAABQo0/+rR/1/5ULnHP/RoXNfvCZdqd0VDv0PAAAABcr0/xpR/1817qkr1xvX4LF105Xa6HDofwAAACjQf+v///XFqP8H9x06e+OjXzjwsnSldnc49D8AAAAUKPP+/1pR/1/9/OFLPdfwhNrwdKV2Tzj0PwAAABQo0/+tov4fMuWoja77+N4vt01XamPCof8BAACgQJn+Xzvq/2uOHzn56IkbjXkoXandGw79DwAAAAXK9P86Uf9fu/zC7Ueu+PNuS6UrtfvCof8BAACgQJn+Xzfq/+tunzh177MOa7lIulK7Pxz6HwAAAAqU6f/1ov6//rF586u7bp1/Z7pSeyAc+h8AAAAKlOn/9aP+v6Hx1iv/8eCOV5yfrtTGhkP/AwAAQIEy/b9B1P833j93zgknXHT8qulK7cFw6H8AAAAoUKb/W0f9P7TZds1uabL+Fu3SldqCzwTQ/wAAAFCgTP+3ifr/poXqm732zsyPrktXag+HQ/8DAABAgTL93zbq/2HjXvhgy0lnDF4hXak9Eg79DwAAAAXK9P+GUf8P/2jDEQOWeqz3U+lK7dFw6H8AAAAoUKb/N4r6/+Yec3Y45eTl17o3Xak9Fg79DwAAAAXK9P/GUf/fcsak7q3u/ejFJdKV2uPh0P8AAABQoEz/bxL1/61vLHbe+51Xf+yRdKX2RDj0PwAAABQo0/+bRv1/25vfTX71hq8OXDZdqT0ZDv0PAAAABcr0/2ZR/4/o03ajrf7Yo7ZwulIbFw79DwAAAAXK9P/mUf/ffkTzpU5c//IvR6YrtQWfCaD/AQAAoECZ/m8X9f/IjyfPvnnzpmPapiu1p8Oh/wEAAKBAmf7fIur/O+7vvXLXmW/vdkW6UhsfDv0PAAAABcr0/5ZR/9/Z7PH5Ywb1b3lTulJ7Jhz6HwAAAAqU6f+tov4ftdAVU+cfMGH+FulKbUI49D8AAAAUKNP/W0f9f9e4zu0bn3B2j4fTldqz4dD/AAAAUKBM/7eP+n/08pd+cP2D489vmq7UnguH/gcAAIACZfp/m6j/7759r82OemeZKQ3Tldrz4dD/AAAAUKBM/28b9f89j53WbKMm77a7I12pvRAO/Q8AAAAFyvT/dlH/j2n88Jznl9qr/zrpSu3FcOh/AAAAKFCm/ztE/X/vSnd+0GfSlbcOSldqL4VD/wMAAECBMv2/fdT/943qsdkl9676+s3pSu3lcOh/AAAAKFCm/ztG/X//Q92aTT75i/W2S1dqE8Oh/wEAAKBAmf7fIer/Bxa9dc6qN7ToelG6UnslHPofAAAACpTp/x2j/h/72vhBW3T+5Mm105Xaq+HQ/wAAAFCgTP93ivr/wZPPOvb19U/7ccN0pfZaOPQ/AAAAFCjT/ztF/f/QkdvveusfjzQeEv37gte8Hg79DwAAAAXK9P/OUf8/PPWSMcfPXLdTy3SlNikc+h8AAAAKlOn/XaL+f+SetXa8e/Nv73g6Xam9EQ79DwAAAAXK9P+uUf8/utRXow46YKefx6QrtTfDof8BAACgQJn+3y3q/8eqjy5ZYtAlTRulK7W3wqH/AQAAoECZ/u8c9f/jz6xy1Lzhh/Rok67U3g6H/gcAAIACZfp/96j/n1jpsyuP6XDz+ZenK7V3wqH/AQAAoECZ/t8j6v8nR614/LWrbjJlWLpSezcc+h8AAAAKlOn/PaP+H/fQans8+8/sdlumK7XJ4dD/AAAAUKBM/+8V9f9Ti37zwCZfnNT/0XSl9l449D8AAAAUKNP/e0f9/3SvZh9dts39ty6XrtTeD4f+BwAAgAJl+r9L1P/j33l3676HLvT6/7BSmxIO/Q8AAAAFyvT/PlH/P/PSty02GPDcerenK7UPwqH/AQAAoECZ/t836v8J57b5c9rRW3VdPl2pfRgO/Q8AAAAFyvT/flH/P7vmtr8OGvf3k+PSldpH4dD/AAAAUKBM/+8f9f9zt/zZ9MyP9//xvnSl9nE49D8AAAAUKNP/B0T9//yg5zds3fDaxkumK7VPwqH/AQAAoECZ/j8w6v8XNqzenbpio04XpCu1T8Oh/wEAAKBAmf7vGvX/izuO2mbFia/csVq6UvssHPofAAAACpTp/25R/7/07xHTvr3r6J83T1dqU8Oh/wEAAKBAmf4/KOr/l2ce9O/TZ93V9Np0pTYtHPofAAAACpTp/4Oj/p+49/CV9hr0drO+6Urt83DofwAAAChQpv8Pifr/ldmH/fH+AU1//zhdqX0RDv0PAAAABcr0/6FR/7+6y43NW20+YcQb6Urty3DofwAAAChQpv8Pi/r/tUNu3/SUmf07nJSu1L4Kh/4HAACAAmX6//Co/1//+sgpA/74qtFX6Uptejj0PwAAABQo0/9HRP0/acymQ15Yf/Vvt09XajPCof8BAACgQJn+/0/U/280nX3yhp0vf/qAdKX2dTj0PwAAABQo0//do/5/s/5KlyNv2OPQ39KV2jfh0P8AAABQoEz/94j6/60JSzx8w8mPtd0zXal9Gw79DwAAAAXK9P+RUf+/fc4Gb1117xlv/pCu1L4Lh/4HAACAAmX6/6io/9+ZOLP12ZM+uunvdKU2Mxz6HwAAAAqU6f+jo/5/d/LbjddZavmzuqUrte/Dof8BAACgQJn+Pybq/8k9l531SZOLNn4/Xakt+D8B+h8AAAAKlOn/Y6P+f2/lRxZu+c6Ok89IV2o/hkP/AwAAQIEy/d8z6v/37zrlqx8fnHnJEelKbVY49D8AAAAUKNP/x0X9P+XhXZ5/8oT1j34+Xan9FA79DwAAAAXK9H+vqP8/aHTlqrud9XOzGelK7edw6H8AAAAoUKb/j4/6/8Mxu7/+9l0b/b5zulL7JRz6HwAAAAqU6f8Tov7/qOmgddeYeOuIvdOV2uxw6H8AAAAoUKb/T4z6/+P62EXPWPGwDrPTldqv4dD/AAAAUKBM/58U9f8nE06feWHDFxr1T1dqv4VD/wMAAECBMv1/ctT/n3560fD2Hzf49tN0pfZ7OPQ/AAAAFCjT/72j/v/s6B36vzXu3qdfT1dqc8Kh/wEAAKBAmf4/Jer/qaecefiwo084tGe6UvsjHPofAAAACpTp/1Oj/p/2yoTxxw64vu3kdKX2Zzj0PwAAABQo0/99ov7//PVDZvU59MA3e6crtbnh0P8AAABQoEz/nxb1/xe9b2p8yTZzbzo6Xan9FQ79DwAAAAXK9P/pUf9/edRtrSd/scVZL6Yrtb/Dof8BAACgQJn+PyPq/6+mHf3Wqv/cufEu6Urtn3DofwAAAChQpv/7Rv0/fcyLq85Y9cjJM9OV2rxw6H8AAAAoUKb/z4z6f0bTBs8v2+G1S+alK7V/w6H/AQAAoECZ/u8X9f/X9S2+6jh88aMPT1dq88Oh/wEAAKBAmf4/K+r/byb8u/CDf874YLF0pVpw6H8AAAAoUKb/z476/9uV289cf801Nx+drlThe/Q/AAAAlCjT/+dE/f/dXX8t+uGOg7pPSFeqBuHQ/wAAAFCgTP/3j/p/5sPPrnv5jZ0vWDldqWrh0P8AAABQoEz/nxv1//eNGr5+7kVTXrs6XakWPABA/wMAAECBMv1/XtT/P4wcvtpq3ZZbf5N0paqHQ/8DAABAgTL9PyDq/x9XOOiFd7d88tw105WqYTj0PwAAABQo0//nR/0/q8kRX148o+8tF6cr1SLh0P8AAABQoEz/XxD1/0+Pj1rotAYX/NA+XakWvF7/AwAAQIEy/X9h1P8/n3bh2SdM7djklnSlahQO/Q8AAAAFyvT/RVH///JWx1tueeaHbpemK9Vi4dD/AAAAUKBM/18c9f/sT/pOeK176yfWT1eqxcOh/wEAAKBAmf6/JOr/X//zzKFbnjv2l7vSlapxOPQ/AAAAFCjT/wOj/v+t+UoP/TOy91L1dKVqEg79DwAAAAXK9P+lUf///sDHey/5wrQdl05XqiXCof8BAACgQJn+HxT1/5ynPu998Cot7xybrlRLhkP/AwAAQIEy/X9Z1P9/LNzqmtGNXvrghnSlWioc+h8AAAAKlOn/y6P+/3Pk9L4bv19tvlm6UjUNh/4HAACAAmX6/4qo/+eusPpNzz16T/fV05VqwTMB9D8AAAAUKNP/V0b9/1eT5Z+6rmevC85LV6oF3a//AQAAoECZ/r8q6v+/H5/a7eg+c15rnK5UzcKh/wEAAKBAmf4fHPX/P++1bjt1dLv1709Xqubh0P8AAABQoEz/Xx31/7wTv3+j9StDz30yXamWDYf+BwAAgAJl+n9I1P//9nvnhzObdb1lxXSlWi4c+h8AAAAKlOn/a6L+n//scksM+nXkDyPSlWr5cOh/AAAAKFCm/6/93/1fLdRu+kW/t+3epJauVCuEQ/8DAABAgTL9f13U/wtfsfoxDfea1K1ZulK1CIf+BwAAgAJl+v/6qP8bDF1+p32uafLEY+lKteCZAPofAAAACpTp/xui/q+tMfWOEVcO/mWrdKVaKRz6HwAAAAqU6f8bo/6vDjy785H7dFnqxnSlWjkc+h8AAAAKlOn/oVH/138cd/cNG8/f8ap0pWoZDv0PAAAABcr0/01R/zece97AF2Zte2frdKVaJRz6HwAAAAqU6f9hUf8vssNOx224yq63PZeuVAteo/8BAACgQJn+Hx71/6JfXDjgnhcGbt8jXalWC4f+BwAAgAJl+v/mqP8bHdyxR7eRrZr3SVeq1cOh/wEAAKBAmf6/Jer/xfbq27HJud/8NiVdqdYIh/4HAACAAmX6/9ao/xf//Znb/u3eb/xB6Uq1Zjj0PwAAABQo0/+3Rf3f+IlZ059+5qlD/kxXqrXCof8BAACgQJn+HxH1f5MG6zTca2rzRX9KV6pW4dD/AAAAUKBM/98e9f8Syy699ooN3vtuj3SlWjsc+h8AAAAKlOn/kVH/L3nvey99O6PtsD/SlWqdcOh/AAAAKFCm/++I+n+pE+c8+fOWs/rtn65U64ZD/wMAAECBMv1/Z9T/Td/b8OBatw5tOqYr1Xrh0P8AAABQoEz/j4r6f+lnF+t34EUD3vo8XanWD4f+BwAAgAJl+v+uqP+X6TfpxjtuXOni49OVaoNw6H8AAAAoUKb/R0f932yJE8/4z46fHfNmulK1Dof+BwAAgAJl+v/uqP+bPzL6uiFrnrrJR+lK1SYc+h8AAAAKlOn/e6L+X/a2IY+8/OdD756VrlRtw6H/AQAAoECZ/h8T9f9yLfY7YLNZPW87JF2pNgyH/gcAAIACZfr/3qj/l3/i+vEPbDx6+3/TlWqjcOh/AAAAKFCm/++L+n+FBnsffsg+DZt/l65UG4dD/wMAAECBMv1/f9T/LZY9rv+iV078rXO6Um0SDv0PAAAABcr0/wNR/694773D/77moPET05Vq03DofwAAAChQpv/HRv2/0luHz9xhr2GHHJWuVJuFQ/8DAABAgTL9/2DU/yufNnTRsW03W/SUdKXaPBz6HwAAAAqU6f+Hov5v+Z+R607/9bfv3k5Xqnbh0P8AAABQoEz/Pxz1/yqfHPX6cs2WHHZculJtEQ79DwAAAAXK9P8jUf+v+uHFNy7+ypv9XklXqi3Dof8BAACgQJn+fzTq/9W6d+j35+gj2kxLV6qtwqH/AQAAoECZ/n8s6v/VT+938L19Rrx1TrpSbR0O/Q8AAAAFyvT/41H/rzHp6ScP79n+4l/Slap9OPQ/AAAAFCjT/09E/b/mEy0PuOnRecfsm65U24RD/wMAAECBMv3/ZNT/azX48JGe7++7yY7pSrVtOPQ/AAAAFCjT/+Oi/m+17JfXbdNoyLtfpyvVduHQ/wAAAFCgTP8/FfX/2veuecabG3fZ84R0peoQDv0PAAAABcr0/9NR/6+zxNfD95s1+IG30pVq+3DofwAAAChQpv/HR/2/7iOr9r/rym3//jBdqTqGQ/8DAABAgTL9/0zU/+vd1uLwX/eZ36JfulLtEA79DwAAAAXK9P+EqP/Xb/Hp+IX26r7vnHSlWvCZAPofAAAACpTp/2ej/t9gsdeGP3bNyIf2S1eqTuHQ/wAAAFCgTP8/F/V/67GN+3f6tcnXO6Qr1U7h0P8AAABQoEz/Px/1f5s7Nj+8adtJi3yRrlQ7h0P/AwAAQIEy/f9C1P9tW/48/stX2p12cLpS7RIO/Q8AAAAFyvT/i1H/b/jpu8/91WzOtXPTlWrXcOh/AAAAKFCm/1+K+n+jpg+t0ahP12dnpSvVbuHQ/wAAAFCgTP+/HPX/xqe0aXDo6KGr7Z6uVJ3Dof8BAACgQJn+nxj1/yavfPv5/Y9Wxz6brlQLfieg/wEAAKBAmf5/Jer/TZ/ebclePV+6tHu6Uu0RDv0PAAAABcr0/6tR/2/W8PIfb2zU67PT0pVqz3DofwAAAChQpv9fi/p/86UfmzTp/Xvaf5CuVHuFQ/8DAABAgTL9/3rU/+1Gn9xmuxd67/lzulLtHQ79DwAAAAXK9P+kqP+3WOyhl+5cZewD+6QrVZdw6H8AAAAoUKb/34j6f8uxfdY+4NyWf3dKV6oFvxPQ/wAAAFCgTP+/GfX/Vnfs2bDByGktvklXqn3Dof8BAACgQJn+fyvq/61bDpz+yzMd9+2VrlT7hUP/AwAAQIEy/f921P/tzzlryK7dL3jo1XSl2j8c+h8AAAAKlOn/d6L+32bi+JPHNWj99dR0pTogHPofAAAACpTp/3ej/t928iVdZk39YZGz05XqwHDofwAAAChQpv8nR/2/Xc/tH155y+VOezldqbqGQ/8DAABAgTL9/17U/x027vLELjOmXHtkulJ1C4f+BwAAgAJl+v/9qP+3H3jDQU9d1PfZU9OV6qBw6H8AAAAoUKb/p0T933H4fWf91O3J1d5JV6qDw/F/2f+1/y8/MgAAAPB/KdP/H0T9v0OrXkNX2nHNYw9NV6pDwuH9fwAAAChQpv8/jPp/x31ePf2jG2dcOj9dqRb8TkD/AwAAQIEy/f9R1P+dvl3y2vX+7PzZt+lKdVg49D8AAAAUKNP/H0f9v9M/mz3af81B7XdLV6rDw6H/AQAAoECZ/v8k6v+dd/r1wCven7flqHSlOiIc+h8AAAAKlOn/T6P+32X6Rk8v16j9h1W6Uv0nHPofAAAACpTp/8+i/t/1sD8Om95zyOX/Q+NX3cOh/wEAAKBAmf6fGvX/bru9ce7YR/c94cF0peoRDv0PAAAABcr0/7So/zv/vPjNO4x+c81t0pXqyHDofwAAAChQpv8/j/p/9/EHf7RwnyVfujVdqY4Kh/4HAACAAmX6/4uo//dY5OatZzcbcfXAdKU6Ohz6HwAAAAqU6f8vo/7fc5m7Wox65YiT10tXqmPCof8BAACgQJn+/yrq/73u/s+f+7cd1mBwulIdGw79DwAAAAXK9P/0qP/37rXDhXv8etBXG6crVc9w6H8AAAAoUKb/Z0T93+Wdi45+5prfHl8rXamOC4f+BwAAgAJl+v/rqP/3eWnCzjP32uyAS9KVqlc49D8AAAAUKNP/30T9v++5Z965wj6jV1k8XamOD4f+BwAAgAJl+v/bqP/3W/yT3T69sue/dy+08Hn/r5XqhHDofwAAAChQpv+/i/p//wdXHt121sR7nklXqhPDof8BAACgQJn+nxn1/wF3rn3pWRs37LxSulKdFA79DwAAAAXK9P/3Uf8fuMoXvQau+dmWW6cr1cnh0P8AAABQoEz//xD1f9fxa5y39J8rfTg0Xal6h0P/AwAAQIEy/f9j1P/dFpnR/YsbH7r8ynSlOiUc+h8AAAAKlOn/WVH/H7TMtB0e3fHUEzZIV6pTw6H/AQAAoECZ/v8p6v+D715hxE7dZq