{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="000104000000000000001700000014000980080001002e0d0000003f9399c2493354b14add3dc82fde69d06abfd83a8f30df59"], 0x28}}, 0x4008001) 02:39:23 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x54, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x215}, 0x0) 02:39:23 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000b8000040001"], 0x24}}, 0x0) 02:39:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000020000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:23 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000900"/36}}]}]}, 0x64}}, 0x0) 02:39:23 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000003f00"/36}}]}]}, 0x64}}, 0x0) [ 3294.638629][T25062] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 42527 - 0 [ 3294.673927][T25062] netdevsim netdevsim0 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 02:39:23 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000c8000040001"], 0x24}}, 0x0) [ 3294.782033][T25062] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 42527 - 0 [ 3294.794872][T25062] netdevsim netdevsim0 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 02:39:23 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000d8000040001"], 0x24}}, 0x0) 02:39:23 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000e8000040001"], 0x24}}, 0x0) [ 3294.881023][T25062] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 42527 - 0 [ 3294.907678][T25062] netdevsim netdevsim0 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 02:39:24 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000f8000040001"], 0x24}}, 0x0) [ 3294.979973][T25062] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 42527 - 0 [ 3294.998834][T25062] netdevsim netdevsim0 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 02:39:24 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000108000040001"], 0x24}}, 0x0) 02:39:24 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000118000040001"], 0x24}}, 0x0) [ 3295.124866][T25062] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 42527 - 0 [ 3295.143274][T25062] netdevsim netdevsim0 eth0: set [1, 1] type 2 family 0 port 6081 - 0 [ 3295.168162][T25062] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 42527 - 0 [ 3295.191166][T25062] netdevsim netdevsim0 eth1: set [1, 1] type 2 family 0 port 6081 - 0 [ 3295.222610][T25062] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 42527 - 0 [ 3295.240895][T25062] netdevsim netdevsim0 eth2: set [1, 1] type 2 family 0 port 6081 - 0 [ 3295.269466][T25062] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 42527 - 0 [ 3295.281711][T25062] netdevsim netdevsim0 eth3: set [1, 1] type 2 family 0 port 6081 - 0 [ 3295.339255][T25066] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 42527 - 0 [ 3295.364365][T25066] netdevsim netdevsim0 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 3295.452727][T25066] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 42527 - 0 [ 3295.462866][T25066] netdevsim netdevsim0 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 3295.508960][T25066] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 42527 - 0 [ 3295.519166][T25066] netdevsim netdevsim0 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 3295.601524][T25066] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 42527 - 0 [ 3295.611638][T25066] netdevsim netdevsim0 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 3300.588432][T25066] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 42527 - 0 [ 3300.596884][T25066] netdevsim netdevsim0 eth0: set [1, 1] type 2 family 0 port 6081 - 0 [ 3300.617168][T25066] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 42527 - 0 [ 3300.625906][T25066] netdevsim netdevsim0 eth1: set [1, 1] type 2 family 0 port 6081 - 0 02:39:29 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x20, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x3}]}]}, 0x20}}, 0x2000000) 02:39:29 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000128000040001"], 0x24}}, 0x0) 02:39:29 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000e00"/36}}]}]}, 0x64}}, 0x0) 02:39:29 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000030000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:29 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x54, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0xf000000}, 0x0) 02:39:29 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000004400"/36}}]}]}, 0x64}}, 0x0) [ 3300.645416][T25066] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 42527 - 0 [ 3300.654314][T25066] netdevsim netdevsim0 eth2: set [1, 1] type 2 family 0 port 6081 - 0 [ 3300.674348][T25066] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 42527 - 0 [ 3300.685121][T25066] netdevsim netdevsim0 eth3: set [1, 1] type 2 family 0 port 6081 - 0 02:39:29 executing program 4: r0 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r0) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpid() sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000007c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r3}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r3}}]}, 0x64}}, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f0000005440)={0x0, 0x0, &(0x7f00000052c0)=[{&(0x7f0000005280)=""/57, 0x39}], 0x1, &(0x7f0000005300)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x118}, 0x10002) sendmsg$nl_generic(r0, &(0x7f0000005580)={&(0x7f0000005240)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000005540)={&(0x7f0000005480)={0xac, 0x25, 0x8, 0x70bd29, 0x25dfdbfd, {0x20}, [@typed={0x8, 0x96, 0x0, 0x0, @pid=r3}, @generic, @typed={0x8, 0x18, 0x0, 0x0, @ipv4=@loopback}, @typed={0x8, 0x28, 0x0, 0x0, @uid=r4}, @generic="8c224d51caa1ff01cdab3ea555c726e2fdb21d0624759c4af5bb04f2cb49dd1200164e526df78b9a1132b1123111d7826eb395ec8a3dbfd686cef96c9851f3e0c6e960aa382b75b573dc5069e5cf25e4c35ad35da6c20ca0455c72e652fbd0048dd06ca6cbc013c7f1fca8f721fa116b7b4c250e8052fb08da7f141527e5"]}, 0xac}, 0x1, 0x0, 0x0, 0x40000}, 0x20008080) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) recvmmsg(r5, &(0x7f0000004e40)=[{{&(0x7f00000000c0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x80, &(0x7f0000002500)=[{&(0x7f0000000140)=""/92, 0x5c}, {&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f00000001c0)=""/49, 0x31}, {&(0x7f0000001240)=""/162, 0xa2}, {&(0x7f0000001300)=""/214, 0xd6}, {&(0x7f0000001400)=""/139, 0x8b}, {&(0x7f00000014c0)=""/4096, 0x1000}, {&(0x7f00000024c0)=""/2, 0x2}], 0x8, &(0x7f0000002580)=""/29, 0x1d}, 0x5}, {{&(0x7f00000025c0)=@pptp={0x18, 0x2, {0x0, @loopback}}, 0x80, &(0x7f0000004b80)=[{&(0x7f0000002640)=""/4096, 0x1000}, {&(0x7f0000003640)=""/24, 0x18}, {&(0x7f0000003680)=""/226, 0xe2}, {&(0x7f0000003780)=""/16, 0x10}, {&(0x7f00000037c0)=""/203, 0xcb}, {&(0x7f00000038c0)=""/89, 0x59}, {&(0x7f0000003940)=""/4096, 0x1000}, {&(0x7f0000004940)=""/174, 0xae}, {&(0x7f0000004a00)=""/188, 0xbc}, {&(0x7f0000004ac0)=""/181, 0xb5}], 0xa, &(0x7f0000004c40)=""/9, 0x9}, 0x4}, {{&(0x7f0000004c80)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private1}}}, 0x80, &(0x7f0000004dc0)=[{&(0x7f0000004d00)=""/4, 0x4}, {&(0x7f0000004d40)=""/72, 0x48}], 0x2, &(0x7f0000004e00)=""/12, 0xc}, 0x1}], 0x3, 0x40, 0x0) r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000004f40), r5) sendmsg$TIPC_NL_PUBL_GET(r7, &(0x7f00000051c0)={&(0x7f0000004f00)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000005180)={&(0x7f0000004f80)={0x1d8, r8, 0x200, 0x70bd27, 0x25dfdbfd, {}, [@TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}]}, @TIPC_NLA_NET={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x101}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xe916}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x6}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x200}]}, @TIPC_NLA_NET={0x38, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xa}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4a}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3f}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x9}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x2}]}, @TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_BEARER={0x48, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x7, @ipv4={'\x00', '\xff\xff', @loopback}, 0x9}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7fff}}}}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7fffffff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x401}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xc84f}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}]}, @TIPC_NLA_BEARER={0xd4, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}, 0x101}}, {0x14, 0x2, @in={0x2, 0x4e23, @multicast1}}}}, @TIPC_NLA_BEARER_NAME={0x11, 0x1, @l2={'eth', 0x3a, 'macvtap0\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x7, @local, 0x4}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffe}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}]}]}, 0x1d8}, 0x1, 0x0, 0x0, 0x40000c1}, 0x4) r9 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r9, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) recvfrom$inet6(r9, &(0x7f0000000500)=""/4096, 0x1000, 0x20, &(0x7f0000000000)={0xa, 0x4e22, 0x3ff, @mcast2, 0x3}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f0000005200), r9) sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="000104000000000000001700000014000980080001002e0d0000003f9399c2493354b14add3dc82fde69d06abfd83a8f30df59"], 0x28}}, 0x4008001) 02:39:29 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000040000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:29 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000138000040001"], 0x24}}, 0x0) 02:39:29 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000035600"/36}}]}]}, 0x64}}, 0x0) 02:39:30 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000f00"/36}}]}]}, 0x64}}, 0x0) 02:39:30 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000170000040067636d286165732900000000000085b5539c2cb5ce8a7900000000f4dfef3d00e3d159af2c7ef872000000000000000000000000001400000087d6e5dada2cab2612fd053a12391811067d43c800000000000000740baa0b8b2d1e37881a0b082686b7f9f3a4e81a16668090b6834a32702631bee986570bef41671a6f19e7ebf58b7c407214dd7351b843762451f38ccc26bed71cd8a863b6aa1e0f55af7d2fef28ab3daf3ad0afcd53413d4783e4eab322d3005799676ca7fc20f3bba8f7805aefe58eccd8ad151fc4164b56610c13a9"], 0x54}}, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r2) r3 = socket$netlink(0x10, 0x3, 0x14) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x14, 0x0, 0x4, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x240008c4) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r6) pipe(&(0x7f0000000f00)={0xffffffffffffffff}) sendmsg$NBD_CMD_RECONFIGURE(r7, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000500)={0x68, r8, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_SOCKETS={0x34, 0x7, 0x0, 0x1, [{0x8}, {0x8}, {0xffffffffffffff50}, {0x8}, {0x8}, {0x8}, {0x8}, {0x8}, {0x8}, {0x8, 0x1, r9}]}]}, 0x68}}, 0x0) sendmsg$NBD_CMD_RECONFIGURE(r5, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x34, r8, 0x8, 0x70bd28, 0x25dfdbfc, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x1}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x101}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x40800) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x24, r11, 0x401, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x4}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_STOP_NAN(r3, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r11, 0x800, 0x70bd2d, 0x25dfdbfe, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x1) sendmsg$NL802154_CMD_GET_SEC_LEVEL(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x38, 0x0, 0x20, 0x70bd27, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x4040810}, 0x801) 02:39:30 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000148000040001"], 0x24}}, 0x0) 02:39:30 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x54, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x7000000}, 0x0) 02:39:30 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000070000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3301.210506][T25159] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3301.246988][T25159] nbd: couldn't find a device at index 8 02:39:30 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000006b00"/36}}]}]}, 0x64}}, 0x0) 02:39:30 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800006000"/36}}]}]}, 0x64}}, 0x0) [ 3301.277573][T25160] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3301.339699][T25159] nbd: couldn't find a device at index 8 02:39:30 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000158000040001"], 0x24}}, 0x0) 02:39:30 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x54, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0xf0ffff}, 0x0) 02:39:30 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000f000"/36}}]}]}, 0x64}}, 0x0) 02:39:30 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r4) sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f0000002b80)={0x12b4, r1, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@TIPC_NLA_BEARER={0x120, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0xf0e, @dev={0xfe, 0x80, '\x00', 0x38}, 0x200}}, {0x14, 0x2, @in={0x2, 0x4e21, @empty}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x7, @mcast1, 0x4}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x3, @mcast2, 0x80000001}}}}, @TIPC_NLA_BEARER_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x101}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7ff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x101}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x20}, @TIPC_NLA_PROP_TOL={0x8}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x8001f, @loopback}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x5, @mcast2, 0x7}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}, @TIPC_NLA_NODE={0x1144, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0xa1, 0x3, "bdc1dc37fa2208a9a3ad64e1a5019949d67fd1e849097fae33bfd1caf73a1c308e1f29b005574adac86acd260cf68767c0ed3717dd78748f2dc4cb88811adfc20bcd902473771ea2c2c8dd420d5f7083e0239e9510cb48ae0fd183dc4a4c6c4d417d1c7ca7be3c734149b65b4a5f28899da234f26bbbe7c182e8aa23fe7742a5b3035796eafd6183768a32bd97e18031f375bda97343dff6a5a19297d9"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1ff}, @TIPC_NLA_NODE_ID={0x1004, 0x3, "79171bc14c77dbb28f1457c17e8df20cf316be0444d395ed30aad7822242683d3c77394063423d56aaa8df728d939172f211356c4d2af6c7d58c992918e59f01f4006001f91d564ff9c4ec278bb9fc5c30f62778bd98ec7ab8e583dd2cbd9a5e792a7bf6fca97645a595a39b22f6ea05730d781ca253a1b853fa7f64da75717857b77a41449a3a2912040c5d7a2524f310b420c143d92bdac4b10c2d7afda196ac683c5dee160bd4df497004d4ec25044622fbe156ad0e17f7842c903398a27b5663d08ebec7f25061d223a8ce4fa5c6548199404c1180625ea0666e51601deed8a2c28987a4a29566ebf3f0d65dd85d5617499381f5af24f5fb53972a7edb6e904d6d4ef99eb028ca9e777bab158d65bcd51fc3037ad758b015c5fdde5db4dda6f48aadc4c7e481d24092226f4f7723e1da12a5b9d22e114584e3f84961749158f361700743a8ec5d94232ef000e5ed42b430017c7db69e471d0eaeff10aa3086d74ece2232375a6fa8f6ffbf4d6755fbdb94003248409256db46ff9886c94785582aefd42f015ebca41164d1f4ce30dead92d84680e0a540eb872d0e5f984290568c15bd1f468493fd605a43275966adbc971827bc6af6742b7acf8708ef5f403c6b3407a71bd8b4f0f733fe13145a9fa4c544159255bb9c2ffc38f44b9fa448d19a203a8893fbe48da002f0baa429ab63ba8183258328efba239e93005ce0a9cec2386d5c9139822188bf20fb79c590ad681c66df199eca6c6211dadad75b0046e6979ce9f00cb604ab02d32d1b30cec4bacfb5457b6c9217c37dc2bda22dee7d4edc93eaf1ab5a69bdb978c7d01f4a18df860e90b1c053c58625cd272c5e055d757d78573046b39fde8d3cf21d9e4744db93a1b8206705472a1942288aa4cd341bf742709eeb3b364ed49229f8bc59bac5781acbf6d7eb55cd294970f6c2303eaf8cf69ccfd9692c1212e60abcc938b8cf49aeaa99fe6a17db8d17dd85d39029b294c29e010f8b18c79cc5710e636cb8590d88a8606ed23355d1a86f8b6c1219e60ade4fbc67c0a88d765d183fb0596992ddfa656358acf1ba1aff91505191e7c0a8988efa637160bff88bb905a302a5b019e57c7489beafb2bc58c377cf28613c27e3592f7b71ed15306080a02bdd9a8632a81c4c4fad1c73fd63f11bf4d3914e427458dbe15886079ada9a1af9443811d0d1430ee7a6ad00e7385336616cb766d824beb97c5eca40313a5a8de834242079f750b0e05c789cbcebf0d0c493d2f2a05b863af3a898699a68b94b6b7fe0dad5ca7081e3701e2e973506ba50afba2bccbbc3b7536b0e84be292f5e387761402b09ad3b17f678db1223913b42a08687f27ce50409a760169bda7f3380ae242ae4dc023158ebd2175f228fb893bb97a82d3c89071c13e39726c6779f691aa4f22c8abef5fd5247d59bd6f65bd007e57f50fc40eaf6560d4cfe4158f8fe0d2800e86402856e8fec3046017a1845df6dd9b7c001552879b5e2b0cf6d1d1673eea551b93914cbaa6d25097c0025e9fc77bac1bb3c1830dd4d1e64b7081ac6578d13d268f881ca9c7b249b9a377ac4c806707f2d627d90092f6d21e2b119c60ed5d4cdb83e5c83e8c1db1a0c11b68e2e1abcbc62e85d66e5077b70ea06219f894da1a8e6d6f3cc0a6b152b570be63ae9cdbc6dbfbc1cdb4d2dd8a65f062505698f41395c6d840a18f23351e6568e6395ecdeb88339f3efb6d5061705413082877c1a29aa9d4d0950d17959c3642300b5c91c6c547bed6c8e3aa6a9881b4c114e810fc3f93360f272e00de197bc3ad0a8ca30e9c95a985f29655abca692bf9389d72f2dfa963f540e319a64dbc62b8827c0bdc286661110865689f5b70fdd85fe397b62602170275cce878b1f5bda2f305af883a176a1d47337e38322bbb17e538f54b5271e94c42198681df60859acae1836ab61625bf32b5b73af54a0da7d69781f56fca1eb3b3fbbebc5e4598041284afcb726e7b9ce71fef23c9aac3d9328b54c64d9ae380a835805de6105faf530d88f1500c1b74b521205efc671042a72fb9d8db1cda3c3894e1410fa956792bdd06865f715e9e2d559236eac733fc288b666d509331a4f675292f108d505c3557a1d75afe590f5a1b96be2120fcfa3e08f9ee7ddd65f5e8bbcd1dcaf436cfccc794dcb86b087cc00f69f3610f6f4b131e8f63a9604728fd705787e4ee1d5601a10c9ab12fe9fe6b525cd74e30e47d9ad52a599c5b8befde39db5ab8570a2991ca767b8eb673d830bf3f54d02bfc4f4d4228683429673f41c49d3b9797e8bb864d2df51f51115ead26d96a976ee0767d4af009bade6d1eadf5ba1752a6de5baea4330e05751ca65f1226bbb330170f430ce9cb6f13bb2633b97076e3dbf963a0be37607a1f1df1558a2bcbde77ccc528343aaf70d828c54c677aea0274135cc31e37acbf02e5eacf2f76ff7c2135c7667919e20a35499d2a4b1732f8062026edc4473c9be669aff57e3c37cf829748f11f723034ba3b29a61b6e5c2edf949b9709cfd5da3f9b1ac8b646331e2d548d58c0db2aa380bbba0be3448858c9e598a9e0fa179748af32864dd1c7dbf7e645ddc343974485f08efb72f7e90d8070efda2cabef915b3254d3789473ec7d181f11b2c6a60ec4c59b06418d48d093d8f6dbf050c50dedbf59d5a7605794c3811148f93ffdae83466231c6dd27170a1772f2792718701bff757416851588408f2e3f466a59101c878263378ad8b160d31a04e29523d2c9310269b1e1a2a2aee3ee9ca5f999d2636b601aec1bfb2c541287b6ab9ef0b5a6975b8af3a27034002be9e455039766cdc6a9e68debd5351435585c06349c5085c220ad096ed0edcbef62a2329a94d78f6711d575cc22482f31fa567a00d23c403ee05ad67a6ac34f223bcb40e2aaf2b47bd3bfa9f745ec7496806a5f473aac022ed90fae2a3f4f9cc60e14104e5aaad8ed95b7bf7cf2453c542bad7f9aae95ad955a9a92311919fa8aaef8c41b19cd07511b00a0966f78133cd4e6a68f7f11174195aa7034ee583fdefc055b540a354506acca2d2f5545b21982c25593f12d8871b1b48e9e1b580b77b2581cc2b373fc0bcdaf5f614d6c827a10f8a5b1e90f83f4b831929c5b04adb0206c2d5ac94d3a0872c706ed893a8b5a7a3bba9b18eaf3b20896f446a36a1cca8fd2a6a549df22b54541350af527026bca9e1763191c736415cc0d39af055c13786535c1a3a00bac05ea1d8052bce73f8010e99314a3e570cc9bf1419a9a04f45a2e911981ba65157b57d5b07ceed69bf559f2ed91bdd8af4af326a96377223bfd097431516ff59f492416d122357fb3a3d26b4cda310478d313f3e74c74ec75453b1fafdf58c0c74b6608fe6ff8ae9621b8c8a9f559681219c146d3a48ccca08595c1d1330fccc14d78fef89db84dc888dd0f62fb42d4879cfaabe50b4d2c07f75615ece8871e077d24ac67ababd8fb51eef40c641eb640df4643c35dba74a18bc3bf5bc0add52f0b09beeb6cfedda48c10bcf258b70c83de1a375e824ccbaca3637bb8399c3155e3df641b6dbd718fbd08f9cf2565ce98295bd64a9345a630ab10f86073259405d75d46d5eb1fd876186afa59a46ce11e15b7cbc022f190d5cc261a7375780f559ba8a7fc7dfeac9caaf5bd81df2841b0906efa45e48d0ac0804a5d8a546f748295c8ef0bde87ac7a88034e0081d732264c5282f7ceee14d265d66cf01469a8164e58d0163f6ba6e6cbcf4be1ec2f97b11211e063b1af2aea5162ab639ca9c53bd1c3c89cc029235d0ae4ed0c8d352ea5c0fba33e383a7e5bec992b5a0dc4307a4f4c779e3a37a157b576f0b472862c78a21f65c571a63677e415fa1dc96b6fc1517fdca33b60e7599832533e6cd7ff6ad97b4ead439cddc9b9d764c727adcda95e0b498c9444665e7ef9077cd5c21de31a627d7f73693533d7d9cbbd3311619c4788cd13b725bfc73950d2e17ff72a5c3769e9a1da98c008d245b5c3a6de6553e51ca544faae5c0b0186c1236e692a17ec9fff5b568ab93c6f41ab075101ed86f1c579ff6cf6f8d55e97bd7696c7d38a4e93028e013a9b24efcdd4e1b09d83380059d2d5a4b61da4e35f69719409ea74b24faa6aa0445001055cd8cd9c51350308e7d26d42983b103444504d217559103f086d3c03e25510567f263e6c82d467c9e7dcc573a7ee122e47e6059b123d038e3323b41326bcf682c526c01d434d67eeab0dc5ce103c5830bccfef67318d8992a853812008117cff6a13863e29993ce3c863ec65816556a6b94a5009fc355aa3f9f044d9c05c5da484e5eff3f3d99b07c6da192b4c648712dbd63fcbf96240e28b4c1ace2bd74b9af8ac938f55262555f6554690b83d5c199f380e8aa362437e1c7b3791b64aff7e7d4f0acf9fcf1df740ab5d08d80a76355900c06d2f9a06e2c8101d35132793e6570820ac2acdaae79578edade9a0a38fda17794e91ab98ffdc19f5d7458be9cb0dd2dee9a36f761d6a4c18695cd0fb06c2eeb7f5ee01c572033db6ea5d68cb6a91dea4ac95f7eee92e044bb3b05ced23948fb815aea910ba5cdf9bb3888a53f89b380a6f43288b6c5e59631fca0d88b5deb712efa4f46f79cf1ecf74e8fa9dcadc205c993c7d6f4d6b3513aa53551c61dc6690cb5cdf6a3886f6ac16e3ed41ffc21348243a6674971b982a8c8b1801c4a5496876106c8baa7d9c4bbf51c448ad0ce9afab3bcab3c0cf3e877bb5857f7dee27096b7ebfffa0a4a398d36e81f7338e565fbc485cb04eb7a91f8bf814b9f885fa14dcdd72d97064c01ec64e0be240010643e1decbd19fafebc732f4da60e4b9388817c6770514c14753866de282e935adce47b3f590b5a52114a423509d709c21314813bb4c061cb592931289304cb1da4fb9d375039aebf2aabdd322b7631808657c80204681ebac15764ed54caaf876405598d6b97a9d328441d13d7db3520cdc1449b7eadb06c8f9a77fcb12d59e9c536424b7fd574c2c6157b0093ed21b1941d1e25cac67baa748f60f63ab9b981ad3239fc49952054c6a4405060b99d5c7ae6a514de4b7cacfbb513971aad6eb7566abc3784b26b8435a6bfbb9f4f56cfc50d128b56d5c24505e8f8d3274d98174653304bba3c80481092a38c528a07dde604be192f0ba3f0c82dfd855b94ede75ee08a6688aa05a7deb6b2ac51ebe1640d23d442fae6cebbab9f31a306559814cc7ed3dfbdd0b7a07e80bc3ca0c2221442871aa0763bd20dcb2daff22cf1acf96f0c10721a29cb179ce7a9d98be994d82376f53ea57dbbaf937bde577191e6b38a4904a3b07ebfac959ff26f25516c261c4e20131d685949309c9ddbb087b8630f67f73cfd545171f2256886ac1e5c446923165ea2a00950306beb07b73c0b0cfb5d7c9d135da7bf65af952fc97402b502071dcb08ef62190fff2de68fea6d1d036e182ecba43012ddf756eb237798e0e551b9022f20a3577b843668974c125c9859d5e9802c891380ab1d4a9a44140224fb2127ee42acea0a7fd078ab4fab3c6029aa2663a0c5269991df7da1a6e9846ec0e752202f83c963d4d2f73622b97c5ec0e0807e07d9b63367f7889ae53709ab8469d3d9c81af02eb568dbb0d8a78710060ce6a462b563058baefa91b5504d463ce43e0a2075cd0300c867fe8cfaf9164163b257a07b7823c2c98465bc246f3507b075f4fc9234e4fb7e1a9eb9ac490b988e791e77bb6a9372d1a6b3b94acc7791a3abfd5e20ab9b244dfb8b773b0040075b6798505f33fc0e9d177de9bd"}, @TIPC_NLA_NODE_KEY={0x3d, 0x4, {'gcm(aes)\x00', 0x15, "6817ca9deafa78fb67ba5c958862b1c28a5e2c1304"}}, @TIPC_NLA_NODE_ID={0x4c, 0x3, "0a97db7c10c0ad55f307197c615d16289c39d8a4e2696df685c956b8fda679b77fa0b0fbd6fda3e0a1580353c6c1345ef86abc0f97738f4acf313249ab2622053e8972e04cc0dbac"}]}, @TIPC_NLA_MON={0x3c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x4008}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffffffff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x10}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7ff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}]}]}, 0x12b4}, 0x1, 0x0, 0x0, 0x48045}, 0x40) recvmmsg$unix(r4, &(0x7f0000000300)=[{{&(0x7f0000000280)=@abs, 0x6e, &(0x7f0000000100)=[{&(0x7f0000001b80)=""/4096, 0x1000}], 0x1, &(0x7f0000000900)=ANY=[@ANYBLOB="30000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=0xffffffffffffffff, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="14000000000000000100000001000000", @ANYRES32, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=0xffffffffffffffff, @ANYRES32, @ANYBLOB="1c02000000000000010000000200000044db752247f6b6ae0ca023eecbd98d0f47187960eae486bf32f622fcc86bc21464953b947a6bdbc386f7fbe58ba629648366be378286c3295ea4c5379e6f8de40787f578de202ff1e8d82122fb5fdcf0eb249a82a10ed1e800cdf890b65499189be7085b4f4bde1e7504ee1b0a8aefc81f683face61b", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000024000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xf8}}], 0x1, 0x40020082, &(0x7f0000000480)) syz_genetlink_get_family_id$fou(&(0x7f00000000c0), r6) sendmsg$TIPC_NL_NET_SET(r2, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000001c0)={0x14, r3, 0x1, 0x0, 0x0, {0x8}}, 0x14}}, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x24, r9, 0x401, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x4}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_SET_MAC_ACL(r5, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000500)={&(0x7f00000007c0)={0x104, 0x0, 0x2, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0xfff, 0x50}}}}, [@NL80211_ATTR_MAC_ADDRS={0x7c, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa}, {0xa}, {0xa}, {0xa}, {0xa}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x40, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa}]}]}, 0x104}, 0x1, 0x0, 0x0, 0x4c850}, 0x881) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001900)=ANY=[@ANYBLOB="64e348007be7afabb044548e29ac278e65f8a2bc7dd546a1ac468281650bd7882733116717617601d1dc941f8f3915f02272717b25c3f228bd637759c415bfd3074a230ae3c86dc3255eda8cb31caa87d386c0f22426da46f79fd30f853d64a07faa39b2c8d221076b2de106cc6e135025c270e1e0baff614158ff0ac739dcf8ad2c157a282aab6b7f72e9bfcdfe2ed5667a847d36b538171cf5bf676429764a99386aacc30db9f23568", @ANYRES16=r3, @ANYBLOB="0002000000000000000017000000500006804900040067636d2861657300000000000000000000000000000000010000000000000000210000001b436944b4a9219ffe2bb0b1d06b0ab025297e1ae4af88265ae0be4fafc65b0a6a0000006e45ac9c10b4a0381edcc0ceeed0263805b4f18486984264fe985fb3b9d88804bed5c875bc9244fed9e5204f5f77354500e45400f3afda660ea8649d47da68670f00c4dead08093ac23b669f18b5db6fb2f1bcfbf227fb08c38b79291aa2d68407eb2ced03e515dba02576c1ca812d873ed9e1f413d559fd3c0661c5f903f65492fd57bb3cad39106bcc0608c9c95129015a1f28a773bc315e1b9f67af953b34092da3f32ab732984b71c3f14391a82d288ca9e32f3da78b27bd59e88ad95f5acb62df54cc8abc76d463ea3621797e03be66aa534bed0911f416b736f584dcb66eec0f7081b2b079030a701524c49c6bda2b2955aee33c0c5c4ec7fd6c026572dc8f8d0fdc01b510077d7457dcc136609dcbc61d7be8f78447def5dc0cdc676a558a12463df6b3e8adfaf5bdc60fdf4b9678bd5bacfc65df1966a0dae89da15fcc"], 0x64}, 0x1, 0x0, 0x0, 0x40}, 0x4000000) 02:39:30 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000080000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:30 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000008100"/36}}]}]}, 0x64}}, 0x0) 02:39:30 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x2000000, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:39:30 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000168000040001"], 0x24}}, 0x0) [ 3301.658114][T25181] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3301.758992][T25191] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.0'. 02:39:30 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000038100"/36}}]}]}, 0x64}}, 0x0) 02:39:30 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000300"/36}}]}]}, 0x64}}, 0x0) 02:39:30 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000000e0000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:30 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000523db12aa01c0cf8803c00040067636d28616573290000000000000000000000000400000000000000000000001400000087d6e5e5da2cab2612fd053a12391811067d43c8ef1af0cb8ebee13e0800000000000000b0243b542626b41f2ecac890d1fadf0b2e3d4ff7b7b19ec20660dd19815db4470118eb2e34763644"], 0x54}}, 0x0) 02:39:30 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000178000040001"], 0x24}}, 0x0) 02:39:31 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000008100"/36}}]}]}, 0x64}}, 0x0) 02:39:31 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000500"/36}}]}]}, 0x64}}, 0x0) 02:39:31 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8ffffff8d00"/36}}]}]}, 0x64}}, 0x0) 02:39:31 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x578c5ae0620a380e}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)={0x4c, r1, 0x200, 0x70bd2c, 0x25dfdbfc, {}, [@TIPC_NLA_MEDIA={0x38, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x81}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x35f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7ff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3ff}]}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x54, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}]}, 0x54}}, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r2) sendmsg$IEEE802154_SCAN_REQ(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0x3}, @IEEE802154_ATTR_CHANNELS={0x8}, @IEEE802154_ATTR_DURATION={0x5, 0x15, 0x8}, @IEEE802154_ATTR_DURATION={0x5, 0x15, 0x3f}, @IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0x5}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x1b}]}, 0x44}, 0x1, 0x0, 0x0, 0x40010}, 0x0) sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000440)={&(0x7f0000000340)={0x64, 0x0, 0x200, 0x70bd26, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_P2P_OPPPS={0x5}, @NL80211_ATTR_BSS_CTS_PROT={0x5}, @NL80211_ATTR_P2P_OPPPS={0x5}, @NL80211_ATTR_P2P_OPPPS={0x5}, @NL80211_ATTR_P2P_OPPPS={0x5}, @NL80211_ATTR_P2P_OPPPS={0x5}, @NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x5}, @NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x8001}, @NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x8}, @NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0x8}]}, 0x64}}, 0x20000800) 02:39:31 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000000f0000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:31 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000188000040001"], 0x24}}, 0x0) 02:39:31 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x54, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x900}, 0x0) 02:39:31 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000600"/36}}]}]}, 0x64}}, 0x0) 02:39:31 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000198000040001"], 0x24}}, 0x0) 02:39:31 executing program 0: socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) r1 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x54, r0, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}]}, 0x54}}, 0x0) 02:39:31 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000019c00"/36}}]}]}, 0x64}}, 0x0) 02:39:31 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000003f0000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:31 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001a8000040001"], 0x24}}, 0x0) 02:39:31 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8ffffff9e00"/36}}]}]}, 0x64}}, 0x0) 02:39:31 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c600000", @ANYRES16=r1, @ANYBLOB="110700000000000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:31 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000700"/36}}]}]}, 0x64}}, 0x0) 02:39:31 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000047450000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:31 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = accept(0xffffffffffffffff, 0x0, &(0x7f0000000080)) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r1) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x54, r2, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}]}, 0x54}}, 0x0) 02:39:31 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001b8000040001"], 0x24}}, 0x0) 02:39:31 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x19c, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:39:31 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000003ce00"/36}}]}]}, 0x64}}, 0x0) 02:39:31 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000900"/36}}]}]}, 0x64}}, 0x0) 02:39:31 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000600000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:32 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="0100000000000000000017000000400006803c00040067636d28616573290000000000000000000000000000000000000000000000001400000087d6e5dada2cab2612fd053a12391811067d43c8"], 0x54}}, 0x0) 02:39:32 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001c8000040001"], 0x24}}, 0x0) 02:39:32 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x9, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:39:32 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8fffffff000"/36}}]}]}, 0x64}}, 0x0) 02:39:32 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000e00"/36}}]}]}, 0x64}}, 0x0) 02:39:32 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700ffffff9e0000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:32 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001d8000040001"], 0x24}}, 0x0) 02:39:32 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_NET_SET(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000001c0)={0x14, r2, 0x1, 0x0, 0x0, {0x8}}, 0x14}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$netlink(0x10, 0x3, 0x1a) syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r4) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_NET_SET(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000001c0)={0x14, r5, 0x1, 0x0, 0x0, {0x8}}, 0x14}}, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x54, r5, 0x2, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0x40, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x400c044}, 0x4) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xd0, r2, 0x800, 0x70bd2d, 0x25dfdbfb, {}, [@TIPC_NLA_LINK={0xbc, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x73b}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x100}, @TIPC_NLA_PROP_WIN={0x8}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xdc1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffff9}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x448d}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}]}, 0xd0}}, 0x0) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x54, r6, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}]}, 0x54}}, 0x0) 02:39:32 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x45470000, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:32 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000f00"/36}}]}]}, 0x64}}, 0x0) 02:39:32 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8fffffff500"/36}}]}]}, 0x64}}, 0x0) 02:39:32 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000000ec00000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:32 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0xf0ffff, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:32 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001e8000040001"], 0x24}}, 0x0) 02:39:32 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000003f00"/36}}]}]}, 0x64}}, 0x0) 02:39:32 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8fffffffc00"/36}}]}]}, 0x64}}, 0x0) 02:39:32 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={0x54, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x48054}, 0x0) 02:39:32 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700fffffff00000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:32 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001f8000040001"], 0x24}}, 0x0) 02:39:32 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 1) 02:39:33 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000c14100"/36}}]}]}, 0x64}}, 0x0) 02:39:33 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800f0ffff00"/36}}]}]}, 0x64}}, 0x0) 02:39:33 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180), r0) sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="4a0000e13e0e4fb54983f3", @ANYRES16=r1, @ANYBLOB="200027bd7000fbdbdf2501000000000000000c4100000014001462726f6164636173742d6c696e6b0000"], 0x30}, 0x1, 0x0, 0x0, 0x20000005}, 0x4000) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_POOL_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x14, r2, 0x711, 0x0, 0x0, {0x4a}}, 0x14}}, 0x0) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r0, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000540)={&(0x7f0000000400)={0x104, r2, 0x20, 0x70bd26, 0x25dfdbfd, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x7f}, {0x6, 0x16, 0x8000}, {0x5}, {0x6, 0x11, 0x6c}, {0x8, 0xb, 0xc13}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x2bf7a317}, {0x6, 0x16, 0xff}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x1}, {0x8, 0xb, 0x3}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0xff}, {0x6, 0x16, 0x5}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x7}, {0x8, 0xb, 0x5947}}]}, 0x104}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0xcc, r3, 0x1, 0x0, 0x4, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}, @TIPC_NLA_MEDIA={0x48, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x0, 0x1, 'udp\x00'}]}, @TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3f}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7f}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7}, @TIPC_NLA_PUBL_TYPE={0x22, 0x1, 0xffdffcb3}, @TIPC_NLA_PUBL_UPPER={0x0, 0x3, 0x81}]}, @TIPC_NLA_SOCK={0x4}]}, 0xcc}}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000600)='blkio.bfq.sectors\x00', 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)=@RTM_NEWNSID={0x3c, 0x58, 0x200, 0x70bd25, 0x25dfdbfd, {}, [@NETNSA_FD={0x8, 0x3, r4}, @NETNSA_FD={0x8}, @NETNSA_PID={0x8}, @NETNSA_NSID={0x8}, @NETNSA_NSID={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040800}, 0x20000001) sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x5c, 0x0, 0x4, 0x70bd2c, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7fffffff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}]}, @TIPC_NLA_NET={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xfffffffffffffffc}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x80000000}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 02:39:33 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000208000040001"], 0x24}}, 0x0) [ 3304.066687][T25337] FAULT_INJECTION: forcing a failure. [ 3304.066687][T25337] name fail_usercopy, interval 1, probability 0, space 0, times 0 02:39:33 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000080ffff0000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3304.135917][T25337] CPU: 1 PID: 25337 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3304.144727][T25337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3304.154794][T25337] Call Trace: [ 3304.158085][T25337] dump_stack_lvl+0xcd/0x134 [ 3304.162703][T25337] should_fail.cold+0x5/0xa [ 3304.167237][T25337] _copy_from_user+0x2c/0x180 [ 3304.171940][T25337] __copy_msghdr_from_user+0x91/0x4b0 [ 3304.177346][T25337] ? __ia32_sys_shutdown+0x70/0x70 [ 3304.182490][T25337] ? mark_lock+0xef/0x17b0 [ 3304.186924][T25337] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3304.192940][T25337] sendmsg_copy_msghdr+0xa1/0x160 [ 3304.197993][T25337] ? do_recvmmsg+0x6d0/0x6d0 [ 3304.202615][T25337] ? lock_chain_count+0x20/0x20 [ 3304.207493][T25337] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3304.213512][T25337] ___sys_sendmsg+0xc6/0x170 [ 3304.218127][T25337] ? sendmsg_copy_msghdr+0x160/0x160 [ 3304.223441][T25337] ? __fget_files+0x21b/0x3e0 [ 3304.228140][T25337] ? lock_downgrade+0x6e0/0x6e0 [ 3304.233024][T25337] ? __fget_files+0x23d/0x3e0 [ 3304.237726][T25337] ? __fget_light+0xea/0x280 [ 3304.242330][T25337] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3304.248601][T25337] __sys_sendmsg+0xe5/0x1b0 [ 3304.253129][T25337] ? __sys_sendmsg_sock+0x30/0x30 [ 3304.258191][T25337] ? syscall_enter_from_user_mode+0x21/0x70 [ 3304.264116][T25337] do_syscall_64+0x35/0xb0 [ 3304.268551][T25337] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3304.274466][T25337] RIP: 0033:0x7f812fd3ba39 02:39:33 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000f0ffff0000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3304.278902][T25337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3304.298527][T25337] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3304.306953][T25337] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3304.315112][T25337] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3304.323094][T25337] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3304.331077][T25337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3304.339061][T25337] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:33 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c87fffffff00"/36}}]}]}, 0x64}}, 0x0) 02:39:33 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000006000"/36}}]}]}, 0x64}}, 0x0) [ 3304.420219][T25353] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.0'. 02:39:33 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000218000040001"], 0x24}}, 0x0) [ 3304.483291][T25353] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.0'. 02:39:33 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107007fffffff0000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:33 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c88dffffff00"/36}}]}]}, 0x64}}, 0x0) 02:39:33 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 2) 02:39:33 executing program 0: accept4$phonet_pipe(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x80000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r0) sendmsg$BATADV_CMD_GET_ORIGINATORS(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x120c0004}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r2, 0x10, 0x0, 0x25dfdbfe, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x801) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x54, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}]}, 0x54}}, 0x0) 02:39:33 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000041c100"/36}}]}]}, 0x64}}, 0x0) 02:39:33 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000228000040001"], 0x24}}, 0x0) 02:39:33 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c89effffff00"/36}}]}]}, 0x64}}, 0x0) 02:39:33 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107009effffff0000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:33 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r2) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x1d040a3249dac081}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)=@ipmr_getroute={0x1c, 0x1a, 0x300, 0x70bd2d, 0x25dfdbfc, {0x80, 0x20, 0x14, 0x40, 0xff, 0x0, 0xc8, 0x4, 0x900}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000000}, 0x40) getsockname$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x43) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="680000003000010000000000000000000000001354000100500001000b0001006d697272656400002400028020000200000000000000000000000000000000000000000004000000", @ANYRES32=r4, @ANYBLOB="040006000c00070000000000000000"], 0x68}}, 0x0) sendmsg$nl_route(r3, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)=@ipv6_newaddr={0x64, 0x14, 0x1, 0x70bd29, 0x25dfdbfe, {0xa, 0x38, 0x0, 0x0, r4}, [@IFA_ADDRESS={0x14, 0x1, @remote}, @IFA_LOCAL={0x14, 0x2, @mcast1}, @IFA_FLAGS={0x8, 0x8, 0x81}, @IFA_FLAGS={0x8, 0x8, 0x1}, @IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x64}, 0x1, 0x0, 0x0, 0x81}, 0x24008000) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x24, r7, 0x401, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x4}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000700)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000600)={&(0x7f0000000680)={0x48, r7, 0x200, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_CSA_C_OFFSETS_TX={0xc, 0xcd, [0x7, 0x0, 0x4, 0x1000]}, @NL80211_ATTR_FRAME={0x22, 0x33, @action_no_ack={@wo_ht={{0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1}, {0x7}, @device_a, @device_a, @initial, {0x9, 0x3}}, @ext_ch_sw={0x4, 0x4, {{0x0, 0x7f, 0xb, 0x8}, @void}}}}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000080}, 0x801) sendmsg$TIPC_NL_MEDIA_SET(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xd0, 0x0, 0x200, 0x70bd2d, 0x25dfdbfc, {}, [@TIPC_NLA_SOCK={0xbc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xd27}, @TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x800}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7fffffff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x40}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7ff}]}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x80000000}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xb}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xffff2d7d}]}, @TIPC_NLA_SOCK_CON={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xffffffff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xf552}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x101}]}]}]}, 0xd0}}, 0x84) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x54, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}]}, 0x54}}, 0x0) [ 3304.850587][T25378] FAULT_INJECTION: forcing a failure. [ 3304.850587][T25378] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3304.931690][T25378] CPU: 0 PID: 25378 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3304.940497][T25378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3304.950566][T25378] Call Trace: [ 3304.953863][T25378] dump_stack_lvl+0xcd/0x134 [ 3304.958488][T25378] should_fail.cold+0x5/0xa [ 3304.963023][T25378] _copy_from_user+0x2c/0x180 [ 3304.967723][T25378] iovec_from_user+0x242/0x3c0 [ 3304.972523][T25378] __import_iovec+0x65/0x580 [ 3304.977144][T25378] import_iovec+0x10c/0x150 [ 3304.981684][T25378] sendmsg_copy_msghdr+0x12d/0x160 [ 3304.986819][T25378] ? do_recvmmsg+0x6d0/0x6d0 [ 3304.991437][T25378] ? lock_chain_count+0x20/0x20 [ 3304.996308][T25378] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3305.002323][T25378] ___sys_sendmsg+0xc6/0x170 [ 3305.007064][T25378] ? sendmsg_copy_msghdr+0x160/0x160 [ 3305.012387][T25378] ? __fget_files+0x21b/0x3e0 [ 3305.017082][T25378] ? lock_downgrade+0x6e0/0x6e0 [ 3305.021974][T25378] ? __fget_files+0x23d/0x3e0 [ 3305.026684][T25378] ? __fget_light+0xea/0x280 [ 3305.031293][T25378] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3305.037564][T25378] __sys_sendmsg+0xe5/0x1b0 [ 3305.042090][T25378] ? __sys_sendmsg_sock+0x30/0x30 [ 3305.047153][T25378] ? syscall_enter_from_user_mode+0x21/0x70 [ 3305.053076][T25378] do_syscall_64+0x35/0xb0 [ 3305.057509][T25378] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3305.063424][T25378] RIP: 0033:0x7f812fd3ba39 [ 3305.067848][T25378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3305.087472][T25378] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3305.095906][T25378] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3305.103892][T25378] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3305.111875][T25378] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3305.119859][T25378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 02:39:34 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700f0ffffff0000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3305.127843][T25378] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:34 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000f000"/36}}]}]}, 0x64}}, 0x0) 02:39:34 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8f0ffffff00"/36}}]}]}, 0x64}}, 0x0) 02:39:34 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000238000040001"], 0x24}}, 0x0) 02:39:34 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000300"/36}}]}]}, 0x64}}, 0x0) 02:39:34 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 3) 02:39:34 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000d86a931c71000000017000000400006803c00040067636d28616573290400000000000000f70b00000000000000000000000000001400000087d6e5dada2cab2612fd053a1239"], 0x54}}, 0x0) 02:39:34 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8f5ffffff00"/36}}]}]}, 0x64}}, 0x0) 02:39:34 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000000003f00000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:34 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000248000040001"], 0x24}}, 0x0) 02:39:34 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000400300"/36}}]}]}, 0x64}}, 0x0) 02:39:34 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000258000040001"], 0x24}}, 0x0) [ 3305.666515][T25427] FAULT_INJECTION: forcing a failure. [ 3305.666515][T25427] name failslab, interval 1, probability 0, space 0, times 0 02:39:34 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="54c93458a6d8e83e0593e68d49a7f15c0fd855951fb03f707f7c9342bee4b67245c8c0173100fa244a5189cdb8550a555790c4de86df8b1e7aadafc103f0f6a0a39b64acfe7a60f64bb01176c675625d6279810389fbd3e5b20756aaeca88750caa6e97e24c4053a6c263e06c06d0284b384e7a0839015b3546f4e16214832ba73e7605e68a0f3af6c8a251041789035a52ecd565dfc1802", @ANYRES16=r1, @ANYBLOB="0100000000000000000017000000400006803c00040067636d28616573290000000000000000000000000000000000000000000000001400000087d6e5dada2cab2612fd053a12391811067d43c8"], 0x54}}, 0x0) 02:39:34 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000200000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3305.762754][T25427] CPU: 0 PID: 25427 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3305.771568][T25427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3305.781637][T25427] Call Trace: [ 3305.784928][T25427] dump_stack_lvl+0xcd/0x134 [ 3305.789539][T25427] should_fail.cold+0x5/0xa [ 3305.794080][T25427] should_failslab+0x5/0x10 [ 3305.798597][T25427] kmem_cache_alloc_node+0x65/0x3d0 [ 3305.803808][T25427] ? __alloc_skb+0x20b/0x340 [ 3305.808408][T25427] __alloc_skb+0x20b/0x340 [ 3305.812827][T25427] netlink_sendmsg+0x967/0xdb0 [ 3305.817600][T25427] ? netlink_unicast+0x7d0/0x7d0 [ 3305.822545][T25427] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3305.828790][T25427] ? netlink_unicast+0x7d0/0x7d0 [ 3305.833729][T25427] sock_sendmsg+0xcf/0x120 [ 3305.838149][T25427] ____sys_sendmsg+0x6e8/0x810 [ 3305.842919][T25427] ? kernel_sendmsg+0x50/0x50 [ 3305.847593][T25427] ? do_recvmmsg+0x6d0/0x6d0 [ 3305.852185][T25427] ? lock_chain_count+0x20/0x20 [ 3305.857037][T25427] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3305.863022][T25427] ___sys_sendmsg+0xf3/0x170 [ 3305.867615][T25427] ? sendmsg_copy_msghdr+0x160/0x160 [ 3305.872904][T25427] ? __fget_files+0x21b/0x3e0 [ 3305.877584][T25427] ? lock_downgrade+0x6e0/0x6e0 [ 3305.882442][T25427] ? __fget_files+0x23d/0x3e0 [ 3305.887129][T25427] ? __fget_light+0xea/0x280 [ 3305.891717][T25427] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3305.897972][T25427] __sys_sendmsg+0xe5/0x1b0 [ 3305.902481][T25427] ? __sys_sendmsg_sock+0x30/0x30 [ 3305.907516][T25427] ? syscall_enter_from_user_mode+0x21/0x70 [ 3305.913414][T25427] do_syscall_64+0x35/0xb0 [ 3305.917828][T25427] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3305.923722][T25427] RIP: 0033:0x7f812fd3ba39 [ 3305.928136][T25427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3305.947736][T25427] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e 02:39:34 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8fcffffff00"/36}}]}]}, 0x64}}, 0x0) 02:39:35 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000034000"/36}}]}]}, 0x64}}, 0x0) [ 3305.956148][T25427] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3305.964115][T25427] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3305.972089][T25427] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3305.980062][T25427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3305.988030][T25427] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:35 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000017000000400006803c00040067636d2861e2dfec9a53b08aed1bea726573290000000000000000000000000000000000000000000000001400000087d6e5dada2cab2612fd053a12391811067d43c87ddcecb10a95ef1c0d41f1bef592e5cce781cf3f3058b885e12c0b5ebed7545fc21173071a3f5db657eabe8129b884c2879ebbe759da286d655d929f0f614833280fe0305ed478"], 0x54}}, 0x0) 02:39:35 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 4) 02:39:35 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000003000000000000000000"}}]}]}, 0x64}}, 0x0) 02:39:35 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000268000040001"], 0x24}}, 0x0) 02:39:35 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000fffff000"/36}}]}]}, 0x64}}, 0x0) 02:39:35 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000300000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:35 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_MEDIA_SET(r0, 0xfffffffffffffffd, 0x0) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x54, 0x0, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}]}, 0x54}}, 0x0) 02:39:35 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000278000040001"], 0x24}}, 0x0) 02:39:35 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000100"/36}}]}]}, 0x64}}, 0x0) [ 3306.472571][T25466] FAULT_INJECTION: forcing a failure. [ 3306.472571][T25466] name failslab, interval 1, probability 0, space 0, times 0 02:39:35 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8fffffffffffff0000000000000000000"}}]}]}, 0x64}}, 0x0) [ 3306.547517][T25466] CPU: 1 PID: 25466 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3306.556330][T25466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3306.566396][T25466] Call Trace: [ 3306.569688][T25466] dump_stack_lvl+0xcd/0x134 [ 3306.574301][T25466] should_fail.cold+0x5/0xa [ 3306.578832][T25466] should_failslab+0x5/0x10 [ 3306.583354][T25466] __kmalloc_node_track_caller+0x7d/0x340 [ 3306.589096][T25466] ? netlink_sendmsg+0x967/0xdb0 [ 3306.594062][T25466] __alloc_skb+0xde/0x340 [ 3306.598420][T25466] netlink_sendmsg+0x967/0xdb0 [ 3306.603210][T25466] ? netlink_unicast+0x7d0/0x7d0 [ 3306.608175][T25466] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3306.614437][T25466] ? netlink_unicast+0x7d0/0x7d0 [ 3306.619393][T25466] sock_sendmsg+0xcf/0x120 [ 3306.623925][T25466] ____sys_sendmsg+0x6e8/0x810 [ 3306.628736][T25466] ? kernel_sendmsg+0x50/0x50 [ 3306.633433][T25466] ? do_recvmmsg+0x6d0/0x6d0 [ 3306.638051][T25466] ? lock_chain_count+0x20/0x20 02:39:35 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000010000000000000000"}}]}]}, 0x64}}, 0x0) [ 3306.642921][T25466] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3306.648934][T25466] ___sys_sendmsg+0xf3/0x170 [ 3306.653635][T25466] ? sendmsg_copy_msghdr+0x160/0x160 [ 