last executing test programs: 10.087016498s ago: executing program 3 (id=6840): perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f00000000c0)='cgroup.threads\x00', 0x2, 0x0) mkdir(&(0x7f0000000000)='./cgroup/../file0/file0\x00', 0x0) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r4, &(0x7f0000000040), 0x12) write$cgroup_pid(r2, &(0x7f0000000080), 0x12) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f00000002c0), 0x0}, 0x20) r5 = socket$kcm(0x10, 0x7, 0x0) sendmsg$kcm(r5, 0x0, 0x0) r6 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r6, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$kcm(0x2c, 0x3, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x2}) ioctl$TUNSETLINK(r7, 0x400454cd, 0x118) close(r7) 9.680256614s ago: executing program 3 (id=6846): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000b40)) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = perf_event_open(&(0x7f00000014c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3ff, 0x1fb, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0x11, 0x3, 0x0) sendmsg(r1, &(0x7f0000000440)={&(0x7f0000000800)=@caif=@dgm={0x25, 0x9, 0xff}, 0x80, 0x0, 0x0, &(0x7f0000002e80)=[{0x10, 0x1, 0x40000}], 0x10}, 0x4080) perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0xb) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000600)=ANY=[@ANYBLOB="b7050000000000006110180000000000dc05000010000000950000000000000038c983c57b6575a22665b44fc16dafa87c17fa24f0d20445f79b7036589fdb9d9b8b613e5170804bb3373e2a365493cc5988fd4b5bf4ecacbfaaf32e2822a337581ac8337d0d8be4c95fb358dc40adb6bbcc60947d19c7e3656beed7ff3e116d6e81fc02b8c7c9"], &(0x7f00000002c0)='syzkaller\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/195, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000580)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)) perf_event_open$cgroup(&(0x7f0000000500)={0x2, 0x80, 0x9, 0x4, 0x80, 0x66, 0x0, 0x4, 0x4000, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x9, 0x4, @perf_config_ext={0x8001, 0x5}, 0x80, 0xfffffffffffffff4, 0x9637, 0x5, 0x7, 0x7ff, 0x3, 0x0, 0x4, 0x0, 0x4}, r2, 0x5, r0, 0x7) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x1400000000000000) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"}) ioctl$SIOCSIFHWADDR(r3, 0x8b1b, &(0x7f0000000000)={'wlan1\x00', @random='\x00\x00\\ \x00'}) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$ENABLE_STATS(0x20, &(0x7f00000001c0), 0x4) r5 = socket$kcm(0x2, 0x1, 0x84) sendmsg$sock(r5, &(0x7f0000000300)={&(0x7f0000000000)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000340)='3', 0x1}], 0x1}, 0x0) setsockopt$sock_attach_bpf(r5, 0x84, 0x24, 0x0, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4, 0x0, @void, @value, @void, @value}, 0x48) close(r6) gettid() r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x6, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r7, &(0x7f00000000c0), &(0x7f0000000000)=""/8, 0x2}, 0x20) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) 8.807213195s ago: executing program 3 (id=6853): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000140)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x7, "dc"}], 0x18}, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000040)}], 0x1, 0x0, 0x0, 0xc9e}, 0x0) r1 = socket$kcm(0x2, 0xa, 0x2) socket$kcm(0x10, 0x2, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) close(r2) setsockopt$sock_attach_bpf(r3, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) bpf$MAP_CREATE(0x0, 0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0xee, 0x1, 0x0, 0x0, 0x0, 0x40000000000006, 0x822c, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={0x0, 0x4}, 0x4, 0x0, 0x200007f7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x80002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0xe) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000b80)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf6700000000000026060800b3ff00004507000002000000240600000ee60000bf050000000000000f630000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070400000400f9ff2d350100000000009500000000000000050000000000000095000000000000001f1bd182bd43cb58074e0816289328452c0880fe4b3af9c97925711095cc7d3ebcd8418ffdc4a1da470a14e4391c3fb6915cbff2a4911fe82664d775cdb9dfc83fa32db39b636c1866b526185f4ab35172a74e9afe751664f575306ebb2c2890a4fa79303101a652776cc2fb4f01e79cd10215d917a116350d60f27fdc244bdab56ee3ad8f"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0000000000000000030000000900000000000000", @ANYRES32, @ANYBLOB="000000000000fdffffffac00004332000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\b\x00'/28], 0x48) socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000000)={0x0, 0x0}) close(r4) setsockopt$sock_attach_bpf(r5, 0x10f, 0x87, &(0x7f0000000180), 0x127) r6 = socket$kcm(0x1e, 0x4, 0x0) setsockopt$sock_attach_bpf(r6, 0x10f, 0x87, &(0x7f00000008c0), 0x43) sendmsg$kcm(r6, 0x0, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'ipvlan0\x00', @link_local={0x1, 0x80, 0xc2, 0x25}}) recvmsg$kcm(r6, 0x0, 0x40012001) 8.560463973s ago: executing program 3 (id=6858): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000140)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x7, "dc"}], 0x18}, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000040)}], 0x1, 0x0, 0x0, 0xc9e}, 0x0) r1 = socket$kcm(0x2, 0xa, 0x2) socket$kcm(0x10, 0x2, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) close(r2) setsockopt$sock_attach_bpf(r3, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) bpf$MAP_CREATE(0x0, 0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0xee, 0x1, 0x0, 0x0, 0x0, 0x40000000000006, 0x822c, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={0x0, 0x4}, 0x4, 0x0, 0x200007f7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x80002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0xe) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000b80)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf6700000000000026060800b3ff00004507000002000000240600000ee60000bf050000000000000f630000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070400000400f9ff2d350100000000009500000000000000050000000000000095000000000000001f1bd182bd43cb58074e0816289328452c0880fe4b3af9c97925711095cc7d3ebcd8418ffdc4a1da470a14e4391c3fb6915cbff2a4911fe82664d775cdb9dfc83fa32db39b636c1866b526185f4ab35172a74e9afe751664f575306ebb2c2890a4fa79303101a652776cc2fb4f01e79cd10215d917a116350d60f27fdc244bdab56ee3ad8f"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="000000000000000003000000090000000000", @ANYRES32, @ANYBLOB="000000000000fdffffffac00004332000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\b\x00'/28], 0x48) socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000000)={0x0, 0x0}) close(r4) setsockopt$sock_attach_bpf(r5, 0x10f, 0x87, &(0x7f0000000180), 0x127) r6 = socket$kcm(0x1e, 0x4, 0x0) setsockopt$sock_attach_bpf(r6, 0x10f, 0x87, &(0x7f00000008c0), 0x43) sendmsg$kcm(r6, &(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'ipvlan0\x00', @link_local={0x1, 0x80, 0xc2, 0x25}}) recvmsg$kcm(r6, 0x0, 0x40012001) 8.389431523s ago: executing program 3 (id=6860): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000b40)) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = perf_event_open(&(0x7f00000014c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3ff, 0x1fb, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0x11, 0x3, 0x0) sendmsg(r1, &(0x7f0000000440)={&(0x7f0000000800)=@caif=@dgm={0x25, 0x9, 0xff}, 0x80, 0x0, 0x0, &(0x7f0000002e80)=[{0x10, 0x1, 0x40000}], 0x10}, 0x4080) perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0xb) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000600)=ANY=[@ANYBLOB="b7050000000000006110180000000000dc05000010000000950000000000000038c983c57b6575a22665b44fc16dafa87c17fa24f0d20445f79b7036589fdb9d9b8b613e5170804bb3373e2a365493cc5988fd4b5bf4ecacbfaaf32e2822a337581ac8337d0d8be4c95fb358dc40adb6bbcc60947d19c7e3656beed7ff3e116d6e81fc02b8c7c9"], &(0x7f00000002c0)='syzkaller\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/195, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000580)) close(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)) perf_event_open$cgroup(&(0x7f0000000500)={0x2, 0x80, 0x9, 0x4, 0x80, 0x66, 0x0, 0x4, 0x4000, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x9, 0x4, @perf_config_ext={0x8001, 0x5}, 0x80, 0xfffffffffffffff4, 0x9637, 0x5, 0x7, 0x7ff, 0x3, 0x0, 0x4, 0x0, 0x4}, r2, 0x5, r0, 0x7) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x1400000000000000) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"}) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$ENABLE_STATS(0x20, &(0x7f00000001c0), 0x4) r5 = socket$kcm(0x2, 0x1, 0x84) sendmsg$sock(r5, &(0x7f0000000300)={&(0x7f0000000000)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000340)='3', 0x1}], 0x1}, 0x0) setsockopt$sock_attach_bpf(r5, 0x84, 0x24, 0x0, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4, 0x0, @void, @value, @void, @value}, 0x48) close(r6) gettid() r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x6, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r7, &(0x7f00000000c0), &(0x7f0000000000)=""/8, 0x2}, 0x20) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) 7.484805467s ago: executing program 3 (id=6869): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000b40)) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = perf_event_open(&(0x7f00000014c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3ff, 0x1fb, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0x11, 0x3, 0x0) sendmsg(r1, &(0x7f0000000440)={&(0x7f0000000800)=@caif=@dgm={0x25, 0x9, 0xff}, 0x80, 0x0, 0x0, &(0x7f0000002e80)=[{0x10, 0x1, 0x40000}], 0x10}, 0x4080) perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0xb) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000600)=ANY=[@ANYBLOB="b7050000000000006110180000000000dc05000010000000950000000000000038c983c57b6575a22665b44fc16dafa87c17fa24f0d20445f79b7036589fdb9d9b8b613e5170804bb3373e2a365493cc5988fd4b5bf4ecacbfaaf32e2822a337581ac8337d0d8be4c95fb358dc40adb6bbcc60947d19c7e3656beed7ff3e116d6e81fc02b8c7c9"], &(0x7f00000002c0)='syzkaller\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/195, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000580)) close(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)) perf_event_open$cgroup(&(0x7f0000000500)={0x2, 0x80, 0x9, 0x4, 0x80, 0x66, 0x0, 0x4, 0x4000, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x9, 0x4, @perf_config_ext={0x8001, 0x5}, 0x80, 0xfffffffffffffff4, 0x9637, 0x5, 0x7, 0x7ff, 0x3, 0x0, 0x4, 0x0, 0x4}, r2, 0x5, r0, 0x7) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x1400000000000000) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"}) ioctl$SIOCSIFHWADDR(r3, 0x8b1b, &(0x7f0000000000)={'wlan1\x00', @random='\x00\x00\\ \x00'}) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) r5 = socket$kcm(0x2, 0x1, 0x84) sendmsg$sock(r5, &(0x7f0000000300)={&(0x7f0000000000)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000340)='3', 0x1}], 0x1}, 0x0) setsockopt$sock_attach_bpf(r5, 0x84, 0x24, 0x0, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4, 0x0, @void, @value, @void, @value}, 0x48) close(r6) gettid() r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x6, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r7, &(0x7f00000000c0), &(0x7f0000000000)=""/8, 0x2}, 0x20) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) 1.940194706s ago: executing program 2 (id=6932): perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000640)=@bpf_tracing={0x1a, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1a000000030000000000000008000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f00000000c0)='cgroup.threads\x00', 0x2, 0x0) mkdir(&(0x7f0000000000)='./cgroup/../file0/file0\x00', 0x0) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r4, &(0x7f0000000040), 0x12) write$cgroup_pid(r2, &(0x7f0000000080), 0x12) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f00000002c0), 0x0}, 0x20) r5 = socket$kcm(0x10, 0x7, 0x0) sendmsg$kcm(r5, 0x0, 0x0) r6 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r6, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$kcm(0x2c, 0x3, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x2}) ioctl$TUNSETLINK(r7, 0x400454cd, 0x118) close(r7) 1.918599139s ago: executing program 0 (id=6933): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xe1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000140)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x7, "dc"}], 0x18}, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000040)}], 0x1, 0x0, 0x0, 0xc9e}, 0x0) r1 = socket$kcm(0x2, 0xa, 0x2) socket$kcm(0x10, 0x2, 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) close(r2) setsockopt$sock_attach_bpf(r3, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) bpf$MAP_CREATE(0x0, 0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0xee, 0x1, 0x0, 0x0, 0x0, 0x40000000000006, 0x822c, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={0x0, 0x4}, 0x4, 0x0, 0x200007f7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x80002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0xe) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000b80)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf6700000000000026060800b3ff00004507000002000000240600000ee60000bf050000000000000f630000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070400000400f9ff2d350100000000009500000000000000050000000000000095000000000000001f1bd182bd43cb58074e0816289328452c0880fe4b3af9c97925711095cc7d3ebcd8418ffdc4a1da470a14e4391c3fb6915cbff2a4911fe82664d775cdb9dfc83fa32db39b636c1866b526185f4ab35172a74e9afe751664f575306ebb2c2890a4fa79303101a652776cc2fb4f01e79cd10215d917a116350d60f27fdc244bdab56ee3ad8f"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="000000000000fdffffffac00004332000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\b\x00'/28], 0x48) socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000000)={0x0, 0x0}) close(r4) setsockopt$sock_attach_bpf(r5, 0x10f, 0x87, &(0x7f0000000180), 0x127) r6 = socket$kcm(0x1e, 0x4, 0x0) setsockopt$sock_attach_bpf(r6, 0x10f, 0x87, &(0x7f00000008c0), 0x43) sendmsg$kcm(r6, &(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'ipvlan0\x00', @link_local={0x1, 0x80, 0xc2, 0x25}}) recvmsg$kcm(r6, 0x0, 0x40012001) 1.721454451s ago: executing program 0 (id=6935): perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xde, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000200), 0xa}, 0x100, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="140000002c000b35d25a806f8c6394f91024fc60", 0x14}], 0x1}, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb844, 0x5624}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) r1 = socket$kcm(0xa, 0x922000000003, 0x11) setsockopt$sock_attach_bpf(r1, 0x29, 0x24, &(0x7f00000000c0), 0x4) sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f0000000a80)=@l2tp6={0xa, 0x0, 0x0, @empty, 0x1ff}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000140)="f400090006372c25feb4003a00000100081bf2acc159eb4bff8d0300000000060000000000000000465255652a16d53b", 0x30}], 0x1}, 0x800) socket$kcm(0x10, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc078}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='blkio.bfq.io_service_bytes\x00', 0x26e1, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8b0f, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8924, 0x0) write$cgroup_int(r2, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) socket$kcm(0x10, 0x5, 0x0) sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x128}, 0x0) 1.587331257s ago: executing program 0 (id=6936): perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000640)=@bpf_tracing={0x1a, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1a000000030000000000000008000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f00000000c0)='cgroup.threads\x00', 0x2, 0x0) mkdir(&(0x7f0000000000)='./cgroup/../file0/file0\x00', 0x0) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r4, &(0x7f0000000040), 0x12) write$cgroup_pid(r2, &(0x7f0000000080), 0x12) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f00000002c0), 0x0}, 0x20) r5 = socket$kcm(0x10, 0x7, 0x0) sendmsg$kcm(r5, 0x0, 0x0) r6 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r6, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$kcm(0x2c, 0x3, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x2}) ioctl$TUNSETLINK(r7, 0x400454cd, 0x118) close(r7) 1.294497811s ago: executing program 2 (id=6947): bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="800018100000001000"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000200000000001200000085000000230000003f0000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r3}, 0x10) 1.270855893s ago: executing program 1 (id=6939): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r2}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"}) 1.1299546s ago: executing program 2 (id=6940): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) close(r1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) write$cgroup_subtree(r0, &(0x7f0000000440)=ANY=[], 0xfdef) 1.118717781s ago: executing program 4 (id=6941): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000feffff0600000000000000008500000053000000850000009e0000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc0, &(0x7f0000000140)=""/192, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 975.265348ms ago: executing program 4 (id=6942): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r2}, 0x10) socketpair(0xa, 0x1, 0x0, &(0x7f0000000000)) 974.870087ms ago: executing program 1 (id=6943): bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"}) 973.849798ms ago: executing program 0 (id=6944): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) write$cgroup_devices(r0, &(0x7f0000000140)=ANY=[], 0x10) 841.849003ms ago: executing program 4 (id=6945): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10) syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0) 840.512723ms ago: executing program 1 (id=6946): socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb707000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r2}, 0x10) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast}) 677.177222ms ago: executing program 0 (id=6948): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020641700000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)=@generic={&(0x7f00000000c0)='./file0/file0\x00'}, 0x18) 584.071093ms ago: executing program 2 (id=6949): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb707000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r1}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast}) 529.700849ms ago: executing program 0 (id=6950): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000008c50000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r4, r2, 0x26, 0x0, 0x0, @void, @value}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20) sendmsg$inet(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0) 330.734792ms ago: executing program 1 (id=6951): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='mm_lru_activate\x00', r2}, 0x10) write$cgroup_int(r1, &(0x7f0000000200), 0x43451) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_int(r3, &(0x7f0000000200), 0x43451) 298.437426ms ago: executing program 4 (id=6952): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffbfff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000014c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffc, 0xfffffffd, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 205.884486ms ago: executing program 2 (id=6953): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8c18cffb703000008000000b704000000000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='rss_stat\x00', r1}, 0x10) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 191.567768ms ago: executing program 4 (id=6954): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r1}, 0x10) socketpair(0xa, 0x1, 0x0, &(0x7f0000000000)) 159.659072ms ago: executing program 1 (id=6955): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000040420f00b7030000001000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r3, 0x4) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r4, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x2b) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10) sendmsg$inet(r1, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0) 61.663933ms ago: executing program 4 (id=6956): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000070000000300000048"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x2, 0xbf22, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r2, 0x0, 0xa002a0}, 