15W7pS9QmH/gcAAIACZfr/56j/D3lt5gf/XtT2pQbpSnVaOPQ/AAAAFCjT/79E/X/oyRts1mTGgKubpyvV6eHQ/wAAAFCgTP/Pjvr/sCOXbdZtyw4nP56uVGeEQ/8DAABAgTL9/2vU/4dPfXvOPVOfatAkXan6hkP/AwAAQIEy/f9b1P9HfLbJnY816PfVA+lKdWY49D8AAAAUKNP/v0f9/59jft+5U/f3Hn8iXan6hUP/AwAAQIEy/T8n6v/up751dNNnmh/QIl2pzgqH/gcAAIACZfr/j6j/e7za6MIvRw5c5fp0pTo7HPofAAAACpTp/z+j/j9y/Jhea5+767+bpivVOeHQ/wAAAFCgTP/Pjfr/qEVOuPS9Vb65Z410peofDv0PAAAABcr0/19R/x+9zIGjz3uhVecB6Up1bjj0PwAAABQo0/9/R/1/zN1X73bqsUdcs1m6Up0XDv0PAAAABcr0/z9R/x+7+L4jvntkxCk3pCvVgr8J0P8AAABQoEz/z4v6v+eD1+3Q4r0lW52XrlTnh0P/AwAAQIEy/f9v1P/H3flA9z0XfXPi6ulKdUE49D8AAAAUKNP/86P+77VKz/PGN9/3yvvTlerCcOh/AAAAKNB/7//aQlH/H3/QiE8bvDrkpMbpSnVROPQ/AAAAFCjT/wtH/X/C58ds+8vd7bdeMV2pLg6H/gcAAIACZfq/QdT/J/526Cp3njbv4yfTleqScOh/AAAAKFCm/2tR/5+057B5BwxpOLqWrlQDw6H/AQAAoECZ/q+i/j/58icH7LnnxF1HpCvVpeHQ/wAAAFCgTP/Xo/7vvfm5Pca36bnyY+lKNSgc+h8AAAAKlOn/hlH/n7J6p47fzR79T7N0pbosHPofAAAACpTp/0Wi/j/1xgtua/HTZo/emK5Ul4dD/wMAAECBMv2/aNT/fX5Yba9pm/y231bpSnVFOPQ/AAAAFCjT/42i/j/tgG/u22DfgxZqna5UV4ZD/wMAAECBMv2/WNT/p3f87PK+Vw374qp0pVrwNf0PAAAABcr0/+JR/5/x54onXja0wzWj05VqcDj0PwAAABQo0/+No/7ve9BHFzXtNOCUxdKV6upw6H8AAAAoUKb/m0T9f+bnqxzz5VptW62crlRDwqH/AQAAoECZ/l8i6v9+v62102NzZ02ckK5U14RD/wMAAECBMv2/ZNT/Z+351R2dpp965SbpSnVtOPQ/AAAAFCjT/0tF/X9266XenbfFQyddna5U14VD/wMAAECBMv3fNOr/c26YsuESXVfa+uJ0pbo+HPofAAAACpTp/6Wj/u9/wQ9ND7rws4/XTFeqG8Kh/wEAAKBAmf5fJur/c7dc79e7e7QafUu6Ut0YDv0PAAAABcr0f7Oo/8+b/OkuJ074Ztf26Uo1NBz6HwAAAAqU6f/mUf8P6Nninpun7bry+ulKdVM49D8AAAAUKNP/y0b9f/45q172am3gP5emK9WwcOh/AAAAKFCm/5eL+v+CiV/33Kpl80fr6Uo1PBz6HwAAAAqU6f/lo/6/8OEdL57//Hv73ZWuVDeHQ/8DAABAgTL9v0LU/xc1Ov/Ixrf3W2hsulIt+EwA/Q8AAAAFyvR/i6j/L175iU5d+z/1xdLpSnVrOPQ/AAAAFCjT/ytG/X/JXf3vGnPVpOn/pivVbeHQ/wAAAFCgTP+vFPX/wPrTu2+0b5P6IelKNSIc+h8AAAAKlOn/laP+v3RCv/uf32Rkl87pSnV7OPQ/AAAAFCjT/y2j/h80psNV1//Ufex36Uo1Mhz6HwAAAAqU6f9Vov6/rOnFJxw1e/7co9KV6o5w6H8AAAAoUKb/V436//JDpqy7dpttl5+YrlR3hkP/AwAAQIEy/b9a1P9XfL3U6+/tOXj3t9OValQ49D8AAAAUKNP/q0f9f+Xs9WaeN6TLfaekK9Vd4dD/AAAAUKBM/68R9f9Vu/yw6Kmn3TPtlXSlGh0O/Q8AAAAFyvT/mlH/Dx70Zp9ed/fa9rh0pbo7HPofAAAACpTp/7Wi/r96w0Wvv/HVl447J12p7gmH/gcAAIACZfq/VdT/Q9bc+PFJzavLpqUr1Zhw6H8AAAAoUKb/1476/5pbftt/u0WHPr9vulLdGw79DwAAAAXK9P86Uf9fO/OAcX+913WNX9KV6r5w6H8AAAAoUKb/1436/7q9B3dt9MicM75OV6r7w6H/AQAAoECZ/l8v6v/rd7znzEOPbXf9julK9UA49D8AAAAUKNP/60f9f8O/xw+7v/8P03ukK9XYcOh/AAAAKFCm/zeI+v/GQ+4/edPbW9efS1eqB8Oh/wEAAKBAmf5vHfX/0K+PHTLx+Qu6TElXqofCof8BAACgQJn+bxP1/02z93n4mpYdx/ZJV6qHw6H/AQAAoECZ/m8b9f+wXa7tckRt2tw/05XqkXDofwAAAChQpv83jPp/+PrHrP3htJbLH5SuVI+GQ/8DAABAgTL9v1HU/zdfPeKl9SeM3X2PdKV6LBz6HwAAAAqU6f+No/6/5aJh08/t0fu+n9KV6vFw6H8AAAAoUKb/N4n6/9btDm14+YWDpu2frlRPhEP/AwAAQIEy/b9p1P+3tX9m/8FdO2/7R7pSPRkO/Q8AAAAFyvT/ZlH/j7i47+M9tphx3OfpSjUuHPofAAAACpTp/82j/r99SMfr201f87KO6Ur1VDj0PwAAABQo0//tov4fuc6FfV6c++Tzb6Yr1dPh0P8AAABQoEz/bxH1/x2HtBq28Fp91zg+XanGh0P/AwAAQIEy/b9l1P93fv35mbM7TTnjrHSleiYc+h8AAAAKlOn/raL+HzX7466jhi53/UfpSjUhHPofAAAACpTp/62j/r9rl5XG7X/7e4vtk65Uz4ZD/wMAAECBMv3fPur/0TOndnmrf/Pvf05XqufCof8BAACgQJn+3ybq/7v3Xv7h9i2fmvBNulI9Hw79DwAAAAXK9P+2Uf/fs+PqQ459vt9hndKV6oVw6H8AAAAoUKb/t4v6f8y/008eNu2b5V5NV6oXw6H/AQAAoECZ/u8Q9f+9s2Z3aV1rNadXulK9FA79DwAAAAXK9P/2Uf/ft9+mD0/tMfD2s9OV6uVw6H8AAAAoUKb/O0b9f3+HJYYMmrDrDlPTlWpiOPQ/AAAAFCjT/ztE/f/AX6+cfGbXhzY6Ml2pXgmH/gcAAIACZfp/x6j/x24xs/F/Ljz17ZfTlWrLthN2aHtSm6b6HwAAAAqU6f9OUf8/eP4Gs4ZM/+zCd9KV6rVw6H8AAAAoUKb/d4r6/6Hrl33r5S1WOurUdKV6PRz6HwAAAAqU6f+do/5/eIO3W2+21oAN5qcr1aRw6H8AAAAoUKb/d4n6/5Gupzz/89wObxyarlRvhEP/AwAAQIEy/b9r1P+PfvnIqrWhs4bulq5Ub4ZD/wMAAECBMv2/W9T/j825cuEDO7Xt+226Ur0VDv0PAAAABcr0f+eo/x/ffZev7tj3t8XeSleqt8Oh/wEAAKBAmf7fPer/J2YNWnTbqzb7/oR0pVrwmYD6HwAAAAqU6f89ov5/cr/dZ77x07AJ/dKV6t1w6H8AAAAoUKb/94z6f1yH018fuslBh32YrlSTw6H/AQAAoECZ/t8r6v+n/hq77nFtJi63X7pSvRcO/Q8AAAAFyvT/3lH/Pz10h8Pfnd1wzpx0pXo/HPofAAAACpTp/y5R/49f46Lxqw0ZffsX6Uo1JRz6HwAAAAqU6f99ov5/pt2E4aft2XOHHdKV6oNw6H8AAAAoUKb/9436f8IVZ/a/+O4hG81NV6oFzwTU/wAAAFCgTP/vF/X/s1N6njb5tH3fPjhdqT4Kh/4HAACAAmX6f/+o/587/oEbVm0+78Ld05Xq43DofwAAAChQpv8PiPr/+b7XPdbn1fZHzUpXqk/Cof8BAACgQJn+PzDq/xee33e/S94bsUH3dKX6NBz6HwAAAAqU6f+uUf+/+NgvT3Vc9Ig3nk1Xqs/Cof8BAACgQJn+7xb1/0uN23V78Ng3h36QrlRTw6H/AQAAoECZ/j8o6v+Xl2/Sd8YjS/Y9LV2ppoVD/wMAAECBMv1/cNT/E29//aZlO/U9Z2i6Un0eDv0PAAAABcr0/yFR/7+yUKPelw99cvjW6Ur1RTj0PwAAABQo0/+HRv3/6ri3rjl37nKvbJCuVF+GQ/8DAABAgTL9f1jU/6/d//tD6681Zd0r05Xqq3DofwAAAChQpv8Pj/r/9Wab7P3hFp2PaJCuVNPDof8BAACgQGn/L+j9/6V2RNT/k7r1aHbT9EEDbktXqhnh0P8AAABQoIWXXaH+8v/5/f//RP3/xld3zul54ZrvP56uVF+HQ/8DAABAgTJ//9896v83/7j1g226zti0ebpSfRMO/Q8AAAAFyvR/j6j/39qj22ZvTmi50wPpSvVtOPQ/AAAAFCjT/0dG/f/2VWftOqXHtLuapCvVd+HQ/wAAAFCgTP8fFfX/O5uNH7NWrfevLdKVamY49D8AAAAUKNP/R0f9/+5qlwzqPW3s0k+kK9X34dD/AAAAUKD/1v/zawstFPX/5GHbH3v+860P3jRdqX4Ih/4HAACAAmXe/z826v/3fvrqkp1b/jDu+nSl+jEc+h8AAAAKlOn/nlH/v7//Wkc90r/jrAHpSjUrHPofAAAACpTp/+Oi/p+y/So7fn77BUuuka5UP4VD/wMAAECBMv3fK+r/D/7+aNQyj3Q9p0pXqp/Dof8BAACgQJn+Pz7q/w+7rbjHpccOHT4qXal+CYf+BwAAgAJl+v+EqP8/+uqzB/ot2u6VB9OVanY49D8AAAAUKNP/J0b9//Ef31zZ5r056/4PjV/9Gg79DwAAAAXK9P9JUf9/ssdqx3/2aq8jbk1Xqt/Cof8BAACgQJn+Pznq/0/bvNviqOb3DNgmXal+D4f+BwAAgAJl+r931P+fXdvsz+tPq95fL12p5oRD/wMAAECBMv1/StT/U89r89Hzd7+06cB0pfojHPofAAAACpTp/1Oj/p+21bdbb7TntjttnK5Uf4ZD/wMAAECBMv3fJ+r/z7dc/NjWQ+bfNThdqeaGQ/8DAABAgTL9f1rU/19c8MagqbO7/HpJulL9FQ79DwAAAAXK9P/pUf9/ecMfYwa1Gbz0WulK9Xc49D8AAAAUKNP/Z0T9/1XrjXY9c5MmB9+drlT/hEP/AwAAQIEy/d836v/p3a4Z9fRPk8Ytnq5U88Kh/wEAAKBAmf4/M+r/GV/tv+NeV3WftVK6Uv0bDv0PAAAABcr0f7+o/7/+46SjVtx35JLPpCvV/HDofwAAAChQpv/Pivr/mz3uvuTbp3adPC5dqS849D8AAAAUKNP/Z0f9/+1PvY4/5ZiBGy+frtTD9+h/AAAAKFGm/8+J+v+7/e+7csAirY5eMl2pNwiH/gcAAIACZfq/f9T/M7e/4YH3P/nmkvvSlXotHPofAAAACpTp/3Oj/v/+7y57tHq535urpSv1Khz6HwAAAAqU6f/zov7/ocvrd/Vt8VTbC9KV+oIHAOp/AAAAKFCm/wdE/f/j9006Xdav+VnXpiv1huHQ/wAAAFCgTP+fH/X/rPntjpw26r2bNk9X6ouEQ/8DAABAgTL9f0HU/z91+uXiDbZv++3l6Up9wev1PwAAABQo0/8XRv3/8yWT/9r05lmN2qQr9Ubh0P8AAABQoEz/XxT1/y/bNF9+4rwOh26ZrtQXC4f+BwAAgAJl+v/iqP9nr9t2y2tWG/D0sHSlvng49D8AAAAUKNP/l0T9/+s1331yRPuVfl8uXak3Dof+BwAAgAJl+n9g1P+/fdN50zs//6zZo+lKvUk49D8AAAAUKNP/l0b9//uhV0w54LxTO9yertSXCIf+BwAAgAJl+n9Q1P9zdn38jwaHPDTif1ipLxkO/Q8AAAAFyvT/ZVH///Fr7+a/7NZz8trpSn2pcOh/AAAAKFCm/y+P+v/PLg//2+v60RtflK7Um4ZD/wMAAECBMv1/RdT/c78/baUb5zQ8eki6Ul86HPofAAAACpTp/yuj/v9r/l7bTFpv4iUbpiv1Bd2v/wEAAKBAmf6/Kur/vztdOm27dge9+XS6Um8WDv0PAAAABcr0/+Co//9p1e/uS74f1rZlulJvHg79DwAAAAXK9P/VUf/PG/505z6XbXZWo3Slvmw49D8AAAAUKNP/Q6L+/3fgxceteuBvN41JV+rLhUP/AwAAQIEy/X9N1P/zN+4wcPLYJb9tmq7Ulw+H/gcAAIACZfr/2v/d//WFlpn5+YPHv9no4XSlvkI49D8AAAAUKNP/10X9v/DdGzTo2PiIQ+9IV+otwqH/AQAAoECZ/r8+6v8G45ddY9m3RzzdMF2prxgO/Q8AAAAFyvT/DVH/1xZ5+7kZb7T/fVC6Ul8pHPofAAAACpTp/xuj/q9OPaXNqk3nNVsnXamvHA79DwAAAAXK9P/QqP/rrz4yaXLvfTtsl67UW4ZD/wMAAECBMv1/U9T/DT+78sdL7hsy4uZ0pb5KOPQ/AAAAFCjT/8Oi/l/kmF2W7HPIjDt6pyv1Ba/R/wAAAFCgTP8Pj/p/0ZcGTZ913pqdJqcr9dXC8X/o/9r/nz8yAAAA8H8p0/83R/3f6NzdG678+aCmL6Yr9dXD4f1/AAAAKFCm/2+J+n+xXqevvWv7zj8fna7U1wiH/gcAAIACZfr/1qj/F39n7EvjVpvy5Mx0pb5mOPQ/AAAAFCjT/7dF/d94+OcD/py3XNdd0pX6WuHQ/wAAAFCgTP+PiPq/SatWPRa/+cnGh6cr9Vbh0P8AAABQoEz/3x71/xIbr9Tx8O37/jgvXamvHQ79DwAAAAXK9P/IqP+XHPjxbfeOuuDWndOV+jrh0P8AAABQoEz/3xH1/1K7/fnpI/069p+RrtTXDYf+BwAAgAJl+v/OqP+b/rzttju3+GG92elKfb1w6H8AAAAoUKb/R0X9v/T0apVlXm79+t7pSn39cOh/AAAAKFCm/+86b6FauOvLHPb8vM8/GXv+p+lKfYNw6H8AAAAoUKb/R0fv/zdb74il11qkd4/+6Uq9dTj0PwAAABQo0/93R/3ffPCon6ccM61dz3Sl3iYc+h8AAAAKlOn/e6L+X/bC4e+c/1TLKa+nK/W24dD/AAAAUKBM/4+J+n+5bQ/apPd9L93xQ7pS3zAc+h8AAAAKlOn/e6P+X374jR9+37vqtGe6Ut8oHPofAAAACpTp//ui/l+h1WFbLd/0nqbd0pX6xuHQ/wAAAFCg/9L/iy60UO3+qP9bbHzkiru/0evnv9OV+ibh0P8AAABQoMz7/w9E/b/iwNvnTnh7zpNnpCv1TcOh/wEAAKBAmf4fG/X/St93uWqRxu26vp+u1DcLh/4HAACAAmX6/8Go/1fucsMJvx0/tPHz6Up983DofwAAAChQpv8fivq/Zaf7dr9tbNcfj0hX6u3Cof8BAACgQJn+fzjq/1Xm97p/3wNH3vpxulLfIhz6HwAAAAqU6f9Hov5f9Z+B8/a6rHv/vulKfctw6H8AAAAoUKb/H436f7Wd9lzl6e8nrXdSulLfKhz6HwAAAAqU6f/Hov5ffZ8+237brsnrb6Qr9a3Dof8BAACgQJn+fzzq/zW+fejTFdcbfP726Uq9fTj0PwAAABQo0/9PRP2/5vClNpk6p0uPr9KV+jbh0P8AAABQoEz/Pxn1/1qtprzT+vr57X5LV+rbhkP/AwAAQIEy/T8u6v9WG//w85m7bTvlgHSlvl049D8AAAAUKNP/T0X9v/bA9ZYe1Hvebp+lK/UO4dD/AAAAUKBM/z8d9f866307d6n72o85N12pL3gmoP4HAACAAmX6f3zU/+sObrPiV28MmX9sulLvGA79DwAAAAXK9P8zUf+vd2GzrR5vum/L19KV+g7h0P8AAABQoEz/T4j6f/1t3/1wx8ZvHrhTulLfMRz6HwAAAAqU6f9no/7foM2Lc2e/veRj09OVeqdw6H8AAAAoUKb/n4v6v/W1DVZceOyIL39NV+oL/iZA/wMAAECBMv3/fNT/bc7bYqv9jz+i1iVdqe8cDv0PAAAABcr0/wtR/7fd6t8PR102rPf36Up9l3DofwAAAChQpv9fjPp/wz8/veOZAw8avGu6Ul/wNf0PAAAABcr0/0tR/2/UscVOe7T77cXD0pX6buHQ/wAAAFCgTP+/HPX/xgeseswK32+21j/pSr1zOPQ/AAAAFCjT/xOj/t/kh68vmjln9PEnpyv13cOh/wEAAKBAmf5/Jer/TW/c8bi26/W84t10pb5HOPQ/AAAAFCjT/69G/b/Z6ucP/HS3iR+9lK7U9wyH/gcAAIACZfr/taj/N9/8ibsHXt9wi2PSlfpe4dD/AAAAUKBM/78e9X+7y/t3Puu8z3brkK7U9w6H/gcAAIACZfp/UtT/W7R5+rYvDllpzJfpSr1LOPQ/AAAAFCjT/29E/b/ltf06Lt3+ofm/pyv1fcKh/wEAAKBAmf5/M+r/rc7r0GOnz09teWC6Ut83HPofAAAACpTp/7ei/t96q4sHPDpv1oGfpCv1/cKh/wEAAKBAmf5/O+r/9t1O+6PJam0fOzNdqe8fDv0PAAAABcr0/ztR/2/z1cPN/91+wJcnpiv1A8Kh/wEAAKBAmf5/N+r/bf+4dNN7bu5Qm5Su1Bc8E0D/AwAAQIEy/T856v/t9thrSrd+T/U+PV2pdw2H/gcAAIACZfr/vaj/Oyx7+GeNR/Ub/F66Uu8WDv0PAAAABcr0//tR/29/79Dt5r/83osvpCv1g8Kh/wEAAKBAmf6fEvV/xydGthzTovla/0lX6geHQ/8DAABAgTL9/0HU/zs0OOqfrosMPP7HdKV+SDj0PwAAABQo0/8fRv2/4+kTl7n5k10b/g8r9UPDof8BAACgQJn+/yjq/06TFv7lxKe++ahrulI/LBz6HwAAAAqU6f+Po/7f6cOt397qmFZb/JWu1A8Ph/4HAACAAmX6/5Oo/3fuPm/jV6/vss2y6Ur9iHDofwAAAChQpv8/jfp/l2e3+2jf3QZ/+ki6Ul/wmQD6HwAAAAqU6f/Pov7ftd/crW9bb9uBI9OVevdw6H8AAAAoUKb/p0b9v9uJL7T4bc78ngunK/Ue4dD/AAAAUKBM/0+L+r/ze/U/F/m++6pXpCv1I8Oh/wEAAKBAmf7/POr/3Yfu/3SndiOfa5uu1I8Kh/4HAACAAmX6/4uo//dY45rDHjuwyXVbpCv1o8Oh/wEAAKBAmf7/Mur/Pdvdfe6Xl03qc1O6Uj8mHPofAAAACpTp/6+i/t/ripNubnp8u4arpiv1Y8Oh/wEAAKBAmf6fHvX/3nvt8UWjsXO+OT9dqfcMh/4HAACAAmX6f0bU/11+v6z219tdH74uXakfFw79DwAAAAXK9P/XUf/v88WDq9/feOg+7dKVeq9w6H8AAAAoUKb/v4n6f9+Dz3j20KbVik+lK/Xjw6H/AQAAoECZ/v826v/92r7f9sY3XvprhXSlfkI49D8AAAAUKNP/30X9v/91y7zR675e9y+RrtRPDIf+BwAAgAJl+n9m1P8HDFj3h+1637PXvelK/aRw6H8AAAAoUKb/v4/6/8Ctf1pi0jG9t7ksXamfHA79DwAAAAXK9P8PUf93Hdp6xgFPjf103XSl3jsc+h8AAAAKlOn/H6P+77bG94vc+UnLgdumK/VTwqH/AQAAoECZ/p8V9f9B7d5p9csi03oOT1fqp4ZD/wMAAECBMv3/U9T/B1+x3IsNWnRcdal0pd4nHPofAAAACpTp/5+j/j9k1vSHxr18wXMPpSv108Kh/wEAAKBAmf7/Jer/Q/dbfe9dR7W+7s50pX56OPQ/AAAAFCjT/7Oj/j+sw/K9V+73Q59F0pX6GeHQ/wAAAFCgTP//GvX/4X9NvWbWzcs1HJ+u1PuGQ/8DAABAgTL9/1vU/0fM3ebZ2dtP+WaVdKV+Zjj0PwAAABQo0/+/R/3/nx3+Xn3h1fo+vGi6Uu8XDv0PAAAABcr0/5yo/7sf+Fxt/3lP7nNPulI/Kxz6HwAAAAqU6f8/ov7v8eMiX4z6fM0VW6Ur9bPDof8BAACgQJn+/zPq/yOH3rlEj/Yz/rowXamfEw79DwAAAAXK9P/cqP+PWqPHD4MP6Xz/NelKvX849D8AAAAUKNP/f0X9f3S7bm+8eN6gvTZKV+rnhkP/AwAAQIEy/f931P/HXHFr23brT7rhonSlfl449D8AAAAUKNP//0T9f2zbQ1+8748mp6+drtQHhEP/AwAAQIEy/T8v6v+e1w1rddgNI1ffMF2pnx8O/Q8AAAAFyvT/v1H/HzdgxCKLde7+wpB0pX5BOPQ/AAAAFCjT//Oj/u+19TEz5h4wf1DLdKW+4DMB9T8AAAAU6L/3f7VQ1P/Hnzy5/sKgbXs9na7UFzwTUP8DAABAgTL9v3DU/ye81vybDWcO3m5MulK/OBz6HwAAAAqU6f8GUf+fOLXty0du3mVqo3Slfkk49D8AAAAUKNP/taj/TzryuzVveOeeex9OV+oDw6H/AQAAoECZ/q+i/j951Otdr2rSa4+m6Ur90nDofwAAAChQpv/rUf/3XqnJuLNPeGmFhulKfVA49D8AAAAUKNP/DaP+P2XRdsPWebD68450pX5ZOPQ/AAAAFCjT/4tE/X/qQ7+c+cm9Qx9cJ12pXx4O/Q8AAAAFyvT/olH/93l53+tbntx170HpSv2KcOh/AAAAKFCm/xtF/X/a2df1+XGpOdXN6Ur9ynDofwAAAChQpv8Xi/r/9GMf2P/JSe1mbJeu1K8Kh/4HAACAAmX6f/Go/894t+fju338ww3Lpyv1weHQ/wAAAFCgTP83jvq/78ljDnm7YevTx6Ur9avDof8BAACgQJn+bxL1/5mvnfDMGkdfsPp96Up9SDj0PwAAABQo0/9LRP3fb+qBt54xruMLS6Yr9WvCof8BAACgQJn+XzLq/7OOvPqcC++aNuiCdKV+bTj0PwAAABQo0/9LRf1/9iLdF29/Vsteq6Ur9evCof8BAACgQJn+bxr1/znj7/jurRXHbrd5ulK/Phz6HwAAAAqU6f+lo/7vf/ctrwyb2HvqtelK/YZw6H8AAAAoUKb/l4n6/9xluq537KqD7m2TrtRvDIf+BwAAgAJl+r9Z1P/nzb3/6gf+6bzH5elKfWg49D8AAP8Pe38atfX4//3fxP7ZpQwhQ+Z5yFiGZCbzEJEMmZKMScishMzKN0koMlYkIkOSJEMIZSZUCN9MyZCM17qutXWd27m23zq3df7X+q+13Xg87vTuWMf+WsfdZ5+OfQegQJn+bxr1f+89Tjmn4+DZq9yRrtRuD4f+BwAAgAJl+n/FqP8v79Cu3RK7rvf79ulKbeG/Ceh/AAAAKFCm/1eK+v+K7wc8+ucxY0c/ka7UBodD/wMAAECBMv2/ctT/V9627XE7977g4JXSldqQcOh/AAAAKFCm/1eJ+r/PunPHvzHr/cX/h5XaneHQ/wAAAFCgTP83i/r/qu1eG3zbTivNviddqd0VDv0PAAAABcr0/6pR/199Y+Oep005fuZB/9+/3fm/rdSGhkP/AwAAQIEy/b9a1P/XbPHmLXOXvXvR79KV2t3h0P8AAABQoEz/rx71/7W3LHH+Ymct0/7PdKW28HcC9D8AAAAUKNP/a0T9f13vFod3GPnmmCPTldq94dD/AAAAUKBM/68Z9f/1O/wy5r7Rh/79XrpSuy8c+h8AAAAKlOn/taL+v+G8++Z+1bX/auenK7X7w6H/AQAAoECZ/l876v8bp3RarulSO+5zfLpSeyAc+h8AAAAKlOn/daL+7/vhES13m/b3iBfSldqwcOh/AAAAKFCm/9eN+r9fpzunPbZtNf2CdKU2PBz6HwAAAAqU6f/1ov6/aeizDz8455XWH6crtRHh0P8AAABQoEz/rx/1/3+aXdT2yOtOPfONdKX2YDj0PwAAABQo0/8bRP3ff+ldz1zq8OH9uqUrtYfCof8BAACgQJn+3zDq/5vHXHXDP/tv8/IX6UptZDj0PwAAABQo0/8bRf0/4Pn1Ttzh1l823C1dqT0cDv0PAAAABcr0/8ZR/99y0ee9J88/6pzD05XaqHDofwAAAChQpv83ifp/4JkfDh3c/I7+v6QrtUfCof8BAACgQJn+bx71/63vrrF7t512nflOulJ7NBz6HwAAAAqU6f9No/4fdN4nI36d1XvR7ulKbXQ49D8AAAAUKNP/m0X9f9uUZvtXvbdo3yVdqT0WDv0PAAAABcr0/+ZR/9/+4VqntTvmhzEvpiu1x8Oh/wEAAKBAmf7fIur/Ozp9dc3du57z9z7pSm1MOPQ/AAAAFCjT/1tG/T940ab/rDL4sdXmpCu1J8Kh/wEAAKBAmf7fKur/IePeWW3OX6vt83e6UnsyHPofAAAACpTp/xZR/9/5yH93em6tT0ccl67UngqH/gcAAIACZfq/ZdT/dzXdYsaBr2wwfXa6Uns6HPofAAAACpTp/62j/h+64pQbDln169Z7pyu1seHQ/wAAAFCgTP9vE/X/3SOXPPOei/c98+B0pfZMOPQ/AAAAFCjT/9tG/X/P01u2/W3YNf3mpSu1ceHQ/wAAAFCgTP9vF/X/vQ1+e7j2TNOXe6YrtWfDof8BAACgQJn+bxX1/33nHbb7813e3fCTdKU2Phz6HwAAAAqU6f/to/6/f0r/oS2ri855PV2pPRcO/Q8AAAAFyvR/66j/H/hweO+TPx7X/9R0pTYhHPofAAAACpTp/x2i/h/W6cwTB8y6YOnP05Xa8+HQ/wAAAFCgTP/vGPX/8OdHXrP0TmN/3DVdqU0Mh/4HAACAAmX6f6eo/0dcdNppfx+z0rgO6UrthXDofwAAAChQpv93jvr/wTMP3n9E7/eP+jVdqU0Kh/4HAACAAmX6f5eo/x96d+CIowbvv/yF6UrtxXDofwAAAChQpv93jfp/5IuXXfPdrtfNm56u1F4Kh/4HAACAAmX6f7eo/x/uuddpa6613gNT0pXay+HQ/wAAAFCgTP/vHvX/qNMu2X//v2bvfWa6UnslHPofAAAACpTp/z2i/n9k6jMjnl51jW3eTVdqk8Oh/wEAAKBAmf5vE/X/o8sNem/oKzPePS9dqb0aDv0PAAAABcr0/55R/48efux2hw7rftkJ6UrttXDofwAAAChQpv/3ivr/sWc7r1i/+NETJqUrtdfDof8BAACgQJn+3zvq/8ere375pctmG7VNV2oLPxNA/wMAAECBMv2/T9T/Y85eZNWtnvnu1e/Tldob4dD/AAAAUKBM/+8b9f8Tk19e8MLHuw/5I12pvRkO/Q8AAAAFyvT/flH/P/nJXx8OrK645Ih0pfZWOPQ/AAAAFCjT//tH/f9Ul9atT1r2iKV7pSu1qeHQ/wAAAFCgTP8fEPX/0y/+Pu3fKbf9+Gm6UpsWDv0PAAAABcr0/4FR/4/tuXPLxiO3G/daulJ7Oxz6HwAAAAqU6f+Dov5/5rTFlzvirN+OOiVdqb0TDv0PAAAABcr0f9uo/8dNfWHuQ11PX/7LdKX2bjj0PwAAABQo0/8HR/3/7ONbXbX86Afn7ZWu1N4Lh/4HAACAAmX6/5Co/8c3nN955rTFHzgkXam9Hw79DwAAAAXK9H+7qP+fW/2NPccs9dLeP6crtQ/Cof8BAACgQJn+PzTq/wnDGg3be87O2+ybrtQ+DIf+BwAAgAJl+v+wqP+f/2vVkctt+++736YrtY/Cof8BAACgQJn+bx/1/8S9Pj1o1uGHXPZXulL7OBz6HwAAAAqU6f/Do/5/od3X3Z647qYTjk1XatPDof8BAACgQJn+7xD1/6Rv1r5xr1uX2ujtdKX2STj0PwAAABQo0/9HRP3/4uArOl2x/5RXz0pXap+GQ/8DAABAgTL9f2TU/y9tsOdlZzXvNOTkdKX2WTj0PwAAABQo0/9HRf3/coted683/95LXkpXajPCof8BAACgQJn+Pzrq/1euGbvHB9W7F26crtRmhkP/AwAAQIEy/d8x6v/Jm1w8/MCPmw66Pl2pzQqH/gcAAIACZfr/mKj/X71p/H7PPTNuyuB0pfZ5OPQ/AAAAFCjT/8dG/f/alVefPqfLRZvtnK7UvgiH/gcAAIACZfr/uKj/X995t2tXufjrzo+lK7Uvw6H/AQAAoECZ/j8+6v8p5zR54+hhG/RZNl2pzQ6H/gcAAIACZfr/hKj/33j1gy2Gv3LNtHq6UvsqHPofAAAACpTp/05R/7/56fdL/7Xqvlven67Uvg6H/gcAAIACZfr/xKj/3zq5+XfL/PXY7mumK7VvwqH/AQAAoECZ/u8c9f/U+xvetNJa59w7Pl2p/Tcc+h8AAAAKlOn/k6L+n7bmW2d/ueun8x9MV2pzwqH/AQAAoECZ/u8S9f/bjX499NHBq624RLpS+zYc+h8AAAAKlOn/k6P+f2d0y9F79O593JXpSu27cOh/AAAAKFCm/0+J+v/dl/5z7FXH7PrcBulK7ftw6H8AAAAoUKb/T436/71eHZ7tsdMPc7ZKV2o/hEP/AwAAQIEy/X9a1P/vn951yNqztmh0c7pS+zEc+h8AAAAKlOn/06P+/2DaQ73env/LhWPSldrccOh/AAAAKFCm/8+I+v/Dc04dsE/zbQatmK7UfgqH/gcAAIACZfq/a9T/H736yHnj9r9jyqLpSm1eOPQ/AAAAFCjT/2dG/f/xp7d0+PHWoza7N12p/RwO/Q8AAAAFyvR/t6j/p5986BOrXfdK5y3Sldov4dD/AAAAUKBM/58V9f8niw+ddN/hVZ8b05Xar+HQ/wAAAFCgTP93j/r/0+e6rN1h2+HTbk9Xar+FQ/8DAABAgTL9f3bU/5892HGRxeacumWrdKU2Pxz6HwAAAAqU6f9zov6fseztn89dqv/ul6crtd/Dof8BAACgQJn+Pzfq/5nLXzj6u2mH3rtWulJbEA79DwAAAAXK9H+PqP9njZhw6Jqj/56/XbpS+yMc+h8AAAAKlOn/86L+/3x8n7P377rjirekK7U/w6H/AQAAoECZ/j8/6v8v6nvc9PRZdx+3SrpS+ysc+h8AAAAKlOn/C6L+//KcWb0uHXn8c+PSldrf4dD/AAAAUKBM/18Y9f/sVzcc0nfKm3NGpiu1f8Kh/wEAAKBAmf6/KOr/rz5d/dmPl12m0dLpSu3fcOh/AAAAKFCm/y+O+v/rk6cfu3Gv8Z+dlq5UCw/9DwAAAAXK9P8lUf9/89IqTzx+7yW7TE5XqvA9+h8AAABKlOn/S6P+/2+vGR12nfT26TPSlapBOPQ/AAAAFCjT/z2j/p9z+uzzVlhz+esuTVeqxcKh/wEAAKBAmf7vFfX/t9PWHfB1g76TfkpXqsXDof8BAACgQJn+vyzq/+8uHttz7Gdt1zk0Xalq4dD/AAAAUKBM//eO+v/7ib0G7/fcrPPapCvVwg8A0P8AAABQoEz/Xx71/w/v7Tl+jU5r3fpVulLVw6H/AQAAoECZ/r8i6v8fu11x3Pd9ps/umK5UC1+v/wEAAKBAmf6/Mur/uQ/fve6vRzZb/J90pWoYDv0PAAAABcr0f5+o/39a6eSJ1fZjDv5vulItGQ79DwAAAAXK9P9VUf/PW+yYme1m9xi9f7pSNQqH/gcAAIACZfr/6qj/fx57