3306.659037][T25466] ? __fget_files+0x21b/0x3e0 [ 3306.663730][T25466] ? lock_downgrade+0x6e0/0x6e0 [ 3306.668615][T25466] ? __fget_files+0x23d/0x3e0 [ 3306.673321][T25466] ? __fget_light+0xea/0x280 [ 3306.677928][T25466] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3306.684198][T25466] __sys_sendmsg+0xe5/0x1b0 [ 3306.688726][T25466] ? __sys_sendmsg_sock+0x30/0x30 [ 3306.693800][T25466] ? syscall_enter_from_user_mode+0x21/0x70 [ 3306.699720][T25466] do_syscall_64+0x35/0xb0 [ 3306.704160][T25466] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3306.710075][T25466] RIP: 0033:0x7f812fd3ba39 [ 3306.714502][T25466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3306.734127][T25466] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e 02:39:35 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000020000000000000000"}}]}]}, 0x64}}, 0x0) 02:39:35 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000400000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3306.742564][T25466] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3306.750552][T25466] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3306.758539][T25466] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3306.766529][T25466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3306.774512][T25466] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:36 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 5) 02:39:36 executing program 0: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) r1 = socket(0x2, 0x13, 0x6) sendmsg$TIPC_NL_BEARER_ENABLE(r1, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x198, r0, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@TIPC_NLA_NODE={0x124, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0xd2, 0x3, "9afcd122812c3bdf9af06d20589f5a518a4cf209c671a1cf1d06a290311180f6131be9260c97bf121303f4a912736192a8ed4902faf8404c97b0b19e860b11959c44e3355c03ede10328f1b4617b988dba5332680376721967e2dd3f61d529587a192b721dd443b3aae6303265fcee5f6345af1513f916b03b15bb2b881c8a03d7506ea8e870b785e8e2d5d22d2b9d61bff67bbe2618cac316f70e9e3910f6f30c035fec7de4d3d8be0f83b706d43cbab485f8f43f800aec58009236085ec17d7a4238293ce6cce1a4aa129ac76b"}, @TIPC_NLA_NODE_KEY={0x3e, 0x4, {'gcm(aes)\x00', 0x16, "6c60370f608b15b2480e9b897576143743d2bdbd2f1a"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1}]}, @TIPC_NLA_NET={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x6}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x5}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}]}, @TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x4}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}]}, @TIPC_NLA_LINK={0x10, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}]}, 0x198}, 0x1, 0x0, 0x0, 0x20048040}, 0x40000) sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100000000000000000017000000400006803c00040067636d2861657329000000000000008c1b612c29ffdf2de2925db2fa00000000000000000000000000000000001400000087d6e5dada2cab2612fd053a12391811067d43c88409755a6e99c48cf5c2232c8129e09f351a40626a6b4f5a5896568931ccb274dfb13e1d0a74147878ab3e4b08a18e"], 0x54}}, 0x0) 02:39:36 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000200"/36}}]}]}, 0x64}}, 0x0) 02:39:36 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000288000040001"], 0x24}}, 0x0) 02:39:36 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000030000000000000000"}}]}]}, 0x64}}, 0x0) 02:39:36 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000700000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:36 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x54, r1, 0x1, 0x70bd2b, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4c890}, 0x0) sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x0, 0x8, 0x70bd21, 0x25dfdbfc, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x805}, 0x10) [ 3307.151743][T25501] FAULT_INJECTION: forcing a failure. [ 3307.151743][T25501] name fail_usercopy, interval 1, probability 0, space 0, times 0 02:39:36 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000298000040001"], 0x24}}, 0x0) 02:39:36 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000040000000000000000"}}]}]}, 0x64}}, 0x0) [ 3307.211860][T25501] CPU: 1 PID: 25501 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3307.220666][T25501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3307.230735][T25501] Call Trace: [ 3307.234023][T25501] dump_stack_lvl+0xcd/0x134 [ 3307.238640][T25501] should_fail.cold+0x5/0xa [ 3307.243172][T25501] _copy_from_iter+0x389/0x1320 [ 3307.248144][T25501] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3307.254408][T25501] ? hash_and_copy_to_iter+0x200/0x200 02:39:36 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000300"/36}}]}]}, 0x64}}, 0x0) [ 3307.259891][T25501] ? memset+0x20/0x40 [ 3307.263891][T25501] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3307.270151][T25501] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3307.276415][T25501] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3307.282673][T25501] ? __phys_addr+0xc4/0x140 [ 3307.287199][T25501] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3307.293467][T25501] ? __phys_addr_symbol+0x2c/0x70 [ 3307.298512][T25501] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3307.304250][T25501] ? __check_object_size+0x16e/0x3f0 [ 3307.309561][T25501] netlink_sendmsg+0x7d5/0xdb0 [ 3307.314352][T25501] ? netlink_unicast+0x7d0/0x7d0 [ 3307.319317][T25501] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3307.325583][T25501] ? netlink_unicast+0x7d0/0x7d0 [ 3307.330540][T25501] sock_sendmsg+0xcf/0x120 [ 3307.334976][T25501] ____sys_sendmsg+0x6e8/0x810 [ 3307.339763][T25501] ? kernel_sendmsg+0x50/0x50 [ 3307.344453][T25501] ? do_recvmmsg+0x6d0/0x6d0 [ 3307.349063][T25501] ? lock_chain_count+0x20/0x20 [ 3307.353931][T25501] ? lockdep_hardirqs_on_prepare+0x400/0x400 02:39:36 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000400"/36}}]}]}, 0x64}}, 0x0) [ 3307.359936][T25501] ___sys_sendmsg+0xf3/0x170 [ 3307.364548][T25501] ? sendmsg_copy_msghdr+0x160/0x160 [ 3307.369858][T25501] ? __fget_files+0x21b/0x3e0 [ 3307.374552][T25501] ? lock_downgrade+0x6e0/0x6e0 [ 3307.379432][T25501] ? __fget_files+0x23d/0x3e0 [ 3307.384134][T25501] ? __fget_light+0xea/0x280 [ 3307.388744][T25501] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3307.395012][T25501] __sys_sendmsg+0xe5/0x1b0 [ 3307.399532][T25501] ? __sys_sendmsg_sock+0x30/0x30 [ 3307.404591][T25501] ? syscall_enter_from_user_mode+0x21/0x70 02:39:36 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000500"/36}}]}]}, 0x64}}, 0x0) [ 3307.410515][T25501] do_syscall_64+0x35/0xb0 [ 3307.414951][T25501] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3307.420953][T25501] RIP: 0033:0x7f812fd3ba39 [ 3307.425383][T25501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3307.445000][T25501] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3307.453427][T25501] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3307.461410][T25501] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3307.469396][T25501] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3307.477475][T25501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3307.485454][T25501] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:36 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 6) 02:39:36 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000800000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:36 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000050000000000000000"}}]}]}, 0x64}}, 0x0) 02:39:36 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000013c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) accept$alg(r0, 0x0, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r0, 0x8982, &(0x7f0000000340)={0x0, 'syz_tun\x00', {0x2}, 0x100}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r1, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x3c, 0x0, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x2}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44010}, 0x40000) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), r1) sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x54, r2, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}]}, 0x54}}, 0x0) sendmsg$TIPC_NL_BEARER_GET(r1, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000680)={0x454, r2, 0x0, 0x70bd2c, 0x25dfdbff, {}, [@TIPC_NLA_NET={0x50, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x9}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7fffffff}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3e6}, @TIPC_NLA_NET_NODEID={0xc}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x9}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8000}]}, @TIPC_NLA_BEARER={0x7c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xe, 0x1, @l2={'eth', 0x3a, 'veth1\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0xd25, @mcast2, 0x1}}, {0x14, 0x2, @in={0x2, 0x4e20, @local}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'ipvlan1\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x9}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'ip6gre0\x00'}}]}, @TIPC_NLA_SOCK={0xe0, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x10000}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1c}, @TIPC_NLA_SOCK_CON={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x1000}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xf96f578}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5dfd}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfffffffa}]}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xd0}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x80000001}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7fff}, @TIPC_NLA_SOCK_CON={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xdd8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7ce}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}]}, @TIPC_NLA_NET={0x20, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x6}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8}]}, @TIPC_NLA_SOCK={0x30, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x46a}]}, @TIPC_NLA_SOCK={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x4}]}, @TIPC_NLA_NODE={0x184, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x43, 0x4, {'gcm(aes)\x00', 0x1b, "576a7fdb8db8b81e1dda0255eebbe0fecc5c8925cbc1b4c16911b3"}}, @TIPC_NLA_NODE_ID={0xf5, 0x3, "6325930dd200a27b3ba8361cbd76afd80d278e5cd9de63eb33eac20f75a3237d37ae19632a782f093d1947ae93dfb2ea129cd7caa0322276cba536915214cf5c5c15bc420dc8cae2f495a8b9bd948327693772a1ee68e86712692fa85d8315d48d8d9befde9048a2c2fe3e8a822bfa675773106ccf1ad6e7045b0b9685a026bce8f0220cbcb0dd15363c4ce018b250b878c4fc505568c1edbe51ccfb5435119d4723115383f0386cbcae183237c7be8a7b068abd298fbc92567497723474b3f1a20891de429b589d110b463fd64da4fea6741e91e2f84b3b72d6065262e11455b6763970e1b4c5c5417b2cf1213f15c726"}, @TIPC_NLA_NODE_KEY={0x40, 0x4, {'gcm(aes)\x00', 0x18, "7d1a17ef692a0027cec6fa0cca3e978f4d1f1dc22b7ff233"}}]}, @TIPC_NLA_LINK={0xa0, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7011}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xd7b0}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1ff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3b6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0xdb8d}]}]}, 0x454}, 0x1, 0x0, 0x0, 0x4000004}, 0x1) sendmsg$NFT_MSG_GETFLOWTABLE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000002c0)={&(0x7f0000000b00)={0x378, 0x17, 0xa, 0x2, 0x0, 0x0, {0x2, 0x0, 0x4}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_HOOK={0xc4, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x10001}, @NFTA_FLOWTABLE_HOOK_DEVS={0x90, 0x3, 0x0, 0x1, [{0x14, 0x1, 'bond0\x00'}, {0x14, 0x1, 'team_slave_1\x00'}, {0x14, 0x1, 'ip6gretap0\x00'}, {0x14, 0x1, 'veth0_virt_wifi\x00'}, {0x14, 0x1, 'veth0_to_batadv\x00'}, {0x14, 0x1, 'ipvlan0\x00'}, {0x14, 0x1, 'wg1\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xfffff147}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x800}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x8}]}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HOOK={0xa4, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x90, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth1_to_bond\x00'}, {0x14, 0x1, 'vlan1\x00'}, {0x14, 0x1, 'veth1\x00'}, {0x14, 0x1, 'veth0\x00'}, {0x14, 0x1, 'veth0_to_batadv\x00'}, {0x14, 0x1, 'veth1_to_batadv\x00'}, {0x14, 0x1, 'veth1_vlan\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x7f}]}, @NFTA_FLOWTABLE_HOOK={0x1b8, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth1_virt_wifi\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0xb8, 0x3, 0x0, 0x1, [{0x14, 0x1, 'team_slave_1\x00'}, {0x14, 0x1, 'rose0\x00'}, {0x14, 0x1, 'wg0\x00'}, {0x14, 0x1, 'ip6erspan0\x00'}, {0x14, 0x1, 'wlan1\x00'}, {0x14, 0x1, 'bond0\x00'}, {0x14, 0x1, 'bond_slave_1\x00'}, {0x14, 0x1, 'veth1_macvtap\x00'}, {0x14, 0x1, 'veth0_virt_wifi\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xffffffff}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'vlan0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0xa4, 0x3, 0x0, 0x1, [{0x14, 0x1, 'ip6erspan0\x00'}, {0x14, 0x1, 'wlan0\x00'}, {0x14, 0x1, 'veth0_vlan\x00'}, {0x14, 0x1, 'macvlan1\x00'}, {0x14, 0x1, 'ip6erspan0\x00'}, {0x14, 0x1, 'ip6_vti0\x00'}, {0x14, 0x1, 'wlan1\x00'}, {0x14, 0x1, 'veth0_to_bridge\x00'}]}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}]}, 0x378}}, 0x20000000) 02:39:36 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000008100040001"], 0x24}}, 0x0) 02:39:36 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000600"/36}}]}]}, 0x64}}, 0x0) 02:39:36 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000018100040001"], 0x24}}, 0x0) 02:39:36 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000700"/36}}]}]}, 0x64}}, 0x0) 02:39:36 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000060000000000000000"}}]}]}, 0x64}}, 0x0) [ 3307.843324][T25539] FAULT_INJECTION: forcing a failure. [ 3307.843324][T25539] name failslab, interval 1, probability 0, space 0, times 0 02:39:36 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000e00000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3307.909201][T25539] CPU: 1 PID: 25539 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3307.918529][T25539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3307.928602][T25539] Call Trace: [ 3307.931896][T25539] dump_stack_lvl+0xcd/0x134 [ 3307.936515][T25539] should_fail.cold+0x5/0xa [ 3307.941043][T25539] ? skb_clone+0x170/0x3c0 [ 3307.945488][T25539] should_failslab+0x5/0x10 [ 3307.950008][T25539] kmem_cache_alloc+0x5e/0x390 [ 3307.954887][T25539] skb_clone+0x170/0x3c0 02:39:37 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000028100040001"], 0x24}}, 0x0) [ 3307.959158][T25539] netlink_deliver_tap+0xa63/0xc30 [ 3307.964307][T25539] netlink_unicast+0x5e5/0x7d0 [ 3307.969098][T25539] ? netlink_attachskb+0x890/0x890 [ 3307.974228][T25539] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3307.980491][T25539] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3307.986760][T25539] ? __phys_addr_symbol+0x2c/0x70 [ 3307.991804][T25539] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3307.997543][T25539] ? __check_object_size+0x16e/0x3f0 [ 3308.002856][T25539] netlink_sendmsg+0x86d/0xdb0 [ 3308.007645][T25539] ? netlink_unicast+0x7d0/0x7d0 [ 3308.012611][T25539] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3308.018898][T25539] ? netlink_unicast+0x7d0/0x7d0 [ 3308.023856][T25539] sock_sendmsg+0xcf/0x120 [ 3308.028301][T25539] ____sys_sendmsg+0x6e8/0x810 [ 3308.033092][T25539] ? kernel_sendmsg+0x50/0x50 [ 3308.037788][T25539] ? do_recvmmsg+0x6d0/0x6d0 [ 3308.042407][T25539] ? lock_chain_count+0x20/0x20 [ 3308.047281][T25539] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3308.053294][T25539] ___sys_sendmsg+0xf3/0x170 [ 3308.057910][T25539] ? sendmsg_copy_msghdr+0x160/0x160 [ 3308.063222][T25539] ? __fget_files+0x21b/0x3e0 [ 3308.067921][T25539] ? lock_downgrade+0x6e0/0x6e0 [ 3308.072809][T25539] ? __fget_files+0x23d/0x3e0 [ 3308.077515][T25539] ? __fget_light+0xea/0x280 [ 3308.082120][T25539] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3308.088393][T25539] __sys_sendmsg+0xe5/0x1b0 [ 3308.092915][T25539] ? __sys_sendmsg_sock+0x30/0x30 [ 3308.097975][T25539] ? syscall_enter_from_user_mode+0x21/0x70 [ 3308.103895][T25539] do_syscall_64+0x35/0xb0 02:39:37 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000070000000000000000"}}]}]}, 0x64}}, 0x0) [ 3308.108328][T25539] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3308.114243][T25539] RIP: 0033:0x7f812fd3ba39 [ 3308.118668][T25539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3308.138309][T25539] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3308.146739][T25539] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3308.154726][T25539] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3308.162703][T25539] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3308.170685][T25539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3308.178674][T25539] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:37 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 7) 02:39:37 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000f00000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:37 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000038100040001"], 0x24}}, 0x0) 02:39:37 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='T\b\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000017000000400006803c00040067636d28616573290000000000000000000000000000000000000000000000001400000087d6e5dada2cab2612fd053a12391811067d43c8"], 0x54}}, 0x0) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), r0) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000680)={0x224, r2, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x40, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x6}]}, @TIPC_NLA_MEDIA={0x14, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_NODE={0x4}, @TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xbf}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x5}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1000}]}, @TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3ff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xfff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}]}, @TIPC_NLA_MEDIA={0xd8, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x98}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1ff}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xa10}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7fffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffff}]}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x23c0}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x32}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xd9e}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xc1e1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1010000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffab7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x20}]}]}, @TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4ab9}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x1}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x80000}]}, @TIPC_NLA_SOCK={0x64, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x3bde}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3c3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}]}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x317}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8001}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x400}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x40}]}]}]}, 0x224}, 0x1, 0x0, 0x0, 0x20040081}, 0x8801) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f0000002300)={&(0x7f00000021c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000022c0)={&(0x7f0000002200)={0x8c, r2, 0x300, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_LINK={0x78, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x8c}}, 0x4000) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r3) 02:39:37 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000800"/36}}]}]}, 0x64}}, 0x0) 02:39:37 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000090000000000000000"}}]}]}, 0x64}}, 0x0) 02:39:37 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000048100040001"], 0x24}}, 0x0) 02:39:37 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700006000000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:37 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000000003d0c0000000000000000"}}]}]}, 0x64}}, 0x0) [ 3308.514142][T25577] FAULT_INJECTION: forcing a failure. [ 3308.514142][T25577] name failslab, interval 1, probability 0, space 0, times 0 [ 3308.585691][T25577] CPU: 1 PID: 25577 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3308.594493][T25577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3308.604565][T25577] Call Trace: [ 3308.607857][T25577] dump_stack_lvl+0xcd/0x134 [ 3308.612475][T25577] should_fail.cold+0x5/0xa [ 3308.617008][T25577] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xd7/0x290 [ 3308.624316][T25577] should_failslab+0x5/0x10 [ 3308.628837][T25577] __kmalloc+0x72/0x320 02:39:37 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000058100040001"], 0x24}}, 0x0) [ 3308.633025][T25577] genl_family_rcv_msg_attrs_parse.constprop.0+0xd7/0x290 [ 3308.640177][T25577] genl_family_rcv_msg_doit+0xda/0x320 [ 3308.645658][T25577] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3308.653050][T25577] ? mutex_lock_io_nested+0x1150/0x1150 [ 3308.658617][T25577] ? __lock_acquire+0x162f/0x54a0 [ 3308.663669][T25577] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3308.669930][T25577] ? __radix_tree_lookup+0x211/0x2a0 [ 3308.675238][T25577] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3308.681497][T25577] ? genl_get_cmd+0x3cf/0x480 02:39:37 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000068100040001"], 0x24}}, 0x0) [ 3308.686198][T25577] genl_rcv_msg+0x328/0x580 [ 3308.690728][T25577] ? genl_get_cmd+0x480/0x480 [ 3308.695422][T25577] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3308.701687][T25577] ? lock_release+0x720/0x720 [ 3308.706378][T25577] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3308.711693][T25577] netlink_rcv_skb+0x153/0x420 [ 3308.716478][T25577] ? genl_get_cmd+0x480/0x480 [ 3308.721176][T25577] ? netlink_ack+0xa60/0xa60 [ 3308.725791][T25577] ? netlink_deliver_tap+0x1b1/0xc30 [ 3308.731103][T25577] genl_rcv+0x24/0x40 02:39:37 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000078100040001"], 0x24}}, 0x0) [ 3308.735106][T25577] netlink_unicast+0x533/0x7d0 [ 3308.739899][T25577] ? netlink_attachskb+0x890/0x890 [ 3308.745021][T25577] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3308.751283][T25577] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3308.757545][T25577] ? __phys_addr_symbol+0x2c/0x70 [ 3308.762592][T25577] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3308.768330][T25577] ? __check_object_size+0x16e/0x3f0 [ 3308.773646][T25577] netlink_sendmsg+0x86d/0xdb0 [ 3308.778431][T25577] ? netlink_unicast+0x7d0/0x7d0 [ 3308.783395][T25577] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3308.789657][T25577] ? netlink_unicast+0x7d0/0x7d0 [ 3308.794612][T25577] sock_sendmsg+0xcf/0x120 [ 3308.799047][T25577] ____sys_sendmsg+0x6e8/0x810 [ 3308.803829][T25577] ? kernel_sendmsg+0x50/0x50 [ 3308.808514][T25577] ? do_recvmmsg+0x6d0/0x6d0 [ 3308.813137][T25577] ? lock_chain_count+0x20/0x20 [ 3308.817998][T25577] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3308.823974][T25577] ___sys_sendmsg+0xf3/0x170 [ 3308.828554][T25577] ? sendmsg_copy_msghdr+0x160/0x160 [ 3308.833843][T25577] ? __fget_files+0x21b/0x3e0 [ 3308.838506][T25577] ? lock_downgrade+0x6e0/0x6e0 [ 3308.843366][T25577] ? __fget_files+0x23d/0x3e0 [ 3308.848045][T25577] ? __fget_light+0xea/0x280 [ 3308.852657][T25577] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3308.858985][T25577] __sys_sendmsg+0xe5/0x1b0 [ 3308.863485][T25577] ? __sys_sendmsg_sock+0x30/0x30 [ 3308.868523][T25577] ? syscall_enter_from_user_mode+0x21/0x70 [ 3308.874454][T25577] do_syscall_64+0x35/0xb0 [ 3308.878862][T25577] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3308.884765][T25577] RIP: 0033:0x7f812fd3ba39 [ 3308.889184][T25577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3308.908782][T25577] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3308.917183][T25577] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3308.925140][T25577] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3308.933100][T25577] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3308.941058][T25577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3308.949024][T25577] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:38 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 8) 02:39:38 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000088100040001"], 0x24}}, 0x0) 02:39:38 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000900"/36}}]}]}, 0x64}}, 0x0) 02:39:38 executing program 0: socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r0) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}]}]}, 0x1c}}, 0x0) 02:39:38 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000f000000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:38 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000000000f0000000000000000"}}]}]}, 0x64}}, 0x0) 02:39:38 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000e00"/36}}]}]}, 0x64}}, 0x0) 02:39:38 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000003000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:38 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000098100040001"], 0x24}}, 0x0) 02:39:38 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x24, r5, 0x401, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x4}]}, 0x24}}, 0x0) r6 = socket(0x10, 0x803, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000240)={r2, 0x2, 0x8001, 0x4}) setsockopt$TIPC_DEST_DROPPABLE(r7, 0x10f, 0x81, &(0x7f00000002c0)=0x10001, 0x4) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r6) getsockname$packet(r6, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x43) sendmsg$nl_route_sched(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="680000003000010000000000000000000000001354000100500001000b0001006d697272656400002400028020000200000000000000000000000000000000000000000004000000", @ANYRES32=r8, @ANYBLOB="040006000c00070000000000000000"], 0x68}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r6) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x50, r1, 0x400, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x0, 0x23}}}}, [@NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0x0, 0x7f}}, @NL80211_ATTR_SCHED_SCAN_MATCH={0x1c, 0x84, 0x0, 0x1, [@NL80211_SCHED_SCAN_MATCH_ATTR_BSSID={0xa, 0x5, @random="9592d88f0135"}, @NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0xa, 0x1, @default_ibss_ssid}]}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}]}, 0x50}}, 0x4002) r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="0100000000000000000017000000400006803c00040067636d2861657329000000000000000000000000001400000087d6e5dada2cab2612fd053a12391811067d43c8"], 0x54}}, 0x0) 02:39:38 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000002150000000000000000"}}]}]}, 0x64}}, 0x0) 02:39:38 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000f00"/36}}]}]}, 0x64}}, 0x0) [ 3309.408887][T25613] FAULT_INJECTION: forcing a failure. [ 3309.408887][T25613] name failslab, interval 1, probability 0, space 0, times 0 [ 3309.471929][T25613] CPU: 1 PID: 25613 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3309.480736][T25613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3309.490804][T25613] Call Trace: [ 3309.494092][T25613] dump_stack_lvl+0xcd/0x134 [ 3309.498719][T25613] should_fail.cold+0x5/0xa [ 3309.503254][T25613] ? tipc_aead_init.constprop.0+0x55/0x8f0 [ 3309.509084][T25613] should_failslab+0x5/0x10 [ 3309.513611][T25613] kmem_cache_alloc_trace+0x55/0x2b0 [ 3309.518926][T25613] tipc_aead_init.constprop.0+0x55/0x8f0 [ 3309.524585][T25613] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3309.530850][T25613] ? __crypto_alg_lookup+0x2ad/0x310 [ 3309.536167][T25613] tipc_crypto_key_init+0x82/0x110 [ 3309.541306][T25613] ? tipc_ehdr_validate+0x240/0x240 [ 3309.546527][T25613] ? crypto_mod_put+0x8c/0x100 [ 3309.551320][T25613] tipc_nl_node_set_key+0xa5d/0xf70 [ 3309.556547][T25613] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3309.562820][T25613] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3309.569083][T25613] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3309.576482][T25613] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3309.583794][T25613] genl_family_rcv_msg_doit+0x228/0x320 [ 3309.589364][T25613] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3309.596755][T25613] ? mutex_lock_io_nested+0x1150/0x1150 [ 3309.602332][T25613] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3309.608590][T25613] ? __radix_tree_lookup+0x211/0x2a0 [ 3309.613894][T25613] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3309.620146][T25613] ? genl_get_cmd+0x3cf/0x480 [ 3309.624845][T25613] genl_rcv_msg+0x328/0x580 [ 3309.629373][T25613] ? genl_get_cmd+0x480/0x480 [ 3309.634069][T25613] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3309.640346][T25613] ? lock_release+0x720/0x720 [ 3309.645033][T25613] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3309.650347][T25613] netlink_rcv_skb+0x153/0x420 [ 3309.655128][T25613] ? genl_get_cmd+0x480/0x480 [ 3309.659805][T25613] ? netlink_ack+0xa60/0xa60 [ 3309.664390][T25613] ? netlink_deliver_tap+0x1b1/0xc30 [ 3309.669678][T25613] genl_rcv+0x24/0x40 [ 3309.673669][T25613] netlink_unicast+0x533/0x7d0 [ 3309.678431][T25613] ? netlink_attachskb+0x890/0x890 [ 3309.683582][T25613] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3309.689819][T25613] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3309.696080][T25613] ? __phys_addr_symbol+0x2c/0x70 [ 3309.701166][T25613] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3309.706920][T25613] ? __check_object_size+0x16e/0x3f0 [ 3309.712356][T25613] netlink_sendmsg+0x86d/0xdb0 [ 3309.717126][T25613] ? netlink_unicast+0x7d0/0x7d0 [ 3309.722093][T25613] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3309.728344][T25613] ? netlink_unicast+0x7d0/0x7d0 [ 3309.733275][T25613] sock_sendmsg+0xcf/0x120 [ 3309.737705][T25613] ____sys_sendmsg+0x6e8/0x810 [ 3309.742484][T25613] ? kernel_sendmsg+0x50/0x50 [ 3309.747152][T25613] ? do_recvmmsg+0x6d0/0x6d0 [ 3309.751781][T25613] ? lock_chain_count+0x20/0x20 [ 3309.756619][T25613] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3309.762607][T25613] ___sys_sendmsg+0xf3/0x170 [ 3309.767211][T25613] ? sendmsg_copy_msghdr+0x160/0x160 [ 3309.772492][T25613] ? __fget_files+0x21b/0x3e0 [ 3309.777162][T25613] ? lock_downgrade+0x6e0/0x6e0 [ 3309.782022][T25613] ? __fget_files+0x23d/0x3e0 [ 3309.786714][T25613] ? __fget_light+0xea/0x280 [ 3309.791294][T25613] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3309.797529][T25613] __sys_sendmsg+0xe5/0x1b0 [ 3309.802026][T25613] ? __sys_sendmsg_sock+0x30/0x30 [ 3309.807064][T25613] ? syscall_enter_from_user_mode+0x21/0x70 [ 3309.812959][T25613] do_syscall_64+0x35/0xb0 [ 3309.817363][T25613] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3309.823245][T25613] RIP: 0033:0x7f812fd3ba39 [ 3309.827646][T25613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3309.847244][T25613] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3309.855664][T25613] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3309.863622][T25613] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3309.871580][T25613] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3309.879628][T25613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3309.887589][T25613] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 [ 3309.920885][T25630] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3309.943932][T25630] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. 02:39:39 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 9) 02:39:39 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000a8100040001"], 0x24}}, 0x0) [ 3309.967989][T25623] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3309.992307][T25623] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. 02:39:39 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000003f00"/36}}]}]}, 0x64}}, 0x0) 02:39:39 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000007000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:39 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000001200000000000000000"}}]}]}, 0x64}}, 0x0) 02:39:39 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x78, 0x0, 0x400, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SCAN_FREQUENCIES={0x1c, 0x2c, 0x0, 0x1, [{0x8, 0x0, 0xad9e}, {0x8, 0x0, 0x7f}, {0x8, 0x0, 0x1}]}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_SCHED_SCAN_MATCH={0x34, 0x84, 0x0, 0x1, [@NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0x24, 0x6, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x8, 0x3, 0x1000}, @NL80211_BAND_60GHZ={0x8}, @NL80211_BAND_60GHZ={0x8, 0x2, 0x10000}, @NL80211_BAND_5GHZ={0x8, 0x1, 0xfffffffd}]}, @NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0xa, 0x1, @default_ap_ssid}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x2400c810}, 0x8080) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000013c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) accept$alg(r3, 0x0, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r0) sendmsg$NL80211_CMD_SET_BEACON(r0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000680)={0xce0, r4, 0x10, 0x70bd26, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x100, 0x55}}}}, [@NL80211_ATTR_FTM_RESPONDER={0x148, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_LCI={0x3d, 0x2, "90c174355cf97a757ed621ff902da7efb32352b03038f5ffbfb573b89f298a25fc653aa0303c49bcbc2b90024816204afdbdb1909568ce3848"}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0xf1, 0x3, "2e339a0dd43e46cd2f1933ef1f5b7fc187c1e0b32da9c60b02c76afce7b2078f5e248c67ff16e75686ddc0b3fbbe8d6ca3c81f7e63894fc9f084c8ad8ce2086441fb58d5a03f6094b481ebfd306e8d3965aeb2f42c8b5fb47740032c088c9648d6a5f60e1f2724b3a5fbdf86384292d68bf24857de97e12d406e36d05372fe71ada21f880f35b12620b821d65d91d3b91f8ab549668618d52b48cdf4d37eda26eacb884c641103ec7e45ff0e2a4d05746b06a4a059dc2c5e83fae8305a3f82965218775a3ff518a35189905bbcc54b525b975d3ebdf9f29b4e38525cea4fd6701d651e32b5ab57e64c722e4df4"}, @NL80211_FTM_RESP_ATTR_LCI={0x4}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}, @NL80211_ATTR_PROBE_RESP={0x2a5, 0x91, "97053843c9f88194194f318b5c308b8d3b4b2073b1ebdb0d70a57df5ee609d2513ef218f64d3ee05a8fd1042d14fd345b7275d77825dbbac48944a392204bfb4c0903eef03b9c9ca55b046298aee4dd72017a61061ef7be36b40c60954619f4df4121285cf2b965e6a0fa5d9a882c156135e59b0368a3ed82128478ec1c05735947aae3cbc43f4946ac2b731d97479a1e8522eb3a78556becb5ca6b31965dd2ac6218c3fafb35f2ffc36a430d01f014dcb510ca6efced9636e9bd24caa9a38fbb2f5a96b32bd09b494bb84509254516ba9fe6775fb23347506c0feb02e03aff61e271164a201c8aa0f9c5e29c1b8248e7fc0fda2b1432ff0fa09b123929c65671f78968c932b599fd2fcb8cdf68c13fc44cc6132bd3e7658b618df5e324be3aee0eb7c5968b0aa90802845a680135d035fb31f5ed920901a95ab4627621b4d91f648bcc545bba6e997d393d12750385ac295cf85bd33d3fcba750cc6eb12b02e8b4ec16c1c63b7e5df53f3cd98b2852bb4f329fadb5509561266ce32454c4ae1d576e8a879270f0685ad0a50f203bcb00b34ba0fd071c5df929b30446a3e232b9615dd8d681fc659ead3e93cfbf00ad338e549b0f354ae3eb6357937075b1149a5a9e9eed4303c1034c10dd1be573d5883c22a5a9253752a8bf14c5809b1df06b410857f4b276c026ada3ed8d719ce3843823915502047c7b93ae9649e2cbfc82fd89d2a00353d1821554834b9e5b4dcc15f6eaf30e4b4e9fa8fc204205124703b02c653ce0b77c9b4a068b6cf4fb102e19696d33fb422d8dd758f5d99f6b7f6e33824d6a741569e8ff8c38c6b6df1995192258af5998b274234dfe6546120cf5ffad8987e3ec8ed4beb0168f676a0eb79abc17257f870278b5c49e12e36d8991bd6838dcdca5ab15423a89f821991020832ee6b0634d3579ad0e62d54b2b77d41"}, @NL80211_ATTR_FTM_RESPONDER={0x234, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_CIVICLOC={0x94, 0x3, "d9c5bb33b81543423c263e7de302319ab0dd3d9e9b3dfee64b6b18dc89b3184e5b0e21b9c9b225a8fe591f7812085e387b50cf91168dd1d232fee79e86e8e0ec422225cd8353c759e2c42c04a1e5375e108d583eb443955acfc2e8c8af5044fd5d6aba849f7a8a1a3c7e8df8d999acb3f4a2f2cef2e066d16bcaa16d3a9948a47fe0545971bdce6fa277c17702817d89"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_LCI={0xb, 0x2, "5f31753c9e5016"}, @NL80211_FTM_RESP_ATTR_LCI={0xdf, 0x2, "d61ad73250a8411c5628d0d41111e81fb8b64e395e23fb01d673675e659cc02d96d7f4967e062b4a33b4da2480d7f5042a230288f14fd003c9f58b39384c3a345dae5ee4f05c9b4a0abbcfaa884bc5f73426ac1e6b2b2ea20d7d8d0c791210cfe1f19c96f7919d9fb0cde4e6a19104a842a234c8e1858d7e75f023c7f1f20f45466ee5e0c57e1c8e546e04aa879b91a7d34687198e0b43cc42d24ec699068c41cf5964657a7c1d868d64f0aeeadc36702c4bcbfbcf0b474c894848887c7ba380b53c76ee06797695721696e91f33042a53bd35eacd6dc1c5604a0b"}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x60, 0x3, "f4e264243af1d7ea06387772dff422c2e8e304eb57c88b28af88b78a5363074b591ccf186c5ea13d7dd586b40f550adc0b58ef54a6f075d53bddad96708098509d6a3834ede500212798d799676214fba14ebe4a1f6ee1198365dc06"}, @NL80211_FTM_RESP_ATTR_LCI={0x49, 0x2, "db6666df2e9dbfad821d717111dc9f04fd74e92027b677ac68fc1b7050edceb2d3619f0b14f66f9e5c6b74eba84d20ba8ae2e3920596266ecf604c5377003a135b533ece6f"}]}, @NL80211_ATTR_BEACON_HEAD={0x371, 0xe, {@with_ht={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1}, {0x80}, @broadcast, @device_b, @initial, {0x7}}, @ver_80211n={0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x1}}, 0x5, @random=0x200, 0x40, @val={0x0, 0x1e, @random="665c17a46d5a00d155a3202764ce1b63fbe521c9ddf31e115a154bd0faa9"}, @void, @val={0x3, 0x1, 0xc}, @void, @void, @val={0x5, 0x3d, {0x3f, 0x75, 0x8, "5993e566463cdf248bfd23cc47fd70059b98ca3606f811a79e4b3e7750a2052f455b44e43afd4c472bb4d255a5b5057650864bbe7ae53b28063b"}}, @void, @void, @void, @void, @void, @void, @void, [{0xdd, 0x91, "c304ab2441986539e5010a1dfcd34b72f6b9f3d0333078df18885178b1be225a26850ae20000edad0103de18b10c3ca7ff8c1193f4f1a79e2c1ac6f5cf451821d82f8224ff5d750eed783a7e0d2d2a411fb50d59f0dc0752e54f5723c5606a2a7f549e65150063a53e71e3aad7f73cc948573f6fede97b951b44dd08c5d06cf2609e26aa476f6a12656f99b4dacb8846e9"}, {0xdd, 0x8a, "0b492fbcc61893a51ae1a038a07271640da82e4f13806d7bc69716e8ef5bedcf8bb740920b58463b5ea10d6f020e24108998b52450548969005c01bb1b57e3af4442ac1ae2f8f38f08285383a326fb952bdbb22d34e12efa7d8bc671743bfddd5dc3092035676a5c419c24ce000158feef47491f4d5106151f955ce0df296b8a53de5812bb02727b2ed9"}, {0xdd, 0xb1, "6aa314f7e9a8254815a4c1c99e8cd42e872515f7f76f8b0a6d77cac1fe2df731e26fa4998a18156e8d671a6dd0802b7c2c6d5093ac093ecbcf40b01c203ef4d8539d3416004907599809e1207469840a33b290d636f5ed7146540ef5e260d2493fac8149a82ff5ca0c6adf7eb2e0baeff61e0e303295f059d4367f71370a78d5261262dd5a84f777583621c9bd4766cbc2bb2ff46420062d3116955f2b7af3ab41c24ae72f249a92dcade95b8606db8b66"}, {0xdd, 0x25, "5375a84261af9fb5d057aa1ce8cebac8691fa57a83e881720cdef887466e43796fa3cd72b3"}, {0xdd, 0xe8, "8316fd2552efcb17b756ee877ca34a80cd9a479b48ffc9048bdf1456544a17bcbde19b572fcc71b9983a9cf6f600bec35a8d44a51420a88a486ff3e3c2fadfead0da94e426e4c6f77f553d8f0399184c4240e430c2f09d6b53fb640415e3b89707d343302751afe9f8e5ef3fd5ed3c84679234adcc23d0648ee0628faa11ba9f42ce8f0a1415b390c3e4f7f1505f061b3289605f5bd3a072f0475c109102392596d4b8e9711a1d6ca5418268945343ac9b79292de27f023ee4ad6947ce7cfc8133e7c7bb6928d12f58095e7810dcee8d9bf4c34bebb1b03463c53fde6fe473bac8796679b1115179"}]}}, @NL80211_ATTR_BEACON_HEAD={0x250, 0xe, {@with_ht={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1}, {}, @device_a, @device_a, @from_mac=@broadcast, {0x9, 0x40}}, @ver_80211n={0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}}, 0x6, @random=0x2, 0x20, @void, @val={0x1, 0x8, [{0xc}, {0x4f}, {0x12}, {0x5, 0x1}, {0x4, 0x1}, {0x9, 0x1}, {0x60, 0x1}, {0x24}]}, @void, @void, @void, @void, @void, @val={0x2a, 0x1, {0x0, 0x1, 0x1}}, @val={0x3c, 0x4, {0x1, 0x7c, 0x0, 0xfb}}, @void, @void, @val={0x71, 0x7, {0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x1, 0x20, 0x20}}, @val={0x76, 0x6, {0x9, 0x3, 0x24, 0x6}}, [{0xdd, 0x4a, "177f731ccc6895e5c1f5a77ad30b2ea07e6cf815c50f6578d9e323ba270ae757b77bdafb81ad66a1bfad1af8e0ee28084944e0a84fb7ac88e653c46bc4c9c99c0021e7c12f8f3fe23a0d"}, {0xdd, 0xb2, "dd0297f2701575a33c5c16c0f96b63290097eb721356ab33c0fc23fbf6218c003edff2ff816763452d5a7d336c6ac025ef09cbcd304377dde9f3783607aba7ae6623e23ee5c9d6f6203d1ea09b7b25e3eb7bb1130a4fdf3f7ac20610218bc2ec1c36cb04d33b045a4ece99d697dfeaa0c068214e8374f9fa536cd978b52de7c590f454039107233a9ee4cee67098eee2f1356bbbefb125a871357969f757f7e96a26fcc5530229c93f7202f8cc916c6fe6d1"}, {0xdd, 0xfe, "71dc0259e37914b0432643b378cda8a1eab1330dc38c129bf89ea0b9c83dc881cf0b5944795f2354d0ca79de58c785617c0d66870679c2393072424235f5c04b306ee4ec0c6be16fb57e1bf432a95a4c96a53a2c817ac14ac1d2f1e573ec1dfb582c53d4a7fdc00b7da8d9cdd6a9a9ea7f06ec8290df273d80222d8be3d952da36d7748613e43e13501f336ea513f6d17e375f90568f2bdb95ecb24f58d6345afbc08ef8bf8effbc5588d90c62af1eee637cf63d91f2311dcc8b12da819fe626d8842e15919d9843c26bf056aae0ccbd8c1abc4b38c39c267fa4cbd2e29d9972f5f3b38c1bafe57d7421dae9f4861b57609cde9a6ca37367ff7c3d650ff2"}]}}, @NL80211_ATTR_IE_PROBE_RESP={0x7f, 0x7f, [@mesh_config={0x71, 0x7, {0x0, 0x1, 0x1, 0x0, 0x1, 0x8}}, @peer_mgmt={0x75, 0x6, {0x0, 0xff, @void, @val=0xe, @void}}, @link_id={0x65, 0x12, {@from_mac=@device_b, @device_a, @broadcast}}, @preq={0x82, 0x30, @not_ext={{0x0, 0x1}, 0x4, 0x3, 0x20, @broadcast, 0x1, "", 0x3ff, 0x4, 0x2, [{{0x1}, @device_a, 0xd8c}, {{0x0, 0x0, 0x1}, @device_b, 0x1}]}}, @supported_rates={0x1, 0x8, [{0x6}, {0x1}, {0x30}, {0x30, 0x1}, {0x6c}, {0x24}, {0x24}, {0x0, 0x1}]}, @mesh_chsw={0x76, 0x6, {0x8, 0x6b, 0x27, 0xd55}}, @ext_channel_switch={0x3c, 0x4, {0x1, 0x1, 0xb4, 0x4}}, @gcr_ga={0xbd, 0x6}, @ibss={0x6, 0x2, 0x7}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x58, 0x80, [@tim={0x5, 0x52, {0x5, 0x83, 0x8, "72c3a9b4ac1ee0eaecbae2ee97dfba1e479e628c0f403cff37a680c7ef673753bd3569a4921eb0d77bbb26041c7891904058db2feb147f9c70d15b24de6808654fa75c4e7328216a62b51870d5b1ae"}}]}]}, 0xce0}, 0x1, 0x0, 0x0, 0x40001}, 0x0) sendfile(r3, r0, 0x0, 0xad) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x54, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}]}, 0x54}}, 0x0) sendmsg$IEEE802154_ASSOCIATE_REQ(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x4, 0x70bd2b, 0x25dfdbfe, {}, [@IEEE802154_ATTR_COORD_PAN_ID={0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x2c04c001}, 0x8040) 02:39:39 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000b8100040001"], 0x24}}, 0x0) [ 3310.149005][T25637] FAULT_INJECTION: forcing a failure. [ 3310.149005][T25637] name failslab, interval 1, probability 0, space 0, times 0 [ 3310.204601][T25637] CPU: 1 PID: 25637 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3310.213413][T25637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3310.223480][T25637] Call Trace: [ 3310.226773][T25637] dump_stack_lvl+0xcd/0x134 [ 3310.231393][T25637] should_fail.cold+0x5/0xa [ 3310.235928][T25637] ? crypto_create_tfm_node+0x7f/0x320 [ 3310.241407][T25637] should_failslab+0x5/0x10 [ 3310.245927][T25637] __kmalloc_node+0x75/0x370 [ 3310.250551][T25637] crypto_create_tfm_node+0x7f/0x320 [ 3310.255868][T25637] crypto_alloc_tfm_node+0x107/0x260 [ 3310.261193][T25637] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3310.266945][T25637] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3310.273220][T25637] tipc_crypto_key_init+0x82/0x110 [ 3310.278353][T25637] ? tipc_ehdr_validate+0x240/0x240 [ 3310.283570][T25637] ? crypto_mod_put+0x8c/0x100 [ 3310.288362][T25637] tipc_nl_node_set_key+0xa5d/0xf70 [ 3310.293677][T25637] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 02:39:39 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000c8100040001"], 0x24}}, 0x0) [ 3310.299955][T25637] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3310.306218][T25637] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3310.313610][T25637] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3310.320926][T25637] genl_family_rcv_msg_doit+0x228/0x320 [ 3310.326509][T25637] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3310.333901][T25637] ? mutex_lock_io_nested+0x1150/0x1150 [ 3310.339476][T25637] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3310.345744][T25637] ? __radix_tree_lookup+0x211/0x2a0 [ 3310.351053][T25637] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3310.357314][T25637] ? genl_get_cmd+0x3cf/0x480 [ 3310.362019][T25637] genl_rcv_msg+0x328/0x580 [ 3310.366553][T25637] ? genl_get_cmd+0x480/0x480 [ 3310.371247][T25637] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3310.377516][T25637] ? lock_release+0x720/0x720 [ 3310.382213][T25637] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3310.387526][T25637] netlink_rcv_skb+0x153/0x420 [ 3310.392308][T25637] ? genl_get_cmd+0x480/0x480 [ 3310.397003][T25637] ? netlink_ack+0xa60/0xa60 02:39:39 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000d8100040001"], 0x24}}, 0x0) [ 3310.401625][T25637] ? netlink_deliver_tap+0x1b1/0xc30 [ 3310.406934][T25637] genl_rcv+0x24/0x40 [ 3310.410927][T25637] netlink_unicast+0x533/0x7d0 [ 3310.415716][T25637] ? netlink_attachskb+0x890/0x890 [ 3310.420847][T25637] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3310.427116][T25637] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3310.433378][T25637] ? __phys_addr_symbol+0x2c/0x70 [ 3310.438421][T25637] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3310.444159][T25637] ? __check_object_size+0x16e/0x3f0 [ 3310.449512][T25637] netlink_sendmsg+0x86d/0xdb0 02:39:39 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000e8100040001"], 0x24}}, 0x0) [ 3310.454306][T25637] ? netlink_unicast+0x7d0/0x7d0 [ 3310.459270][T25637] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3310.465536][T25637] ? netlink_unicast+0x7d0/0x7d0 [ 3310.470493][T25637] sock_sendmsg+0xcf/0x120 [ 3310.474928][T25637] ____sys_sendmsg+0x6e8/0x810 [ 3310.479704][T25637] ? kernel_sendmsg+0x50/0x50 [ 3310.484400][T25637] ? do_recvmmsg+0x6d0/0x6d0 [ 3310.489023][T25637] ? lock_chain_count+0x20/0x20 [ 3310.493896][T25637] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3310.499909][T25637] ___sys_sendmsg+0xf3/0x170 02:39:39 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000f8100040001"], 0x24}}, 0x0) [ 3310.504525][T25637] ? sendmsg_copy_msghdr+0x160/0x160 [ 3310.509839][T25637] ? __fget_files+0x21b/0x3e0 [ 3310.514539][T25637] ? lock_downgrade+0x6e0/0x6e0 [ 3310.519428][T25637] ? __fget_files+0x23d/0x3e0 [ 3310.524133][T25637] ? __fget_light+0xea/0x280 [ 3310.528743][T25637] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3310.535008][T25637] __sys_sendmsg+0xe5/0x1b0 [ 3310.539539][T25637] ? __sys_sendmsg_sock+0x30/0x30 [ 3310.544603][T25637] ? syscall_enter_from_user_mode+0x21/0x70 [ 3310.550528][T25637] do_syscall_64+0x35/0xb0 [ 3310.554959][T25637] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3310.560881][T25637] RIP: 0033:0x7f812fd3ba39 [ 3310.565307][T25637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3310.584932][T25637] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3310.593363][T25637] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 02:39:39 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000108100040001"], 0x24}}, 0x0) [ 3310.601344][T25637] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3310.609324][T25637] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3310.617306][T25637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3310.625287][T25637] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:39 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 10) 02:39:39 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000118100040001"], 0x24}}, 0x0) 02:39:39 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000006000"/36}}]}]}, 0x64}}, 0x0) 02:39:39 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000000003f0000000000000000"}}]}]}, 0x64}}, 0x0) 02:39:39 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000000e000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:39 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000017000000400006803c00040067636d28616573290000000000000000000000000000000000000014d380aa79a0e97b646e00000087d6e5dada2cab0e12fd0500000000001b13163a9edbc994d204395cc3b9cd1e5f0eee3e2a2a3cd4988ee056b00d08ccc444f1d94e2308291afcd4d8169fe59d66"], 0x54}}, 0x0) 02:39:39 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000128100040001"], 0x24}}, 0x0) [ 3310.966988][T25672] FAULT_INJECTION: forcing a failure. [ 3310.966988][T25672] name failslab, interval 1, probability 0, space 0, times 0 [ 3311.003123][T25672] CPU: 1 PID: 25672 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3311.011932][T25672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3311.022057][T25672] Call Trace: [ 3311.025349][T25672] dump_stack_lvl+0xcd/0x134 [ 3311.029973][T25672] should_fail.cold+0x5/0xa [ 3311.034508][T25672] ? crypto_create_tfm_node+0x7f/0x320 [ 3311.039988][T25672] should_failslab+0x5/0x10 [ 3311.044508][T25672] __kmalloc_node+0x75/0x370 [ 3311.049136][T25672] crypto_create_tfm_node+0x7f/0x320 [ 3311.054447][T25672] crypto_spawn_tfm2+0x60/0xb0 [ 3311.059241][T25672] crypto_gcm_init_tfm+0x3d/0x260 02:39:40 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000138100040001"], 0x24}}, 0x0) [ 3311.064350][T25672] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3311.070007][T25672] crypto_aead_init_tfm+0x138/0x1a0 [ 3311.075252][T25672] crypto_create_tfm_node+0x10d/0x320 [ 3311.080666][T25672] crypto_alloc_tfm_node+0x107/0x260 [ 3311.085990][T25672] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3311.091735][T25672] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3311.098013][T25672] tipc_crypto_key_init+0x82/0x110 [ 3311.103150][T25672] ? tipc_ehdr_validate+0x240/0x240 [ 3311.108371][T25672] ? crypto_mod_put+0x8c/0x100 [ 3311.113162][T25672] tipc_nl_node_set_key+0xa5d/0xf70 [ 3311.118393][T25672] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3311.124671][T25672] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3311.130934][T25672] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3311.138331][T25672] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3311.145642][T25672] genl_family_rcv_msg_doit+0x228/0x320 [ 3311.151212][T25672] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3311.158604][T25672] ? mutex_lock_io_nested+0x1150/0x1150 02:39:40 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000148100040001"], 0x24}}, 0x0) [ 3311.164180][T25672] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3311.170442][T25672] ? __radix_tree_lookup+0x211/0x2a0 [ 3311.175742][T25672] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3311.182002][T25672] ? genl_get_cmd+0x3cf/0x480 [ 3311.186707][T25672] genl_rcv_msg+0x328/0x580 [ 3311.191233][T25672] ? genl_get_cmd+0x480/0x480 [ 3311.195929][T25672] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3311.202207][T25672] ? lock_release+0x720/0x720 [ 3311.206900][T25672] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3311.212216][T25672] netlink_rcv_skb+0x153/0x420 02:39:40 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000158100040001"], 0x24}}, 0x0) [ 3311.216997][T25672] ? genl_get_cmd+0x480/0x480 [ 3311.221690][T25672] ? netlink_ack+0xa60/0xa60 [ 3311.226311][T25672] ? netlink_deliver_tap+0x1b1/0xc30 [ 3311.231619][T25672] genl_rcv+0x24/0x40 [ 3311.235614][T25672] netlink_unicast+0x533/0x7d0 [ 3311.240399][T25672] ? netlink_attachskb+0x890/0x890 [ 3311.245520][T25672] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3311.251759][T25672] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3311.258025][T25672] ? __phys_addr_symbol+0x2c/0x70 02:39:40 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000168100040001"], 0x24}}, 0x0) [ 3311.263070][T25672] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3311.268811][T25672] ? __check_object_size+0x16e/0x3f0 [ 3311.274126][T25672] netlink_sendmsg+0x86d/0xdb0 [ 3311.278921][T25672] ? netlink_unicast+0x7d0/0x7d0 [ 3311.283894][T25672] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3311.290166][T25672] ? netlink_unicast+0x7d0/0x7d0 [ 3311.295124][T25672] sock_sendmsg+0xcf/0x120 [ 3311.299561][T25672] ____sys_sendmsg+0x6e8/0x810 [ 3311.304345][T25672] ? kernel_sendmsg+0x50/0x50 [ 3311.309038][T25672] ? do_recvmmsg+0x6d0/0x6d0 [ 3311.313652][T25672] ? lock_chain_count+0x20/0x20 [ 3311.318524][T25672] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3311.324537][T25672] ___sys_sendmsg+0xf3/0x170 [ 3311.329151][T25672] ? sendmsg_copy_msghdr+0x160/0x160 [ 3311.334469][T25672] ? __fget_files+0x21b/0x3e0 [ 3311.339169][T25672] ? lock_downgrade+0x6e0/0x6e0 [ 3311.344056][T25672] ? __fget_files+0x23d/0x3e0 [ 3311.348764][T25672] ? __fget_light+0xea/0x280 [ 3311.353371][T25672] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3311.359641][T25672] __sys_sendmsg+0xe5/0x1b0 02:39:40 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000178100040001"], 0x24}}, 0x0) [ 3311.364167][T25672] ? __sys_sendmsg_sock+0x30/0x30 [ 3311.369234][T25672] ? syscall_enter_from_user_mode+0x21/0x70 [ 3311.375160][T25672] do_syscall_64+0x35/0xb0 [ 3311.379597][T25672] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3311.385520][T25672] RIP: 0033:0x7f812fd3ba39 [ 3311.389949][T25672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3311.409579][T25672] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3311.418014][T25672] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3311.425999][T25672] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3311.433983][T25672] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3311.441966][T25672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3311.449949][T25672] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:40 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 11) 02:39:40 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000188100040001"], 