0x38) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={0x0, &(0x7f0000000140)=""/184, &(0x7f0000000200), &(0x7f0000001540), 0x1, r2}, 0x38) 51.123214ms ago: executing program 2 (id=6957): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000408500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f00000002c0)='net_dev_start_xmit\x00', r3}, 0x10) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000039c0)=ANY=[@ANYBLOB="b702000006000000bfa300000000000007030000407effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7ebfcd0cd00006ed3d09a6175037958e271b60dedf8937f02008b6d83923dd29c034055d47dafe6c8dc3d5d78c07f34e4d5b3185b310efd4989147a00000000f110026e6d2ef831ab7ea0c34f17e3adeef3bb622003b538dfd8e012e71f6420b90adddff61b5b0a341a2d7cbdb90000bdb2ca76050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132658555cf476619f28d9961b626c57c2691208171656d60a17e3c1c4b751ca532e6ea09c346df3d7cb4ebd31a08b32808980200000000000000334d83239d0c2e9ff10ff2d27080e71113610e10c358e8327e7050b6c860dac12233f9a1fb9c2aec61ce63a38d316ef49b66d6e42fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a5f3d74ca891c4594e8a4399e01eadd3964663e88535c133f7130856f75643619f567d2e24f29e5dad9326edb697a6ea0182babc18cae2ed4b4390af9a9ceefd07e002cab5ebfcaad34732181feb215139f15eafddcb0c7cbe31fbae7c34d5ac5e7e64c21add9191eadd6e1795ad6a0f7f8cd3fccbdc3dec04b25dfc17975238345d4f71af35910b158e56657b7218baaa7cbf781c0a99bd50499ccff0f000000000000c7beba3da8223fe5308e4e2833baace04f4087c4f0da0d9a88f9dbb593ddeb3f0932a4d0175b889b8eccf707882042e716df9b57b290c661d4e85031086e97bcc5ca0e221a0e34323c129102b7b7a643e82e88a1940b3c02ed9c92d6f64b1282dc519b00159830d7617001154c46bd3ca96318c570f0721fc7aa2a58090000000000000094f22cdf550ef091a78098534f0d973058594000000000000000c12346e47ad97f4ead7cf754a52e4b2d0f22d428bd705414888700a30e2366c6a06b3367a389ca3905689a1f3db9c24db65c1e0001581d573dab18fd0600885f1ea8f2fd299fc3cdafda323e9c7080397bc49d70c060d57bc88fbe09baa058b040360ab9261503d2f363fb099408885afc2bf9a4f8c3506b669e889f5e4be1b8e0d634ebc1057b7e98186fc5141bd670dba6f43279f73db9dec75070cd9ab0fd969169ef6d2857b6bf955012cf7fe50d133da86c0477e42b98a6cc999dc21c3ef408e633dfa35f14d6e734837d365e63845f3c1092f8dd4fc7ea0000af3904ea0f3698cd9492794b8212a350d726bff873339c4cad4ead1348474250eda2c8067ab730c1d82a5687f2ed690000522a0b7426000000000000000000000000000000000000000093fc7a82b98f99d9dedf7ba17f5f0b6d15e552fbd21f7eecff10243a43af03eea84c4304a5d3f93c3fc74c00000000000043e1ed82b9aa0ae92a499984a009000000937523f5292d12659906005cde64f903c3415c458a2b32c2318f0858f19c6def80e1481e8e1c0098fc3f38b7a57211adb15d824cfdcf229628c0de49860e44286fe0e257cfa4ce50f3d10763d442824414a73c06837fe08de62f8710ca977960b74d0000ce73da6022a8671d1a3575b4e18c28c73203bf134686dd65808452cb6b76fcb134252c78de9b240de7b4cd015a77f76bb6470c05fc980b3d8f3f964f432a4bf6cddd6222c2da006b6fdb9c8468ae1d986a893b9519444d16a6dfa92c04331a6698507048fab5ae402acd05fe621f22712dfd09004770b4278fa14547d8ce3c21188e5e4e2baacd98e8e451d6aaaf090000006ed1d9018000008dd952595d78e9583bf4ea5de36099e3cd32941a815e3f3ceafe3065b9594fdcb24ebb6eddb9e87c9ecec7a42c0000abe1c6ea55887dfa18d0aea1b6eca5a883702b0bf3aefcb225895db90e237157a34e9f447237ea5b391bddd1290f7ce987a0e36b8e71b1779bbe95ffa9c3c0f6ba66e4d48e75253e3d633811e4b3220616aafbe7a3a18375ae593eb58fd500426286472466823cb8e1800aaaa0d9463c0c4ea5541a55df6eeffec0b66482228816cdfccb98374c644eea45de7867a0efbad0ab2bc33b350440a90b791b2b33f74a112a3b91b40bed8db2df8633207f8387e04ca52ab0f3f7b058b13523b896800b992972d9609551c27a5916ea16069c5b0300000026d3c27e7945b29996e5cefbc9f857bc1332d200194f658b930780603134ae6b7f5092772bd5d880dbe21b790c475b14b7fe4fe002dffd651faa79bb0cee0cdac2bc3218f2ddaa6f7ba04b696a30d313bed30ba8f35569a9b07ee7308da09c01a4b827aa1784d927aca9b8540534c5c49a0300cfbc2213fc1572b0204dd456b11a454d1f3f14179974aae624ea59500f5e048b2780666de81a040663c57f49af25be909984ae4e679107a14bbb24851f6199eaf9a1b81f33426f86b4b941c08dfe2bc8ec246ec1aae120c42405e428923f3a83d9ba5c373f5e8a54120b451e2806370f1ed60c9fd5d9af4d16cb0f413c324da52d4bd2e01d3ac2d578d72e2d63322dfc9245ce3e3a097fb82f4e3b61a55594616020f72f1c55ee3d325c7496a7c2f10cfeae16ae436751227378f0b1ee78bd33c50206700dd90b96a330f92bff736c83ca53e7f02b734d1a9292337e2be3896f7e7f244bfab4946c7042e88206f641eafcc5b4ba7a7880533cde00995d1caf6936f356ecf07a0084e7adc2dc12417997b03087c7b3b44b06f6158a2a18ce0e56ffbeb22f40521dd9972583d413098aa80db98ef324a2bfb6961c07b47521973cf0bb6f5530f6216b047b35d6e06b72b22b29de42bb1bc8ce0a0e3500000000000000000000000000b92eb197e4149627920000008000000000801792756f90b37f0858efc387f559203f314a4b0ed750fa72e5948ac3fe5921c14ef578d420e7b2a9e2f87f7b44949fe14c00000000000f47030c09f62d444b4981db81799776eeb4448278de519705fa8b56779bc8cc927b308c8e50815c4c3b27487996c09121caf47f76158362c74904f89cbc588aae84567a83571ff72bb65c082b5a8dedc05a3167d84205d5af86553c21e1f023a51c0e179fccfbc201982ebddcaa45613899d19082453b180ca0c525b8d3cfaf7d0bcddeb5d5c7166038f276a92941393ba5e51f77172822bd903d9f8b436656771774ed88daab0d0cfdd1bffc30ab566e1a4cb3ad66d830e10f7c1de13218aea21e7def613204c2b7c1ad48b01c20024032e9b3bba7d6ceca38d3e96db049b92fc32ee34fe7b8419c8fbf03d61c159dc5864e030000a2c55b614d622b8de966c97e1940026f96db3c78ca18c9f08d1c47edf1a4d7298109f31b6078711ee72eacab61213bf50000000000e1000000000000000000001217887d0452aa6d26e4614d511710abeec84b78c027c160ba3759fa55249b832ce4dfb91122193d514ed992c07f8cd6d897b314907e15642da228dbc03429e6e0e7ac118ed351c3b0c44bf5d8b58be5732f29eed98d5b3688d80f7c66f8333aa8cc2ec5b5e305b3dee2562d415b4b9ed530797f55f9fe8510423409629a09000000000000009a35d9ca93e4b4591679547b8de8af1782451f7b8e1de508f1e9e525210d62bb850f8035040ad9e57abe58797515b737bfb21d35ac560f99dbd18dad5e6345a464955e8141d75b6177e4fa176a020b0000000000006e76f0294fee7d19a0f327f8796d77b6e24b8df4bb438b527d10e657d49b844198ea9f93c4fd6fd2daa9bd87fd1e02ecc8075dca1280c201043257e9bd3c9a7aa150eb1711632b76d4dc053e64bfcfd057980136d6e9faca03b24fa300ef90bfe4ad364256937796f941c2fead94785f48777941f0cd3dba54ab6a5d5e91e90ac9ae994c3d4108b2fe7eca9413ac9bc138c74800487eb19c48db3f79be964808d409b5e36fc7fdd40080361427b6b9c118e5c9a0a1d5ca24886eb8a78796540635ac3530b9025d8bad0533a7f81b2188ec75a5fc9302e3815bdcc9ab11201ef940569c995c21eeaefe2e8fc02e0433dc7371d1f72124bad23e554c30fdd7cd8c2da1e8706417da9ad8916551a1182fac08603dfc2f2279ba161c13984cd753b54a85e6f3018c7d48c4b6c2f6910975e9ff51318b09fa13e2d38ce013aab41524c298c3719e31bcb1f102eaeee69a19e006bcdb1acc2664efa949a1a07bb3d7848d5e1381fbe63c522053a3bb32eb6345e10f7a12bf84e0e196a00833f464dd2f6547f14ebf137fce33efeb813211f31ff24d7dbb00f2574ccda59b3ea068fc2a18c37ee579f5a9ecc47da73684bcadd209ae5bbb7147df745ae7a4e446ca16d027d8d0adcdb54182c9de8053fc8b1b9d19c16c53d34db6e26f6a88d449f6abf378ca2e577e206a758a3d46e45e7949c5b5069103009693a798a330a1ccb32d49772e80862df36dc0156b3f72cd85083f8e96ca1697457ec722766bd46ee2424975a38149bd57e5c0eb4087fc243e7e51b0aca9f0ab0668d7f2ee9ad9f267d8804417aa7e36a64d489bb84a1483fd3c3ecb024060002858cbb1f7708f5b41fca2fee7c03b1f862ce88dc313d913e041dd7583a1ac41c466757c5dd07ea2c5d62a000b84b11308b6636b735b3c654cbc0000000000000019a4e9a9c2cbc906f97fd6eb00b18d09a5df123ebbdb2827b43aed6a29e9942e402c1ae52e9cb98f3019d364fc21ea02023db91ced3c2f06550cef8a79ed39091e4776001187d0ab2f82478431d36470cc008d745ce8fd64c9aa64da230bb080945a557081b767beb75b1ea856a55c71b8fda672289aa6085100d48ac8039f19fec3acbcc5944a4e6fd44af8f10110db730a8d0d41b4ea36f9510f843a471963bd4621b9e43f08d341bb69df430ac4bf5c06c6398c1b28bdd3f4c2353c330d8457cf728294e8ea1861ce50c367498945285f73c94d91210652eb4f3077cab6be2a3512eddbcb63d091d69fb1b26c8ada9a99d747d38ef5042053299b8e95decc637a022a49664742606cfdb2a3258498a6a0a82369d70177433e52b851ac396163ca09e6c22ad796a565cf23d87ae9be7235553aa6b8ab74842d3d4ba738b3fa997f079d225335f2af55644478e514aed8ba202805ad458d9ae6ab8d156f11f3cfe7def690f2bbbb463063664625223d23386540e0db96d8eb1755ad49ae817683de97a6dd32d584391302e65594b12bb2e6630217401031c8a1b964ca32f735421bbf64c9f1f9329e5cfda139ea79619e1d00a9a3ab49993362f30d191aa3387101feaa3e326190804eae2114437f8f4b27480900dd6511844a643886588fbdee7f8863a8dfdd75a9e128c6c15166a5f92d3c2d4952e5d07c59bfce0724a02600094c3369be3024edf451ff76a59855fd90353a0de907834bb77a059c56e92eed2f1415b3d8178453c7aecd8fbd161e2ffd66bcf2be175e45184f06bafd1c1c4fd7006a6c90d8afd126f1c51ee0f724ffbbed25a286c95d17c8b4297f8bba8efd565ecb157f0be244fb9657f737354b20e3a5012abb36052eec7a4fe9bc5b5283581b208d90d28d78f1c5422c3bcad67278e8bb88d7e6ccf72dd61319b44aa617d667000000000000a5edbd3e8605225681090853fc66a20e30fb9938e5886ae748236f5e071278763e070b2b75ce0a9e6870033d25dd19733152b01b507d812216e0f7fc89bbe200806f079e9515dd886a781a46ebe3da4c8307885b535109bb1678d08eeef3717bea30f64282ee844b6d64ec51b1221d175b59c1537089dfa803275ab6dcd40b1fe4e851597c1993a477c225201087b7b0977be62a71927bb01b705267aabe967add451795dfd5114726193415cc3e0784a37db8ab8b97a171bc4ad9593f7c750ad440a26b93d24ee8f080de0f2a16cbd5cd1f370bc1235d88d5cbd25acf91daa392731dab4c9c15015de2fded6332b6ebccf6e1588f3f1a5a3e853587a6843ee1a3f3c270e3ab4462bcff01c70b03e8f8c9d816d7d69e4040155e9f999ce4e366a816c6e7224f41df7eead6d6d214ed98708e1d269f4b469af2e2a2559258439758f4fded2780e736568c7eea209c5ed54a1beaf06013bb4b330d39518528a46d68b277faf926672650cad335ae285aeb0b0130a9c7016580a857722b9c51a5a37a856ccb9b6673f58ebfa66f1db4d041741e104cdd91efa4b3248ebecff3568f31b547b19a939708c3b4b45f46377b4a345248489ddef4bc87426717971de1c0049006d2fb99c311fa91c364749917ee81ea8fd51365449d568eadbad6aead6101b7e6582e793670492d814d58e4a9faa8a4a3027b230e8f5b2349fb3ff3c4365df6bd85aa7f76c388ef94f0155c81b04863624fb4708f83ebf93a51d1438d7761d4b1b929d9aa8faef691676834a2591b75205ede2e4a709c3a9899d06c5cb5a571159402e429c5cf839f49957aed76dc7db43f9fdc754e40d7c662ad7939a09bfdbc31deb0d327895afae1eca61820e09abc2c0ed5ce083aceb89c8e24ad45483d3128f0547869970dc84c8787a06046bf79f28a7678b03baeff239ce600d91a07236e255ff7ea441ff0602bb38d7aaa1c414a94c4e143ea2cca9d14a01bb70ff93057a03288bd71c45b025731765ca5250b162f08be1a29460a53f213bfb88a8e80e4c46dbfa5936894a95d27c4e90c151748f8ee457c29cb7e21deb805a9c5c6abf373a4bad5e1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffffe8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r4, 0x18000000000002a0, 0x38, 0x0, &(0x7f0000000140)="b9ff0300600d698cff9e14f086dd", 0x0, 0x63, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x48) 0s ago: executing program 1 (id=6958): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20) recvmsg$unix(r1, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x0) sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0x1}], 0x1}, 0x0) kernel console output (not intermixed with test programs): .979201][T19468] dump_stack_lvl+0x1e3/0x2d0 [ 679.983897][T19468] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 679.989541][T19468] ? panic+0x860/0x860 [ 679.993631][T19468] ? kmem_cache_alloc_trace+0x143/0x290 [ 679.999161][T19468] ? sysfs_warn_dup+0x4d/0xa0 [ 680.003837][T19468] sysfs_warn_dup+0x8a/0xa0 [ 680.008322][T19468] sysfs_do_create_link_sd+0xbe/0x100 [ 680.013677][T19468] device_add+0x7d4/0xfd0 [ 680.017998][T19468] wiphy_register+0x1d30/0x2bb0 [ 680.022837][T19468] ? cfg80211_event_work+0x40/0x40 [ 680.027952][T19468] ? minstrel_ht_alloc+0x7cf/0x940 [ 680.033066][T19468] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 680.039135][T19468] ieee80211_register_hw+0x2986/0x39d0 [ 680.044604][T19468] ? ieee80211_register_hw+0xac1/0x39d0 [ 680.050148][T19468] ? ieee80211_tasklet_handler+0x20/0x20 [ 680.055782][T19468] ? memset+0x1f/0x40 [ 680.059752][T19468] ? __hrtimer_init+0x181/0x260 [ 680.064589][T19468] mac80211_hwsim_new_radio+0x223d/0x4200 [ 680.070316][T19468] hwsim_new_radio_nl+0xbae/0x1090 [ 680.075501][T19468] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 680.081991][T19468] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 680.088317][T19468] genl_rcv_msg+0xfbd/0x14a0 [ 680.092908][T19468] ? genl_bind+0x420/0x420 [ 680.097330][T19468] ? print_irqtrace_events+0x210/0x210 [ 680.102784][T19468] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 680.108948][T19468] ? lockdep_hardirqs_on+0x94/0x130 [ 680.114151][T19468] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 680.120295][T19468] ? validate_chain+0x112/0x5930 [ 680.125219][T19468] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 680.131729][T19468] netlink_rcv_skb+0x1cf/0x410 [ 680.136477][T19468] ? genl_bind+0x420/0x420 [ 680.140875][T19468] ? netlink_ack+0xb10/0xb10 [ 680.145464][T19468] ? down_read+0x1b3/0x2e0 [ 680.149882][T19468] ? genl_rcv+0x9/0x40 [ 680.153951][T19468] genl_rcv+0x24/0x40 [ 680.157916][T19468] netlink_unicast+0x7b6/0x980 [ 680.162668][T19468] ? netlink_detachskb+0x90/0x90 [ 680.167590][T19468] ? __virt_addr_valid+0xb7/0x460 [ 680.172595][T19468] ? 0xffffffff81000000 [ 680.176734][T19468] ? __check_object_size+0x300/0x410 [ 680.182004][T19468] ? bpf_lsm_netlink_send+0x5/0x10 [ 680.187096][T19468] netlink_sendmsg+0xa30/0xd60 [ 680.191853][T19468] ? netlink_getsockopt+0x5b0/0x5b0 [ 680.197041][T19468] ? aa_sock_msg_perm+0x91/0x150 [ 680.201967][T19468] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 680.207240][T19468] ? security_socket_sendmsg+0x7d/0xa0 [ 680.212691][T19468] ? netlink_getsockopt+0x5b0/0x5b0 [ 680.217873][T19468] ____sys_sendmsg+0x59e/0x8f0 [ 680.222621][T19468] ? iovec_from_user+0x300/0x390 [ 680.227553][T19468] ? __sys_sendmsg_sock+0x30/0x30 [ 680.232591][T19468] ___sys_sendmsg+0x252/0x2e0 [ 680.237253][T19468] ? __sys_sendmsg+0x260/0x260 [ 680.242047][T19468] ? __fdget+0x191/0x220 [ 680.246290][T19468] __se_sys_sendmsg+0x19a/0x260 [ 680.251124][T19468] ? __x64_sys_sendmsg+0x80/0x80 [ 680.256049][T19468] ? syscall_enter_from_user_mode+0x2e/0x240 [ 680.262033][T19468] ? lockdep_hardirqs_on+0x94/0x130 [ 680.267248][T19468] ? syscall_enter_from_user_mode+0x2e/0x240 [ 680.273216][T19468] do_syscall_64+0x3b/0xb0 [ 680.277619][T19468] ? clear_bhb_loop+0x15/0x70 [ 680.282291][T19468] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 680.288168][T19468] RIP: 0033:0x7f0965cadff9 [ 680.292567][T19468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 680.312155][T19468] RSP: 002b:00007f0964126038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 680.320554][T19468] RAX: ffffffffffffffda RBX: 00007f0965e65f80 RCX: 00007f0965cadff9 [ 680.328516][T19468] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 680.336482][T19468] RBP: 00007f0965d20296 R08: 0000000000000000 R09: 0000000000000000 [ 680.344443][T19468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 680.352403][T19468] R13: 0000000000000000 R14: 00007f0965e65f80 R15: 00007ffd70536e78 [ 680.360373][T19468] [ 680.417550][T19480] netlink: 131088 bytes leftover after parsing attributes in process `syz.0.5339'. [ 680.450027][T19480] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 680.457976][T19480] CPU: 1 PID: 19480 Comm: syz.0.5339 Not tainted 5.15.168-syzkaller #0 [ 680.466225][T19480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 680.476290][T19480] Call Trace: [ 680.479569][T19480] [ 680.482503][T19480] dump_stack_lvl+0x1e3/0x2d0 [ 680.487202][T19480] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 680.492852][T19480] ? panic+0x860/0x860 [ 680.496953][T19480] ? kmem_cache_alloc_trace+0x143/0x290 [ 680.502507][T19480] ? sysfs_warn_dup+0x4d/0xa0 [ 680.507200][T19480] sysfs_warn_dup+0x8a/0xa0 [ 680.511726][T19480] sysfs_do_create_link_sd+0xbe/0x100 [ 680.517118][T19480] device_add+0x7d4/0xfd0 [ 680.521472][T19480] wiphy_register+0x1d30/0x2bb0 [ 680.526349][T19480] ? cfg80211_event_work+0x40/0x40 [ 680.531471][T19480] ? minstrel_ht_alloc+0x5d6/0x940 [ 680.536584][T19480] ? minstrel_ht_alloc+0x53f/0x940 [ 680.541714][T19480] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 680.547802][T19480] ieee80211_register_hw+0x2986/0x39d0 [ 680.553276][T19480] ? ieee80211_register_hw+0xac1/0x39d0 [ 680.558949][T19480] ? ieee80211_tasklet_handler+0x20/0x20 [ 680.564609][T19480] ? memset+0x1f/0x40 [ 680.568603][T19480] ? __hrtimer_init+0x181/0x260 [ 680.573441][T19480] mac80211_hwsim_new_radio+0x223d/0x4200 [ 680.579158][T19480] hwsim_new_radio_nl+0xbae/0x1090 [ 680.584259][T19480] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 680.590748][T19480] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 680.597067][T19480] genl_rcv_msg+0xfbd/0x14a0 [ 680.601656][T19480] ? genl_bind+0x420/0x420 [ 680.606074][T19480] ? local_bh_enable+0x5/0x20 [ 680.610753][T19480] ? mark_lock+0x98/0x340 [ 680.615121][T19480] ? __lock_acquire+0x1295/0x1ff0 [ 680.620156][T19480] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 680.626658][T19480] netlink_rcv_skb+0x1cf/0x410 [ 680.631410][T19480] ? genl_bind+0x420/0x420 [ 680.635808][T19480] ? netlink_ack+0xb10/0xb10 [ 680.640394][T19480] ? down_read+0x1b3/0x2e0 [ 680.644792][T19480] ? genl_rcv+0x9/0x40 [ 680.648842][T19480] genl_rcv+0x24/0x40 [ 680.652813][T19480] netlink_unicast+0x7b6/0x980 [ 680.657578][T19480] ? netlink_detachskb+0x90/0x90 [ 680.662531][T19480] ? __virt_addr_valid+0xb7/0x460 [ 680.667563][T19480] ? 0xffffffff81000000 [ 680.671719][T19480] ? __check_object_size+0x300/0x410 [ 680.677011][T19480] ? bpf_lsm_netlink_send+0x5/0x10 [ 680.682119][T19480] netlink_sendmsg+0xa30/0xd60 [ 680.686966][T19480] ? netlink_getsockopt+0x5b0/0x5b0 [ 680.692151][T19480] ? futex_wait+0x634/0x740 [ 680.696644][T19480] ? aa_sock_msg_perm+0x91/0x150 [ 680.701573][T19480] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 680.706847][T19480] ? security_socket_sendmsg+0x7d/0xa0 [ 680.712295][T19480] ? netlink_getsockopt+0x5b0/0x5b0 [ 680.717505][T19480] ____sys_sendmsg+0x59e/0x8f0 [ 680.722260][T19480] ? iovec_from_user+0x300/0x390 [ 680.727205][T19480] ? __sys_sendmsg_sock+0x30/0x30 [ 680.732221][T19480] ___sys_sendmsg+0x252/0x2e0 [ 680.736893][T19480] ? __sys_sendmsg+0x260/0x260 [ 680.741666][T19480] ? __fdget+0x191/0x220 [ 680.745923][T19480] __se_sys_sendmsg+0x19a/0x260 [ 680.750764][T19480] ? __x64_sys_sendmsg+0x80/0x80 [ 680.755687][T19480] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 680.761874][T19480] do_syscall_64+0x3b/0xb0 [ 680.766294][T19480] ? clear_bhb_loop+0x15/0x70 [ 680.770975][T19480] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 680.776889][T19480] RIP: 0033:0x7f9788f97ff9 [ 680.781388][T19480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 680.800971][T19480] RSP: 002b:00007f9787410038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 680.809371][T19480] RAX: ffffffffffffffda RBX: 00007f978914ff80 RCX: 00007f9788f97ff9 [ 680.817346][T19480] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 680.825307][T19480] RBP: 00007f978900a296 R08: 0000000000000000 R09: 0000000000000000 [ 680.833261][T19480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 680.841213][T19480] R13: 0000000000000000 R14: 00007f978914ff80 R15: 00007ffda9e5fc18 [ 680.849191][T19480] [ 680.870641][T19484] netlink: 'syz.2.5328': attribute type 10 has an invalid length. [ 680.883659][T10227] wlan1: Trigger new scan to find an IBSS to join [ 680.883681][ T4869] wlan1: Trigger new scan to find an IBSS to join [ 680.977635][T19494] netlink: 131088 bytes leftover after parsing attributes in process `syz.3.5330'. [ 681.186828][T19494] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 681.208964][T19494] CPU: 1 PID: 19494 Comm: syz.3.5330 Not tainted 5.15.168-syzkaller #0 [ 681.217244][T19494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 681.227443][T19494] Call Trace: [ 681.230730][T19494] [ 681.233667][T19494] dump_stack_lvl+0x1e3/0x2d0 [ 681.238361][T19494] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 681.244005][T19494] ? panic+0x860/0x860 [ 681.248091][T19494] ? kmem_cache_alloc_trace+0x143/0x290 [ 681.253656][T19494] ? sysfs_warn_dup+0x4d/0xa0 [ 681.258353][T19494] sysfs_warn_dup+0x8a/0xa0 [ 681.262861][T19494] sysfs_do_create_link_sd+0xbe/0x100 [ 681.268236][T19494] device_add+0x7d4/0xfd0 [ 681.272575][T19494] wiphy_register+0x1d30/0x2bb0 [ 681.277438][T19494] ? cfg80211_event_work+0x40/0x40 [ 681.282538][T19494] ? minstrel_ht_alloc+0x7cf/0x940 [ 681.287651][T19494] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 681.293712][T19494] ieee80211_register_hw+0x2986/0x39d0 [ 681.299174][T19494] ? ieee80211_register_hw+0xac1/0x39d0 [ 681.304720][T19494] ? ieee80211_tasklet_handler+0x20/0x20 [ 681.310353][T19494] ? memset+0x1f/0x40 [ 681.314330][T19494] ? __hrtimer_init+0x181/0x260 [ 681.319172][T19494] mac80211_hwsim_new_radio+0x223d/0x4200 [ 681.324907][T19494] hwsim_new_radio_nl+0xbae/0x1090 [ 681.330017][T19494] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 681.337650][T19494] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 681.343974][T19494] genl_rcv_msg+0xfbd/0x14a0 [ 681.348562][T19494] ? genl_bind+0x420/0x420 [ 681.352964][T19494] ? local_bh_enable+0x5/0x20 [ 681.357641][T19494] ? mark_lock+0x98/0x340 [ 681.361964][T19494] ? __lock_acquire+0x1295/0x1ff0 [ 681.366988][T19494] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 681.373496][T19494] netlink_rcv_skb+0x1cf/0x410 [ 681.378254][T19494] ? genl_bind+0x420/0x420 [ 681.382661][T19494] ? netlink_ack+0xb10/0xb10 [ 681.387257][T19494] ? down_read+0x1b3/0x2e0 [ 681.391662][T19494] ? genl_rcv+0x9/0x40 [ 681.395722][T19494] genl_rcv+0x24/0x40 [ 681.399690][T19494] netlink_unicast+0x7b6/0x980 [ 681.404456][T19494] ? netlink_detachskb+0x90/0x90 [ 681.409382][T19494] ? __virt_addr_valid+0xb7/0x460 [ 681.414393][T19494] ? 