R4O7f//m91fSlapxOPQ/AAAAFCjT/9dE/f/LG9t/33m9jVc5KV2plgqH/gcAAIACZfr/2qj/fz3/32VubXP1gWenK9XS4dD/AAAAUKBM/18X9f9vJ760+aRBe42cmq5Uy4RD/wMAAECBMv1/fdT/8z9abMqWfYd8Nj9dqZYNh/4HAACAAmX6/4ao/3+/eOKGD7bruEv7dKVqEg79DwAAAAXK9P+NUf8vmFh/6cgW807fPV2plguH/gcAAIACZfq/b9T/f7y305dL/dDyupnpSrWw+/U/AAAAFCjT//2i/v+z25/VPz+PmnRGulKtEA79DwAAAAXK9P9NUf//1XiJs/baots6b6YrVdNw6H8AAAAoUKb//xP1/99Pvtn/ibYTz/soXalWDIf+BwAAgAJl+r9/1P//3PPL47NuXuTWi9OVaqVw6H8AAAAoUKb/b476/9+VWxyy3Ll/zp6YrlQrh0P/AwAAQIEy/T/gf/V/tci5Bw+6eHjrxU9MV6pVwqH/AQAAoECZ/r8l6v9F3xx40TWTBxx8brpSNQuH/gcAAIACZfp/YNT/DT4eefQnK7Qf/X66Uq0aDv0PAAAABcr0/61R/y92/Gljt2g4+fej0pVqtXDofwAAAChQpv8HRf2/+AqTD5/zXsNVfk9XqtXDof8BAACgQJn+vy3q/9qopces8sSwA39MV6o1wqH/AQAAoECZ/r896v/qma1vOfDULiMPTFeqNcOh/wEAAKBAmf6/I+r/+iLzzn9uUJMRd6cr1cLX6H8AAAAoUKb/B0f9v8Q9Ww5er83UfRZLV6q1w6H/AQAAoECZ/h8S9X/DlX/r+cF6PVdbIV2p1gmH/gcAAIACZfr/zqj/l2w85bgrfp/w95PpSrVuOPQ/AAAAFCjT/3dF/d/oySXHnzV7nTGt05VqvXDofwAAAChQpv+HRv3f+M+jFrTY/ov2g9KVav1w6H8AAAAoUKb/7476f6ndBq868cgDF+2XrlQbhEP/AwAAQIEy/X9P1P9Lt3+g9S19bpi5WbpSbRgO/Q8AAAAFyvT/vVH/L/Pj8R926XR+/1vTlWqjcOh/AAAAKFCm/++L+n/ZzXa/r+dzT56zTbpSbRwO/Q8AAAAFyvT//VH/N7n1yr1u/GzlDddJV6pNwqH/AQAAoECZ/n8g6v/lrnju5I8afPTyZelK1Twc+h8AAAAKlOn/YVH/L7/9BX02WbNNv8bpSrVpOPQ/AAAAFCjT/8Oj/l/hwI9P+3FSnzNHpSvVws8E0P8AAABQoEz/j4j6v+n81a5Z7d7mrcemK9Xm4dD/AAAAUKBM/z8Y9f+KX2wwYp9ec6avmq5UW4RD/wMAAECBMv3/UNT/Kx05c/9xp241Ysd0pdoyHPofAAAACpTp/5FR/6/85zpD135i7j53pivVVuHQ/wAAAFCgTP8/HPX/Krt9ufvb7x272rXpStUiHPofAAAACpTp/1FR/zdr/9mJVzW86+/m6UrVMhz6HwAAAAqU6f9Hov5f9ceVe/dYocGYYelKtXU49D8AAAAUKNP/j0b9v9oN385/Y/Kk9rV0pdomHPofAAAACpTp/9FR/6++7WZNdx7eddHl0pVq23DofwAAAChQpv8fi/p/jXVW2vq0c0fOfDRdqbYLh/4HAACAAmX6//Go/9ccNO39227u0H/JdKVqFQ79DwAAAAXK9P+YqP/XuqNFnz5tB54zPF2ptg+H/gcAAIACZfr/iaj/1177l5PP26LVhhPSlap1OPQ/AAAAFCjT/09G/b/ONm/utc7PC15ePV2pdgiH/gcAAIACZfr/qaj/1+23xH3Tfujc7z/pSrVjOPQ/AAAAFCjT/09H/b/enw/uv0KL+89sma5UO4VD/wMAAECBMv0/Nur/9Xc7Y8TX7Rq1Xi9dqXYOh/4HAACAAmX6/5mo/zdof/g1j/d9bfpV6Uq1Szj0PwAAABQo0//jov7f8MebTtv1iYZ7L5WuVLuGQ/8DAABAgTL9/2zU/xsd2K73x6dOfuCRdKXaLRz6HwAAAAqU6f/xUf9vPH/AiRs37DLv6XSl2j0c+h8AAAAKlOn/56L+3+SLUbtf+t6w5ZulK9Ue4dD/AAAAUKBM/0+I+r/5kacM7Tu59VED05WqTTj0PwAAABQo0//PR/2/6b49e7da4c9xW6cr1Z7h0P8AAABQoEz/T4z6f7Ofnz7x9XPb/7huulLtFQ79DwAAAAXK9P8LUf9v/vXlu981fMDSvdOVau9w6H8AAAAoUKb/J0X9v8UxbYae0bbbJTukK9U+4dD/AAAAUKBM/78Y9f+Wd3X55NybRw25LV2p9g2H/gcAAIACZfr/paj/t1p/6M5X/7zIq33TlWq/cOh/AAAAKFCm/1+O+r/FVrev+c4WEzfaNF2p9g+H/gcAAIACZfr/laj/W17f8e+1WnQ8YWi6Uh0QDv0PAAAABcr0/+So/7f+95/lZv8w5LIG6Up1YDj0PwAAABQo0/+vRv2/zZ6t5q7Yt+W7TdOV6qBw6H8AAAAoUKb/X4v6f9tDGkzbvd28bZ5KV6q24dD/AAAAUKBM/78e9f92377YcnSbjfe+KV2pDg6H/gcAAIACZfp/StT/rfatPmw+6JsHWqQr1SHh0P8AAABQoEz/vxH1//Y/P9/6w9/3mrd+ulK1C4f+BwAAgAJl+v/NqP9bf/3Hqjesd/XyV6cr1aHh0P8AAABQoEz/vxX1/w7H7Lig1/bNjmqUrlSHhUP/AwAAQIEy/T816v8dd36r3yuzp48bka5U7cOh/wEAAKBAmf6fFvX/Tlc27Lp1nx4/PpeuVIeHQ/8DAABAgTL9/3bU/zvf1PKA448cs/Rq6UrVIRz6HwAAAAqU6f93ov7fZZNfR938XNtLHkhXqiPCof8BAACgQJn+fzfq/127z77/5U59hyyerlRHhkP/AwAAQIEy/f9e1P+7vb7u3ts0WOvV/6Hxq6PCof8BAACgQJn+fz/q/91nrNLlhM9mbTQ6XamODof+BwAAgAJl+v+DqP/3OGnGlf0nXXLCTulK1TEc+h8AAAAKlOn/D6P+b9Pk0tM7rDn+srvSleqYcOh/AAAAKFCm/z+K+n/Ph8Zde1+v5d+9Jl2pjg2H/gcAAIACZfr/46j/95rQe/jce9/eZpN0pTouHPofAAAACpTp/+lR/+9d23u/xdrdv+XL6Up1fDj0PwAAABQo0/+fRP2/z7A+d9/Wt/O0zulKdUI49D8AAAAUKNP/n0b9v+/qe+xx2g+v9TknXak6hUP/AwAAQIEy/f9Z1P/7Nbyw084tGnWelq5UJ4ZD/wMAAECBMv0/I+r//R+fcNkbWwzc7Jh0pVr4OwH6HwAAAAqU6f+ZUf8f8M+PL/b7ucOUf9OV6qRw6H8AAAAoUKb/Z0X9f2CbjTe45OYFg75JV6ou4dD/AAAAUKBM/38e9f9BBy9f36htqwv3S1eqk8Oh/wEAAKBAmf7/Iur/tnPemz19+KRGc9OV6pRw6H8AAAAoUKb/v4z6/+CN5t826dwGc9qlK9Wp4dD/AAAAUKBM/8+O+v+Q/ltdvOUKI5/bM12pTguH/gcAAIACZfr/q6j/213V6KjOk7se93W6Up0eDv0PAAAABcr0/9dR/x+64xtP3/re3BVPT1eqM8Kh/wEAAKBAmf7/Jur/w/bp1qFdw63mv5quVF3Dof8BAACgQJn+/2/U/+3njXji7lPvuvezdKU6Mxz6HwAAAAqU6f85Uf8f/tXNA3594tjdL0lXqm7h0P8AAABQoEz/fxv1f4eO7c+r7u2z5dHpSnVWOPQ/AAAAFCjT/99F/X/EP7cOGdyrzbQF6UrVPRz6HwAAAAqU6f/vo/4/ss0hvbqtOafPD+lKdXY49D8AAAAUKNP/P0T9f9TBpx+7w6TmnQ9IV6pzwqH/AQAAoECZ/v8x6v+j5zz87OTPntzs+XSlOjcc+h8AAAAKlOn/uVH/d7z22NfOanD+lE7pStUjHPofAAAACpTp/5+i/j+m5aCNruj00aAe6Up1Xjj0PwAAABQo0//zov4/dsN7Gn7w3MoXfpCuVOeHQ/8DAABAgTL9/3PU/8cN6fztekd+0ahrulJdEA79DwAAAAXK9P8vUf8ff+fVT7fqs86ct9KV6sJw6H8AAAAoUKb/f436/4T1djvq9dk3PPdhulJdFA79DwAAAAXK9P9vUf932vLii+/a/sDjLkpXqovDof8BAACgQJn+nx/1/4nXjb/tjPWmrvhbulJdEg79DwAAAAXK9P/vUf93/mfN80b83mT+YelKdWk49D8AAAAUKNP/C6L+P6nNRwOOGjTh3j3SlapnOPQ/AAAAFCjT/39E/d/l4C+eWLpNz91npStVr3DofwAAAChQpv//jPr/5Dnrd/j7x1a3t09XqsvCof8BAACgQJn+/yvq/1P2+frZk1suuHh+ulL1Dof+BwAAgAJl+v/vqP9Pnbf2sQMO7bDFzHSlujwc+h8AAAAKlOn/f6L+P+2rVXs932/gm7unK9UV4dD/AAAAUKBM//8b9f/pHT8d0rJ/o6vfTFeqK8Oh/wEAAKBA/+f+ry0S9f8ZqzSdeMNBr3U5I12p+oRD/wMAAECBMv2/aNT/Xe99Z91em3ducXG6Ul0VDv0PAAAABcr0f4Oo/8986r8Nms+7/52P0pXq6nDofwAAAChQpv8Xi/q/21JbzPyw6bF3n5iuVNeEQ/8DAABAgTL9v3jU/2e9tdTg51+9a9eJ6Up1bTj0PwAAABQo0/+1qP+793i9Z8sRW63wfrpSXRcO/Q8AAAAFyvR/FfX/2Sf8dNzJPeb+em66Ul0fDv0PAAAABcr0fz3q/3Ombzd+wCldn/09XaluCIf+BwAAgAJl+n+JqP/PfeSWdoeMGXnMUelKdWM49D8AAAAUKNP/DaP+79H00EfvebdBwwPTlapvOPQ/AAAAFCjT/0tG/X/eoqf+57clJn3zY7pS9QuH/gcAAIACZfq/UdT/54975JzaGivfPjldqW4Kh/4HAACAAmX6v3HU/xes0nXQXS98dPFp6Ur1n3DofwAAAChQpv+Xivr/wnsfuuiMe87f4tJ0peofDv0PAAAABcr0/9JR/1/01H+ObtXzyTdnpCvVzeHQ/wAAAFCgTP8vE/X/xUt1GPv6ic2vPjRdqQaEQ/8DAABAgTL9v2zU/5eced9b50yY0+WndKW6JRz6HwAAAAqU6f8mUf9f+m6nzS6b0abFV+lKNTAc+h8AAAAKlOn/5aL+7/n8EY3fXazPO23SlerWcOh/AAAAKFCm/5eP+r/XRXf+sOGXPe/+J12pBoVD/wMAAECBMv2/QtT/l910SvuZrSbs2jFdqW4Lh/4HAACAAmX6v2nU/703GfXU8kc0WWH/dKW6PRz6HwAAAAqU6f8Vo/6/fOcBA/e+cuqv/01XqjvCof8BAACgQJn+Xynq/yuubHfumNsOfPakdKUaHA79DwAAAAXK9P/KUf9fOXfuHd33vOGYV9KVakg49D8AAAAUKNP/q0T932e/bS+8fP11Gk5NV6o7w6H/AQAAoECZ/m8W9f9VxzY+4v0FX3xzdrpS3RUO/Q8AAAAFyvT/qlH/X/3la8+sv8SA7+9MV6qh4dD/AAAAUKBM/68W9f81ey1xyIR32zfeMV2p7g6H/gcAAIACZfp/9aj/r/3rzccPGPPnEc3TleqecOh/AAAAKFCm/9eI+v+6b37pv/Iprcdem65U94ZD/wMAAECBMv2/ZtT/17drcda3PYbNraUr1X3h0P8AAABQoEz/rxX1/w1rdtp6xIguTYalK9X94dD/AAAAUKBM/68d9f+N99/3/lGvTt7z0XSleiAc+h8AAAAKlOn/daL+7zv6zvlLN21433LpSrXw/wTofwAAAChQpv/Xjfq/X6Mjmv49b977w9OVauHX9D8AAAAUKNP/60X9f9OrF506e/OW2y2ZrlQjwqH/AQAAoECZ/l8/6v//nPPs9SseNOTE1dOV6sFw6H8AAAAoUKb/N4j6v//JVz24e/+Ol09IV6qHwqH/AQAAoECZ/t8w6v+bP911n9H9Jr7eMl2pRoZD/wMAAECBMv2/UdT/A0Z8PuzcQxfZ5D/pSvVwOPQ/AAAAFCjT/xtH/X/L8uvteXXLUT2vSleqUeHQ/wAAAFCgTP9vEvX/wPoand/5sdtd66Ur1SPh0P8AAABQoEz/N4/6/9bxH1611oIx3y+WrlSPhkP/AwAAQIEy/b9p1P+D1mzW9Zn1ezS+O12pRodD/wMAAECBMv2/WdT/t93/Sb9995x+xJPpSvVYOPQ/AAAAFCjT/5tH/X/76K9GrX5bs7ErpCvV4+HQ/wAAAFCgTP9vEfX/HY3WOuCHK6+eOyhdqcaEQ/8DAABAgTL9v2XU/4NPeaf14Ufs1aR1ulI9EQ79DwAAAAX6P/T/yPBG/wv7f8jbTT+8v9U3e26WrlQL3xNA/wMAAECBMs//W0TP/+98eYsFP3258X390pXqqXDofwAAAChQpv9bRv1/1yX/XbXBYm+/v026Uj0dDv0PAAAABcr0/9ZR/w/tteQ+a8xYfrtb05VqbDj0PwAAABQo0//bRP1/90tTHvx+wvgTL0tXqmfCof8BAACgQJn+3zbq/3um/Xb92BMvuXyddKUaFw79DwAAAAXK9P92Uf/fe/qWp+7Xc9bro9KV6tlw6H8AAAAoUKb/W0X9f9+a/a/qd89amzROV6rx4dD/AAAAUKBM/28f9f/99x/W+ZIX+vZcNV2pnguH/gcAAIACZfq/ddT/D4w+c8+N1mh719h0pZoQDv0PAAAABcr0/w5R/w9rNHzY9PVvWKxFulI9Hw79DwAAAAXK9P+OUf8PH3HaAbstOPDzm9KVamI49D8AAAAUKNP/O0X9P2L5kaMeu+2LJ69OV6oXwqH/AQAAoECZ/t856v8H6wP7fbXnOh3WT1eqSeHQ/wAAAFCgTP/vEvX/Q+MP7tr0iAlrjEhXqhfDof8BAACgQJn+3zXq/5EP73XAvVf2/LdRulK9FA79DwAAAAXK9P9uUf8/vNJlow7+cupDq6Ur1cvh0P8AAABQoEz/7x71/6jFnum3eKsm+z2XrlSvhEP/AwAAQIEy/b9H1P+PjL2k6/wZc1otnq5Uk8Oh/wEAAKBAmf5vE/X/oxcf2+THxZp/9EC6Ur0aDv0PAAAABcr0/55R/4+eOOjn1U7sc+PodKV6LRz6HwAAAAqU6f+9ov5/7L173t5nQpsz/ofGr14Ph/4HAACAAmX6f++o/x/v1nnLcfd8tP5d6Uo1JRz6HwAAAAqU6f99ov4fs+rLM3r2XPnFndKV6o1w6H8AAAAoUKb/9436/4m7F9npxjWevGmTdKV6Mxz6HwAAAAqU6f/9ov5/8onWq330wvndr0lXqrfCof8BAACgQJn+3z/q/6eW+eufTd4dudgj6Uo1NRz6HwAAAAqU6f8Dov5/+uGdmz66RNfPl0pXqmnh0P8AAABQoEz/Hxj1/9iVfp+/xymTnmyWrlRvh0P/AwAAQIEy/X9Q1P/PLPbC+yuNadDh6XSleicc+h8AAAAKlOn/tlH/jxu7+NZfjrhrja3TlerdcOh/AAAAKFCm/w+O+v/Zj+fv3rHHsf8OTFeq98Kh/wEAAKBAmf4/JOr/8cdvNfSRpnMf6p2uVO////5oVP2//vMCAAAA//cy/d8u6v/nzm3U+89Xt9pv3XSl+iAcnv8DAABAgTL9f2jU/xPefOPEJTZ/rdVt6Ur1YTj0PwAAABQo0/+HRf3//C2fnnLMvEYf7ZCuVB+FQ/8DAABAgTL93z7q/4lbrHrdqP7337hpulJ9HA