0x24}}, 0x0) 02:39:40 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000ffffff9e00"/36}}]}]}, 0x64}}, 0x0) 02:39:40 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="0100ffe4", @ANYRES16=r1, @ANYBLOB="0100000000000000000017000000400006803c00040067636d28616573290000000000000000000000000000000000000000000000001400000087d6e5dada2cab2612fd053a12391811067d43c8"], 0x54}}, 0x4000804) 02:39:40 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000440000000000000000"}}]}]}, 0x64}}, 0x0) 02:39:40 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000c00e000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:40 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000198100040001"], 0x24}}, 0x0) 02:39:40 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000000f000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:40 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000041c100"/36}}]}]}, 0x64}}, 0x0) 02:39:40 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000003560000000000000000"}}]}]}, 0x64}}, 0x0) [ 3311.872840][T25711] FAULT_INJECTION: forcing a failure. [ 3311.872840][T25711] name failslab, interval 1, probability 0, space 0, times 0 [ 3311.921109][T25711] CPU: 0 PID: 25711 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3311.929943][T25711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3311.940016][T25711] Call Trace: [ 3311.943305][T25711] dump_stack_lvl+0xcd/0x134 [ 3311.947920][T25711] should_fail.cold+0x5/0xa [ 3311.952453][T25711] ? crypto_create_tfm_node+0x7f/0x320 [ 3311.957932][T25711] should_failslab+0x5/0x10 [ 3311.962457][T25711] __kmalloc_node+0x75/0x370 [ 3311.967081][T25711] crypto_create_tfm_node+0x7f/0x320 [ 3311.972399][T25711] crypto_alloc_tfm_node+0x107/0x260 [ 3311.977718][T25711] cryptd_alloc_ahash+0x101/0x200 [ 3311.982766][T25711] ? cryptd_ahash_queued+0x70/0x70 [ 3311.987928][T25711] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3311.993570][T25711] ? trace_kmalloc_node+0x32/0x100 [ 3311.998710][T25711] ? ghash_async_exit_tfm+0x40/0x40 [ 3312.003974][T25711] ghash_async_init_tfm+0x21/0x100 [ 3312.009106][T25711] ? ghash_async_exit_tfm+0x40/0x40 [ 3312.014329][T25711] crypto_create_tfm_node+0x19b/0x320 [ 3312.020255][T25711] crypto_spawn_tfm2+0x60/0xb0 [ 3312.025042][T25711] crypto_gcm_init_tfm+0x3d/0x260 [ 3312.030086][T25711] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3312.035917][T25711] crypto_aead_init_tfm+0x138/0x1a0 [ 3312.041140][T25711] crypto_create_tfm_node+0x10d/0x320 [ 3312.046539][T25711] crypto_alloc_tfm_node+0x107/0x260 [ 3312.051858][T25711] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3312.057603][T25711] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3312.063876][T25711] tipc_crypto_key_init+0x82/0x110 [ 3312.069011][T25711] ? tipc_ehdr_validate+0x240/0x240 [ 3312.074228][T25711] ? crypto_mod_put+0x8c/0x100 [ 3312.079023][T25711] tipc_nl_node_set_key+0xa5d/0xf70 [ 3312.084254][T25711] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3312.090534][T25711] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3312.096798][T25711] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3312.104190][T25711] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3312.111509][T25711] genl_family_rcv_msg_doit+0x228/0x320 02:39:41 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001a8100040001"], 0x24}}, 0x0) 02:39:41 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001b8100040001"], 0x24}}, 0x0) [ 3312.117095][T25711] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3312.124505][T25711] ? mutex_lock_io_nested+0x1150/0x1150 [ 3312.130084][T25711] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3312.136343][T25711] ? __radix_tree_lookup+0x211/0x2a0 [ 3312.141654][T25711] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3312.147913][T25711] ? genl_get_cmd+0x3cf/0x480 [ 3312.152586][T25711] genl_rcv_msg+0x328/0x580 [ 3312.157115][T25711] ? genl_get_cmd+0x480/0x480 [ 3312.161964][T25711] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3312.168206][T25711] ? lock_release+0x720/0x720 [ 3312.172879][T25711] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3312.178159][T25711] netlink_rcv_skb+0x153/0x420 [ 3312.182919][T25711] ? genl_get_cmd+0x480/0x480 [ 3312.187592][T25711] ? netlink_ack+0xa60/0xa60 [ 3312.192207][T25711] ? netlink_deliver_tap+0x1b1/0xc30 [ 3312.197514][T25711] genl_rcv+0x24/0x40 [ 3312.201544][T25711] netlink_unicast+0x533/0x7d0 [ 3312.206311][T25711] ? netlink_attachskb+0x890/0x890 [ 3312.211426][T25711] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3312.217670][T25711] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3312.223927][T25711] ? __phys_addr_symbol+0x2c/0x70 [ 3312.228941][T25711] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3312.234655][T25711] ? __check_object_size+0x16e/0x3f0 [ 3312.239956][T25711] netlink_sendmsg+0x86d/0xdb0 [ 3312.244723][T25711] ? netlink_unicast+0x7d0/0x7d0 [ 3312.249684][T25711] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3312.255956][T25711] ? netlink_unicast+0x7d0/0x7d0 [ 3312.260915][T25711] sock_sendmsg+0xcf/0x120 [ 3312.265353][T25711] ____sys_sendmsg+0x6e8/0x810 [ 3312.270137][T25711] ? kernel_sendmsg+0x50/0x50 [ 3312.274806][T25711] ? do_recvmmsg+0x6d0/0x6d0 [ 3312.279411][T25711] ? lock_chain_count+0x20/0x20 [ 3312.284250][T25711] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3312.290224][T25711] ___sys_sendmsg+0xf3/0x170 [ 3312.294809][T25711] ? sendmsg_copy_msghdr+0x160/0x160 [ 3312.300102][T25711] ? __fget_files+0x21b/0x3e0 [ 3312.304773][T25711] ? lock_downgrade+0x6e0/0x6e0 [ 3312.309645][T25711] ? __fget_files+0x23d/0x3e0 [ 3312.314320][T25711] ? __fget_light+0xea/0x280 [ 3312.318897][T25711] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3312.325148][T25711] __sys_sendmsg+0xe5/0x1b0 [ 3312.329663][T25711] ? __sys_sendmsg_sock+0x30/0x30 [ 3312.334693][T25711] ? syscall_enter_from_user_mode+0x21/0x70 [ 3312.340597][T25711] do_syscall_64+0x35/0xb0 [ 3312.345023][T25711] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3312.350956][T25711] RIP: 0033:0x7f812fd3ba39 [ 3312.355362][T25711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3312.374960][T25711] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3312.383362][T25711] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3312.391328][T25711] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3312.399287][T25711] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3312.407243][T25711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3312.415199][T25711] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:41 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 12) 02:39:41 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001c8100040001"], 0x24}}, 0x0) [ 3312.490782][T25732] FAULT_INJECTION: forcing a failure. [ 3312.490782][T25732] name failslab, interval 1, probability 0, space 0, times 0 02:39:41 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_NET_SET(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000001c0)={0x14, r2, 0x1, 0x0, 0x0, {0x8}}, 0x14}}, 0x0) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x14, r2, 0x1}, 0x14}}, 0x0) 02:39:41 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000fffffff000"/36}}]}]}, 0x64}}, 0x0) 02:39:41 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000000006b0000000000000000"}}]}]}, 0x64}}, 0x0) [ 3312.558731][T25732] CPU: 0 PID: 25732 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3312.567539][T25732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3312.577608][T25732] Call Trace: [ 3312.580900][T25732] dump_stack_lvl+0xcd/0x134 [ 3312.585517][T25732] should_fail.cold+0x5/0xa [ 3312.590056][T25732] ? crypto_create_tfm_node+0x7f/0x320 [ 3312.595536][T25732] should_failslab+0x5/0x10 [ 3312.600062][T25732] __kmalloc_node+0x75/0x370 [ 3312.604684][T25732] crypto_create_tfm_node+0x7f/0x320 [ 3312.609989][T25732] crypto_spawn_tfm2+0x60/0xb0 [ 3312.614769][T25732] ? cryptd_skcipher_init_tfm+0xe0/0xe0 [ 3312.620341][T25732] cryptd_hash_init_tfm+0x3c/0x120 [ 3312.625470][T25732] ? cryptd_skcipher_init_tfm+0xe0/0xe0 [ 3312.631043][T25732] crypto_create_tfm_node+0x19b/0x320 [ 3312.636443][T25732] crypto_alloc_tfm_node+0x107/0x260 [ 3312.641757][T25732] cryptd_alloc_ahash+0x101/0x200 [ 3312.646803][T25732] ? cryptd_ahash_queued+0x70/0x70 [ 3312.651956][T25732] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3312.657519][T25732] ? trace_kmalloc_node+0x32/0x100 [ 3312.662641][T25732] ? ghash_async_exit_tfm+0x40/0x40 [ 3312.667847][T25732] ghash_async_init_tfm+0x21/0x100 [ 3312.672965][T25732] ? ghash_async_exit_tfm+0x40/0x40 [ 3312.678163][T25732] crypto_create_tfm_node+0x19b/0x320 [ 3312.683537][T25732] crypto_spawn_tfm2+0x60/0xb0 [ 3312.688303][T25732] crypto_gcm_init_tfm+0x3d/0x260 [ 3312.693329][T25732] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3312.698962][T25732] crypto_aead_init_tfm+0x138/0x1a0 [ 3312.704162][T25732] crypto_create_tfm_node+0x10d/0x320 [ 3312.709535][T25732] crypto_alloc_tfm_node+0x107/0x260 [ 3312.714824][T25732] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3312.720548][T25732] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3312.726814][T25732] tipc_crypto_key_init+0x82/0x110 [ 3312.731930][T25732] ? tipc_ehdr_validate+0x240/0x240 [ 3312.737124][T25732] ? crypto_mod_put+0x8c/0x100 [ 3312.741902][T25732] tipc_nl_node_set_key+0xa5d/0xf70 [ 3312.747106][T25732] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3312.753370][T25732] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3312.759608][T25732] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3312.766975][T25732] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3312.774262][T25732] genl_family_rcv_msg_doit+0x228/0x320 [ 3312.779807][T25732] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3312.787172][T25732] ? mutex_lock_io_nested+0x1150/0x1150 [ 3312.792726][T25732] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3312.798962][T25732] ? __radix_tree_lookup+0x211/0x2a0 [ 3312.804244][T25732] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3312.810493][T25732] ? genl_get_cmd+0x3cf/0x480 [ 3312.815180][T25732] genl_rcv_msg+0x328/0x580 [ 3312.819696][T25732] ? genl_get_cmd+0x480/0x480 [ 3312.824373][T25732] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3312.830625][T25732] ? lock_release+0x720/0x720 [ 3312.835304][T25732] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3312.840603][T25732] netlink_rcv_skb+0x153/0x420 [ 3312.845368][T25732] ? genl_get_cmd+0x480/0x480 [ 3312.850046][T25732] ? netlink_ack+0xa60/0xa60 [ 3312.854641][T25732] ? netlink_deliver_tap+0x1b1/0xc30 [ 3312.859935][T25732] genl_rcv+0x24/0x40 [ 3312.863913][T25732] netlink_unicast+0x533/0x7d0 [ 3312.868680][T25732] ? netlink_attachskb+0x890/0x890 [ 3312.873785][T25732] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3312.880025][T25732] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3312.886265][T25732] ? __phys_addr_symbol+0x2c/0x70 [ 3312.891303][T25732] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3312.897025][T25732] ? __check_object_size+0x16e/0x3f0 [ 3312.902313][T25732] netlink_sendmsg+0x86d/0xdb0 [ 3312.907086][T25732] ? netlink_unicast+0x7d0/0x7d0 [ 3312.912026][T25732] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3312.918264][T25732] ? netlink_unicast+0x7d0/0x7d0 [ 3312.923247][T25732] sock_sendmsg+0xcf/0x120 [ 3312.927675][T25732] ____sys_sendmsg+0x6e8/0x810 [ 3312.932438][T25732] ? kernel_sendmsg+0x50/0x50 [ 3312.937108][T25732] ? do_recvmmsg+0x6d0/0x6d0 [ 3312.941699][T25732] ? lock_chain_count+0x20/0x20 [ 3312.946548][T25732] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3312.952532][T25732] ___sys_sendmsg+0xf3/0x170 [ 3312.957124][T25732] ? sendmsg_copy_msghdr+0x160/0x160 [ 3312.962412][T25732] ? __fget_files+0x21b/0x3e0 [ 3312.967083][T25732] ? lock_downgrade+0x6e0/0x6e0 [ 3312.971942][T25732] ? __fget_files+0x23d/0x3e0 [ 3312.976621][T25732] ? __fget_light+0xea/0x280 [ 3312.981205][T25732] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3312.987448][T25732] __sys_sendmsg+0xe5/0x1b0 [ 3312.991950][T25732] ? __sys_sendmsg_sock+0x30/0x30 [ 3312.996986][T25732] ? syscall_enter_from_user_mode+0x21/0x70 [ 3313.002883][T25732] do_syscall_64+0x35/0xb0 [ 3313.007304][T25732] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3313.013210][T25732] RIP: 0033:0x7f812fd3ba39 [ 3313.017634][T25732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3313.037235][T25732] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3313.045647][T25732] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3313.053617][T25732] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3313.061586][T25732] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3313.069553][T25732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3313.077531][T25732] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:42 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000003f000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:42 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001d8100040001"], 0x24}}, 0x0) 02:39:42 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000810000000000000000"}}]}]}, 0x64}}, 0x0) 02:39:42 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 13) 02:39:42 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000f0ffff00"/36}}]}]}, 0x64}}, 0x0) 02:39:42 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x20, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xff}]}]}, 0x20}}, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x24, r4, 0x401, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x4}]}, 0x24}}, 0x0) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000240), r0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f0000000440)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000400)={&(0x7f0000000280)={0x7c, r5, 0x4, 0x70bd2a, 0x25dfdbfc, {}, [@TIPC_NLA_NODE={0x18, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1000}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7ff}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}]}, @TIPC_NLA_NET={0x4}, @TIPC_NLA_SOCK={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xff}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x80000001}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_MEDIA={0x4}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4000880}, 0x84) sendmsg$NL80211_CMD_GET_SURVEY(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r4, 0x102, 0x70bd28, 0x25dfdbfb, {{}, {@void, @void}}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20048000}, 0x40048c1) [ 3313.375804][T25755] FAULT_INJECTION: forcing a failure. [ 3313.375804][T25755] name failslab, interval 1, probability 0, space 0, times 0 [ 3313.388874][T25755] CPU: 1 PID: 25755 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3313.397661][T25755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3313.407725][T25755] Call Trace: [ 3313.411015][T25755] dump_stack_lvl+0xcd/0x134 [ 3313.415631][T25755] should_fail.cold+0x5/0xa [ 3313.420165][T25755] ? crypto_create_tfm_node+0x7f/0x320 [ 3313.425641][T25755] should_failslab+0x5/0x10 [ 3313.430161][T25755] __kmalloc_node+0x75/0x370 [ 3313.434801][T25755] crypto_create_tfm_node+0x7f/0x320 [ 3313.440296][T25755] crypto_spawn_tfm2+0x60/0xb0 [ 3313.445084][T25755] crypto_gcm_init_tfm+0x6d/0x260 [ 3313.450126][T25755] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3313.455774][T25755] crypto_aead_init_tfm+0x138/0x1a0 [ 3313.461000][T25755] crypto_create_tfm_node+0x10d/0x320 [ 3313.466397][T25755] crypto_alloc_tfm_node+0x107/0x260 [ 3313.471710][T25755] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3313.477464][T25755] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3313.483746][T25755] tipc_crypto_key_init+0x82/0x110 [ 3313.488973][T25755] ? tipc_ehdr_validate+0x240/0x240 [ 3313.494184][T25755] ? crypto_mod_put+0x8c/0x100 [ 3313.498977][T25755] tipc_nl_node_set_key+0xa5d/0xf70 [ 3313.504210][T25755] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3313.510484][T25755] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3313.516745][T25755] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3313.524148][T25755] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3313.531463][T25755] genl_family_rcv_msg_doit+0x228/0x320 [ 3313.537037][T25755] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3313.544425][T25755] ? mutex_lock_io_nested+0x1150/0x1150 [ 3313.550004][T25755] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3313.556260][T25755] ? __radix_tree_lookup+0x211/0x2a0 [ 3313.561534][T25755] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3313.567767][T25755] ? genl_get_cmd+0x3cf/0x480 [ 3313.572441][T25755] genl_rcv_msg+0x328/0x580 [ 3313.576936][T25755] ? genl_get_cmd+0x480/0x480 [ 3313.581606][T25755] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3313.587851][T25755] ? lock_release+0x720/0x720 [ 3313.592542][T25755] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3313.597825][T25755] netlink_rcv_skb+0x153/0x420 [ 3313.602582][T25755] ? genl_get_cmd+0x480/0x480 [ 3313.607261][T25755] ? netlink_ack+0xa60/0xa60 [ 3313.611850][T25755] ? netlink_deliver_tap+0x1b1/0xc30 [ 3313.617150][T25755] genl_rcv+0x24/0x40 [ 3313.621140][T25755] netlink_unicast+0x533/0x7d0 [ 3313.625894][T25755] ? netlink_attachskb+0x890/0x890 [ 3313.630994][T25755] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3313.637242][T25755] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3313.643468][T25755] ? __phys_addr_symbol+0x2c/0x70 [ 3313.648479][T25755] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3313.654183][T25755] ? __check_object_size+0x16e/0x3f0 [ 3313.659477][T25755] netlink_sendmsg+0x86d/0xdb0 [ 3313.664234][T25755] ? netlink_unicast+0x7d0/0x7d0 [ 3313.669168][T25755] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3313.675405][T25755] ? netlink_unicast+0x7d0/0x7d0 [ 3313.680337][T25755] sock_sendmsg+0xcf/0x120 [ 3313.684774][T25755] ____sys_sendmsg+0x6e8/0x810 [ 3313.689554][T25755] ? kernel_sendmsg+0x50/0x50 [ 3313.694215][T25755] ? do_recvmmsg+0x6d0/0x6d0 [ 3313.698800][T25755] ? lock_chain_count+0x20/0x20 [ 3313.703638][T25755] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3313.709614][T25755] ___sys_sendmsg+0xf3/0x170 [ 3313.714196][T25755] ? sendmsg_copy_msghdr+0x160/0x160 [ 3313.719484][T25755] ? __fget_files+0x21b/0x3e0 [ 3313.724166][T25755] ? lock_downgrade+0x6e0/0x6e0 [ 3313.729011][T25755] ? __fget_files+0x23d/0x3e0 [ 3313.733677][T25755] ? __fget_light+0xea/0x280 [ 3313.738254][T25755] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3313.744486][T25755] __sys_sendmsg+0xe5/0x1b0 [ 3313.748997][T25755] ? __sys_sendmsg_sock+0x30/0x30 [ 3313.754019][T25755] ? syscall_enter_from_user_mode+0x21/0x70 [ 3313.759913][T25755] do_syscall_64+0x35/0xb0 [ 3313.764335][T25755] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3313.770216][T25755] RIP: 0033:0x7f812fd3ba39 [ 3313.774619][T25755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3313.794211][T25755] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3313.802615][T25755] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3313.810589][T25755] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3313.818551][T25755] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 02:39:42 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001e8100040001"], 0x24}}, 0x0) [ 3313.826506][T25755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3313.834460][T25755] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:42 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700004745000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:43 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 14) 02:39:43 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000003810000000000000000"}}]}]}, 0x64}}, 0x0) 02:39:43 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800007fffffff00"/36}}]}]}, 0x64}}, 0x0) 02:39:43 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) recvfrom$inet6(r2, &(0x7f0000000500)=""/4096, 0x1000, 0x20, &(0x7f0000000000)={0xa, 0x4e22, 0x3ff, @mcast2, 0x3}, 0x1c) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000300)={0x6c, 0x0, 0x100, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x2c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}]}, @NL80211_ATTR_MNTR_FLAGS={0x1c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}]}]]}, 0x6c}, 0x1, 0x0, 0x0, 0x20000000}, 0x400c001) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001500)=ANY=[@ANYBLOB="540000005bad670038dc64d9ecfeb0c623c4903c7d5b306b8390f3ceb39aac091e7a49450aab1cd1a7d1b58fdf57000db964d7192527da55781f5c1da8566f7be1c83ee4543221a568e3c284590d611569d6fb9f0603c7dae76895a750184e6d2267189fce9c1719d136d104af6d0234483d2739af4a7ce23623594c913494efb9b6ddfe00d727a52357761c473faaef34860d8c5e8cbb6fad41550a19dc67c6451e0319b4a33a1f135388e2aeed7a23b7e6e55037de1ede3e7f1f605e30fb087316f7a717db2ae7bfff495b5d715dcba8f59b7231cd295e6a37c032fb879545265e5769ad9ee7fc95c4c9f765b8c1806c604012fc66a8ba681c94a859f8ecd6da973f3e698b3c2c09f5f231e2b9044bd48782dd08b997ce452fc6d7c1c917044c262ddd7bebac76090c9ba005", @ANYRES16=r1, @ANYBLOB="0100000000000000000017000000400006803c00040067636d28616573290000000000000000000000000000000000000000000000001400000087d6e5dada2cab2612fd053a12391811067d43c8"], 0x54}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f0000001740)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000001700)={&(0x7f00000016c0)={0x30, 0x0, 0x100, 0xffffffff, 0x25dfdbfc, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}, ["", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x4010) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r2) sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x44, r5, 0x200, 0x70bd2a, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x3fec, 0x51}}}}, [@NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x1}, @NL80211_ATTR_IE={0xa, 0x2a, [@chsw_timing={0x68, 0x4, {0x9, 0x6}}]}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x764}, @NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0xfdaf}]}, 0x44}, 0x1, 0x0, 0x0, 0x22040000}, 0x4004041) sendmsg$TIPC_NL_LINK_GET(r3, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, r1, 0x206, 0x70bd27, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x28, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x9}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x10001}]}, @TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'ipvlan0\x00'}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x4800}, 0x4000081) 02:39:43 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001f8100040001"], 0x24}}, 0x0) 02:39:43 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700004547000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3314.117597][T25779] FAULT_INJECTION: forcing a failure. [ 3314.117597][T25779] name failslab, interval 1, probability 0, space 0, times 0 [ 3314.183637][T25779] CPU: 0 PID: 25779 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3314.192440][T25779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3314.202505][T25779] Call Trace: [ 3314.205794][T25779] dump_stack_lvl+0xcd/0x134 [ 3314.210393][T25779] should_fail.cold+0x5/0xa [ 3314.214903][T25779] ? crypto_create_tfm_node+0x7f/0x320 [ 3314.220360][T25779] should_failslab+0x5/0x10 [ 3314.224871][T25779] __kmalloc_node+0x75/0x370 [ 3314.229465][T25779] crypto_create_tfm_node+0x7f/0x320 [ 3314.234752][T25779] crypto_alloc_tfm_node+0x107/0x260 [ 3314.240041][T25779] cryptd_alloc_skcipher+0x101/0x200 [ 3314.245328][T25779] ? cryptd_hash_exit_tfm+0x40/0x40 [ 3314.250529][T25779] ? __kmalloc_node+0x62/0x370 [ 3314.255304][T25779] ? simd_skcipher_exit+0x40/0x40 [ 3314.260391][T25779] simd_skcipher_init+0x67/0x180 [ 3314.265331][T25779] ? simd_skcipher_exit+0x40/0x40 [ 3314.270369][T25779] crypto_skcipher_init_tfm+0x127/0x180 [ 3314.275918][T25779] crypto_create_tfm_node+0x10d/0x320 [ 3314.281288][T25779] crypto_spawn_tfm2+0x60/0xb0 [ 3314.286052][T25779] crypto_gcm_init_tfm+0x6d/0x260 [ 3314.291071][T25779] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3314.296788][T25779] crypto_aead_init_tfm+0x138/0x1a0 [ 3314.301987][T25779] crypto_create_tfm_node+0x10d/0x320 [ 3314.307362][T25779] crypto_alloc_tfm_node+0x107/0x260 [ 3314.312650][T25779] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3314.318373][T25779] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3314.324620][T25779] tipc_crypto_key_init+0x82/0x110 [ 3314.329739][T25779] ? tipc_ehdr_validate+0x240/0x240 [ 3314.334936][T25779] ? crypto_mod_put+0x8c/0x100 [ 3314.339703][T25779] tipc_nl_node_set_key+0xa5d/0xf70 [ 3314.344909][T25779] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3314.351157][T25779] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3314.357394][T25779] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3314.364760][T25779] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3314.372046][T25779] genl_family_rcv_msg_doit+0x228/0x320 [ 3314.377590][T25779] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3314.384965][T25779] ? mutex_lock_io_nested+0x1150/0x1150 [ 3314.390529][T25779] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3314.396779][T25779] ? __radix_tree_lookup+0x211/0x2a0 [ 3314.402063][T25779] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3314.408301][T25779] ? genl_get_cmd+0x3cf/0x480 [ 3314.412984][T25779] genl_rcv_msg+0x328/0x580 [ 3314.417491][T25779] ? genl_get_cmd+0x480/0x480 [ 3314.422165][T25779] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3314.428412][T25779] ? lock_release+0x720/0x720 [ 3314.433089][T25779] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3314.438377][T25779] netlink_rcv_skb+0x153/0x420 [ 3314.443143][T25779] ? genl_get_cmd+0x480/0x480 [ 3314.447819][T25779] ? netlink_ack+0xa60/0xa60 [ 3314.452413][T25779] ? netlink_deliver_tap+0x1b1/0xc30 [ 3314.457703][T25779] genl_rcv+0x24/0x40 [ 3314.461685][T25779] netlink_unicast+0x533/0x7d0 [ 3314.466454][T25779] ? netlink_attachskb+0x890/0x890 [ 3314.471557][T25779] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3314.477796][T25779] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3314.484035][T25779] ? __phys_addr_symbol+0x2c/0x70 [ 3314.489055][T25779] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3314.494770][T25779] ? __check_object_size+0x16e/0x3f0 [ 3314.500057][T25779] netlink_sendmsg+0x86d/0xdb0 [ 3314.504822][T25779] ? netlink_unicast+0x7d0/0x7d0 [ 3314.509768][T25779] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3314.516006][T25779] ? netlink_unicast+0x7d0/0x7d0 [ 3314.520937][T25779] sock_sendmsg+0xcf/0x120 [ 3314.525353][T25779] ____sys_sendmsg+0x6e8/0x810 [ 3314.530117][T25779] ? kernel_sendmsg+0x50/0x50 [ 3314.534786][T25779] ? do_recvmmsg+0x6d0/0x6d0 [ 3314.539379][T25779] ? lock_chain_count+0x20/0x20 [ 3314.544227][T25779] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3314.550214][T25779] ___sys_sendmsg+0xf3/0x170 [ 3314.554804][T25779] ? sendmsg_copy_msghdr+0x160/0x160 [ 3314.560094][T25779] ? __fget_files+0x21b/0x3e0 [ 3314.564767][T25779] ? lock_downgrade+0x6e0/0x6e0 [ 3314.569627][T25779] ? __fget_files+0x23d/0x3e0 [ 3314.574305][T25779] ? __fget_light+0xea/0x280 [ 3314.578892][T25779] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3314.585136][T25779] __sys_sendmsg+0xe5/0x1b0 [ 3314.589640][T25779] ? __sys_sendmsg_sock+0x30/0x30 [ 3314.594676][T25779] ? syscall_enter_from_user_mode+0x21/0x70 [ 3314.600570][T25779] do_syscall_64+0x35/0xb0 [ 3314.604980][T25779] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3314.610871][T25779] RIP: 0033:0x7f812fd3ba39 [ 3314.615291][T25779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3314.634892][T25779] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3314.643298][T25779] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3314.651262][T25779] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3314.659223][T25779] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3314.667185][T25779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3314.675146][T25779] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:43 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400080}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="cfb00000", @ANYRES16=0x0, @ANYBLOB="00042bbd7000fedbdf25210000000c00990004000000540000000400ec000c002c80080000007c00000008007700020000001c002c8008000000ffffffff0800000001000000080000000800000008009e0006030000"], 0x5c}, 0x1, 0x0, 0x0, 0x20000045}, 0x90) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x54, r2, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}]}, 0x54}}, 0x0) 02:39:43 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800009effffff00"/36}}]}]}, 0x64}}, 0x0) 02:39:43 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000208100040001"], 0x24}}, 0x0) 02:39:44 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 15) 02:39:44 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r0) getsockname$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x43) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="680000003000010000000000000000000000001354000100500001000b0001006d697272656400002400028020000200000000000000000000000000000000000000000004000000", @ANYRES32=r3, @ANYBLOB="040006000c00070000000000000000"], 0x68}}, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r4) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x43) sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="680000003000010000000000000000000000001354000100500001000b0001006d697272656400002400028020000200000000000000000000000000000000000000000004000000", @ANYRES32=r6, @ANYBLOB="040006000c00070000000000000000"], 0x68}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f0000000580)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f0000000440)={0x138, r5, 0x200, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_CQM={0x54, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0xf3400000}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x4a}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x4}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x39}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x7de}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x52b}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x3}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x10}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0xf04}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x3}]}, @NL80211_ATTR_CQM={0x1c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x2}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x5}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0xfffffffc}]}, @NL80211_ATTR_CQM={0x70, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x2, 0x8]}, @NL80211_ATTR_CQM_RSSI_THOLD={0x20, 0x1, [0x0, 0x7fffffff, 0x40, 0x10001, 0x7a, 0x9, 0x9]}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x35}, @NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x20, 0x1, [0x40, 0x7, 0x7, 0x1000, 0xc0a6000, 0x3f, 0x7]}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x1b4}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x9}]}, @NL80211_ATTR_CQM={0x3c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0x28, 0x1, [0x1, 0x6, 0xee2, 0xfffffff9, 0x800, 0x4, 0x6, 0x90, 0x80000000]}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x6}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x10001}]}]}, 0x138}, 0x1, 0x0, 0x0, 0x10000040}, 0x4000000) sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f0000000680)={0x153c, r2, 0x8, 0x70bd25, 0x25dfdbfc, {}, [@ETHTOOL_A_FEATURES_WANTED={0x1c4, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0xf8, 0x3, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, 'a[\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'TIPCv2\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'TIPCv2\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, 'gcm(aes)\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, 'TIPCv2\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x14}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, 'gcm(aes)\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x81}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, ']]:\xb6#$\x00'}]}, {0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1c2}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7740}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '#\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, 'gcm(aes)\x00'}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x33}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_VALUE={0xc7, 0x4, "e084ee621aae8ee4102dd357dac751fe53ab0d41c0aa50a29672f3cf97efced751d920aedbd93be346391fa038439fbd017cf7e2111af8b350f165dd94c05cb1e43cabefeac4f4f4741bdb01a404d43cd33cb2ade77d189b87e44b85704c2c08beb933b860cc72719f65b19d9ce2956f50f14bed29d4ae3cc43b2c15379f5fc8575aef2675c689e73b396dd7a556b88448a0b953ed306e826ce3d050db7062a467548912e00c39633da91e5cfde4fea153ae4917584b11a8a625f3281ecb7c5b588b17"}]}, @ETHTOOL_A_FEATURES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_FEATURES_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_FEATURES_WANTED={0xfc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0xf8, 0x5, "8ce381c2832c722322d21c3de57bedc3394fc04c6b23e1646ee9dfe406bf160039646e88c4f70b16363ab2418015121c1a46e2b7606a2c5994f356cdcc494a28a28ed110da406276bbfccec76200d4b777e07219370b2a6b29f0773b9cac99ae26cbaf870b61cc72a03ca773b5671d2a79339e6d6a1538567b51ecf86a20ddadd86acb477143246f311778c0a358db1027aca19695e672e5d2451c4d73b030235d5dc50cb7410ba58d729d80ca2eb409e8e369060af36bb8c1a2c297af48803618a8339a5050777942630fd6a7423a5a31754715cefbe29a8f3527232ad1857c4682f922c60c92ab6a3549df7932151372da74d5"}]}, @ETHTOOL_A_FEATURES_WANTED={0x11dc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0xd3, 0x4, "2fbb364d3921d7c8ea7de622c42acd3d8d73de9a33ecdc6a47b22a36049ea59d6cfa835a03a7e782c0b16103b7bd329e2c3ad2f7f71b6214893dc4676c387bf5d5fd9f3444d20ff8116ac1c6aea7939b487b4d9c13d08491050d2ef09e5f51cfab08510121f511470eb163101774df4b56afa2c39298265a7fc392a1840875c4cf0eb5df8d572f092ccb972ced9c6ef41a81151c782fee5bbff71662fd31f085e3cee1df59f76259e48437f6b9ea5546a0744ea8b2358cef4869c89fb2b86a8d7c6142d2907bd07d52f3fa0f9a3d05"}, @ETHTOOL_A_BITSET_MASK={0x1004, 0x5, "8881bffae6253460b217a5dec285fe59f5db3546d8385384200fcf27d0f4cc107b121e3a528f2972fe44af706cfef29852569a85b8acfabc681996be3aef4a09fb2cb96b6cdd1149daf50da8973978325752ad873a20fa7c519120e51a02890c781954d723e80678a828364fbdc54e0b380f4cc0f147663a3aa47d3456b918e96ba4c51985643c4ebe8d88272bfd101f3f42a8b4d7296bd5194c1508fbc99d6d45d775b5f7904716d68be085ba1e2b8889a43d90b975d321991a92de15f16d40f884889e202264f936e69696a95325f7b9916416bbc6ddc4fe05a7fcc440fb176522cd83d5fc72926683046c6c23d5b41301fe9084103c551ad69406b000b03ca5b327f9a3dff279ba1ab3d96e4900d3caacf1f0125ee6d7b88d27cd8b631c944068c0078bf486c73451322c849600835187b7abadef10f3a0b24e9753d604fc8cbd0e5b287b43aa04e84fae676e8a9b5a73a6fbce7bb4b98c14503f1ede4e472e3aed3dbd6243244dd70d6668132550180bc5be0d6dc87fabbd3ba82a329af3701306e7d913203c0d09d3386ba3f33ac0338e43ffa828671cfb1afc06c531fcfca9895bdf0e2e097bb6b9108c55cd4455c7982617fa48054975b71b58b21546eb9e2e7b5520e20b9d8ff0907e49363f4ff196f35fe7d00c8cd12e12e44566f57c4b967144ac643c16cdb1b04dc561f128ac307fe6e614e772b2dab30e2fb56eda6d81c222269444cbdea5a3bc908e076bafe0f290d0cd8ee7af3435ee8bc22fc2266ce906745c17c73e71f6ae6abd13f79a4d453f81ae711d7af1a67b2d48360f41cf20744da2c95d2d2fb0da26667fcc090f0256371580af05ecce67c9f5121c196e8d2102db67d031f312c41c3844226380c57610e663341cffde5a3524a1623646174e36e0c6c45a2da7a61ccbed490a99be94d4d08855a4c70e28b5adee677a9ffa2111f1025d2aa4b2367ff7884fa931c47bd98a7f9a9b9cd4131561465ea99fbc0e1d72f02d7fc475e0a7bd4e56385f20c2bc5b1caf1ac346499733a1e4150a1c579c368e9915f95a0ff465a63824ff6e9bb0817e892cd6ac79eb33a6c89d6228102dfdeb72533795d23ab83f1218fe3a37f5472e5e5dbdbb9429d0868cf44e0114f5c904757e45dd8813827bc0263c28afe3395a1c6e3a3536aa812336c41d2341b21414f521e75dca51e15c380ed15331b0a2bc9ff234dfb08b630c33f302b3e249b1d09b63de5b18679dbfbf0d0980eb07da94f5f8ff7e75e1b178ade36b0bbafcd81bb4664983745bb975281ae2f4075f2a807812f2817eaa1857aa5866c13ad77ed570a5522e7cb25007610d756e76d6ca7e17ad69c29185c626c23de6ee26befed756a80204e738657a512368ac29d69d1dae6828efa77b9a2d625c1f3934e2f8692583532fea3dd1f3d572580ac47f045289b411002041f1614fc17fde7cc9b9fc35423c6202462f886e61c37923583247602a6e9047e780a3dd4193535b1900e4bd4eed3b05ca68207722e7aee8e50156d6a4912923ee09fec6579881d414205028ce1e88fb989ba9cf66440309559987c6cfd5f68d80bfbccab9d0f379c6f46d9a4495f0703e93cfbc14e59384afd8987fcf98cde7da965fe52bf710f4471ea1d266efade833f4a812fb28aa8d686ef596a60cc5b1bd92c9b6f73b5641a92888aea8c2cda7e42ae461ba5abdf950582edb5c73b9f871c46d21cf9a9670523d9bb00abf2edfc9c9e98942025cff0d2232f455875d390cdac8b0983ab6e3099c6178dc10ce0b7368e438fc1bb30d056a4d0ded917be4972c396e746d791bb682617d2e67478018c9400a8185fbb806495498d1164f77648d8e320e1dd29696495fc725a04f370536d7db3d61550fb736b0ff819537d3386c4c35813f3f4a1e749b6cd0fea11e88944123c6c634315592a97cfe7a98732e3f6447328f543107400cdbfe64a73046bfd2d4c9f308e9c1f453cb5800291a41c51fc30a15fa894eb44d17c5ad21e06a5657862253a6f42ea23b100d9c25586a572a6c301e695ca17d63177d04d7169219cad7874b6c06e366c77ae38873580af15dd7646e3d06aa20f492bab88b209531847b2b4f869e4be63394af88350f904277ccf44ebd59d829d7983ed9fbb8f28103e2928c42160d8a15746a5d8f7923ca123c9fbd558b8cdadaf3601b0e2d359f8d46e4e2e34fe634990fe6f0f8cc463e8b7ef070acbab6dea0fd9ad5fe88dddedeb19abb47a934b3f7c8ef1447cad2329833fb76963808205b3453b07f74a52c41bf8e8b03be4e71fe507dd11ee20fe9e403a3a542feeb52c7ecb9607ddfa3b7aec50babb2ad644ea136498eab8fb1e99d14671c4f22e9a6b2a2b99405f482613c42abb8fddf8ba58bf1a8eed10fea691daf1fa427bb147eca092e9698bef3132791b13328bff6294432ec749257d64ee483a87bc432fb51010c0fd4f8b2ebdaad72bdf7f2edde43a0c42a879f66b7f517b0723b44cebdecb99a835d706904385572f59edb26c7cdbf7da5048bb84abb37fa1de9cdec3e9539bd36380573a4072ccd975db7a5e4bbb637661a1480f2a2c15de17b53358d81e5a3ce15cfc19630c7ce814d70badce8d2f684f80f0a63a58f76ec519e5146952cd4d9be1fbb32b66b944fae849ba2562e48c6ce9517a0de9ab52c08a7ba41b0ee2cb7c55136ab50f465889f5d494740ea980209d8e16c31e9bce2dd4248f7c316c6d699c6b0c588c5db75bd2c06589aa53337f0673d60cf97bd81ea031c5326115bef490c59a42b8ce47554d67d4dbefbc884c709c7fd575b5920056530000204429694a4d816a923ad77b16485274e1d590d39ee39770a9eb787b78141a12c5b65714b680abc0e7c3a04192f7271f8fcc736a9b5dbc02fa585915efb7da32be53d827c1a1dd21593bf458aefb152060f1c45aa90106402df903bd46362c6d84d70f0f23ba9b2771decad68199e1cc016942b042460030efdbc1c3ea748e3b48111cf80b0018b668822032e67acdb5b0997316838428645f20b52a43a11767d498f64d4fccbb72e257e9810588defdabfd51daf92987437cee5d635591427e83e856e0192b5c04be38477298676fcee8c05da1e6398e35ebcc1510bf63427b4cff8e4b7650c69a28f264985a9518e51778f2c0e2b1c43882e3089b752c2d015abb42902a6ad7eab1c6604d3b3c97fa1384ed1422355c2b4bd8bcac6d34e2bd9f0d6ed122d719bb34d497085970ce62c1d0354425b5273dabd9cde2bd444f13b022b5dcf67a8efe7c056b9ba1ef1a6e75dd1b114d3f16cb6983c3b0abdea0353131ff03e5c7bea12749c882dc142a5669c78f88f58f29fc9279027f237d68ad65b99f19c6d29985881f25bf8646e16a23126155b38fbbdc361a50bd01ba541151940cf37dcdc4ab21289680a4a1ecc2cb5b0a97855ef6e788c06f9eb46e50fd47e8eebec7128c83c064f3246ef36fcfadec37d7d0bf55b50c2d0d5167acd0c28c265c4f9d9964e4ff30b70d6a7998a56fd95c77ace06ea0458bc2ef03feb027d7e2e547d44d76c37eeb7cfe7009a02baaeaebd01e413df6868ff43471baa8d95670fe798f3e8de888f3349f6cd2ce9d10d27c7544f8e403371ce3473a1eb33f7880d4d619c007e00be32f0b4a92102ec0487f2679665004a40e15c1eea1ef3aa2af46555ecea9b8f6410ed9f8fe43920ad2058de77d38688c9fb53096e636e00cc0ec4619a15001c032ba95665a8cf879d9243a7782e583ede12515675089afbdfb4a330780b105083a630fb826dac51325fea5f4740de2a434d5ecc6c10f7199da5a2e42207668c643a6f128a63a62569aa93104d7537c5f8228dd98ed3ea7d0bae432e7f975ce372c5ff3cc2562915bff4cefc3c5fdb415a46b0aae71d16d3e5616ac34586350f82f0cd867d2fc6c2539bdee615b90e3a1cc4ed28fb288241401caf50b7a55ec3ede028cabe1799199b422d4a31d7479b49e13f3f2bf4e0b8caf1de2c61b930d059ba53dec5303daa86b41b797ddf88ac3047ea43777937aea02d8a991415111cb045b40fe769c02cf9fc3789abae9e581a2ed6c1eebbbe29f69a32854f1387d4d23a80eb1655908b0420511fb30defbeb9e2577d9b56e3d2b2fb61aa4f6715199597cc6f481bf0f8cd91c87622e5c2a98cbeb0ede685c1c070229d47db315352c6cc7b200e127694929535fad6c2d18d1c8c2ca6e9143a01bf5b470139e6ceb8b7531bf248a4751ca421097c2a3c5bbd897e961ae2046c42558e2baad98712edcbc350fac9b449cc838edac0b2b3fec1167cdc136c8d0444513e884f0fdef5148a4e0add5ef7226004be9abb4513f52093c2f6a397ca3f5c7f5f3c07e17f263ba6b9b7e6d8b54bdd4d916cad334bbd888c87aa93cac7adbbd9da316050ea167764ff2eebdd7934e55c5e2f6eadf47e791bf48dd0b975fe273be0942a728a362e8b6325a4edd78dcb51bdef82139046f8a207ad22d6494c18995182ed1f310eaef0a997019f9e42e859a562f70f4fb156fbf1b5b78e3cc61bec33e6b461bd7426b97a5e40d21fa56ee0c801151a62ba1d4e1ad6ea837c1343a256f6cf10d7dfd5b9c5e2924eb89cd7930202bf2f9224accb08aa90fae29f55d0475182873b8ddf63b97a18888f569ea240ee73ebb7b1563b298fbd0ac0cee6712673fcc8193f63fc868e667712b36deee44fd5c546a3ee37172899b048752e0f47ec1953a2f668e693ffb9fac0dfff504d5c7867bcc1818156649f03ef89303eb855b134685b4079590e28c390890156b7c147195f24323c51282a135fba75010baee7130cb76b5944be4be7538f9969692bc501b925800fcba35098cd8f58bd2fea503c4361a0b2f6e6725313f3d3ccb4caffcca8de3ef6dbec0e7ad64ce316e43f770d206c619bb0019d204e68bf1724bc926300158f55903b4cfc90499c08134e5129a2368c57cf05ec3f13081864f375aadd009698b710437ee8328a4fd3f4ad512644abb9439878f3acebda6ce698be73674ae51a9e14a7609e494fc6c13f87caa43e0a7822b7499dd08154607ca7214abf99a65cef292c787bb11472c835e588bb93fe5b42520a713d26651a4f18c41756af5f80e67cade2be6603358e7cf735007aaa8c44d2512d544dbb0dbf19780865322a71bc556d7ab5c7d4da3fde07d0250f73ae81472e872135c0bf339cc7f4fb082d4b2d50e8561527af0ff9a5710c4528f4cc39c7b17b06e3aaddea29dd1d9cf9ccee285d8ab03a00ceccaefe151be9e21f423e25c6c987afbba8424652ed6b8b9a88552880bb121f75a4a0ac4e2e1d9a2ea1f37a3428238a5b9a59f89661e26f9ad99404f2dc358c2ba169e6e195dbebae86414e11e31c2b1be4f535ecbda1d79ba6abf84f062f7206c79fcd4d1f30dc709e94fc557a8044b7308fc255a22d5f5b5992f8a1cd1ae3c4f7b6737631229e6e5f22d2bb7b301789a775caf4141ae03fc964ede30554dc7b3561a09a4b52e48ec33a609535711404a5767defe2edb2d0e6b5d38f5bee23342d3432164021a59626f74bbbe48d6835c3bf8eb4cc16c9feabc6a9e0ded09763d00620b61b96f27113de2d0ae217f526005c551ed8c806a976239e67b56b8f14e9953fdb1185f73a454836864d40c30125846f462e7a0e155c93674fd9294224bdb4f02e66f922f6f4cc1473670ea2b8df0ecb7250e7421a3e6c96cacdf5b2e219ca4448d2a543104dd07a7645ef295ff85634e6ad3dba29a4622e5c8cba680f31c835acf9dd0e383656ac966f5498321deb5b60b11f466bc52f"}, @ETHTOOL_A_BITSET_BITS={0x78, 0x3, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xffffffc0}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '-,,*%$\x00'}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '&$}+\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xe47}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9d1}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_BITS={0x88, 0x3, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, 'gcm(aes)\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '\\\x00'}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffffd}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7c7}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, 'gcm(aes)\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x401}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, 'gcm(aes)\x00'}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7c1}]}]}]}, @ETHTOOL_A_FEATURES_HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x153c}, 0x1, 0x0, 0x0, 0x2000800c}, 0x0) r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x54, r8, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}]}, 0x54}}, 0x0) 02:39:44 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000f0ffffff00"/36}}]}]}, 0x64}}, 0x0) 02:39:44 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000ffffff8d0000000000000000"}}]}]}, 0x64}}, 0x0) 02:39:44 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000218100040001"], 0x24}}, 0x0) 02:39:44 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000060000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:44 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000000019c0000000000000000"}}]}]}, 0x64}}, 0x0) [ 3315.098436][T25804] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3315.142417][T25804] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. 02:39:44 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000228100040001"], 0x24}}, 0x0) [ 3315.209859][T25810] FAULT_INJECTION: forcing a failure. [ 3315.209859][T25810] name failslab, interval 1, probability 0, space 0, times 0 [ 3315.229530][T25810] CPU: 1 PID: 25810 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3315.238338][T25810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3315.248412][T25810] Call Trace: [ 3315.251709][T25810] dump_stack_lvl+0xcd/0x134 [ 3315.256331][T25810] should_fail.cold+0x5/0xa [ 3315.260871][T25810] ? crypto_create_tfm_node+0x7f/0x320 [ 3315.266355][T25810] should_failslab+0x5/0x10 [ 3315.270883][T25810] __kmalloc_node+0x75/0x370 [ 3315.275516][T25810] crypto_create_tfm_node+0x7f/0x320 [ 3315.280829][T25810] crypto_spawn_tfm2+0x60/0xb0 [ 3315.285614][T25810] ? cryptd_skcipher_setkey+0xd0/0xd0 [ 3315.291008][T25810] cryptd_skcipher_init_tfm+0x3a/0xe0 [ 3315.296404][T25810] crypto_skcipher_init_tfm+0x127/0x180 [ 3315.301977][T25810] crypto_create_tfm_node+0x10d/0x320 [ 3315.307375][T25810] crypto_alloc_tfm_node+0x107/0x260 [ 3315.312735][T25810] cryptd_alloc_skcipher+0x101/0x200 [ 3315.318051][T25810] ? cryptd_hash_exit_tfm+0x40/0x40 [ 3315.323280][T25810] ? __kmalloc_node+0x62/0x370 [ 3315.328085][T25810] ? simd_skcipher_exit+0x40/0x40 [ 3315.333132][T25810] simd_skcipher_init+0x67/0x180 [ 3315.338093][T25810] ? simd_skcipher_exit+0x40/0x40 [ 3315.343135][T25810] crypto_skcipher_init_tfm+0x127/0x180 [ 3315.348709][T25810] crypto_create_tfm_node+0x10d/0x320 [ 3315.354101][T25810] crypto_spawn_tfm2+0x60/0xb0 02:39:44 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000238100040001"], 0x24}}, 0x0) [ 3315.358876][T25810] crypto_gcm_init_tfm+0x6d/0x260 [ 3315.363892][T25810] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3315.369513][T25810] crypto_aead_init_tfm+0x138/0x1a0 [ 3315.374710][T25810] crypto_create_tfm_node+0x10d/0x320 [ 3315.380104][T25810] crypto_alloc_tfm_node+0x107/0x260 [ 3315.385419][T25810] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3315.391193][T25810] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3315.397469][T25810] tipc_crypto_key_init+0x82/0x110 [ 3315.402603][T25810] ? tipc_ehdr_validate+0x240/0x240 02:39:44 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000248100040001"], 0x24}}, 0x0) [ 3315.407821][T25810] ? crypto_mod_put+0x8c/0x100 [ 3315.412615][T25810] tipc_nl_node_set_key+0xa5d/0xf70 [ 3315.417839][T25810] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3315.424113][T25810] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3315.430377][T25810] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3315.437767][T25810] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3315.445046][T25810] genl_family_rcv_msg_doit+0x228/0x320 [ 3315.450582][T25810] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3315.457942][T25810] ? mutex_lock_io_nested+0x1150/0x1150 [ 3315.463523][T25810] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3315.469775][T25810] ? __radix_tree_lookup+0x211/0x2a0 [ 3315.475075][T25810] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3315.481315][T25810] ? genl_get_cmd+0x3cf/0x480 [ 3315.486004][T25810] genl_rcv_msg+0x328/0x580 [ 3315.490501][T25810] ? genl_get_cmd+0x480/0x480 [ 3315.495223][T25810] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3315.501463][T25810] ? lock_release+0x720/0x720 [ 3315.506128][T25810] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3315.511415][T25810] netlink_rcv_skb+0x153/0x420 [ 3315.516196][T25810] ? genl_get_cmd+0x480/0x480 [ 3315.520869][T25810] ? netlink_ack+0xa60/0xa60 [ 3315.525453][T25810] ? netlink_deliver_tap+0x1b1/0xc30 [ 3315.530732][T25810] genl_rcv+0x24/0x40 [ 3315.534701][T25810] netlink_unicast+0x533/0x7d0 [ 3315.539651][T25810] ? netlink_attachskb+0x890/0x890 [ 3315.544761][T25810] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3315.551026][T25810] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3315.557263][T25810] ? __phys_addr_symbol+0x2c/0x70 [ 3315.562296][T25810] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3315.568001][T25810] ? __check_object_size+0x16e/0x3f0 [ 3315.573282][T25810] netlink_sendmsg+0x86d/0xdb0 [ 3315.578061][T25810] ? netlink_unicast+0x7d0/0x7d0 [ 3315.582999][T25810] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3315.589261][T25810] ? netlink_unicast+0x7d0/0x7d0 [ 3315.594198][T25810] sock_sendmsg+0xcf/0x120 [ 3315.598634][T25810] ____sys_sendmsg+0x6e8/0x810 [ 3315.603413][T25810] ? kernel_sendmsg+0x50/0x50 [ 3315.608079][T25810] ? do_recvmmsg+0x6d0/0x6d0 [ 3315.612664][T25810] ? lock_chain_count+0x20/0x20 [ 3315.617501][T25810] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3315.623485][T25810] ___sys_sendmsg+0xf3/0x170 [ 3315.628081][T25810] ? sendmsg_copy_msghdr+0x160/0x160 [ 3315.633383][T25810] ? __fget_files+0x21b/0x3e0 [ 3315.638069][T25810] ? lock_downgrade+0x6e0/0x6e0 [ 3315.642935][T25810] ? __fget_files+0x23d/0x3e0 [ 3315.647604][T25810] ? __fget_light+0xea/0x280 [ 3315.652182][T25810] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3315.658413][T25810] __sys_sendmsg+0xe5/0x1b0 [ 3315.662907][T25810] ? __sys_sendmsg_sock+0x30/0x30 [ 3315.667947][T25810] ? syscall_enter_from_user_mode+0x21/0x70 [ 3315.673849][T25810] do_syscall_64+0x35/0xb0 [ 3315.678252][T25810] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3315.684134][T25810] RIP: 0033:0x7f812fd3ba39 [ 3315.688536][T25810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:39:44 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000300000000000000"}}]}]}, 0x64}}, 0x0) [ 3315.708221][T25810] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3315.716649][T25810] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3315.724611][T25810] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3315.732572][T25810] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3315.740544][T25810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3315.748497][T25810] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:44 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000258100040001"], 0x24}}, 0x0) [ 3315.863681][T25804] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3315.883015][T25804] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. 