0xffffffff81000000 [ 681.418533][T19494] ? __check_object_size+0x300/0x410 [ 681.423809][T19494] ? bpf_lsm_netlink_send+0x5/0x10 [ 681.428912][T19494] netlink_sendmsg+0xa30/0xd60 [ 681.433683][T19494] ? netlink_getsockopt+0x5b0/0x5b0 [ 681.438874][T19494] ? aa_sock_msg_perm+0x91/0x150 [ 681.443805][T19494] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 681.449078][T19494] ? security_socket_sendmsg+0x7d/0xa0 [ 681.454525][T19494] ? netlink_getsockopt+0x5b0/0x5b0 [ 681.459895][T19494] ____sys_sendmsg+0x59e/0x8f0 [ 681.464659][T19494] ? iovec_from_user+0x300/0x390 [ 681.469594][T19494] ? __sys_sendmsg_sock+0x30/0x30 [ 681.474625][T19494] ___sys_sendmsg+0x252/0x2e0 [ 681.479301][T19494] ? __sys_sendmsg+0x260/0x260 [ 681.484103][T19494] ? __fdget+0x191/0x220 [ 681.488347][T19494] __se_sys_sendmsg+0x19a/0x260 [ 681.493194][T19494] ? __x64_sys_sendmsg+0x80/0x80 [ 681.498137][T19494] ? syscall_enter_from_user_mode+0x2e/0x240 [ 681.504114][T19494] ? lockdep_hardirqs_on+0x94/0x130 [ 681.509304][T19494] ? syscall_enter_from_user_mode+0x2e/0x240 [ 681.515320][T19494] do_syscall_64+0x3b/0xb0 [ 681.519754][T19494] ? clear_bhb_loop+0x15/0x70 [ 681.524437][T19494] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 681.530332][T19494] RIP: 0033:0x7f5da2ef4ff9 [ 681.534744][T19494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 681.554349][T19494] RSP: 002b:00007f5da136d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 681.562751][T19494] RAX: ffffffffffffffda RBX: 00007f5da30acf80 RCX: 00007f5da2ef4ff9 [ 681.570715][T19494] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 681.578682][T19494] RBP: 00007f5da2f67296 R08: 0000000000000000 R09: 0000000000000000 [ 681.586641][T19494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 681.594600][T19494] R13: 0000000000000000 R14: 00007f5da30acf80 R15: 00007ffcf62245b8 [ 681.602579][T19494] [ 682.318294][T19535] netlink: 131088 bytes leftover after parsing attributes in process `syz.4.5350'. [ 682.346121][T19535] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 682.361310][T19535] CPU: 0 PID: 19535 Comm: syz.4.5350 Not tainted 5.15.168-syzkaller #0 [ 682.369579][T19535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 682.379817][T19535] Call Trace: [ 682.383099][T19535] [ 682.386016][T19535] dump_stack_lvl+0x1e3/0x2d0 [ 682.390691][T19535] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 682.396340][T19535] ? panic+0x860/0x860 [ 682.400409][T19535] sysfs_warn_dup+0x8a/0xa0 [ 682.404905][T19535] sysfs_do_create_link_sd+0xbe/0x100 [ 682.410265][T19535] device_add+0x7d4/0xfd0 [ 682.414676][T19535] wiphy_register+0x1d30/0x2bb0 [ 682.419522][T19535] ? cfg80211_event_work+0x40/0x40 [ 682.424614][T19535] ? minstrel_ht_alloc+0x7cf/0x940 [ 682.429715][T19535] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 682.435771][T19535] ieee80211_register_hw+0x2986/0x39d0 [ 682.441235][T19535] ? ieee80211_register_hw+0xac1/0x39d0 [ 682.446878][T19535] ? ieee80211_tasklet_handler+0x20/0x20 [ 682.452519][T19535] ? __hrtimer_init+0x173/0x260 [ 682.459570][T19535] ? __sanitizer_cov_trace_const_cmp4+0xc/0x80 [ 682.465741][T19535] ? __hrtimer_init+0x181/0x260 [ 682.470604][T19535] mac80211_hwsim_new_radio+0x223d/0x4200 [ 682.476349][T19535] hwsim_new_radio_nl+0xbae/0x1090 [ 682.481472][T19535] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 682.487969][T19535] ? genl_family_rcv_msg_attrs_parse+0x1d5/0x290 [ 682.494307][T19535] genl_rcv_msg+0xfbd/0x14a0 [ 682.498906][T19535] ? genl_bind+0x420/0x420 [ 682.503324][T19535] ? _raw_spin_unlock_irqrestore+0xd4/0x130 [ 682.509230][T19535] ? mark_lock+0x98/0x340 [ 682.513568][T19535] ? swake_up_one+0x6d/0x150 [ 682.518169][T19535] ? __lock_acquire+0x1295/0x1ff0 [ 682.523210][T19535] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 682.529719][T19535] netlink_rcv_skb+0x1cf/0x410 [ 682.534490][T19535] ? genl_bind+0x420/0x420 [ 682.538902][T19535] ? netlink_ack+0xb10/0xb10 [ 682.543500][T19535] ? down_read+0x1b3/0x2e0 [ 682.548716][T19535] ? genl_rcv+0x9/0x40 [ 682.552787][T19535] genl_rcv+0x24/0x40 [ 682.556752][T19535] netlink_unicast+0x7b6/0x980 [ 682.561512][T19535] ? netlink_detachskb+0x90/0x90 [ 682.566448][T19535] ? __virt_addr_valid+0xb7/0x460 [ 682.571476][T19535] ? 0xffffffff81000000 [ 682.575618][T19535] ? __check_object_size+0x300/0x410 [ 682.580892][T19535] ? bpf_lsm_netlink_send+0x5/0x10 [ 682.586017][T19535] netlink_sendmsg+0xa30/0xd60 [ 682.590781][T19535] ? netlink_getsockopt+0x5b0/0x5b0 [ 682.595974][T19535] ? aa_sock_msg_perm+0x91/0x150 [ 682.600917][T19535] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 682.606211][T19535] ? security_socket_sendmsg+0x7d/0xa0 [ 682.611664][T19535] ? netlink_getsockopt+0x5b0/0x5b0 [ 682.616876][T19535] ____sys_sendmsg+0x59e/0x8f0 [ 682.621628][T19535] ? iovec_from_user+0x300/0x390 [ 682.626553][T19535] ? __sys_sendmsg_sock+0x30/0x30 [ 682.631580][T19535] ___sys_sendmsg+0x252/0x2e0 [ 682.636350][T19535] ? __sys_sendmsg+0x260/0x260 [ 682.641121][T19535] ? __fdget+0x191/0x220 [ 682.645361][T19535] __se_sys_sendmsg+0x19a/0x260 [ 682.650232][T19535] ? __x64_sys_sendmsg+0x80/0x80 [ 682.655170][T19535] ? syscall_enter_from_user_mode+0x2e/0x240 [ 682.661158][T19535] ? lockdep_hardirqs_on+0x94/0x130 [ 682.666360][T19535] ? syscall_enter_from_user_mode+0x2e/0x240 [ 682.672387][T19535] do_syscall_64+0x3b/0xb0 [ 682.676893][T19535] ? clear_bhb_loop+0x15/0x70 [ 682.681553][T19535] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 682.687433][T19535] RIP: 0033:0x7f61013b9ff9 [ 682.691862][T19535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 682.711471][T19535] RSP: 002b:00007f60ff832038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 682.719872][T19535] RAX: ffffffffffffffda RBX: 00007f6101571f80 RCX: 00007f61013b9ff9 [ 682.727850][T19535] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 682.735813][T19535] RBP: 00007f610142c296 R08: 0000000000000000 R09: 0000000000000000 [ 682.743770][T19535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 682.751725][T19535] R13: 0000000000000000 R14: 00007f6101571f80 R15: 00007ffcc5d9b758 [ 682.759691][T19535] [ 682.790575][T19538] netlink: 131088 bytes leftover after parsing attributes in process `syz.0.5349'. [ 682.846803][T19538] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 682.868703][T19538] CPU: 1 PID: 19538 Comm: syz.0.5349 Not tainted 5.15.168-syzkaller #0 [ 682.876976][T19538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 682.887030][T19538] Call Trace: [ 682.890300][T19538] [ 682.893223][T19538] dump_stack_lvl+0x1e3/0x2d0 [ 682.897903][T19538] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 682.903529][T19538] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 682.909687][T19538] sysfs_warn_dup+0x8a/0xa0 [ 682.914180][T19538] sysfs_do_create_link_sd+0xbe/0x100 [ 682.919549][T19538] device_add+0x7d4/0xfd0 [ 682.923932][T19538] wiphy_register+0x1d30/0x2bb0 [ 682.928789][T19538] ? cfg80211_event_work+0x40/0x40 [ 682.933911][T19538] ? minstrel_ht_alloc+0x7cf/0x940 [ 682.939022][T19538] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 682.945083][T19538] ieee80211_register_hw+0x2986/0x39d0 [ 682.950541][T19538] ? ieee80211_register_hw+0xac1/0x39d0 [ 682.956083][T19538] ? ieee80211_tasklet_handler+0x20/0x20 [ 682.961712][T19538] ? memset+0x1f/0x40 [ 682.965682][T19538] ? __hrtimer_init+0x181/0x260 [ 682.970533][T19538] mac80211_hwsim_new_radio+0x223d/0x4200 [ 682.976266][T19538] hwsim_new_radio_nl+0xbae/0x1090 [ 682.981371][T19538] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 682.987870][T19538] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 682.994194][T19538] genl_rcv_msg+0xfbd/0x14a0 [ 682.998782][T19538] ? genl_bind+0x420/0x420 [ 683.003184][T19538] ? local_bh_enable+0x5/0x20 [ 683.007863][T19538] ? mark_lock+0x98/0x340 [ 683.012185][T19538] ? __lock_acquire+0x1295/0x1ff0 [ 683.017217][T19538] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 683.023730][T19538] netlink_rcv_skb+0x1cf/0x410 [ 683.028489][T19538] ? genl_bind+0x420/0x420 [ 683.032903][T19538] ? netlink_ack+0xb10/0xb10 [ 683.037493][T19538] ? down_read+0x1b3/0x2e0 [ 683.041894][T19538] ? genl_rcv+0x9/0x40 [ 683.045956][T19538] genl_rcv+0x24/0x40 [ 683.049928][T19538] netlink_unicast+0x7b6/0x980 [ 683.054689][T19538] ? netlink_detachskb+0x90/0x90 [ 683.059704][T19538] ? bpf_lsm_netlink_send+0x5/0x10 [ 683.064806][T19538] netlink_sendmsg+0xa30/0xd60 [ 683.069574][T19538] ? netlink_getsockopt+0x5b0/0x5b0 [ 683.074764][T19538] ? tomoyo_socket_sendmsg_permission+0x129/0x410 [ 683.081177][T19538] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 683.086454][T19538] ? security_socket_sendmsg+0x7d/0xa0 [ 683.091903][T19538] ? netlink_getsockopt+0x5b0/0x5b0 [ 683.097096][T19538] ____sys_sendmsg+0x59e/0x8f0 [ 683.101856][T19538] ? iovec_from_user+0x300/0x390 [ 683.106791][T19538] ? __sys_sendmsg_sock+0x30/0x30 [ 683.111817][T19538] ___sys_sendmsg+0x252/0x2e0 [ 683.116490][T19538] ? __sys_sendmsg+0x260/0x260 [ 683.121279][T19538] ? __fdget+0x191/0x220 [ 683.125517][T19538] __se_sys_sendmsg+0x19a/0x260 [ 683.130364][T19538] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 683.136513][T19538] ? __x64_sys_sendmsg+0x80/0x80 [ 683.141449][T19538] ? syscall_enter_from_user_mode+0x37/0x240 [ 683.147420][T19538] ? syscall_enter_from_user_mode+0x2e/0x240 [ 683.153395][T19538] do_syscall_64+0x3b/0xb0 [ 683.157804][T19538] ? clear_bhb_loop+0x15/0x70 [ 683.162469][T19538] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 683.168350][T19538] RIP: 0033:0x7f9788f97ff9 [ 683.172755][T19538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 683.192352][T19538] RSP: 002b:00007f9787410038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 683.200764][T19538] RAX: ffffffffffffffda RBX: 00007f978914ff80 RCX: 00007f9788f97ff9 [ 683.208731][T19538] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 683.216696][T19538] RBP: 00007f978900a296 R08: 0000000000000000 R09: 0000000000000000 [ 683.224654][T19538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 683.232613][T19538] R13: 0000000000000000 R14: 00007f978914ff80 R15: 00007ffda9e5fc18 [ 683.240588][T19538] [ 683.286132][T19547] netlink: 131088 bytes leftover after parsing attributes in process `syz.1.5352'. [ 683.312269][T19547] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 683.322165][T19547] CPU: 0 PID: 19547 Comm: syz.1.5352 Not tainted 5.15.168-syzkaller #0 [ 683.330434][T19547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 683.340503][T19547] Call Trace: [ 683.343799][T19547] [ 683.346730][T19547] dump_stack_lvl+0x1e3/0x2d0 [ 683.351425][T19547] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 683.357074][T19547] ? panic+0x860/0x860 [ 683.361157][T19547] ? kmem_cache_alloc_trace+0x143/0x290 [ 683.366703][T19547] ? sysfs_warn_dup+0x4d/0xa0 [ 683.371378][T19547] sysfs_warn_dup+0x8a/0xa0 [ 683.375875][T19547] sysfs_do_create_link_sd+0xbe/0x100 [ 683.381246][T19547] device_add+0x7d4/0xfd0 [ 683.385583][T19547] wiphy_register+0x1d30/0x2bb0 [ 683.390436][T19547] ? cfg80211_event_work+0x40/0x40 [ 683.395536][T19547] ? minstrel_ht_alloc+0x5d6/0x940 [ 683.400646][T19547] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 683.406707][T19547] ieee80211_register_hw+0x2986/0x39d0 [ 683.412169][T19547] ? ieee80211_register_hw+0xac1/0x39d0 [ 683.417713][T19547] ? ieee80211_tasklet_handler+0x20/0x20 [ 683.423347][T19547] ? memset+0x1f/0x40 [ 683.427319][T19547] ? __hrtimer_init+0x181/0x260 [ 683.432164][T19547] mac80211_hwsim_new_radio+0x223d/0x4200 [ 683.437918][T19547] hwsim_new_radio_nl+0xbae/0x1090 [ 683.443025][T19547] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 683.449546][T19547] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 683.455896][T19547] genl_rcv_msg+0xfbd/0x14a0 [ 683.460485][T19547] ? genl_bind+0x420/0x420 [ 683.464905][T19547] ? mark_lock+0x98/0x340 [ 683.469231][T19547] ? __lock_acquire+0x1295/0x1ff0 [ 683.474253][T19547] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 683.480760][T19547] netlink_rcv_skb+0x1cf/0x410 [ 683.485541][T19547] ? genl_bind+0x420/0x420 [ 683.489949][T19547] ? netlink_ack+0xb10/0xb10 [ 683.494560][T19547] ? down_read+0x1b3/0x2e0 [ 683.498971][T19547] ? genl_rcv+0x9/0x40 [ 683.503026][T19547] genl_rcv+0x24/0x40 [ 683.507001][T19547] netlink_unicast+0x7b6/0x980 [ 683.511764][T19547] ? netlink_detachskb+0x90/0x90 [ 683.516694][T19547] ? netlink_sendmsg+0x83c/0xd60 [ 683.521629][T19547] netlink_sendmsg+0xa30/0xd60 [ 683.526405][T19547] ? netlink_getsockopt+0x5b0/0x5b0 [ 683.531611][T19547] ? aa_sock_msg_perm+0x91/0x150 [ 683.536547][T19547] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 683.541824][T19547] ? security_socket_sendmsg+0x7d/0xa0 [ 683.547275][T19547] ? netlink_getsockopt+0x5b0/0x5b0 [ 683.552493][T19547] ____sys_sendmsg+0x59e/0x8f0 [ 683.557254][T19547] ? iovec_from_user+0x300/0x390 [ 683.562202][T19547] ? __sys_sendmsg_sock+0x30/0x30 [ 683.567255][T19547] ___sys_sendmsg+0x252/0x2e0 [ 683.571935][T19547] ? __sys_sendmsg+0x260/0x260 [ 683.576740][T19547] __se_sys_sendmsg+0x19a/0x260 [ 683.581593][T19547] ? __x64_sys_sendmsg+0x80/0x80 [ 683.586531][T19547] ? syscall_enter_from_user_mode+0x2e/0x240 [ 683.592502][T19547] ? lockdep_hardirqs_on+0x94/0x130 [ 683.597696][T19547] ? syscall_enter_from_user_mode+0x2e/0x240 [ 683.603666][T19547] do_syscall_64+0x3b/0xb0 [ 683.608070][T19547] ? clear_bhb_loop+0x15/0x70 [ 683.612737][T19547] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 683.618618][T19547] RIP: 0033:0x7f0965cadff9 [ 683.623022][T19547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 683.642617][T19547] RSP: 002b:00007f0964126038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 683.651026][T19547] RAX: ffffffffffffffda RBX: 00007f0965e65f80 RCX: 00007f0965cadff9 [ 683.658985][T19547] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 683.667032][T19547] RBP: 00007f0965d20296 R08: 0000000000000000 R09: 0000000000000000 [ 683.674990][T19547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 683.682948][T19547] R13: 0000000000000000 R14: 00007f0965e65f80 R15: 00007ffd70536e78 [ 683.691040][T19547] [ 683.794960][T10227] wlan1: Trigger new scan to find an IBSS to join [ 683.816413][T19556] netlink: 131088 bytes leftover after parsing attributes in process `syz.2.5355'. [ 683.846201][T19556] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 683.868936][T19556] CPU: 1 PID: 19556 Comm: syz.2.5355 Not tainted 5.15.168-syzkaller #0 [ 683.877225][T19556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 683.887290][T19556] Call Trace: [ 683.890577][T19556] [ 683.893521][T19556] dump_stack_lvl+0x1e3/0x2d0 [ 683.898215][T19556] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 683.903863][T19556] ? panic+0x860/0x860 [ 683.907953][T19556] ? kmem_cache_alloc_trace+0x143/0x290 [ 683.913511][T19556] ? sysfs_warn_dup+0x4d/0xa0 [ 683.918203][T19556] sysfs_warn_dup+0x8a/0xa0 [ 683.922724][T19556] sysfs_do_create_link_sd+0xbe/0x100 [ 683.928116][T19556] device_add+0x7d4/0xfd0 [ 683.932472][T19556] wiphy_register+0x1d30/0x2bb0 [ 683.937349][T19556] ? cfg80211_event_work+0x40/0x40 [ 683.942469][T19556] ? minstrel_ht_alloc+0x7cf/0x940 [ 683.947601][T19556] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 683.953686][T19556] ieee80211_register_hw+0x2986/0x39d0 [ 683.959169][T19556] ? ieee80211_register_hw+0xac1/0x39d0 [ 683.964736][T19556] ? ieee80211_tasklet_handler+0x20/0x20 [ 683.970379][T19556] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 683.976555][T19556] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 683.982798][T19556] mac80211_hwsim_new_radio+0x223d/0x4200 [ 683.988558][T19556] hwsim_new_radio_nl+0xbae/0x1090 [ 683.993691][T19556] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 684.000220][T19556] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 684.006571][T19556] genl_rcv_msg+0xfbd/0x14a0 [ 684.011181][T19556] ? genl_bind+0x420/0x420 [ 684.015617][T19556] ? _raw_spin_unlock_irqrestore+0xd4/0x130 [ 684.021541][T19556] ? mark_lock+0x98/0x340 [ 684.025893][T19556] ? __lock_acquire+0x1295/0x1ff0 [ 684.030935][T19556] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 684.037464][T19556] netlink_rcv_skb+0x1cf/0x410 [ 684.042250][T19556] ? genl_bind+0x420/0x420 [ 684.046675][T19556] ? netlink_ack+0xb10/0xb10 [ 684.051286][T19556] ? down_read+0x1b3/0x2e0 [ 684.055705][T19556] ? genl_rcv+0x9/0x40 [ 684.059781][T19556] genl_rcv+0x24/0x40 [ 684.063795][T19556] netlink_unicast+0x7b6/0x980 [ 684.068608][T19556] ? netlink_detachskb+0x90/0x90 [ 684.073541][T19556] ? __virt_addr_valid+0xb7/0x460 [ 684.078595][T19556] ? 0xffffffff81000000 [ 684.082748][T19556] ? __check_object_size+0x300/0x410 [ 684.088022][T19556] ? bpf_lsm_netlink_send+0x5/0x10 [ 684.093219][T19556] netlink_sendmsg+0xa30/0xd60 [ 684.097975][T19556] ? netlink_getsockopt+0x5b0/0x5b0 [ 684.103163][T19556] ? tomoyo_socket_sendmsg_permission+0x129/0x410 [ 684.109588][T19556] ? aa_sock_msg_perm+0x91/0x150 [ 684.114539][T19556] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 684.119834][T19556] ? security_socket_sendmsg+0x7d/0xa0 [ 684.125304][T19556] ? netlink_getsockopt+0x5b0/0x5b0 [ 684.130494][T19556] ____sys_sendmsg+0x59e/0x8f0 [ 684.135274][T19556] ? iovec_from_user+0x300/0x390 [ 684.140324][T19556] ? __sys_sendmsg_sock+0x30/0x30 [ 684.145432][T19556] ___sys_sendmsg+0x252/0x2e0 [ 684.150109][T19556] ? print_irqtrace_events+0x210/0x210 [ 684.155560][T19556] ? __sys_sendmsg+0x260/0x260 [ 684.160309][T19556] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 684.166489][T19556] ? __fdget+0x191/0x220 [ 684.170728][T19556] __se_sys_sendmsg+0x19a/0x260 [ 684.175587][T19556] ? __x64_sys_sendmsg+0x80/0x80 [ 684.180539][T19556] ? syscall_enter_from_user_mode+0x2e/0x240 [ 684.186516][T19556] ? lockdep_hardirqs_on+0x94/0x130 [ 684.191702][T19556] ? syscall_enter_from_user_mode+0x2e/0x240 [ 684.197668][T19556] do_syscall_64+0x3b/0xb0 [ 684.202068][T19556] ? clear_bhb_loop+0x15/0x70 [ 684.206728][T19556] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 684.212607][T19556] RIP: 0033:0x7f5a74c3fff9 [ 684.217007][T19556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 684.236599][T19556] RSP: 002b:00007f5a730b8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 684.245025][T19556] RAX: ffffffffffffffda RBX: 00007f5a74df7f80 RCX: 00007f5a74c3fff9 [ 684.252998][T19556] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 684.260956][T19556] RBP: 00007f5a74cb2296 R08: 0000000000000000 R09: 0000000000000000 [ 684.268914][T19556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 684.276886][T19556] R13: 0000000000000000 R14: 00007f5a74df7f80 R15: 00007ffc39e4bbe8 [ 684.284895][T19556] [ 684.740082][T10227] wlan1: Trigger new scan to find an IBSS to join [ 684.816119][T19602] netlink: 131088 bytes leftover after parsing attributes in process `syz.2.5371'. [ 684.875971][T19602] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 684.889667][T19602] CPU: 1 PID: 19602 Comm: syz.2.5371 Not tainted 5.15.168-syzkaller #0 [ 684.897949][T19602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 684.908016][T19602] Call Trace: [ 684.911306][T19602] [ 684.914252][T19602] dump_stack_lvl+0x1e3/0x2d0 [ 684.918946][T19602] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 684.924592][T19602] ? panic+0x860/0x860 [ 684.928677][T19602] ? kmem_cache_alloc_trace+0x143/0x290 [ 684.934301][T19602] ? sysfs_warn_dup+0x4d/0xa0 [ 684.938973][T19602] sysfs_warn_dup+0x8a/0xa0 [ 684.943472][T19602] sysfs_do_create_link_sd+0xbe/0x100 [ 684.948848][T19602] device_add+0x7d4/0xfd0 [ 684.953206][T19602] wiphy_register+0x1d30/0x2bb0 [ 684.958222][T19602] ? cfg80211_event_work+0x40/0x40 [ 684.963341][T19602] ? minstrel_ht_alloc+0x7cf/0x940 [ 684.968448][T19602] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 684.974503][T19602] ieee80211_register_hw+0x2986/0x39d0 [ 684.979954][T19602] ? ieee80211_register_hw+0xac1/0x39d0 [ 684.985494][T19602] ? ieee80211_tasklet_handler+0x20/0x20 [ 684.991117][T19602] ? memset+0x1f/0x40 [ 684.995089][T19602] ? __hrtimer_init+0x181/0x260 [ 684.999934][T19602] mac80211_hwsim_new_radio+0x223d/0x4200 [ 685.005675][T19602] hwsim_new_radio_nl+0xbae/0x1090 [ 685.010777][T19602] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 685.017262][T19602] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 685.023418][T19602] genl_rcv_msg+0xfbd/0x14a0 [ 685.028005][T19602] ? genl_bind+0x420/0x420 [ 685.032419][T19602] ? local_bh_enable+0x5/0x20 [ 685.037087][T19602] ? mark_lock+0x98/0x340 [ 685.041413][T19602] ? __lock_acquire+0x1295/0x1ff0 [ 685.046435][T19602] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 685.052945][T19602] netlink_rcv_skb+0x1cf/0x410 [ 685.057732][T19602] ? genl_bind+0x420/0x420 [ 685.062153][T19602] ? netlink_ack+0xb10/0xb10 [ 685.066743][T19602] ? down_read+0x1b3/0x2e0 [ 685.071142][T19602] ? genl_rcv+0x9/0x40 [ 685.075198][T19602] genl_rcv+0x24/0x40 [ 685.079166][T19602] netlink_unicast+0x7b6/0x980 [ 685.083922][T19602] ? netlink_detachskb+0x90/0x90 [ 685.088840][T19602] ? __virt_addr_valid+0xb7/0x460 [ 685.093860][T19602] ? 