79DwAAAAXK9P/hUf+/sMPaD/1xUOcz+qYr1fRw6H8AAAAoUKb/O0T9P6n31/s2PHTB+g3SleqTcOh/AAAAKFCm/4+I+v/FX/d8YEq/Vi8OTVeqT8Oh/wEAAKBAmf4/Mur/l9pe0WaXHwfe9FS6Un0WDv0PAAAABcr0/1FR/7989NiTTm/ZoXvTdKWaEQ79DwAAAAXK9P/RUf+/MqvX1YNeWOvcBelKNTMc+h8AAAAKlOn/jlH/T95j/BkN1ph1y9HpSjUrHP+3/V/9P/iRAQAAgP9Lmf4/Jur/Vxdc3Pennm0nHpCuVJ+Hw/N/AAAAKFCm/4+N+v+173d75P57+q71Q7pSfREO/Q8AAAAFyvT/cVH/v97h6gMPn7D8qZ3SlerLcOh/AAAAKFCm/4+P+n9Ksw8arnDi29c8n65Us8Oh/wEAAKBAmf4/Ier/N4Y2+fbrxS755IN0pfoqHPofAAAACpTp/05R/785pvlrj88Yv1OPdKX6Ohz6HwAAAAqU6f8To/5/a+nvN9q11V5t30pXqm/Cof8BAACgQJn+7xz1/9Qpbx12xJdXj+qarlT/DYf+BwAAgAJl+v+kqP+nndfwyYeu3PiPi9KVak449D8AAAAUKNP/XaL+f7tTy1v/PeKbVT9MV6pvw6H/AQAAoECZ/j856v93Pvy1R+M9e7Q7LF2pvguH/gcAAIACZfr/lKj/3x3Z4fZXbxvz+G/pSvV9OPQ/AAAAFCjT/6dG/f/eiv+5oPWCZl/PSleqH8Kh/wEAAKBAmf4/Ler/9xs8dOSZ60+v9khXqh/Dof8BAACgQJn+Pz3q/w+e7jpuSMtFzu2crlRzw6H/AQAAoECZ/j8j6v8Pmz1ycP3Hibe8nK5UP4VD/wMAAECBMv3fNer/j4ae+tgv/bpNnJauVPPCof8BAACgQJn+PzPq/4/HHHrz0ENHrXVOulL9HA79DwAAAAXK9H+3qP+nL31L90MPannqv+lK9Us49D8AAAAUKNP/Z0X9/0nXLvVv+8+75ph0pfo1HPofAAAACpTp/+5R/3/6wdDZK8/r+Ml+6Ur1Wzj0PwAAABQo0/9nR/3/2aTbXzxg8yE7fZOuVPPDof8BAACgQJn+Pyfq/xkXdtxgwqtd2rZLV6rfw6H/AQAAoECZ/j836v+ZF03ocW/TYaPmpivVgnDofwAAAChQpv97RP0/6/kLbz24R8M/vk5Xqj/Cof8BAACgQJn+Py/q/8/f3ePJxUdMXnXPdKX6Mxz6HwAAAAqU6f/zo/7/4sw+h80f077dq+lK9Vc49D8AAAAU6H/s/xUW3rULov7/stmG41qcMuDx09OV6u9w6H8AAAAoUOb5/4VR/88eOuvIiUu0/vqSdKX6Jxz6HwAAAAqU6f+Lov7/asz0C25598/qs3Sl+jcc+h8AAAAKlOn/i6P+/3rp1W/vsmOTjz9OV+oLD/0PAAAABcr0/yVR/38zckb3v2ZO3eGCdKUevkf/AwAAQIky/X9p1P//XXGVm5e5rGe3bulKvUE49D8AAAAUKNP/PaP+n9Ng3ceO7jih7xvpSn2xcOh/AAAAKFCm/3tF/f/t07MPHr7bOq/slq7UFw+H/gcAAIACZfr/sqj/v1uu1zO/Dfligy/SlXotHPofAAAACpTp/95R/38/fOwRtb8PPPuXdKVehUP/AwAAQIEy/X951P8/PHvFhYesfcPNh6cr9YUfAKj/AQAAoECZ/r8i6v8fqz3vuOfl82d9l67UF75e/wMAAECBMv1/ZdT/c188+etnmj25yEHpSr1hOPQ/AAAAFCjT/32i/v+p5921fS9a+bAj05X6kuHQ/wAAAFCgTP9fFfX/vNPuWG/1Bz564s90pd4oHPofAAAACpTp/6uj/v956jEv/zCuzV/npyv1xuHQ/wAAAFCgTP9fE/X/L/f9u3Hzk/us/l66Ul8qHPofAAAACpTp/2uj/v91je1f/7DefN8X0pX60uHQ/wAAAFCgTP9fF/X/b0suNueG6XOGH5+u1JcJh/4HAACAAmX6//qo/+c/+tISvd7Y6uO905X6suHQ/wAAAFCgTP/fEPX/78vVv5jdZO4Os9OVepNw6H8AAAAoUKb/b4z6f8HwiYuu2P3YbvPSlfpy4dD/AAAAUKBM//eN+v+PZ/9ca/eH7+p7cLpSX9j9+h8AAAAKlOn/flH//1nt9MLoRxu88km6Ul8hHPofAAAACpTp/5ui/v/rpDfHNDxj0gY905V603DofwAAAChQpv//E/X/3zOWOPyPxl3PPjVdqa8YDv0PAAAABcr0f/+o//95vcX5o6aOvPn1dKW+Ujj0PwAAABQo0/83R/3/b/dfbjlmuw6zuqcr9ZXDof8BAACgQJn+H/C/+r++yMHH/r3LtwMXeSddqa8SDv0PAAAABcr0/y1R/y86Z9CaU65vddiL6Uq9WTj0PwAAABQo0/8Do/5v8M89Ow/qsOCJLulKfdVw6H8AAAAoUKb/b436f7E2nT85fb/Of81JV+qrhUP/AwAAQIEy/T8o6v/Ft3y55aiB96++T7pSXz0c+h8AAAAKlOn/26L+r123yLRjfmu073HpSn2NcOh/AAAAKFCm/2+P+r+6s/Xchpu8NvzvdKW+Zjj0PwAAABQo0/93RP1fX++v5f6YPv7hJulKfeFr9D8AAAAUKNP/g6P+X+KqnRccX7/kgMfTlfra4dD/AAAAUKBM/w+J+r/hjr+vevPJb698X7pSXycc+h8AAAAKlOn/O6P+X3KjF1q/Mm75BVW6Ul83HPofAAAACpTp/7ui/m/Uf/EPt36g76PXpSv19cKh/wEAAKBAmf4fGvV/4xmHDT7voraHbJSu1NcPh/4HAACAAmX6/+6o/5c6qX/PPs1m1XZJV+obhEP/AwAAQIEy/X9P1P9Ldx9+3LSX1/pySLpS3zAc+h8AAAAKlOn/e6P+X+b1M8evs/b0gRumK/WFvxOg/wEAAKBAmf6/L+r/ZRseMLH1383O75Ou1DcOh/4HAACAAmX6//6o/5s8ft26rw4Zs27/dKW+STj0PwAAABRoYf/3/v9/5X/r/wei/l9u2KMNhuzW44Ut05V683DofwAAAChQ5vn/sKj/l1/9vJlndvzm+mfTlfqm4dD/AAAAUKBM/w+P+n+FU99d5qHLNj5tjXSlvlk49D8AAAAUKNP/I6L+b/rOct8fMfPqnRumK/XNw6H/AQAAoECZ/n8w6v8VX9loSuMd95rxULpS3yIc+h8AAAAKlOn/h6L+X+nSHzb/d5MhD9+QrtQXvieg/gcAAIACZfp/ZNT/K8/Y9KWTfut4wObpSn2rcOh/AAAAKFCm/x+O+n+Vk+ZsOHDgvJW3T1fqLcKh/wEAAKBAmf4fFfV/s+5Tqxf2a7ngjnSl3jIc+h8AAAAKlOn/R6L+X/X1Fb/cqsOoR1dKV+pbh0P/AwAAQIEy/f9o1P+rDZ/d/9rrux3yRLpS3yYc+h8AAAAKlOn/0VH/r77cumdd9O3E2j3pSn3bcOh/AAAAKFCm/x+L+n+NapVDNt9ukS//h5X6duHQ/wAAAFCgTP8/HvX/ms/OePzTqX8OfCZdqbcKh/4HAACAAmX6f0zU/2tN2HHmxMatz185Xakv/ExA/Q8AAAAFyvT/E1H/r137o0GLMwasu0y6Um8dDv0PAAAABcr0/5NR/6/T5Pl1uzza/oWH05X6DuHQ/wAAAFCgTP8/FfX/ug9VE295ePL1a6cr9R3Dof8BAACgQJn+fzrq//Vm3Lf5wd0bnnZFulLfKRz6HwAAAAqU6f+xUf+vf1KnKfc2GbbzgHSlvnM49D8AAAAUKNP/z0T9v0H3I76f/0aXGdumK/VdwqH/AQAAoECZ/h8X9f+Gr9+5zOK/3b/H+HSlvms49D8AAAAUKNP/z0b9v9GpHb+8c5PO96yZrtR3C4f+BwAAgAJl+n981P8bv3N71XW/135bIl2p7x4O/Q8AAAAFyvT/c1H/b/LK0A23H9hopQfTlfoe4dD/AAAAUKBM/0+I+r/5pV1eeu36gcdukK7U24RD/wMAAECBMv3/fNT/m3Y968tLOnSYcGW6Ut8zHPofAAAACpTp/4lR/2/2wZNVv+0WfHtzulLfKxz6HwAAAAqU6f8Xov7ffNING07/ttWSW6Ur9b3Dof8BAACgQJn+nxT1/xYX7vfSRo0nXXB9ulLfJxz6HwAAAAqU6f8Xo/7fctwpY7ec2uC2jdOV+r7h0P8AAABQoEz/vxT1/1aLjjp60qMj39g5XanvFw79DwAAAAXK9P/LUf+3aDrgolvP6Lrp4HSlvn849D8AAAAUKNP/r0T93/KRdoM6d5970rLpSv2AcOh/AAAAKFCm/ydH/b/19Lnn3/3wVlc+lq7UDwyH/gcAAIACZfr/1aj/tzlh21vavXHX1PvTlfpB4dD/AAAAUKBM/78W9f+2PRqPqZocu1U9Xam3DYf+BwAAgAJl+v/1qP+3e+u1w3+t99ljrXSlfnA49D8AAAAUKNP/U6L+b9V1ifHdpre55/J0pX5IOPQ/AAAAFCjT/29E/b/9B28eN3jcnN9uSVfq7cKh/wEAAKBAmf5/M+r/1pN+6Tn55OYrbZeu1A8Nh/4HAACAAmX6/62o/3e4sMXgHS568thx6Ur9sHDofwAAAChQpv+nRv2/Y7OJc6544PwJq6Qr9fbh0P8AAABQoEz/T4v6f6eh9SXOevmjb5dOV+qHh0P/AwAAQIEy/f921P87j9lp4/WarbzkyHSl3iEc+h8AAAAKlOn/d6L+32XpP1//4O8vLlgxXakfEQ79DwAAAAXK9P+7Uf/v2v7b5y9fe53bxqQr9SPDof8BAACgQJn+fy/q/91+3Gyd7rvd8Ma96Ur9qHDofwAAAChQpv/fj/p/9z9XWmz9IQduumi6Uj86HPofAAAACpTp/w+i/t9jt2mz3r9s6kk3piv1juHQ/wAAAFCgTP9/GPV/m23OWXr5jk2u3CJdqR8TDv0PAAAABcr0/0dR/+/Z74nvZu44YWqrdKV+bDj0PwAAABQo0/8fR/2/1x393hgzs+dWt6cr9ePCof8BAACgQJn+nx71/95r77vF3k0abn1eulI/Phz6HwAAAAqU6f9Pov7f54rrX/z0jcnvvZuu1E8Ih/4HAACAAmX6/9Oo//fd/sANNn+4S+9J6Uq9Uzj0PwAAABQo0/+fRf2/32bn1y/qPuz4E9KV+onh0P8AAABQoEz/z4j6f/9bR8++9ozWG3+frtQ7h0P/AwAAQIEy/T8z6v8DPp519+uP/jm5bbpSPykc+h8AAAAKlOn/WVH/H3j8hnu0mtp+8BHpSr1LOPQ/AAAAFCjT/59H/X/Quat3OqPxgEv/SFfqJ4dD/wMAAECBMv3/RdT/bd+cftld33ZbZtd0pX5KOPQ/AAAAFCjT/19G/X9w4wV/Xb3dqB8+T1fqp4ZD/wMAAECBMv0/O+r/Q57cZY1zOyzyzK/pSv20cOh/AAAAKFCm/7+K+r/dPbVd1rp+4tEd0pX66eHQ/wAAAFCgTP9/HfX/oStP+vSdgR2Xm56u1M8Ih/4HAACAAmX6/5uo/w8744QWK+435OcL05V613DofwAAAChQpv//G/V/+/eHTZ29ScthZ6Yr9YVf0/8AAABQoEz/z4n6//AXhvw0+rd5e01JV+rdwqH/AQAAoECZ/v826v8OFxy9/O4zN97623SlflY49D8AAAAUKNP/30X9f8THt/3+4Y7fvLdvulLvHg79DwAAAAXK9P/3Uf8fefxxzZp33Kv3selK/exw6H8AAAAoUKb/f4j6/6hzT9qh12VXH/9XulI/Jxz6HwAAAAqU6f8fo/4/+s17P7phSLONz0pX6ueGQ/8DAABAgTL9Pzfq/44PH/zI1rtNn/x2ulLvEQ79DwAAAAXK9P9PUf8fs9LAA19Zu8fgl9KV+nnh0P8AAABQoEz/z4v6/9jFRp5x899jLj05XamfHw79DwAAAAXK9P/PUf8fN/a0vsc3a7vMp+lK/YJw6H8AAAAoUKb/f4n6//hnrv30kpf7/tArXalfGA79DwAAAAXK9P+vUf+fsEjbXfo9sNYzp6Qr9YvCof8BAACgQJn+/y3q/04r9Fhj+kWzjn4tXalfHA79DwAAAAXK9P/8qP9PHPX4XxudfMlye6Ur9UvCof8BAACgQJn+/z3q/84fN1n++3Hjf/4yXalfGg79DwAAAAXK9P+CqP9POv6Dn9aYvvywn9OVes9w6H8AAAAoUKb//4j6v8u530/dr/72XoekK/WFnwmg/wEAAKBAmf7/M+r/k99s3mLsyAF3zk5X6peFQ/8DAABAgTL9/1fU/6ec8d+P1j2rfa+905V673DofwAAAChQpv//jvr/1Pe32GHqsn82PzhdqV8eDv0PAAAABcr0/z9R/5/2QtNmV05p/dq8dKV+RTj0PwAAABQo0///Rv1/+gXv/H7+tGFX9ExX6leGQ/8DAABAgf7P/V8tEvX/Ga3eemv/pbp0+iRdqfcJh/4HAACAAmX6f9Go/7te3nCzp7tO3vb1dKV+VTj0PwAAABQo0/8Nov4/c2DLxt+NbvjBqelK/epw6H8AAAAoUKb/F4v6v9umv/6w5uHz7n8nXalfEw79DwAAAAXK9P/iUf+f9cMH/evXtWzTPV2pXxsO/Q8AAAAFyvR/Ler/7oc1OeuXOUOW7ZKu1K8Lh/4HAACAAmX6v4r6/+xdmx8ydNuOP72YrtSvD4f+BwAAgAJl+r8e9f85f3z/+KHNJz69T7pSvyEc+h8AAAAKlOn/JaL+P7dv244D5y9y5Jx0pX5jOPQ/AAAAFCjT/w2j/u+x9bXPnXTrqKX+TlfqfcOh/wEAAKBAmf5f8n/1/6KLrPX4XVvt3+2749KVer9w6H8AAAAoUKb/G0XP/8+/vcelLxwz5s4L0pX6TeHQ/wAAAFCgTP83jvr/glZPDTyid49eH6cr9f+EQ/8DAABAgTL9v1TU/xde3v3ch2ZNb/5GulLvHw79DwAAAAXK9P/SUf9fNHD/9v/u1Oy1bulK/eZw6H8AAAAoUKb/l4n6/+JNb3yq8VpXX/FFulIfEA79DwAAAAXK9P+yUf9f0rbnxDF/7dVpt3Slfks49D8AAAAUKNP/TaL+v/TXp9fde/A32x6ertQHhkP/AwAAQIEy/b9c1P89Z13eYPldN/7gl3Slfms49D8AAAAUKNP/y0f93+voNjNnDnv7/oPSlfqgcOh/AAAAKFCm/1eI+v+y0Y8dveHFy7f5Ll2p3xYO/Q8AAAAFyvR/06j//z/s3We0VfW18OENUdY+l4AlaoyYUOwliJKLXcEYY8RomliioKKgRrAiKjYUrNgS7BAxii3E3gVFkdiIClixIhZEscSCCJp3qBNcuOAujZis8X+f58uc57DP5OyMcS/+2LDp3/TgWx9tMWrxWcUr2fmx6H8AAACooJL+XybX/8e23ObcY+494p0di1eyC2LR/wAAAFBBJf3//Vz/Hzf8xMMPmjT5lseKV7Ihseh/AAAAqKCS/l821/8Dxq9+1k1NWu3Yt3glGxqL/gcAAIAKKun/H+T6f+Af3uj7sx6nNdu1eCX7cyz6HwAAACqopP+Xy/X/8Uc/3mWJ27Z94+7ilezCWPQ/AAAAVFBJ/7fI9f8JYxe/4cXO673WtnglGxaL/gcAAIAKKun/5XP9f2LPCd0OPWdmfVDxSnZRLPofAAAAKqik/3+Y6/+Tnl1q1Ckztt/5guKV7C+x6H8AAACooJL+/1Gu/0++v+2Q59c4e9T6xSvZxbHofwAAAKigkv5vmev/Uw6aetSaHZq+d2PxSnZJLPofAAAAKqik/1vl+n/QJrds0HvaA0t/v3glGx6L/gcAAIAKKun/1rn+P3XAUU8OPXmPTvO5kl0ai/4HAACACirp/za5/j/tjM1n3t9l+LC/FK9kl8Wi/wEAAKCCSvp/hVz/n776sS02uLbrhGWLV7LLY9H/AAAAUEEl/b9irv/PmDqsZ5teF7a/rXgluyIW/Q8AAAAVVNL/K+X6/8zf9Bg4vtnaPf9WvJJdGYv+BwAAgAoq6f+Vc/3/xy12vmTg+LePX6x4JftrLPofAAAAKqik/1fJ9f+fZp+/xSHjej18XPFKNiIW/Q8AAAAVVNL/q+b6f/CJ611x/eIj2rYuXsnm/J0A/Q8AAAAVVNL/q+X6/6x1Punccf/Gh3coXsmuikX/AwAAQAWV9P/quf4/e+V79llqxJgLBhevZFfHov8BAACggkr6f41c/58zpPGJr9627GvXF69k18Si/wEAAKCCSvp/zVz/n7vJ6O5H9niqvkTxSnZtLPofAAAAKqik/3+c6//zBjTpf1qTvjs3KV7JrotF/wMAAEAFlfR/21z/n3/GRsMmTbpp1CXFK9mcvxOg/wEAAKCCSvp/rVz/X7D6R5utdu8a761avJLdEIv+BwAAgAoq6f92uf4f8ouGn5zZYtrSJxevZDfGov8BAACggkr6f+1c/w999+HHd++3eaehxSvZTbHofwAAAKigkv5fJ9f/f371/RkdLhs4bNPilezmWPQ/AAAAVFBJ/7fP9f+Fu7RfemzHoyYMLF7JbolF/wMAAEAFlfT/T3L9P6zrI1s8NeTO9qsUr2S3xqL/AQAAoIJK+v9/c/1/0UvLXLL67CV6titeyW6LRf8DAABABZX0f4dc///l7TUHHtXqkeP/WLyS3R6L/gcAAIAKKun/dXP9f/FW03qeuvEvH/5R8Uo2Mhb9DwAAABVU0v/r5fr/kk22PHHLyYPajixeyUbFov8BAACggkr6f/1c/w8fcNo+t/dvc/hfi1eyO2LR/wAAAFBBJf2/Qa7/Lz3jhs5v7TLlgobilezOWPQ/AAAAVFBJ/2+Y6//LVj/wiuV7tMqOLV7JRsei/wEAAKCCSvp/o1z/X37iNZsdf9vkV1oVr2R3xaL/AQAAoIJK+n/jXP9fsc4hw/pM2va6dYtXsrtj0f8AAABQQSX9v0mu/69ceev+rZuc9tuzileyMbHofwAAAKigkv7fNNf/fx1ycvcJLb633A+KV7J7YtH/AAAAUEEl/d8x1/8jBg3ZbI97J8y6vXglGxuL/gcAAIAKKun/Trn+/1uHnYadc9kRV48oXsn+Hov+BwAAgAoq6f/Ncv1/VZtd+4/pN2qb5sUr2b2x6H8AAACooJL+/2mu/68+99Lu7YZssdENxSvZfbHofwAAAKigkv7fPNf/1+w0oOWqHU94dpnilez+WPQ/AAAAVFBJ//8s1//XvrDZx0+3Wu2kRsUr2QOx6H8AAACooJL+3yLX/9e9d+gzp8+eutfFxSvZg7HofwAAAKigkv7/ea7/r9/mjk2OmNyn9VrFK9m4WPQ/AAAAVFBJ/2+Z6/8bNlh+/K0b3zD61OKV7B+x6H8AAACooJL+/0Wu/288ZlL7rXZZbvD5xSvZQ7HofwAAAKigkv7fKtf/Nw1+Yckf9X+6z3rFK9nDseh/AAAAqKBi/9fy/d851/83t1357enn1LKWxSvZI7HofwAAAKigktf/t871/y2DXmrRt/Ndr4wqXsnGx6L/AQAAoIJK+v+Xuf6/tUObmQPW2O+6K4tXsgmx6H8AAACooJL+3ybX/7e1WfbJR2Zc9dt68Uo2MRb9DwAAABVU0v/b5vr/9nOf22CFae2XG1C8kj0ai/4HAACACirp/1/l+n/krB9vfUGHf85auXgleywW/Q8AAAAVVNL/v871/6hOr1+1V5edr167eCV7PBb9DwAAABVU0v+/yfX/HduNP32jk4du86fileyJWPQ/AAAAVFBJ//821/93vvX9Xg/36rHRasUr2ZOx6H8AAACooJL+/12u/0ffkPU4/9rLnj2leCV7Khb9DwAAABVU0v/b5fr/ruZ3Ddh7fMNJQ4pXskmx6H8AAACooJL+75Lr/7uXmzV842b37bVJ8Ur2dCz6HwAAACqopP+3z/X/mGEb//yhxbdrfV3xSvZMLPofAAAAKqik/3fI9f89j154edNxg0cvXrySPRuL/gcAAIAKKun/HXP9P7b3jlt9OGKDwVnxSvZcLPofAAAAKqik/3fK9f/fD+/+hxH7z+ozvHglez4W/Q8AAAAVVNL/v8/1/72jh5/Urf+g/X9RvJK9EIv+BwAAgAoq6f+dc/1/3+49dx+7yy/PfL14JZsci/4HAACACirp/11y/X//kxcd02HjKWNnF69kL8ai/wEAAKCCSvq/a67/Hxh3wUW7T26zYtfilWxKLPofAAAAKqik/7vl+v/BQ3b56Zmz7+w1oXgleykW/Q8AAAAVVNL/u+b6f9yGzbKJrY4atH/xSvZyLPofAAAAKqik/3fL9f8/+j/4cquOjzzZs3gleyUW/Q8AAAAVVNL/u+f6/6Gz3rnn4CFLrD+2eCV7NRb9DwAAABVU0v/dc/3/8FrrrnxCv2mdjy5eyabGov8BAACggkr6f49c/z8yfemdLrxsjSufLV7JXotF/wMAAEAFlfT/nrn+H7/9xFv2vXfgJw8Ur2TTYllg/zdeeN8yAAAA8DWV9H+PXP9P+Olr563XYvOWexWvZK/H4vV/AAAAqKCS/u+Z6/+JM9fq92CTp7q8VLySvRGL/gcAAIAKKun/vXL9/+ippw5uPmnZm7coXsmmx6L/AQAAoIJK+n/vXP8/tm7nQz6+7aYpvy5eyd6MRf8DAABABZX0/z65/n98hQO2v6JH38bvFq9kb8Wi/wEAAKCCSvr/D7n+f+K8m2/caf8R+z9avJK9HcvX7P/u/863DAAAAHxNJf2/b67/n9ywT9fRI3qdeUjxSvZOLF7/BwAAgAoq6f9euf5/qv/1I9uPGzN2t+KV7J+x6H8AAACooJL+753r/0lnnTS05+KNVxxTvJLNeU8A/Q8AAAAVVNL/++X6/+m1tj16cLMLe21bvJK9F4v+BwAAgAoq6f/9c/3/zNYjG9Yc33XQ9OKV7P1Y9D8AAABUUEn/H5Dr/2c/OPz15699+8mPileyD2LR/wAAAFBBJf1/YK7/n3ux4wOn9Fp7/R2KV7IZseh/AAAAqKCS/j8o1//P73D8qoee/EDnF4tXsg9j0f8AAABQQSX9f3Cu/1/4/Z799ujS9MqOxSvZzFj0PwAAAFRQSf/3yfX/5MkXn3dOh+GfbF+8ks15TwD9DwAAABVU0v+H5Pr/xffPu2XMtD1avl+8ks2KRf8DAABABZX0f99c/0/ZtttO7WbM7HJY8Uo2Oxb9DwAAABVU0v+H5vr/pQ0/vvH9Nda7+enilezjWPQ/AAAAVFBJ/x+W6/+X+2+4fZPOZ08ZV7ySfRKL/gcAAIAKKun/w3P9/8pZjQ75zTnbN+5dvJL9Kxb9DwAAABVU0v/9cv3/6lr3Dr7o5Ub9dixemfvl+h8AAAAqqKT/j8j1/9RTFz16w/VHnz+reKUej9H/AAAAUEUl/X9krv9fW3fM0Pt27P3QG8Ur9cax6H8AAACooJL+PyrX/9NWmDlyyMCr19qmeKX+nVj0PwAAAFRQSf8fnev/18/btOt+567T4+7ilfoiseh/AAAAqKCS/j8m1/9vtB9+w9qbv3vCrsUr9UVj0f8AAABQQSX93z/X/9NP6t7l7hV3mdi3eKXeJBb9DwAAABVU0v/H5vr/zaE79j37wyHrPFa8Us9i0f8AAABQQSX9f1yu/99a5cKz9mzZs+N+xSv1OV+v/wEAAKCCSvp/QK7/33551GtHjrn0on8Ur9QbYtH/AAAAUEEl/T8w1//vdOvX9LSL6+9PKl6p/08s+h8AAAAqqKT/j8/1/z87d1p90tH3L3Vo8Uq9aSz6HwAAACqopP9PyPX/u++ccN9qu/9ul/eKV+rfjUX/AwAAQAWV9P+Juf5/b+BKq7xxx1kjuxSv1JvFov8BAACggkr6/6Rc/7+/6ZSxLZ/bcGqn4pV681j0PwAAAFRQSf+fnOv/D9Z46qXOjT9qmFK8Ul8sFv0PAAAAFVTS/6fk+n/GmS2b3LJU6373FK/UF49F/wMAAEAFlfT/oFz/f9j+2elt7nvh/B7FK/UlYtH/AAAAUEEl/X9qrv9nntRisfGXb/PQAcUr9SVj0f8AAABQQSX9f1qu/z8a2rrtwINPX2ti8Up9TvfrfwAAAKigkv4/Pdf/s1Z5ddwhey/Zo1vxSn2pWPQ/AAAAVFBJ/5+R6//Zmy9120M3Tjzh4+KV+tKx6H8AAACooJL+PzPX/x9/MmGHjR87cuK04pX6MrHofwAAAKigkv7/Y67/P5k29bC9G0aus2XxSv37seh/AAAAqKCS/v9Trv//9au2F5z/5s87/rN4pb5sLPofAAAAKij6f5HcZ87I/XDjz0f9B7Vap+m5z8fjF5vT/Z/9HkH3I955b37zC5/eyc/PfopGtdoi13zp26p/s2e1QHOfT/NHX9ys1q7WKP/MP9V2AY8/u77M8rV2tcaFx8/7Bd+Jxy/XdfYPj6u1qzX58uP32bv3HnseOvfD+NF6iy17v7lOrV2t/uXH77/ngd1677fHnvFh/O/S0HrzvZZ4rdautsiX/5fau3efXrkPG2K0We6tFU/77Pv50uMPOni3g3scNPfD/4nHr3DtYUP7zO/xB877/TeNx6+47/KLTW92X23RLz/+gD77HbxbDQAAgP+2kv6f27O1WqfRuc9HF3/t/l9u3llbUP9/55s9qwWa+3y+pf6PPytR+97svj97vfkttfqXe3if/foc2Hu3fdsthOcCAAAAX1lJ/899fXoh9X+LeWdtQf2/6Dd7Vgs09/l8S/0f33d9+ckfn/BIbb1a0/m9Pt/twN1699xznt8CaBJf98OmI18+rLZerfn8X6fv1n2veb80i6/70ZEf/PrC5lvWms339ffClwEAAPD/m5L+n9uztVr/Y/JfFnPx/Mdfof+Xn3fWov8BAACAb1NJ/899XXoB/f91X///4byzpv8BAADgP6Ck/+f++fL59v/icz/8iv3f0OqLe3M0nvfmt6reOmabmCvEXDHmSjFXjrlKzFVjrhZz9ZhrxFwz5o9jxt8KqK8VM/7ofX3tmOvEbB/zJzH/N2aHmOvGXC/m+jE3iLlhzI1ibhxzk5ibxuwYs1PMzWL+NObmMX8Wc4uYP48Z/+Zj/Rcxt4rZOebWMX8Zc5uY28b8Vcxfx/xNzN/G/F3M7WJ2ibl9zB1i7hhzp5i/j7lzzF1ido3ZLeauMeOtCOu7x+wec4+Y8T6L9R4xe8bcK+beMfeJ+YeY+8aM916s9465X8z9Yx4Q88CY8c6L9YNj9ol5SMy+MeMdF+uHxTw8Zr+YR8Q8MuZRMY+OGf+3W+8f89iYx8UcEHNgzONjnhDzxJgnxTw55ikxB8U8NeZpMU+PGf8/pX5mzD/G/FPMwTHPinl2zHNinhvzvJjnx7wg5pCYQ2P+OeaFMYfFvCjmX2JeHPOSmMNjXhrzspiXx7wi5pUx/xpzRMy/xbwq5tUx4+831a+NeV3M62PeEPPGmDfFvDnmLTFvjXlbzNtjjow5KuYdMe+MGX93q35XzLtjjol5T8yxMf8e896Y98W8P+YDMR+MOS7mP2I+FPPhmI/EHB9zQsyJMR+N+VjMx2M+EfPJmE/FnBTz6ZjPxHw25nMxn4/5QszJMV+MOSXmSzFfjvlKzFdjTo35WsxpMV+P+UbMeI/c+psx34r5dsx3Ysa/oVN/N2b8Oll/P+YHMWfE/DDmzJgfxZwVc3bMj2N+EvNfn894G9haQ/wa2xC/6DbE++E0xK//DfHn/Rri9/0b4tf/hjnvOzvn/WTnvE/snPd//W7MZjGbx1wsZvyXQsMSMZeMGf9eUMNSMZeOuUzM+HeFG+J1hoZ43+CGeP+ghvh7hA3x5wkb4nWFhvjvi4aWMXP/phEAAAAAAKQvXv9vnPvUfV+sTZ6Y/3vx1VvXatkztVqjGaOGXrfFN/n5t/uG/vVt/UsBAAAAkJDo/+ZffGbRQ/+b3w8AAACw8Ol/AAAASJ/+BwAAgPTpfwAAAEif/gcAAID06X8AAABIn/4HAACA9Ol/AAAASJ/+BwAAgPTpfwAAAEif/gcAAID06X8AAABIn/4HAACA9Ol/AAAASJ/+BwAAgPTpfwAAAEif/gcAAID06X8AAABIn/4HAACA9Ol/AAAASJ/+BwAAgPTpfwAAAEif/gcAAID06X8AAABIn/4HAACA9Ol/AAAASJ/+BwAAgPTpfwAAAEif/gcAAID06X8AAABIn/4HAACA9Ol/AAAASJ/+BwAAgPTpfwAAAEif/gcAAID06X8AAABIn/4HAACA9Ol/AAAASJ/+BwAAgPTpfwAAAEif/gcAAID06X8AAABIn/4HAACA9Ol/AAAASJ/+BwAAgPTpfwAAAEif/gcAAID06X8AAABIn/4HAACA9Ol/AAAASJ/+BwAAgPTpfwAAAEif/gcAAID06X8AAABIn/4HAACA9Ol/AAAASJ/+BwAAgPTpfwAAAEif/gcAAID06X8AAABIn/4HAACA9Ol/AAAASJ/+BwAAgPTpfwAAAEif/gcAAID06X8AAABIn/4HAACA9Ol/AAAASJ/+BwAAgPTpfwAAAEif/gcAAID06X8AAABIn/4HAACA9Ol/AAAASJ/+BwAAgPTpfwAAAEif/gcAAID06X8AAABIn/4HAACA9Ol/AAAASJ/+BwAAgPTpfwAAAEif/gcAAID06X8AAABIn/4HAACA9Ol/AAAASJ/+BwAAgPTpfwAAAEif/gcAAID06X8AAABIn/4HAACA9Ol/AAAASJ/+BwAAgPTpfwAAAEif/gcAAID06X8AAABIn/4HAACA9Ol/AAAASJ/+BwAAgPTpfwAAAEif/gcAAID06X8AAABIn/4HAACA9Ol/AAAASJ/+BwAAgPTpfwAAAEif/gcAAID06X8AAABIn/4HAACA9Ol/AAAASJ/+BwAAgPTpfwAAAEif/gcAAID06X8AAABIn/4HAACA9Ol/AAAASJ/+BwAAgPSV9n/T//z3BAAAACxcXv8HAACA9JX1/w6L/Re+KQAAAGCh8vo/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED69D8AAACkT/8DAABA+vQ/AAAApE//AwAAQPr0PwAAAKRP/wMAAED6ov8XyX3mjNwP1z8fDa1rtf7H5L9s3h///OPuR7zz3vzmFz69k5+fajznVq3J8wvjGf2fmn3rPwMAAABUUEn/N8Ros4D+Xzb/8Vfo/zbzzto8/f/tW2zq57PJE/GJ7/7nfm4AAAD47ynp///5fDSssID+H53/+Cv0/wrzzlr0/yJbL7Qn9H9bMve9f+p7tVr9u7Va4+8snPP1VvPer7eu1bJnarVGMxbOfQAAAPj3lPR/089Hw4oL6P9r8h9/hf5fcd5Zi/5f9JkFfX89/p0n9dU12nGR+u+6Hl2r7bp9y8/m1Jezz+Zcx25465WNbpz7+xNzHvfC0i3nfdx/5i4AAAD8W0r6P/58fMNKtVqn6bnPN/58LPZ1//z/SvPOOV+7yDVf+rYaf6MntWBzn0/zR1/crNau1ij/zD/VdgGPP7u+zPLNp9YaFx7f9lv6TgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P+xAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04IAEAAAAQ9P91OwIFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLkCAAD//44y5IU=") open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0) r1 = open(&(0x7f0000007f80)='./bus\x00', 0x145542, 0x89) ftruncate(r1, 0x2007ffb) r2 = open(&(0x7f0000002000)='./bus\x00', 0x14f942, 0x0) r3 = open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x1000000201004) r4 = open(&(0x7f0000007f80)='./bus\x00', 0x145142, 0x0) ftruncate(r4, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r6, 0x0, r7, 0x0, 0xf3a, 0x0) splice(r5, 0x0, r7, 0x0, 0x82, 0x0) ioctl$RTC_IRQP_READ(r5, 0x8008700b, &(0x7f0000000000)) [ 3104.614066][T29067] usb 3-1: Manufacturer: syz [ 3104.619956][T30417] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3104.635262][T30417] CPU: 1 PID: 30417 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3104.645165][T30427] syz-executor.3[30427]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 3104.645364][T30417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3104.665030][T30417] Call Trace: [ 3104.668323][T30417] [ 3104.671259][T30417] dump_stack_lvl+0x125/0x1b0 [ 3104.676019][T30417] sysfs_warn_dup+0x7f/0xa0 [ 3104.680636][T30417] sysfs_do_create_link_sd+0x11e/0x140 [ 3104.686149][T30417] sysfs_create_link+0x61/0xc0 [ 3104.690935][T30417] device_add+0x669/0x1ac0 [ 3104.695372][T30417] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3104.702252][T30417] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3104.708165][T30417] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3104.714199][T30417] wiphy_register+0x2095/0x2ce0 [ 3104.719152][T30417] ? wiphy_unregister+0xb70/0xb70 [ 3104.724187][T30417] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3104.730297][T30417] ieee80211_register_hw+0x24d1/0x4250 [ 3104.735784][T30417] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3104.741385][T30417] ? rcu_is_watching+0x12/0xb0 [ 3104.746162][T30417] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3104.752187][T30417] ? __hrtimer_init+0x103/0x2c0 [ 3104.758009][T30417] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3104.763750][T30417] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3104.769482][T30417] ? rcu_is_watching+0x12/0xb0 [ 3104.774258][T30417] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3104.780175][T30417] hwsim_new_radio_nl+0xaf8/0x1240 [ 3104.785655][T30417] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3104.791572][T30417] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3104.798974][T30417] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3104.806376][T30417] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3104.811956][T30417] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3104.819356][T30417] ? ns_capable+0xd5/0x110 [ 3104.823786][T30417] genl_rcv_msg+0x55c/0x800 [ 3104.828306][T30417] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3104.834210][T30417] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3104.840112][T30417] netlink_rcv_skb+0x16b/0x440 [ 3104.844895][T30417] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3104.850800][T30417] ? netlink_ack+0x1370/0x1370 [ 3104.855608][T30417] ? rcu_is_watching+0x12/0xb0 [ 3104.860381][T30417] ? down_write+0x200/0x200 [ 3104.864886][T30417] ? netlink_deliver_tap+0x1b1/0xd10 [ 3104.870182][T30417] genl_rcv+0x28/0x40 [ 3104.874176][T30417] netlink_unicast+0x536/0x810 [ 3104.878950][T30417] ? netlink_attachskb+0x870/0x870 [ 3104.884069][T30417] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3104.889984][T30417] ? __phys_addr_symbol+0x30/0x70 [ 3104.895063][T30417] ? __check_object_size+0x323/0x730 [ 3104.900375][T30417] netlink_sendmsg+0x93c/0xe40 [ 3104.905172][T30417] ? netlink_unicast+0x810/0x810 [ 3104.910144][T30417] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3104.915476][T30417] ? netlink_unicast+0x810/0x810 [ 3104.920464][T30417] sock_sendmsg+0xd9/0x180 [ 3104.925874][T30417] ____sys_sendmsg+0x6ac/0x940 [ 3104.930665][T30417] ? copy_msghdr_from_user+0x10b/0x160 [ 3104.936151][T30417] ? kernel_sendmsg+0x50/0x50 [ 3104.941037][T30417] ? plist_check_list+0x1ae/0x280 [ 3104.946093][T30417] ? schedule+0xf1/0x1b0 [ 3104.950456][T30417] ___sys_sendmsg+0x135/0x1d0 [ 3104.955165][T30417] ? do_recvmmsg+0x740/0x740 [ 3104.959763][T30417] ? rcu_is_watching+0x12/0xb0 [ 3104.964544][T30417] ? rcu_is_watching+0x12/0xb0 [ 3104.969329][T30417] ? __fget_light+0xe6/0x260 [ 3104.973937][T30417] __sys_sendmsg+0x117/0x1e0 [ 3104.976129][T30427] loop3: detected capacity change from 0 to 32768 [ 3104.978531][T30417] ? __sys_sendmsg_sock+0x30/0x30 [ 3104.978560][T30417] ? xfd_validate_state+0x5d/0x180 [ 3104.978593][T30417] ? rcu_is_watching+0x12/0xb0 [ 3104.978610][T30417] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3104.978633][T30417] do_syscall_64+0x38/0xb0 [ 3104.978658][T30417] entry_SYSCALL_64_after_hwframe+0x63/0xcd 20:14:52 executing program 5: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="14010000290001000008268f0000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3104.978684][T30417] RIP: 0033:0x7fc66767cae9 [ 3104.978699][T30417] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3104.978716][T30417] RSP: 002b:00007fc6683500c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3104.978734][T30417] RAX: ffffffffffffffda RBX: 00007fc66779bf80 RCX: 00007fc66767cae9 [ 3104.978745][T30417] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3104.978756][T30417] RBP: 00007fc6676c847a R08: 0000000000000000 R09: 0000000000000000 [ 3104.978767][T30417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3104.978778][T30417] R13: 000000000000000b R14: 00007fc66779bf80 R15: 00007ffe8a13a868 [ 3104.978794][T30417] [ 3104.980404][T29067] usb 3-1: SerialNumber: syz [ 3105.056961][T30421] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3105.060789][T29067] usb 3-1: config 0 descriptor?? [ 3105.119888][T30421] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3105.120509][T30427] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 3105.129983][T30421] CPU: 1 PID: 30421 Comm: syz-executor.0 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3105.142098][T30427] gfs2: fsid=syz:syz: Now mounting FS (format 1802)... [ 3105.146276][T30421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3105.146288][T30421] Call Trace: [ 3105.146295][T30421] [ 3105.146302][T30421] dump_stack_lvl+0x125/0x1b0 [ 3105.160390][T30427] gfs2: fsid=syz:syz.0: journal 0 mapped with 14 extents in 0ms [ 3105.163315][T30421] sysfs_warn_dup+0x7f/0xa0 [ 3105.163343][T30421] sysfs_do_create_link_sd+0x11e/0x140 [ 3105.168156][ T2161] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 3105.169547][T30421] sysfs_create_link+0x61/0xc0 [ 3105.169575][T30421] device_add+0x669/0x1ac0 [ 3105.174317][ T2161] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 3105.181945][T30421] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3105.181980][T30421] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3105.182014][T30421] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3105.182044][T30421] wiphy_register+0x2095/0x2ce0 [ 3105.182071][T30421] ? wiphy_unregister+0xb70/0xb70 [ 3105.182097][T30421] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3105.182120][T30421] ieee80211_register_hw+0x24d1/0x4250 [ 3105.182157][T30421] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3105.182186][T30421] ? rcu_is_watching+0x12/0xb0 [ 3105.182210][T30421] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3105.182235][T30421] ? __hrtimer_init+0x103/0x2c0 [ 3105.182267][T30421] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3105.182305][T30421] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3105.182329][T30421] ? rcu_is_watching+0x12/0xb0 [ 