02:39:45 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 16) 02:39:45 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = accept(r0, 0xffffffffffffffff, &(0x7f0000000100)) sendmsg$NL80211_CMD_SET_BEACON(r1, &(0x7f00000001c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000680)={0x998, 0x0, 0x4, 0x70bd26, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x3d73, 0x7f}}}}, [@NL80211_ATTR_IE_ASSOC_RESP={0xe9, 0x80, [@supported_rates={0x1, 0x2, [{0x4}, {0x5}]}, @fast_bss_trans={0x37, 0x97, {0x5, 0x3, "10873382954bfceb59456b6f4c0140db", "c88a43026e1cc7ce5b59e668675acafea27cfe7aa5927682fbaf148e32d7a15f", "44695851cf34a84f160c30b266838fd2526afc5002f3c8414f153918f5ff87dd", [{0x4, 0x10, "a8c0abaa6e36bce34e85e17f888631b7"}, {0x3, 0xd, "bd1df9a75a304ca5caf2cc40d9"}, {0x2, 0x22, "51af4d99913528179229bfbdb0cde6ceaa7837e39a4dad626b0f28c9757c3f2a2786"}]}}, @ext_channel_switch={0x3c, 0x4, {0x1, 0x20, 0x6c, 0x5}}, @rann={0x7e, 0x15, {{0x0, 0x2}, 0x48, 0x1, @device_a, 0x3, 0x62b, 0x4}}, @link_id={0x65, 0x12, {@random="a552a4c418de", @device_a, @device_b}}, @rann={0x7e, 0x15, {{0x1, 0x3d}, 0x4, 0x35, @broadcast, 0x1, 0x10000}}]}, @NL80211_ATTR_IE_ASSOC_RESP={0xd, 0x80, [@mesh_config={0x71, 0x7, {0x1, 0x0, 0x0, 0x1, 0xffffffffffffffff, 0x64, 0x8}}]}, @NL80211_ATTR_PROBE_RESP={0x87c, 0x91, "be137cd98de77aac9285e16d17afd5d8a618c3e2a06d77b1662cb6e579cae157e663c0849d16c3165b22f9cefccdb2fb387c37f6f066c7765db3c23f3ac4e0d51ca4ab4b75d68860228da917c0d64b642cae2b00801c55b89751b2f344b25340c046b7665ad290dc98a7213146d34d435855ac027ffba1d82d5d0b8170076b561f5d0831414d5d18440105da4ba128f582edc4d15ae41439ca2715607fdcc31fea068a3160a820c2b2a9e682bb8cc024387ac8c7cfbe68071ac13e2613f65b9379d3e6b7e21d53cb99535dd5fb0296e8c3ee7a8ec05a6988f2edd0ca2e37f62e24e7b59b5e559ff0098e04feb8fbc4b8b32f1052acd9583ec10504d5aeb40a1c3160f0f5e34555b9c4dc9ed1df53768e31eedb071c8f56967361e03a5380162fa2a4ba3fe01a130a27e92765f907fcb8f846332102e17f1b682b56a11d12d9e2ad9effc7c842d0c3c65fa78a8189da19ed12a33329186f4d6ba0b0fc3f4529f425d7599a363dffa33e78d13a79756ab46cbe0c76ad2951ff99b5a0c98c7720f20d4b22ecdbd17f288ad416ba2af6581aa4b9ef3e5a59df86d701b1d2c01a4ca02d6587117ebd502361939d929faa044a283f54d59eac51364e3f090f07986b1069af04d7d1d941ca22c1631a94a515a7e83d1b6fc84b7140159bc938382c36ffbf00625c3a38a42285fd104d5b85579c80c9abcd79f86f71bcb6c5afedd8ca75d42c07769f6d9a3bb28f0e37a1c4e86e6e161d0c82431917e3ddbdc58780b6fd6e03559d5e8c46a5a183c33cdd4bc597c381abac46178f014528583d12c15f3290416e5e6325fe25345d2c6d862abd06500d37493028c142f24b3cba269171982c6aec311aa3c402d24d0dc8ac141ed00ce8baf908aeee66d0f45d4a055bcc50172d42a98c713fac2193849c973e73586e45411253a347dcdb4c14517f0acc75be4f056414e2ba0114811972a80b7f784f5866082dd475e7751387e144f2ebc491dfa5afa82e88eadd70704fe354dbc46615b284d272b16f272e42d322fffc3405f16f5dbc2663b6411a7515d96121b8ec83d1bc414f716e499a5d8f2a1fa441a30bfa0b759abb221aa239803badfd03f09cf4d7350775b5fdf0b6222efc58614154cd0029d60fb26a41b2b9c81e697aebe89215f8c7143993724df173d379ea7e781d0a01e607998f4a271038d7791362a1931a37bc63bf2b3933db229146ee6640031b8e86e2851e901d1b0e9d1fa386077208c1713a3863b3876148c344c075c7279b131bb9164ff85a56510213c5964b4e458a0c8da8d77735a2af702021f76e0c095523660e3b82d795da5923ba8761822e7c843025a1c57e58b8d2ffa450a9f39c462d78b360464e0056aea658829d5653d8fa2d22a07e3afdc70447e80f88028e55519a3b443ee86cca7b1aa0eef42fc9b69cac3bb7f3ed352f25014e1e7495507a9273d302e72cfd3a2e69cc81f7e098b8c7d00a6123b24119a7be66b3f474c5b076d29776610b4ac843a4419e5cc4964b9b17244e3379eae5fe1e297a4d45cd4d9de99936a3bfa976ca70fab32a4697037157c34f55f914e9034d4d3f6a183287d2f7154e3a70d4a00affb405844d865ea89dc562dc56a59cc59a8da7dba5d0950816dbbb27f065ac0d5a084220736eb2a31dfe3ea7356d18b135a40604a9b26a8932c10504e5bbcc6c77702e2fb73d321665595a783dfd274cf2502473929dd241870272af8d2a6dd6a20c8c0ba2fb4b359348a8bd91545b23febe86c546e2c418a64eb5241bd13b3a5cb52e519b55319d2e7688588f687696f0d8eff35944ab709dc1bdd1669641af9e51a7857dc225f07ae9e789c871f026f2faac26a789c740b2ae7ad2739595f56b247b6579463862e6f9c5b9352e4ac478aa330eba80bcaf51593fc348524b06b60aad4c0a871dbf0c33349433e9c81b0c1305ae36bb31be93726688d635c2e6073dea34414d3afd87f506045c9ed1f86b4009d384775d6e5b070715951ec3063f857639f19e97aa41aa4e0919633925f7d9815f2a7555b93cac4966b86e4591c497459a1fe16ecd485dfa38e0074c135bdeb1324a46c3149c84ea77944c9a46ef7858977c530e0c7aebb6fa10d5eeb19717d3b4a6b617044be3400214e3566fe8950ad40ad1ef51c07ec6ebc7cb415c5b54243a5af07998ab6af960ee6ac29a50773a7221d6c8dc963f863c291e684153eefa9a22c4ef9da3da30358a1f1f977e759702797f83f563522db4cf3a99dcde7bad7ef3ce98d39e2a38ae26ffa96464669e62d7711d69ea094c2cf978774d55d57f429d851990920e1a61926e1732e88d0ae647ee8302c8f49619c9f0dc814cba325efaf2c40d94fe56124f24e2753a0a9dcd6ad0137493a93b80ff7a1ce22fbad3bb073f3b8143774d0db2902ea920ab04c7f62ee6ad7d8c02437aa27192df04025dcca7b366e396986b0d80114cc86162feb8a9ee61daff60401c311134d49654fd67115b25e83512a65fbde348b9d9384623595a34038a8b766f2c948b13ef99b487745a2212c683aba69337b8cd8a83db788c07dff105e2365e16b6b4eb75ebcd0ff4174fdf09ef136796f50a4de0f99d966dfa83e64c98c189e6431e56043adee53d982a43197748860b75f6920ccc48d4246cc6492683c8169d969a3d5459f8a683e1ba2aa8dab3c33a27169ffd5afd05c27593797997e3d282940a2d95b4b26f0e2f35b143c709af5fe548a5c81faba53254aa065ab88c4099e95a1f6d18574e267f65cdd26d84d24b81d2eddc07de4224fe47b4780c81f77bac3bbc255a3a8328ec7a1fe415d9783d8878cfca3843ab07a43b5ce99af409de787d8cd134e77616174968e114f55ee03751ba4ad0459bfebb9dcf363f2c0a98e3db223b3962bc781296e14cf043e4b4be58235989b995f642a27f0cff63b3f3a793967ebccd223ba0a364db7d7783f95ca52c430d67211e01913a950300e955488c222095a053ad724566274eaca4e0552cb461d944b0d58e58a90a043e13c767d14bb64727394dbc173143877132d837e71177c77bce6f5f78fab1"}]}, 0x998}, 0x1, 0x0, 0x0, 0x4010}, 0x4080) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="54200000dc193914084e8b37fb48a88bece33cbc93213dad31c5da8e2c063234da1fd2ce99a8d964e38e609c09f9bfd6eef45cad53536f0237f5fe41f483de3004f9425b252e029487d7577c48dcb33cb1ee2457ffebd76d038d1eee24d92d10988216374fcaf45db28d0100008f64ea", @ANYRES16=r2, @ANYBLOB="0100000000000000000017000000400006803c00040067636d28616573290000000000000000000000000000000000000000000000001400000087d6e5dada2c3a12391811067f43c80000000000"], 0x54}}, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) sendmsg$TIPC_NL_PEER_REMOVE(r3, &(0x7f00000004c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000280)={0x1d8, r2, 0x20, 0x70bd2a, 0x25dfdbfc, {}, [@TIPC_NLA_NODE={0x64, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x4a, 0x4, {'gcm(aes)\x00', 0x22, "52663211eae56a1ebd695a8a75a7cbf270fb7a540bc6ba3111253b45fd5b90eb3c6f"}}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x1f}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x20}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3f}]}, @TIPC_NLA_NET={0x5c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0xffffffffffffff7f}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2a7}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x208400}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x88}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8000}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x4e}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2ab}]}, @TIPC_NLA_SOCK={0x48, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_SOCK_ADDR={0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xb6}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xa50e}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8}]}, @TIPC_NLA_MEDIA={0x40, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xba}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_SOCK={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x4c}]}, @TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x10001}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x5}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}]}, @TIPC_NLA_MEDIA={0x20, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x58}, @TIPC_NLA_PROP_WIN={0x8}]}]}]}, 0x1d8}, 0x1, 0x0, 0x0, 0x8000}, 0x600000c1) 02:39:45 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000ec0000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:45 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000ffffff9e0000000000000000"}}]}]}, 0x64}}, 0x0) 02:39:45 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000034000000000000000"}}]}]}, 0x64}}, 0x0) 02:39:45 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000268100040001"], 0x24}}, 0x0) [ 3316.086183][T25837] FAULT_INJECTION: forcing a failure. [ 3316.086183][T25837] name failslab, interval 1, probability 0, space 0, times 0 [ 3316.125852][T25837] CPU: 0 PID: 25837 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3316.134656][T25837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3316.144729][T25837] Call Trace: [ 3316.148018][T25837] dump_stack_lvl+0xcd/0x134 [ 3316.152631][T25837] should_fail.cold+0x5/0xa [ 3316.157166][T25837] ? crypto_gcm_setkey+0x13e/0x590 [ 3316.162292][T25837] should_failslab+0x5/0x10 [ 3316.166809][T25837] __kmalloc+0x72/0x320 [ 3316.170994][T25837] crypto_gcm_setkey+0x13e/0x590 [ 3316.175957][T25837] crypto_aead_setkey+0xbf/0x290 [ 3316.180918][T25837] tipc_aead_init.constprop.0+0x17b/0x8f0 [ 3316.186663][T25837] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3316.192933][T25837] tipc_crypto_key_init+0x82/0x110 [ 3316.198073][T25837] ? tipc_ehdr_validate+0x240/0x240 [ 3316.203298][T25837] ? crypto_mod_put+0x8c/0x100 [ 3316.208081][T25837] tipc_nl_node_set_key+0xa5d/0xf70 [ 3316.213297][T25837] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3316.219553][T25837] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3316.225797][T25837] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3316.233167][T25837] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3316.240453][T25837] genl_family_rcv_msg_doit+0x228/0x320 [ 3316.245999][T25837] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3316.253369][T25837] ? mutex_lock_io_nested+0x1150/0x1150 [ 3316.258922][T25837] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3316.265164][T25837] ? __radix_tree_lookup+0x211/0x2a0 [ 3316.270446][T25837] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3316.276684][T25837] ? genl_get_cmd+0x3cf/0x480 [ 3316.281361][T25837] genl_rcv_msg+0x328/0x580 [ 3316.285865][T25837] ? genl_get_cmd+0x480/0x480 [ 3316.290539][T25837] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3316.296785][T25837] ? lock_release+0x720/0x720 [ 3316.301455][T25837] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3316.306741][T25837] netlink_rcv_skb+0x153/0x420 [ 3316.311501][T25837] ? genl_get_cmd+0x480/0x480 [ 3316.316174][T25837] ? netlink_ack+0xa60/0xa60 [ 3316.320766][T25837] ? netlink_deliver_tap+0x1b1/0xc30 [ 3316.326054][T25837] genl_rcv+0x24/0x40 [ 3316.330032][T25837] netlink_unicast+0x533/0x7d0 [ 3316.334802][T25837] ? netlink_attachskb+0x890/0x890 [ 3316.339908][T25837] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3316.346148][T25837] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3316.352384][T25837] ? __phys_addr_symbol+0x2c/0x70 [ 3316.357406][T25837] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3316.363121][T25837] ? __check_object_size+0x16e/0x3f0 [ 3316.368411][T25837] netlink_sendmsg+0x86d/0xdb0 [ 3316.373188][T25837] ? netlink_unicast+0x7d0/0x7d0 [ 3316.378127][T25837] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3316.384366][T25837] ? netlink_unicast+0x7d0/0x7d0 [ 3316.389305][T25837] sock_sendmsg+0xcf/0x120 [ 3316.393719][T25837] ____sys_sendmsg+0x6e8/0x810 [ 3316.398482][T25837] ? kernel_sendmsg+0x50/0x50 [ 3316.403153][T25837] ? do_recvmmsg+0x6d0/0x6d0 [ 3316.407746][T25837] ? lock_chain_count+0x20/0x20 [ 3316.412594][T25837] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3316.418579][T25837] ___sys_sendmsg+0xf3/0x170 [ 3316.423172][T25837] ? sendmsg_copy_msghdr+0x160/0x160 [ 3316.428470][T25837] ? __fget_files+0x21b/0x3e0 [ 3316.433145][T25837] ? lock_downgrade+0x6e0/0x6e0 [ 3316.438003][T25837] ? __fget_files+0x23d/0x3e0 [ 3316.442681][T25837] ? __fget_light+0xea/0x280 [ 3316.447264][T25837] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3316.453504][T25837] __sys_sendmsg+0xe5/0x1b0 [ 3316.458008][T25837] ? __sys_sendmsg_sock+0x30/0x30 [ 3316.463044][T25837] ? syscall_enter_from_user_mode+0x21/0x70 [ 3316.468942][T25837] do_syscall_64+0x35/0xb0 [ 3316.473350][T25837] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3316.479240][T25837] RIP: 0033:0x7f812fd3ba39 [ 3316.483649][T25837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3316.503251][T25837] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3316.511657][T25837] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3316.519635][T25837] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3316.527600][T25837] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 02:39:45 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000278100040001"], 0x24}}, 0x0) [ 3316.535580][T25837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3316.543541][T25837] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:45 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000288100040001"], 0x24}}, 0x0) 02:39:45 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000003ce0000000000000000"}}]}]}, 0x64}}, 0x0) 02:39:45 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000f0000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:45 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000fffffffffffff000000000000000"}}]}]}, 0x64}}, 0x0) 02:39:45 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 17) 02:39:45 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000017000000400006803c00040067636d28616573290000000000000000000000000000000000000000000000001400000087d6e5dada2ceb2612fd053a12391815067d43c8"], 0x54}}, 0x0) 02:39:45 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000298100040001"], 0x24}}, 0x0) [ 3316.885746][T25863] FAULT_INJECTION: forcing a failure. [ 3316.885746][T25863] name failslab, interval 1, probability 0, space 0, times 0 [ 3316.960593][T25863] CPU: 0 PID: 25863 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3316.969397][T25863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3316.979466][T25863] Call Trace: [ 3316.982754][T25863] dump_stack_lvl+0xcd/0x134 [ 3316.987372][T25863] should_fail.cold+0x5/0xa [ 3316.991906][T25863] ? tipc_aead_init.constprop.0+0x1bb/0x8f0 [ 3316.997824][T25863] should_failslab+0x5/0x10 [ 3317.002342][T25863] kmem_cache_alloc_trace+0x55/0x2b0 [ 3317.007651][T25863] ? crypto_aead_setkey+0x10f/0x290 [ 3317.012880][T25863] tipc_aead_init.constprop.0+0x1bb/0x8f0 [ 3317.018647][T25863] tipc_crypto_key_init+0x82/0x110 [ 3317.023778][T25863] ? tipc_ehdr_validate+0x240/0x240 [ 3317.028981][T25863] ? crypto_mod_put+0x8c/0x100 [ 3317.033756][T25863] tipc_nl_node_set_key+0xa5d/0xf70 [ 3317.038960][T25863] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3317.045210][T25863] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3317.051450][T25863] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3317.058825][T25863] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3317.066117][T25863] genl_family_rcv_msg_doit+0x228/0x320 [ 3317.071670][T25863] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3317.079035][T25863] ? mutex_lock_io_nested+0x1150/0x1150 [ 3317.084589][T25863] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3317.090832][T25863] ? __radix_tree_lookup+0x211/0x2a0 [ 3317.096112][T25863] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3317.102347][T25863] ? genl_get_cmd+0x3cf/0x480 [ 3317.107025][T25863] genl_rcv_msg+0x328/0x580 [ 3317.111533][T25863] ? genl_get_cmd+0x480/0x480 [ 3317.116204][T25863] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3317.122452][T25863] ? lock_release+0x720/0x720 [ 3317.127124][T25863] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3317.132413][T25863] netlink_rcv_skb+0x153/0x420 [ 3317.137172][T25863] ? genl_get_cmd+0x480/0x480 [ 3317.141864][T25863] ? netlink_ack+0xa60/0xa60 [ 3317.146457][T25863] ? netlink_deliver_tap+0x1b1/0xc30 [ 3317.151743][T25863] genl_rcv+0x24/0x40 [ 3317.155724][T25863] netlink_unicast+0x533/0x7d0 [ 3317.160496][T25863] ? netlink_attachskb+0x890/0x890 [ 3317.165604][T25863] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3317.171844][T25863] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3317.178081][T25863] ? __phys_addr_symbol+0x2c/0x70 [ 3317.183104][T25863] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3317.188819][T25863] ? __check_object_size+0x16e/0x3f0 [ 3317.194108][T25863] netlink_sendmsg+0x86d/0xdb0 [ 3317.198875][T25863] ? netlink_unicast+0x7d0/0x7d0 [ 3317.203815][T25863] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3317.210054][T25863] ? netlink_unicast+0x7d0/0x7d0 [ 3317.214990][T25863] sock_sendmsg+0xcf/0x120 [ 3317.219419][T25863] ____sys_sendmsg+0x6e8/0x810 [ 3317.224185][T25863] ? kernel_sendmsg+0x50/0x50 [ 3317.228856][T25863] ? do_recvmmsg+0x6d0/0x6d0 [ 3317.233448][T25863] ? lock_chain_count+0x20/0x20 [ 3317.238297][T25863] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3317.244280][T25863] ___sys_sendmsg+0xf3/0x170 [ 3317.248873][T25863] ? sendmsg_copy_msghdr+0x160/0x160 [ 3317.254159][T25863] ? __fget_files+0x21b/0x3e0 [ 3317.258832][T25863] ? lock_downgrade+0x6e0/0x6e0 [ 3317.263692][T25863] ? __fget_files+0x23d/0x3e0 [ 3317.268373][T25863] ? __fget_light+0xea/0x280 [ 3317.272956][T25863] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3317.279198][T25863] __sys_sendmsg+0xe5/0x1b0 [ 3317.283698][T25863] ? __sys_sendmsg_sock+0x30/0x30 [ 3317.288734][T25863] ? syscall_enter_from_user_mode+0x21/0x70 [ 3317.294634][T25863] do_syscall_64+0x35/0xb0 [ 3317.299044][T25863] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3317.304936][T25863] RIP: 0033:0x7f812fd3ba39 [ 3317.309345][T25863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3317.328942][T25863] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3317.337349][T25863] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3317.345322][T25863] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3317.353282][T25863] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 02:39:46 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000001000000000000"}}]}]}, 0x64}}, 0x0) 02:39:46 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000fffffff00000000000000000"}}]}]}, 0x64}}, 0x0) [ 3317.361246][T25863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3317.369206][T25863] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:46 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000008200040001"], 0x24}}, 0x0) 02:39:46 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000018200040001"], 0x24}}, 0x0) 02:39:46 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000017000000500006804c00040067636d28616573290000000000000000000000000000000000000000000000002400000087d6e5dada2cab2612fd053a10391811067d43c8676f9aeb66dddd65dc874db9977aab47c7f14fd0b43e02800800010006000000"], 0x74}}, 0x0) 02:39:46 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000040030000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:46 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000002000000000000"}}]}]}, 0x64}}, 0x0) 02:39:46 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 18) 02:39:46 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000fffffff50000000000000000"}}]}]}, 0x64}}, 0x0) [ 3317.695882][T25890] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. 02:39:46 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000003000000000000"}}]}]}, 0x64}}, 0x0) 02:39:46 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000028200040001"], 0x24}}, 0x0) [ 3317.763986][T25898] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. 02:39:46 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000fffffffc0000000000000000"}}]}]}, 0x64}}, 0x0) [ 3317.806576][T25896] FAULT_INJECTION: forcing a failure. [ 3317.806576][T25896] name failslab, interval 1, probability 0, space 0, times 0 [ 3317.867797][T25896] CPU: 1 PID: 25896 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3317.876613][T25896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3317.886682][T25896] Call Trace: [ 3317.889973][T25896] dump_stack_lvl+0xcd/0x134 [ 3317.894582][T25896] should_fail.cold+0x5/0xa [ 3317.899109][T25896] ? crypto_create_tfm_node+0x7f/0x320 [ 3317.904588][T25896] should_failslab+0x5/0x10 [ 3317.909109][T25896] __kmalloc_node+0x75/0x370 [ 3317.913728][T25896] crypto_create_tfm_node+0x7f/0x320 [ 3317.919038][T25896] crypto_alloc_tfm_node+0x107/0x260 [ 3317.924358][T25896] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3317.930117][T25896] tipc_crypto_key_init+0x82/0x110 [ 3317.935250][T25896] ? tipc_ehdr_validate+0x240/0x240 [ 3317.940473][T25896] ? crypto_mod_put+0x8c/0x100 [ 3317.945273][T25896] tipc_nl_node_set_key+0xa5d/0xf70 [ 3317.950502][T25896] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3317.956777][T25896] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3317.963034][T25896] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3317.970405][T25896] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3317.977718][T25896] genl_family_rcv_msg_doit+0x228/0x320 [ 3317.983286][T25896] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3317.990676][T25896] ? mutex_lock_io_nested+0x1150/0x1150 [ 3317.996344][T25896] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3318.002607][T25896] ? __radix_tree_lookup+0x211/0x2a0 [ 3318.007891][T25896] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3318.014132][T25896] ? genl_get_cmd+0x3cf/0x480 [ 3318.018825][T25896] genl_rcv_msg+0x328/0x580 [ 3318.023325][T25896] ? genl_get_cmd+0x480/0x480 [ 3318.027996][T25896] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3318.034239][T25896] ? lock_release+0x720/0x720 [ 3318.038937][T25896] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3318.044215][T25896] netlink_rcv_skb+0x153/0x420 [ 3318.048972][T25896] ? genl_get_cmd+0x480/0x480 [ 3318.053667][T25896] ? netlink_ack+0xa60/0xa60 [ 3318.058254][T25896] ? netlink_deliver_tap+0x1b1/0xc30 [ 3318.063537][T25896] genl_rcv+0x24/0x40 [ 3318.067527][T25896] netlink_unicast+0x533/0x7d0 [ 3318.072285][T25896] ? netlink_attachskb+0x890/0x890 [ 3318.077383][T25896] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3318.083612][T25896] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3318.089842][T25896] ? __phys_addr_symbol+0x2c/0x70 [ 3318.094854][T25896] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3318.100562][T25896] ? __check_object_size+0x16e/0x3f0 [ 3318.105842][T25896] netlink_sendmsg+0x86d/0xdb0 [ 3318.110601][T25896] ? netlink_unicast+0x7d0/0x7d0 [ 3318.115541][T25896] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3318.121804][T25896] ? netlink_unicast+0x7d0/0x7d0 [ 3318.126746][T25896] sock_sendmsg+0xcf/0x120 [ 3318.131153][T25896] ____sys_sendmsg+0x6e8/0x810 [ 3318.135906][T25896] ? kernel_sendmsg+0x50/0x50 [ 3318.140586][T25896] ? do_recvmmsg+0x6d0/0x6d0 [ 3318.145194][T25896] ? lock_chain_count+0x20/0x20 [ 3318.150036][T25896] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3318.156018][T25896] ___sys_sendmsg+0xf3/0x170 [ 3318.160624][T25896] ? sendmsg_copy_msghdr+0x160/0x160 [ 3318.165898][T25896] ? __fget_files+0x21b/0x3e0 [ 3318.170566][T25896] ? lock_downgrade+0x6e0/0x6e0 [ 3318.175450][T25896] ? __fget_files+0x23d/0x3e0 [ 3318.180139][T25896] ? __fget_light+0xea/0x280 [ 3318.184717][T25896] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3318.190949][T25896] __sys_sendmsg+0xe5/0x1b0 [ 3318.195446][T25896] ? __sys_sendmsg_sock+0x30/0x30 [ 3318.200478][T25896] ? syscall_enter_from_user_mode+0x21/0x70 [ 3318.206363][T25896] do_syscall_64+0x35/0xb0 [ 3318.210766][T25896] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3318.216646][T25896] RIP: 0033:0x7f812fd3ba39 [ 3318.221045][T25896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3318.240639][T25896] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3318.249060][T25896] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3318.257018][T25896] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 02:39:46 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000013c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) read(0xffffffffffffffff, &(0x7f0000000480)=""/141, 0x8d) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0) socketpair(0x28, 0x6, 0x3, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f00000013c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) getsockopt$sock_linger(r3, 0x1, 0xd, &(0x7f0000000380), &(0x7f0000000440)=0x8) accept$alg(r4, 0x0, 0x0) setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000240), 0x4) ioctl$BTRFS_IOC_SNAP_CREATE(r3, 0x50009401, &(0x7f0000000680)={{r0}, "96702e2335354d9687bedb8aa6003213cecb15310ffd834fa19d0de3112437dbea464ec6fd35f5df3304cfbdc31ced66ccd68e1ecd6e7604a87d19e59f9146d721a0247cff5dba07cbcef877c91e62f15cfd70854d51406eae7c3c8234179555cc9ecf1783fdad25bee519f71d08acc9a3f180302d2e6539a4cad50a3120a81da2fee793cd76ffd273e48f52eac7b5876e0fa813766cff4de2dd8e57aef8e1fac44addd68064edee3092cf18e1aa879297f1931dc733115b98c56685e6a6b86afdf9b3a39cb0e1961b26ae2cdbfda4f7646991b42f9abd365e3dd4c3e5292bf27248fafed7f7296f831e0a4575d2346611a55b3b88a5d2867adfabddf0bc39093a4f74d1c223616d886b2822df86ccdbf23b8def524bc03aa6dce85e321c811821df68351aa86208346510ea2b125f72d84fcb61c3a0280e2fcfd4e74839a1bf3a95a680e683a0abfca91eefe0a35036550928261b63a65e6a6528a9698cf93dd9e730508fe2792ac8c8226dda32ff268a607f513763af903187847e1380086a6b34afb12b6ed1a6999cf29d990f165a78d3c44d82760d0740a8f8b2326f86dc5dabbecad068973af783538cc2b24da361aa9e7047bffd6b08a4fe2a6c3acfa5c737fcdcabfc692910df0c0177236bfbb35d4ea5bf3c35af5d1d77f22be0258e33d82f900550e9997fc7c2ce4af501e63d0ae8d257a365f119c892cfaa71874f1f7814f526ef82afeb5767f8978737803931f0f75b12d6cadd514840912862bc4b358cdd7e2ed0a808455a2c30c8fcc7023854bbe2b9b36379b3f824c5f662539850051088d3fab05ff71b6b90d611138b11048a9d6a84010a2ee0913f18a5e6a7842d5e5c69fa2d1c45efcea99c9fc809ee193f4e12311bc8d6ab3491110ee96cd8267c872d42e2950144479b01e6d441f9527d1fa2727a23b381922edfe638fa9d4fc4ab3c7dd8d6391fc2d19560e2d9ce300b1b11d746b6340588a358081a4230c1226df5e4bc51219c1c321903729747672a0b11360df3e6e93e211f410efa9bf11b1bbe0fa993ec7061b9e067949edbeba5fc049ecb770e1e70c72cefc6311be1693644929584e8e0737932031e40b296dc28384a1a7451dc4d9f4ff2347aedd48ca83ca8f2f08c7d233e3620c725dceabb783c642fe6dd0840565bba6e10fd372cb30c28368284f86ef7f95d73f8f38c8db65b5974900ad50c28cadf4c63ffe3c7adfed70d6c3351c0180cf3972135747fa91da4a00a05a421eb2ab5c0a8722434e8b01a6680d8c0d746f184e638383aea1db03b72b269e98d813cc02169e7793800bf4d6e2341a262357e163c4123c46b27519be83dfee2894ecad239ca091fbfee953c9f0ed9a1dfbaa37e927ac182f9851c861643d5a0af9c3a836fa746f99299ddb7d0a9e583834d387ab9e1bee8739229c650518c9fa2d03fbcc53f5ca5bc0e943e964fcb9ae02315d05170d08b292834b09b3a82134dae48d8ca563d8f41d992615bfa805354710b4aa692c99294c9deec0610687ea90464c5549f546def0c62d6e4f6a8ac53355742f879f8cf8ed018fd41fe1453a3df7e497cec0ce9b27c380a45ccf7036c945f4b197d53f73ed984c9b55eb473e3e97ac83ecdae13f2ad7ac5ade66432d4eae7f2b8f9fd2d07ed9c14941979fd85cea9441c373e48c3bd17609b69ced5796392504c336e7116a285c1579d04d3e27ada65bec16e8220d5227fb82d2dcc8b26ee93db28e4496dd21fb10576ba0e33f1c98cea6ba13e0a26c8ff1c18881d3bb1830ec468fac418340c57db832b77b26333707456318293b010029d89714e7037312295937068c1cee5dbf5cb54533e382b2f128132f3f91e0cf002bdd69e4566b1bb6f12be679a520f9f5441e4be7473b219444184e5ae53d88880f280ca37896cf8632f8bfa6af3ab2e4ef21519737f251e74135b6106d362ae812adf88ccd6e29d892f82e912ebc7537e97a944a3bb8794c50652dfa07b8276b941dcd8b2190a42ed1bb76a8b2f12aaac8aefa58830a55602b5312ae11315d3961812e7f57f2b1d3d10c3cbfe1e178cf0a63fdafd4343dfb34c16351f157a922d8aeec4ebee6d7286f335ee2b3d79c28abdd24fb7b6dcaf3b4d4d19321eed8532de3692552475afc522a58b5cba623ab28501159e7871a478ace233c4d8827b7a1d268dad31796fb2981a9caae54cf8409b6bfb9c3b0a6aed9fb33056570b85eacf6c340ee1b7bda9d3032b7815a42334d75d863b80e92163b60b5101770ae0493ac5670badee6cfa032af778d71928da0c92229b77453138c0d54708ff32417d198df63c884f768f459f848a3a83fde8043d2c3615aeadf4c7bec3c2a44c234efeeafdb6ae062d268f99e6a87f68888622c085dc16de5ee14289a777ee05f6a1553642dbe0739ecffb85c0faf91156d2ab6bb6c774c8a80949f9754837285c58e7a9ab6f5d8f5c5c0743540fa3de2ff1e1fed1ae66b7ac3f3507289ca60326a8eff0a63a9ea994a9387b5506ce32819fabdbbc60fe6992e6036b6849741afda4805b7b7931c8bed7e61ef9d6499ad9187ff0080787963830201a3b72cc6504266d68f7218acee693d2e92002760810fba4dd9f26d86ea1284b120e524115c03bbcf49937bf8eae8a5d7a24860dcee56375b277ca3f1d63c32b86bda889dab7b14b5a025acc9adbc5a8299716edda270cd26dcc2f68b762f8c13898a3962b85bbbfa38292e8d11dbfb22e5916d244a16532bd5f7168c74b6fab74473a8107e87b07ecf80f490e428d6c3df39b221c53e9b66eaac201ffe8b22b5d8c935da89380b134388ca91252d78b330b61108ba6f4012c4d66f6f15563afe6e4d0911a9871cdbab0ebb8a8a5c7f79f9257ae50afb1979479d7dff4ac4ada635d681ca1c99ab193d13b8c1ba6a2aacf6a8661010ba3e35a59bfbd107b0aee1c3d0f50dcc7640744dbf775f91d2c660f4678eb8fefc2f8bc1fadfd390a34e1eb1b3ff0fc3aee313633c49c8733c4ced76fc8b57cc7463dd29311a963065a6c903efd0888490289025fa844afcffbddc831a3f4811a521d47f73e6537887b79d880ef2172c4f779067caee6256135fcedb1ae48ba5f5d1845de037c0a35d3cb042fd120b28edc2a99c90c5fd5c24e99a2ed1f54aae1f40d2a876f547b460363b445f2cd649a6d77adab3212788e2d51b0e7c7175b9197bedd6b4e3a570619954ff5b0ad34d9a5deffe2fb6d2318e4fc968f63381aa1ba315397c7ca1689e8509e17805ca5f204e7da705a4a7ec4a8cf9b5d567a72737406685a45043425f09c1f18a1afbd59f34d8fc9b74e1a6d824e432be1ed7fcda962d9f241ae213952338eabed7c1238deb29ef6be5792e243b036f1ea72729be6caed97312e2e6e37303621e3e3b32047a2b84cc4d9673bed7866678897e2a1c8f2910ae63e7ce0f016183afe08f8a888ba1469820c4bca5a6499dbf7f8316d69d4192d541c884eac480a40f3c409f61c52b17c9d912a94934df08a3ca00615038ea2630829c298edd5564b76f90b5c2d4f1084530a3040ef2cfaca33ccf5716cdb43dc13ea74705066ea547ef29d16503a417054205717b948ee66c8f44f990b633d704bc3b892c35944d0116a2195a8a72962e0d50ca4f62544393a9daf8ea873919d71593230f0055c2ebbff0df325a93ef40457560bb023a881292d56b15b1f9af6c0a8a37d1d693313bcfb86f09a6313c5abe954e931f2c5e5593e2bc3d0732c75d6b303dcbda60d9f0d8b3b0c4d7a9b29234dd4d118079abd82e4ef5704a2fc7709d55572290ab575b7645f46a80dce8980e05ba846ff5d91268df8bba044dac266bc167fab4580d9cbf333209f9f07ddc9dc504d1c84b7d3f56f8b5033efe5c22501988401238cee92c5e9089f06ee4aa7b8f9bd76b506fa40f7135d7975474ee98a92acb9c7ace9eba690eceb7358f2c2394caa6c3e18989c3852fb2e951944ec5e552be2bd78c0877a822cc4a42c49cf2085072c66466324bc4c15a3d22f99b75b1c0f08aa6b37079e371d06551ec4b0e9e86081a0ed23461690a5b103148d2e5b5e70a00019582e5d06fb905a019663e4c1877ab3f9964cd79c4022eefbda8fc2733c3acf094641ff3030ababe386c05478abac5803641980ffb012b5d4e12e5772c46e381f3c6d403ee2a4936cb3c52343d8c16c359762373108a982ff0f37a11aaedbd4ab4a0d38c6d76e3f3b9919f99f5a2fe2366a4b3d8f19ea8d37390bf84b887d53a59bb6a88fd3f2eb3baa9c8d3d86fc678b14857566b2fa3111d5892498ead48ff0040339a09b188ddec95b3555ec1053a2a3e11d14fac104a0ac0f4b87f9f3777e0b5ca62e6f4de012b7d516f2e878d347b5608d9085ba6608357391b973dc83b1bc5d2f187a65b35782a4e89c0b3c02749e03fc10a4f8493232af245938c76bf56b16e42de1e0f27368ad867217b88f66e14c7ef6115ecdcb4d591b7684e0bf840b016d6c45e84c50dbb09c6669617e0943e4f18ed9a43d4854dff38569b10887be632774255951aad938856223e816b94869c3f29a013f892c5b68a16042f480f292e828cc6cbd47abf98b8b4ba0a1ba058839fc964a9ab5124d1dd55d003d8144f6864add9386b75a87e0c9638f18102780a6ff9476ee624580f2ff6790b2dc4279e4bc0fbfc9ba91b5e5ccdfe931201692fbf440e0f350448672b40132912c6e97153eb499c8e269895f98a37daa4a747ae8f6625e33a338b86e9af30c05c1da7a4a952f8ca9b1b0ed6c4f2f29e27df2b4718d92efad02400d369456d3e8ec604594e8fb17503bf56bfbcfc676df0491a469df5b77fa365fc602b155d5304fee5cceaabab68b179a6ddf22a2eb2723a9c74e830f1717e60737cdab6f14ccb510e21c0e942fc302f83dc753060a9e2cced5f4cd26286eded83597f50324026ee8a66fbe82f403d6ec101df01c143c8bccc92f294aba6798d76d6dc8c51aa9e8fb04b96aa8412d207567c6c981b504a19bc5f6375c936867e5b2f9a5379caf547d67be88a428e2a22868c3cbc1d3c6493f79abed6591bfd8f132cf93a7b3957c2e4f58d262801c8d693d25cce4e368fb78ac262e2841d102ee61d4e816f62246011c0abce94d99de3fc5f5f4975b97194650e0fc90609d7e3bd4865624be19e7802b540ca620cd775d756223a4aa768cce7e5a8ea900b7fd4a40f3f4c23df5ea6137d3d82d3c89b10c76b9eb2a281ce5b07bec546521bfc08a2c2752fe259de380d9e0c8e9c36e9a8aefd4d9e771896bb90df2c007de61f5b11d97001a72ff0a43b202d5ad199bd68b5fa7aeae938be4bb679c811d50bf512f0887a1d1db98478c3a357412970b434873d4d6294424edcced92920ee58a810069ec2f7a8a3dc305c3391b91ae3d41a06b151d8e4e56f8be4059588ae4b10ffd910a240db554b8dc28a2775a23d96ad27dbe1a34496e9a04674cef1cfc352fda861382cc2265adf1fff603c2aff92c89ce2b38782e0749c6a71c9f32d8b0de5f32c55d854937da932b0cefbc591a2e3320a0654055df30797c1f95ed997012fdcf2a645536d7e423e3bc0e2872e22186aad996726d8869654a2e353661dfc1697b11adf72fe9f75ffa101ce00ed26fadf77c567ce1a38f98f16672b896c5afa7c1842aacd05ee9b14ef5eed8571a5661adec5d77f97790afac925e4ca750fb9d8e10fd83dee3794089115737a8675abf0f2a2a8df8fe410fdabd458c297d137b151f43ebf6fa35cfe9fb27c1d1e782bfc8bcf33919b70b98f9905f43ff"}) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001b40)=ANY=[@ANYBLOB="54000000c15e6c04b381ce5cf310edf7918e29b4fa846574cefa0be42a931e055a3d8bade41a4df20924dfe7c05610903b64cbe6c854e3949a6b2ec7136aaec3cc93c39a05a579dd95117d422333d6ee01fe93d0bbfdaa3456989fb9b1df920a0b2af3a986a522956e1160d36e40d19ea4bf8a0979ffd934f54ae00b042be8a2931f12e2a058024f5dbc931a9e8b3ee04aff72d65e4edb51b65be2dc9a3ce906053c31899c08e42dec1f7b652da3d3c19e5ae7ee7e7b74b6dc3ead99ce0ea67739cc748ee48eb90c0aa67c876f0b60a73bfe1dc5b125142b68614cb42f13d7a1378f42f0dee0dad479d122c367bdc991335a4c1cc91c109ced86a7dc5e887f10e12a167793c7d43bd13b28a3871eefcc601e3f1e4a7ab301f66b402a035f199b9c17c3979dcf4dbb5e6215d9723e27e86b9bcc93c6b6c43a53e860e37bb9e593fb24ad2c22e871870fabd33175edf85e6aa695c892d6b8a7fd073eddf244bcbe18c6883d37e2f7d0ebab197689e1e83f9984", @ANYRES16=r1, @ANYBLOB="0100000000000000000017000000400006803c00040067636d2861657329000000000000000000000000000000000000000000315eebbb00000087d6e5dada2cab2616fd053a12391811067d43c8a0b2f076eae891e69d1e2e81a4500156c7264a6edbdf9059cf48fd8210b03bcaa7c03d7b89308582d9475dbe723d98f73bc9cb681820c508c313e93d4e829bde15e5ca2661fb2bfd644f567bd4a4bf656c6a14b48d5d27e3e55ae517eaee2909f57eda104968ae5e06792d31116c9f1aaf80b94c73a6534db10b08486e9da3426016057dbf48f88f36e8f02c29"], 0x54}}, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r5, 0x84, 0x74, &(0x7f00000000c0)=""/203, &(0x7f00000001c0)=0xcb) 02:39:47 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000038200040001"], 0x24}}, 0x0) [ 3318.264986][T25896] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3318.272958][T25896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3318.280913][T25896] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:47 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000048200040001"], 0x24}}, 0x0) 02:39:47 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000004000000000000"}}]}]}, 0x64}}, 0x0) 02:39:47 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000040000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:47 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000007fffffff0000000000000000"}}]}]}, 0x64}}, 0x0) 02:39:47 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000058200040001"], 0x24}}, 0x0) 02:39:47 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 19) 02:39:47 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) r2 = accept4(r0, &(0x7f0000000240)=@generic, &(0x7f00000002c0)=0x80, 0x800) syz_genetlink_get_family_id$SEG6(&(0x7f00000001c0), r2) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x54, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}]}, 0x54}}, 0x0) sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x88, r1, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@TIPC_NLA_MEDIA={0x14, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_PUBL={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xffff}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7f}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x8001}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3f}]}, @TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x4}]}, @TIPC_NLA_BEARER={0x20, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x2}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}]}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x40000804}, 0x10) 02:39:47 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000005000000000000"}}]}]}, 0x64}}, 0x0) 02:39:47 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000068200040001"], 0x24}}, 0x0) [ 3318.663911][T25934] FAULT_INJECTION: forcing a failure. [ 3318.663911][T25934] name failslab, interval 1, probability 0, space 0, times 0 [ 3318.713367][T25934] CPU: 0 PID: 25934 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3318.722174][T25934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3318.732246][T25934] Call Trace: [ 3318.735535][T25934] dump_stack_lvl+0xcd/0x134 [ 3318.740148][T25934] should_fail.cold+0x5/0xa [ 3318.744681][T25934] ? crypto_create_tfm_node+0x7f/0x320 [ 3318.750160][T25934] should_failslab+0x5/0x10 [ 3318.754683][T25934] __kmalloc_node+0x75/0x370 [ 3318.759302][T25934] crypto_create_tfm_node+0x7f/0x320 [ 3318.764618][T25934] crypto_spawn_tfm2+0x60/0xb0 [ 3318.769410][T25934] crypto_gcm_init_tfm+0x3d/0x260 [ 3318.774456][T25934] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3318.780108][T25934] crypto_aead_init_tfm+0x138/0x1a0 [ 3318.785335][T25934] crypto_create_tfm_node+0x10d/0x320 [ 3318.790728][T25934] crypto_alloc_tfm_node+0x107/0x260 [ 3318.796040][T25934] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3318.801796][T25934] tipc_crypto_key_init+0x82/0x110 [ 3318.806932][T25934] ? tipc_ehdr_validate+0x240/0x240 [ 3318.812148][T25934] ? crypto_mod_put+0x8c/0x100 [ 3318.816943][T25934] tipc_nl_node_set_key+0xa5d/0xf70 [ 3318.822164][T25934] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3318.828474][T25934] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3318.834753][T25934] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3318.842143][T25934] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3318.849456][T25934] genl_family_rcv_msg_doit+0x228/0x320 [ 3318.855021][T25934] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 02:39:47 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000ffffffff0000000000000000"}}]}]}, 0x64}}, 0x0) [ 3318.862413][T25934] ? mutex_lock_io_nested+0x1150/0x1150 [ 3318.867981][T25934] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3318.874241][T25934] ? __radix_tree_lookup+0x211/0x2a0 [ 3318.879544][T25934] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3318.885800][T25934] ? genl_get_cmd+0x3cf/0x480 [ 3318.890499][T25934] genl_rcv_msg+0x328/0x580 [ 3318.895023][T25934] ? genl_get_cmd+0x480/0x480 [ 3318.899717][T25934] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3318.906000][T25934] ? lock_release+0x720/0x720 02:39:47 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000078200040001"], 0x24}}, 0x0) [ 3318.910692][T25934] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3318.916001][T25934] netlink_rcv_skb+0x153/0x420 [ 3318.920782][T25934] ? genl_get_cmd+0x480/0x480 [ 3318.925477][T25934] ? netlink_ack+0xa60/0xa60 [ 3318.930092][T25934] ? netlink_deliver_tap+0x1b1/0xc30 [ 3318.935404][T25934] genl_rcv+0x24/0x40 [ 3318.939402][T25934] netlink_unicast+0x533/0x7d0 [ 3318.944185][T25934] ? netlink_attachskb+0x890/0x890 [ 3318.949307][T25934] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3318.955566][T25934] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3318.961821][T25934] ? __phys_addr_symbol+0x2c/0x70 [ 3318.966867][T25934] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3318.972694][T25934] ? __check_object_size+0x16e/0x3f0 [ 3318.978100][T25934] netlink_sendmsg+0x86d/0xdb0 [ 3318.982939][T25934] ? netlink_unicast+0x7d0/0x7d0 [ 3318.987930][T25934] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3318.994542][T25934] ? netlink_unicast+0x7d0/0x7d0 [ 3318.999498][T25934] sock_sendmsg+0xcf/0x120 [ 3319.003937][T25934] ____sys_sendmsg+0x6e8/0x810 [ 3319.008713][T25934] ? kernel_sendmsg+0x50/0x50 [ 3319.013401][T25934] ? do_recvmmsg+0x6d0/0x6d0 [ 3319.018015][T25934] ? lock_chain_count+0x20/0x20 [ 3319.022883][T25934] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3319.028893][T25934] ___sys_sendmsg+0xf3/0x170 [ 3319.033506][T25934] ? sendmsg_copy_msghdr+0x160/0x160 [ 3319.038818][T25934] ? __fget_files+0x21b/0x3e0 [ 3319.043514][T25934] ? lock_downgrade+0x6e0/0x6e0 [ 3319.048407][T25934] ? __fget_files+0x23d/0x3e0 [ 3319.053110][T25934] ? __fget_light+0xea/0x280 [ 3319.057711][T25934] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 02:39:48 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000088200040001"], 0x24}}, 0x0) [ 3319.063976][T25934] __sys_sendmsg+0xe5/0x1b0 [ 3319.068497][T25934] ? __sys_sendmsg_sock+0x30/0x30 [ 3319.073556][T25934] ? syscall_enter_from_user_mode+0x21/0x70 [ 3319.079476][T25934] do_syscall_64+0x35/0xb0 [ 3319.083906][T25934] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3319.089814][T25934] RIP: 0033:0x7f812fd3ba39 [ 3319.094243][T25934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:39:48 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000f00000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3319.113861][T25934] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3319.122290][T25934] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3319.130249][T25934] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3319.138214][T25934] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3319.146194][T25934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3319.154170][T25934] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:48 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000003400000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:48 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800f0ffffffffffff0000000000000000"}}]}]}, 0x64}}, 0x0) 02:39:48 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000006000000000000"}}]}]}, 0x64}}, 0x0) 02:39:48 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000098200040001"], 0x24}}, 0x0) 02:39:48 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 20) 02:39:48 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000ffff800000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:48 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000034000"/36}}]}]}, 0x64}}, 0x0) 02:39:48 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000a8200040001"], 0x24}}, 0x0) [ 3319.468520][T25965] FAULT_INJECTION: forcing a failure. [ 3319.468520][T25965] name failslab, interval 1, probability 0, space 0, times 0 02:39:48 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000007000000000000"}}]}]}, 0x64}}, 0x0) [ 3319.540589][T25965] CPU: 1 PID: 25965 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3319.549400][T25965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3319.559472][T25965] Call Trace: [ 3319.562765][T25965] dump_stack_lvl+0xcd/0x134 [ 3319.567380][T25965] should_fail.cold+0x5/0xa [ 3319.571914][T25965] ? crypto_create_tfm_node+0x7f/0x320 [ 3319.577390][T25965] should_failslab+0x5/0x10 [ 3319.581914][T25965] __kmalloc_node+0x75/0x370 [ 3319.586536][T25965] crypto_create_tfm_node+0x7f/0x320 [ 3319.591849][T25965] crypto_alloc_tfm_node+0x107/0x260 [ 3319.597159][T25965] cryptd_alloc_ahash+0x101/0x200 [ 3319.602204][T25965] ? cryptd_ahash_queued+0x70/0x70 [ 3319.607362][T25965] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3319.612924][T25965] ? trace_kmalloc_node+0x32/0x100 [ 3319.618053][T25965] ? ghash_async_exit_tfm+0x40/0x40 [ 3319.623280][T25965] ghash_async_init_tfm+0x21/0x100 [ 3319.628426][T25965] ? ghash_async_exit_tfm+0x40/0x40 [ 3319.633733][T25965] crypto_create_tfm_node+0x19b/0x320 [ 3319.639131][T25965] crypto_spawn_tfm2+0x60/0xb0 [ 3319.643919][T25965] crypto_gcm_init_tfm+0x3d/0x260 [ 3319.648960][T25965] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3319.654611][T25965] crypto_aead_init_tfm+0x138/0x1a0 [ 3319.659826][T25965] crypto_create_tfm_node+0x10d/0x320 [ 3319.665223][T25965] crypto_alloc_tfm_node+0x107/0x260 [ 3319.670535][T25965] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3319.676293][T25965] tipc_crypto_key_init+0x82/0x110 [ 3319.681435][T25965] ? tipc_ehdr_validate+0x240/0x240 [ 3319.686655][T25965] ? crypto_mod_put+0x8c/0x100 [ 3319.691454][T25965] tipc_nl_node_set_key+0xa5d/0xf70 [ 3319.696686][T25965] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3319.702947][T25965] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3319.709181][T25965] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3319.716561][T25965] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3319.723871][T25965] genl_family_rcv_msg_doit+0x228/0x320 [ 3319.729430][T25965] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3319.736812][T25965] ? mutex_lock_io_nested+0x1150/0x1150 [ 3319.742368][T25965] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3319.748616][T25965] ? __radix_tree_lookup+0x211/0x2a0 [ 3319.753903][T25965] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3319.760131][T25965] ? genl_get_cmd+0x3cf/0x480 [ 3319.764801][T25965] genl_rcv_msg+0x328/0x580 [ 3319.769293][T25965] ? genl_get_cmd+0x480/0x480 [ 3319.773959][T25965] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3319.780205][T25965] ? lock_release+0x720/0x720 [ 3319.784887][T25965] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3319.790163][T25965] netlink_rcv_skb+0x153/0x420 [ 3319.794926][T25965] ? genl_get_cmd+0x480/0x480 [ 3319.799590][T25965] ? netlink_ack+0xa60/0xa60 [ 3319.804183][T25965] ? netlink_deliver_tap+0x1b1/0xc30 [ 3319.809481][T25965] genl_rcv+0x24/0x40 [ 3319.813455][T25965] netlink_unicast+0x533/0x7d0 [ 3319.818207][T25965] ? netlink_attachskb+0x890/0x890 [ 3319.823306][T25965] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3319.829560][T25965] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3319.835813][T25965] ? __phys_addr_symbol+0x2c/0x70 [ 3319.840830][T25965] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3319.846559][T25965] ? __check_object_size+0x16e/0x3f0 [ 3319.851844][T25965] netlink_sendmsg+0x86d/0xdb0 [ 3319.856706][T25965] ? netlink_unicast+0x7d0/0x7d0 [ 3319.861651][T25965] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3319.867910][T25965] ? netlink_unicast+0x7d0/0x7d0 [ 3319.872847][T25965] sock_sendmsg+0xcf/0x120 [ 3319.877279][T25965] ____sys_sendmsg+0x6e8/0x810 [ 3319.882050][T25965] ? kernel_sendmsg+0x50/0x50 [ 3319.886712][T25965] ? do_recvmmsg+0x6d0/0x6d0 [ 3319.891300][T25965] ? lock_chain_count+0x20/0x20 [ 3319.896250][T25965] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3319.902228][T25965] ___sys_sendmsg+0xf3/0x170 [ 3319.906809][T25965] ? sendmsg_copy_msghdr+0x160/0x160 [ 3319.912082][T25965] ? __fget_files+0x21b/0x3e0 [ 3319.916754][T25965] ? lock_downgrade+0x6e0/0x6e0 [ 3319.921626][T25965] ? __fget_files+0x23d/0x3e0 [ 3319.926298][T25965] ? __fget_light+0xea/0x280 [ 3319.930889][T25965] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3319.937120][T25965] __sys_sendmsg+0xe5/0x1b0 [ 3319.941645][T25965] ? __sys_sendmsg_sock+0x30/0x30 [ 3319.946690][T25965] ? syscall_enter_from_user_mode+0x21/0x70 [ 3319.952578][T25965] do_syscall_64+0x35/0xb0 [ 3319.956986][T25965] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3319.962868][T25965] RIP: 0033:0x7f812fd3ba39 [ 3319.967275][T25965] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:39:48 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000200"/36}}]}]}, 0x64}}, 0x0) [ 3319.986884][T25965] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3319.995287][T25965] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3320.003272][T25965] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3320.011253][T25965] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3320.019212][T25965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3320.027182][T25965] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:49 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000b8200040001"], 0x24}}, 0x0) 02:39:49 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000300"/36}}]}]}, 0x64}}, 0x0) 02:39:49 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000c8200040001"], 0x24}}, 0x0) 02:39:49 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000034000"/36}}]}]}, 0x64}}, 0x0) 02:39:49 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 21) 02:39:49 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000008000000000000"}}]}]}, 0x64}}, 0x0) 02:39:49 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000fffff00000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3320.324865][T25991] FAULT_INJECTION: forcing a failure. [ 3320.324865][T25991] name failslab, interval 1, probability 0, space 0, times 0 [ 3320.353775][T25991] CPU: 1 PID: 25991 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3320.362587][T25991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3320.372663][T25991] Call Trace: [ 3320.375952][T25991] dump_stack_lvl+0xcd/0x134 [ 3320.380571][T25991] should_fail.cold+0x5/0xa [ 3320.385108][T25991] ? crypto_create_tfm_node+0x7f/0x320 [ 3320.390590][T25991] should_failslab+0x5/0x10 [ 3320.395118][T25991] __kmalloc_node+0x75/0x370 [ 3320.399740][T25991] crypto_create_tfm_node+0x7f/0x320 [ 3320.405051][T25991] crypto_spawn_tfm2+0x60/0xb0 [ 3320.409832][T25991] ? cryptd_skcipher_init_tfm+0xe0/0xe0 [ 3320.415402][T25991] cryptd_hash_init_tfm+0x3c/0x120 [ 3320.420537][T25991] ? cryptd_skcipher_init_tfm+0xe0/0xe0 [ 3320.426106][T25991] crypto_create_tfm_node+0x19b/0x320 [ 3320.431500][T25991] crypto_alloc_tfm_node+0x107/0x260 [ 3320.436812][T25991] cryptd_alloc_ahash+0x101/0x200 [ 3320.441858][T25991] ? cryptd_ahash_queued+0x70/0x70 [ 3320.447011][T25991] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3320.452579][T25991] ? trace_kmalloc_node+0x32/0x100 [ 3320.457715][T25991] ? ghash_async_exit_tfm+0x40/0x40 [ 3320.462939][T25991] ghash_async_init_tfm+0x21/0x100 [ 3320.468075][T25991] ? ghash_async_exit_tfm+0x40/0x40 [ 3320.473313][T25991] crypto_create_tfm_node+0x19b/0x320 [ 3320.478702][T25991] crypto_spawn_tfm2+0x60/0xb0 [ 3320.483456][T25991] crypto_gcm_init_tfm+0x3d/0x260 [ 3320.488471][T25991] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3320.494109][T25991] crypto_aead_init_tfm+0x138/0x1a0 [ 3320.499319][T25991] crypto_create_tfm_node+0x10d/0x320 [ 3320.504709][T25991] crypto_alloc_tfm_node+0x107/0x260 [ 3320.509994][T25991] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3320.515712][T25991] tipc_crypto_key_init+0x82/0x110 [ 3320.520813][T25991] ? tipc_ehdr_validate+0x240/0x240 [ 3320.525996][T25991] ? crypto_mod_put+0x8c/0x100 [ 3320.530751][T25991] tipc_nl_node_set_key+0xa5d/0xf70 [ 3320.535951][T25991] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3320.542211][T25991] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3320.548442][T25991] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3320.555824][T25991] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3320.563107][T25991] genl_family_rcv_msg_doit+0x228/0x320 [ 3320.568652][T25991] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3320.576028][T25991] ? mutex_lock_io_nested+0x1150/0x1150 [ 3320.581566][T25991] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3320.587795][T25991] ? __radix_tree_lookup+0x211/0x2a0 [ 3320.593074][T25991] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3320.599322][T25991] ? genl_get_cmd+0x3cf/0x480 [ 3320.603989][T25991] genl_rcv_msg+0x328/0x580 [ 3320.608482][T25991] ? genl_get_cmd+0x480/0x480 [ 3320.613165][T25991] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3320.619399][T25991] ? lock_release+0x720/0x720 [ 3320.624062][T25991] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3320.629342][T25991] netlink_rcv_skb+0x153/0x420 [ 3320.634096][T25991] ? genl_get_cmd+0x480/0x480 [ 3320.638776][T25991] ? netlink_ack+0xa60/0xa60 [ 3320.643362][T25991] ? netlink_deliver_tap+0x1b1/0xc30 [ 3320.648727][T25991] genl_rcv+0x24/0x40 [ 3320.652699][T25991] netlink_unicast+0x533/0x7d0 [ 3320.657469][T25991] ? netlink_attachskb+0x890/0x890 [ 3320.662566][T25991] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3320.668816][T25991] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3320.675045][T25991] ? __phys_addr_symbol+0x2c/0x70 [ 3320.680077][T25991] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3320.685781][T25991] ? __check_object_size+0x16e/0x3f0 [ 3320.691060][T25991] netlink_sendmsg+0x86d/0xdb0 [ 3320.695864][T25991] ? netlink_unicast+0x7d0/0x7d0 [ 3320.700797][T25991] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3320.707053][T25991] ? netlink_unicast+0x7d0/0x7d0 [ 3320.711994][T25991] sock_sendmsg+0xcf/0x120 [ 3320.716400][T25991] ____sys_sendmsg+0x6e8/0x810 [ 3320.721156][T25991] ? kernel_sendmsg+0x50/0x50 [ 3320.725836][T25991] ? do_recvmmsg+0x6d0/0x6d0 [ 3320.730419][T25991] ? lock_chain_count+0x20/0x20 [ 3320.735319][T25991] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3320.741291][T25991] ? lock_chain_count+0x20/0x20 [ 3320.746170][T25991] ___sys_sendmsg+0xf3/0x170 [ 3320.750761][T25991] ? sendmsg_copy_msghdr+0x160/0x160 [ 3320.756047][T25991] ? __fget_files+0x21b/0x3e0 [ 3320.760733][T25991] ? lock_downgrade+0x6e0/0x6e0 [ 3320.765579][T25991] ? __fget_files+0x23d/0x3e0 [ 3320.770245][T25991] ? __fget_light+0xea/0x280 [ 3320.774829][T25991] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3320.781059][T25991] __sys_sendmsg+0xe5/0x1b0 [ 3320.785551][T25991] ? __sys_sendmsg_sock+0x30/0x30 [ 3320.790571][T25991] ? syscall_enter_from_user_mode+0x21/0x70 [ 3320.796461][T25991] do_syscall_64+0x35/0xb0 [ 3320.800874][T25991] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3320.806778][T25991] RIP: 0033:0x7f812fd3ba39 [ 3320.811190][T25991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3320.830784][T25991] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3320.839193][T25991] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3320.847177][T25991] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3320.855135][T25991] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3320.863099][T25991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 02:39:49 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000d8200040001"], 0x24}}, 0x0) [ 3320.871083][T25991] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:50 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180), r0) sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="4a0000e13e0e4fb54983f3", @ANYRES16=r1, @ANYBLOB="200027bd7000fbdbdf2501000000000000000c4100000014001462726f6164636173742d6c696e6b0000"], 0x30}, 0x1, 0x0, 0x0, 0x20000005}, 0x4000) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_POOL_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x14, r2, 0x711, 0x0, 0x0, {0x4a}}, 0x14}}, 0x0) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r0, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000540)={&(0x7f0000000400)={0x104, r2, 0x20, 0x70bd26, 0x25dfdbfd, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x7f}, {0x6, 0x16, 0x8000}, {0x5}, {0x6, 0x11, 0x6c}, {0x8, 0xb, 0xc13}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x2bf7a317}, {0x6, 0x16, 0xff}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x1}, {0x8, 0xb, 0x3}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0xff}, {0x6, 0x16, 0x5}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x7}, {0x8, 0xb, 0x5947}}]}, 0x104}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0xcc, r3, 0x1, 0x0, 0x4, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}, @TIPC_NLA_MEDIA={0x48, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x0, 0x1, 'udp\x00'}]}, @TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3f}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7f}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7}, @TIPC_NLA_PUBL_TYPE={0x22, 0x1, 0xffdffcb3}, @TIPC_NLA_PUBL_UPPER={0x0, 0x3, 0x81}]}, @TIPC_NLA_SOCK={0x4}]}, 0xcc}}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000600)='blkio.bfq.sectors\x00', 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)=@RTM_NEWNSID={0x3c, 0x58, 0x200, 0x70bd25, 0x25dfdbfd, {}, [@NETNSA_FD={0x8, 0x3, r4}, @NETNSA_FD={0x8}, @NETNSA_PID={0x8}, @NETNSA_NSID={0x8}, @NETNSA_NSID={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040800}, 0x20000001) sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x5c, 0x0, 0x4, 0x70bd2c, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7fffffff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}]}, @TIPC_NLA_NET={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xfffffffffffffffc}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x80000000}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 02:39:50 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000e8200040001"], 0x24}}, 0x0) 02:39:50 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000100000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:50 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000009000000000000"}}]}]}, 0x64}}, 0x0) 02:39:50 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 22) 02:39:50 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000400"/36}}]}]}, 0x64}}, 0x0) [ 3321.147513][T26012] FAULT_INJECTION: forcing a failure. [ 3321.147513][T26012] name failslab, interval 1, probability 0, space 0, times 0 [ 3321.162454][T26012] CPU: 1 PID: 26012 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3321.171252][T26012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3321.181317][T26012] Call Trace: [ 3321.184611][T26012] dump_stack_lvl+0xcd/0x134 [ 3321.189222][T26012] should_fail.cold+0x5/0xa [ 3321.193755][T26012] ? crypto_create_tfm_node+0x7f/0x320 [ 3321.199236][T26012] should_failslab+0x5/0x10 [ 3321.203754][T26012] __kmalloc_node+0x75/0x370 [ 3321.208379][T26012] crypto_create_tfm_node+0x7f/0x320 [ 3321.213695][T26012] crypto_spawn_tfm2+0x60/0xb0 [ 3321.218484][T26012] crypto_gcm_init_tfm+0x6d/0x260 [ 3321.223525][T26012] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3321.229178][T26012] crypto_aead_init_tfm+0x138/0x1a0 [ 3321.234407][T26012] crypto_create_tfm_node+0x10d/0x320 [ 3321.239802][T26012] crypto_alloc_tfm_node+0x107/0x260 [ 3321.245114][T26012] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3321.250877][T26012] tipc_crypto_key_init+0x82/0x110 [ 3321.256014][T26012] ? tipc_ehdr_validate+0x240/0x240 [ 3321.261229][T26012] ? crypto_mod_put+0x8c/0x100 [ 3321.266025][T26012] tipc_nl_node_set_key+0xa5d/0xf70 [ 3321.271272][T26012] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3321.277549][T26012] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3321.283804][T26012] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3321.291173][T26012] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3321.298489][T26012] genl_family_rcv_msg_doit+0x228/0x320 [ 3321.304060][T26012] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3321.311449][T26012] ? mutex_lock_io_nested+0x1150/0x1150 [ 3321.317024][T26012] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3321.323283][T26012] ? __radix_tree_lookup+0x211/0x2a0 [ 3321.328565][T26012] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3321.334819][T26012] ? genl_get_cmd+0x3cf/0x480 [ 3321.339490][T26012] genl_rcv_msg+0x328/0x580 [ 3321.343988][T26012] ? genl_get_cmd+0x480/0x480 [ 3321.348655][T26012] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3321.354897][T26012] ? lock_release+0x720/0x720 [ 3321.359616][T26012] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3321.364892][T26012] netlink_rcv_skb+0x153/0x420 [ 3321.369647][T26012] ? genl_get_cmd+0x480/0x480 [ 3321.374321][T26012] ? netlink_ack+0xa60/0xa60 [ 3321.378907][T26012] ? netlink_deliver_tap+0x1b1/0xc30 [ 3321.384192][T26012] genl_rcv+0x24/0x40 [ 3321.388185][T26012] netlink_unicast+0x533/0x7d0 [ 3321.392943][T26012] ? netlink_attachskb+0x890/0x890 [ 3321.398313][T26012] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3321.404575][T26012] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3321.410815][T26012] ? __phys_addr_symbol+0x2c/0x70 [ 3321.415832][T26012] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3321.421559][T26012] ? __check_object_size+0x16e/0x3f0 [ 3321.426888][T26012] netlink_sendmsg+0x86d/0xdb0 [ 3321.431662][T26012] ? netlink_unicast+0x7d0/0x7d0 [ 3321.436602][T26012] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3321.442850][T26012] ? netlink_unicast+0x7d0/0x7d0 [ 3321.447775][T26012] sock_sendmsg+0xcf/0x120 [ 3321.452184][T26012] ____sys_sendmsg+0x6e8/0x810 [ 3321.456942][T26012] ? kernel_sendmsg+0x50/0x50 [ 3321.461619][T26012] ? do_recvmmsg+0x6d0/0x6d0 [ 3321.466233][T26012] ? lock_chain_count+0x20/0x20 [ 3321.471083][T26012] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3321.477088][T26012] ___sys_sendmsg+0xf3/0x170 [ 3321.481676][T26012] ? sendmsg_copy_msghdr+0x160/0x160 [ 3321.487103][T26012] ? __fget_files+0x21b/0x3e0 [ 3321.491778][T26012] ? lock_downgrade+0x6e0/0x6e0 [ 3321.496629][T26012] ? __fget_files+0x23d/0x3e0 [ 3321.501346][T26012] ? __fget_light+0xea/0x280 [ 3321.505949][T26012] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3321.512384][T26012] __sys_sendmsg+0xe5/0x1b0 [ 3321.516877][T26012] ? __sys_sendmsg_sock+0x30/0x30 [ 3321.521897][T26012] ? syscall_enter_from_user_mode+0x21/0x70 [ 3321.527782][T26012] do_syscall_64+0x35/0xb0 [ 3321.532184][T26012] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3321.538069][T26012] RIP: 0033:0x7f812fd3ba39 [ 3321.542471][T26012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3321.562064][T26012] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3321.570469][T26012] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3321.578449][T26012] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3321.586423][T26012] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 02:39:50 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000f8200040001"], 0x24}}, 0x0) [ 3321.594382][T26012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3321.602338][T26012] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:50 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000108200040001"], 0x24}}, 0x0) 02:39:50 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000000000000000e000000000000"}}]}]}, 0x64}}, 0x0) 02:39:50 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000500"/36}}]}]}, 0x64}}, 0x0) 02:39:50 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={0x54, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "87d6e5dada2cab2612fd053a12391811067d43c8"}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x48054}, 0x0) 02:39:50 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 23) 02:39:50 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000200000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:50 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000118200040001"], 0x24}}, 0x0) 02:39:50 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000000000000000f000000000000"}}]}]}, 0x64}}, 0x0) [ 3321.931723][T26042] FAULT_INJECTION: forcing a failure. [ 3321.931723][T26042] name failslab, interval 1, probability 0, space 0, times 0 [ 3321.994768][T26042] CPU: 0 PID: 26042 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3322.003578][T26042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3322.013647][T26042] Call Trace: [ 3322.016946][T26042] dump_stack_lvl+0xcd/0x134 [ 3322.021558][T26042] should_fail.cold+0x5/0xa [ 3322.026091][T26042] ? crypto_create_tfm_node+0x7f/0x320 [ 3322.031572][T26042] should_failslab+0x5/0x10 [ 3322.036095][T26042] __kmalloc_node+0x75/0x370 [ 3322.040720][T26042] crypto_create_tfm_node+0x7f/0x320 [ 3322.046033][T26042] crypto_alloc_tfm_node+0x107/0x260 [ 3322.051350][T26042] cryptd_alloc_skcipher+0x101/0x200 [ 3322.056665][T26042] ? cryptd_hash_exit_tfm+0x40/0x40 [ 3322.061889][T26042] ? __kmalloc_node+0x62/0x370 [ 3322.066692][T26042] ? simd_skcipher_exit+0x40/0x40 [ 3322.071731][T26042] simd_skcipher_init+0x67/0x180 [ 3322.076673][T26042] ? simd_skcipher_exit+0x40/0x40 [ 3322.081696][T26042] crypto_skcipher_init_tfm+0x127/0x180 [ 3322.087250][T26042] crypto_create_tfm_node+0x10d/0x320 [ 3322.092626][T26042] crypto_spawn_tfm2+0x60/0xb0 [ 3322.097392][T26042] crypto_gcm_init_tfm+0x6d/0x260 [ 3322.102415][T26042] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3322.108048][T26042] crypto_aead_init_tfm+0x138/0x1a0 [ 3322.113248][T26042] crypto_create_tfm_node+0x10d/0x320 [ 3322.118624][T26042] crypto_alloc_tfm_node+0x107/0x260 [ 3322.123914][T26042] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3322.129664][T26042] tipc_crypto_key_init+0x82/0x110 [ 3322.134772][T26042] ? tipc_ehdr_validate+0x240/0x240 [ 3322.139970][T26042] ? crypto_mod_put+0x8c/0x100 [ 3322.144749][T26042] tipc_nl_node_set_key+0xa5d/0xf70 [ 3322.149967][T26042] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3322.156218][T26042] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3322.162456][T26042] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3322.169831][T26042] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3322.177116][T26042] genl_family_rcv_msg_doit+0x228/0x320 [ 3322.182663][T26042] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3322.190033][T26042] ? mutex_lock_io_nested+0x1150/0x1150 [ 3322.195585][T26042] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3322.201831][T26042] ? __radix_tree_lookup+0x211/0x2a0 [ 3322.207111][T26042] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3322.213351][T26042] ? genl_get_cmd+0x3cf/0x480 [ 3322.218032][T26042] genl_rcv_msg+0x328/0x580 [ 3322.222539][T26042] ? genl_get_cmd+0x480/0x480 [ 3322.227211][T26042] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3322.233456][T26042] ? lock_release+0x720/0x720 [ 3322.238138][T26042] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3322.243438][T26042] netlink_rcv_skb+0x153/0x420 [ 3322.248205][T26042] ? genl_get_cmd+0x480/0x480 [ 3322.252884][T26042] ? netlink_ack+0xa60/0xa60 [ 3322.257493][T26042] ? netlink_deliver_tap+0x1b1/0xc30 [ 3322.262794][T26042] genl_rcv+0x24/0x40 [ 3322.266779][T26042] netlink_unicast+0x533/0x7d0 [ 3322.271556][T26042] ? netlink_attachskb+0x890/0x890 [ 3322.276665][T26042] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3322.282926][T26042] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3322.289176][T26042] ? __phys_addr_symbol+0x2c/0x70 [ 3322.294198][T26042] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3322.299916][T26042] ? __check_object_size+0x16e/0x3f0 [ 3322.305221][T26042] netlink_sendmsg+0x86d/0xdb0 [ 3322.310009][T26042] ? netlink_unicast+0x7d0/0x7d0 [ 3322.314962][T26042] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3322.321263][T26042] ? netlink_unicast+0x7d0/0x7d0 [ 3322.326219][T26042] sock_sendmsg+0xcf/0x120 [ 3322.330648][T26042] ____sys_sendmsg+0x6e8/0x810 [ 3322.335419][T26042] ? kernel_sendmsg+0x50/0x50 [ 3322.340095][T26042] ? do_recvmmsg+0x6d0/0x6d0 [ 3322.344708][T26042] ? lock_chain_count+0x20/0x20 [ 3322.349559][T26042] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3322.355548][T26042] ___sys_sendmsg+0xf3/0x170 [ 3322.360148][T26042] ? sendmsg_copy_msghdr+0x160/0x160 [ 3322.365438][T26042] ? __fget_files+0x21b/0x3e0 [ 3322.370111][T26042] ? lock_downgrade+0x6e0/0x6e0 [ 3322.374970][T26042] ? __fget_files+0x23d/0x3e0 [ 3322.379651][T26042] ? __fget_light+0xea/0x280 [ 3322.384237][T26042] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3322.390486][T26042] __sys_sendmsg+0xe5/0x1b0 [ 3322.394988][T26042] ? __sys_sendmsg_sock+0x30/0x30 [ 3322.400023][T26042] ? syscall_enter_from_user_mode+0x21/0x70 [ 3322.405922][T26042] do_syscall_64+0x35/0xb0 [ 3322.410331][T26042] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3322.416221][T26042] RIP: 0033:0x7f812fd3ba39 [ 3322.420631][T26042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:39:51 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000600"/36}}]}]}, 0x64}}, 0x0) 02:39:51 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 1) [ 3322.440231][T26042] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3322.448641][T26042] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3322.456604][T26042] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3322.464569][T26042] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3322.472530][T26042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3322.480495][T26042] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:51 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000128200040001"], 0x24}}, 0x0) 02:39:51 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000700"/36}}]}]}, 0x64}}, 0x0) 02:39:51 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000300000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3322.652700][T26057] FAULT_INJECTION: forcing a failure. [ 3322.652700][T26057] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3322.692385][T26057] CPU: 1 PID: 26057 Comm: syz-executor.0 Not tainted 5.15.0-rc5-syzkaller #0 [ 3322.701192][T26057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3322.711271][T26057] Call Trace: [ 3322.714559][T26057] dump_stack_lvl+0xcd/0x134 [ 3322.719169][T26057] should_fail.cold+0x5/0xa [ 3322.723705][T26057] _copy_from_user+0x2c/0x180 [ 3322.728405][T26057] __copy_msghdr_from_user+0x91/0x4b0 [ 3322.733802][T26057] ? __ia32_sys_shutdown+0x70/0x70 [ 3322.738935][T26057] ? mark_lock+0xef/0x17b0 [ 3322.743368][T26057] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3322.749372][T26057] sendmsg_copy_msghdr+0xa1/0x160 [ 3322.754420][T26057] ? do_recvmmsg+0x6d0/0x6d0 [ 3322.759030][T26057] ? lock_chain_count+0x20/0x20 [ 3322.763896][T26057] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3322.769901][T26057] ___sys_sendmsg+0xc6/0x170 [ 3322.774509][T26057] ? sendmsg_copy_msghdr+0x160/0x160 [ 3322.779813][T26057] ? __fget_files+0x21b/0x3e0 [ 3322.784505][T26057] ? lock_downgrade+0x6e0/0x6e0 [ 3322.789388][T26057] ? __fget_files+0x23d/0x3e0 [ 3322.794092][T26057] ? __fget_light+0xea/0x280 [ 3322.798809][T26057] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3322.805086][T26057] __sys_sendmsg+0xe5/0x1b0 [ 3322.809619][T26057] ? __sys_sendmsg_sock+0x30/0x30 [ 3322.814690][T26057] ? syscall_enter_from_user_mode+0x21/0x70 [ 3322.820609][T26057] do_syscall_64+0x35/0xb0 [ 3322.825039][T26057] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3322.830951][T26057] RIP: 0033:0x7f88e854ba39 [ 3322.835373][T26057] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3322.854993][T26057] RSP: 002b:00007f88e5ac1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3322.863423][T26057] RAX: ffffffffffffffda RBX: 00007f88e864ef60 RCX: 00007f88e854ba39 [ 3322.871408][T26057] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3322.879384][T26057] RBP: 00007f88e5ac11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3322.887364][T26057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 3322.895342][T26057] R13: 00007ffe5a14097f R14: 00007f88e5ac1300 R15: 0000000000022000 02:39:51 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000900"/36}}]}]}, 0x64}}, 0x0) 02:39:51 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000f00"/36}}]}]}, 0x64}}, 0x0) 02:39:51 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8004400"/36}}]}]}, 0x64}}, 0x0) 02:39:51 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 24) 02:39:51 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000000000000003f000000000000"}}]}]}, 0x64}}, 0x0) 02:39:52 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000400000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:52 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000138200040001"], 0x24}}, 0x0) 02:39:52 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 2) [ 3323.065745][T26079] FAULT_INJECTION: forcing a failure. [ 3323.065745][T26079] name failslab, interval 1, probability 0, space 0, times 0 [ 3323.107627][T26079] CPU: 0 PID: 26079 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3323.116432][T26079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3323.126497][T26079] Call Trace: [ 3323.129787][T26079] dump_stack_lvl+0xcd/0x134 [ 3323.134400][T26079] should_fail.cold+0x5/0xa [ 3323.138921][T26079] ? crypto_create_tfm_node+0x7f/0x320 [ 3323.144376][T26079] should_failslab+0x5/0x10 [ 3323.148878][T26079] __kmalloc_node+0x75/0x370 [ 3323.153472][T26079] crypto_create_tfm_node+0x7f/0x320 [ 3323.158757][T26079] crypto_spawn_tfm2+0x60/0xb0 [ 3323.163521][T26079] ? cryptd_skcipher_setkey+0xd0/0xd0 [ 3323.168897][T26079] cryptd_skcipher_init_tfm+0x3a/0xe0 [ 3323.174281][T26079] crypto_skcipher_init_tfm+0x127/0x180 [ 3323.179867][T26079] crypto_create_tfm_node+0x10d/0x320 [ 3323.185240][T26079] crypto_alloc_tfm_node+0x107/0x260 [ 3323.190526][T26079] cryptd_alloc_skcipher+0x101/0x200 [ 3323.195811][T26079] ? cryptd_hash_exit_tfm+0x40/0x40 [ 3323.201016][T26079] ? __kmalloc_node+0x62/0x370 [ 3323.205793][T26079] ? simd_skcipher_exit+0x40/0x40 [ 3323.210816][T26079] simd_skcipher_init+0x67/0x180 [ 3323.215747][T26079] ? simd_skcipher_exit+0x40/0x40 [ 3323.220857][T26079] crypto_skcipher_init_tfm+0x127/0x180 [ 3323.226410][T26079] crypto_create_tfm_node+0x10d/0x320 [ 3323.231780][T26079] crypto_spawn_tfm2+0x60/0xb0 [ 3323.236542][T26079] crypto_gcm_init_tfm+0x6d/0x260 [ 3323.241560][T26079] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3323.247191][T26079] crypto_aead_init_tfm+0x138/0x1a0 [ 3323.252386][T26079] crypto_create_tfm_node+0x10d/0x320 [ 3323.257759][T26079] crypto_alloc_tfm_node+0x107/0x260 [ 3323.263045][T26079] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3323.268779][T26079] tipc_crypto_key_init+0x82/0x110 [ 3323.273890][T26079] ? tipc_ehdr_validate+0x240/0x240 [ 3323.279082][T26079] ? crypto_mod_put+0x8c/0x100 [ 3323.283854][T26079] tipc_nl_node_set_key+0xa5d/0xf70 [ 3323.289056][T26079] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3323.295304][T26079] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3323.301544][T26079] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3323.308911][T26079] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3323.316197][T26079] genl_family_rcv_msg_doit+0x228/0x320 [ 3323.321743][T26079] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3323.329110][T26079] ? mutex_lock_io_nested+0x1150/0x1150 [ 3323.334665][T26079] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3323.340907][T26079] ? __radix_tree_lookup+0x211/0x2a0 [ 3323.346187][T26079] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3323.352424][T26079] ? genl_get_cmd+0x3cf/0x480 [ 3323.357100][T26079] genl_rcv_msg+0x328/0x580 [ 3323.361600][T26079] ? genl_get_cmd+0x480/0x480 [ 3323.366271][T26079] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3323.372519][T26079] ? lock_release+0x720/0x720 [ 3323.377193][T26079] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3323.382481][T26079] netlink_rcv_skb+0x153/0x420 [ 3323.387241][T26079] ? genl_get_cmd+0x480/0x480 [ 3323.391914][T26079] ? netlink_ack+0xa60/0xa60 [ 3323.396511][T26079] ? netlink_deliver_tap+0x1b1/0xc30 [ 3323.401796][T26079] genl_rcv+0x24/0x40 [ 3323.405775][T26079] netlink_unicast+0x533/0x7d0 [ 3323.410540][T26079] ? netlink_attachskb+0x890/0x890 [ 3323.415644][T26079] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3323.421881][T26079] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3323.428117][T26079] ? __phys_addr_symbol+0x2c/0x70 [ 3323.433154][T26079] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3323.438868][T26079] ? __check_object_size+0x16e/0x3f0 [ 3323.444159][T26079] netlink_sendmsg+0x86d/0xdb0 [ 3323.448925][T26079] ? netlink_unicast+0x7d0/0x7d0 [ 3323.453862][T26079] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3323.460119][T26079] ? netlink_unicast+0x7d0/0x7d0 [ 3323.465059][T26079] sock_sendmsg+0xcf/0x120 [ 3323.469510][T26079] ____sys_sendmsg+0x6e8/0x810 [ 3323.474285][T26079] ? kernel_sendmsg+0x50/0x50 [ 3323.478959][T26079] ? do_recvmmsg+0x6d0/0x6d0 [ 3323.483554][T26079] ? lock_chain_count+0x20/0x20 [ 3323.488402][T26079] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3323.494399][T26079] ___sys_sendmsg+0xf3/0x170 [ 3323.498989][T26079] ? sendmsg_copy_msghdr+0x160/0x160 [ 3323.504285][T26079] ? __fget_files+0x21b/0x3e0 [ 3323.508958][T26079] ? lock_downgrade+0x6e0/0x6e0 [ 3323.513819][T26079] ? __fget_files+0x23d/0x3e0 [ 3323.518497][T26079] ? __fget_light+0xea/0x280 [ 3323.523083][T26079] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3323.529324][T26079] __sys_sendmsg+0xe5/0x1b0 [ 3323.533827][T26079] ? __sys_sendmsg_sock+0x30/0x30 [ 3323.538863][T26079] ? syscall_enter_from_user_mode+0x21/0x70 [ 3323.544759][T26079] do_syscall_64+0x35/0xb0 [ 3323.549167][T26079] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3323.555163][T26079] RIP: 0033:0x7f812fd3ba39 [ 3323.559585][T26079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3323.579185][T26079] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3323.587590][T26079] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3323.595556][T26079] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 02:39:52 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8006b00"/36}}]}]}, 0x64}}, 0x0) 02:39:52 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000700000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3323.603517][T26079] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3323.611478][T26079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3323.619439][T26079] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 [ 3323.721497][T26090] FAULT_INJECTION: forcing a failure. [ 3323.721497][T26090] name fail_usercopy, interval 1, probability 0, space 0, times 0 02:39:52 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000148200040001"], 0x24}}, 0x0) 02:39:52 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000060000000000000"}}]}]}, 0x64}}, 0x0) 02:39:52 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 25) 02:39:52 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800f000"/36}}]}]}, 0x64}}, 0x0) [ 3323.807472][T26090] CPU: 1 PID: 26090 Comm: syz-executor.0 Not tainted 5.15.0-rc5-syzkaller #0 [ 3323.816277][T26090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3323.827392][T26090] Call Trace: [ 3323.830687][T26090] dump_stack_lvl+0xcd/0x134 [ 3323.835301][T26090] should_fail.cold+0x5/0xa [ 3323.839832][T26090] _copy_from_user+0x2c/0x180 [ 3323.844537][T26090] iovec_from_user+0x242/0x3c0 [ 3323.849332][T26090] __import_iovec+0x65/0x580 [ 3323.853955][T26090] import_iovec+0x10c/0x150 [ 3323.858488][T26090] sendmsg_copy_msghdr+0x12d/0x160 [ 3323.863628][T26090] ? do_recvmmsg+0x6d0/0x6d0 [ 3323.868244][T26090] ? lock_chain_count+0x20/0x20 [ 3323.873116][T26090] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3323.879130][T26090] ___sys_sendmsg+0xc6/0x170 [ 3323.883746][T26090] ? sendmsg_copy_msghdr+0x160/0x160 [ 3323.889062][T26090] ? __fget_files+0x21b/0x3e0 [ 3323.893760][T26090] ? lock_downgrade+0x6e0/0x6e0 [ 3323.898644][T26090] ? __fget_files+0x23d/0x3e0 [ 3323.903343][T26090] ? __fget_light+0xea/0x280 02:39:52 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000158200040001"], 0x24}}, 0x0) [ 3323.907952][T26090] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3323.914218][T26090] __sys_sendmsg+0xe5/0x1b0 [ 3323.918735][T26090] ? __sys_sendmsg_sock+0x30/0x30 [ 3323.923794][T26090] ? syscall_enter_from_user_mode+0x21/0x70 [ 3323.929712][T26090] do_syscall_64+0x35/0xb0 [ 3323.934142][T26090] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3323.940052][T26090] RIP: 0033:0x7f88e854ba39 02:39:53 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000168200040001"], 0x24}}, 0x0) [ 3323.944482][T26090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3323.964103][T26090] RSP: 002b:00007f88e5ac1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3323.972531][T26090] RAX: ffffffffffffffda RBX: 00007f88e864ef60 RCX: 00007f88e854ba39 [ 3323.980515][T26090] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3323.988494][T26090] RBP: 00007f88e5ac11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3323.996474][T26090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 02:39:53 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000178200040001"], 0x24}}, 0x0) [ 3324.004453][T26090] R13: 00007ffe5a14097f R14: 00007f88e5ac1300 R15: 0000000000022000 02:39:53 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000800000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:53 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000000ffffff9e000000000000"}}]}]}, 0x64}}, 0x0) [ 3324.111587][T26109] FAULT_INJECTION: forcing a failure. [ 3324.111587][T26109] name failslab, interval 1, probability 0, space 0, times 0 [ 3324.164045][T26109] CPU: 1 PID: 26109 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3324.172852][T26109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3324.182920][T26109] Call Trace: [ 3324.186301][T26109] dump_stack_lvl+0xcd/0x134 [ 3324.190899][T26109] should_fail.cold+0x5/0xa [ 3324.195420][T26109] ? crypto_gcm_setkey+0x13e/0x590 [ 3324.200538][T26109] should_failslab+0x5/0x10 [ 3324.205031][T26109] __kmalloc+0x72/0x320 [ 3324.209184][T26109] crypto_gcm_setkey+0x13e/0x590 [ 3324.214437][T26109] crypto_aead_setkey+0xbf/0x290 [ 3324.219966][T26109] tipc_aead_init.constprop.0+0x17b/0x8f0 [ 3324.225707][T26109] tipc_crypto_key_init+0x82/0x110 [ 3324.230824][T26109] ? tipc_ehdr_validate+0x240/0x240 [ 3324.236040][T26109] ? crypto_mod_put+0x8c/0x100 [ 3324.240825][T26109] tipc_nl_node_set_key+0xa5d/0xf70 [ 3324.246046][T26109] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3324.252310][T26109] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3324.258564][T26109] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3324.265958][T26109] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3324.273251][T26109] genl_family_rcv_msg_doit+0x228/0x320 [ 3324.278793][T26109] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3324.286168][T26109] ? mutex_lock_io_nested+0x1150/0x1150 [ 3324.291737][T26109] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3324.297985][T26109] ? __radix_tree_lookup+0x211/0x2a0 [ 3324.303276][T26109] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3324.309536][T26109] ? genl_get_cmd+0x3cf/0x480 [ 3324.314218][T26109] genl_rcv_msg+0x328/0x580 [ 3324.318752][T26109] ? genl_get_cmd+0x480/0x480 [ 3324.323541][T26109] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3324.329804][T26109] ? lock_release+0x720/0x720 [ 3324.334496][T26109] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3324.339806][T26109] netlink_rcv_skb+0x153/0x420 [ 3324.344572][T26109] ? genl_get_cmd+0x480/0x480 [ 3324.349269][T26109] ? netlink_ack+0xa60/0xa60 [ 3324.353884][T26109] ? netlink_deliver_tap+0x1b1/0xc30 [ 3324.359180][T26109] genl_rcv+0x24/0x40 [ 3324.363237][T26109] netlink_unicast+0x533/0x7d0 [ 3324.368105][T26109] ? netlink_attachskb+0x890/0x890 [ 3324.373202][T26109] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3324.379435][T26109] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3324.385663][T26109] ? __phys_addr_symbol+0x2c/0x70 [ 3324.390680][T26109] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3324.396396][T26109] ? __check_object_size+0x16e/0x3f0 [ 3324.401675][T26109] netlink_sendmsg+0x86d/0xdb0 [ 3324.406434][T26109] ? netlink_unicast+0x7d0/0x7d0 [ 3324.411377][T26109] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3324.417629][T26109] ? netlink_unicast+0x7d0/0x7d0 [ 3324.422561][T26109] sock_sendmsg+0xcf/0x120 [ 3324.427004][T26109] ____sys_sendmsg+0x6e8/0x810 [ 3324.431792][T26109] ? kernel_sendmsg+0x50/0x50 [ 3324.436469][T26109] ? do_recvmmsg+0x6d0/0x6d0 [ 3324.441049][T26109] ? lock_chain_count+0x20/0x20 [ 3324.445889][T26109] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3324.451869][T26109] ___sys_sendmsg+0xf3/0x170 [ 3324.456455][T26109] ? sendmsg_copy_msghdr+0x160/0x160 [ 3324.461741][T26109] ? __fget_files+0x21b/0x3e0 [ 3324.466427][T26109] ? lock_downgrade+0x6e0/0x6e0 [ 3324.471279][T26109] ? __fget_files+0x23d/0x3e0 [ 3324.475965][T26109] ? __fget_light+0xea/0x280 [ 3324.480550][T26109] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3324.486806][T26109] __sys_sendmsg+0xe5/0x1b0 [ 3324.491303][T26109] ? __sys_sendmsg_sock+0x30/0x30 [ 3324.496350][T26109] ? syscall_enter_from_user_mode+0x21/0x70 [ 3324.502290][T26109] do_syscall_64+0x35/0xb0 [ 3324.506707][T26109] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3324.512602][T26109] RIP: 0033:0x7f812fd3ba39 [ 3324.517023][T26109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3324.536648][T26109] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3324.545075][T26109] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3324.553040][T26109] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3324.561172][T26109] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3324.569136][T26109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3324.577114][T26109] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 [ 3324.589276][ T9079] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) 02:39:53 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:39:53 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000188200040001"], 0x24}}, 0x0) 02:39:53 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 26) 02:39:53 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000e00000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:53 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000000000041c1000000000000"}}]}]}, 0x64}}, 0x0) 02:39:53 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800200100"/36}}]}]}, 0x64}}, 0x0) 02:39:53 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000198200040001"], 0x24}}, 0x0) [ 3324.845168][T26127] FAULT_INJECTION: forcing a failure. [ 3324.845168][T26127] name failslab, interval 1, probability 0, space 0, times 0 [ 3324.878589][T26127] CPU: 1 PID: 26127 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3324.887398][T26127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3324.897467][T26127] Call Trace: [ 3324.900763][T26127] dump_stack_lvl+0xcd/0x134 [ 3324.905379][T26127] should_fail.cold+0x5/0xa [ 3324.909920][T26127] ? tipc_aead_init.constprop.0+0x1bb/0x8f0 [ 3324.915837][T26127] should_failslab+0x5/0x10 [ 3324.920360][T26127] kmem_cache_alloc_trace+0x55/0x2b0 [ 3324.925670][T26127] ? crypto_aead_setkey+0x10f/0x290 [ 3324.930897][T26127] tipc_aead_init.constprop.0+0x1bb/0x8f0 [ 3324.936657][T26127] tipc_crypto_key_init+0x82/0x110 [ 3324.941796][T26127] ? tipc_ehdr_validate+0x240/0x240 [ 3324.947020][T26127] ? crypto_mod_put+0x8c/0x100 [ 3324.951815][T26127] tipc_nl_node_set_key+0xa5d/0xf70 [ 3324.957046][T26127] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3324.963406][T26127] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3324.969661][T26127] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3324.977180][T26127] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3324.984505][T26127] genl_family_rcv_msg_doit+0x228/0x320 [ 3324.990083][T26127] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3324.997827][T26127] ? mutex_lock_io_nested+0x1150/0x1150 [ 3325.003401][T26127] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3325.009665][T26127] ? __radix_tree_lookup+0x211/0x2a0 [ 3325.014965][T26127] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3325.021194][T26127] ? genl_get_cmd+0x3cf/0x480 [ 3325.025952][T26127] genl_rcv_msg+0x328/0x580 [ 3325.030449][T26127] ? genl_get_cmd+0x480/0x480 [ 3325.035117][T26127] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3325.041357][T26127] ? lock_release+0x720/0x720 [ 3325.046024][T26127] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3325.051315][T26127] netlink_rcv_skb+0x153/0x420 [ 3325.056089][T26127] ? genl_get_cmd+0x480/0x480 [ 3325.060756][T26127] ? netlink_ack+0xa60/0xa60 [ 3325.065339][T26127] ? netlink_deliver_tap+0x1b1/0xc30 [ 3325.070618][T26127] genl_rcv+0x24/0x40 [ 3325.074598][T26127] netlink_unicast+0x533/0x7d0 [ 3325.079380][T26127] ? netlink_attachskb+0x890/0x890 [ 3325.084478][T26127] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3325.090712][T26127] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3325.096955][T26127] ? __phys_addr_symbol+0x2c/0x70 [ 3325.101994][T26127] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3325.107704][T26127] ? __check_object_size+0x16e/0x3f0 [ 3325.112991][T26127] netlink_sendmsg+0x86d/0xdb0 [ 3325.117753][T26127] ? netlink_unicast+0x7d0/0x7d0 [ 3325.122701][T26127] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3325.128957][T26127] ? netlink_unicast+0x7d0/0x7d0 [ 3325.133899][T26127] sock_sendmsg+0xcf/0x120 [ 3325.138332][T26127] ____sys_sendmsg+0x6e8/0x810 [ 3325.143116][T26127] ? kernel_sendmsg+0x50/0x50 [ 3325.147785][T26127] ? do_recvmmsg+0x6d0/0x6d0 [ 3325.152399][T26127] ? lock_chain_count+0x20/0x20 [ 3325.157242][T26127] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3325.163273][T26127] ___sys_sendmsg+0xf3/0x170 [ 3325.167882][T26127] ? sendmsg_copy_msghdr+0x160/0x160 [ 3325.173172][T26127] ? __fget_files+0x21b/0x3e0 [ 3325.177839][T26127] ? lock_downgrade+0x6e0/0x6e0 [ 3325.182705][T26127] ? __fget_files+0x23d/0x3e0 [ 3325.187380][T26127] ? __fget_light+0xea/0x280 [ 3325.192015][T26127] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3325.198249][T26127] __sys_sendmsg+0xe5/0x1b0 [ 3325.202744][T26127] ? __sys_sendmsg_sock+0x30/0x30 [ 3325.207770][T26127] ? syscall_enter_from_user_mode+0x21/0x70 [ 3325.213683][T26127] do_syscall_64+0x35/0xb0 [ 3325.218089][T26127] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3325.224008][T26127] RIP: 0033:0x7f812fd3ba39 [ 3325.228412][T26127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3325.248004][T26127] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3325.256405][T26127] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3325.264363][T26127] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3325.272324][T26127] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3325.280299][T26127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3325.288268][T26127] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:54 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000000fffffff0000000000000"}}]}]}, 0x64}}, 0x0) 02:39:54 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 27) 02:39:54 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:39:54 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000f00000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:54 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8009c0100"/36}}]}]}, 0x64}}, 0x0) 02:39:54 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001a8200040001"], 0x24}}, 0x0) 02:39:54 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000000007fffffff000000000000"}}]}]}, 0x64}}, 0x0) [ 3325.564903][T26151] FAULT_INJECTION: forcing a failure. [ 3325.564903][T26151] name failslab, interval 1, probability 0, space 0, times 0 [ 3325.626419][T26151] CPU: 0 PID: 26151 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3325.635221][T26151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3325.645293][T26151] Call Trace: [ 3325.648586][T26151] dump_stack_lvl+0xcd/0x134 [ 3325.653200][T26151] should_fail.cold+0x5/0xa [ 3325.657735][T26151] ? crypto_create_tfm_node+0x7f/0x320 [ 3325.663216][T26151] should_failslab+0x5/0x10 [ 3325.667739][T26151] __kmalloc_node+0x75/0x370 [ 3325.672359][T26151] crypto_create_tfm_node+0x7f/0x320 [ 3325.677671][T26151] crypto_alloc_tfm_node+0x107/0x260 [ 3325.682989][T26151] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3325.688752][T26151] tipc_crypto_key_init+0x82/0x110 [ 3325.693889][T26151] ? tipc_ehdr_validate+0x240/0x240 [ 3325.699106][T26151] ? crypto_mod_put+0x8c/0x100 [ 3325.703900][T26151] tipc_nl_node_set_key+0xa5d/0xf70 [ 3325.709215][T26151] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3325.715579][T26151] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3325.721840][T26151] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3325.729231][T26151] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3325.736548][T26151] genl_family_rcv_msg_doit+0x228/0x320 [ 3325.742104][T26151] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3325.749474][T26151] ? mutex_lock_io_nested+0x1150/0x1150 [ 3325.755032][T26151] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3325.761273][T26151] ? __radix_tree_lookup+0x211/0x2a0 [ 3325.766558][T26151] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3325.772798][T26151] ? genl_get_cmd+0x3cf/0x480 [ 3325.777480][T26151] genl_rcv_msg+0x328/0x580 [ 3325.781987][T26151] ? genl_get_cmd+0x480/0x480 [ 3325.786662][T26151] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3325.792909][T26151] ? lock_release+0x720/0x720 [ 3325.797587][T26151] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3325.802885][T26151] netlink_rcv_skb+0x153/0x420 [ 3325.807657][T26151] ? genl_get_cmd+0x480/0x480 [ 3325.812342][T26151] ? netlink_ack+0xa60/0xa60 [ 3325.816943][T26151] ? netlink_deliver_tap+0x1b1/0xc30 [ 3325.822240][T26151] genl_rcv+0x24/0x40 [ 3325.826238][T26151] netlink_unicast+0x533/0x7d0 [ 3325.831032][T26151] ? netlink_attachskb+0x890/0x890 [ 3325.836159][T26151] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3325.842407][T26151] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3325.848653][T26151] ? __phys_addr_symbol+0x2c/0x70 [ 3325.853677][T26151] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3325.859397][T26151] ? __check_object_size+0x16e/0x3f0 [ 3325.864690][T26151] netlink_sendmsg+0x86d/0xdb0 [ 3325.869464][T26151] ? netlink_unicast+0x7d0/0x7d0 [ 3325.874405][T26151] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3325.880652][T26151] ? netlink_unicast+0x7d0/0x7d0 [ 3325.885587][T26151] sock_sendmsg+0xcf/0x120 [ 3325.890006][T26151] ____sys_sendmsg+0x6e8/0x810 [ 3325.894771][T26151] ? kernel_sendmsg+0x50/0x50 [ 3325.899444][T26151] ? do_recvmmsg+0x6d0/0x6d0 [ 3325.904042][T26151] ? lock_chain_count+0x20/0x20 [ 3325.908893][T26151] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3325.914880][T26151] ___sys_sendmsg+0xf3/0x170 [ 3325.919476][T26151] ? sendmsg_copy_msghdr+0x160/0x160 [ 3325.924770][T26151] ? __fget_files+0x21b/0x3e0 [ 3325.929444][T26151] ? lock_downgrade+0x6e0/0x6e0 [ 3325.934309][T26151] ? __fget_files+0x23d/0x3e0 [ 3325.938990][T26151] ? __fget_light+0xea/0x280 [ 3325.943575][T26151] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3325.949824][T26151] __sys_sendmsg+0xe5/0x1b0 [ 3325.954329][T26151] ? __sys_sendmsg_sock+0x30/0x30 [ 3325.959367][T26151] ? syscall_enter_from_user_mode+0x21/0x70 [ 3325.965283][T26151] do_syscall_64+0x35/0xb0 [ 3325.969696][T26151] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3325.975589][T26151] RIP: 0033:0x7f812fd3ba39 [ 3325.979999][T26151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3325.999610][T26151] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3326.008031][T26151] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3326.016003][T26151] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 02:39:55 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000003f00000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:55 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x2, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3326.023970][T26151] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3326.031939][T26151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3326.039911][T26151] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:55 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 28) 02:39:55 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800150200"/36}}]}]}, 0x64}}, 0x0) 02:39:55 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000000ffffffff000000000000"}}]}]}, 0x64}}, 0x0) 02:39:55 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001b8200040001"], 0x24}}, 0x0) [ 3326.271643][T26170] FAULT_INJECTION: forcing a failure. [ 3326.271643][T26170] name failslab, interval 1, probability 0, space 0, times 0 [ 3326.297803][T26170] CPU: 1 PID: 26170 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3326.306608][T26170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3326.316681][T26170] Call Trace: [ 3326.319981][T26170] dump_stack_lvl+0xcd/0x134 [ 3326.324595][T26170] should_fail.cold+0x5/0xa [ 3326.329130][T26170] ? crypto_create_tfm_node+0x7f/0x320 [ 3326.334617][T26170] should_failslab+0x5/0x10 [ 3326.339149][T26170] __kmalloc_node+0x75/0x370 [ 3326.343770][T26170] crypto_create_tfm_node+0x7f/0x320 [ 3326.349085][T26170] crypto_spawn_tfm2+0x60/0xb0 [ 3326.353877][T26170] crypto_gcm_init_tfm+0x3d/0x260 [ 3326.358925][T26170] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3326.364574][T26170] crypto_aead_init_tfm+0x138/0x1a0 [ 3326.369797][T26170] crypto_create_tfm_node+0x10d/0x320 [ 3326.375193][T26170] crypto_alloc_tfm_node+0x107/0x260 [ 3326.380503][T26170] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3326.386242][T26170] tipc_crypto_key_init+0x82/0x110 [ 3326.391357][T26170] ? tipc_ehdr_validate+0x240/0x240 [ 3326.396559][T26170] ? crypto_mod_put+0x8c/0x100 [ 3326.401331][T26170] tipc_nl_node_set_key+0xa5d/0xf70 [ 3326.406537][T26170] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3326.412786][T26170] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3326.419030][T26170] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3326.426402][T26170] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3326.433690][T26170] genl_family_rcv_msg_doit+0x228/0x320 [ 3326.439236][T26170] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3326.446607][T26170] ? mutex_lock_io_nested+0x1150/0x1150 [ 3326.452163][T26170] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3326.458403][T26170] ? __radix_tree_lookup+0x211/0x2a0 [ 3326.463703][T26170] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3326.469946][T26170] ? genl_get_cmd+0x3cf/0x480 [ 3326.474626][T26170] genl_rcv_msg+0x328/0x580 [ 3326.479131][T26170] ? genl_get_cmd+0x480/0x480 [ 3326.483822][T26170] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3326.490075][T26170] ? lock_release+0x720/0x720 [ 3326.494749][T26170] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3326.500053][T26170] netlink_rcv_skb+0x153/0x420 [ 3326.504816][T26170] ? genl_get_cmd+0x480/0x480 [ 3326.509494][T26170] ? netlink_ack+0xa60/0xa60 [ 3326.514090][T26170] ? netlink_deliver_tap+0x1b1/0xc30 [ 3326.519378][T26170] genl_rcv+0x24/0x40 [ 3326.523358][T26170] netlink_unicast+0x533/0x7d0 [ 3326.528123][T26170] ? netlink_attachskb+0x890/0x890 [ 3326.533238][T26170] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3326.539479][T26170] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3326.545715][T26170] ? __phys_addr_symbol+0x2c/0x70 [ 3326.550744][T26170] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3326.556458][T26170] ? __check_object_size+0x16e/0x3f0 [ 3326.561748][T26170] netlink_sendmsg+0x86d/0xdb0 [ 3326.566514][T26170] ? netlink_unicast+0x7d0/0x7d0 [ 3326.571456][T26170] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3326.577700][T26170] ? netlink_unicast+0x7d0/0x7d0 [ 3326.582652][T26170] sock_sendmsg+0xcf/0x120 [ 3326.587070][T26170] ____sys_sendmsg+0x6e8/0x810 [ 3326.591835][T26170] ? kernel_sendmsg+0x50/0x50 [ 3326.596513][T26170] ? do_recvmmsg+0x6d0/0x6d0 [ 3326.601107][T26170] ? lock_chain_count+0x20/0x20 [ 3326.605965][T26170] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3326.612038][T26170] ___sys_sendmsg+0xf3/0x170 [ 3326.616628][T26170] ? sendmsg_copy_msghdr+0x160/0x160 [ 3326.622004][T26170] ? __fget_files+0x21b/0x3e0 [ 3326.626679][T26170] ? lock_downgrade+0x6e0/0x6e0 [ 3326.631542][T26170] ? __fget_files+0x23d/0x3e0 [ 3326.636228][T26170] ? __fget_light+0xea/0x280 [ 3326.640819][T26170] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3326.647070][T26170] __sys_sendmsg+0xe5/0x1b0 [ 3326.651574][T26170] ? __sys_sendmsg_sock+0x30/0x30 [ 3326.656612][T26170] ? syscall_enter_from_user_mode+0x21/0x70 [ 3326.662511][T26170] do_syscall_64+0x35/0xb0 [ 3326.666926][T26170] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3326.672918][T26170] RIP: 0033:0x7f812fd3ba39 [ 3326.677343][T26170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3326.696948][T26170] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3326.705370][T26170] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3326.713338][T26170] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 02:39:55 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001c8200040001"], 0x24}}, 0x0) 02:39:55 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000474500000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:55 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x3, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3326.721300][T26170] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3326.729263][T26170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3326.737225][T26170] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:55 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001d8200040001"], 0x24}}, 0x0) 02:39:55 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000f0ffffffffffff000000000000"}}]}]}, 0x64}}, 0x0) 02:39:55 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000300"/36}}]}]}, 0x64}}, 0x0) 02:39:55 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 29) 02:39:56 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000006000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:56 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x4, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:39:56 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001e8200040001"], 0x24}}, 0x0) [ 3327.060370][T26195] FAULT_INJECTION: forcing a failure. [ 3327.060370][T26195] name failslab, interval 1, probability 0, space 0, times 0 [ 3327.106032][ T1359] ieee802154 phy1 wpan1: encryption failed: -22 [ 3327.118710][T26195] CPU: 1 PID: 26195 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3327.127507][T26195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3327.137573][T26195] Call Trace: [ 3327.140860][T26195] dump_stack_lvl+0xcd/0x134 [ 3327.145474][T26195] should_fail.cold+0x5/0xa [ 3327.150013][T26195] ? crypto_create_tfm_node+0x7f/0x320 [ 3327.155491][T26195] should_failslab+0x5/0x10 [ 3327.160012][T26195] __kmalloc_node+0x75/0x370 [ 3327.164637][T26195] crypto_create_tfm_node+0x7f/0x320 [ 3327.169954][T26195] crypto_alloc_tfm_node+0x107/0x260 [ 3327.175269][T26195] cryptd_alloc_ahash+0x101/0x200 [ 3327.180320][T26195] ? cryptd_ahash_queued+0x70/0x70 [ 3327.185486][T26195] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3327.191052][T26195] ? trace_kmalloc_node+0x32/0x100 [ 3327.196186][T26195] ? ghash_async_exit_tfm+0x40/0x40 [ 3327.201410][T26195] ghash_async_init_tfm+0x21/0x100 [ 3327.206544][T26195] ? ghash_async_exit_tfm+0x40/0x40 [ 3327.211767][T26195] crypto_create_tfm_node+0x19b/0x320 [ 3327.217169][T26195] crypto_spawn_tfm2+0x60/0xb0 [ 3327.221962][T26195] crypto_gcm_init_tfm+0x3d/0x260 [ 3327.227009][T26195] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3327.232670][T26195] crypto_aead_init_tfm+0x138/0x1a0 [ 3327.237898][T26195] crypto_create_tfm_node+0x10d/0x320 [ 3327.243302][T26195] crypto_alloc_tfm_node+0x107/0x260 [ 3327.248616][T26195] tipc_aead_init.constprop.0+0x11c/0x8f0 02:39:56 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001f8200040001"], 0x24}}, 0x0) [ 3327.254384][T26195] tipc_crypto_key_init+0x82/0x110 [ 3327.259522][T26195] ? tipc_ehdr_validate+0x240/0x240 [ 3327.264742][T26195] ? crypto_mod_put+0x8c/0x100 [ 3327.269543][T26195] tipc_nl_node_set_key+0xa5d/0xf70 [ 3327.274772][T26195] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3327.281048][T26195] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3327.287313][T26195] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3327.294708][T26195] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 02:39:56 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800560300"/36}}]}]}, 0x64}}, 0x0) [ 3327.302018][T26195] genl_family_rcv_msg_doit+0x228/0x320 [ 3327.307588][T26195] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3327.314980][T26195] ? mutex_lock_io_nested+0x1150/0x1150 [ 3327.320555][T26195] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3327.326819][T26195] ? __radix_tree_lookup+0x211/0x2a0 [ 3327.332124][T26195] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3327.338385][T26195] ? genl_get_cmd+0x3cf/0x480 [ 3327.343088][T26195] genl_rcv_msg+0x328/0x580 [ 3327.347614][T26195] ? genl_get_cmd+0x480/0x480 02:39:56 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000208200040001"], 0x24}}, 0x0) [ 3327.352325][T26195] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3327.358596][T26195] ? lock_release+0x720/0x720 [ 3327.363298][T26195] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3327.368607][T26195] netlink_rcv_skb+0x153/0x420 [ 3327.373387][T26195] ? genl_get_cmd+0x480/0x480 [ 3327.378084][T26195] ? netlink_ack+0xa60/0xa60 [ 3327.382701][T26195] ? netlink_deliver_tap+0x1b1/0xc30 [ 3327.388017][T26195] genl_rcv+0x24/0x40 [ 3327.392014][T26195] netlink_unicast+0x533/0x7d0 [ 3327.396804][T26195] ? netlink_attachskb+0x890/0x890 02:39:56 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000218200040001"], 0x24}}, 0x0) [ 3327.401930][T26195] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3327.408193][T26195] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3327.414450][T26195] ? __phys_addr_symbol+0x2c/0x70 [ 3327.419495][T26195] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3327.425234][T26195] ? __check_object_size+0x16e/0x3f0 [ 3327.430552][T26195] netlink_sendmsg+0x86d/0xdb0 [ 3327.435341][T26195] ? netlink_unicast+0x7d0/0x7d0 [ 3327.440308][T26195] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3327.446572][T26195] ? netlink_unicast+0x7d0/0x7d0 [ 3327.451537][T26195] sock_sendmsg+0xcf/0x120 [ 3327.455982][T26195] ____sys_sendmsg+0x6e8/0x810 [ 3327.460777][T26195] ? kernel_sendmsg+0x50/0x50 [ 3327.465476][T26195] ? do_recvmmsg+0x6d0/0x6d0 [ 3327.470094][T26195] ? lock_chain_count+0x20/0x20 [ 3327.474966][T26195] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3327.480981][T26195] ___sys_sendmsg+0xf3/0x170 [ 3327.485596][T26195] ? sendmsg_copy_msghdr+0x160/0x160 [ 3327.490908][T26195] ? __fget_files+0x21b/0x3e0 [ 3327.495602][T26195] ? lock_downgrade+0x6e0/0x6e0 [ 3327.500485][T26195] ? __fget_files+0x23d/0x3e0 02:39:56 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000228200040001"], 0x24}}, 0x0) [ 3327.505186][T26195] ? __fget_light+0xea/0x280 [ 3327.509794][T26195] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3327.516062][T26195] __sys_sendmsg+0xe5/0x1b0 [ 3327.520585][T26195] ? __sys_sendmsg_sock+0x30/0x30 [ 3327.525648][T26195] ? syscall_enter_from_user_mode+0x21/0x70 [ 3327.531576][T26195] do_syscall_64+0x35/0xb0 [ 3327.536008][T26195] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3327.541925][T26195] RIP: 0033:0x7f812fd3ba39 02:39:56 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000238200040001"], 0x24}}, 0x0) [ 3327.546352][T26195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3327.565973][T26195] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3327.574400][T26195] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3327.582384][T26195] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3327.590366][T26195] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3327.598348][T26195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3327.606331][T26195] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:56 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000200"/36}}]}]}, 0x64}}, 0x0) 02:39:56 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000ffffff9e00000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:56 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 30) 02:39:56 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x7, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:39:56 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800810300"/36}}]}]}, 0x64}}, 0x0) 02:39:56 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000248200040001"], 0x24}}, 0x0) 02:39:56 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000300"/36}}]}]}, 0x64}}, 0x0) 02:39:56 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000258200040001"], 0x24}}, 0x0) 02:39:57 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800ce0300"/36}}]}]}, 0x64}}, 0x0) 02:39:57 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000000ec000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3327.968717][T26238] FAULT_INJECTION: forcing a failure. [ 3327.968717][T26238] name failslab, interval 1, probability 0, space 0, times 0 02:39:57 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x8, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:39:57 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000268200040001"], 0x24}}, 0x0) [ 3328.050966][T26238] CPU: 1 PID: 26238 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3328.059778][T26238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3328.069853][T26238] Call Trace: [ 3328.073143][T26238] dump_stack_lvl+0xcd/0x134 [ 3328.077757][T26238] should_fail.cold+0x5/0xa [ 3328.082296][T26238] ? crypto_create_tfm_node+0x7f/0x320 [ 3328.087799][T26238] should_failslab+0x5/0x10 [ 3328.092321][T26238] __kmalloc_node+0x75/0x370 [ 3328.096947][T26238] crypto_create_tfm_node+0x7f/0x320 [ 3328.102348][T26238] crypto_spawn_tfm2+0x60/0xb0 [ 3328.107133][T26238] ? cryptd_skcipher_init_tfm+0xe0/0xe0 [ 3328.112710][T26238] cryptd_hash_init_tfm+0x3c/0x120 [ 3328.117851][T26238] ? cryptd_skcipher_init_tfm+0xe0/0xe0 [ 3328.123424][T26238] crypto_create_tfm_node+0x19b/0x320 [ 3328.128827][T26238] crypto_alloc_tfm_node+0x107/0x260 [ 3328.134148][T26238] cryptd_alloc_ahash+0x101/0x200 [ 3328.139285][T26238] ? cryptd_ahash_queued+0x70/0x70 [ 3328.144438][T26238] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3328.150009][T26238] ? trace_kmalloc_node+0x32/0x100 [ 3328.155141][T26238] ? ghash_async_exit_tfm+0x40/0x40 [ 3328.160369][T26238] ghash_async_init_tfm+0x21/0x100 [ 3328.165500][T26238] ? ghash_async_exit_tfm+0x40/0x40 [ 3328.170721][T26238] crypto_create_tfm_node+0x19b/0x320 [ 3328.176117][T26238] crypto_spawn_tfm2+0x60/0xb0 [ 3328.180916][T26238] crypto_gcm_init_tfm+0x3d/0x260 [ 3328.185964][T26238] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3328.191616][T26238] crypto_aead_init_tfm+0x138/0x1a0 [ 3328.196844][T26238] crypto_create_tfm_node+0x10d/0x320 [ 3328.202246][T26238] crypto_alloc_tfm_node+0x107/0x260 [ 3328.207556][T26238] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3328.213316][T26238] tipc_crypto_key_init+0x82/0x110 [ 3328.218450][T26238] ? tipc_ehdr_validate+0x240/0x240 [ 3328.223668][T26238] ? crypto_mod_put+0x8c/0x100 [ 3328.228461][T26238] tipc_nl_node_set_key+0xa5d/0xf70 [ 3328.233687][T26238] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3328.239963][T26238] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3328.246230][T26238] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3328.253623][T26238] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3328.260941][T26238] genl_family_rcv_msg_doit+0x228/0x320 [ 3328.266508][T26238] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3328.273894][T26238] ? mutex_lock_io_nested+0x1150/0x1150 [ 3328.279469][T26238] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3328.285734][T26238] ? __radix_tree_lookup+0x211/0x2a0 [ 3328.291036][T26238] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3328.297298][T26238] ? genl_get_cmd+0x3cf/0x480 02:39:57 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000278200040001"], 0x24}}, 0x0) [ 3328.302000][T26238] genl_rcv_msg+0x328/0x580 [ 3328.306525][T26238] ? genl_get_cmd+0x480/0x480 [ 3328.311218][T26238] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3328.317493][T26238] ? lock_release+0x720/0x720 [ 3328.322184][T26238] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3328.327503][T26238] netlink_rcv_skb+0x153/0x420 [ 3328.332292][T26238] ? genl_get_cmd+0x480/0x480 [ 3328.336991][T26238] ? netlink_ack+0xa60/0xa60 [ 3328.341606][T26238] ? netlink_deliver_tap+0x1b1/0xc30 [ 3328.346919][T26238] genl_rcv+0x24/0x40 [ 3328.350920][T26238] netlink_unicast+0x533/0x7d0 [ 3328.355710][T26238] ? netlink_attachskb+0x890/0x890 [ 3328.360839][T26238] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3328.367104][T26238] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3328.373367][T26238] ? __phys_addr_symbol+0x2c/0x70 [ 3328.378414][T26238] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3328.384154][T26238] ? __check_object_size+0x16e/0x3f0 [ 3328.389468][T26238] netlink_sendmsg+0x86d/0xdb0 [ 3328.394264][T26238] ? netlink_unicast+0x7d0/0x7d0 02:39:57 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000288200040001"], 0x24}}, 0x0) [ 3328.399236][T26238] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3328.405500][T26238] ? netlink_unicast+0x7d0/0x7d0 [ 3328.410456][T26238] sock_sendmsg+0xcf/0x120 [ 3328.414895][T26238] ____sys_sendmsg+0x6e8/0x810 [ 3328.419701][T26238] ? kernel_sendmsg+0x50/0x50 [ 3328.424399][T26238] ? do_recvmmsg+0x6d0/0x6d0 [ 3328.429016][T26238] ? lock_chain_count+0x20/0x20 [ 3328.433884][T26238] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3328.439897][T26238] ___sys_sendmsg+0xf3/0x170 [ 3328.444514][T26238] ? sendmsg_copy_msghdr+0x160/0x160 [ 3328.449827][T26238] ? __fget_files+0x21b/0x3e0 [ 3328.454524][T26238] ? lock_downgrade+0x6e0/0x6e0 [ 3328.459408][T26238] ? __fget_files+0x23d/0x3e0 [ 3328.464112][T26238] ? __fget_light+0xea/0x280 [ 3328.468755][T26238] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3328.475024][T26238] __sys_sendmsg+0xe5/0x1b0 [ 3328.479552][T26238] ? __sys_sendmsg_sock+0x30/0x30 [ 3328.484603][T26238] ? syscall_enter_from_user_mode+0x21/0x70 [ 3328.490540][T26238] do_syscall_64+0x35/0xb0 [ 3328.494946][T26238] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3328.500839][T26238] RIP: 0033:0x7f812fd3ba39 [ 3328.505267][T26238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3328.524880][T26238] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3328.533287][T26238] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3328.541265][T26238] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3328.549266][T26238] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3328.557224][T26238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3328.565185][T26238] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:57 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 31) 02:39:57 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000298200040001"], 0x24}}, 0x0) 02:39:57 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000fffffff000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:57 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000500"/36}}]}]}, 0x64}}, 0x0) 02:39:57 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000400"/36}}]}]}, 0x64}}, 0x0) 02:39:57 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0xe, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:39:57 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000008300040001"], 0x24}}, 0x0) 02:39:57 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000080ffff00000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:57 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000500"/36}}]}]}, 0x64}}, 0x0) [ 3328.849501][T26275] FAULT_INJECTION: forcing a failure. [ 3328.849501][T26275] name failslab, interval 1, probability 0, space 0, times 0 [ 3328.919092][T26275] CPU: 1 PID: 26275 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3328.927902][T26275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3328.937971][T26275] Call Trace: [ 3328.941264][T26275] dump_stack_lvl+0xcd/0x134 [ 3328.945878][T26275] should_fail.cold+0x5/0xa [ 3328.950413][T26275] ? crypto_create_tfm_node+0x7f/0x320 [ 3328.955889][T26275] should_failslab+0x5/0x10 [ 3328.960409][T26275] __kmalloc_node+0x75/0x370 [ 3328.965030][T26275] crypto_create_tfm_node+0x7f/0x320 [ 3328.970340][T26275] crypto_spawn_tfm2+0x60/0xb0 [ 3328.975126][T26275] crypto_gcm_init_tfm+0x6d/0x260 [ 3328.980171][T26275] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3328.985820][T26275] crypto_aead_init_tfm+0x138/0x1a0 [ 3328.991043][T26275] crypto_create_tfm_node+0x10d/0x320 [ 3328.996438][T26275] crypto_alloc_tfm_node+0x107/0x260 [ 3329.001756][T26275] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3329.007522][T26275] tipc_crypto_key_init+0x82/0x110 [ 3329.012660][T26275] ? tipc_ehdr_validate+0x240/0x240 02:39:58 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000018300040001"], 0x24}}, 0x0) [ 3329.017886][T26275] ? crypto_mod_put+0x8c/0x100 [ 3329.022683][T26275] tipc_nl_node_set_key+0xa5d/0xf70 [ 3329.027920][T26275] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3329.034195][T26275] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3329.040456][T26275] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3329.047851][T26275] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3329.055164][T26275] genl_family_rcv_msg_doit+0x228/0x320 [ 3329.060730][T26275] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 02:39:58 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000028300040001"], 0x24}}, 0x0) [ 3329.068119][T26275] ? mutex_lock_io_nested+0x1150/0x1150 [ 3329.073704][T26275] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3329.079972][T26275] ? __radix_tree_lookup+0x211/0x2a0 [ 3329.085275][T26275] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3329.091530][T26275] ? genl_get_cmd+0x3cf/0x480 [ 3329.096230][T26275] genl_rcv_msg+0x328/0x580 [ 3329.100754][T26275] ? genl_get_cmd+0x480/0x480 [ 3329.105452][T26275] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3329.111751][T26275] ? lock_release+0x720/0x720 02:39:58 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000038300040001"], 0x24}}, 0x0) [ 3329.116450][T26275] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3329.121767][T26275] netlink_rcv_skb+0x153/0x420 [ 3329.126554][T26275] ? genl_get_cmd+0x480/0x480 [ 3329.131261][T26275] ? netlink_ack+0xa60/0xa60 [ 3329.135882][T26275] ? netlink_deliver_tap+0x1b1/0xc30 [ 3329.141193][T26275] genl_rcv+0x24/0x40 [ 3329.145193][T26275] netlink_unicast+0x533/0x7d0 [ 3329.149983][T26275] ? netlink_attachskb+0x890/0x890 [ 3329.155109][T26275] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3329.161375][T26275] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3329.167641][T26275] ? __phys_addr_symbol+0x2c/0x70 [ 3329.172698][T26275] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3329.178438][T26275] ? __check_object_size+0x16e/0x3f0 [ 3329.184277][T26275] netlink_sendmsg+0x86d/0xdb0 [ 3329.189069][T26275] ? netlink_unicast+0x7d0/0x7d0 [ 3329.194051][T26275] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3329.200314][T26275] ? netlink_unicast+0x7d0/0x7d0 [ 3329.205270][T26275] sock_sendmsg+0xcf/0x120 [ 3329.209708][T26275] ____sys_sendmsg+0x6e8/0x810 [ 3329.214513][T26275] ? kernel_sendmsg+0x50/0x50 [ 3329.219293][T26275] ? do_recvmmsg+0x6d0/0x6d0 [ 3329.223909][T26275] ? lock_chain_count+0x20/0x20 [ 3329.228782][T26275] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3329.234800][T26275] ___sys_sendmsg+0xf3/0x170 [ 3329.239406][T26275] ? sendmsg_copy_msghdr+0x160/0x160 [ 3329.244686][T26275] ? __fget_files+0x21b/0x3e0 [ 3329.249397][T26275] ? lock_downgrade+0x6e0/0x6e0 [ 3329.254269][T26275] ? __fget_files+0x23d/0x3e0 [ 3329.258942][T26275] ? __fget_light+0xea/0x280 [ 3329.263520][T26275] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3329.269783][T26275] __sys_sendmsg+0xe5/0x1b0 [ 3329.274299][T26275] ? __sys_sendmsg_sock+0x30/0x30 [ 3329.279342][T26275] ? syscall_enter_from_user_mode+0x21/0x70 [ 3329.285248][T26275] do_syscall_64+0x35/0xb0 [ 3329.289656][T26275] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3329.295540][T26275] RIP: 0033:0x7f812fd3ba39 [ 3329.299960][T26275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3329.319556][T26275] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3329.327957][T26275] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3329.335917][T26275] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3329.343881][T26275] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3329.351868][T26275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3329.359850][T26275] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:58 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 32) 02:39:58 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000048300040001"], 0x24}}, 0x0) 02:39:58 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000600"/36}}]}]}, 0x64}}, 0x0) 02:39:58 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000600"/36}}]}]}, 0x64}}, 0x0) 02:39:58 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000f0ffff00000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:58 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0xf, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:39:58 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000058300040001"], 0x24}}, 0x0) [ 3329.528514][T26299] FAULT_INJECTION: forcing a failure. [ 3329.528514][T26299] name failslab, interval 1, probability 0, space 0, times 0 [ 3329.545211][T26299] CPU: 1 PID: 26299 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3329.554000][T26299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3329.564067][T26299] Call Trace: [ 3329.567355][T26299] dump_stack_lvl+0xcd/0x134 [ 3329.571967][T26299] should_fail.cold+0x5/0xa [ 3329.576497][T26299] ? crypto_create_tfm_node+0x7f/0x320 [ 3329.581976][T26299] should_failslab+0x5/0x10 [ 3329.586495][T26299] __kmalloc_node+0x75/0x370 [ 3329.591119][T26299] crypto_create_tfm_node+0x7f/0x320 [ 3329.596427][T26299] crypto_alloc_tfm_node+0x107/0x260 [ 3329.601740][T26299] cryptd_alloc_skcipher+0x101/0x200 [ 3329.607050][T26299] ? cryptd_hash_exit_tfm+0x40/0x40 [ 3329.612361][T26299] ? __kmalloc_node+0x62/0x370 [ 3329.617165][T26299] ? simd_skcipher_exit+0x40/0x40 [ 3329.622211][T26299] simd_skcipher_init+0x67/0x180 [ 3329.627166][T26299] ? simd_skcipher_exit+0x40/0x40 [ 3329.632211][T26299] crypto_skcipher_init_tfm+0x127/0x180 [ 3329.637780][T26299] crypto_create_tfm_node+0x10d/0x320 [ 3329.643178][T26299] crypto_spawn_tfm2+0x60/0xb0 [ 3329.647964][T26299] crypto_gcm_init_tfm+0x6d/0x260 [ 3329.653012][T26299] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3329.658677][T26299] crypto_aead_init_tfm+0x138/0x1a0 [ 3329.663902][T26299] crypto_create_tfm_node+0x10d/0x320 [ 3329.669301][T26299] crypto_alloc_tfm_node+0x107/0x260 [ 3329.674612][T26299] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3329.680376][T26299] tipc_crypto_key_init+0x82/0x110 [ 3329.685511][T26299] ? tipc_ehdr_validate+0x240/0x240 [ 3329.690728][T26299] ? crypto_mod_put+0x8c/0x100 [ 3329.695521][T26299] tipc_nl_node_set_key+0xa5d/0xf70 [ 3329.700751][T26299] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3329.707081][T26299] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3329.713319][T26299] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3329.720687][T26299] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3329.728348][T26299] genl_family_rcv_msg_doit+0x228/0x320 [ 3329.733937][T26299] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3329.741296][T26299] ? mutex_lock_io_nested+0x1150/0x1150 [ 3329.746860][T26299] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3329.753182][T26299] ? __radix_tree_lookup+0x211/0x2a0 [ 3329.758463][T26299] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3329.764693][T26299] ? genl_get_cmd+0x3cf/0x480 [ 3329.769360][T26299] genl_rcv_msg+0x328/0x580 [ 3329.773864][T26299] ? genl_get_cmd+0x480/0x480 [ 3329.778551][T26299] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3329.784895][T26299] ? lock_release+0x720/0x720 [ 3329.789569][T26299] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3329.794858][T26299] netlink_rcv_skb+0x153/0x420 [ 3329.799639][T26299] ? genl_get_cmd+0x480/0x480 [ 3329.804313][T26299] ? netlink_ack+0xa60/0xa60 [ 3329.808901][T26299] ? netlink_deliver_tap+0x1b1/0xc30 [ 3329.814229][T26299] genl_rcv+0x24/0x40 [ 3329.818212][T26299] netlink_unicast+0x533/0x7d0 [ 3329.823055][T26299] ? netlink_attachskb+0x890/0x890 [ 3329.828156][T26299] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3329.834413][T26299] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3329.840822][T26299] ? __phys_addr_symbol+0x2c/0x70 [ 3329.845841][T26299] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3329.851606][T26299] ? __check_object_size+0x16e/0x3f0 [ 3329.856896][T26299] netlink_sendmsg+0x86d/0xdb0 [ 3329.861655][T26299] ? netlink_unicast+0x7d0/0x7d0 [ 3329.866593][T26299] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3329.872866][T26299] ? netlink_unicast+0x7d0/0x7d0 [ 3329.877838][T26299] sock_sendmsg+0xcf/0x120 [ 3329.882246][T26299] ____sys_sendmsg+0x6e8/0x810 [ 3329.887001][T26299] ? kernel_sendmsg+0x50/0x50 [ 3329.891672][T26299] ? do_recvmmsg+0x6d0/0x6d0 [ 3329.896262][T26299] ? lock_chain_count+0x20/0x20 [ 3329.901104][T26299] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3329.907078][T26299] ___sys_sendmsg+0xf3/0x170 [ 3329.911669][T26299] ? sendmsg_copy_msghdr+0x160/0x160 [ 3329.916947][T26299] ? __fget_files+0x21b/0x3e0 [ 3329.921620][T26299] ? lock_downgrade+0x6e0/0x6e0 [ 3329.926492][T26299] ? __fget_files+0x23d/0x3e0 [ 3329.931178][T26299] ? __fget_light+0xea/0x280 [ 3329.935785][T26299] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3329.942019][T26299] __sys_sendmsg+0xe5/0x1b0 [ 3329.946514][T26299] ? __sys_sendmsg_sock+0x30/0x30 [ 3329.951536][T26299] ? syscall_enter_from_user_mode+0x21/0x70 [ 3329.957424][T26299] do_syscall_64+0x35/0xb0 [ 3329.961836][T26299] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3329.967733][T26299] RIP: 0033:0x7f812fd3ba39 [ 3329.972138][T26299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3329.991732][T26299] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3330.000163][T26299] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3330.008143][T26299] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3330.016156][T26299] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3330.024120][T26299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3330.032098][T26299] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:39:59 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000068300040001"], 0x24}}, 0x0) 02:39:59 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 33) 02:39:59 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x60, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:39:59 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700007fffffff00000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:39:59 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000700"/36}}]}]}, 0x64}}, 0x0) 02:39:59 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000700"/36}}]}]}, 0x64}}, 0x0) [ 3330.276437][T26316] FAULT_INJECTION: forcing a failure. [ 3330.276437][T26316] name failslab, interval 1, probability 0, space 0, times 0 [ 3330.320736][T26316] CPU: 0 PID: 26316 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3330.329542][T26316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3330.339609][T26316] Call Trace: [ 3330.342900][T26316] dump_stack_lvl+0xcd/0x134 [ 3330.347513][T26316] should_fail.cold+0x5/0xa [ 3330.352055][T26316] ? crypto_create_tfm_node+0x7f/0x320 [ 3330.357532][T26316] should_failslab+0x5/0x10 [ 3330.362075][T26316] __kmalloc_node+0x75/0x370 [ 3330.366700][T26316] crypto_create_tfm_node+0x7f/0x320 [ 3330.372011][T26316] crypto_spawn_tfm2+0x60/0xb0 [ 3330.376793][T26316] ? cryptd_skcipher_setkey+0xd0/0xd0 [ 3330.382176][T26316] cryptd_skcipher_init_tfm+0x3a/0xe0 [ 3330.387555][T26316] crypto_skcipher_init_tfm+0x127/0x180 [ 3330.393105][T26316] crypto_create_tfm_node+0x10d/0x320 [ 3330.398482][T26316] crypto_alloc_tfm_node+0x107/0x260 [ 3330.403780][T26316] cryptd_alloc_skcipher+0x101/0x200 [ 3330.409067][T26316] ? cryptd_hash_exit_tfm+0x40/0x40 [ 3330.414268][T26316] ? __kmalloc_node+0x62/0x370 [ 3330.419043][T26316] ? simd_skcipher_exit+0x40/0x40 [ 3330.424069][T26316] simd_skcipher_init+0x67/0x180 [ 3330.429001][T26316] ? simd_skcipher_exit+0x40/0x40 [ 3330.434041][T26316] crypto_skcipher_init_tfm+0x127/0x180 [ 3330.439590][T26316] crypto_create_tfm_node+0x10d/0x320 [ 3330.444967][T26316] crypto_spawn_tfm2+0x60/0xb0 [ 3330.449733][T26316] crypto_gcm_init_tfm+0x6d/0x260 [ 3330.454754][T26316] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3330.460384][T26316] crypto_aead_init_tfm+0x138/0x1a0 [ 3330.465585][T26316] crypto_create_tfm_node+0x10d/0x320 [ 3330.470956][T26316] crypto_alloc_tfm_node+0x107/0x260 [ 3330.476246][T26316] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3330.481984][T26316] tipc_crypto_key_init+0x82/0x110 [ 3330.487100][T26316] ? tipc_ehdr_validate+0x240/0x240 [ 3330.492298][T26316] ? crypto_mod_put+0x8c/0x100 [ 3330.497070][T26316] tipc_nl_node_set_key+0xa5d/0xf70 [ 3330.502275][T26316] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3330.508534][T26316] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3330.514775][T26316] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3330.522145][T26316] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3330.529433][T26316] genl_family_rcv_msg_doit+0x228/0x320 [ 3330.534980][T26316] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3330.542350][T26316] ? mutex_lock_io_nested+0x1150/0x1150 [ 3330.547909][T26316] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3330.554152][T26316] ? __radix_tree_lookup+0x211/0x2a0 [ 3330.559440][T26316] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3330.565680][T26316] ? genl_get_cmd+0x3cf/0x480 [ 3330.570374][T26316] genl_rcv_msg+0x328/0x580 [ 3330.574880][T26316] ? genl_get_cmd+0x480/0x480 [ 3330.579561][T26316] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3330.585810][T26316] ? lock_release+0x720/0x720 [ 3330.590486][T26316] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3330.595776][T26316] netlink_rcv_skb+0x153/0x420 [ 3330.600535][T26316] ? genl_get_cmd+0x480/0x480 [ 3330.605213][T26316] ? netlink_ack+0xa60/0xa60 [ 3330.609806][T26316] ? netlink_deliver_tap+0x1b1/0xc30 [ 3330.615092][T26316] genl_rcv+0x24/0x40 [ 3330.619073][T26316] netlink_unicast+0x533/0x7d0 [ 3330.623843][T26316] ? netlink_attachskb+0x890/0x890 [ 3330.628974][T26316] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3330.635230][T26316] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3330.641469][T26316] ? __phys_addr_symbol+0x2c/0x70 [ 3330.646491][T26316] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3330.652211][T26316] ? __check_object_size+0x16e/0x3f0 [ 3330.657505][T26316] netlink_sendmsg+0x86d/0xdb0 [ 3330.662271][T26316] ? netlink_unicast+0x7d0/0x7d0 [ 3330.667217][T26316] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3330.673459][T26316] ? netlink_unicast+0x7d0/0x7d0 [ 3330.678393][T26316] sock_sendmsg+0xcf/0x120 [ 3330.682809][T26316] ____sys_sendmsg+0x6e8/0x810 [ 3330.687576][T26316] ? kernel_sendmsg+0x50/0x50 [ 3330.692249][T26316] ? do_recvmmsg+0x6d0/0x6d0 [ 3330.696846][T26316] ? lock_chain_count+0x20/0x20 [ 3330.701695][T26316] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3330.707682][T26316] ___sys_sendmsg+0xf3/0x170 [ 3330.712276][T26316] ? sendmsg_copy_msghdr+0x160/0x160 [ 3330.717570][T26316] ? __fget_files+0x21b/0x3e0 [ 3330.722243][T26316] ? lock_downgrade+0x6e0/0x6e0 [ 3330.727112][T26316] ? __fget_files+0x23d/0x3e0 [ 3330.731792][T26316] ? __fget_light+0xea/0x280 [ 3330.736387][T26316] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3330.742631][T26316] __sys_sendmsg+0xe5/0x1b0 [ 3330.747133][T26316] ? __sys_sendmsg_sock+0x30/0x30 [ 3330.752169][T26316] ? syscall_enter_from_user_mode+0x21/0x70 [ 3330.758070][T26316] do_syscall_64+0x35/0xb0 [ 3330.762482][T26316] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3330.768376][T26316] RIP: 0033:0x7f812fd3ba39 [ 3330.772788][T26316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3330.792392][T26316] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3330.800809][T26316] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3330.808790][T26316] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 02:39:59 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000078300040001"], 0x24}}, 0x0) [ 3330.816763][T26316] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3330.824925][T26316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3330.832894][T26316] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:00 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 34) 02:40:00 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700009effffff00000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:00 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0xf0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:00 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000800"/36}}]}]}, 0x64}}, 0x0) 02:40:00 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000900"/36}}]}]}, 0x64}}, 0x0) 02:40:00 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000088300040001"], 0x24}}, 0x0) [ 3331.158394][T26337] FAULT_INJECTION: forcing a failure. [ 3331.158394][T26337] name failslab, interval 1, probability 0, space 0, times 0 [ 3331.191573][T26337] CPU: 1 PID: 26337 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3331.200558][T26337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3331.210628][T26337] Call Trace: [ 3331.213918][T26337] dump_stack_lvl+0xcd/0x134 [ 3331.218534][T26337] should_fail.cold+0x5/0xa [ 3331.223073][T26337] ? crypto_gcm_setkey+0x13e/0x590 [ 3331.228207][T26337] should_failslab+0x5/0x10 [ 3331.232738][T26337] __kmalloc+0x72/0x320 [ 3331.236924][T26337] crypto_gcm_setkey+0x13e/0x590 [ 3331.241887][T26337] crypto_aead_setkey+0xbf/0x290 [ 3331.246851][T26337] tipc_aead_init.constprop.0+0x17b/0x8f0 [ 3331.252615][T26337] tipc_crypto_key_init+0x82/0x110 [ 3331.257849][T26337] ? tipc_ehdr_validate+0x240/0x240 [ 3331.263068][T26337] ? crypto_mod_put+0x8c/0x100 [ 3331.267845][T26337] tipc_nl_node_set_key+0xa5d/0xf70 [ 3331.273075][T26337] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3331.279353][T26337] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3331.285619][T26337] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3331.293012][T26337] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3331.300330][T26337] genl_family_rcv_msg_doit+0x228/0x320 [ 3331.305900][T26337] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3331.313291][T26337] ? mutex_lock_io_nested+0x1150/0x1150 [ 3331.318868][T26337] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3331.325142][T26337] ? __radix_tree_lookup+0x211/0x2a0 [ 3331.330444][T26337] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3331.336700][T26337] ? genl_get_cmd+0x3cf/0x480 [ 3331.341382][T26337] genl_rcv_msg+0x328/0x580 [ 3331.345912][T26337] ? genl_get_cmd+0x480/0x480 [ 3331.350599][T26337] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3331.356834][T26337] ? lock_release+0x720/0x720 [ 3331.361510][T26337] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3331.366824][T26337] netlink_rcv_skb+0x153/0x420 [ 3331.371589][T26337] ? genl_get_cmd+0x480/0x480 [ 3331.376276][T26337] ? netlink_ack+0xa60/0xa60 [ 3331.380858][T26337] ? netlink_deliver_tap+0x1b1/0xc30 [ 3331.386241][T26337] genl_rcv+0x24/0x40 [ 3331.390233][T26337] netlink_unicast+0x533/0x7d0 [ 3331.394991][T26337] ? netlink_attachskb+0x890/0x890 [ 3331.400096][T26337] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3331.406332][T26337] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3331.412560][T26337] ? __phys_addr_symbol+0x2c/0x70 [ 3331.417577][T26337] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3331.423297][T26337] ? __check_object_size+0x16e/0x3f0 [ 3331.428631][T26337] netlink_sendmsg+0x86d/0xdb0 [ 3331.433411][T26337] ? netlink_unicast+0x7d0/0x7d0 [ 3331.438364][T26337] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3331.444597][T26337] ? netlink_unicast+0x7d0/0x7d0 [ 3331.449546][T26337] sock_sendmsg+0xcf/0x120 [ 3331.453955][T26337] ____sys_sendmsg+0x6e8/0x810 02:40:00 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000098300040001"], 0x24}}, 0x0) [ 3331.458712][T26337] ? kernel_sendmsg+0x50/0x50 [ 3331.463386][T26337] ? do_recvmmsg+0x6d0/0x6d0 [ 3331.467972][T26337] ? lock_chain_count+0x20/0x20 [ 3331.472817][T26337] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3331.478802][T26337] ___sys_sendmsg+0xf3/0x170 [ 3331.483385][T26337] ? sendmsg_copy_msghdr+0x160/0x160 [ 3331.488674][T26337] ? __fget_files+0x21b/0x3e0 [ 3331.493369][T26337] ? lock_downgrade+0x6e0/0x6e0 [ 3331.498256][T26337] ? __fget_files+0x23d/0x3e0 [ 3331.502961][T26337] ? __fget_light+0xea/0x280 02:40:00 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000a8300040001"], 0x24}}, 0x0) [ 3331.507570][T26337] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3331.513841][T26337] __sys_sendmsg+0xe5/0x1b0 [ 3331.518371][T26337] ? __sys_sendmsg_sock+0x30/0x30 [ 3331.523432][T26337] ? syscall_enter_from_user_mode+0x21/0x70 [ 3331.529351][T26337] do_syscall_64+0x35/0xb0 [ 3331.533780][T26337] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3331.539688][T26337] RIP: 0033:0x7f812fd3ba39 02:40:00 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000b8300040001"], 0x24}}, 0x0) [ 3331.544197][T26337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3331.563823][T26337] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3331.572247][T26337] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3331.580235][T26337] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3331.588220][T26337] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3331.596210][T26337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3331.604194][T26337] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:00 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 35) 02:40:00 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000900"/36}}]}]}, 0x64}}, 0x0) 02:40:00 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x300, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:00 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8003d0c00"/36}}]}]}, 0x64}}, 0x0) 02:40:00 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000f0ffffff00000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:00 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000c8300040001"], 0x24}}, 0x0) [ 3331.845874][T26360] FAULT_INJECTION: forcing a failure. [ 3331.845874][T26360] name failslab, interval 1, probability 0, space 0, times 0 [ 3331.886547][T26360] CPU: 0 PID: 26360 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3331.895348][T26360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3331.905420][T26360] Call Trace: [ 3331.908717][T26360] dump_stack_lvl+0xcd/0x134 [ 3331.913333][T26360] should_fail.cold+0x5/0xa [ 3331.917870][T26360] ? tipc_aead_init.constprop.0+0x1bb/0x8f0 [ 3331.923789][T26360] should_failslab+0x5/0x10 [ 3331.928314][T26360] kmem_cache_alloc_trace+0x55/0x2b0 [ 3331.933624][T26360] ? crypto_aead_setkey+0x10f/0x290 [ 3331.938850][T26360] tipc_aead_init.constprop.0+0x1bb/0x8f0 [ 3331.944617][T26360] tipc_crypto_key_init+0x82/0x110 [ 3331.949759][T26360] ? tipc_ehdr_validate+0x240/0x240 [ 3331.954985][T26360] ? crypto_mod_put+0x8c/0x100 [ 3331.959782][T26360] tipc_nl_node_set_key+0xa5d/0xf70 [ 3331.965013][T26360] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3331.971294][T26360] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3331.977558][T26360] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3331.984953][T26360] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3331.992280][T26360] genl_family_rcv_msg_doit+0x228/0x320 [ 3331.997851][T26360] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3332.005251][T26360] ? mutex_lock_io_nested+0x1150/0x1150 [ 3332.010831][T26360] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3332.017100][T26360] ? __radix_tree_lookup+0x211/0x2a0 [ 3332.022409][T26360] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3332.028668][T26360] ? genl_get_cmd+0x3cf/0x480 [ 3332.033371][T26360] genl_rcv_msg+0x328/0x580 [ 3332.037898][T26360] ? genl_get_cmd+0x480/0x480 [ 3332.042596][T26360] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3332.048866][T26360] ? lock_release+0x720/0x720 [ 3332.053567][T26360] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3332.058877][T26360] netlink_rcv_skb+0x153/0x420 [ 3332.063664][T26360] ? genl_get_cmd+0x480/0x480 [ 3332.068362][T26360] ? netlink_ack+0xa60/0xa60 [ 3332.072980][T26360] ? netlink_deliver_tap+0x1b1/0xc30 [ 3332.078337][T26360] genl_rcv+0x24/0x40 [ 3332.082320][T26360] netlink_unicast+0x533/0x7d0 [ 3332.087114][T26360] ? netlink_attachskb+0x890/0x890 [ 3332.092242][T26360] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3332.098477][T26360] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3332.104715][T26360] ? __phys_addr_symbol+0x2c/0x70 [ 3332.109754][T26360] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3332.115490][T26360] ? __check_object_size+0x16e/0x3f0 [ 3332.120793][T26360] netlink_sendmsg+0x86d/0xdb0 [ 3332.125561][T26360] ? netlink_unicast+0x7d0/0x7d0 [ 3332.130529][T26360] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3332.136791][T26360] ? netlink_unicast+0x7d0/0x7d0 [ 3332.141748][T26360] sock_sendmsg+0xcf/0x120 [ 3332.146186][T26360] ____sys_sendmsg+0x6e8/0x810 [ 3332.150966][T26360] ? kernel_sendmsg+0x50/0x50 [ 3332.155642][T26360] ? do_recvmmsg+0x6d0/0x6d0 [ 3332.160256][T26360] ? lock_chain_count+0x20/0x20 [ 3332.165121][T26360] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3332.171121][T26360] ___sys_sendmsg+0xf3/0x170 [ 3332.175713][T26360] ? sendmsg_copy_msghdr+0x160/0x160 [ 3332.181029][T26360] ? __fget_files+0x21b/0x3e0 [ 3332.185723][T26360] ? lock_downgrade+0x6e0/0x6e0 [ 3332.190611][T26360] ? __fget_files+0x23d/0x3e0 [ 3332.195316][T26360] ? __fget_light+0xea/0x280 [ 3332.199918][T26360] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3332.206160][T26360] __sys_sendmsg+0xe5/0x1b0 [ 3332.210686][T26360] ? __sys_sendmsg_sock+0x30/0x30 [ 3332.215753][T26360] ? syscall_enter_from_user_mode+0x21/0x70 [ 3332.221680][T26360] do_syscall_64+0x35/0xb0 [ 3332.226119][T26360] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3332.232032][T26360] RIP: 0033:0x7f812fd3ba39 [ 3332.236461][T26360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3332.256085][T26360] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3332.264518][T26360] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3332.272504][T26360] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3332.280490][T26360] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 02:40:01 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000d8300040001"], 0x24}}, 0x0) [ 3332.288463][T26360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3332.296461][T26360] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:01 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000e00"/36}}]}]}, 0x64}}, 0x0) 02:40:01 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x700, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:01 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000e8300040001"], 0x24}}, 0x0) 02:40:01 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 36) 02:40:01 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000f00"/36}}]}]}, 0x64}}, 0x0) 02:40:01 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000002000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3332.587060][T26389] FAULT_INJECTION: forcing a failure. [ 3332.587060][T26389] name failslab, interval 1, probability 0, space 0, times 0 [ 3332.627656][T26389] CPU: 0 PID: 26389 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3332.636460][T26389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3332.646520][T26389] Call Trace: [ 3332.649806][T26389] dump_stack_lvl+0xcd/0x134 [ 3332.654405][T26389] should_fail.cold+0x5/0xa [ 3332.658915][T26389] ? crypto_create_tfm_node+0x7f/0x320 [ 3332.664375][T26389] should_failslab+0x5/0x10 [ 3332.668875][T26389] __kmalloc_node+0x75/0x370 [ 3332.673482][T26389] crypto_create_tfm_node+0x7f/0x320 [ 3332.678771][T26389] crypto_alloc_tfm_node+0x107/0x260 [ 3332.684060][T26389] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3332.689796][T26389] tipc_crypto_key_init+0x82/0x110 [ 3332.694910][T26389] ? tipc_ehdr_validate+0x240/0x240 [ 3332.700116][T26389] ? crypto_mod_put+0x8c/0x100 [ 3332.704976][T26389] tipc_nl_node_set_key+0xa5d/0xf70 [ 3332.710178][T26389] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3332.716517][T26389] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3332.722765][T26389] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3332.730140][T26389] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3332.737435][T26389] genl_family_rcv_msg_doit+0x228/0x320 [ 3332.743002][T26389] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3332.750377][T26389] ? mutex_lock_io_nested+0x1150/0x1150 [ 3332.755930][T26389] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3332.762192][T26389] ? __radix_tree_lookup+0x211/0x2a0 [ 3332.767478][T26389] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3332.773717][T26389] ? genl_get_cmd+0x3cf/0x480 [ 3332.778398][T26389] genl_rcv_msg+0x328/0x580 [ 3332.782918][T26389] ? genl_get_cmd+0x480/0x480 [ 3332.787614][T26389] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3332.793874][T26389] ? lock_release+0x720/0x720 [ 3332.798560][T26389] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3332.803856][T26389] netlink_rcv_skb+0x153/0x420 [ 3332.808632][T26389] ? genl_get_cmd+0x480/0x480 [ 3332.813328][T26389] ? netlink_ack+0xa60/0xa60 [ 3332.817952][T26389] ? netlink_deliver_tap+0x1b1/0xc30 [ 3332.823251][T26389] genl_rcv+0x24/0x40 [ 3332.827241][T26389] netlink_unicast+0x533/0x7d0 [ 3332.832008][T26389] ? netlink_attachskb+0x890/0x890 [ 3332.837118][T26389] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3332.843366][T26389] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3332.849613][T26389] ? __phys_addr_symbol+0x2c/0x70 [ 3332.854647][T26389] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3332.860383][T26389] ? __check_object_size+0x16e/0x3f0 [ 3332.865682][T26389] netlink_sendmsg+0x86d/0xdb0 [ 3332.870459][T26389] ? netlink_unicast+0x7d0/0x7d0 [ 3332.875404][T26389] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3332.881663][T26389] ? netlink_unicast+0x7d0/0x7d0 [ 3332.886603][T26389] sock_sendmsg+0xcf/0x120 [ 3332.891022][T26389] ____sys_sendmsg+0x6e8/0x810 [ 3332.895800][T26389] ? kernel_sendmsg+0x50/0x50 [ 3332.900474][T26389] ? do_recvmmsg+0x6d0/0x6d0 [ 3332.905071][T26389] ? lock_chain_count+0x20/0x20 [ 3332.909926][T26389] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3332.915921][T26389] ___sys_sendmsg+0xf3/0x170 [ 3332.920515][T26389] ? sendmsg_copy_msghdr+0x160/0x160 [ 3332.925819][T26389] ? __fget_files+0x21b/0x3e0 [ 3332.930497][T26389] ? lock_downgrade+0x6e0/0x6e0 [ 3332.935359][T26389] ? __fget_files+0x23d/0x3e0 [ 3332.940039][T26389] ? __fget_light+0xea/0x280 [ 3332.944626][T26389] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3332.950868][T26389] __sys_sendmsg+0xe5/0x1b0 [ 3332.955375][T26389] ? __sys_sendmsg_sock+0x30/0x30 [ 3332.960417][T26389] ? syscall_enter_from_user_mode+0x21/0x70 [ 3332.966315][T26389] do_syscall_64+0x35/0xb0 [ 3332.970747][T26389] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3332.976769][T26389] RIP: 0033:0x7f812fd3ba39 [ 3332.981202][T26389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3333.000814][T26389] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3333.009228][T26389] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3333.017198][T26389] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 02:40:02 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0xe00, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3333.025166][T26389] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3333.033136][T26389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3333.041105][T26389] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:02 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000f00"/36}}]}]}, 0x64}}, 0x0) 02:40:02 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000f8300040001"], 0x24}}, 0x0) 02:40:02 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000108300040001"], 0x24}}, 0x0) 02:40:02 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800021500"/36}}]}]}, 0x64}}, 0x0) 02:40:02 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000006000"/36}}]}]}, 0x64}}, 0x0) 02:40:02 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0xf00, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:02 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000003000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:02 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 37) 02:40:02 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000118300040001"], 0x24}}, 0x0) 02:40:02 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800012000"/36}}]}]}, 0x64}}, 0x0) 02:40:02 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000f000"/36}}]}]}, 0x64}}, 0x0) 02:40:02 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x6000, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3333.597771][T26422] FAULT_INJECTION: forcing a failure. [ 3333.597771][T26422] name failslab, interval 1, probability 0, space 0, times 0 [ 3333.641969][T26422] CPU: 1 PID: 26422 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3333.650776][T26422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3333.660859][T26422] Call Trace: [ 3333.664152][T26422] dump_stack_lvl+0xcd/0x134 [ 3333.668765][T26422] should_fail.cold+0x5/0xa [ 3333.673304][T26422] ? crypto_create_tfm_node+0x7f/0x320 [ 3333.678781][T26422] should_failslab+0x5/0x10 [ 3333.683306][T26422] __kmalloc_node+0x75/0x370 [ 3333.687937][T26422] crypto_create_tfm_node+0x7f/0x320 [ 3333.693248][T26422] crypto_spawn_tfm2+0x60/0xb0 [ 3333.698035][T26422] crypto_gcm_init_tfm+0x3d/0x260 [ 3333.703075][T26422] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3333.708728][T26422] crypto_aead_init_tfm+0x138/0x1a0 [ 3333.713950][T26422] crypto_create_tfm_node+0x10d/0x320 [ 3333.719358][T26422] crypto_alloc_tfm_node+0x107/0x260 [ 3333.724669][T26422] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3333.730430][T26422] tipc_crypto_key_init+0x82/0x110 [ 3333.735570][T26422] ? tipc_ehdr_validate+0x240/0x240 [ 3333.740786][T26422] ? crypto_mod_put+0x8c/0x100 [ 3333.745582][T26422] tipc_nl_node_set_key+0xa5d/0xf70 [ 3333.750807][T26422] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3333.757082][T26422] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3333.763347][T26422] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3333.770741][T26422] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3333.778053][T26422] genl_family_rcv_msg_doit+0x228/0x320 [ 3333.783621][T26422] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3333.791013][T26422] ? mutex_lock_io_nested+0x1150/0x1150 [ 3333.796591][T26422] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3333.802860][T26422] ? __radix_tree_lookup+0x211/0x2a0 [ 3333.808171][T26422] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3333.814542][T26422] ? genl_get_cmd+0x3cf/0x480 [ 3333.819249][T26422] genl_rcv_msg+0x328/0x580 [ 3333.823793][T26422] ? genl_get_cmd+0x480/0x480 [ 3333.828532][T26422] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3333.834776][T26422] ? lock_release+0x720/0x720 [ 3333.839448][T26422] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3333.844742][T26422] netlink_rcv_skb+0x153/0x420 [ 3333.849506][T26422] ? genl_get_cmd+0x480/0x480 [ 3333.854184][T26422] ? netlink_ack+0xa60/0xa60 [ 3333.858766][T26422] ? netlink_deliver_tap+0x1b1/0xc30 [ 3333.864058][T26422] genl_rcv+0x24/0x40 [ 3333.868053][T26422] netlink_unicast+0x533/0x7d0 [ 3333.872820][T26422] ? netlink_attachskb+0x890/0x890 [ 3333.877927][T26422] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3333.884390][T26422] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3333.890624][T26422] ? __phys_addr_symbol+0x2c/0x70 [ 3333.895652][T26422] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3333.901376][T26422] ? __check_object_size+0x16e/0x3f0 [ 3333.906748][T26422] netlink_sendmsg+0x86d/0xdb0 [ 3333.911520][T26422] ? netlink_unicast+0x7d0/0x7d0 [ 3333.916465][T26422] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3333.922704][T26422] ? netlink_unicast+0x7d0/0x7d0 [ 3333.927640][T26422] sock_sendmsg+0xcf/0x120 [ 3333.932180][T26422] ____sys_sendmsg+0x6e8/0x810 [ 3333.936938][T26422] ? kernel_sendmsg+0x50/0x50 [ 3333.941609][T26422] ? do_recvmmsg+0x6d0/0x6d0 [ 3333.946218][T26422] ? lock_chain_count+0x20/0x20 [ 3333.951059][T26422] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3333.957132][T26422] ___sys_sendmsg+0xf3/0x170 [ 3333.961748][T26422] ? sendmsg_copy_msghdr+0x160/0x160 [ 3333.967025][T26422] ? __fget_files+0x21b/0x3e0 [ 3333.971704][T26422] ? lock_downgrade+0x6e0/0x6e0 [ 3333.976577][T26422] ? __fget_files+0x23d/0x3e0 [ 3333.981248][T26422] ? __fget_light+0xea/0x280 [ 3333.985827][T26422] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3333.992063][T26422] __sys_sendmsg+0xe5/0x1b0 [ 3333.996560][T26422] ? __sys_sendmsg_sock+0x30/0x30 [ 3334.001592][T26422] ? syscall_enter_from_user_mode+0x21/0x70 [ 3334.007538][T26422] do_syscall_64+0x35/0xb0 [ 3334.011970][T26422] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3334.017877][T26422] RIP: 0033:0x7f812fd3ba39 [ 3334.022279][T26422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:40:03 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000128300040001"], 0x24}}, 0x0) 02:40:03 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000004000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3334.041876][T26422] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3334.050282][T26422] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3334.058245][T26422] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3334.066202][T26422] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3334.074162][T26422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3334.082127][T26422] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:03 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000c3d00"/36}}]}]}, 0x64}}, 0x0) 02:40:03 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000300"/36}}]}]}, 0x64}}, 0x0) 02:40:03 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 38) 02:40:03 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0xf000, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:03 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000007000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:03 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000138300040001"], 0x24}}, 0x0) 02:40:03 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000500"/36}}]}]}, 0x64}}, 0x0) [ 3334.415464][T26453] FAULT_INJECTION: forcing a failure. [ 3334.415464][T26453] name failslab, interval 1, probability 0, space 0, times 0 02:40:03 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800003f00"/36}}]}]}, 0x64}}, 0x0) [ 3334.503915][T26453] CPU: 1 PID: 26453 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3334.512723][T26453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3334.522792][T26453] Call Trace: [ 3334.526082][T26453] dump_stack_lvl+0xcd/0x134 [ 3334.530699][T26453] should_fail.cold+0x5/0xa [ 3334.535240][T26453] ? crypto_create_tfm_node+0x7f/0x320 [ 3334.540731][T26453] should_failslab+0x5/0x10 [ 3334.545262][T26453] __kmalloc_node+0x75/0x370 [ 3334.549895][T26453] crypto_create_tfm_node+0x7f/0x320 [ 3334.555205][T26453] crypto_alloc_tfm_node+0x107/0x260 [ 3334.560523][T26453] cryptd_alloc_ahash+0x101/0x200 [ 3334.565566][T26453] ? cryptd_ahash_queued+0x70/0x70 [ 3334.570683][T26453] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3334.576229][T26453] ? trace_kmalloc_node+0x32/0x100 [ 3334.581365][T26453] ? ghash_async_exit_tfm+0x40/0x40 [ 3334.586589][T26453] ghash_async_init_tfm+0x21/0x100 [ 3334.591718][T26453] ? ghash_async_exit_tfm+0x40/0x40 [ 3334.596937][T26453] crypto_create_tfm_node+0x19b/0x320 [ 3334.602338][T26453] crypto_spawn_tfm2+0x60/0xb0 [ 3334.607100][T26453] crypto_gcm_init_tfm+0x3d/0x260 [ 3334.612124][T26453] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3334.617757][T26453] crypto_aead_init_tfm+0x138/0x1a0 [ 3334.622949][T26453] crypto_create_tfm_node+0x10d/0x320 [ 3334.628328][T26453] crypto_alloc_tfm_node+0x107/0x260 [ 3334.633637][T26453] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3334.639395][T26453] tipc_crypto_key_init+0x82/0x110 [ 3334.644524][T26453] ? tipc_ehdr_validate+0x240/0x240 [ 3334.649719][T26453] ? crypto_mod_put+0x8c/0x100 [ 3334.654500][T26453] tipc_nl_node_set_key+0xa5d/0xf70 [ 3334.659708][T26453] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3334.665973][T26453] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3334.672234][T26453] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3334.679615][T26453] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3334.686906][T26453] genl_family_rcv_msg_doit+0x228/0x320 [ 3334.692460][T26453] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3334.699848][T26453] ? mutex_lock_io_nested+0x1150/0x1150 [ 3334.705411][T26453] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3334.711672][T26453] ? __radix_tree_lookup+0x211/0x2a0 [ 3334.716974][T26453] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3334.723230][T26453] ? genl_get_cmd+0x3cf/0x480 [ 3334.727931][T26453] genl_rcv_msg+0x328/0x580 [ 3334.732457][T26453] ? genl_get_cmd+0x480/0x480 [ 3334.737153][T26453] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3334.743425][T26453] ? lock_release+0x720/0x720 [ 3334.748100][T26453] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3334.753395][T26453] netlink_rcv_skb+0x153/0x420 [ 3334.758154][T26453] ? genl_get_cmd+0x480/0x480 [ 3334.762846][T26453] ? netlink_ack+0xa60/0xa60 [ 3334.767460][T26453] ? netlink_deliver_tap+0x1b1/0xc30 [ 3334.772743][T26453] genl_rcv+0x24/0x40 [ 3334.776730][T26453] netlink_unicast+0x533/0x7d0 [ 3334.781734][T26453] ? netlink_attachskb+0x890/0x890 [ 3334.786893][T26453] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3334.793133][T26453] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3334.799389][T26453] ? __phys_addr_symbol+0x2c/0x70 [ 3334.804407][T26453] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3334.810139][T26453] ? __check_object_size+0x16e/0x3f0 [ 3334.815446][T26453] netlink_sendmsg+0x86d/0xdb0 [ 3334.820221][T26453] ? netlink_unicast+0x7d0/0x7d0 [ 3334.825169][T26453] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3334.831405][T26453] ? netlink_unicast+0x7d0/0x7d0 [ 3334.836342][T26453] sock_sendmsg+0xcf/0x120 [ 3334.840771][T26453] ____sys_sendmsg+0x6e8/0x810 [ 3334.845560][T26453] ? kernel_sendmsg+0x50/0x50 [ 3334.850302][T26453] ? do_recvmmsg+0x6d0/0x6d0 [ 3334.854904][T26453] ? lock_chain_count+0x20/0x20 [ 3334.859780][T26453] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3334.865785][T26453] ___sys_sendmsg+0xf3/0x170 [ 3334.870371][T26453] ? sendmsg_copy_msghdr+0x160/0x160 [ 3334.875662][T26453] ? __fget_files+0x21b/0x3e0 [ 3334.880338][T26453] ? lock_downgrade+0x6e0/0x6e0 [ 3334.885202][T26453] ? __fget_files+0x23d/0x3e0 [ 3334.889896][T26453] ? __fget_light+0xea/0x280 [ 3334.894479][T26453] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3334.900742][T26453] __sys_sendmsg+0xe5/0x1b0 [ 3334.905291][T26453] ? __sys_sendmsg_sock+0x30/0x30 [ 3334.910359][T26453] ? syscall_enter_from_user_mode+0x21/0x70 [ 3334.916313][T26453] do_syscall_64+0x35/0xb0 [ 3334.920726][T26453] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3334.926623][T26453] RIP: 0033:0x7f812fd3ba39 [ 3334.931038][T26453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3334.950668][T26453] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3334.959097][T26453] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3334.967066][T26453] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3334.975128][T26453] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3334.983121][T26453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3334.991097][T26453] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:04 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000148300040001"], 0x24}}, 0x0) 02:40:04 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800004400"/36}}]}]}, 0x64}}, 0x0) 02:40:04 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000008000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:04 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000600"/36}}]}]}, 0x64}}, 0x0) 02:40:04 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0xf0ffff, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:04 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 39) 02:40:04 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000158300040001"], 0x24}}, 0x0) 02:40:04 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800035600"/36}}]}]}, 0x64}}, 0x0) [ 3335.287569][T26478] FAULT_INJECTION: forcing a failure. [ 3335.287569][T26478] name failslab, interval 1, probability 0, space 0, times 0 02:40:04 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000168300040001"], 0x24}}, 0x0) [ 3335.361110][T26478] CPU: 1 PID: 26478 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3335.369920][T26478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3335.379989][T26478] Call Trace: [ 3335.383280][T26478] dump_stack_lvl+0xcd/0x134 [ 3335.387896][T26478] should_fail.cold+0x5/0xa [ 3335.392432][T26478] ? crypto_create_tfm_node+0x7f/0x320 [ 3335.397911][T26478] should_failslab+0x5/0x10 [ 3335.402429][T26478] __kmalloc_node+0x75/0x370 02:40:04 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000178300040001"], 0x24}}, 0x0) [ 3335.407032][T26478] crypto_create_tfm_node+0x7f/0x320 [ 3335.412347][T26478] crypto_spawn_tfm2+0x60/0xb0 [ 3335.417142][T26478] ? cryptd_skcipher_init_tfm+0xe0/0xe0 [ 3335.422722][T26478] cryptd_hash_init_tfm+0x3c/0x120 [ 3335.427864][T26478] ? cryptd_skcipher_init_tfm+0xe0/0xe0 [ 3335.433438][T26478] crypto_create_tfm_node+0x19b/0x320 [ 3335.438834][T26478] crypto_alloc_tfm_node+0x107/0x260 [ 3335.444146][T26478] cryptd_alloc_ahash+0x101/0x200 [ 3335.449196][T26478] ? cryptd_ahash_queued+0x70/0x70 [ 3335.454345][T26478] ? rcu_read_lock_sched_held+0x3a/0x70 02:40:04 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000188300040001"], 0x24}}, 0x0) [ 3335.460001][T26478] ? trace_kmalloc_node+0x32/0x100 [ 3335.465129][T26478] ? ghash_async_exit_tfm+0x40/0x40 [ 3335.470359][T26478] ghash_async_init_tfm+0x21/0x100 [ 3335.475503][T26478] ? ghash_async_exit_tfm+0x40/0x40 [ 3335.480727][T26478] crypto_create_tfm_node+0x19b/0x320 [ 3335.486138][T26478] crypto_spawn_tfm2+0x60/0xb0 [ 3335.490924][T26478] crypto_gcm_init_tfm+0x3d/0x260 [ 3335.495965][T26478] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3335.501618][T26478] crypto_aead_init_tfm+0x138/0x1a0 [ 3335.506842][T26478] crypto_create_tfm_node+0x10d/0x320 [ 3335.512237][T26478] crypto_alloc_tfm_node+0x107/0x260 [ 3335.517553][T26478] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3335.523350][T26478] tipc_crypto_key_init+0x82/0x110 [ 3335.528485][T26478] ? tipc_ehdr_validate+0x240/0x240 [ 3335.533702][T26478] ? crypto_mod_put+0x8c/0x100 [ 3335.538499][T26478] tipc_nl_node_set_key+0xa5d/0xf70 [ 3335.543730][T26478] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3335.550015][T26478] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3335.556276][T26478] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3335.563661][T26478] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3335.570952][T26478] genl_family_rcv_msg_doit+0x228/0x320 [ 3335.576519][T26478] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3335.583903][T26478] ? mutex_lock_io_nested+0x1150/0x1150 [ 3335.589445][T26478] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3335.595673][T26478] ? __radix_tree_lookup+0x211/0x2a0 [ 3335.600947][T26478] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3335.607190][T26478] ? genl_get_cmd+0x3cf/0x480 [ 3335.611867][T26478] genl_rcv_msg+0x328/0x580 [ 3335.616398][T26478] ? genl_get_cmd+0x480/0x480 [ 3335.621086][T26478] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3335.627324][T26478] ? lock_release+0x720/0x720 [ 3335.631999][T26478] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3335.637353][T26478] netlink_rcv_skb+0x153/0x420 [ 3335.642119][T26478] ? genl_get_cmd+0x480/0x480 [ 3335.646804][T26478] ? netlink_ack+0xa60/0xa60 [ 3335.651412][T26478] ? netlink_deliver_tap+0x1b1/0xc30 [ 3335.656700][T26478] genl_rcv+0x24/0x40 [ 3335.660679][T26478] netlink_unicast+0x533/0x7d0 [ 3335.665437][T26478] ? netlink_attachskb+0x890/0x890 [ 3335.670538][T26478] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3335.676794][T26478] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3335.683045][T26478] ? __phys_addr_symbol+0x2c/0x70 [ 3335.688064][T26478] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3335.693796][T26478] ? __check_object_size+0x16e/0x3f0 [ 3335.699076][T26478] netlink_sendmsg+0x86d/0xdb0 [ 3335.703844][T26478] ? netlink_unicast+0x7d0/0x7d0 [ 3335.708787][T26478] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3335.715030][T26478] ? netlink_unicast+0x7d0/0x7d0 [ 3335.719963][T26478] sock_sendmsg+0xcf/0x120 [ 3335.724380][T26478] ____sys_sendmsg+0x6e8/0x810 [ 3335.729162][T26478] ? kernel_sendmsg+0x50/0x50 [ 3335.733829][T26478] ? do_recvmmsg+0x6d0/0x6d0 [ 3335.738430][T26478] ? lock_chain_count+0x20/0x20 [ 3335.743299][T26478] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3335.749275][T26478] ___sys_sendmsg+0xf3/0x170 [ 3335.753856][T26478] ? sendmsg_copy_msghdr+0x160/0x160 [ 3335.759131][T26478] ? __fget_files+0x21b/0x3e0 [ 3335.763804][T26478] ? lock_downgrade+0x6e0/0x6e0 [ 3335.768668][T26478] ? __fget_files+0x23d/0x3e0 [ 3335.773362][T26478] ? __fget_light+0xea/0x280 [ 