0xffffffff81000000 [ 685.097998][T19602] ? __check_object_size+0x300/0x410 [ 685.103275][T19602] ? bpf_lsm_netlink_send+0x5/0x10 [ 685.108408][T19602] netlink_sendmsg+0xa30/0xd60 [ 685.113194][T19602] ? netlink_getsockopt+0x5b0/0x5b0 [ 685.118396][T19602] ? __sys_sendmsg_sock+0x21/0x30 [ 685.123421][T19602] ? aa_sock_msg_perm+0x91/0x150 [ 685.128343][T19602] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 685.133608][T19602] ? security_socket_sendmsg+0x7d/0xa0 [ 685.139045][T19602] ? netlink_getsockopt+0x5b0/0x5b0 [ 685.144232][T19602] ____sys_sendmsg+0x59e/0x8f0 [ 685.148982][T19602] ? iovec_from_user+0x300/0x390 [ 685.153932][T19602] ? __sys_sendmsg_sock+0x30/0x30 [ 685.158971][T19602] ___sys_sendmsg+0x252/0x2e0 [ 685.163641][T19602] ? __sys_sendmsg+0x260/0x260 [ 685.168408][T19602] ? __fdget+0x191/0x220 [ 685.172638][T19602] __se_sys_sendmsg+0x19a/0x260 [ 685.177476][T19602] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 685.183625][T19602] ? __x64_sys_sendmsg+0x80/0x80 [ 685.188550][T19602] ? syscall_enter_from_user_mode+0x37/0x240 [ 685.194511][T19602] ? syscall_enter_from_user_mode+0x2e/0x240 [ 685.200486][T19602] do_syscall_64+0x3b/0xb0 [ 685.204903][T19602] ? clear_bhb_loop+0x15/0x70 [ 685.209560][T19602] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 685.215451][T19602] RIP: 0033:0x7f5a74c3fff9 [ 685.219851][T19602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 685.239437][T19602] RSP: 002b:00007f5a730b8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 685.247839][T19602] RAX: ffffffffffffffda RBX: 00007f5a74df7f80 RCX: 00007f5a74c3fff9 [ 685.255822][T19602] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 685.263804][T19602] RBP: 00007f5a74cb2296 R08: 0000000000000000 R09: 0000000000000000 [ 685.271769][T19602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 685.279727][T19602] R13: 0000000000000000 R14: 00007f5a74df7f80 R15: 00007ffc39e4bbe8 [ 685.287691][T19602] [ 685.453153][T19610] netlink: 131088 bytes leftover after parsing attributes in process `syz.0.5373'. [ 685.496374][T19610] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 685.506023][T19610] CPU: 0 PID: 19610 Comm: syz.0.5373 Not tainted 5.15.168-syzkaller #0 [ 685.514288][T19610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 685.524353][T19610] Call Trace: [ 685.527635][T19610] [ 685.530571][T19610] dump_stack_lvl+0x1e3/0x2d0 [ 685.535261][T19610] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 685.540902][T19610] ? panic+0x860/0x860 [ 685.544997][T19610] ? kmem_cache_alloc_trace+0x143/0x290 [ 685.550551][T19610] ? sysfs_warn_dup+0x4d/0xa0 [ 685.555243][T19610] sysfs_warn_dup+0x8a/0xa0 [ 685.559756][T19610] sysfs_do_create_link_sd+0xbe/0x100 [ 685.565140][T19610] device_add+0x7d4/0xfd0 [ 685.569493][T19610] wiphy_register+0x1d30/0x2bb0 [ 685.574390][T19610] ? cfg80211_event_work+0x40/0x40 [ 685.579512][T19610] ? minstrel_ht_alloc+0x7cf/0x940 [ 685.584699][T19610] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 685.590779][T19610] ieee80211_register_hw+0x2986/0x39d0 [ 685.596257][T19610] ? ieee80211_register_hw+0xac1/0x39d0 [ 685.601815][T19610] ? ieee80211_tasklet_handler+0x20/0x20 [ 685.607460][T19610] ? memset+0x1f/0x40 [ 685.611441][T19610] ? __hrtimer_init+0x181/0x260 [ 685.616293][T19610] mac80211_hwsim_new_radio+0x223d/0x4200 [ 685.622032][T19610] hwsim_new_radio_nl+0xbae/0x1090 [ 685.627158][T19610] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 685.633677][T19610] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 685.640019][T19610] genl_rcv_msg+0xfbd/0x14a0 [ 685.644630][T19610] ? genl_bind+0x420/0x420 [ 685.649055][T19610] ? local_bh_enable+0x5/0x20 [ 685.653761][T19610] ? mark_lock+0x98/0x340 [ 685.658092][T19610] ? __lock_acquire+0x1295/0x1ff0 [ 685.663125][T19610] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 685.669642][T19610] netlink_rcv_skb+0x1cf/0x410 [ 685.674417][T19610] ? genl_bind+0x420/0x420 [ 685.678832][T19610] ? netlink_ack+0xb10/0xb10 [ 685.683437][T19610] ? down_read+0x1b3/0x2e0 [ 685.687857][T19610] ? genl_rcv+0x9/0x40 [ 685.691941][T19610] genl_rcv+0x24/0x40 [ 685.695923][T19610] netlink_unicast+0x7b6/0x980 [ 685.700716][T19610] ? netlink_detachskb+0x90/0x90 [ 685.705660][T19610] ? __virt_addr_valid+0xb7/0x460 [ 685.710692][T19610] ? 0xffffffff81000000 [ 685.714850][T19610] ? __check_object_size+0x300/0x410 [ 685.720142][T19610] ? bpf_lsm_netlink_send+0x5/0x10 [ 685.725258][T19610] netlink_sendmsg+0xa30/0xd60 [ 685.730046][T19610] ? netlink_getsockopt+0x5b0/0x5b0 [ 685.735250][T19610] ? futex_wait+0x634/0x740 [ 685.739767][T19610] ? aa_sock_msg_perm+0x91/0x150 [ 685.744713][T19610] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 685.750003][T19610] ? security_socket_sendmsg+0x7d/0xa0 [ 685.755467][T19610] ? netlink_getsockopt+0x5b0/0x5b0 [ 685.760672][T19610] ____sys_sendmsg+0x59e/0x8f0 [ 685.765446][T19610] ? iovec_from_user+0x300/0x390 [ 685.770400][T19610] ? __sys_sendmsg_sock+0x30/0x30 [ 685.775454][T19610] ___sys_sendmsg+0x252/0x2e0 [ 685.780151][T19610] ? __sys_sendmsg+0x260/0x260 [ 685.784946][T19610] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 685.791121][T19610] ? lockdep_hardirqs_on+0x94/0x130 [ 685.796354][T19610] ? __fdget+0x191/0x220 [ 685.800622][T19610] __se_sys_sendmsg+0x19a/0x260 [ 685.805486][T19610] ? __x64_sys_sendmsg+0x80/0x80 [ 685.810446][T19610] ? syscall_enter_from_user_mode+0x2e/0x240 [ 685.816526][T19610] ? lockdep_hardirqs_on+0x94/0x130 [ 685.821737][T19610] ? syscall_enter_from_user_mode+0x2e/0x240 [ 685.827738][T19610] do_syscall_64+0x3b/0xb0 [ 685.832170][T19610] ? clear_bhb_loop+0x15/0x70 [ 685.836857][T19610] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 685.842786][T19610] RIP: 0033:0x7f9788f97ff9 [ 685.847205][T19610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 685.866990][T19610] RSP: 002b:00007f9787410038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 685.875426][T19610] RAX: ffffffffffffffda RBX: 00007f978914ff80 RCX: 00007f9788f97ff9 [ 685.883410][T19610] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 685.891385][T19610] RBP: 00007f978900a296 R08: 0000000000000000 R09: 0000000000000000 [ 685.899370][T19610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 685.907348][T19610] R13: 0000000000000000 R14: 00007f978914ff80 R15: 00007ffda9e5fc18 [ 685.915352][T19610] [ 685.925311][ T1390] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.931789][ T1390] ieee802154 phy1 wpan1: encryption failed: -22 [ 685.949147][T10227] wlan1: Creating new IBSS network, BSSID 26:03:b8:81:f8:29 [ 686.738885][ T1137] wlan1: Trigger new scan to find an IBSS to join [ 686.911376][T19659] netlink: 131088 bytes leftover after parsing attributes in process `syz.3.5389'. [ 686.964076][T19659] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 687.001989][T19659] CPU: 0 PID: 19659 Comm: syz.3.5389 Not tainted 5.15.168-syzkaller #0 [ 687.010269][T19659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 687.020526][T19659] Call Trace: [ 687.023814][T19659] [ 687.026747][T19659] dump_stack_lvl+0x1e3/0x2d0 [ 687.031440][T19659] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 687.037077][T19659] ? panic+0x860/0x860 [ 687.041137][T19659] ? kmem_cache_alloc_trace+0x143/0x290 [ 687.046690][T19659] ? sysfs_warn_dup+0x4d/0xa0 [ 687.051535][T19659] sysfs_warn_dup+0x8a/0xa0 [ 687.056052][T19659] sysfs_do_create_link_sd+0xbe/0x100 [ 687.061415][T19659] device_add+0x7d4/0xfd0 [ 687.065752][T19659] wiphy_register+0x1d30/0x2bb0 [ 687.070612][T19659] ? cfg80211_event_work+0x40/0x40 [ 687.075732][T19659] ? minstrel_ht_alloc+0x7cf/0x940 [ 687.080852][T19659] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 687.086912][T19659] ieee80211_register_hw+0x2986/0x39d0 [ 687.092379][T19659] ? ieee80211_register_hw+0xac1/0x39d0 [ 687.097945][T19659] ? ieee80211_tasklet_handler+0x20/0x20 [ 687.103583][T19659] ? memset+0x1f/0x40 [ 687.107569][T19659] ? __hrtimer_init+0x181/0x260 [ 687.112419][T19659] mac80211_hwsim_new_radio+0x223d/0x4200 [ 687.118246][T19659] hwsim_new_radio_nl+0xbae/0x1090 [ 687.123372][T19659] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 687.129880][T19659] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 687.136219][T19659] genl_rcv_msg+0xfbd/0x14a0 [ 687.140827][T19659] ? genl_bind+0x420/0x420 [ 687.145264][T19659] ? local_bh_enable+0x5/0x20 [ 687.149965][T19659] ? mark_lock+0x98/0x340 [ 687.154309][T19659] ? __lock_acquire+0x1295/0x1ff0 [ 687.159359][T19659] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 687.165893][T19659] netlink_rcv_skb+0x1cf/0x410 [ 687.170674][T19659] ? genl_bind+0x420/0x420 [ 687.175197][T19659] ? netlink_ack+0xb10/0xb10 [ 687.179809][T19659] ? down_read+0x1b3/0x2e0 [ 687.184235][T19659] ? genl_rcv+0x9/0x40 [ 687.188312][T19659] genl_rcv+0x24/0x40 [ 687.192299][T19659] netlink_unicast+0x7b6/0x980 [ 687.197080][T19659] ? netlink_detachskb+0x90/0x90 [ 687.202037][T19659] ? __virt_addr_valid+0xb7/0x460 [ 687.207074][T19659] ? 0xffffffff81000000 [ 687.211229][T19659] ? __check_object_size+0x300/0x410 [ 687.216526][T19659] ? bpf_lsm_netlink_send+0x5/0x10 [ 687.221650][T19659] netlink_sendmsg+0xa30/0xd60 [ 687.226442][T19659] ? netlink_getsockopt+0x5b0/0x5b0 [ 687.231659][T19659] ? aa_sock_msg_perm+0x91/0x150 [ 687.236613][T19659] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 687.241909][T19659] ? security_socket_sendmsg+0x7d/0xa0 [ 687.247374][T19659] ? netlink_getsockopt+0x5b0/0x5b0 [ 687.252595][T19659] ____sys_sendmsg+0x59e/0x8f0 [ 687.257376][T19659] ? iovec_from_user+0x300/0x390 [ 687.262338][T19659] ? __sys_sendmsg_sock+0x30/0x30 [ 687.267398][T19659] ___sys_sendmsg+0x252/0x2e0 [ 687.272092][T19659] ? __sys_sendmsg+0x260/0x260 [ 687.276912][T19659] ? __fdget+0x191/0x220 [ 687.281169][T19659] __se_sys_sendmsg+0x19a/0x260 [ 687.286033][T19659] ? __x64_sys_sendmsg+0x80/0x80 [ 687.290997][T19659] ? syscall_enter_from_user_mode+0x2e/0x240 [ 687.296989][T19659] ? lockdep_hardirqs_on+0x94/0x130 [ 687.302203][T19659] ? syscall_enter_from_user_mode+0x2e/0x240 [ 687.308201][T19659] do_syscall_64+0x3b/0xb0 [ 687.312625][T19659] ? clear_bhb_loop+0x15/0x70 [ 687.317292][T19659] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 687.323174][T19659] RIP: 0033:0x7f5da2ef4ff9 [ 687.327601][T19659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 687.347213][T19659] RSP: 002b:00007f5da136d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 687.355615][T19659] RAX: ffffffffffffffda RBX: 00007f5da30acf80 RCX: 00007f5da2ef4ff9 [ 687.363583][T19659] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 687.371556][T19659] RBP: 00007f5da2f67296 R08: 0000000000000000 R09: 0000000000000000 [ 687.379537][T19659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 687.387511][T19659] R13: 0000000000000000 R14: 00007f5da30acf80 R15: 00007ffcf62245b8 [ 687.395487][T19659] [ 687.533646][T19678] netlink: 131088 bytes leftover after parsing attributes in process `syz.1.5406'. [ 687.582914][T19678] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 687.592273][T19678] CPU: 0 PID: 19678 Comm: syz.1.5406 Not tainted 5.15.168-syzkaller #0 [ 687.600715][T19678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 687.610954][T19678] Call Trace: [ 687.614233][T19678] [ 687.617161][T19678] dump_stack_lvl+0x1e3/0x2d0 [ 687.621848][T19678] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 687.627495][T19678] ? panic+0x860/0x860 [ 687.631588][T19678] ? kmem_cache_alloc_trace+0x143/0x290 [ 687.637142][T19678] ? sysfs_warn_dup+0x4d/0xa0 [ 687.641828][T19678] sysfs_warn_dup+0x8a/0xa0 [ 687.646343][T19678] sysfs_do_create_link_sd+0xbe/0x100 [ 687.651732][T19678] device_add+0x7d4/0xfd0 [ 687.656081][T19678] wiphy_register+0x1d30/0x2bb0 [ 687.661125][T19678] ? cfg80211_event_work+0x40/0x40 [ 687.666243][T19678] ? minstrel_ht_alloc+0x7cf/0x940 [ 687.671381][T19678] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 687.677463][T19678] ieee80211_register_hw+0x2986/0x39d0 [ 687.682957][T19678] ? ieee80211_register_hw+0xac1/0x39d0 [ 687.688510][T19678] ? ieee80211_tasklet_handler+0x20/0x20 [ 687.694154][T19678] ? memset+0x1f/0x40 [ 687.698132][T19678] ? __hrtimer_init+0x181/0x260 [ 687.702980][T19678] mac80211_hwsim_new_radio+0x223d/0x4200 [ 687.708714][T19678] hwsim_new_radio_nl+0xbae/0x1090 [ 687.713827][T19678] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 687.720326][T19678] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 687.726649][T19678] genl_rcv_msg+0xfbd/0x14a0 [ 687.731239][T19678] ? genl_bind+0x420/0x420 [ 687.735641][T19678] ? local_bh_enable+0x5/0x20 [ 687.740317][T19678] ? mark_lock+0x98/0x340 [ 687.744644][T19678] ? __lock_acquire+0x1295/0x1ff0 [ 687.749665][T19678] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 687.756167][T19678] netlink_rcv_skb+0x1cf/0x410 [ 687.760938][T19678] ? genl_bind+0x420/0x420 [ 687.765468][T19678] ? netlink_ack+0xb10/0xb10 [ 687.770057][T19678] ? down_read+0x1b3/0x2e0 [ 687.774482][T19678] ? genl_rcv+0x9/0x40 [ 687.778538][T19678] genl_rcv+0x24/0x40 [ 687.782506][T19678] netlink_unicast+0x7b6/0x980 [ 687.787292][T19678] ? netlink_detachskb+0x90/0x90 [ 687.792243][T19678] ? __virt_addr_valid+0xb7/0x460 [ 687.797272][T19678] ? 0xffffffff81000000 [ 687.801420][T19678] ? __check_object_size+0x300/0x410 [ 687.806699][T19678] ? bpf_lsm_netlink_send+0x5/0x10 [ 687.811804][T19678] netlink_sendmsg+0xa30/0xd60 [ 687.816572][T19678] ? netlink_getsockopt+0x5b0/0x5b0 [ 687.821761][T19678] ? aa_sock_msg_perm+0x91/0x150 [ 687.826694][T19678] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 687.831992][T19678] ? security_socket_sendmsg+0x7d/0xa0 [ 687.837446][T19678] ? netlink_getsockopt+0x5b0/0x5b0 [ 687.842634][T19678] ____sys_sendmsg+0x59e/0x8f0 [ 687.847388][T19678] ? __import_iovec+0x12d/0x4b0 [ 687.852235][T19678] ? __sys_sendmsg_sock+0x30/0x30 [ 687.857266][T19678] ___sys_sendmsg+0x252/0x2e0 [ 687.861964][T19678] ? __sys_sendmsg+0x260/0x260 [ 687.866751][T19678] ? __fdget+0x191/0x220 [ 687.870995][T19678] __se_sys_sendmsg+0x19a/0x260 [ 687.875833][T19678] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 687.881983][T19678] ? __x64_sys_sendmsg+0x80/0x80 [ 687.887092][T19678] ? syscall_enter_from_user_mode+0x37/0x240 [ 687.893064][T19678] ? syscall_enter_from_user_mode+0x2e/0x240 [ 687.899045][T19678] do_syscall_64+0x3b/0xb0 [ 687.903448][T19678] ? clear_bhb_loop+0x15/0x70 [ 687.908111][T19678] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 687.913996][T19678] RIP: 0033:0x7f0965cadff9 [ 687.918505][T19678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 687.938197][T19678] RSP: 002b:00007f0964126038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 687.946601][T19678] RAX: ffffffffffffffda RBX: 00007f0965e65f80 RCX: 00007f0965cadff9 [ 687.954560][T19678] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 687.962519][T19678] RBP: 00007f0965d20296 R08: 0000000000000000 R09: 0000000000000000 [ 687.970648][T19678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 687.978604][T19678] R13: 0000000000000000 R14: 00007f0965e65f80 R15: 00007ffd70536e78 [ 687.986607][T19678] [ 688.247401][T19696] netlink: 131088 bytes leftover after parsing attributes in process `syz.0.5400'. [ 688.301929][T19696] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 688.331978][T19696] CPU: 0 PID: 19696 Comm: syz.0.5400 Not tainted 5.15.168-syzkaller #0 [ 688.340262][T19696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 688.350327][T19696] Call Trace: [ 688.353617][T19696] [ 688.356556][T19696] dump_stack_lvl+0x1e3/0x2d0 [ 688.361252][T19696] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 688.366901][T19696] ? panic+0x860/0x860 [ 688.370994][T19696] ? kmem_cache_alloc_trace+0x143/0x290 [ 688.376551][T19696] ? sysfs_warn_dup+0x4d/0xa0 [ 688.381248][T19696] sysfs_warn_dup+0x8a/0xa0 [ 688.385770][T19696] sysfs_do_create_link_sd+0xbe/0x100 [ 688.391154][T19696] device_add+0x7d4/0xfd0 [ 688.395521][T19696] wiphy_register+0x1d30/0x2bb0 [ 688.400406][T19696] ? cfg80211_event_work+0x40/0x40 [ 688.405527][T19696] ? minstrel_ht_alloc+0x7cf/0x940 [ 688.410738][T19696] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 688.416802][T19696] ieee80211_register_hw+0x2986/0x39d0 [ 688.422282][T19696] ? ieee80211_register_hw+0xac1/0x39d0 [ 688.427853][T19696] ? ieee80211_tasklet_handler+0x20/0x20 [ 688.433509][T19696] ? memset+0x1f/0x40 [ 688.437504][T19696] ? __hrtimer_init+0x181/0x260 [ 688.442381][T19696] mac80211_hwsim_new_radio+0x223d/0x4200 [ 688.448141][T19696] hwsim_new_radio_nl+0xbae/0x1090 [ 688.453272][T19696] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 688.459772][T19696] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 688.465948][T19696] genl_rcv_msg+0xfbd/0x14a0 [ 688.470534][T19696] ? genl_bind+0x420/0x420 [ 688.474935][T19696] ? local_bh_enable+0x5/0x20 [ 688.479614][T19696] ? mark_lock+0x98/0x340 [ 688.483942][T19696] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 688.489912][T19696] ? print_irqtrace_events+0x210/0x210 [ 688.495362][T19696] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 688.501507][T19696] ? lockdep_hardirqs_on+0x94/0x130 [ 688.506702][T19696] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 688.513215][T19696] netlink_rcv_skb+0x1cf/0x410 [ 688.517970][T19696] ? genl_bind+0x420/0x420 [ 688.522375][T19696] ? netlink_ack+0xb10/0xb10 [ 688.526963][T19696] ? down_read+0x1b3/0x2e0 [ 688.531364][T19696] ? genl_rcv+0x9/0x40 [ 688.535418][T19696] genl_rcv+0x24/0x40 [ 688.539384][T19696] netlink_unicast+0x7b6/0x980 [ 688.544143][T19696] ? netlink_detachskb+0x90/0x90 [ 688.549067][T19696] ? __virt_addr_valid+0xb7/0x460 [ 688.554093][T19696] ? 0xffffffff81000000 [ 688.558252][T19696] ? __check_object_size+0x300/0x410 [ 688.563546][T19696] ? bpf_lsm_netlink_send+0x5/0x10 [ 688.568657][T19696] netlink_sendmsg+0xa30/0xd60 [ 688.573432][T19696] ? netlink_getsockopt+0x5b0/0x5b0 [ 688.578620][T19696] ? futex_wait+0x634/0x740 [ 688.583117][T19696] ? aa_sock_msg_perm+0x91/0x150 [ 688.588047][T19696] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 688.593312][T19696] ? security_socket_sendmsg+0x7d/0xa0 [ 688.598759][T19696] ? netlink_getsockopt+0x5b0/0x5b0 [ 688.603949][T19696] ____sys_sendmsg+0x59e/0x8f0 [ 688.608708][T19696] ? iovec_from_user+0x300/0x390 [ 688.613644][T19696] ? __sys_sendmsg_sock+0x30/0x30 [ 688.618670][T19696] ___sys_sendmsg+0x252/0x2e0 [ 688.623340][T19696] ? __sys_sendmsg+0x260/0x260 [ 688.628107][T19696] ? __fget_files+0x388/0x480 [ 688.632772][T19696] ? rcu_lock_release+0x9/0x20 [ 688.637544][T19696] ? __fdget+0x191/0x220 [ 688.641776][T19696] __se_sys_sendmsg+0x19a/0x260 [ 688.646621][T19696] ? __x64_sys_sendmsg+0x80/0x80 [ 688.651552][T19696] ? syscall_enter_from_user_mode+0x2e/0x240 [ 688.657526][T19696] ? lockdep_hardirqs_on+0x94/0x130 [ 688.662715][T19696] ? syscall_enter_from_user_mode+0x2e/0x240 [ 688.668689][T19696] do_syscall_64+0x3b/0xb0 [ 688.673097][T19696] ? clear_bhb_loop+0x15/0x70 [ 688.677761][T19696] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 688.683661][T19696] RIP: 0033:0x7f9788f97ff9 [ 688.688101][T19696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 688.707717][T19696] RSP: 002b:00007f9787410038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 688.716131][T19696] RAX: ffffffffffffffda RBX: 00007f978914ff80 RCX: 00007f9788f97ff9 [ 688.724095][T19696] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 688.732051][T19696] RBP: 00007f978900a296 R08: 0000000000000000 R09: 0000000000000000 [ 688.740007][T19696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 688.747964][T19696] R13: 0000000000000000 R14: 00007f978914ff80 R15: 00007ffda9e5fc18 [ 688.755940][T19696] [ 688.820184][T10227] wlan1: Trigger new scan to find an IBSS to join [ 689.275160][T19710] netlink: 131088 bytes leftover after parsing attributes in process `syz.3.5407'. [ 689.394717][T19710] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 689.408930][T19710] CPU: 1 PID: 19710 Comm: syz.3.5407 Not tainted 5.15.168-syzkaller #0 [ 689.417201][T19710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 689.427265][T19710] Call Trace: [ 689.430542][T19710] [ 689.433472][T19710] dump_stack_lvl+0x1e3/0x2d0 [ 689.438161][T19710] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 689.443804][T19710] ? panic+0x860/0x860 [ 689.447885][T19710] ? kmem_cache_alloc_trace+0x143/0x290 [ 689.453438][T19710] ? sysfs_warn_dup+0x4d/0xa0 [ 689.458132][T19710] sysfs_warn_dup+0x8a/0xa0 [ 689.462646][T19710] sysfs_do_create_link_sd+0xbe/0x100 [ 689.468040][T19710] device_add+0x7d4/0xfd0 [ 689.472393][T19710] wiphy_register+0x1d30/0x2bb0 [ 689.477264][T19710] ? cfg80211_event_work+0x40/0x40 [ 689.482381][T19710] ? minstrel_ht_alloc+0x7cf/0x940 [ 689.487514][T19710] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 689.493599][T19710] ieee80211_register_hw+0x2986/0x39d0 [ 689.499082][T19710] ? ieee80211_register_hw+0xac1/0x39d0 [ 689.504645][T19710] ? ieee80211_tasklet_handler+0x20/0x20 [ 689.510295][T19710] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 689.516480][T19710] ? memset+0x1f/0x40 [ 689.520480][T19710] ? __hrtimer_init+0x181/0x260 [ 689.525349][T19710] mac80211_hwsim_new_radio+0x223d/0x4200 [ 689.531103][T19710] hwsim_new_radio_nl+0xbae/0x1090 [ 689.536237][T19710] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 689.542763][T19710] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 689.549114][T19710] genl_rcv_msg+0xfbd/0x14a0 [ 689.553729][T19710] ? genl_bind+0x420/0x420 [ 689.558151][T19710] ? local_bh_enable+0x5/0x20 [ 689.562847][T19710] ? mark_lock+0x98/0x340 [ 689.567187][T19710] ? __lock_acquire+0x1295/0x1ff0 [ 689.572236][T19710] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 689.578761][T19710] netlink_rcv_skb+0x1cf/0x410 [ 689.583533][T19710] ? genl_bind+0x420/0x420 [ 689.587953][T19710] ? netlink_ack+0xb10/0xb10 [ 689.592560][T19710] ? down_read+0x1b3/0x2e0 [ 689.596981][T19710] ? genl_rcv+0x9/0x40 [ 689.601056][T19710] genl_rcv+0x24/0x40 [ 689.605044][T19710] netlink_unicast+0x7b6/0x980 [ 689.609824][T19710] ? netlink_detachskb+0x90/0x90 [ 689.614765][T19710] ? __virt_addr_valid+0xb7/0x460 [ 689.619791][T19710] ? 