3105.182352][T30421] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3105.182378][T30421] hwsim_new_radio_nl+0xaf8/0x1240 [ 3105.182407][T30421] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3105.182440][T30421] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3105.182481][T30421] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3105.182523][T30421] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3105.182561][T30421] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3105.182608][T30421] ? ns_capable+0xd5/0x110 [ 3105.182645][T30421] genl_rcv_msg+0x55c/0x800 [ 3105.182681][T30421] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3105.182717][T30421] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3105.182750][T30421] netlink_rcv_skb+0x16b/0x440 [ 3105.182782][T30421] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3105.182820][T30421] ? netlink_ack+0x1370/0x1370 [ 3105.230778][ T2161] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 56ms [ 3105.235040][T30421] ? rcu_is_watching+0x12/0xb0 [ 3105.235075][T30421] ? down_write+0x200/0x200 [ 3105.241826][ T2161] gfs2: fsid=syz:syz.0: jid=0: Done [ 3105.244906][T30421] ? netlink_deliver_tap+0x1b1/0xd10 [ 3105.244941][T30421] genl_rcv+0x28/0x40 [ 3105.252735][T30427] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 3105.256409][T30421] netlink_unicast+0x536/0x810 [ 3105.256446][T30421] ? netlink_attachskb+0x870/0x870 [ 3105.422866][T30421] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3105.428807][T30421] ? __phys_addr_symbol+0x30/0x70 [ 3105.433871][T30421] ? __check_object_size+0x323/0x730 [ 3105.439195][T30421] netlink_sendmsg+0x93c/0xe40 [ 3105.443994][T30421] ? netlink_unicast+0x810/0x810 [ 3105.448954][T30421] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 3105.454261][T30421] ? netlink_unicast+0x810/0x810 [ 3105.459226][T30421] sock_sendmsg+0xd9/0x180 [ 3105.463665][T30421] ____sys_sendmsg+0x6ac/0x940 [ 3105.468459][T30421] ? copy_msghdr_from_user+0x10b/0x160 [ 3105.473946][T30421] ? kernel_sendmsg+0x50/0x50 [ 3105.478665][T30421] ? plist_check_list+0x1ae/0x280 [ 3105.483707][T30421] ? schedule+0xf1/0x1b0 [ 3105.487959][T30421] ___sys_sendmsg+0x135/0x1d0 [ 3105.492673][T30421] ? do_recvmmsg+0x740/0x740 [ 3105.497367][T30421] ? rcu_is_watching+0x12/0xb0 [ 3105.502324][T30421] ? rcu_is_watching+0x12/0xb0 [ 3105.507133][T30421] ? __fget_light+0xe6/0x260 [ 3105.511763][T30421] __sys_sendmsg+0x117/0x1e0 [ 3105.516391][T30421] ? __sys_sendmsg_sock+0x30/0x30 [ 3105.521462][T30421] ? xfd_validate_state+0x5d/0x180 [ 3105.526604][T30421] ? rcu_is_watching+0x12/0xb0 [ 3105.531390][T30421] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3105.537508][T30421] do_syscall_64+0x38/0xb0 [ 3105.541975][T30421] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 3105.547917][T30421] RIP: 0033:0x7f1773a7cae9 [ 3105.552374][T30421] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 3105.572630][T30421] RSP: 002b:00007f177476b0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3105.581077][T30421] RAX: ffffffffffffffda RBX: 00007f1773b9bf80 RCX: 00007f1773a7cae9 [ 3105.589065][T30421] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000004 [ 3105.597231][T30421] RBP: 00007f1773ac847a R08: 0000000000000000 R09: 0000000000000000 [ 3105.605221][T30421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3105.613233][T30421] R13: 000000000000000b R14: 00007f1773b9bf80 R15: 00007ffc226675b8 20:14:53 executing program 0: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000980)=ANY=[@ANYBLOB="1401000029000100000826910000000004010080810011008acbfcdf2f"], 0x114}], 0x1}, 0x0) [ 3105.621410][T30421] [ 3105.624816][ T28] audit: type=1804 audit(1693858492.740:2753): pid=30427 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1705791300/syzkaller.OOj2L4/3934/bus/bus" dev="loop3" ino=2342 res=1 errno=0 [ 3105.661969][T30423] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3105.677110][ T28] audit: type=1804 audit(1693858493.010:2754): pid=30433 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir1705791300/syzkaller.OOj2L4/3934/bus/bus" dev="loop3" ino=2342 res=1 errno=0 20:14:53 executing program 2: r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000060f94d100d05020027230102030109024840020000000009047d00031d5abf0009050400005539000009050b00000000000009050200000005000009047d01013481af0009a00e0023000069"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) [ 3105.719584][T30423] sysfs: cannot create duplicate filename '/class/ieee80211/ŠËüß!' [ 3105.732240][T30423] CPU: 1 PID: 30423 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-11329-g708283abf896 #0 [ 3105.742335][T30423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 3105.744719][ T2161] usb 3-1: USB disconnect, device number 39 [ 3105.752383][T30423] Call Trace: [ 3105.752392][T30423] [ 3105.752399][T30423] dump_stack_lvl+0x125/0x1b0 [ 3105.752432][T30423] sysfs_warn_dup+0x7f/0xa0 [ 3105.773676][T30423] sysfs_do_create_link_sd+0x11e/0x140 [ 3105.779157][T30423] sysfs_create_link+0x61/0xc0 [ 3105.783979][T30423] device_add+0x669/0x1ac0 [ 3105.788430][T30423] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270 [ 3105.795302][T30423] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3105.801279][T30423] ? ieee80211_set_bitrate_flags+0x247/0x6a0 [ 3105.807309][T30423] wiphy_register+0x2095/0x2ce0 [ 3105.812172][T30423] ? wiphy_unregister+0xb70/0xb70 [ 3105.817205][T30423] ? ieee80211_init_rate_ctrl_alg+0x125/0x6a0 [ 3105.823276][T30423] ieee80211_register_hw+0x24d1/0x4250 [ 3105.828749][T30423] ? ieee80211_ifa6_changed+0x3f0/0x3f0 [ 3105.834313][T30423] ? rcu_is_watching+0x12/0xb0 [ 3105.839083][T30423] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 3105.845080][T30423] ? __hrtimer_init+0x103/0x2c0 [ 3105.849950][T30423] mac80211_hwsim_new_radio+0x2893/0x50f0 [ 3105.855688][T30423] ? mac80211_hwsim_sta_state+0x2f0/0x2f0 [ 3105.861413][T30423] ? rcu_is_watching+0x12/0xb0 [ 3105.866207][T30423] ? __kmalloc_node_track_caller+0xe8/0x100 [ 3105.872106][T30423] hwsim_new_radio_nl+0xaf8/0x1240 [ 3105.877228][T30423] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3105.883126][T30423] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x280 [ 3105.890517][T30423] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x280 [ 3105.897906][T30423] genl_family_rcv_msg_doit+0x1fc/0x2e0 [ 3105.903479][T30423] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3105.910868][T30423] ? ns_capable+0xd5/0x110 [ 3105.915293][T30423] genl_rcv_msg+0x55c/0x800 [ 3105.919815][T30423] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3105.925721][T30423] ? mac80211_hwsim_new_radio+0x50f0/0x50f0 [ 3105.931633][T30423] netlink_rcv_skb+0x16b/0x440 [ 3105.936408][T30423] ? genl_family_rcv_msg_dumpit+0x2d0/0x2d0 [ 3105.942318][T30423] ? netlink_ack+0x1370/0x1370 [ 3105.947093][T30423] ? rcu_is_watching+0x12/0xb0 [ 3105.951867][T30423] ? down_write+0x200/0x200 [ 3105.956376][T30423] ? netlink_deliver_tap+0x1b1/0xd10 [ 3105.961668][T30423] genl_rcv+0x28/0x40 [ 3105.965749][T30423] netlink_unicast+0x536/0x810 [ 3105.970532][T30423] ? netlink_attachskb+0x870/0x870 [ 3105.971248][T30427] syz-executor.3: attempt to access beyond end of device [ 3105.971248][T30427] loop3: rw=1, sector=3280942697285464, nr_sectors = 8 limit=32768 [ 3105.975640][T30423] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 3105.975673][T30423] ? __phys_addr_symbol+0x30/0x70 [ 3105.992592][T30427] gfs2: fsid=syz:syz.0: Error 10 writing to journal, jid=0 [ 3105.996272][T30423] ? __check_object_size+0x323/0x730 [ 3105.996302][T30423] netlink_sendmsg+0x93c/0xe40 [ 3106.009331][T30427] gfs2: fsid=syz:syz.0: fatal: I/O error(s) [ 3106.014345][T30423] ? netlink_unicast+0x810/0x810 [ 3106.019140][T30427] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 3106.024982][T30423] ? bpf_lsm_socket_sendmsg+0x9/0x10