0xffffffff81000000 [ 689.624121][T19710] ? __check_object_size+0x300/0x410 [ 689.629417][T19710] ? bpf_lsm_netlink_send+0x5/0x10 [ 689.634546][T19710] netlink_sendmsg+0xa30/0xd60 [ 689.639337][T19710] ? netlink_getsockopt+0x5b0/0x5b0 [ 689.644547][T19710] ? futex_wait+0x634/0x740 [ 689.649066][T19710] ? aa_sock_msg_perm+0x91/0x150 [ 689.654017][T19710] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 689.659311][T19710] ? security_socket_sendmsg+0x7d/0xa0 [ 689.664774][T19710] ? netlink_getsockopt+0x5b0/0x5b0 [ 689.669984][T19710] ____sys_sendmsg+0x59e/0x8f0 [ 689.674764][T19710] ? iovec_from_user+0x300/0x390 [ 689.679715][T19710] ? __sys_sendmsg_sock+0x30/0x30 [ 689.684764][T19710] ___sys_sendmsg+0x252/0x2e0 [ 689.689461][T19710] ? __sys_sendmsg+0x260/0x260 [ 689.694277][T19710] ? __fdget+0x191/0x220 [ 689.698530][T19710] __se_sys_sendmsg+0x19a/0x260 [ 689.703386][T19710] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 689.709554][T19710] ? __x64_sys_sendmsg+0x80/0x80 [ 689.714513][T19710] ? syscall_enter_from_user_mode+0x37/0x240 [ 689.720506][T19710] ? syscall_enter_from_user_mode+0x2e/0x240 [ 689.726498][T19710] do_syscall_64+0x3b/0xb0 [ 689.730919][T19710] ? clear_bhb_loop+0x15/0x70 [ 689.735605][T19710] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 689.741518][T19710] RIP: 0033:0x7f5da2ef4ff9 [ 689.745933][T19710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 689.765540][T19710] RSP: 002b:00007f5da136d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 689.773958][T19710] RAX: ffffffffffffffda RBX: 00007f5da30acf80 RCX: 00007f5da2ef4ff9 [ 689.781916][T19710] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 689.789877][T19710] RBP: 00007f5da2f67296 R08: 0000000000000000 R09: 0000000000000000 [ 689.797838][T19710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 689.805790][T19710] R13: 0000000000000000 R14: 00007f5da30acf80 R15: 00007ffcf62245b8 [ 689.813757][T19710] [ 689.822582][ T3870] wlan1: Trigger new scan to find an IBSS to join [ 690.037449][T19739] netlink: 131088 bytes leftover after parsing attributes in process `syz.2.5413'. [ 690.103187][T19739] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 690.122962][T19739] CPU: 0 PID: 19739 Comm: syz.2.5413 Not tainted 5.15.168-syzkaller #0 [ 690.131249][T19739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 690.141315][T19739] Call Trace: [ 690.144601][T19739] [ 690.147528][T19739] dump_stack_lvl+0x1e3/0x2d0 [ 690.152234][T19739] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 690.157857][T19739] ? panic+0x860/0x860 [ 690.161924][T19739] ? kmem_cache_alloc_trace+0x143/0x290 [ 690.167542][T19739] ? sysfs_warn_dup+0x4d/0xa0 [ 690.172216][T19739] sysfs_warn_dup+0x8a/0xa0 [ 690.176712][T19739] sysfs_do_create_link_sd+0xbe/0x100 [ 690.182072][T19739] device_add+0x7d4/0xfd0 [ 690.186401][T19739] wiphy_register+0x1d30/0x2bb0 [ 690.191254][T19739] ? cfg80211_event_work+0x40/0x40 [ 690.196960][T19739] ? minstrel_ht_alloc+0x7cf/0x940 [ 690.202064][T19739] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 690.208120][T19739] ieee80211_register_hw+0x2986/0x39d0 [ 690.213574][T19739] ? ieee80211_register_hw+0xac1/0x39d0 [ 690.219119][T19739] ? ieee80211_tasklet_handler+0x20/0x20 [ 690.224774][T19739] ? memset+0x1f/0x40 [ 690.228767][T19739] ? __hrtimer_init+0x181/0x260 [ 690.233610][T19739] mac80211_hwsim_new_radio+0x223d/0x4200 [ 690.239333][T19739] hwsim_new_radio_nl+0xbae/0x1090 [ 690.244453][T19739] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 690.250950][T19739] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 690.257293][T19739] genl_rcv_msg+0xfbd/0x14a0 [ 690.261877][T19739] ? genl_bind+0x420/0x420 [ 690.266282][T19739] ? print_irqtrace_events+0x210/0x210 [ 690.271728][T19739] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 690.277870][T19739] ? lockdep_hardirqs_on+0x94/0x130 [ 690.283143][T19739] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 690.289315][T19739] ? validate_chain+0x112/0x5930 [ 690.294240][T19739] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 690.300740][T19739] netlink_rcv_skb+0x1cf/0x410 [ 690.305495][T19739] ? genl_bind+0x420/0x420 [ 690.309899][T19739] ? netlink_ack+0xb10/0xb10 [ 690.314502][T19739] ? down_read+0x1b3/0x2e0 [ 690.318905][T19739] ? genl_rcv+0x9/0x40 [ 690.322980][T19739] genl_rcv+0x24/0x40 [ 690.326954][T19739] netlink_unicast+0x7b6/0x980 [ 690.331886][T19739] ? netlink_detachskb+0x90/0x90 [ 690.336983][T19739] ? __virt_addr_valid+0xb7/0x460 [ 690.342003][T19739] ? 0xffffffff81000000 [ 690.346156][T19739] ? __check_object_size+0x300/0x410 [ 690.351432][T19739] ? bpf_lsm_netlink_send+0x5/0x10 [ 690.356532][T19739] netlink_sendmsg+0xa30/0xd60 [ 690.361294][T19739] ? netlink_getsockopt+0x5b0/0x5b0 [ 690.366481][T19739] ? futex_wait+0x634/0x740 [ 690.370992][T19739] ? aa_sock_msg_perm+0x91/0x150 [ 690.375920][T19739] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 690.381188][T19739] ? security_socket_sendmsg+0x7d/0xa0 [ 690.386634][T19739] ? netlink_getsockopt+0x5b0/0x5b0 [ 690.391819][T19739] ____sys_sendmsg+0x59e/0x8f0 [ 690.396570][T19739] ? iovec_from_user+0x300/0x390 [ 690.401502][T19739] ? __sys_sendmsg_sock+0x30/0x30 [ 690.406525][T19739] ___sys_sendmsg+0x252/0x2e0 [ 690.411211][T19739] ? __sys_sendmsg+0x260/0x260 [ 690.415992][T19739] ? __fdget+0x191/0x220 [ 690.420224][T19739] __se_sys_sendmsg+0x19a/0x260 [ 690.425063][T19739] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 690.431207][T19739] ? __x64_sys_sendmsg+0x80/0x80 [ 690.436146][T19739] ? syscall_enter_from_user_mode+0x37/0x240 [ 690.442118][T19739] ? syscall_enter_from_user_mode+0x2e/0x240 [ 690.448090][T19739] do_syscall_64+0x3b/0xb0 [ 690.452503][T19739] ? clear_bhb_loop+0x15/0x70 [ 690.457186][T19739] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 690.463304][T19739] RIP: 0033:0x7f5a74c3fff9 [ 690.467717][T19739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 690.487312][T19739] RSP: 002b:00007f5a730b8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 690.495721][T19739] RAX: ffffffffffffffda RBX: 00007f5a74df7f80 RCX: 00007f5a74c3fff9 [ 690.503680][T19739] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 690.511635][T19739] RBP: 00007f5a74cb2296 R08: 0000000000000000 R09: 0000000000000000 [ 690.519595][T19739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 690.527547][T19739] R13: 0000000000000000 R14: 00007f5a74df7f80 R15: 00007ffc39e4bbe8 [ 690.535513][T19739] [ 690.805466][T19756] netlink: 131088 bytes leftover after parsing attributes in process `syz.3.5418'. [ 690.871008][T19756] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 690.884424][T19756] CPU: 0 PID: 19756 Comm: syz.3.5418 Not tainted 5.15.168-syzkaller #0 [ 690.892674][T19756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 690.902728][T19756] Call Trace: [ 690.905991][T19756] [ 690.908908][T19756] dump_stack_lvl+0x1e3/0x2d0 [ 690.913601][T19756] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 690.919245][T19756] ? panic+0x860/0x860 [ 690.923324][T19756] ? kmem_cache_alloc_trace+0x143/0x290 [ 690.928852][T19756] ? sysfs_warn_dup+0x4d/0xa0 [ 690.933534][T19756] sysfs_warn_dup+0x8a/0xa0 [ 690.938025][T19756] sysfs_do_create_link_sd+0xbe/0x100 [ 690.943382][T19756] device_add+0x7d4/0xfd0 [ 690.947716][T19756] wiphy_register+0x1d30/0x2bb0 [ 690.952598][T19756] ? cfg80211_event_work+0x40/0x40 [ 690.957712][T19756] ? minstrel_ht_alloc+0x7cf/0x940 [ 690.962830][T19756] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 690.968885][T19756] ieee80211_register_hw+0x2986/0x39d0 [ 690.974349][T19756] ? ieee80211_register_hw+0xac1/0x39d0 [ 690.979910][T19756] ? ieee80211_tasklet_handler+0x20/0x20 [ 690.985553][T19756] ? memset+0x1f/0x40 [ 690.989526][T19756] ? __hrtimer_init+0x181/0x260 [ 690.994375][T19756] mac80211_hwsim_new_radio+0x223d/0x4200 [ 691.000101][T19756] hwsim_new_radio_nl+0xbae/0x1090 [ 691.005219][T19756] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 691.011727][T19756] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 691.018066][T19756] genl_rcv_msg+0xfbd/0x14a0 [ 691.022647][T19756] ? genl_bind+0x420/0x420 [ 691.027050][T19756] ? print_irqtrace_events+0x210/0x210 [ 691.032494][T19756] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 691.038651][T19756] ? lockdep_hardirqs_on+0x94/0x130 [ 691.043839][T19756] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 691.049985][T19756] ? validate_chain+0x112/0x5930 [ 691.054907][T19756] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 691.061399][T19756] netlink_rcv_skb+0x1cf/0x410 [ 691.066151][T19756] ? genl_bind+0x420/0x420 [ 691.070573][T19756] ? netlink_ack+0xb10/0xb10 [ 691.075151][T19756] ? down_read+0x1b3/0x2e0 [ 691.079551][T19756] ? genl_rcv+0x9/0x40 [ 691.083604][T19756] genl_rcv+0x24/0x40 [ 691.087568][T19756] netlink_unicast+0x7b6/0x980 [ 691.092323][T19756] ? netlink_detachskb+0x90/0x90 [ 691.097244][T19756] ? __virt_addr_valid+0xb7/0x460 [ 691.102264][T19756] ? 0xffffffff81000000 [ 691.106400][T19756] ? __check_object_size+0x300/0x410 [ 691.111670][T19756] ? bpf_lsm_netlink_send+0x5/0x10 [ 691.116763][T19756] netlink_sendmsg+0xa30/0xd60 [ 691.121520][T19756] ? netlink_getsockopt+0x5b0/0x5b0 [ 691.126703][T19756] ? futex_wait+0x634/0x740 [ 691.131192][T19756] ? aa_sock_msg_perm+0x91/0x150 [ 691.136117][T19756] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 691.141399][T19756] ? security_socket_sendmsg+0x7d/0xa0 [ 691.146843][T19756] ? netlink_getsockopt+0x5b0/0x5b0 [ 691.152030][T19756] ____sys_sendmsg+0x59e/0x8f0 [ 691.156783][T19756] ? iovec_from_user+0x300/0x390 [ 691.161713][T19756] ? __sys_sendmsg_sock+0x30/0x30 [ 691.166743][T19756] ___sys_sendmsg+0x252/0x2e0 [ 691.171407][T19756] ? __sys_sendmsg+0x260/0x260 [ 691.176186][T19756] ? __fdget+0x191/0x220 [ 691.180412][T19756] __se_sys_sendmsg+0x19a/0x260 [ 691.185243][T19756] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 691.191378][T19756] ? __x64_sys_sendmsg+0x80/0x80 [ 691.196305][T19756] ? syscall_enter_from_user_mode+0x37/0x240 [ 691.202268][T19756] ? syscall_enter_from_user_mode+0x2e/0x240 [ 691.208231][T19756] do_syscall_64+0x3b/0xb0 [ 691.212630][T19756] ? clear_bhb_loop+0x15/0x70 [ 691.217295][T19756] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 691.223192][T19756] RIP: 0033:0x7f5da2ef4ff9 [ 691.227589][T19756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 691.247177][T19756] RSP: 002b:00007f5da136d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 691.255575][T19756] RAX: ffffffffffffffda RBX: 00007f5da30acf80 RCX: 00007f5da2ef4ff9 [ 691.263527][T19756] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 691.271486][T19756] RBP: 00007f5da2f67296 R08: 0000000000000000 R09: 0000000000000000 [ 691.279438][T19756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 691.287390][T19756] R13: 0000000000000000 R14: 00007f5da30acf80 R15: 00007ffcf62245b8 [ 691.295369][T19756] [ 691.623963][T19782] netlink: 131088 bytes leftover after parsing attributes in process `syz.0.5427'. [ 691.714190][T19782] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 691.742756][T19782] CPU: 0 PID: 19782 Comm: syz.0.5427 Not tainted 5.15.168-syzkaller #0 [ 691.751037][T19782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 691.761092][T19782] Call Trace: [ 691.764366][T19782] [ 691.767281][T19782] dump_stack_lvl+0x1e3/0x2d0 [ 691.771955][T19782] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 691.777578][T19782] ? panic+0x860/0x860 [ 691.781642][T19782] ? kmem_cache_alloc_trace+0x143/0x290 [ 691.787175][T19782] ? sysfs_warn_dup+0x4d/0xa0 [ 691.791847][T19782] sysfs_warn_dup+0x8a/0xa0 [ 691.796343][T19782] sysfs_do_create_link_sd+0xbe/0x100 [ 691.801709][T19782] device_add+0x7d4/0xfd0 [ 691.806038][T19782] wiphy_register+0x1d30/0x2bb0 [ 691.810890][T19782] ? cfg80211_event_work+0x40/0x40 [ 691.815987][T19782] ? minstrel_ht_alloc+0x7cf/0x940 [ 691.821093][T19782] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 691.827153][T19782] ieee80211_register_hw+0x2986/0x39d0 [ 691.832609][T19782] ? ieee80211_register_hw+0xac1/0x39d0 [ 691.838156][T19782] ? ieee80211_tasklet_handler+0x20/0x20 [ 691.843786][T19782] ? memset+0x1f/0x40 [ 691.847754][T19782] ? __hrtimer_init+0x181/0x260 [ 691.852593][T19782] mac80211_hwsim_new_radio+0x223d/0x4200 [ 691.858318][T19782] hwsim_new_radio_nl+0xbae/0x1090 [ 691.863422][T19782] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 691.869924][T19782] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 691.876245][T19782] genl_rcv_msg+0xfbd/0x14a0 [ 691.880838][T19782] ? genl_bind+0x420/0x420 [ 691.885238][T19782] ? local_bh_enable+0x5/0x20 [ 691.889911][T19782] ? mark_lock+0x98/0x340 [ 691.894230][T19782] ? __lock_acquire+0x1295/0x1ff0 [ 691.899243][T19782] ? mark_lock+0x98/0x340 [ 691.903561][T19782] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 691.909528][T19782] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 691.916021][T19782] ? print_irqtrace_events+0x210/0x210 [ 691.921469][T19782] ? rcu_is_watching+0x11/0xa0 [ 691.926226][T19782] netlink_rcv_skb+0x1cf/0x410 [ 691.930984][T19782] ? genl_bind+0x420/0x420 [ 691.935388][T19782] ? netlink_ack+0xb10/0xb10 [ 691.939970][T19782] ? kasan_check_range+0x5f/0x290 [ 691.944989][T19782] ? down_read+0x1b3/0x2e0 [ 691.949391][T19782] ? genl_rcv+0x9/0x40 [ 691.953445][T19782] genl_rcv+0x24/0x40 [ 691.957409][T19782] netlink_unicast+0x7b6/0x980 [ 691.962168][T19782] ? netlink_detachskb+0x90/0x90 [ 691.967095][T19782] ? __virt_addr_valid+0xb7/0x460 [ 691.972106][T19782] ? 0xffffffff81000000 [ 691.976246][T19782] ? __check_object_size+0x300/0x410 [ 691.981517][T19782] ? bpf_lsm_netlink_send+0x5/0x10 [ 691.986617][T19782] netlink_sendmsg+0xa30/0xd60 [ 691.991378][T19782] ? netlink_getsockopt+0x5b0/0x5b0 [ 691.996567][T19782] ? aa_sock_msg_perm+0x91/0x150 [ 692.001500][T19782] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 692.006769][T19782] ? security_socket_sendmsg+0x7d/0xa0 [ 692.012214][T19782] ? netlink_getsockopt+0x5b0/0x5b0 [ 692.017406][T19782] ____sys_sendmsg+0x59e/0x8f0 [ 692.022160][T19782] ? iovec_from_user+0x300/0x390 [ 692.027094][T19782] ? __sys_sendmsg_sock+0x30/0x30 [ 692.032119][T19782] ___sys_sendmsg+0x252/0x2e0 [ 692.036790][T19782] ? __sys_sendmsg+0x260/0x260 [ 692.041575][T19782] ? __fdget+0x191/0x220 [ 692.045813][T19782] __se_sys_sendmsg+0x19a/0x260 [ 692.050655][T19782] ? __x64_sys_sendmsg+0x80/0x80 [ 692.055593][T19782] ? syscall_enter_from_user_mode+0x2e/0x240 [ 692.061562][T19782] ? lockdep_hardirqs_on+0x94/0x130 [ 692.066752][T19782] ? syscall_enter_from_user_mode+0x2e/0x240 [ 692.072723][T19782] do_syscall_64+0x3b/0xb0 [ 692.077127][T19782] ? clear_bhb_loop+0x15/0x70 [ 692.081793][T19782] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 692.087677][T19782] RIP: 0033:0x7f9788f97ff9 [ 692.092080][T19782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 692.111669][T19782] RSP: 002b:00007f9787410038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 692.120072][T19782] RAX: ffffffffffffffda RBX: 00007f978914ff80 RCX: 00007f9788f97ff9 [ 692.128030][T19782] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 692.135987][T19782] RBP: 00007f978900a296 R08: 0000000000000000 R09: 0000000000000000 [ 692.143942][T19782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 692.151899][T19782] R13: 0000000000000000 R14: 00007f978914ff80 R15: 00007ffda9e5fc18 [ 692.159870][T19782] [ 692.468339][T19806] netlink: 'syz.1.5435': attribute type 10 has an invalid length. [ 692.978539][T19825] netlink: 131088 bytes leftover after parsing attributes in process `syz.4.5444'. [ 693.094976][T19825] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 693.112485][T19825] CPU: 1 PID: 19825 Comm: syz.4.5444 Not tainted 5.15.168-syzkaller #0 [ 693.120767][T19825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 693.130832][T19825] Call Trace: [ 693.134120][T19825] [ 693.137059][T19825] dump_stack_lvl+0x1e3/0x2d0 [ 693.141765][T19825] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 693.147411][T19825] ? panic+0x860/0x860 [ 693.151499][T19825] ? kmem_cache_alloc_trace+0x143/0x290 [ 693.157052][T19825] ? sysfs_warn_dup+0x4d/0xa0 [ 693.161732][T19825] sysfs_warn_dup+0x8a/0xa0 [ 693.166221][T19825] sysfs_do_create_link_sd+0xbe/0x100 [ 693.171579][T19825] device_add+0x7d4/0xfd0 [ 693.175903][T19825] wiphy_register+0x1d30/0x2bb0 [ 693.180753][T19825] ? cfg80211_event_work+0x40/0x40 [ 693.185840][T19825] ? minstrel_ht_alloc+0x7cf/0x940 [ 693.190948][T19825] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 693.197021][T19825] ieee80211_register_hw+0x2986/0x39d0 [ 693.202487][T19825] ? ieee80211_register_hw+0xac1/0x39d0 [ 693.208035][T19825] ? ieee80211_tasklet_handler+0x20/0x20 [ 693.213680][T19825] ? memset+0x1f/0x40 [ 693.217655][T19825] ? __hrtimer_init+0x181/0x260 [ 693.222498][T19825] mac80211_hwsim_new_radio+0x223d/0x4200 [ 693.228229][T19825] hwsim_new_radio_nl+0xbae/0x1090 [ 693.233340][T19825] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 693.239837][T19825] ? genl_family_rcv_msg_attrs_parse+0x1e0/0x290 [ 693.246157][T19825] ? genl_family_rcv_msg_attrs_parse+0x208/0x290 [ 693.252480][T19825] genl_rcv_msg+0xfbd/0x14a0 [ 693.257074][T19825] ? genl_bind+0x420/0x420 [ 693.261478][T19825] ? _raw_spin_unlock_irqrestore+0xd4/0x130 [ 693.267373][T19825] ? mark_lock+0x98/0x340 [ 693.271697][T19825] ? __lock_acquire+0x1295/0x1ff0 [ 693.276724][T19825] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 693.283234][T19825] netlink_rcv_skb+0x1cf/0x410 [ 693.287989][T19825] ? genl_bind+0x420/0x420 [ 693.292395][T19825] ? netlink_ack+0xb10/0xb10 [ 693.296992][T19825] ? down_read+0x1b3/0x2e0 [ 693.301395][T19825] ? genl_rcv+0x9/0x40 [ 693.305451][T19825] genl_rcv+0x24/0x40 [ 693.309419][T19825] netlink_unicast+0x7b6/0x980 [ 693.314182][T19825] ? netlink_detachskb+0x90/0x90 [ 693.319107][T19825] ? __virt_addr_valid+0xb7/0x460 [ 693.324120][T19825] ? 0xffffffff81000000 [ 693.328264][T19825] ? __check_object_size+0x300/0x410 [ 693.333544][T19825] ? bpf_lsm_netlink_send+0x5/0x10 [ 693.338647][T19825] netlink_sendmsg+0xa30/0xd60 [ 693.343416][T19825] ? netlink_getsockopt+0x5b0/0x5b0 [ 693.348605][T19825] ? tomoyo_socket_sendmsg_permission+0x129/0x410 [ 693.355015][T19825] ? security_socket_sendmsg+0x42/0xa0 [ 693.360473][T19825] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 693.365745][T19825] ? security_socket_sendmsg+0x7d/0xa0 [ 693.371191][T19825] ? netlink_getsockopt+0x5b0/0x5b0 [ 693.376383][T19825] ____sys_sendmsg+0x59e/0x8f0 [ 693.381145][T19825] ? iovec_from_user+0x300/0x390 [ 693.386082][T19825] ? __sys_sendmsg_sock+0x30/0x30 [ 693.391113][T19825] ___sys_sendmsg+0x252/0x2e0 [ 693.395790][T19825] ? __sys_sendmsg+0x260/0x260 [ 693.400590][T19825] ? __fdget+0x191/0x220 [ 693.404826][T19825] __se_sys_sendmsg+0x19a/0x260 [ 693.409668][T19825] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 693.415815][T19825] ? __x64_sys_sendmsg+0x80/0x80 [ 693.420754][T19825] ? syscall_enter_from_user_mode+0x37/0x240 [ 693.426724][T19825] ? syscall_enter_from_user_mode+0x2e/0x240 [ 693.432698][T19825] do_syscall_64+0x3b/0xb0 [ 693.437101][T19825] ? clear_bhb_loop+0x15/0x70 [ 693.441765][T19825] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 693.447649][T19825] RIP: 0033:0x7f61013b9ff9 [ 693.452059][T19825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 693.471652][T19825] RSP: 002b:00007f60ff832038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 693.480060][T19825] RAX: ffffffffffffffda RBX: 00007f6101571f80 RCX: 00007f61013b9ff9 [ 693.488020][T19825] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 693.495982][T19825] RBP: 00007f610142c296 R08: 0000000000000000 R09: 0000000000000000 [ 693.503938][T19825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 693.511896][T19825] R13: 0000000000000000 R14: 00007f6101571f80 R15: 00007ffcc5d9b758 [ 693.519872][T19825] [ 693.772041][T19847] netlink: 'syz.1.5451': attribute type 10 has an invalid length. [ 693.780749][ T9] wlan1: Trigger new scan to find an IBSS to join [ 693.793675][T19850] netlink: 'syz.0.5449': attribute type 10 has an invalid length. [ 693.870394][T19852] netlink: 'syz.1.5452': attribute type 10 has an invalid length. [ 694.555898][T19883] netlink: 131088 bytes leftover after parsing attributes in process `syz.1.5463'. [ 694.602636][T19887] netlink: 'syz.4.5466': attribute type 10 has an invalid length. [ 694.620689][T19883] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 694.636868][T19883] CPU: 0 PID: 19883 Comm: syz.1.5463 Not tainted 5.15.168-syzkaller #0 [ 694.645146][T19883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 694.655210][T19883] Call Trace: [ 694.658493][T19883] [ 694.661430][T19883] dump_stack_lvl+0x1e3/0x2d0 [ 694.666124][T19883] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 694.671768][T19883] ? panic+0x860/0x860 [ 694.675860][T19883] ? kmem_cache_alloc_trace+0x143/0x290 [ 694.681416][T19883] ? sysfs_warn_dup+0x4d/0xa0 [ 694.686101][T19883] sysfs_warn_dup+0x8a/0xa0 [ 694.690593][T19883] sysfs_do_create_link_sd+0xbe/0x100 [ 694.695961][T19883] device_add+0x7d4/0xfd0 [ 694.700286][T19883] wiphy_register+0x1d30/0x2bb0 [ 694.705135][T19883] ? cfg80211_event_work+0x40/0x40 [ 694.710243][T19883] ? minstrel_ht_alloc+0x5d6/0x940 [ 694.715395][T19883] ? minstrel_ht_alloc+0x53f/0x940 [ 694.720518][T19883] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 694.726573][T19883] ieee80211_register_hw+0x2986/0x39d0 [ 694.732046][T19883] ? ieee80211_register_hw+0xac1/0x39d0 [ 694.737604][T19883] ? ieee80211_tasklet_handler+0x20/0x20 [ 694.743226][T19883] ? memset+0x1f/0x40 [ 694.747196][T19883] ? __hrtimer_init+0x181/0x260 [ 694.752032][T19883] mac80211_hwsim_new_radio+0x223d/0x4200 [ 694.757746][T19883] hwsim_new_radio_nl+0xbae/0x1090 [ 694.762853][T19883] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 694.769356][T19883] ? lockdep_hardirqs_on+0x94/0x130 [ 694.774545][T19883] ? genl_rcv_msg+0xf8d/0x14a0 [ 694.779293][T19883] genl_rcv_msg+0xfbd/0x14a0 [ 694.783873][T19883] ? genl_bind+0x420/0x420 [ 694.788270][T19883] ? local_bh_enable+0x5/0x20 [ 694.792959][T19883] ? mark_lock+0x98/0x340 [ 694.797279][T19883] ? __lock_acquire+0x1295/0x1ff0 [ 694.802290][T19883] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 694.808814][T19883] netlink_rcv_skb+0x1cf/0x410 [ 694.813577][T19883] ? genl_bind+0x420/0x420 [ 694.817976][T19883] ? netlink_ack+0xb10/0xb10 [ 694.822558][T19883] ? down_read+0x1b3/0x2e0 [ 694.826962][T19883] ? genl_rcv+0x9/0x40 [ 694.831019][T19883] genl_rcv+0x24/0x40 [ 694.834997][T19883] netlink_unicast+0x7b6/0x980 [ 694.839764][T19883] ? netlink_detachskb+0x90/0x90 [ 694.844679][T19883] ? __virt_addr_valid+0xb7/0x460 [ 694.849683][T19883] ? 0xffffffff81000000 [ 694.853814][T19883] ? __check_object_size+0x300/0x410 [ 694.859086][T19883] ? bpf_lsm_netlink_send+0x5/0x10 [ 694.864180][T19883] netlink_sendmsg+0xa30/0xd60 [ 694.868947][T19883] ? netlink_getsockopt+0x5b0/0x5b0 [ 694.874154][T19883] ? futex_wait+0x634/0x740 [ 694.878668][T19883] ? aa_sock_msg_perm+0x91/0x150 [ 694.883607][T19883] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 694.888882][T19883] ? security_socket_sendmsg+0x7d/0xa0 [ 694.894337][T19883] ? netlink_getsockopt+0x5b0/0x5b0 [ 694.899526][T19883] ____sys_sendmsg+0x59e/0x8f0 [ 694.904291][T19883] ? iovec_from_user+0x300/0x390 [ 694.909215][T19883] ? __sys_sendmsg_sock+0x30/0x30 [ 694.914236][T19883] ___sys_sendmsg+0x252/0x2e0 [ 694.918899][T19883] ? print_irqtrace_events+0x210/0x210 [ 694.924339][T19883] ? __sys_sendmsg+0x260/0x260 [ 694.929085][T19883] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 694.935257][T19883] ? __fdget+0x191/0x220 [ 694.939486][T19883] __se_sys_sendmsg+0x19a/0x260 [ 694.944318][T19883] ? __x64_sys_sendmsg+0x80/0x80 [ 694.949248][T19883] ? syscall_enter_from_user_mode+0x2e/0x240 [ 694.955215][T19883] ? lockdep_hardirqs_on+0x94/0x130 [ 694.960423][T19883] ? syscall_enter_from_user_mode+0x2e/0x240 [ 694.966399][T19883] do_syscall_64+0x3b/0xb0 [ 694.970814][T19883] ? clear_bhb_loop+0x15/0x70 [ 694.975489][T19883] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 694.981363][T19883] RIP: 0033:0x7f0965cadff9 [ 694.985759][T19883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 695.005346][T19883] RSP: 002b:00007f0964126038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 695.013757][T19883] RAX: ffffffffffffffda RBX: 00007f0965e65f80 RCX: 00007f0965cadff9 [ 695.021710][T19883] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 695.029663][T19883] RBP: 00007f0965d20296 R08: 0000000000000000 R09: 0000000000000000 [ 695.037612][T19883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 695.045563][T19883] R13: 0000000000000000 R14: 00007f0965e65f80 R15: 00007ffd70536e78 [ 695.053526][T19883] [ 695.238430][T19907] netlink: 'syz.3.5469': attribute type 10 has an invalid length. [ 695.670545][T19931] netlink: 131088 bytes leftover after parsing attributes in process `syz.4.5481'. [ 695.701564][T19931] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 695.719067][T19931] CPU: 1 PID: 19931 Comm: syz.4.5481 Not tainted 5.15.168-syzkaller #0 [ 695.727342][T19931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 695.737407][T19931] Call Trace: [ 695.740690][T19931] [ 695.743626][T19931] dump_stack_lvl+0x1e3/0x2d0 [ 695.748311][T19931] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 695.753931][T19931] ? panic+0x860/0x860 [ 695.758002][T19931] ? kmem_cache_alloc_trace+0x143/0x290 [ 695.763549][T19931] ? sysfs_warn_dup+0x4d/0xa0 [ 695.768224][T19931] sysfs_warn_dup+0x8a/0xa0 [ 695.772730][T19931] sysfs_do_create_link_sd+0xbe/0x100 [ 695.778088][T19931] device_add+0x7d4/0xfd0 [ 695.782422][T19931] wiphy_register+0x1d30/0x2bb0 [ 695.787306][T19931] ? cfg80211_event_work+0x40/0x40 [ 695.792424][T19931] ? minstrel_ht_alloc+0x7cf/0x940 [ 695.797534][T19931] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 695.803592][T19931] ieee80211_register_hw+0x2986/0x39d0 [ 695.809048][T19931] ? ieee80211_register_hw+0xac1/0x39d0 [ 695.814584][T19931] ? ieee80211_tasklet_handler+0x20/0x20 [ 695.820205][T19931] ? memset+0x1f/0x40 [ 695.824176][T19931] ? __hrtimer_init+0x181/0x260 [ 695.829020][T19931] mac80211_hwsim_new_radio+0x223d/0x4200 [ 695.834775][T19931] hwsim_new_radio_nl+0xbae/0x1090 [ 695.839892][T19931] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 695.846385][T19931] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 695.852698][T19931] genl_rcv_msg+0xfbd/0x14a0 [ 695.857275][T19931] ? genl_bind+0x420/0x420 [ 695.861678][T19931] ? mark_lock+0x98/0x340 [ 695.865989][T19931] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 695.871972][T19931] ? print_irqtrace_events+0x210/0x210 [ 695.877416][T19931] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 695.883577][T19931] ? lockdep_hardirqs_on+0x94/0x130 [ 695.888785][T19931] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 695.895291][T19931] netlink_rcv_skb+0x1cf/0x410 [ 695.900057][T19931] ? genl_bind+0x420/0x420 [ 695.904456][T19931] ? netlink_ack+0xb10/0xb10 [ 695.909023][T19931] ? __netlink_deliver_tap+0x530/0x760 [ 695.914477][T19931] ? down_read+0x1b3/0x2e0 [ 695.918884][T19931] ? genl_rcv+0x9/0x40 [ 695.922958][T19931] genl_rcv+0x24/0x40 [ 695.926917][T19931] netlink_unicast+0x7b6/0x980 [ 695.931686][T19931] ? netlink_detachskb+0x90/0x90 [ 695.936632][T19931] ? __virt_addr_valid+0xb7/0x460 [ 695.941658][T19931] ? 0xffffffff81000000 [ 695.945793][T19931] ? __check_object_size+0x300/0x410 [ 695.951062][T19931] ? bpf_lsm_netlink_send+0x5/0x10 [ 695.956157][T19931] netlink_sendmsg+0xa30/0xd60 [ 695.960913][T19931] ? netlink_getsockopt+0x5b0/0x5b0 [ 695.966102][T19931] ? tomoyo_socket_sendmsg_permission+0x129/0x410 [ 695.972514][T19931] ? ____sys_sendmsg+0x525/0x8f0 [ 695.977439][T19931] ? netlink_getsockopt+0x5b0/0x5b0 [ 695.982636][T19931] ____sys_sendmsg+0x59e/0x8f0 [ 695.987405][T19931] ? iovec_from_user+0x300/0x390 [ 695.992342][T19931] ? __sys_sendmsg_sock+0x30/0x30 [ 695.997374][T19931] ___sys_sendmsg+0x252/0x2e0 [ 696.002037][T19931] ? __sys_sendmsg+0x260/0x260 [ 696.006823][T19931] ? __fdget+0x191/0x220 [ 696.011068][T19931] __se_sys_sendmsg+0x19a/0x260 [ 696.015907][T19931] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 696.022049][T19931] ? __x64_sys_sendmsg+0x80/0x80 [ 696.026988][T19931] ? syscall_enter_from_user_mode+0x37/0x240 [ 696.032979][T19931] ? syscall_enter_from_user_mode+0x2e/0x240 [ 696.038965][T19931] do_syscall_64+0x3b/0xb0 [ 696.043362][T19931] ? clear_bhb_loop+0x15/0x70 [ 696.048019][T19931] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 696.053893][T19931] RIP: 0033:0x7f61013b9ff9 [ 696.058297][T19931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 696.077922][T19931] RSP: 002b:00007f60ff832038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 696.086335][T19931] RAX: ffffffffffffffda RBX: 00007f6101571f80 RCX: 00007f61013b9ff9 [ 696.094311][T19931] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 696.102297][T19931] RBP: 00007f610142c296 R08: 0000000000000000 R09: 0000000000000000 [ 696.110249][T19931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 696.118203][T19931] R13: 0000000000000000 R14: 00007f6101571f80 R15: 00007ffcc5d9b758 [ 696.126184][T19931] [ 696.277606][T19934] netlink: 131088 bytes leftover after parsing attributes in process `syz.0.5493'. [ 696.315744][T19934] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 696.327273][T19934] CPU: 0 PID: 19934 Comm: syz.0.5493 Not tainted 5.15.168-syzkaller #0 [ 696.335546][T19934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 696.345746][T19934] Call Trace: [ 696.349020][T19934] [ 696.351940][T19934] dump_stack_lvl+0x1e3/0x2d0 [ 696.356604][T19934] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 696.362226][T19934] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 696.368505][T19934] sysfs_warn_dup+0x8a/0xa0 [ 696.373021][T19934] sysfs_do_create_link_sd+0xbe/0x100 [ 696.378404][T19934] device_add+0x7d4/0xfd0 [ 696.382741][T19934] wiphy_register+0x1d30/0x2bb0 [ 696.387600][T19934] ? cfg80211_event_work+0x40/0x40 [ 696.392711][T19934] ? minstrel_ht_alloc+0x7cf/0x940 [ 696.397820][T19934] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 696.403890][T19934] ieee80211_register_hw+0x2986/0x39d0 [ 696.409344][T19934] ? ieee80211_register_hw+0xac1/0x39d0 [ 696.414904][T19934] ? ieee80211_tasklet_handler+0x20/0x20 [ 696.420528][T19934] ? memset+0x1f/0x40 [ 696.424494][T19934] ? __hrtimer_init+0x181/0x260 [ 696.429331][T19934] mac80211_hwsim_new_radio+0x223d/0x4200 [ 696.435064][T19934] hwsim_new_radio_nl+0xbae/0x1090 [ 696.440172][T19934] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 696.446683][T19934] ? genl_family_rcv_msg_attrs_parse+0x1d5/0x290 [ 696.453012][T19934] genl_rcv_msg+0xfbd/0x14a0 [ 696.457598][T19934] ? genl_bind+0x420/0x420 [ 696.462028][T19934] ? mark_lock+0x98/0x340 [ 696.466341][T19934] ? __lock_acquire+0x1295/0x1ff0 [ 696.471356][T19934] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 696.477850][T19934] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 696.483851][T19934] netlink_rcv_skb+0x1cf/0x410 [ 696.488626][T19934] ? genl_bind+0x420/0x420 [ 696.493044][T19934] ? netlink_ack+0xb10/0xb10 [ 696.497627][T19934] ? genl_bind+0x420/0x420 [ 696.502028][T19934] genl_rcv+0x24/0x40 [ 696.506006][T19934] netlink_unicast+0x7b6/0x980 [ 696.510763][T19934] ? netlink_detachskb+0x90/0x90 [ 696.515687][T19934] ? __virt_addr_valid+0xb7/0x460 [ 696.520697][T19934] ? 0xffffffff81000000 [ 696.524830][T19934] ? __check_object_size+0x300/0x410 [ 696.530100][T19934] ? bpf_lsm_netlink_send+0x5/0x10 [ 696.535290][T19934] netlink_sendmsg+0xa30/0xd60 [ 696.540052][T19934] ? netlink_getsockopt+0x5b0/0x5b0 [ 696.545301][T19934] ? futex_wait+0x634/0x740 [ 696.549800][T19934] ? aa_sock_msg_perm+0x91/0x150 [ 696.554724][T19934] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 696.559995][T19934] ? security_socket_sendmsg+0x7d/0xa0 [ 696.565442][T19934] ? netlink_getsockopt+0x5b0/0x5b0 [ 696.570628][T19934] ____sys_sendmsg+0x59e/0x8f0 [ 696.575383][T19934] ? iovec_from_user+0x300/0x390 [ 696.580328][T19934] ? __sys_sendmsg_sock+0x30/0x30 [ 696.585352][T19934] ___sys_sendmsg+0x252/0x2e0 [ 696.590020][T19934] ? __sys_sendmsg+0x260/0x260 [ 696.594835][T19934] __se_sys_sendmsg+0x19a/0x260 [ 696.599668][T19934] ? __x64_sys_sendmsg+0x80/0x80 [ 696.604592][T19934] ? syscall_enter_from_user_mode+0x2e/0x240 [ 696.610564][T19934] ? lockdep_hardirqs_on+0x94/0x130 [ 696.615770][T19934] ? syscall_enter_from_user_mode+0x2e/0x240 [ 696.621737][T19934] do_syscall_64+0x3b/0xb0 [ 696.626155][T19934] ? clear_bhb_loop+0x15/0x70 [ 696.630832][T19934] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 696.636710][T19934] RIP: 0033:0x7f9788f97ff9 [ 696.641108][T19934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 696.660702][T19934] RSP: 002b:00007f9787410038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 696.669123][T19934] RAX: ffffffffffffffda RBX: 00007f978914ff80 RCX: 00007f9788f97ff9 [ 696.677083][T19934] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 696.685164][T19934] RBP: 00007f978900a296 R08: 0000000000000000 R09: 0000000000000000 [ 696.693130][T19934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 696.701092][T19934] R13: 0000000000000000 R14: 00007f978914ff80 R15: 00007ffda9e5fc18 [ 696.709061][T19934] [ 696.742264][ T3870] wlan1: Trigger new scan to find an IBSS to join [ 696.743142][ T9] wlan1: Trigger new scan to find an IBSS to join [ 697.186743][T19962] netlink: 131088 bytes leftover after parsing attributes in process `syz.0.5496'. [ 697.222391][T19962] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 697.254069][T19962] CPU: 0 PID: 19962 Comm: syz.0.5496 Not tainted 5.15.168-syzkaller #0 [ 697.262353][T19962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 697.272417][T19962] Call Trace: [ 697.275704][T19962] [ 697.278634][T19962] dump_stack_lvl+0x1e3/0x2d0 [ 697.283300][T19962] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 697.288925][T19962] ? panic+0x860/0x860 [ 697.293009][T19962] ? kmem_cache_alloc_trace+0x143/0x290 [ 697.298538][T19962] ? sysfs_warn_dup+0x4d/0xa0 [ 697.303206][T19962] sysfs_warn_dup+0x8a/0xa0 [ 697.307713][T19962] sysfs_do_create_link_sd+0xbe/0x100 [ 697.313082][T19962] device_add+0x7d4/0xfd0 [ 697.317416][T19962] wiphy_register+0x1d30/0x2bb0 [ 697.322295][T19962] ? cfg80211_event_work+0x40/0x40 [ 697.327405][T19962] ? minstrel_ht_alloc+0x5d6/0x940 [ 697.332498][T19962] ? minstrel_ht_alloc+0x53f/0x940 [ 697.337599][T19962] ? ieee80211_init_rate_ctrl_alg+0x507/0x610 [ 697.343679][T19962] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 697.349749][T19962] ieee80211_register_hw+0x2986/0x39d0 [ 697.355213][T19962] ? ieee80211_register_hw+0xac1/0x39d0 [ 697.360755][T19962] ? ieee80211_tasklet_handler+0x20/0x20 [ 697.366387][T19962] ? memset+0x1f/0x40 [ 697.370359][T19962] ? __hrtimer_init+0x181/0x260 [ 697.375200][T19962] mac80211_hwsim_new_radio+0x223d/0x4200 [ 697.380921][T19962] hwsim_new_radio_nl+0xbae/0x1090 [ 697.386033][T19962] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 697.392533][T19962] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 697.398859][T19962] genl_rcv_msg+0xfbd/0x14a0 [ 697.403442][T19962] ? genl_bind+0x420/0x420 [ 697.407843][T19962] ? local_bh_enable+0x5/0x20 [ 697.412514][T19962] ? mark_lock+0x98/0x340 [ 697.416832][T19962] ? __lock_acquire+0x1295/0x1ff0 [ 697.421853][T19962] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 697.428355][T19962] netlink_rcv_skb+0x1cf/0x410 [ 697.433109][T19962] ? genl_bind+0x420/0x420 [ 697.437510][T19962] ? netlink_ack+0xb10/0xb10 [ 697.442098][T19962] ? down_read+0x1b3/0x2e0 [ 697.446499][T19962] ? genl_rcv+0x9/0x40 [ 697.450553][T19962] genl_rcv+0x24/0x40 [ 697.454521][T19962] netlink_unicast+0x7b6/0x980 [ 697.459278][T19962] ? netlink_detachskb+0x90/0x90 [ 697.464201][T19962] ? __virt_addr_valid+0xb7/0x460 [ 697.469210][T19962] ? 0xffffffff81000000 [ 697.473347][T19962] ? __check_object_size+0x300/0x410 [ 697.478618][T19962] ? bpf_lsm_netlink_send+0x5/0x10 [ 697.483720][T19962] netlink_sendmsg+0xa30/0xd60 [ 697.488489][T19962] ? netlink_getsockopt+0x5b0/0x5b0 [ 697.493677][T19962] ? aa_sock_msg_perm+0x91/0x150 [ 697.498601][T19962] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 697.503870][T19962] ? security_socket_sendmsg+0x7d/0xa0 [ 697.509315][T19962] ? netlink_getsockopt+0x5b0/0x5b0 [ 697.514503][T19962] ____sys_sendmsg+0x59e/0x8f0 [ 697.519253][T19962] ? iovec_from_user+0x300/0x390 [ 697.524182][T19962] ? __sys_sendmsg_sock+0x30/0x30 [ 697.529203][T19962] ___sys_sendmsg+0x252/0x2e0 [ 697.533870][T19962] ? __sys_sendmsg+0x260/0x260 [ 697.538663][T19962] ? __fdget+0x191/0x220 [ 697.542909][T19962] __se_sys_sendmsg+0x19a/0x260 [ 697.547755][T19962] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 697.553911][T19962] ? __x64_sys_sendmsg+0x80/0x80 [ 697.558855][T19962] ? syscall_enter_from_user_mode+0x37/0x240 [ 697.564837][T19962] ? syscall_enter_from_user_mode+0x2e/0x240 [ 697.570811][T19962] do_syscall_64+0x3b/0xb0 [ 697.575217][T19962] ? clear_bhb_loop+0x15/0x70 [ 697.579882][T19962] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 697.585765][T19962] RIP: 0033:0x7f9788f97ff9 [ 697.590167][T19962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 697.609760][T19962] RSP: 002b:00007f9787410038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 697.618165][T19962] RAX: ffffffffffffffda RBX: 00007f978914ff80 RCX: 00007f9788f97ff9 [ 697.626122][T19962] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 697.634090][T19962] RBP: 00007f978900a296 R08: 0000000000000000 R09: 0000000000000000 [ 697.642047][T19962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 697.650003][T19962] R13: 0000000000000000 R14: 00007f978914ff80 R15: 00007ffda9e5fc18 [ 697.657979][T19962] [ 697.779513][ T3870] wlan1: Trigger new scan to find an IBSS to join [ 698.058234][T19989] netlink: 131088 bytes leftover after parsing attributes in process `syz.1.5501'. [ 698.081786][T19989] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 698.090838][T19989] CPU: 0 PID: 19989 Comm: syz.1.5501 Not tainted 5.15.168-syzkaller #0 [ 698.099092][T19989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 698.109153][T19989] Call Trace: [ 698.112438][T19989] [ 698.115379][T19989] dump_stack_lvl+0x1e3/0x2d0 [ 698.120069][T19989] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 698.125714][T19989] ? panic+0x860/0x860 [ 698.129797][T19989] ? kmem_cache_alloc_trace+0x143/0x290 [ 698.135343][T19989] ? sysfs_warn_dup+0x4d/0xa0 [ 698.140027][T19989] sysfs_warn_dup+0x8a/0xa0 [ 698.144625][T19989] sysfs_do_create_link_sd+0xbe/0x100 [ 698.150177][T19989] device_add+0x7d4/0xfd0 [ 698.154522][T19989] wiphy_register+0x1d30/0x2bb0 [ 698.159389][T19989] ? cfg80211_event_work+0x40/0x40 [ 698.164503][T19989] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 698.170570][T19989] ieee80211_register_hw+0x2986/0x39d0 [ 698.176038][T19989] ? ieee80211_register_hw+0xac1/0x39d0 [ 698.181604][T19989] ? ieee80211_tasklet_handler+0x20/0x20 [ 698.187245][T19989] ? memset+0x1f/0x40 [ 698.191223][T19989] ? __hrtimer_init+0x181/0x260 [ 698.196075][T19989] mac80211_hwsim_new_radio+0x223d/0x4200 [ 698.201813][T19989] hwsim_new_radio_nl+0xbae/0x1090 [ 698.206929][T19989] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 698.213443][T19989] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 698.219776][T19989] genl_rcv_msg+0xfbd/0x14a0 [ 698.224375][T19989] ? genl_bind+0x420/0x420 [ 698.228785][T19989] ? _raw_spin_unlock_irqrestore+0xd4/0x130 [ 698.234720][T19989] ? mark_lock+0x98/0x340 [ 698.239052][T19989] ? swake_up_one+0x6d/0x150 [ 698.243645][T19989] ? __lock_acquire+0x1295/0x1ff0 [ 698.248689][T19989] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 698.255205][T19989] netlink_rcv_skb+0x1cf/0x410 [ 698.259973][T19989] ? genl_bind+0x420/0x420 [ 698.264389][T19989] ? netlink_ack+0xb10/0xb10 [ 698.268973][T19989] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 698.275133][T19989] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 698.281290][T19989] ? down_read+0x1b3/0x2e0 [ 698.285700][T19989] ? genl_rcv+0x9/0x40 [ 698.289764][T19989] genl_rcv+0x24/0x40 [ 698.293740][T19989] netlink_unicast+0x7b6/0x980 [ 698.298512][T19989] ? netlink_detachskb+0x90/0x90 [ 698.303449][T19989] ? __virt_addr_valid+0xb7/0x460 [ 698.308473][T19989] ? 0xffffffff81000000 [ 698.312630][T19989] ? __check_object_size+0x300/0x410 [ 698.317948][T19989] ? bpf_lsm_netlink_send+0x5/0x10 [ 698.323061][T19989] netlink_sendmsg+0xa30/0xd60 [ 698.327838][T19989] ? netlink_getsockopt+0x5b0/0x5b0 [ 698.333036][T19989] ? aa_sock_msg_perm+0x91/0x150 [ 698.337978][T19989] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 698.343260][T19989] ? security_socket_sendmsg+0x7d/0xa0 [ 698.348715][T19989] ? netlink_getsockopt+0x5b0/0x5b0 [ 698.353917][T19989] ____sys_sendmsg+0x59e/0x8f0 [ 698.358712][T19989] ? __import_iovec+0x1be/0x4b0 [ 698.363583][T19989] ? __sys_sendmsg_sock+0x30/0x30 [ 698.368617][T19989] ___sys_sendmsg+0x252/0x2e0 [ 698.373301][T19989] ? __sys_sendmsg+0x260/0x260 [ 698.378102][T19989] ? __fdget+0x191/0x220 [ 698.382344][T19989] __se_sys_sendmsg+0x19a/0x260 [ 698.387196][T19989] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 698.393349][T19989] ? __x64_sys_sendmsg+0x80/0x80 [ 698.398296][T19989] ? syscall_enter_from_user_mode+0x37/0x240 [ 698.404277][T19989] ? syscall_enter_from_user_mode+0x2e/0x240 [ 698.410258][T19989] do_syscall_64+0x3b/0xb0 [ 698.414677][T19989] ? clear_bhb_loop+0x15/0x70 [ 698.419345][T19989] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 698.425235][T19989] RIP: 0033:0x7f0965cadff9 [ 698.429647][T19989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 698.449254][T19989] RSP: 002b:00007f0964126038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 698.457669][T19989] RAX: ffffffffffffffda RBX: 00007f0965e65f80 RCX: 00007f0965cadff9 [ 698.465633][T19989] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 698.473600][T19989] RBP: 00007f0965d20296 R08: 0000000000000000 R09: 0000000000000000 [ 698.481567][T19989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 698.489533][T19989] R13: 0000000000000000 R14: 00007f0965e65f80 R15: 00007ffd70536e78 [ 698.497514][T19989] [ 698.950564][T20015] netlink: 131088 bytes leftover after parsing attributes in process `syz.3.5511'. [ 698.994848][T20015] sysfs: cannot create duplicate filename '/class/ieee80211/.!' [ 699.014907][T20015] CPU: 0 PID: 20015 Comm: syz.3.5511 Not tainted 5.15.168-syzkaller #0 [ 699.023187][T20015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 699.033252][T20015] Call Trace: [ 699.036536][T20015] [ 699.039467][T20015] dump_stack_lvl+0x1e3/0x2d0 [ 699.044158][T20015] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 699.049800][T20015] ? panic+0x860/0x860 [ 699.053897][T20015] ? kmem_cache_alloc_trace+0x143/0x290 [ 699.059457][T20015] ? sysfs_warn_dup+0x4d/0xa0 [ 699.064168][T20015] sysfs_warn_dup+0x8a/0xa0 [ 699.068671][T20015] sysfs_do_create_link_sd+0xbe/0x100 [ 699.074039][T20015] device_add+0x7d4/0xfd0 [ 699.078392][T20015] wiphy_register+0x1d30/0x2bb0 [ 699.083269][T20015] ? cfg80211_event_work+0x40/0x40 [ 699.088385][T20015] ? minstrel_ht_alloc+0x7cf/0x940 [ 699.093512][T20015] ? ieee80211_init_rate_ctrl_alg+0x592/0x610 [ 699.099590][T20015] ieee80211_register_hw+0x2986/0x39d0 [ 699.105070][T20015] ? ieee80211_register_hw+0xac1/0x39d0 [ 699.110630][T20015] ? ieee80211_tasklet_handler+0x20/0x20 [ 699.116281][T20015] ? memset+0x1f/0x40 [ 699.120269][T20015] ? __hrtimer_init+0x181/0x260 [ 699.125131][T20015] mac80211_hwsim_new_radio+0x223d/0x4200 [ 699.130886][T20015] hwsim_new_radio_nl+0xbae/0x1090 [ 699.136013][T20015] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 699.142532][T20015] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 699.148881][T20015] genl_rcv_msg+0xfbd/0x14a0 [ 699.153489][T20015] ? genl_bind+0x420/0x420 [ 699.157902][T20015] ? local_bh_enable+0x5/0x20 [ 699.162594][T20015] ? mark_lock+0x98/0x340 [ 699.166933][T20015] ? __lock_acquire+0x1295/0x1ff0 [ 699.171980][T20015] ? hwsim_tx_info_frame_received_nl+0x1070/0x1070 [ 699.178507][T20015] netlink_rcv_skb+0x1cf/0x410 [ 699.183285][T20015] ? genl_bind+0x420/0x420 [ 699.187706][T20015] ? netlink_ack+0xb10/0xb10 [ 699.192316][T20015] ? down_read+0x1b3/0x2e0 [ 699.196736][T20015] ? genl_rcv+0x9/0x40 [ 699.200813][T20015] genl_rcv+0x24/0x40 [ 699.204796][T20015] netlink_unicast+0x7b6/0x980 [ 699.209575][T20015] ? netlink_detachskb+0x90/0x90 [ 699.214518][T20015] ? __virt_addr_valid+0xb7/0x460 [ 699.219545][T20015] ? 0xffffffff81000000 [ 699.223704][T20015] ? __check_object_size+0x300/0x410 [ 699.228995][T20015] ? bpf_lsm_netlink_send+0x5/0x10 [ 699.234121][T20015] netlink_sendmsg+0xa30/0xd60 [ 699.238910][T20015] ? netlink_getsockopt+0x5b0/0x5b0 [ 699.244120][T20015] ? futex_wait+0x634/0x740 [ 699.248634][T20015] ? aa_sock_msg_perm+0x91/0x150 [ 699.253580][T20015] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 699.258872][T20015] ? security_socket_sendmsg+0x7d/0xa0 [ 699.264332][T20015] ? netlink_getsockopt+0x5b0/0x5b0 [ 699.269541][T20015] ____sys_sendmsg+0x59e/0x8f0 [ 699.274321][T20015] ? iovec_from_user+0x300/0x390 [ 699.279360][T20015] ? __sys_sendmsg_sock+0x30/0x30 [ 699.284412][T20015] ___sys_sendmsg+0x252/0x2e0 [ 699.289103][T20015] ? __sys_sendmsg+0x260/0x260 [ 699.294013][T20015] ? __fdget+0x191/0x220 [ 699.298264][T20015] __se_sys_sendmsg+0x19a/0x260 [ 699.303134][T20015] ? __x64_sys_sendmsg+0x80/0x80 [ 699.308090][T20015] ? syscall_enter_from_user_mode+0x2e/0x240 [ 699.314076][T20015] ? lockdep_hardirqs_on+0x94/0x130 [ 699.319284][T20015] ? syscall_enter_from_user_mode+0x2e/0x240 [ 699.325366][T20015] do_syscall_64+0x3b/0xb0 [ 699.329793][T20015] ? clear_bhb_loop+0x15/0x70 [ 699.334475][T20015] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 699.340372][T20015] RIP: 0033:0x7f5da2ef4ff9 [ 699.344793][T20015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 699.364413][T20015] RSP: 002b:00007f5da136d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 699.372840][T20015] RAX: ffffffffffffffda RBX: 00007f5da30acf80 RCX: 00007f5da2ef4ff9 [ 699.380821][T20015] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 699.388798][T20015] RBP: 00007f5da2f67296 R08: 0000000000000000 R09: 0000000000000000 [ 699.396773][T20015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 699.404746][T20015] R13: 0000000000000000 R14: 00007f5da30acf80 R15: 00007ffcf62245b8 [ 699.412743][T20015] [ 700.615679][T20078] netlink: 'syz.0.5533': attribute type 10 has an invalid length. [ 701.424803][T20116] netlink: 'syz.4.5552': attribute type 10 has an invalid length. [ 702.753802][ T9] wlan1: Trigger new scan to find an IBSS to join [ 703.780867][ T144] wlan1: Trigger new scan to find an IBSS to join [ 704.121608][T20236] netlink: 'syz.1.5604': attribute type 10 has an invalid length. [ 705.795504][T10233] wlan1: Trigger new scan to find an IBSS to join [ 709.635605][T20457] netlink: 'syz.0.5693': attribute type 10 has an invalid length. [ 710.470754][T20488] netlink: 'syz.0.5706': attribute type 10 has an invalid length. [ 711.286137][T20518] netlink: 'syz.4.5718': attribute type 10 has an invalid length. [ 711.582803][T20534] netlink: 'syz.0.5725': attribute type 10 has an invalid length. [ 712.835243][T20594] netlink: 'syz.0.5746': attribute type 10 has an invalid length. [ 713.095887][T20606] netlink: 'syz.2.5751': attribute type 10 has an invalid length. [ 713.380043][T20547] Bluetooth: hci0: command 0x0406 tx timeout [ 714.775231][T20681] netlink: 'syz.1.5782': attribute type 10 has an invalid length. [ 715.256523][T20706] netlink: 'syz.0.5790': attribute type 10 has an invalid length. [ 715.706177][T20721] netlink: 'syz.1.5799': attribute type 10 has an invalid length. [ 716.643091][T20756] netlink: 'syz.4.5814': attribute type 10 has an invalid length. [ 717.196751][T20780] netlink: 'syz.2.5823': attribute type 10 has an invalid length. [ 718.097625][T20820] netlink: 'syz.3.5835': attribute type 10 has an invalid length. [ 718.820754][ T144] wlan1: Trigger new scan to find an IBSS to join [ 721.779932][ T9] wlan1: Trigger new scan to find an IBSS to join [ 730.822963][ T9] wlan1: Trigger new scan to find an IBSS to join [ 731.780424][ T1137] wlan1: Trigger new scan to find an IBSS to join [ 731.787965][ T9] wlan1: Trigger new scan to find an IBSS to join [ 733.779029][ T1137] wlan1: Trigger new scan to find an IBSS to join [ 734.832376][ T9] wlan1: Trigger new scan to find an IBSS to join [ 736.739742][ T9] wlan1: Trigger new scan to find an IBSS to join [ 736.741966][ T3870] wlan1: Trigger new scan to find an IBSS to join [ 737.664152][ T3870] wlan1: Creating new IBSS network, BSSID 26:e8:e7:2c:3a:75 [ 737.700947][ T1137] wlan1: Creating new IBSS network, BSSID 3e:4e:f6:c6:26:78 [ 737.779122][T10227] wlan1: Creating new IBSS network, BSSID 32:84:f3:53:0d:57 [ 741.772349][T21707] netlink: 'syz.2.6182': attribute type 10 has an invalid length. [ 741.780676][ T9] wlan1: Trigger new scan to find an IBSS to join [ 741.787594][ T3581] Bluetooth: hci0: Received unexpected HCI Event 00000000 [ 742.995951][ T3581] Bluetooth: hci1: Received unexpected HCI Event 00000000 [ 743.038971][T21751] netlink: 'syz.3.6197': attribute type 10 has an invalid length. [ 743.812391][T21784] netlink: 'syz.4.6210': attribute type 10 has an invalid length. [ 743.825861][ T3581] Bluetooth: hci6: Received unexpected HCI Event 00000000 [ 744.826233][T21822] netlink: 'syz.3.6223': attribute type 10 has an invalid length. [ 744.904017][ T3581] Bluetooth: hci1: Received unexpected HCI Event 00000000 [ 745.531573][T21853] netlink: 'syz.0.6235': attribute type 10 has an invalid length. [ 746.276722][T21878] netlink: 'syz.3.6245': attribute type 10 has an invalid length. [ 746.739023][ T1137] wlan1: Trigger new scan to find an IBSS to join [ 746.829139][T10233] wlan1: Trigger new scan to find an IBSS to join [ 747.150151][ T1390] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.156539][ T1390] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.866244][T10233] wlan1: Creating new IBSS network, BSSID 92:db:53:c7:4c:4d [ 747.881520][T21927] netlink: 'syz.0.6261': attribute type 10 has an invalid length. [ 749.091691][T21972] netlink: 'syz.2.6281': attribute type 10 has an invalid length. [ 749.783634][ T9] wlan1: Trigger new scan to find an IBSS to join [ 752.738988][T10227] wlan1: Trigger new scan to find an IBSS to join [ 753.679931][T10233] wlan1: Creating new IBSS network, BSSID b2:25:a6:3b:29:b1 [ 788.514005][T23348] chnl_net:caif_netlink_parms(): no params data found [ 788.719393][T23348] bridge0: port 1(bridge_slave_0) entered blocking state [ 788.726714][T23348] bridge0: port 1(bridge_slave_0) entered disabled state [ 788.734798][T23348] device bridge_slave_0 entered promiscuous mode [ 788.766747][T23348] bridge0: port 2(bridge_slave_1) entered blocking state [ 788.777570][T23348] bridge0: port 2(bridge_slave_1) entered disabled state [ 788.787032][T23348] device bridge_slave_1 entered promiscuous mode [ 788.910785][T23348] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 788.976795][T23348] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 789.049141][T23348] team0: Port device team_slave_0 added [ 789.058502][T23348] team0: Port device team_slave_1 added [ 789.163872][T23348] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 789.174572][T23348] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 789.207988][T23348] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 789.228078][T23348] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 789.235968][T23348] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 789.271627][T23348] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 789.408154][T23348] device hsr_slave_0 entered promiscuous mode [ 789.415230][T23348] device hsr_slave_1 entered promiscuous mode [ 789.429478][T23348] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 789.437240][T23348] Cannot create hsr debugfs directory [ 789.792817][T23348] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 789.913869][T23348] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 790.018644][T23348] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 790.100254][T17887] Bluetooth: hci4: command 0x0409 tx timeout [ 790.233161][T23348] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 790.579668][T23348] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 790.612582][T23348] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 790.644907][T23348] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 790.691620][T23348] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 791.146585][T23348] 8021q: adding VLAN 0 to HW filter on device bond0 [ 791.214907][ T3870] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 791.233401][ T3870] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 791.311797][T23348] 8021q: adding VLAN 0 to HW filter on device team0 [ 791.361133][ T3870] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 791.378664][ T3870] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 791.401365][ T3870] bridge0: port 1(bridge_slave_0) entered blocking state [ 791.408478][ T3870] bridge0: port 1(bridge_slave_0) entered forwarding state [ 791.448324][ T3870] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 791.456632][ T3870] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 791.466717][ T3870] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 791.475415][ T3870] bridge0: port 2(bridge_slave_1) entered blocking state [ 791.482501][ T3870] bridge0: port 2(bridge_slave_1) entered forwarding state [ 791.511555][ T3870] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 791.521683][ T3870] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 791.546509][ T1137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 791.567318][ T1137] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 791.630384][ T1137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 791.660419][ T1137] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 791.710359][T23348] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 791.733522][T23348] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 791.784216][ T1137] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 791.798434][ T1137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 791.814559][ T1137] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 791.840865][ T1137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 791.856847][ T1137] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 791.914973][ T1137] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 792.179155][ T3615] Bluetooth: hci4: command 0x041b tx timeout [ 792.316416][T10227] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 792.327239][T10227] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 792.383094][T23348] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 792.526086][T10233] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 792.539758][T10233] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 792.601545][T10233] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 792.615620][T10233] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 792.649765][T23348] device veth0_vlan entered promiscuous mode [ 792.665218][T10233] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 792.682106][T10233] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 792.774922][T23348] device veth1_vlan entered promiscuous mode [ 792.856076][T23348] device veth0_macvtap entered promiscuous mode [ 792.924450][ T1137] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 792.933008][ T1137] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 792.948365][ T1137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 792.957157][ T1137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 792.966413][ T1137] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 792.981885][T23348] device veth1_macvtap entered promiscuous mode [ 793.095145][T23348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.107118][T23348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.119935][T23348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.130594][T23348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.145877][T23348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.164969][T23348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.175164][T23348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.185966][T23348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.196110][T23348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.206816][T23348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.218024][T23348] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 793.238281][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 793.253882][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 793.265529][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 793.283198][T23348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 793.327840][T23348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.379983][T23348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 793.395469][T23348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.406187][T23348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 793.417118][T23348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.438256][T23348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 793.448968][T23348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.459319][T23348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 793.469858][T23348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.481637][T23348] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 793.499419][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 793.517409][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 793.539426][T23348] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 793.555850][T23348] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 793.565382][T23348] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 793.578113][T23348] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 793.813754][T10233] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 793.837904][T10233] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 793.909998][T10233] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 793.971621][T10233] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 793.986228][T10233] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 794.007834][ T1137] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 794.259976][ T3615] Bluetooth: hci4: command 0x040f tx timeout [ 794.930653][ T1137] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 795.098137][ T1137] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 795.166353][ T1137] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 795.224712][ T1137] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 795.250352][T23554] chnl_net:caif_netlink_parms(): no params data found [ 795.524826][T23554] bridge0: port 1(bridge_slave_0) entered blocking state [ 795.550700][T23554] bridge0: port 1(bridge_slave_0) entered disabled state [ 795.559468][T23554] device bridge_slave_0 entered promiscuous mode [ 795.659166][T23554] bridge0: port 2(bridge_slave_1) entered blocking state [ 795.666287][T23554] bridge0: port 2(bridge_slave_1) entered disabled state [ 795.685832][T23554] device bridge_slave_1 entered promiscuous mode [ 795.918261][T23554] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 795.946707][T23554] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 796.093380][T23554] team0: Port device team_slave_0 added [ 796.132580][T23554] team0: Port device team_slave_1 added [ 796.277761][T23554] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 796.315508][T23554] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 796.350885][T17550] Bluetooth: hci4: command 0x0419 tx timeout [ 796.382394][T23554] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 796.491091][T23554] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 796.498182][T23554] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 796.524874][T23554] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 796.629982][T23554] device hsr_slave_0 entered promiscuous mode [ 796.659325][T23554] device hsr_slave_1 entered promiscuous mode [ 796.666040][T23554] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 796.674142][T17550] Bluetooth: hci3: command 0x0409 tx timeout [ 796.680956][T23554] Cannot create hsr debugfs directory [ 797.721994][T23554] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 797.759628][T23554] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 797.902731][T23554] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 797.916350][T23554] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 797.994229][ T1137] device hsr_slave_0 left promiscuous mode [ 798.010313][ T1137] device hsr_slave_1 left promiscuous mode [ 798.029440][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 798.038496][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 798.053669][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 798.062982][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 798.095387][ T1137] batman_adv: batadv0: Interface deactivated: virt_wifi0 [ 798.114889][ T1137] batman_adv: batadv0: Removing interface: virt_wifi0 [ 798.150678][ T1137] batman_adv: batadv0: Removing interface: ipvlan1 [ 798.166991][ T1137] device bond0 left promiscuous mode [ 798.174596][ T1137] device bond_slave_0 left promiscuous mode [ 798.186596][ T1137] device bond_slave_1 left promiscuous mode [ 798.193554][ T1137] bridge0: port 3(bond0) entered disabled state [ 798.207402][ T1137] device bridge_slave_1 left promiscuous mode [ 798.215952][ T1137] bridge0: port 2(bridge_slave_1) entered disabled state [ 798.233390][ T1137] device bridge_slave_0 left promiscuous mode [ 798.253842][ T1137] bridge0: port 1(bridge_slave_0) entered disabled state [ 798.305071][ T1137] device veth1_macvtap left promiscuous mode [ 798.495650][ T1137] team0 (unregistering): Port device vlan0 removed [ 798.553607][ T1137] team0 (unregistering): Port device team_slave_1 removed [ 798.571822][ T1137] team0 (unregistering): Port device team_slave_0 removed [ 798.588504][ T1137] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 798.603910][ T1137] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 798.674432][ T1137] bond0 (unregistering): Released all slaves [ 798.749451][ T7] Bluetooth: hci3: command 0x041b tx timeout [ 798.880923][T23554] 8021q: adding VLAN 0 to HW filter on device bond0 [ 798.991027][T23554] 8021q: adding VLAN 0 to HW filter on device team0 [ 798.998262][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 799.014120][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 799.130173][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 799.161182][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 799.183437][ T4869] bridge0: port 1(bridge_slave_0) entered blocking state [ 799.190595][ T4869] bridge0: port 1(bridge_slave_0) entered forwarding state [ 799.212163][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 799.233114][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 799.247711][ T4869] bridge0: port 2(bridge_slave_1) entered blocking state [ 799.254824][ T4869] bridge0: port 2(bridge_slave_1) entered forwarding state [ 799.331198][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 799.349522][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 799.369574][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 799.421374][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 799.444602][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 799.500732][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 799.536488][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 799.560223][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 799.580807][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 799.604279][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 799.649146][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 799.677673][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 799.697532][T23554] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 800.087277][T23554] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 800.098416][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 800.119011][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 800.189632][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 800.202062][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 800.232483][T23788] device pim6reg1 entered promiscuous mode [ 800.273174][T23795] device pim6reg1 entered promiscuous mode [ 800.317626][T23554] device veth0_vlan entered promiscuous mode [ 800.359619][T10227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 800.369710][T10227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 800.386727][T23554] device veth1_vlan entered promiscuous mode [ 800.415480][T10227] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 800.436876][T10227] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 800.464475][T10227] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 800.543009][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 800.570240][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 800.588331][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 800.629616][T23554] device veth0_macvtap entered promiscuous mode [ 800.669266][T23554] device veth1_macvtap entered promiscuous mode [ 800.720601][T23554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 800.727507][T23811] ODEBUG: Out of memory. ODEBUG disabled [ 800.728631][T23811] [ 800.728637][T23811] ====================================================== [ 800.728643][T23811] WARNING: possible circular locking dependency detected [ 800.728650][T23811] 5.15.168-syzkaller #0 Not tainted [ 800.728660][T23811] ------------------------------------------------------ [ 800.728667][T23811] syz.4.6956/23811 is trying to acquire lock: [ 800.728676][T23811] ffffffff8c9147a0 (console_owner){-.-.}-{0:0}, at: console_trylock_spinning+0x185/0x3f0 [ 800.728723][T23811] [ 800.728723][T23811] but task is already holding lock: [ 800.728729][T23811] ffff8880292dcdb8 (&trie->lock){....}-{2:2}, at: trie_update_elem+0xc5/0xc00 [ 800.728776][T23811] [ 800.728776][T23811] which lock already depends on the new lock. [ 800.728776][T23811] [ 800.728782][T23811] [ 800.728782][T23811] the existing dependency chain (in reverse order) is: [ 800.728788][T23811] [ 800.728788][T23811] -> #5 (&trie->lock){....}-{2:2}: [ 800.728809][T23811] lock_acquire+0x1db/0x4f0 [ 800.728824][T23811] _raw_spin_lock_irqsave+0xd1/0x120 [ 800.728843][T23811] trie_delete_elem+0x90/0x690 [ 800.728860][T23811] bpf_prog_59a8d1922c423752+0x5f1/0xea4 [ 800.728874][T23811] bpf_trace_run2+0x29e/0x340 [ 800.728891][T23811] trace_tlb_flush+0xed/0x110 [ 800.728906][T23811] switch_mm_irqs_off+0x748/0xa30 [ 800.728920][T23811] __schedule+0x1167/0x45b0 [ 800.728935][T23811] preempt_schedule_common+0x83/0xd0 [ 800.728950][T23811] preempt_schedule+0xd9/0xe0 [ 800.728965][T23811] preempt_schedule_thunk+0x16/0x18 [ 800.728982][T23811] vprintk_emit+0x146/0x150 [ 800.728996][T23811] _printk+0xd1/0x120 [ 800.729014][T23811] addrconf_notify+0xa80/0xf30 [ 800.729029][T23811] raw_notifier_call_chain+0xd0/0x170 [ 800.729047][T23811] netdev_state_change+0x1a3/0x250 [ 800.729064][T23811] linkwatch_do_dev+0x10c/0x160 [ 800.729083][T23811] __linkwatch_run_queue+0x4ca/0x7f0 [ 800.729102][T23811] linkwatch_event+0x48/0x50 [ 800.729119][T23811] process_one_work+0x8a1/0x10c0 [ 800.729136][T23811] worker_thread+0xdcf/0x1280 [ 800.729153][T23811] kthread+0x3f6/0x4f0 [ 800.729166][T23811] ret_from_fork+0x1f/0x30 [ 800.729182][T23811] [ 800.729182][T23811] -> #4 (&rq->__lock){-.-.}-{2:2}: [ 800.729202][T23811] lock_acquire+0x1db/0x4f0 [ 800.729216][T23811] _raw_spin_lock_nested+0x2d/0x40 [ 800.729233][T23811] raw_spin_rq_lock_nested+0x26/0x140 [ 800.729250][T23811] task_fork_fair+0x5d/0x350 [ 800.729265][T23811] sched_cgroup_fork+0x2d3/0x330 [ 800.729282][T23811] copy_process+0x224a/0x3ef0 [ 800.729298][T23811] kernel_clone+0x210/0x960 [ 800.729312][T23811] kernel_thread+0x168/0x1e0 [ 800.729333][T23811] rest_init+0x21/0x330 [ 800.729350][T23811] start_kernel+0x48c/0x540 [ 800.729369][T23811] secondary_startup_64_no_verify+0xb1/0xbb [ 800.729387][T23811] [ 800.729387][T23811] -> #3 (&p->pi_lock){-.-.}-{2:2}: [ 800.729408][T23811] lock_acquire+0x1db/0x4f0 [ 800.729423][T23811] _raw_spin_lock_irqsave+0xd1/0x120 [ 800.729439][T23811] try_to_wake_up+0xae/0x1300 [ 800.729457][T23811] __wake_up_common+0x2a0/0x4e0 [ 800.729476][T23811] __wake_up+0x112/0x1c0 [ 800.729493][T23811] tty_port_default_wakeup+0xa8/0x100 [ 800.729511][T23811] serial8250_tx_chars+0x60d/0x800 [ 800.729529][T23811] serial8250_handle_irq+0x505/0x600 [ 800.729547][T23811] serial8250_default_handle_irq+0xc8/0x1e0 [ 800.729566][T23811] serial8250_interrupt+0xa1/0x1e0 [ 800.729588][T23811] __handle_irq_event_percpu+0x292/0xa70 [ 800.729607][T23811] handle_irq_event+0xff/0x2b0 [ 800.729624][T23811] handle_edge_irq+0x245/0xbf0 [ 800.729638][T23811] __common_interrupt+0xd7/0x1f0 [ 800.729652][T23811] common_interrupt+0xae/0xd0 [ 800.729669][T23811] asm_common_interrupt+0x22/0x40 [ 800.729687][T23811] lock_acquire+0x252/0x4f0 [ 800.729701][T23811] fs_reclaim_acquire+0x83/0x120 [ 800.729716][T23811] slab_pre_alloc_hook+0x22/0xc0 [ 800.729733][T23811] kmem_cache_alloc+0x3f/0x280 [ 800.729748][T23811] anon_vma_fork+0xed/0x580 [ 800.729764][T23811] copy_mm+0x9f2/0x1370 [ 800.729779][T23811] copy_process+0x1816/0x3ef0 [ 800.729794][T23811] kernel_clone+0x210/0x960 [ 800.729808][T23811] __x64_sys_clone+0x23f/0x290 [ 800.729823][T23811] do_syscall_64+0x3b/0xb0 [ 800.729837][T23811] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 800.729856][T23811] [ 800.729856][T23811] -> #2 (&tty->write_wait){-...}-{2:2}: [ 800.729877][T23811] lock_acquire+0x1db/0x4f0 [ 800.729891][T23811] _raw_spin_lock_irqsave+0xd1/0x120 [ 800.729908][T23811] __wake_up+0xf5/0x1c0 [ 800.729925][T23811] tty_port_default_wakeup+0xa8/0x100 [ 800.729941][T23811] serial8250_tx_chars+0x60d/0x800 [ 800.729959][T23811] serial8250_handle_irq+0x505/0x600 [ 800.729978][T23811] serial8250_default_handle_irq+0xc8/0x1e0 [ 800.729997][T23811] serial8250_interrupt+0xa1/0x1e0 [ 800.730015][T23811] __handle_irq_event_percpu+0x292/0xa70 [ 800.730032][T23811] handle_irq_event+0xff/0x2b0 [ 800.730049][T23811] handle_edge_irq+0x245/0xbf0 [ 800.730064][T23811] __common_interrupt+0xd7/0x1f0 [ 800.730078][T23811] common_interrupt+0xae/0xd0 [ 800.730094][T23811] asm_common_interrupt+0x22/0x40 [ 800.730112][T23811] _raw_spin_unlock_irqrestore+0xd4/0x130 [ 800.730129][T23811] uart_write+0x6af/0x930 [ 800.730144][T23811] n_tty_write+0xd7e/0x1280 [ 800.730158][T23811] file_tty_write+0x561/0x920 [ 800.730176][T23811] vfs_write+0xacd/0xe50 [ 800.730192][T23811] ksys_write+0x1a2/0x2c0 [ 800.730208][T23811] do_syscall_64+0x3b/0xb0 [ 800.730223][T23811] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 800.730241][T23811] [ 800.730241][T23811] -> #1 (&port_lock_key){-.-.}-{2:2}: [ 800.730262][T23811] lock_acquire+0x1db/0x4f0 [ 800.730276][T23811] _raw_spin_lock_irqsave+0xd1/0x120 [ 800.730293][T23811] serial8250_console_write+0x19d/0x1180 [ 800.730312][T23811] console_unlock+0xced/0x12b0 [ 800.730332][T23811] vprintk_emit+0xbf/0x150 [ 800.730346][T23811] _printk+0xd1/0x120 [ 800.730364][T23811] register_console+0x65a/0x940 [ 800.730380][T23811] univ8250_console_init+0x41/0x50 [ 800.730396][T23811] console_init+0x18c/0x660 [ 800.730413][T23811] start_kernel+0x301/0x540 [ 800.730427][T23811] secondary_startup_64_no_verify+0xb1/0xbb [ 800.730444][T23811] [ 800.730444][T23811] -> #0 (console_owner){-.-.}-{0:0}: [ 800.730464][T23811] validate_chain+0x1649/0x5930 [ 800.730479][T23811] __lock_acquire+0x1295/0x1ff0 [ 800.730493][T23811] lock_acquire+0x1db/0x4f0 [ 800.730507][T23811] console_trylock_spinning+0x1a5/0x3f0 [ 800.730522][T23811] vprintk_emit+0xa6/0x150 [ 800.730536][T23811] _printk+0xd1/0x120 [ 800.730552][T23811] debug_objects_oom+0xb4/0x370 [ 800.730571][T23811] debug_object_activate+0x42d/0x4e0 [ 800.730589][T23811] kvfree_call_rcu+0xb6/0x8a0 [ 800.730605][T23811] trie_update_elem+0x808/0xc00 [ 800.730622][T23811] bpf_map_update_value+0x5d7/0x6c0 [ 800.730640][T23811] generic_map_update_batch+0x54d/0x8b0 [ 800.730658][T23811] bpf_map_do_batch+0x4d0/0x620 [ 800.730672][T23811] __sys_bpf+0x55c/0x670 [ 800.730688][T23811] __x64_sys_bpf+0x78/0x90 [ 800.730705][T23811] do_syscall_64+0x3b/0xb0 [ 800.730719][T23811] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 800.730738][T23811] [ 800.730738][T23811] other info that might help us debug this: [ 800.730738][T23811] [ 800.730743][T23811] Chain exists of: [ 800.730743][T23811] console_owner --> &rq->__lock --> &trie->lock [ 800.730743][T23811] [ 800.730766][T23811] Possible unsafe locking scenario: [ 800.730766][T23811] [ 800.730771][T23811] CPU0 CPU1 [ 800.730775][T23811] ---- ---- [ 800.730779][T23811] lock(&trie->lock); [ 800.730789][T23811] lock(&rq->__lock); [ 800.730800][T23811] lock(&trie->lock); [ 800.730810][T23811] lock(console_owner); [ 800.730821][T23811] [ 800.730821][T23811] *** DEADLOCK *** [ 800.730821][T23811] [ 800.730824][T23811] 2 locks held by syz.4.6956/23811: [ 800.730834][T23811] #0: ffffffff8c91fc20 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 [ 800.730875][T23811] #1: ffff8880292dcdb8 (&trie->lock){....}-{2:2}, at: trie_update_elem+0xc5/0xc00 [ 800.730914][T23811] [ 800.730914][T23811] stack backtrace: [ 800.730920][T23811] CPU: 0 PID: 23811 Comm: syz.4.6956 Not tainted 5.15.168-syzkaller #0 [ 800.730937][T23811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 800.730947][T23811] Call Trace: [ 800.730953][T23811] [ 800.730959][T23811] dump_stack_lvl+0x1e3/0x2d0 [ 800.730978][T23811] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 800.731000][T23811] ? print_circular_bug+0x12b/0x1a0 [ 800.731019][T23811] check_noncircular+0x2f8/0x3b0 [ 800.731038][T23811] ? add_chain_block+0x850/0x850 [ 800.731052][T23811] ? lockdep_lock+0x11f/0x2a0 [ 800.731067][T23811] ? _find_first_zero_bit+0xcf/0xf0 [ 800.731086][T23811] validate_chain+0x1649/0x5930 [ 800.731108][T23811] ? reacquire_held_locks+0x660/0x660 [ 800.731123][T23811] ? __lock_acquire+0x1295/0x1ff0 [ 800.731137][T23811] ? reacquire_held_locks+0x660/0x660 [ 800.731165][T23811] ? mark_lock+0x98/0x340 [ 800.731182][T23811] __lock_acquire+0x1295/0x1ff0 [ 800.731202][T23811] lock_acquire+0x1db/0x4f0 [ 800.731216][T23811] ? console_trylock_spinning+0x185/0x3f0 [ 800.731234][T23811] ? read_lock_is_recursive+0x10/0x10 [ 800.731250][T23811] ? __lock_acquire+0x1ff0/0x1ff0 [ 800.731264][T23811] ? do_raw_spin_lock+0x14a/0x370 [ 800.731283][T23811] ? do_raw_spin_unlock+0x137/0x8b0 [ 800.731301][T23811] ? is_bpf_text_address+0x24f/0x260 [ 800.731320][T23811] console_trylock_spinning+0x1a5/0x3f0 [ 800.731345][T23811] ? console_trylock_spinning+0x185/0x3f0 [ 800.731364][T23811] ? vprintk_emit+0x150/0x150 [ 800.731379][T23811] ? __lock_acquire+0x1295/0x1ff0 [ 800.731400][T23811] vprintk_emit+0xa6/0x150 [ 800.731417][T23811] _printk+0xd1/0x120 [ 800.731440][T23811] ? panic+0x860/0x860 [ 800.731456][T23811] ? do_raw_spin_lock+0x14a/0x370 [ 800.731470][T23811] ? __lock_acquire+0x1ff0/0x1ff0 [ 800.731487][T23811] debug_objects_oom+0xb4/0x370 [ 800.731509][T23811] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 800.731527][T23811] ? debug_object_activate+0x4e0/0x4e0 [ 800.731549][T23811] debug_object_activate+0x42d/0x4e0 [ 800.731570][T23811] kvfree_call_rcu+0xb6/0x8a0 [ 800.731588][T23811] ? call_rcu+0xa70/0xa70 [ 800.731601][T23811] ? __kmalloc_node+0x199/0x390 [ 800.731616][T23811] ? bpf_map_kmalloc_node+0xdb/0x160 [ 800.731635][T23811] ? _raw_spin_lock+0x40/0x40 [ 800.731653][T23811] ? longest_prefix_match+0x2db/0x640 [ 800.731684][T23811] trie_update_elem+0x808/0xc00 [ 800.731713][T23811] bpf_map_update_value+0x5d7/0x6c0 [ 800.731736][T23811] generic_map_update_batch+0x54d/0x8b0 [ 800.731762][T23811] ? rcu_read_unlock+0x90/0x90 [ 800.731782][T23811] ? __fdget+0x191/0x220 [ 800.731800][T23811] ? rcu_read_unlock+0x90/0x90 [ 800.731819][T23811] bpf_map_do_batch+0x4d0/0x620 [ 800.731837][T23811] __sys_bpf+0x55c/0x670 [ 800.731858][T23811] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 800.731885][T23811] ? syscall_enter_from_user_mode+0x2e/0x240 [ 800.731904][T23811] ? lockdep_hardirqs_on+0x94/0x130 [ 800.731924][T23811] __x64_sys_bpf+0x78/0x90 [ 800.731944][T23811] do_syscall_64+0x3b/0xb0 [ 800.731961][T23811] ? clear_bhb_loop+0x15/0x70 [ 800.731976][T23811] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 800.731997][T23811] RIP: 0033:0x7f61013b9ff9 [ 800.732013][T23811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 800.732027][T23811] RSP: 002b:00007f60ff832038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 800.732044][T23811] RAX: ffffffffffffffda RBX: 00007f6101571f80 RCX: 00007f61013b9ff9 [ 800.732057][T23811] RDX: 0000000000000038 RSI: 0000000020000480 RDI: 000000000000001a [ 800.732068][T23811] RBP: 00007f610142c296 R08: 0000000000000000 R09: 0000000000000000 [ 800.732078][T23811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 800.732088][T23811] R13: 0000000000000000 R14: 00007f6101571f80 R15: 00007ffcc5d9b758 [ 800.732106][T23811] [ 800.738020][T23554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 800.830667][ T7] Bluetooth: hci3: command 0x040f tx timeout [ 801.000367][T23554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 801.954060][T23554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 801.965527][T23554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 801.976152][T23554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 801.986251][T23554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 801.996739][T23554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 802.006720][T23554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 802.017207][T23554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 802.030937][T23554] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 802.048788][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 802.056829][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 802.074914][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 802.085365][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 802.095044][T23554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 802.105913][T23554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 802.115809][T23554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 802.126235][T23554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 802.136087][T23554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 802.146507][T23554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 802.156331][T23554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 802.166914][T23554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 802.176996][T23554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 802.188047][T23554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 802.199019][T23554] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 802.210371][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 802.221028][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 802.232450][T23554] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 802.242546][T23554] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 802.251263][T23554] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 802.260390][T23554] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 802.295900][T23554] ieee80211 phy476: Selected rate control algorithm 'minstrel_ht' [ 802.313640][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 802.314366][T23554] ieee80211 phy477: Selected rate control algorithm 'minstrel_ht' [ 802.329571][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 802.340715][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 802.350409][ T4869] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 802.358237][ T4869] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 802.365863][ T3870] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 803.059203][ T3615] Bluetooth: hci3: command 0x0419 tx timeout [ 808.584114][ T1390] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.590413][ T1390] ieee802154 phy1 wpan1: encryption failed: -22