3335.777950][T26478] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3335.784209][T26478] __sys_sendmsg+0xe5/0x1b0 [ 3335.788708][T26478] ? __sys_sendmsg_sock+0x30/0x30 [ 3335.793754][T26478] ? syscall_enter_from_user_mode+0x21/0x70 [ 3335.799718][T26478] do_syscall_64+0x35/0xb0 [ 3335.804125][T26478] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3335.810020][T26478] RIP: 0033:0x7f812fd3ba39 [ 3335.814422][T26478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3335.834015][T26478] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3335.842418][T26478] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3335.850380][T26478] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 02:40:04 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000700"/36}}]}]}, 0x64}}, 0x0) [ 3335.858357][T26478] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3335.866315][T26478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3335.874273][T26478] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:05 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000198300040001"], 0x24}}, 0x0) 02:40:05 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800006b00"/36}}]}]}, 0x64}}, 0x0) 02:40:05 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000000e000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:05 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001a8300040001"], 0x24}}, 0x0) 02:40:05 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 40) 02:40:05 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x1000000, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:05 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000900"/36}}]}]}, 0x64}}, 0x0) 02:40:05 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001b8300040001"], 0x24}}, 0x0) 02:40:05 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800008100"/36}}]}]}, 0x64}}, 0x0) 02:40:05 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000000f000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:05 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x2000000, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3336.296662][T26514] FAULT_INJECTION: forcing a failure. [ 3336.296662][T26514] name failslab, interval 1, probability 0, space 0, times 0 [ 3336.355947][T26514] CPU: 1 PID: 26514 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3336.364753][T26514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3336.374824][T26514] Call Trace: [ 3336.378115][T26514] dump_stack_lvl+0xcd/0x134 [ 3336.382732][T26514] should_fail.cold+0x5/0xa [ 3336.387267][T26514] ? crypto_create_tfm_node+0x7f/0x320 [ 3336.392748][T26514] should_failslab+0x5/0x10 [ 3336.397270][T26514] __kmalloc_node+0x75/0x370 [ 3336.401891][T26514] crypto_create_tfm_node+0x7f/0x320 [ 3336.407210][T26514] crypto_spawn_tfm2+0x60/0xb0 [ 3336.411999][T26514] crypto_gcm_init_tfm+0x6d/0x260 [ 3336.417043][T26514] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3336.422696][T26514] crypto_aead_init_tfm+0x138/0x1a0 [ 3336.427924][T26514] crypto_create_tfm_node+0x10d/0x320 [ 3336.433324][T26514] crypto_alloc_tfm_node+0x107/0x260 [ 3336.438634][T26514] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3336.444391][T26514] tipc_crypto_key_init+0x82/0x110 [ 3336.449529][T26514] ? tipc_ehdr_validate+0x240/0x240 [ 3336.454923][T26514] ? crypto_mod_put+0x8c/0x100 [ 3336.459714][T26514] tipc_nl_node_set_key+0xa5d/0xf70 [ 3336.464946][T26514] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3336.471223][T26514] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3336.477481][T26514] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3336.484878][T26514] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3336.492198][T26514] genl_family_rcv_msg_doit+0x228/0x320 [ 3336.497768][T26514] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3336.505160][T26514] ? mutex_lock_io_nested+0x1150/0x1150 [ 3336.510747][T26514] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3336.517016][T26514] ? __radix_tree_lookup+0x211/0x2a0 [ 3336.522322][T26514] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3336.528585][T26514] ? genl_get_cmd+0x3cf/0x480 [ 3336.533287][T26514] genl_rcv_msg+0x328/0x580 [ 3336.537814][T26514] ? genl_get_cmd+0x480/0x480 [ 3336.542587][T26514] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3336.548829][T26514] ? lock_release+0x720/0x720 [ 3336.553504][T26514] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3336.558811][T26514] netlink_rcv_skb+0x153/0x420 [ 3336.563597][T26514] ? genl_get_cmd+0x480/0x480 [ 3336.568286][T26514] ? netlink_ack+0xa60/0xa60 [ 3336.572970][T26514] ? netlink_deliver_tap+0x1b1/0xc30 [ 3336.578283][T26514] genl_rcv+0x24/0x40 [ 3336.582307][T26514] netlink_unicast+0x533/0x7d0 [ 3336.587066][T26514] ? netlink_attachskb+0x890/0x890 [ 3336.592189][T26514] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3336.598430][T26514] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3336.604665][T26514] ? __phys_addr_symbol+0x2c/0x70 [ 3336.609704][T26514] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3336.615440][T26514] ? __check_object_size+0x16e/0x3f0 [ 3336.620781][T26514] netlink_sendmsg+0x86d/0xdb0 [ 3336.625563][T26514] ? netlink_unicast+0x7d0/0x7d0 [ 3336.630504][T26514] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3336.636759][T26514] ? netlink_unicast+0x7d0/0x7d0 [ 3336.641696][T26514] sock_sendmsg+0xcf/0x120 [ 3336.646120][T26514] ____sys_sendmsg+0x6e8/0x810 [ 3336.650902][T26514] ? kernel_sendmsg+0x50/0x50 [ 3336.655614][T26514] ? do_recvmmsg+0x6d0/0x6d0 [ 3336.660205][T26514] ? lock_chain_count+0x20/0x20 [ 3336.665049][T26514] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3336.671080][T26514] ___sys_sendmsg+0xf3/0x170 [ 3336.675661][T26514] ? sendmsg_copy_msghdr+0x160/0x160 [ 3336.680944][T26514] ? __fget_files+0x21b/0x3e0 [ 3336.685610][T26514] ? lock_downgrade+0x6e0/0x6e0 [ 3336.690474][T26514] ? __fget_files+0x23d/0x3e0 [ 3336.695163][T26514] ? __fget_light+0xea/0x280 [ 3336.699763][T26514] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3336.706004][T26514] __sys_sendmsg+0xe5/0x1b0 [ 3336.710525][T26514] ? __sys_sendmsg_sock+0x30/0x30 [ 3336.715564][T26514] ? syscall_enter_from_user_mode+0x21/0x70 [ 3336.721456][T26514] do_syscall_64+0x35/0xb0 [ 3336.725881][T26514] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3336.731782][T26514] RIP: 0033:0x7f812fd3ba39 [ 3336.736197][T26514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3336.755815][T26514] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3336.764220][T26514] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3336.772240][T26514] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3336.780202][T26514] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3336.788164][T26514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3336.796148][T26514] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:05 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001c8300040001"], 0x24}}, 0x0) 02:40:05 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001d8300040001"], 0x24}}, 0x0) 02:40:06 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 41) 02:40:06 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000e00"/36}}]}]}, 0x64}}, 0x0) 02:40:06 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800038100"/36}}]}]}, 0x64}}, 0x0) 02:40:06 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x3000000, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:06 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000060000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:06 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001e8300040001"], 0x24}}, 0x0) [ 3337.128147][T26545] FAULT_INJECTION: forcing a failure. [ 3337.128147][T26545] name failslab, interval 1, probability 0, space 0, times 0 [ 3337.164803][T26545] CPU: 0 PID: 26545 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3337.173611][T26545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3337.183679][T26545] Call Trace: [ 3337.186976][T26545] dump_stack_lvl+0xcd/0x134 [ 3337.191680][T26545] should_fail.cold+0x5/0xa [ 3337.196307][T26545] ? crypto_create_tfm_node+0x7f/0x320 [ 3337.201786][T26545] should_failslab+0x5/0x10 [ 3337.206316][T26545] __kmalloc_node+0x75/0x370 [ 3337.210940][T26545] crypto_create_tfm_node+0x7f/0x320 [ 3337.216255][T26545] crypto_alloc_tfm_node+0x107/0x260 [ 3337.221574][T26545] cryptd_alloc_skcipher+0x101/0x200 [ 3337.226886][T26545] ? cryptd_hash_exit_tfm+0x40/0x40 [ 3337.232116][T26545] ? __kmalloc_node+0x62/0x370 [ 3337.236922][T26545] ? simd_skcipher_exit+0x40/0x40 [ 3337.241970][T26545] simd_skcipher_init+0x67/0x180 [ 3337.246928][T26545] ? simd_skcipher_exit+0x40/0x40 [ 3337.251971][T26545] crypto_skcipher_init_tfm+0x127/0x180 [ 3337.257537][T26545] crypto_create_tfm_node+0x10d/0x320 [ 3337.262940][T26545] crypto_spawn_tfm2+0x60/0xb0 [ 3337.267707][T26545] crypto_gcm_init_tfm+0x6d/0x260 [ 3337.272732][T26545] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3337.278365][T26545] crypto_aead_init_tfm+0x138/0x1a0 [ 3337.283564][T26545] crypto_create_tfm_node+0x10d/0x320 [ 3337.288940][T26545] crypto_alloc_tfm_node+0x107/0x260 [ 3337.294231][T26545] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3337.299971][T26545] tipc_crypto_key_init+0x82/0x110 [ 3337.305086][T26545] ? tipc_ehdr_validate+0x240/0x240 [ 3337.310289][T26545] ? crypto_mod_put+0x8c/0x100 [ 3337.315059][T26545] tipc_nl_node_set_key+0xa5d/0xf70 [ 3337.320264][T26545] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3337.326515][T26545] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3337.332759][T26545] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3337.340146][T26545] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3337.347439][T26545] genl_family_rcv_msg_doit+0x228/0x320 [ 3337.352984][T26545] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3337.360352][T26545] ? mutex_lock_io_nested+0x1150/0x1150 [ 3337.365904][T26545] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3337.372146][T26545] ? __radix_tree_lookup+0x211/0x2a0 [ 3337.377453][T26545] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3337.383692][T26545] ? genl_get_cmd+0x3cf/0x480 [ 3337.388370][T26545] genl_rcv_msg+0x328/0x580 [ 3337.393050][T26545] ? genl_get_cmd+0x480/0x480 [ 3337.397726][T26545] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3337.403976][T26545] ? lock_release+0x720/0x720 [ 3337.408650][T26545] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3337.414028][T26545] netlink_rcv_skb+0x153/0x420 [ 3337.418793][T26545] ? genl_get_cmd+0x480/0x480 [ 3337.423992][T26545] ? netlink_ack+0xa60/0xa60 [ 3337.428586][T26545] ? netlink_deliver_tap+0x1b1/0xc30 [ 3337.433873][T26545] genl_rcv+0x24/0x40 [ 3337.437850][T26545] netlink_unicast+0x533/0x7d0 [ 3337.442615][T26545] ? netlink_attachskb+0x890/0x890 [ 3337.447722][T26545] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3337.453971][T26545] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3337.460215][T26545] ? __phys_addr_symbol+0x2c/0x70 [ 3337.465235][T26545] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3337.470951][T26545] ? __check_object_size+0x16e/0x3f0 [ 3337.476240][T26545] netlink_sendmsg+0x86d/0xdb0 [ 3337.481007][T26545] ? netlink_unicast+0x7d0/0x7d0 [ 3337.485947][T26545] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3337.492203][T26545] ? netlink_unicast+0x7d0/0x7d0 [ 3337.497140][T26545] sock_sendmsg+0xcf/0x120 [ 3337.501560][T26545] ____sys_sendmsg+0x6e8/0x810 [ 3337.506324][T26545] ? kernel_sendmsg+0x50/0x50 [ 3337.510998][T26545] ? do_recvmmsg+0x6d0/0x6d0 [ 3337.515598][T26545] ? lock_chain_count+0x20/0x20 [ 3337.520449][T26545] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3337.526437][T26545] ___sys_sendmsg+0xf3/0x170 [ 3337.531030][T26545] ? sendmsg_copy_msghdr+0x160/0x160 [ 3337.536320][T26545] ? __fget_files+0x21b/0x3e0 [ 3337.540992][T26545] ? lock_downgrade+0x6e0/0x6e0 [ 3337.545853][T26545] ? __fget_files+0x23d/0x3e0 [ 3337.550531][T26545] ? __fget_light+0xea/0x280 [ 3337.555117][T26545] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3337.561365][T26545] __sys_sendmsg+0xe5/0x1b0 [ 3337.565864][T26545] ? __sys_sendmsg_sock+0x30/0x30 [ 3337.570901][T26545] ? syscall_enter_from_user_mode+0x21/0x70 [ 3337.576800][T26545] do_syscall_64+0x35/0xb0 [ 3337.581215][T26545] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3337.587106][T26545] RIP: 0033:0x7f812fd3ba39 [ 3337.591515][T26545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3337.611116][T26545] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3337.619528][T26545] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 02:40:06 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x4000000, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:06 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001f8300040001"], 0x24}}, 0x0) [ 3337.627495][T26545] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3337.635457][T26545] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3337.643682][T26545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3337.651659][T26545] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:06 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000208300040001"], 0x24}}, 0x0) 02:40:06 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000f0000000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:07 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000f00"/36}}]}]}, 0x64}}, 0x0) 02:40:07 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800019c00"/36}}]}]}, 0x64}}, 0x0) 02:40:07 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 42) 02:40:07 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x7000000, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:07 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000218300040001"], 0x24}}, 0x0) 02:40:07 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000030000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:07 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000003f00"/36}}]}]}, 0x64}}, 0x0) 02:40:07 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000228300040001"], 0x24}}, 0x0) [ 3338.144664][T26576] FAULT_INJECTION: forcing a failure. [ 3338.144664][T26576] name failslab, interval 1, probability 0, space 0, times 0 [ 3338.217389][T26576] CPU: 1 PID: 26576 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3338.226202][T26576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3338.236276][T26576] Call Trace: [ 3338.239570][T26576] dump_stack_lvl+0xcd/0x134 [ 3338.244191][T26576] should_fail.cold+0x5/0xa [ 3338.248724][T26576] ? crypto_create_tfm_node+0x7f/0x320 [ 3338.254206][T26576] should_failslab+0x5/0x10 [ 3338.258729][T26576] __kmalloc_node+0x75/0x370 [ 3338.263361][T26576] crypto_create_tfm_node+0x7f/0x320 [ 3338.268671][T26576] crypto_spawn_tfm2+0x60/0xb0 [ 3338.273458][T26576] ? cryptd_skcipher_setkey+0xd0/0xd0 [ 3338.278853][T26576] cryptd_skcipher_init_tfm+0x3a/0xe0 [ 3338.284256][T26576] crypto_skcipher_init_tfm+0x127/0x180 [ 3338.289828][T26576] crypto_create_tfm_node+0x10d/0x320 [ 3338.295229][T26576] crypto_alloc_tfm_node+0x107/0x260 [ 3338.300541][T26576] cryptd_alloc_skcipher+0x101/0x200 [ 3338.305851][T26576] ? cryptd_hash_exit_tfm+0x40/0x40 [ 3338.311079][T26576] ? __kmalloc_node+0x62/0x370 [ 3338.315887][T26576] ? simd_skcipher_exit+0x40/0x40 [ 3338.320932][T26576] simd_skcipher_init+0x67/0x180 [ 3338.325891][T26576] ? simd_skcipher_exit+0x40/0x40 [ 3338.330934][T26576] crypto_skcipher_init_tfm+0x127/0x180 [ 3338.336501][T26576] crypto_create_tfm_node+0x10d/0x320 [ 3338.341879][T26576] crypto_spawn_tfm2+0x60/0xb0 [ 3338.346671][T26576] crypto_gcm_init_tfm+0x6d/0x260 [ 3338.351714][T26576] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3338.357365][T26576] crypto_aead_init_tfm+0x138/0x1a0 [ 3338.362620][T26576] crypto_create_tfm_node+0x10d/0x320 02:40:07 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000238300040001"], 0x24}}, 0x0) 02:40:07 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80003ce00"/36}}]}]}, 0x64}}, 0x0) [ 3338.368026][T26576] crypto_alloc_tfm_node+0x107/0x260 [ 3338.373345][T26576] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3338.379105][T26576] tipc_crypto_key_init+0x82/0x110 [ 3338.384247][T26576] ? tipc_ehdr_validate+0x240/0x240 [ 3338.389466][T26576] ? crypto_mod_put+0x8c/0x100 [ 3338.394259][T26576] tipc_nl_node_set_key+0xa5d/0xf70 [ 3338.399487][T26576] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3338.405756][T26576] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 02:40:07 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000248300040001"], 0x24}}, 0x0) [ 3338.412023][T26576] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3338.419414][T26576] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3338.426764][T26576] genl_family_rcv_msg_doit+0x228/0x320 [ 3338.432336][T26576] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3338.439728][T26576] ? mutex_lock_io_nested+0x1150/0x1150 [ 3338.445308][T26576] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3338.451569][T26576] ? __radix_tree_lookup+0x211/0x2a0 [ 3338.456875][T26576] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3338.463137][T26576] ? genl_get_cmd+0x3cf/0x480 02:40:07 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000258300040001"], 0x24}}, 0x0) [ 3338.467839][T26576] genl_rcv_msg+0x328/0x580 [ 3338.472365][T26576] ? genl_get_cmd+0x480/0x480 [ 3338.477062][T26576] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3338.483342][T26576] ? lock_release+0x720/0x720 [ 3338.488039][T26576] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3338.493355][T26576] netlink_rcv_skb+0x153/0x420 [ 3338.498136][T26576] ? genl_get_cmd+0x480/0x480 [ 3338.502833][T26576] ? netlink_ack+0xa60/0xa60 [ 3338.507452][T26576] ? netlink_deliver_tap+0x1b1/0xc30 [ 3338.512765][T26576] genl_rcv+0x24/0x40 [ 3338.516759][T26576] netlink_unicast+0x533/0x7d0 [ 3338.521547][T26576] ? netlink_attachskb+0x890/0x890 [ 3338.526682][T26576] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3338.532949][T26576] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3338.539215][T26576] ? __phys_addr_symbol+0x2c/0x70 [ 3338.544257][T26576] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3338.549996][T26576] ? __check_object_size+0x16e/0x3f0 [ 3338.555315][T26576] netlink_sendmsg+0x86d/0xdb0 [ 3338.560114][T26576] ? netlink_unicast+0x7d0/0x7d0 02:40:07 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000268300040001"], 0x24}}, 0x0) [ 3338.565081][T26576] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3338.571350][T26576] ? netlink_unicast+0x7d0/0x7d0 [ 3338.576309][T26576] sock_sendmsg+0xcf/0x120 [ 3338.580748][T26576] ____sys_sendmsg+0x6e8/0x810 [ 3338.585533][T26576] ? kernel_sendmsg+0x50/0x50 [ 3338.590228][T26576] ? do_recvmmsg+0x6d0/0x6d0 [ 3338.594849][T26576] ? lock_chain_count+0x20/0x20 [ 3338.599725][T26576] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3338.605732][T26576] ___sys_sendmsg+0xf3/0x170 [ 3338.610347][T26576] ? sendmsg_copy_msghdr+0x160/0x160 02:40:07 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000278300040001"], 0x24}}, 0x0) [ 3338.615660][T26576] ? __fget_files+0x21b/0x3e0 [ 3338.620356][T26576] ? lock_downgrade+0x6e0/0x6e0 [ 3338.625248][T26576] ? __fget_files+0x23d/0x3e0 [ 3338.629953][T26576] ? __fget_light+0xea/0x280 [ 3338.634566][T26576] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3338.640837][T26576] __sys_sendmsg+0xe5/0x1b0 [ 3338.645364][T26576] ? __sys_sendmsg_sock+0x30/0x30 [ 3338.650541][T26576] ? syscall_enter_from_user_mode+0x21/0x70 [ 3338.656489][T26576] do_syscall_64+0x35/0xb0 [ 3338.660927][T26576] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3338.666843][T26576] RIP: 0033:0x7f812fd3ba39 [ 3338.671272][T26576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3338.690894][T26576] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3338.699323][T26576] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3338.707306][T26576] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3338.715288][T26576] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3338.723288][T26576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3338.731271][T26576] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:07 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 43) 02:40:07 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x8000000, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:07 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000288300040001"], 0x24}}, 0x0) 02:40:07 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000c14100"/36}}]}]}, 0x64}}, 0x0) 02:40:07 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000070000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:07 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000f000"/36}}]}]}, 0x64}}, 0x0) [ 3338.965262][T26606] FAULT_INJECTION: forcing a failure. [ 3338.965262][T26606] name failslab, interval 1, probability 0, space 0, times 0 02:40:08 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000298300040001"], 0x24}}, 0x0) [ 3339.013357][T26606] CPU: 1 PID: 26606 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3339.022163][T26606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3339.032233][T26606] Call Trace: [ 3339.035527][T26606] dump_stack_lvl+0xcd/0x134 [ 3339.040144][T26606] should_fail.cold+0x5/0xa [ 3339.044677][T26606] ? crypto_gcm_setkey+0x13e/0x590 [ 3339.049815][T26606] should_failslab+0x5/0x10 [ 3339.054346][T26606] __kmalloc+0x72/0x320 [ 3339.058536][T26606] crypto_gcm_setkey+0x13e/0x590 [ 3339.063507][T26606] crypto_aead_setkey+0xbf/0x290 [ 3339.068476][T26606] tipc_aead_init.constprop.0+0x17b/0x8f0 [ 3339.074240][T26606] tipc_crypto_key_init+0x82/0x110 [ 3339.079383][T26606] ? tipc_ehdr_validate+0x240/0x240 [ 3339.084604][T26606] ? crypto_mod_put+0x8c/0x100 [ 3339.089433][T26606] tipc_nl_node_set_key+0xa5d/0xf70 [ 3339.094662][T26606] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3339.100938][T26606] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3339.107209][T26606] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3339.114605][T26606] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3339.121936][T26606] genl_family_rcv_msg_doit+0x228/0x320 [ 3339.127515][T26606] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3339.134910][T26606] ? mutex_lock_io_nested+0x1150/0x1150 [ 3339.140489][T26606] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3339.146757][T26606] ? __radix_tree_lookup+0x211/0x2a0 [ 3339.152058][T26606] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3339.158295][T26606] ? genl_get_cmd+0x3cf/0x480 [ 3339.163000][T26606] genl_rcv_msg+0x328/0x580 [ 3339.167522][T26606] ? genl_get_cmd+0x480/0x480 [ 3339.172218][T26606] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3339.178491][T26606] ? lock_release+0x720/0x720 [ 3339.183183][T26606] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3339.188494][T26606] netlink_rcv_skb+0x153/0x420 [ 3339.193278][T26606] ? genl_get_cmd+0x480/0x480 [ 3339.197970][T26606] ? netlink_ack+0xa60/0xa60 [ 3339.202568][T26606] ? netlink_deliver_tap+0x1b1/0xc30 [ 3339.207866][T26606] genl_rcv+0x24/0x40 [ 3339.211834][T26606] netlink_unicast+0x533/0x7d0 [ 3339.216591][T26606] ? netlink_attachskb+0x890/0x890 [ 3339.221688][T26606] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3339.227926][T26606] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3339.234178][T26606] ? __phys_addr_symbol+0x2c/0x70 [ 3339.239192][T26606] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3339.244911][T26606] ? __check_object_size+0x16e/0x3f0 [ 3339.250229][T26606] netlink_sendmsg+0x86d/0xdb0 [ 3339.255014][T26606] ? netlink_unicast+0x7d0/0x7d0 [ 3339.259971][T26606] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3339.266211][T26606] ? netlink_unicast+0x7d0/0x7d0 [ 3339.271160][T26606] sock_sendmsg+0xcf/0x120 [ 3339.275573][T26606] ____sys_sendmsg+0x6e8/0x810 [ 3339.280351][T26606] ? kernel_sendmsg+0x50/0x50 [ 3339.285018][T26606] ? do_recvmmsg+0x6d0/0x6d0 [ 3339.289602][T26606] ? lock_chain_count+0x20/0x20 [ 3339.294459][T26606] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3339.300475][T26606] ___sys_sendmsg+0xf3/0x170 [ 3339.305085][T26606] ? sendmsg_copy_msghdr+0x160/0x160 [ 3339.310367][T26606] ? __fget_files+0x21b/0x3e0 [ 3339.315042][T26606] ? lock_downgrade+0x6e0/0x6e0 [ 3339.319912][T26606] ? __fget_files+0x23d/0x3e0 [ 3339.324615][T26606] ? __fget_light+0xea/0x280 [ 3339.329227][T26606] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3339.335494][T26606] __sys_sendmsg+0xe5/0x1b0 [ 3339.340019][T26606] ? __sys_sendmsg_sock+0x30/0x30 [ 3339.345066][T26606] ? syscall_enter_from_user_mode+0x21/0x70 [ 3339.350956][T26606] do_syscall_64+0x35/0xb0 [ 3339.355377][T26606] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3339.361262][T26606] RIP: 0033:0x7f812fd3ba39 [ 3339.365666][T26606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3339.385265][T26606] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3339.393695][T26606] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3339.401664][T26606] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3339.409643][T26606] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3339.417618][T26606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3339.425862][T26606] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:08 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000008400040001"], 0x24}}, 0x0) 02:40:08 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000300"/36}}]}]}, 0x64}}, 0x0) 02:40:08 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 44) 02:40:08 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000006000"/36}}]}]}, 0x64}}, 0x0) 02:40:08 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000018400040001"], 0x24}}, 0x0) 02:40:08 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000000e0000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:08 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0xe000000, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3339.689870][T26631] FAULT_INJECTION: forcing a failure. [ 3339.689870][T26631] name failslab, interval 1, probability 0, space 0, times 0 [ 3339.716864][T26631] CPU: 1 PID: 26631 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3339.725661][T26631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3339.735734][T26631] Call Trace: [ 3339.739028][T26631] dump_stack_lvl+0xcd/0x134 [ 3339.743638][T26631] should_fail.cold+0x5/0xa [ 3339.748139][T26631] ? tipc_aead_init.constprop.0+0x1bb/0x8f0 [ 3339.754032][T26631] should_failslab+0x5/0x10 [ 3339.758555][T26631] kmem_cache_alloc_trace+0x55/0x2b0 [ 3339.763868][T26631] ? crypto_aead_setkey+0x10f/0x290 [ 3339.769100][T26631] tipc_aead_init.constprop.0+0x1bb/0x8f0 [ 3339.774863][T26631] tipc_crypto_key_init+0x82/0x110 [ 3339.780004][T26631] ? tipc_ehdr_validate+0x240/0x240 [ 3339.785230][T26631] ? crypto_mod_put+0x8c/0x100 [ 3339.790034][T26631] tipc_nl_node_set_key+0xa5d/0xf70 [ 3339.795273][T26631] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3339.801549][T26631] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3339.807905][T26631] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3339.815303][T26631] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3339.822807][T26631] genl_family_rcv_msg_doit+0x228/0x320 [ 3339.828385][T26631] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 02:40:08 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000028400040001"], 0x24}}, 0x0) [ 3339.835783][T26631] ? mutex_lock_io_nested+0x1150/0x1150 [ 3339.841362][T26631] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3339.847722][T26631] ? __radix_tree_lookup+0x211/0x2a0 [ 3339.853016][T26631] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3339.859364][T26631] ? genl_get_cmd+0x3cf/0x480 [ 3339.864077][T26631] genl_rcv_msg+0x328/0x580 [ 3339.868605][T26631] ? genl_get_cmd+0x480/0x480 [ 3339.873304][T26631] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3339.879583][T26631] ? lock_release+0x720/0x720 [ 3339.884283][T26631] ? netdev_core_pick_tx+0x2e0/0x2e0 02:40:08 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000038400040001"], 0x24}}, 0x0) [ 3339.889595][T26631] netlink_rcv_skb+0x153/0x420 [ 3339.894380][T26631] ? genl_get_cmd+0x480/0x480 [ 3339.899088][T26631] ? netlink_ack+0xa60/0xa60 [ 3339.903704][T26631] ? netlink_deliver_tap+0x1b1/0xc30 [ 3339.909016][T26631] genl_rcv+0x24/0x40 [ 3339.913013][T26631] netlink_unicast+0x533/0x7d0 [ 3339.917802][T26631] ? netlink_attachskb+0x890/0x890 [ 3339.922928][T26631] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3339.929199][T26631] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3339.935455][T26631] ? __phys_addr_symbol+0x2c/0x70 [ 3339.940493][T26631] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3339.946262][T26631] ? __check_object_size+0x16e/0x3f0 [ 3339.951544][T26631] netlink_sendmsg+0x86d/0xdb0 [ 3339.956314][T26631] ? netlink_unicast+0x7d0/0x7d0 [ 3339.961346][T26631] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3339.967589][T26631] ? netlink_unicast+0x7d0/0x7d0 [ 3339.972531][T26631] sock_sendmsg+0xcf/0x120 [ 3339.977003][T26631] ____sys_sendmsg+0x6e8/0x810 [ 3339.981818][T26631] ? kernel_sendmsg+0x50/0x50 [ 3339.986497][T26631] ? do_recvmmsg+0x6d0/0x6d0 [ 3339.991086][T26631] ? lock_chain_count+0x20/0x20 [ 3339.995928][T26631] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3340.001912][T26631] ___sys_sendmsg+0xf3/0x170 [ 3340.006507][T26631] ? sendmsg_copy_msghdr+0x160/0x160 [ 3340.012018][T26631] ? __fget_files+0x21b/0x3e0 [ 3340.016691][T26631] ? lock_downgrade+0x6e0/0x6e0 [ 3340.021541][T26631] ? __fget_files+0x23d/0x3e0 [ 3340.026215][T26631] ? __fget_light+0xea/0x280 [ 3340.030815][T26631] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3340.037052][T26631] __sys_sendmsg+0xe5/0x1b0 [ 3340.041551][T26631] ? __sys_sendmsg_sock+0x30/0x30 [ 3340.046578][T26631] ? syscall_enter_from_user_mode+0x21/0x70 [ 3340.052467][T26631] do_syscall_64+0x35/0xb0 [ 3340.056875][T26631] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3340.062761][T26631] RIP: 0033:0x7f812fd3ba39 [ 3340.067167][T26631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3340.086761][T26631] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3340.095166][T26631] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3340.103125][T26631] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3340.111083][T26631] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3340.119040][T26631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3340.126995][T26631] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:09 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000048400040001"], 0x24}}, 0x0) 02:40:09 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000041c100"/36}}]}]}, 0x64}}, 0x0) 02:40:09 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0xf000000, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:09 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800fffff000"/36}}]}]}, 0x64}}, 0x0) 02:40:09 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000c00e0000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:09 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 45) 02:40:09 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000058400040001"], 0x24}}, 0x0) 02:40:09 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x4cf13793, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:09 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000f000"/36}}]}]}, 0x64}}, 0x0) 02:40:09 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000100"/36}}]}]}, 0x64}}, 0x0) 02:40:09 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000000f0000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3340.524879][T26666] FAULT_INJECTION: forcing a failure. [ 3340.524879][T26666] name failslab, interval 1, probability 0, space 0, times 0 [ 3340.592343][T26666] CPU: 1 PID: 26666 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3340.601146][T26666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3340.611236][T26666] Call Trace: [ 3340.614535][T26666] dump_stack_lvl+0xcd/0x134 [ 3340.619153][T26666] should_fail.cold+0x5/0xa [ 3340.623680][T26666] ? crypto_create_tfm_node+0x7f/0x320 [ 3340.629131][T26666] should_failslab+0x5/0x10 [ 3340.633625][T26666] __kmalloc_node+0x75/0x370 [ 3340.638214][T26666] crypto_create_tfm_node+0x7f/0x320 [ 3340.643501][T26666] crypto_alloc_tfm_node+0x107/0x260 [ 3340.648817][T26666] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3340.654583][T26666] tipc_crypto_key_init+0x82/0x110 [ 3340.659721][T26666] ? tipc_ehdr_validate+0x240/0x240 [ 3340.664943][T26666] ? crypto_mod_put+0x8c/0x100 [ 3340.669738][T26666] tipc_nl_node_set_key+0xa5d/0xf70 [ 3340.674971][T26666] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3340.681251][T26666] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3340.687515][T26666] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3340.694913][T26666] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3340.702229][T26666] genl_family_rcv_msg_doit+0x228/0x320 [ 3340.707801][T26666] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3340.715193][T26666] ? mutex_lock_io_nested+0x1150/0x1150 [ 3340.720773][T26666] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3340.727038][T26666] ? __radix_tree_lookup+0x211/0x2a0 [ 3340.732342][T26666] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3340.738602][T26666] ? genl_get_cmd+0x3cf/0x480 [ 3340.743302][T26666] genl_rcv_msg+0x328/0x580 [ 3340.747828][T26666] ? genl_get_cmd+0x480/0x480 [ 3340.752529][T26666] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3340.758798][T26666] ? lock_release+0x720/0x720 [ 3340.763508][T26666] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3340.768819][T26666] netlink_rcv_skb+0x153/0x420 [ 3340.773599][T26666] ? genl_get_cmd+0x480/0x480 [ 3340.778297][T26666] ? netlink_ack+0xa60/0xa60 [ 3340.782922][T26666] ? netlink_deliver_tap+0x1b1/0xc30 [ 3340.788220][T26666] genl_rcv+0x24/0x40 [ 3340.792195][T26666] netlink_unicast+0x533/0x7d0 [ 3340.796976][T26666] ? netlink_attachskb+0x890/0x890 [ 3340.802079][T26666] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3340.808321][T26666] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3340.814582][T26666] ? __phys_addr_symbol+0x2c/0x70 [ 3340.819625][T26666] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3340.825365][T26666] ? __check_object_size+0x16e/0x3f0 [ 3340.830660][T26666] netlink_sendmsg+0x86d/0xdb0 [ 3340.835462][T26666] ? netlink_unicast+0x7d0/0x7d0 [ 3340.840396][T26666] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3340.846637][T26666] ? netlink_unicast+0x7d0/0x7d0 [ 3340.851580][T26666] sock_sendmsg+0xcf/0x120 [ 3340.856002][T26666] ____sys_sendmsg+0x6e8/0x810 [ 3340.860758][T26666] ? kernel_sendmsg+0x50/0x50 [ 3340.865422][T26666] ? do_recvmmsg+0x6d0/0x6d0 [ 3340.870036][T26666] ? lock_chain_count+0x20/0x20 [ 3340.874901][T26666] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3340.880900][T26666] ___sys_sendmsg+0xf3/0x170 [ 3340.885481][T26666] ? sendmsg_copy_msghdr+0x160/0x160 [ 3340.890761][T26666] ? __fget_files+0x21b/0x3e0 [ 3340.895428][T26666] ? lock_downgrade+0x6e0/0x6e0 [ 3340.900289][T26666] ? __fget_files+0x23d/0x3e0 [ 3340.904994][T26666] ? __fget_light+0xea/0x280 [ 3340.909592][T26666] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3340.915851][T26666] __sys_sendmsg+0xe5/0x1b0 [ 3340.920355][T26666] ? __sys_sendmsg_sock+0x30/0x30 [ 3340.925379][T26666] ? syscall_enter_from_user_mode+0x21/0x70 [ 3340.931275][T26666] do_syscall_64+0x35/0xb0 [ 3340.935699][T26666] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3340.941601][T26666] RIP: 0033:0x7f812fd3ba39 [ 3340.946003][T26666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3340.965596][T26666] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3340.974175][T26666] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3340.982139][T26666] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3340.990105][T26666] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3340.998101][T26666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3341.006069][T26666] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:10 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000068400040001"], 0x24}}, 0x0) 02:40:10 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000300"/36}}]}]}, 0x64}}, 0x0) 02:40:10 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x60000000, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:10 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000003f0000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:10 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 46) 02:40:10 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000200"/36}}]}]}, 0x64}}, 0x0) 02:40:10 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000078400040001"], 0x24}}, 0x0) 02:40:10 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000047450000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3341.334936][T26695] FAULT_INJECTION: forcing a failure. [ 3341.334936][T26695] name failslab, interval 1, probability 0, space 0, times 0 [ 3341.410079][T26695] CPU: 1 PID: 26695 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3341.418887][T26695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3341.428939][T26695] Call Trace: [ 3341.432229][T26695] dump_stack_lvl+0xcd/0x134 [ 3341.436846][T26695] should_fail.cold+0x5/0xa [ 3341.441380][T26695] ? crypto_create_tfm_node+0x7f/0x320 [ 3341.446858][T26695] should_failslab+0x5/0x10 [ 3341.451376][T26695] __kmalloc_node+0x75/0x370 [ 3341.455998][T26695] crypto_create_tfm_node+0x7f/0x320 [ 3341.461304][T26695] crypto_spawn_tfm2+0x60/0xb0 [ 3341.466089][T26695] crypto_gcm_init_tfm+0x3d/0x260 [ 3341.471130][T26695] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3341.476783][T26695] crypto_aead_init_tfm+0x138/0x1a0 [ 3341.482017][T26695] crypto_create_tfm_node+0x10d/0x320 [ 3341.487415][T26695] crypto_alloc_tfm_node+0x107/0x260 [ 3341.492741][T26695] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3341.498507][T26695] tipc_crypto_key_init+0x82/0x110 [ 3341.503645][T26695] ? tipc_ehdr_validate+0x240/0x240 [ 3341.508861][T26695] ? crypto_mod_put+0x8c/0x100 [ 3341.513661][T26695] tipc_nl_node_set_key+0xa5d/0xf70 [ 3341.519088][T26695] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3341.525367][T26695] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3341.531629][T26695] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3341.539029][T26695] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3341.546342][T26695] genl_family_rcv_msg_doit+0x228/0x320 [ 3341.551913][T26695] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3341.559303][T26695] ? mutex_lock_io_nested+0x1150/0x1150 [ 3341.564882][T26695] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3341.571149][T26695] ? __radix_tree_lookup+0x211/0x2a0 [ 3341.576460][T26695] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3341.582729][T26695] ? genl_get_cmd+0x3cf/0x480 [ 3341.587436][T26695] genl_rcv_msg+0x328/0x580 [ 3341.591963][T26695] ? genl_get_cmd+0x480/0x480 [ 3341.596666][T26695] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3341.602938][T26695] ? lock_release+0x720/0x720 [ 3341.607636][T26695] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3341.612950][T26695] netlink_rcv_skb+0x153/0x420 [ 3341.617735][T26695] ? genl_get_cmd+0x480/0x480 [ 3341.622436][T26695] ? netlink_ack+0xa60/0xa60 [ 3341.627057][T26695] ? netlink_deliver_tap+0x1b1/0xc30 [ 3341.632370][T26695] genl_rcv+0x24/0x40 [ 3341.636367][T26695] netlink_unicast+0x533/0x7d0 [ 3341.641154][T26695] ? netlink_attachskb+0x890/0x890 [ 3341.646280][T26695] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3341.652546][T26695] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3341.658803][T26695] ? __phys_addr_symbol+0x2c/0x70 [ 3341.663844][T26695] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3341.669580][T26695] ? __check_object_size+0x16e/0x3f0 [ 3341.674895][T26695] netlink_sendmsg+0x86d/0xdb0 [ 3341.679704][T26695] ? netlink_unicast+0x7d0/0x7d0 [ 3341.684661][T26695] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3341.690950][T26695] ? netlink_unicast+0x7d0/0x7d0 [ 3341.695885][T26695] sock_sendmsg+0xcf/0x120 [ 3341.700325][T26695] ____sys_sendmsg+0x6e8/0x810 [ 3341.705113][T26695] ? kernel_sendmsg+0x50/0x50 02:40:10 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000088400040001"], 0x24}}, 0x0) 02:40:10 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000098400040001"], 0x24}}, 0x0) 02:40:10 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000a8400040001"], 0x24}}, 0x0) 02:40:10 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000b8400040001"], 0x24}}, 0x0) 02:40:10 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000c8400040001"], 0x24}}, 0x0) [ 3341.709805][T26695] ? do_recvmmsg+0x6d0/0x6d0 [ 3341.714418][T26695] ? lock_chain_count+0x20/0x20 [ 3341.719289][T26695] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3341.725301][T26695] ___sys_sendmsg+0xf3/0x170 [ 3341.729914][T26695] ? sendmsg_copy_msghdr+0x160/0x160 [ 3341.735231][T26695] ? __fget_files+0x21b/0x3e0 [ 3341.739928][T26695] ? lock_downgrade+0x6e0/0x6e0 [ 3341.744819][T26695] ? __fget_files+0x23d/0x3e0 [ 3341.749523][T26695] ? __fget_light+0xea/0x280 [ 3341.754125][T26695] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3341.760367][T26695] __sys_sendmsg+0xe5/0x1b0 [ 3341.764866][T26695] ? __sys_sendmsg_sock+0x30/0x30 [ 3341.769934][T26695] ? syscall_enter_from_user_mode+0x21/0x70 [ 3341.775845][T26695] do_syscall_64+0x35/0xb0 [ 3341.780249][T26695] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3341.786137][T26695] RIP: 0033:0x7f812fd3ba39 [ 3341.790559][T26695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3341.810177][T26695] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3341.818584][T26695] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3341.826595][T26695] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3341.834565][T26695] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3341.842547][T26695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3341.850610][T26695] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:10 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000400300"/36}}]}]}, 0x64}}, 0x0) 02:40:10 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000d8400040001"], 0x24}}, 0x0) 02:40:10 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x9337f14c, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:11 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 47) 02:40:11 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000300"/36}}]}]}, 0x64}}, 0x0) 02:40:11 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000e8400040001"], 0x24}}, 0x0) 02:40:11 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000045470000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:11 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x9effffff, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:11 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000034000"/36}}]}]}, 0x64}}, 0x0) [ 3342.154237][T26730] FAULT_INJECTION: forcing a failure. [ 3342.154237][T26730] name failslab, interval 1, probability 0, space 0, times 0 [ 3342.210089][T26730] CPU: 0 PID: 26730 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3342.218890][T26730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3342.228961][T26730] Call Trace: [ 3342.232252][T26730] dump_stack_lvl+0xcd/0x134 [ 3342.236870][T26730] should_fail.cold+0x5/0xa [ 3342.241404][T26730] ? crypto_create_tfm_node+0x7f/0x320 [ 3342.246889][T26730] should_failslab+0x5/0x10 [ 3342.251406][T26730] __kmalloc_node+0x75/0x370 [ 3342.256034][T26730] crypto_create_tfm_node+0x7f/0x320 [ 3342.261342][T26730] crypto_alloc_tfm_node+0x107/0x260 [ 3342.266654][T26730] cryptd_alloc_ahash+0x101/0x200 [ 3342.271709][T26730] ? cryptd_ahash_queued+0x70/0x70 [ 3342.276869][T26730] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3342.282439][T26730] ? trace_kmalloc_node+0x32/0x100 [ 3342.287574][T26730] ? ghash_async_exit_tfm+0x40/0x40 [ 3342.292803][T26730] ghash_async_init_tfm+0x21/0x100 [ 3342.297936][T26730] ? ghash_async_exit_tfm+0x40/0x40 [ 3342.303155][T26730] crypto_create_tfm_node+0x19b/0x320 [ 3342.308553][T26730] crypto_spawn_tfm2+0x60/0xb0 [ 3342.313339][T26730] crypto_gcm_init_tfm+0x3d/0x260 [ 3342.318380][T26730] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3342.324034][T26730] crypto_aead_init_tfm+0x138/0x1a0 [ 3342.329260][T26730] crypto_create_tfm_node+0x10d/0x320 [ 3342.334654][T26730] crypto_alloc_tfm_node+0x107/0x260 [ 3342.339968][T26730] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3342.345737][T26730] tipc_crypto_key_init+0x82/0x110 [ 3342.350875][T26730] ? tipc_ehdr_validate+0x240/0x240 [ 3342.356090][T26730] ? crypto_mod_put+0x8c/0x100 [ 3342.360880][T26730] tipc_nl_node_set_key+0xa5d/0xf70 [ 3342.366105][T26730] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3342.372378][T26730] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3342.378637][T26730] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3342.386066][T26730] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3342.393387][T26730] genl_family_rcv_msg_doit+0x228/0x320 [ 3342.398956][T26730] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3342.406345][T26730] ? mutex_lock_io_nested+0x1150/0x1150 [ 3342.411920][T26730] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3342.418181][T26730] ? __radix_tree_lookup+0x211/0x2a0 [ 3342.423481][T26730] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3342.429743][T26730] ? genl_get_cmd+0x3cf/0x480 [ 3342.434449][T26730] genl_rcv_msg+0x328/0x580 [ 3342.439013][T26730] ? genl_get_cmd+0x480/0x480 [ 3342.443705][T26730] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3342.449982][T26730] ? lock_release+0x720/0x720 [ 3342.454677][T26730] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3342.459996][T26730] netlink_rcv_skb+0x153/0x420 [ 3342.464824][T26730] ? genl_get_cmd+0x480/0x480 [ 3342.469734][T26730] ? netlink_ack+0xa60/0xa60 [ 3342.474330][T26730] ? netlink_deliver_tap+0x1b1/0xc30 [ 3342.479719][T26730] genl_rcv+0x24/0x40 [ 3342.483694][T26730] netlink_unicast+0x533/0x7d0 [ 3342.488477][T26730] ? netlink_attachskb+0x890/0x890 [ 3342.493581][T26730] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3342.499841][T26730] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3342.506075][T26730] ? __phys_addr_symbol+0x2c/0x70 [ 3342.511090][T26730] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3342.516803][T26730] ? __check_object_size+0x16e/0x3f0 [ 3342.522108][T26730] netlink_sendmsg+0x86d/0xdb0 [ 3342.526866][T26730] ? netlink_unicast+0x7d0/0x7d0 [ 3342.531810][T26730] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3342.538078][T26730] ? netlink_unicast+0x7d0/0x7d0 [ 3342.543034][T26730] sock_sendmsg+0xcf/0x120 [ 3342.547461][T26730] ____sys_sendmsg+0x6e8/0x810 [ 3342.552221][T26730] ? kernel_sendmsg+0x50/0x50 [ 3342.556900][T26730] ? do_recvmmsg+0x6d0/0x6d0 [ 3342.561507][T26730] ? lock_chain_count+0x20/0x20 [ 3342.566347][T26730] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3342.572324][T26730] ___sys_sendmsg+0xf3/0x170 [ 3342.576912][T26730] ? sendmsg_copy_msghdr+0x160/0x160 [ 3342.582214][T26730] ? __fget_files+0x21b/0x3e0 [ 3342.586881][T26730] ? lock_downgrade+0x6e0/0x6e0 [ 3342.591732][T26730] ? __fget_files+0x23d/0x3e0 [ 3342.596411][T26730] ? __fget_light+0xea/0x280 [ 3342.601010][T26730] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3342.607243][T26730] __sys_sendmsg+0xe5/0x1b0 [ 3342.611746][T26730] ? __sys_sendmsg_sock+0x30/0x30 [ 3342.616798][T26730] ? syscall_enter_from_user_mode+0x21/0x70 [ 3342.622723][T26730] do_syscall_64+0x35/0xb0 [ 3342.627168][T26730] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3342.633084][T26730] RIP: 0033:0x7f812fd3ba39 [ 3342.637512][T26730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:40:11 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000f8400040001"], 0x24}}, 0x0) 02:40:11 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000600000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3342.657132][T26730] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3342.665561][T26730] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3342.673545][T26730] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3342.681542][T26730] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3342.689500][T26730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3342.697476][T26730] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:11 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000108400040001"], 0x24}}, 0x0) 02:40:11 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000400"/36}}]}]}, 0x64}}, 0x0) 02:40:11 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000fffff000"/36}}]}]}, 0x64}}, 0x0) 02:40:11 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0xf0ffffff, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:11 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 48) 02:40:12 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000000ec00000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:12 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000118400040001"], 0x24}}, 0x0) [ 3343.075250][T26761] FAULT_INJECTION: forcing a failure. [ 3343.075250][T26761] name failslab, interval 1, probability 0, space 0, times 0 [ 3343.110514][T26761] CPU: 0 PID: 26761 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 02:40:12 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0xfffff000, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3343.119316][T26761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3343.129387][T26761] Call Trace: [ 3343.132678][T26761] dump_stack_lvl+0xcd/0x134 [ 3343.137297][T26761] should_fail.cold+0x5/0xa [ 3343.141831][T26761] ? crypto_create_tfm_node+0x7f/0x320 [ 3343.147309][T26761] should_failslab+0x5/0x10 [ 3343.151831][T26761] __kmalloc_node+0x75/0x370 [ 3343.156454][T26761] crypto_create_tfm_node+0x7f/0x320 [ 3343.161766][T26761] crypto_spawn_tfm2+0x60/0xb0 [ 3343.166551][T26761] ? cryptd_skcipher_init_tfm+0xe0/0xe0 [ 3343.172120][T26761] cryptd_hash_init_tfm+0x3c/0x120 [ 3343.177258][T26761] ? cryptd_skcipher_init_tfm+0xe0/0xe0 [ 3343.182828][T26761] crypto_create_tfm_node+0x19b/0x320 [ 3343.188220][T26761] crypto_alloc_tfm_node+0x107/0x260 [ 3343.193521][T26761] cryptd_alloc_ahash+0x101/0x200 [ 3343.198548][T26761] ? cryptd_ahash_queued+0x70/0x70 [ 3343.203675][T26761] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3343.209221][T26761] ? trace_kmalloc_node+0x32/0x100 [ 3343.214334][T26761] ? ghash_async_exit_tfm+0x40/0x40 [ 3343.219534][T26761] ghash_async_init_tfm+0x21/0x100 [ 3343.224643][T26761] ? ghash_async_exit_tfm+0x40/0x40 [ 3343.229846][T26761] crypto_create_tfm_node+0x19b/0x320 [ 3343.235219][T26761] crypto_spawn_tfm2+0x60/0xb0 [ 3343.240002][T26761] crypto_gcm_init_tfm+0x3d/0x260 [ 3343.245025][T26761] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3343.250661][T26761] crypto_aead_init_tfm+0x138/0x1a0 [ 3343.255860][T26761] crypto_create_tfm_node+0x10d/0x320 [ 3343.261234][T26761] crypto_alloc_tfm_node+0x107/0x260 [ 3343.266526][T26761] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3343.272259][T26761] tipc_crypto_key_init+0x82/0x110 [ 3343.277375][T26761] ? tipc_ehdr_validate+0x240/0x240 [ 3343.282571][T26761] ? crypto_mod_put+0x8c/0x100 [ 3343.287343][T26761] tipc_nl_node_set_key+0xa5d/0xf70 [ 3343.292548][T26761] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3343.298798][T26761] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3343.305055][T26761] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3343.312424][T26761] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3343.319717][T26761] genl_family_rcv_msg_doit+0x228/0x320 [ 3343.325264][T26761] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3343.332644][T26761] ? __sanitizer_cov_trace_const_cmp4+0xc/0x70 [ 3343.338801][T26761] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3343.345040][T26761] ? genl_get_cmd+0x3cf/0x480 [ 3343.349809][T26761] genl_rcv_msg+0x328/0x580 [ 3343.354316][T26761] ? genl_get_cmd+0x480/0x480 [ 3343.358989][T26761] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3343.365237][T26761] ? lock_release+0x720/0x720 [ 3343.369918][T26761] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3343.375205][T26761] netlink_rcv_skb+0x153/0x420 [ 3343.379967][T26761] ? genl_get_cmd+0x480/0x480 [ 3343.384643][T26761] ? netlink_ack+0xa60/0xa60 [ 3343.389234][T26761] ? netlink_deliver_tap+0x1b1/0xc30 [ 3343.394521][T26761] genl_rcv+0x24/0x40 [ 3343.398499][T26761] netlink_unicast+0x533/0x7d0 [ 3343.403266][T26761] ? netlink_attachskb+0x890/0x890 [ 3343.408373][T26761] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3343.414615][T26761] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3343.420854][T26761] ? __phys_addr_symbol+0x2c/0x70 [ 3343.425877][T26761] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3343.431599][T26761] ? __check_object_size+0x16e/0x3f0 [ 3343.436891][T26761] netlink_sendmsg+0x86d/0xdb0 [ 3343.441659][T26761] ? netlink_unicast+0x7d0/0x7d0 [ 3343.446598][T26761] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3343.452838][T26761] ? netlink_unicast+0x7d0/0x7d0 [ 3343.457774][T26761] sock_sendmsg+0xcf/0x120 [ 3343.462192][T26761] ____sys_sendmsg+0x6e8/0x810 [ 3343.466958][T26761] ? kernel_sendmsg+0x50/0x50 [ 3343.471635][T26761] ? do_recvmmsg+0x6d0/0x6d0 [ 3343.476314][T26761] ? lock_chain_count+0x20/0x20 [ 3343.481162][T26761] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3343.487150][T26761] ___sys_sendmsg+0xf3/0x170 [ 3343.491744][T26761] ? sendmsg_copy_msghdr+0x160/0x160 [ 3343.497036][T26761] ? __fget_files+0x21b/0x3e0 [ 3343.501728][T26761] ? lock_downgrade+0x6e0/0x6e0 [ 3343.506595][T26761] ? __fget_files+0x23d/0x3e0 [ 3343.511275][T26761] ? __fget_light+0xea/0x280 [ 3343.515861][T26761] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3343.522105][T26761] __sys_sendmsg+0xe5/0x1b0 [ 3343.526615][T26761] ? __sys_sendmsg_sock+0x30/0x30 [ 3343.531655][T26761] ? syscall_enter_from_user_mode+0x21/0x70 [ 3343.537556][T26761] do_syscall_64+0x35/0xb0 [ 3343.541969][T26761] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3343.547861][T26761] RIP: 0033:0x7f812fd3ba39 [ 3343.552274][T26761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:40:12 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000001000000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:12 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000500"/36}}]}]}, 0x64}}, 0x0) [ 3343.571878][T26761] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3343.580286][T26761] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3343.588251][T26761] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3343.596215][T26761] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3343.604180][T26761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3343.612150][T26761] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:12 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000128400040001"], 0x24}}, 0x0) 02:40:12 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 49) 02:40:12 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000f00000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:12 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0xffffff7f, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:12 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000600"/36}}]}]}, 0x64}}, 0x0) 02:40:12 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000002000000000000000000"}}]}]}, 0x64}}, 0x0) [ 3343.942530][T26782] FAULT_INJECTION: forcing a failure. [ 3343.942530][T26782] name failslab, interval 1, probability 0, space 0, times 0 [ 3343.966452][T26782] CPU: 1 PID: 26782 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3343.975251][T26782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3343.985328][T26782] Call Trace: [ 3343.988627][T26782] dump_stack_lvl+0xcd/0x134 [ 3343.993250][T26782] should_fail.cold+0x5/0xa [ 3343.997795][T26782] ? crypto_create_tfm_node+0x7f/0x320 [ 3344.003298][T26782] should_failslab+0x5/0x10 [ 3344.007830][T26782] __kmalloc_node+0x75/0x370 [ 3344.012483][T26782] crypto_create_tfm_node+0x7f/0x320 [ 3344.017801][T26782] crypto_spawn_tfm2+0x60/0xb0 [ 3344.022593][T26782] crypto_gcm_init_tfm+0x6d/0x260 [ 3344.027640][T26782] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3344.033299][T26782] crypto_aead_init_tfm+0x138/0x1a0 [ 3344.038533][T26782] crypto_create_tfm_node+0x10d/0x320 [ 3344.043959][T26782] crypto_alloc_tfm_node+0x107/0x260 [ 3344.049279][T26782] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3344.055044][T26782] tipc_crypto_key_init+0x82/0x110 [ 3344.060185][T26782] ? tipc_ehdr_validate+0x240/0x240 [ 3344.065417][T26782] ? crypto_mod_put+0x8c/0x100 [ 3344.070219][T26782] tipc_nl_node_set_key+0xa5d/0xf70 [ 3344.075448][T26782] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3344.081723][T26782] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3344.087988][T26782] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3344.095385][T26782] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3344.102703][T26782] genl_family_rcv_msg_doit+0x228/0x320 [ 3344.108274][T26782] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3344.115664][T26782] ? mutex_lock_io_nested+0x1150/0x1150 [ 3344.121238][T26782] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3344.127495][T26782] ? __radix_tree_lookup+0x211/0x2a0 [ 3344.132799][T26782] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3344.139061][T26782] ? genl_get_cmd+0x3cf/0x480 [ 3344.143761][T26782] genl_rcv_msg+0x328/0x580 [ 3344.148296][T26782] ? genl_get_cmd+0x480/0x480 [ 3344.152992][T26782] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3344.159252][T26782] ? lock_release+0x720/0x720 [ 3344.163968][T26782] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3344.169282][T26782] netlink_rcv_skb+0x153/0x420 [ 3344.174070][T26782] ? genl_get_cmd+0x480/0x480 [ 3344.178772][T26782] ? netlink_ack+0xa60/0xa60 [ 3344.183385][T26782] ? netlink_deliver_tap+0x1b1/0xc30 [ 3344.188700][T26782] genl_rcv+0x24/0x40 [ 3344.192696][T26782] netlink_unicast+0x533/0x7d0 [ 3344.197512][T26782] ? netlink_attachskb+0x890/0x890 [ 3344.202639][T26782] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3344.208902][T26782] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3344.215168][T26782] ? __phys_addr_symbol+0x2c/0x70 [ 3344.220215][T26782] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3344.225958][T26782] ? __check_object_size+0x16e/0x3f0 [ 3344.231277][T26782] netlink_sendmsg+0x86d/0xdb0 [ 3344.236068][T26782] ? netlink_unicast+0x7d0/0x7d0 [ 3344.241040][T26782] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3344.247301][T26782] ? netlink_unicast+0x7d0/0x7d0 [ 3344.252257][T26782] sock_sendmsg+0xcf/0x120 [ 3344.256697][T26782] ____sys_sendmsg+0x6e8/0x810 [ 3344.261487][T26782] ? kernel_sendmsg+0x50/0x50 [ 3344.266185][T26782] ? do_recvmmsg+0x6d0/0x6d0 [ 3344.270802][T26782] ? lock_chain_count+0x20/0x20 [ 3344.275677][T26782] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3344.281692][T26782] ___sys_sendmsg+0xf3/0x170 [ 3344.286306][T26782] ? sendmsg_copy_msghdr+0x160/0x160 [ 3344.291622][T26782] ? __fget_files+0x21b/0x3e0 [ 3344.296320][T26782] ? lock_downgrade+0x6e0/0x6e0 [ 3344.301205][T26782] ? __fget_files+0x23d/0x3e0 [ 3344.305916][T26782] ? __fget_light+0xea/0x280 [ 3344.310525][T26782] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3344.316792][T26782] __sys_sendmsg+0xe5/0x1b0 [ 3344.321317][T26782] ? __sys_sendmsg_sock+0x30/0x30 [ 3344.326376][T26782] ? syscall_enter_from_user_mode+0x21/0x70 [ 3344.332299][T26782] do_syscall_64+0x35/0xb0 [ 3344.336731][T26782] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3344.342644][T26782] RIP: 0033:0x7f812fd3ba39 [ 3344.347069][T26782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3344.366695][T26782] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3344.375131][T26782] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3344.383119][T26782] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 02:40:13 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000138400040001"], 0x24}}, 0x0) 02:40:13 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000148400040001"], 0x24}}, 0x0) 02:40:13 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000158400040001"], 0x24}}, 0x0) 02:40:13 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000168400040001"], 0x24}}, 0x0) 02:40:13 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000178400040001"], 0x24}}, 0x0) 02:40:13 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000188400040001"], 0x24}}, 0x0) 02:40:13 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000198400040001"], 0x24}}, 0x0) [ 3344.391105][T26782] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3344.399100][T26782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3344.407086][T26782] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:13 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 50) 02:40:13 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000400300000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:13 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001a8400040001"], 0x24}}, 0x0) 02:40:13 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0xffffff9e, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:13 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000003000000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:13 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000700"/36}}]}]}, 0x64}}, 0x0) [ 3344.570930][T26812] FAULT_INJECTION: forcing a failure. [ 3344.570930][T26812] name failslab, interval 1, probability 0, space 0, times 0 [ 3344.599401][T26812] CPU: 1 PID: 26812 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3344.608213][T26812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3344.618289][T26812] Call Trace: [ 3344.621583][T26812] dump_stack_lvl+0xcd/0x134 [ 3344.626200][T26812] should_fail.cold+0x5/0xa [ 3344.630740][T26812] ? crypto_create_tfm_node+0x7f/0x320 [ 3344.636220][T26812] should_failslab+0x5/0x10 [ 3344.640744][T26812] __kmalloc_node+0x75/0x370 [ 3344.645370][T26812] crypto_create_tfm_node+0x7f/0x320 [ 3344.650692][T26812] crypto_alloc_tfm_node+0x107/0x260 [ 3344.656010][T26812] cryptd_alloc_skcipher+0x101/0x200 [ 3344.661320][T26812] ? cryptd_hash_exit_tfm+0x40/0x40 [ 3344.666589][T26812] ? __kmalloc_node+0x62/0x370 [ 3344.671405][T26812] ? simd_skcipher_exit+0x40/0x40 [ 3344.676455][T26812] simd_skcipher_init+0x67/0x180 [ 3344.681412][T26812] ? simd_skcipher_exit+0x40/0x40 [ 3344.686464][T26812] crypto_skcipher_init_tfm+0x127/0x180 [ 3344.692038][T26812] crypto_create_tfm_node+0x10d/0x320 [ 3344.697441][T26812] crypto_spawn_tfm2+0x60/0xb0 [ 3344.702229][T26812] crypto_gcm_init_tfm+0x6d/0x260 [ 3344.707278][T26812] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3344.712933][T26812] crypto_aead_init_tfm+0x138/0x1a0 [ 3344.718159][T26812] crypto_create_tfm_node+0x10d/0x320 [ 3344.723563][T26812] crypto_alloc_tfm_node+0x107/0x260 [ 3344.728879][T26812] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3344.734636][T26812] tipc_crypto_key_init+0x82/0x110 [ 3344.739781][T26812] ? tipc_ehdr_validate+0x240/0x240 [ 3344.745005][T26812] ? crypto_mod_put+0x8c/0x100 [ 3344.749805][T26812] tipc_nl_node_set_key+0xa5d/0xf70 [ 3344.755034][T26812] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3344.761320][T26812] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3344.767588][T26812] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3344.774985][T26812] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3344.782312][T26812] genl_family_rcv_msg_doit+0x228/0x320 [ 3344.787887][T26812] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3344.795282][T26812] ? mutex_lock_io_nested+0x1150/0x1150 [ 3344.800858][T26812] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3344.807120][T26812] ? __radix_tree_lookup+0x211/0x2a0 [ 3344.812439][T26812] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 02:40:13 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001b8400040001"], 0x24}}, 0x0) 02:40:13 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001c8400040001"], 0x24}}, 0x0) [ 3344.818716][T26812] ? genl_get_cmd+0x3cf/0x480 [ 3344.823434][T26812] genl_rcv_msg+0x328/0x580 [ 3344.827964][T26812] ? genl_get_cmd+0x480/0x480 [ 3344.832663][T26812] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3344.838939][T26812] ? lock_release+0x720/0x720 [ 3344.843638][T26812] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3344.848952][T26812] netlink_rcv_skb+0x153/0x420 [ 3344.853737][T26812] ? genl_get_cmd+0x480/0x480 [ 3344.858434][T26812] ? netlink_ack+0xa60/0xa60 [ 3344.863052][T26812] ? netlink_deliver_tap+0x1b1/0xc30 [ 3344.868369][T26812] genl_rcv+0x24/0x40 02:40:13 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001d8400040001"], 0x24}}, 0x0) [ 3344.872372][T26812] netlink_unicast+0x533/0x7d0 [ 3344.877164][T26812] ? netlink_attachskb+0x890/0x890 [ 3344.882293][T26812] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3344.888566][T26812] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3344.894838][T26812] ? __phys_addr_symbol+0x2c/0x70 [ 3344.899883][T26812] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3344.905631][T26812] ? __check_object_size+0x16e/0x3f0 [ 3344.910952][T26812] netlink_sendmsg+0x86d/0xdb0 [ 3344.915746][T26812] ? netlink_unicast+0x7d0/0x7d0 [ 3344.920720][T26812] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3344.926983][T26812] ? netlink_unicast+0x7d0/0x7d0 [ 3344.931943][T26812] sock_sendmsg+0xcf/0x120 [ 3344.936384][T26812] ____sys_sendmsg+0x6e8/0x810 [ 3344.941180][T26812] ? kernel_sendmsg+0x50/0x50 [ 3344.945877][T26812] ? do_recvmmsg+0x6d0/0x6d0 [ 3344.950490][T26812] ? lock_chain_count+0x20/0x20 [ 3344.955359][T26812] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3344.961377][T26812] ___sys_sendmsg+0xf3/0x170 [ 3344.965995][T26812] ? sendmsg_copy_msghdr+0x160/0x160 02:40:14 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001e8400040001"], 0x24}}, 0x0) [ 3344.971306][T26812] ? __fget_files+0x21b/0x3e0 [ 3344.976000][T26812] ? lock_downgrade+0x6e0/0x6e0 [ 3344.980889][T26812] ? __fget_files+0x23d/0x3e0 [ 3344.985589][T26812] ? __fget_light+0xea/0x280 [ 3344.990198][T26812] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3344.996468][T26812] __sys_sendmsg+0xe5/0x1b0 [ 3345.000995][T26812] ? __sys_sendmsg_sock+0x30/0x30 [ 3345.006068][T26812] ? syscall_enter_from_user_mode+0x21/0x70 [ 3345.011994][T26812] do_syscall_64+0x35/0xb0 [ 3345.016433][T26812] entry_SYSCALL_64_after_hwframe+0x44/0xae 02:40:14 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001f8400040001"], 0x24}}, 0x0) [ 3345.022373][T26812] RIP: 0033:0x7f812fd3ba39 [ 3345.026804][T26812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3345.046429][T26812] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3345.054863][T26812] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3345.062848][T26812] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3345.070826][T26812] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3345.078823][T26812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3345.086892][T26812] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:14 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000900"/36}}]}]}, 0x64}}, 0x0) 02:40:14 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 51) 02:40:14 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000400000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:14 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0xfffffff0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:14 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000004000000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:14 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000208400040001"], 0x24}}, 0x0) [ 3345.415117][T26854] FAULT_INJECTION: forcing a failure. [ 3345.415117][T26854] name failslab, interval 1, probability 0, space 0, times 0 02:40:14 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000003d0c00"/36}}]}]}, 0x64}}, 0x0) [ 3345.465328][T26854] CPU: 0 PID: 26854 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3345.474137][T26854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3345.484300][T26854] Call Trace: [ 3345.487770][T26854] dump_stack_lvl+0xcd/0x134 [ 3345.492396][T26854] should_fail.cold+0x5/0xa [ 3345.496933][T26854] ? crypto_create_tfm_node+0x7f/0x320 [ 3345.502415][T26854] should_failslab+0x5/0x10 [ 3345.506940][T26854] __kmalloc_node+0x75/0x370 [ 3345.511567][T26854] crypto_create_tfm_node+0x7f/0x320 [ 3345.516878][T26854] crypto_spawn_tfm2+0x60/0xb0 [ 3345.521666][T26854] ? cryptd_skcipher_setkey+0xd0/0xd0 [ 3345.527063][T26854] cryptd_skcipher_init_tfm+0x3a/0xe0 [ 3345.532459][T26854] crypto_skcipher_init_tfm+0x127/0x180 [ 3345.538031][T26854] crypto_create_tfm_node+0x10d/0x320 [ 3345.543411][T26854] crypto_alloc_tfm_node+0x107/0x260 [ 3345.548701][T26854] cryptd_alloc_skcipher+0x101/0x200 [ 3345.553993][T26854] ? cryptd_hash_exit_tfm+0x40/0x40 [ 3345.559216][T26854] ? __kmalloc_node+0x62/0x370 [ 3345.563993][T26854] ? simd_skcipher_exit+0x40/0x40 [ 3345.569016][T26854] simd_skcipher_init+0x67/0x180 [ 3345.573968][T26854] ? simd_skcipher_exit+0x40/0x40 [ 3345.578990][T26854] crypto_skcipher_init_tfm+0x127/0x180 [ 3345.584536][T26854] crypto_create_tfm_node+0x10d/0x320 [ 3345.589909][T26854] crypto_spawn_tfm2+0x60/0xb0 [ 3345.594671][T26854] crypto_gcm_init_tfm+0x6d/0x260 [ 3345.599693][T26854] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3345.605325][T26854] crypto_aead_init_tfm+0x138/0x1a0 [ 3345.610525][T26854] crypto_create_tfm_node+0x10d/0x320 [ 3345.615898][T26854] crypto_alloc_tfm_node+0x107/0x260 [ 3345.621185][T26854] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3345.626919][T26854] tipc_crypto_key_init+0x82/0x110 [ 3345.632032][T26854] ? tipc_ehdr_validate+0x240/0x240 [ 3345.637230][T26854] ? crypto_mod_put+0x8c/0x100 [ 3345.642001][T26854] tipc_nl_node_set_key+0xa5d/0xf70 [ 3345.647206][T26854] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3345.653455][T26854] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3345.659699][T26854] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3345.667068][T26854] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3345.674361][T26854] genl_family_rcv_msg_doit+0x228/0x320 [ 3345.679910][T26854] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3345.687281][T26854] ? mutex_lock_io_nested+0x1150/0x1150 [ 3345.692835][T26854] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3345.699083][T26854] ? __radix_tree_lookup+0x211/0x2a0 [ 3345.704367][T26854] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3345.710603][T26854] ? genl_get_cmd+0x3cf/0x480 [ 3345.715280][T26854] genl_rcv_msg+0x328/0x580 [ 3345.719785][T26854] ? genl_get_cmd+0x480/0x480 [ 3345.724462][T26854] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3345.730718][T26854] ? lock_release+0x720/0x720 [ 3345.735391][T26854] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3345.740677][T26854] netlink_rcv_skb+0x153/0x420 [ 3345.745438][T26854] ? genl_get_cmd+0x480/0x480 [ 3345.750116][T26854] ? netlink_ack+0xa60/0xa60 [ 3345.754709][T26854] ? netlink_deliver_tap+0x1b1/0xc30 [ 3345.759998][T26854] genl_rcv+0x24/0x40 [ 3345.763976][T26854] netlink_unicast+0x533/0x7d0 [ 3345.768742][T26854] ? netlink_attachskb+0x890/0x890 [ 3345.773849][T26854] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3345.780089][T26854] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3345.786327][T26854] ? __phys_addr_symbol+0x2c/0x70 [ 3345.791351][T26854] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3345.797068][T26854] ? __check_object_size+0x16e/0x3f0 [ 3345.802359][T26854] netlink_sendmsg+0x86d/0xdb0 [ 3345.807127][T26854] ? netlink_unicast+0x7d0/0x7d0 [ 3345.812067][T26854] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3345.818306][T26854] ? netlink_unicast+0x7d0/0x7d0 [ 3345.823242][T26854] sock_sendmsg+0xcf/0x120 [ 3345.827662][T26854] ____sys_sendmsg+0x6e8/0x810 [ 3345.832429][T26854] ? kernel_sendmsg+0x50/0x50 [ 3345.837113][T26854] ? do_recvmmsg+0x6d0/0x6d0 [ 3345.841717][T26854] ? lock_chain_count+0x20/0x20 [ 3345.846568][T26854] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3345.852557][T26854] ___sys_sendmsg+0xf3/0x170 [ 3345.857156][T26854] ? sendmsg_copy_msghdr+0x160/0x160 [ 3345.862446][T26854] ? __fget_files+0x21b/0x3e0 [ 3345.867123][T26854] ? lock_downgrade+0x6e0/0x6e0 [ 3345.871989][T26854] ? __fget_files+0x23d/0x3e0 [ 3345.876672][T26854] ? __fget_light+0xea/0x280 [ 3345.881259][T26854] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3345.887508][T26854] __sys_sendmsg+0xe5/0x1b0 [ 3345.892014][T26854] ? __sys_sendmsg_sock+0x30/0x30 [ 3345.897148][T26854] ? syscall_enter_from_user_mode+0x21/0x70 [ 3345.903051][T26854] do_syscall_64+0x35/0xb0 [ 3345.907470][T26854] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3345.913367][T26854] RIP: 0033:0x7f812fd3ba39 [ 3345.917785][T26854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3345.937413][T26854] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3345.945826][T26854] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3345.953794][T26854] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 02:40:15 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000218400040001"], 0x24}}, 0x0) 02:40:15 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0xffffffff, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:15 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000034000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3345.961765][T26854] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3345.969738][T26854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3345.977712][T26854] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:15 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000005000000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:15 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000228400040001"], 0x24}}, 0x0) 02:40:15 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 52) 02:40:15 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000f00"/36}}]}]}, 0x64}}, 0x0) 02:40:15 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000006000000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:15 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0xf, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:15 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000ffff8000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3346.342127][T26875] FAULT_INJECTION: forcing a failure. [ 3346.342127][T26875] name failslab, interval 1, probability 0, space 0, times 0 [ 3346.385785][T26875] CPU: 1 PID: 26875 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3346.394593][T26875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3346.404666][T26875] Call Trace: [ 3346.407956][T26875] dump_stack_lvl+0xcd/0x134 [ 3346.412572][T26875] should_fail.cold+0x5/0xa [ 3346.417108][T26875] ? crypto_gcm_setkey+0x13e/0x590 [ 3346.422242][T26875] should_failslab+0x5/0x10 [ 3346.426765][T26875] __kmalloc+0x72/0x320 [ 3346.430953][T26875] crypto_gcm_setkey+0x13e/0x590 [ 3346.435925][T26875] crypto_aead_setkey+0xbf/0x290 [ 3346.440885][T26875] tipc_aead_init.constprop.0+0x17b/0x8f0 [ 3346.446641][T26875] tipc_crypto_key_init+0x82/0x110 [ 3346.451780][T26875] ? tipc_ehdr_validate+0x240/0x240 [ 3346.457004][T26875] ? crypto_mod_put+0x8c/0x100 [ 3346.461797][T26875] tipc_nl_node_set_key+0xa5d/0xf70 [ 3346.467025][T26875] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3346.473303][T26875] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3346.479566][T26875] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3346.486959][T26875] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3346.494271][T26875] genl_family_rcv_msg_doit+0x228/0x320 [ 3346.499838][T26875] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3346.507228][T26875] ? mutex_lock_io_nested+0x1150/0x1150 [ 3346.512809][T26875] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3346.519140][T26875] ? __radix_tree_lookup+0x211/0x2a0 [ 3346.524475][T26875] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3346.530730][T26875] ? genl_get_cmd+0x3cf/0x480 [ 3346.535401][T26875] genl_rcv_msg+0x328/0x580 [ 3346.539895][T26875] ? genl_get_cmd+0x480/0x480 [ 3346.544561][T26875] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3346.550820][T26875] ? lock_release+0x720/0x720 [ 3346.555488][T26875] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3346.560778][T26875] netlink_rcv_skb+0x153/0x420 [ 3346.565600][T26875] ? genl_get_cmd+0x480/0x480 [ 3346.570268][T26875] ? netlink_ack+0xa60/0xa60 [ 3346.574850][T26875] ? netlink_deliver_tap+0x1b1/0xc30 [ 3346.580127][T26875] genl_rcv+0x24/0x40 [ 3346.584103][T26875] netlink_unicast+0x533/0x7d0 [ 3346.588879][T26875] ? netlink_attachskb+0x890/0x890 [ 3346.593975][T26875] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3346.600221][T26875] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3346.606483][T26875] ? __phys_addr_symbol+0x2c/0x70 [ 3346.611518][T26875] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3346.617237][T26875] ? __check_object_size+0x16e/0x3f0 [ 3346.622522][T26875] netlink_sendmsg+0x86d/0xdb0 [ 3346.627313][T26875] ? netlink_unicast+0x7d0/0x7d0 [ 3346.632261][T26875] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3346.638495][T26875] ? netlink_unicast+0x7d0/0x7d0 [ 3346.643420][T26875] sock_sendmsg+0xcf/0x120 [ 3346.647829][T26875] ____sys_sendmsg+0x6e8/0x810 [ 3346.652595][T26875] ? kernel_sendmsg+0x50/0x50 [ 3346.657286][T26875] ? do_recvmmsg+0x6d0/0x6d0 [ 3346.661896][T26875] ? lock_chain_count+0x20/0x20 [ 3346.666750][T26875] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3346.672750][T26875] ___sys_sendmsg+0xf3/0x170 [ 3346.677357][T26875] ? sendmsg_copy_msghdr+0x160/0x160 [ 3346.682648][T26875] ? __fget_files+0x21b/0x3e0 [ 3346.687337][T26875] ? lock_downgrade+0x6e0/0x6e0 [ 3346.692203][T26875] ? __fget_files+0x23d/0x3e0 [ 3346.696899][T26875] ? __fget_light+0xea/0x280 [ 3346.701535][T26875] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3346.707802][T26875] __sys_sendmsg+0xe5/0x1b0 [ 3346.712313][T26875] ? __sys_sendmsg_sock+0x30/0x30 [ 3346.717349][T26875] ? syscall_enter_from_user_mode+0x21/0x70 [ 3346.723238][T26875] do_syscall_64+0x35/0xb0 [ 3346.727662][T26875] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3346.733628][T26875] RIP: 0033:0x7f812fd3ba39 [ 3346.738081][T26875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3346.757683][T26875] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3346.766085][T26875] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3346.774051][T26875] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 02:40:15 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000238400040001"], 0x24}}, 0x0) [ 3346.782029][T26875] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3346.790170][T26875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3346.798135][T26875] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:15 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000007000000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:15 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0xc0, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:15 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000021500"/36}}]}]}, 0x64}}, 0x0) 02:40:16 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000fffff000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:16 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 53) 02:40:16 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000248400040001"], 0x24}}, 0x0) 02:40:16 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000008000000000000000000"}}]}]}, 0x64}}, 0x0) [ 3347.110047][T26904] FAULT_INJECTION: forcing a failure. [ 3347.110047][T26904] name failslab, interval 1, probability 0, space 0, times 0 [ 3347.139062][T26904] CPU: 1 PID: 26904 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3347.147862][T26904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3347.157936][T26904] Call Trace: [ 3347.161226][T26904] dump_stack_lvl+0xcd/0x134 [ 3347.165842][T26904] should_fail.cold+0x5/0xa [ 3347.170379][T26904] ? tipc_aead_init.constprop.0+0x1bb/0x8f0 [ 3347.176292][T26904] should_failslab+0x5/0x10 [ 3347.180820][T26904] kmem_cache_alloc_trace+0x55/0x2b0 [ 3347.186131][T26904] ? crypto_aead_setkey+0x10f/0x290 [ 3347.191358][T26904] tipc_aead_init.constprop.0+0x1bb/0x8f0 [ 3347.197122][T26904] tipc_crypto_key_init+0x82/0x110 [ 3347.202256][T26904] ? tipc_ehdr_validate+0x240/0x240 [ 3347.207476][T26904] ? crypto_mod_put+0x8c/0x100 [ 3347.212267][T26904] tipc_nl_node_set_key+0xa5d/0xf70 [ 3347.217500][T26904] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3347.223778][T26904] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3347.230041][T26904] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3347.237435][T26904] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3347.244748][T26904] genl_family_rcv_msg_doit+0x228/0x320 [ 3347.250320][T26904] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3347.257713][T26904] ? mutex_lock_io_nested+0x1150/0x1150 [ 3347.263297][T26904] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3347.269560][T26904] ? __radix_tree_lookup+0x211/0x2a0 [ 3347.274863][T26904] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3347.281127][T26904] ? genl_get_cmd+0x3cf/0x480 [ 3347.286004][T26904] genl_rcv_msg+0x328/0x580 [ 3347.290535][T26904] ? genl_get_cmd+0x480/0x480 [ 3347.295237][T26904] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3347.301510][T26904] ? lock_release+0x720/0x720 [ 3347.306207][T26904] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3347.311516][T26904] netlink_rcv_skb+0x153/0x420 [ 3347.316297][T26904] ? genl_get_cmd+0x480/0x480 [ 3347.320999][T26904] ? netlink_ack+0xa60/0xa60 [ 3347.325614][T26904] ? netlink_deliver_tap+0x1b1/0xc30 [ 3347.330916][T26904] genl_rcv+0x24/0x40 [ 3347.334891][T26904] netlink_unicast+0x533/0x7d0 [ 3347.339684][T26904] ? netlink_attachskb+0x890/0x890 [ 3347.344806][T26904] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3347.351072][T26904] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 02:40:16 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0xec0, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:16 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000012000"/36}}]}]}, 0x64}}, 0x0) [ 3347.357333][T26904] ? __phys_addr_symbol+0x2c/0x70 [ 3347.362375][T26904] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3347.368113][T26904] ? __check_object_size+0x16e/0x3f0 [ 3347.373429][T26904] netlink_sendmsg+0x86d/0xdb0 [ 3347.378220][T26904] ? netlink_unicast+0x7d0/0x7d0 [ 3347.383184][T26904] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3347.389450][T26904] ? netlink_unicast+0x7d0/0x7d0 [ 3347.394414][T26904] sock_sendmsg+0xcf/0x120 [ 3347.398874][T26904] ____sys_sendmsg+0x6e8/0x810 [ 3347.403634][T26904] ? kernel_sendmsg+0x50/0x50 [ 3347.408352][T26904] ? do_recvmmsg+0x6d0/0x6d0 [ 3347.412941][T26904] ? lock_chain_count+0x20/0x20 [ 3347.417780][T26904] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3347.423756][T26904] ___sys_sendmsg+0xf3/0x170 [ 3347.428343][T26904] ? sendmsg_copy_msghdr+0x160/0x160 [ 3347.433779][T26904] ? __fget_files+0x21b/0x3e0 [ 3347.438469][T26904] ? lock_downgrade+0x6e0/0x6e0 [ 3347.443388][T26904] ? __fget_files+0x23d/0x3e0 [ 3347.448086][T26904] ? __fget_light+0xea/0x280 [ 3347.452665][T26904] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3347.458897][T26904] __sys_sendmsg+0xe5/0x1b0 [ 3347.463395][T26904] ? __sys_sendmsg_sock+0x30/0x30 [ 3347.468422][T26904] ? syscall_enter_from_user_mode+0x21/0x70 [ 3347.474320][T26904] do_syscall_64+0x35/0xb0 [ 3347.478742][T26904] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3347.484649][T26904] RIP: 0033:0x7f812fd3ba39 [ 3347.489051][T26904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:40:16 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000258400040001"], 0x24}}, 0x0) [ 3347.508651][T26904] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3347.517060][T26904] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3347.525022][T26904] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3347.532984][T26904] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3347.541036][T26904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3347.548996][T26904] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:16 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000268400040001"], 0x24}}, 0x0) 02:40:16 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000278400040001"], 0x24}}, 0x0) 02:40:16 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000003f00"/36}}]}]}, 0x64}}, 0x0) 02:40:16 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000009000000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:16 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x33fe0, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:16 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000001000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:16 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 54) 02:40:16 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000288400040001"], 0x24}}, 0x0) [ 3347.948918][T26938] FAULT_INJECTION: forcing a failure. [ 3347.948918][T26938] name failslab, interval 1, probability 0, space 0, times 0 02:40:17 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000002000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3348.010392][T26938] CPU: 0 PID: 26938 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3348.019200][T26938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3348.029270][T26938] Call Trace: [ 3348.032557][T26938] dump_stack_lvl+0xcd/0x134 [ 3348.037177][T26938] should_fail.cold+0x5/0xa [ 3348.041716][T26938] ? crypto_create_tfm_node+0x7f/0x320 [ 3348.047201][T26938] should_failslab+0x5/0x10 [ 3348.051728][T26938] __kmalloc_node+0x75/0x370 [ 3348.056350][T26938] crypto_create_tfm_node+0x7f/0x320 [ 3348.061658][T26938] crypto_alloc_tfm_node+0x107/0x260 [ 3348.066968][T26938] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3348.072731][T26938] tipc_crypto_key_init+0x82/0x110 [ 3348.077865][T26938] ? tipc_ehdr_validate+0x240/0x240 [ 3348.083087][T26938] ? crypto_mod_put+0x8c/0x100 [ 3348.087881][T26938] tipc_nl_node_set_key+0xa5d/0xf70 [ 3348.093111][T26938] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3348.099390][T26938] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3348.105653][T26938] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3348.113114][T26938] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3348.120406][T26938] genl_family_rcv_msg_doit+0x228/0x320 [ 3348.125951][T26938] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3348.133322][T26938] ? mutex_lock_io_nested+0x1150/0x1150 [ 3348.138881][T26938] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3348.145129][T26938] ? __radix_tree_lookup+0x211/0x2a0 [ 3348.150415][T26938] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3348.156666][T26938] ? genl_get_cmd+0x3cf/0x480 [ 3348.161348][T26938] genl_rcv_msg+0x328/0x580 [ 3348.165854][T26938] ? genl_get_cmd+0x480/0x480 [ 3348.170529][T26938] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3348.176777][T26938] ? lock_release+0x720/0x720 [ 3348.181456][T26938] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3348.186763][T26938] netlink_rcv_skb+0x153/0x420 [ 3348.191536][T26938] ? genl_get_cmd+0x480/0x480 [ 3348.196219][T26938] ? netlink_ack+0xa60/0xa60 [ 3348.200820][T26938] ? netlink_deliver_tap+0x1b1/0xc30 [ 3348.206198][T26938] genl_rcv+0x24/0x40 [ 3348.210176][T26938] netlink_unicast+0x533/0x7d0 [ 3348.214941][T26938] ? netlink_attachskb+0x890/0x890 [ 3348.220046][T26938] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3348.226287][T26938] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3348.232527][T26938] ? __phys_addr_symbol+0x2c/0x70 [ 3348.237550][T26938] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3348.243264][T26938] ? __check_object_size+0x16e/0x3f0 [ 3348.248556][T26938] netlink_sendmsg+0x86d/0xdb0 [ 3348.253324][T26938] ? netlink_unicast+0x7d0/0x7d0 [ 3348.258264][T26938] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3348.264516][T26938] ? netlink_unicast+0x7d0/0x7d0 [ 3348.269448][T26938] sock_sendmsg+0xcf/0x120 [ 3348.273863][T26938] ____sys_sendmsg+0x6e8/0x810 [ 3348.278630][T26938] ? kernel_sendmsg+0x50/0x50 [ 3348.283304][T26938] ? do_recvmmsg+0x6d0/0x6d0 [ 3348.287898][T26938] ? lock_chain_count+0x20/0x20 [ 3348.292745][T26938] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3348.298731][T26938] ___sys_sendmsg+0xf3/0x170 [ 3348.303320][T26938] ? sendmsg_copy_msghdr+0x160/0x160 [ 3348.308608][T26938] ? __fget_files+0x21b/0x3e0 [ 3348.313281][T26938] ? lock_downgrade+0x6e0/0x6e0 [ 3348.318142][T26938] ? __fget_files+0x23d/0x3e0 [ 3348.322823][T26938] ? __fget_light+0xea/0x280 [ 3348.327409][T26938] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3348.333650][T26938] __sys_sendmsg+0xe5/0x1b0 [ 3348.338154][T26938] ? __sys_sendmsg_sock+0x30/0x30 [ 3348.343189][T26938] ? syscall_enter_from_user_mode+0x21/0x70 [ 3348.349086][T26938] do_syscall_64+0x35/0xb0 [ 3348.353496][T26938] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3348.359388][T26938] RIP: 0033:0x7f812fd3ba39 [ 3348.363799][T26938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3348.383399][T26938] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3348.391811][T26938] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3348.399774][T26938] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 02:40:17 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x20000424, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:17 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000000000e000000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:17 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000298400040001"], 0x24}}, 0x0) 02:40:17 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000004400"/36}}]}]}, 0x64}}, 0x0) [ 3348.407740][T26938] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3348.415702][T26938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3348.423662][T26938] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:17 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 55) 02:40:17 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000003000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:17 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000008500040001"], 0x24}}, 0x0) 02:40:17 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000000000f000000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:17 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000035600"/36}}]}]}, 0x64}}, 0x0) 02:40:17 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x7ffff000, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3348.709744][T26959] FAULT_INJECTION: forcing a failure. [ 3348.709744][T26959] name failslab, interval 1, probability 0, space 0, times 0 [ 3348.793555][T26959] CPU: 0 PID: 26959 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3348.802362][T26959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3348.812427][T26959] Call Trace: [ 3348.815698][T26959] dump_stack_lvl+0xcd/0x134 [ 3348.820295][T26959] should_fail.cold+0x5/0xa [ 3348.824802][T26959] ? crypto_create_tfm_node+0x7f/0x320 [ 3348.830342][T26959] should_failslab+0x5/0x10 [ 3348.834837][T26959] __kmalloc_node+0x75/0x370 [ 3348.839431][T26959] crypto_create_tfm_node+0x7f/0x320 [ 3348.844720][T26959] crypto_spawn_tfm2+0x60/0xb0 [ 3348.849489][T26959] crypto_gcm_init_tfm+0x3d/0x260 [ 3348.854702][T26959] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3348.860334][T26959] crypto_aead_init_tfm+0x138/0x1a0 [ 3348.865641][T26959] crypto_create_tfm_node+0x10d/0x320 [ 3348.871023][T26959] crypto_alloc_tfm_node+0x107/0x260 [ 3348.876317][T26959] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3348.882062][T26959] tipc_crypto_key_init+0x82/0x110 [ 3348.887179][T26959] ? tipc_ehdr_validate+0x240/0x240 [ 3348.892375][T26959] ? crypto_mod_put+0x8c/0x100 [ 3348.897145][T26959] tipc_nl_node_set_key+0xa5d/0xf70 [ 3348.902352][T26959] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3348.908605][T26959] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3348.914845][T26959] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3348.922215][T26959] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3348.929506][T26959] genl_family_rcv_msg_doit+0x228/0x320 [ 3348.935053][T26959] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3348.942422][T26959] ? mutex_lock_io_nested+0x1150/0x1150 [ 3348.947975][T26959] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3348.954214][T26959] ? __radix_tree_lookup+0x211/0x2a0 [ 3348.959500][T26959] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3348.965757][T26959] ? genl_get_cmd+0x3cf/0x480 [ 3348.970448][T26959] genl_rcv_msg+0x328/0x580 [ 3348.974966][T26959] ? genl_get_cmd+0x480/0x480 [ 3348.979648][T26959] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3348.985898][T26959] ? lock_release+0x720/0x720 [ 3348.990572][T26959] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3348.995862][T26959] netlink_rcv_skb+0x153/0x420 [ 3349.000638][T26959] ? genl_get_cmd+0x480/0x480 [ 3349.005320][T26959] ? netlink_ack+0xa60/0xa60 [ 3349.009918][T26959] ? netlink_deliver_tap+0x1b1/0xc30 [ 3349.015210][T26959] genl_rcv+0x24/0x40 [ 3349.019193][T26959] netlink_unicast+0x533/0x7d0 [ 3349.023971][T26959] ? netlink_attachskb+0x890/0x890 [ 3349.029080][T26959] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3349.035327][T26959] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3349.041568][T26959] ? __phys_addr_symbol+0x2c/0x70 [ 3349.046601][T26959] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3349.052331][T26959] ? __check_object_size+0x16e/0x3f0 [ 3349.060660][T26959] netlink_sendmsg+0x86d/0xdb0 [ 3349.065428][T26959] ? netlink_unicast+0x7d0/0x7d0 [ 3349.070366][T26959] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3349.076606][T26959] ? netlink_unicast+0x7d0/0x7d0 [ 3349.081539][T26959] sock_sendmsg+0xcf/0x120 [ 3349.085954][T26959] ____sys_sendmsg+0x6e8/0x810 [ 3349.090717][T26959] ? kernel_sendmsg+0x50/0x50 [ 3349.095404][T26959] ? do_recvmmsg+0x6d0/0x6d0 [ 3349.099998][T26959] ? lock_chain_count+0x20/0x20 [ 3349.104860][T26959] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3349.110843][T26959] ___sys_sendmsg+0xf3/0x170 [ 3349.115433][T26959] ? sendmsg_copy_msghdr+0x160/0x160 [ 3349.120721][T26959] ? __fget_files+0x21b/0x3e0 [ 3349.125398][T26959] ? lock_downgrade+0x6e0/0x6e0 [ 3349.130259][T26959] ? __fget_files+0x23d/0x3e0 [ 3349.134938][T26959] ? __fget_light+0xea/0x280 [ 3349.139524][T26959] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3349.145771][T26959] __sys_sendmsg+0xe5/0x1b0 [ 3349.150272][T26959] ? __sys_sendmsg_sock+0x30/0x30 [ 3349.155494][T26959] ? syscall_enter_from_user_mode+0x21/0x70 [ 3349.161406][T26959] do_syscall_64+0x35/0xb0 [ 3349.165816][T26959] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3349.171716][T26959] RIP: 0033:0x7f812fd3ba39 [ 3349.176129][T26959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3349.195730][T26959] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3349.204140][T26959] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3349.212103][T26959] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3349.220067][T26959] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3349.228028][T26959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3349.235986][T26959] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:18 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000018500040001"], 0x24}}, 0x0) 02:40:18 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 56) 02:40:18 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0xfffffdef, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:18 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000000003f000000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:18 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000004000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3349.461603][T26978] FAULT_INJECTION: forcing a failure. [ 3349.461603][T26978] name failslab, interval 1, probability 0, space 0, times 0 [ 3349.484301][T26978] CPU: 0 PID: 26978 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3349.493092][T26978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3349.503157][T26978] Call Trace: [ 3349.506439][T26978] dump_stack_lvl+0xcd/0x134 [ 3349.511037][T26978] should_fail.cold+0x5/0xa [ 3349.515544][T26978] ? crypto_create_tfm_node+0x7f/0x320 [ 3349.521000][T26978] should_failslab+0x5/0x10 [ 3349.525497][T26978] __kmalloc_node+0x75/0x370 [ 3349.530091][T26978] crypto_create_tfm_node+0x7f/0x320 [ 3349.535377][T26978] crypto_alloc_tfm_node+0x107/0x260 [ 3349.540663][T26978] cryptd_alloc_ahash+0x101/0x200 [ 3349.545689][T26978] ? cryptd_ahash_queued+0x70/0x70 [ 3349.550817][T26978] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3349.556358][T26978] ? trace_kmalloc_node+0x32/0x100 [ 3349.561465][T26978] ? ghash_async_exit_tfm+0x40/0x40 [ 3349.566662][T26978] ghash_async_init_tfm+0x21/0x100 [ 3349.571767][T26978] ? ghash_async_exit_tfm+0x40/0x40 [ 3349.576966][T26978] crypto_create_tfm_node+0x19b/0x320 [ 3349.582339][T26978] crypto_spawn_tfm2+0x60/0xb0 [ 3349.587098][T26978] crypto_gcm_init_tfm+0x3d/0x260 [ 3349.592120][T26978] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3349.597753][T26978] crypto_aead_init_tfm+0x138/0x1a0 [ 3349.602956][T26978] crypto_create_tfm_node+0x10d/0x320 [ 3349.608330][T26978] crypto_alloc_tfm_node+0x107/0x260 [ 3349.613622][T26978] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3349.619357][T26978] tipc_crypto_key_init+0x82/0x110 [ 3349.624470][T26978] ? tipc_ehdr_validate+0x240/0x240 [ 3349.629665][T26978] ? crypto_mod_put+0x8c/0x100 [ 3349.634434][T26978] tipc_nl_node_set_key+0xa5d/0xf70 [ 3349.639646][T26978] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3349.645892][T26978] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3349.652131][T26978] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3349.659502][T26978] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3349.666789][T26978] genl_family_rcv_msg_doit+0x228/0x320 [ 3349.672331][T26978] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3349.679698][T26978] ? mutex_lock_io_nested+0x1150/0x1150 [ 3349.685261][T26978] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3349.691500][T26978] ? __radix_tree_lookup+0x211/0x2a0 [ 3349.696778][T26978] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3349.703014][T26978] ? genl_get_cmd+0x3cf/0x480 [ 3349.707689][T26978] genl_rcv_msg+0x328/0x580 [ 3349.712199][T26978] ? genl_get_cmd+0x480/0x480 [ 3349.716881][T26978] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3349.723126][T26978] ? lock_release+0x720/0x720 [ 3349.727800][T26978] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3349.733087][T26978] netlink_rcv_skb+0x153/0x420 [ 3349.737846][T26978] ? genl_get_cmd+0x480/0x480 [ 3349.742518][T26978] ? netlink_ack+0xa60/0xa60 [ 3349.747108][T26978] ? netlink_deliver_tap+0x1b1/0xc30 [ 3349.752393][T26978] genl_rcv+0x24/0x40 [ 3349.756373][T26978] netlink_unicast+0x533/0x7d0 [ 3349.761137][T26978] ? netlink_attachskb+0x890/0x890 [ 3349.766240][T26978] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3349.772479][T26978] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3349.778721][T26978] ? __phys_addr_symbol+0x2c/0x70 [ 3349.783742][T26978] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3349.789460][T26978] ? __check_object_size+0x16e/0x3f0 [ 3349.794751][T26978] netlink_sendmsg+0x86d/0xdb0 [ 3349.799526][T26978] ? netlink_unicast+0x7d0/0x7d0 [ 3349.804465][T26978] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3349.810709][T26978] ? netlink_unicast+0x7d0/0x7d0 [ 3349.815663][T26978] sock_sendmsg+0xcf/0x120 [ 3349.820083][T26978] ____sys_sendmsg+0x6e8/0x810 [ 3349.824848][T26978] ? kernel_sendmsg+0x50/0x50 [ 3349.829521][T26978] ? do_recvmmsg+0x6d0/0x6d0 [ 3349.834113][T26978] ? lock_chain_count+0x20/0x20 [ 3349.838960][T26978] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3349.844945][T26978] ___sys_sendmsg+0xf3/0x170 [ 3349.849546][T26978] ? sendmsg_copy_msghdr+0x160/0x160 [ 3349.854846][T26978] ? __fget_files+0x21b/0x3e0 [ 3349.859523][T26978] ? lock_downgrade+0x6e0/0x6e0 [ 3349.864476][T26978] ? __fget_files+0x23d/0x3e0 [ 3349.869155][T26978] ? __fget_light+0xea/0x280 [ 3349.873746][T26978] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3349.880000][T26978] __sys_sendmsg+0xe5/0x1b0 [ 3349.884520][T26978] ? __sys_sendmsg_sock+0x30/0x30 [ 3349.889561][T26978] ? syscall_enter_from_user_mode+0x21/0x70 [ 3349.895468][T26978] do_syscall_64+0x35/0xb0 [ 3349.899883][T26978] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3349.905776][T26978] RIP: 0033:0x7f812fd3ba39 [ 3349.910188][T26978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3349.929911][T26978] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3349.938331][T26978] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3349.946307][T26978] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3349.954358][T26978] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 02:40:19 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000006b00"/36}}]}]}, 0x64}}, 0x0) [ 3349.962319][T26978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3349.970294][T26978] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:19 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000028500040001"], 0x24}}, 0x0) 02:40:19 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000060000000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:19 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x2, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:19 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000008100"/36}}]}]}, 0x64}}, 0x0) 02:40:19 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000038500040001"], 0x24}}, 0x0) 02:40:19 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 57) 02:40:19 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000048500040001"], 0x24}}, 0x0) 02:40:19 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000007000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:19 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000038100"/36}}]}]}, 0x64}}, 0x0) 02:40:19 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000ffffff9e000000000000000000"}}]}]}, 0x64}}, 0x0) [ 3350.495957][T27008] FAULT_INJECTION: forcing a failure. [ 3350.495957][T27008] name failslab, interval 1, probability 0, space 0, times 0 [ 3350.552026][T27008] CPU: 1 PID: 27008 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3350.560828][T27008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3350.570897][T27008] Call Trace: [ 3350.574189][T27008] dump_stack_lvl+0xcd/0x134 [ 3350.578808][T27008] should_fail.cold+0x5/0xa [ 3350.583342][T27008] ? crypto_create_tfm_node+0x7f/0x320 [ 3350.588820][T27008] should_failslab+0x5/0x10 [ 3350.593347][T27008] __kmalloc_node+0x75/0x370 [ 3350.597972][T27008] crypto_create_tfm_node+0x7f/0x320 [ 3350.603285][T27008] crypto_spawn_tfm2+0x60/0xb0 [ 3350.608066][T27008] ? cryptd_skcipher_init_tfm+0xe0/0xe0 [ 3350.613632][T27008] cryptd_hash_init_tfm+0x3c/0x120 [ 3350.618738][T27008] ? cryptd_skcipher_init_tfm+0xe0/0xe0 [ 3350.624304][T27008] crypto_create_tfm_node+0x19b/0x320 [ 3350.629700][T27008] crypto_alloc_tfm_node+0x107/0x260 [ 3350.635009][T27008] cryptd_alloc_ahash+0x101/0x200 [ 3350.640055][T27008] ? cryptd_ahash_queued+0x70/0x70 [ 3350.645212][T27008] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3350.650776][T27008] ? trace_kmalloc_node+0x32/0x100 [ 3350.655902][T27008] ? ghash_async_exit_tfm+0x40/0x40 [ 3350.661392][T27008] ghash_async_init_tfm+0x21/0x100 [ 3350.666527][T27008] ? ghash_async_exit_tfm+0x40/0x40 [ 3350.671757][T27008] crypto_create_tfm_node+0x19b/0x320 [ 3350.677170][T27008] crypto_spawn_tfm2+0x60/0xb0 [ 3350.681950][T27008] crypto_gcm_init_tfm+0x3d/0x260 [ 3350.687022][T27008] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3350.692672][T27008] crypto_aead_init_tfm+0x138/0x1a0 02:40:19 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000058500040001"], 0x24}}, 0x0) [ 3350.697894][T27008] crypto_create_tfm_node+0x10d/0x320 [ 3350.703290][T27008] crypto_alloc_tfm_node+0x107/0x260 [ 3350.708606][T27008] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3350.714368][T27008] tipc_crypto_key_init+0x82/0x110 [ 3350.719502][T27008] ? tipc_ehdr_validate+0x240/0x240 [ 3350.724806][T27008] ? crypto_mod_put+0x8c/0x100 [ 3350.729596][T27008] tipc_nl_node_set_key+0xa5d/0xf70 [ 3350.734822][T27008] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3350.741100][T27008] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 02:40:19 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000068500040001"], 0x24}}, 0x0) [ 3350.747362][T27008] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3350.754748][T27008] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3350.762058][T27008] genl_family_rcv_msg_doit+0x228/0x320 [ 3350.767626][T27008] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3350.775018][T27008] ? mutex_lock_io_nested+0x1150/0x1150 [ 3350.780593][T27008] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3350.786854][T27008] ? __radix_tree_lookup+0x211/0x2a0 [ 3350.792161][T27008] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3350.798419][T27008] ? genl_get_cmd+0x3cf/0x480 02:40:19 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000078500040001"], 0x24}}, 0x0) [ 3350.803119][T27008] genl_rcv_msg+0x328/0x580 [ 3350.807656][T27008] ? genl_get_cmd+0x480/0x480 [ 3350.812349][T27008] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3350.818617][T27008] ? lock_release+0x720/0x720 [ 3350.823311][T27008] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3350.828620][T27008] netlink_rcv_skb+0x153/0x420 [ 3350.833406][T27008] ? genl_get_cmd+0x480/0x480 [ 3350.838120][T27008] ? netlink_ack+0xa60/0xa60 [ 3350.842736][T27008] ? netlink_deliver_tap+0x1b1/0xc30 [ 3350.848056][T27008] genl_rcv+0x24/0x40 [ 3350.852139][T27008] netlink_unicast+0x533/0x7d0 [ 3350.856898][T27008] ? netlink_attachskb+0x890/0x890 [ 3350.861996][T27008] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3350.868229][T27008] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3350.874458][T27008] ? __phys_addr_symbol+0x2c/0x70 [ 3350.879473][T27008] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3350.885203][T27008] ? __check_object_size+0x16e/0x3f0 [ 3350.890480][T27008] netlink_sendmsg+0x86d/0xdb0 [ 3350.895234][T27008] ? netlink_unicast+0x7d0/0x7d0 [ 3350.900163][T27008] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3350.906392][T27008] ? netlink_unicast+0x7d0/0x7d0 [ 3350.911314][T27008] sock_sendmsg+0xcf/0x120 [ 3350.915732][T27008] ____sys_sendmsg+0x6e8/0x810 [ 3350.920508][T27008] ? kernel_sendmsg+0x50/0x50 [ 3350.925259][T27008] ? do_recvmmsg+0x6d0/0x6d0 [ 3350.929840][T27008] ? lock_chain_count+0x20/0x20 [ 3350.934679][T27008] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3350.940662][T27008] ___sys_sendmsg+0xf3/0x170 [ 3350.945309][T27008] ? sendmsg_copy_msghdr+0x160/0x160 [ 3350.950597][T27008] ? __fget_files+0x21b/0x3e0 [ 3350.955360][T27008] ? lock_downgrade+0x6e0/0x6e0 [ 3350.960233][T27008] ? __fget_files+0x23d/0x3e0 [ 3350.964921][T27008] ? __fget_light+0xea/0x280 [ 3350.969502][T27008] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3350.975746][T27008] __sys_sendmsg+0xe5/0x1b0 [ 3350.980264][T27008] ? __sys_sendmsg_sock+0x30/0x30 [ 3350.985288][T27008] ? syscall_enter_from_user_mode+0x21/0x70 [ 3350.991184][T27008] do_syscall_64+0x35/0xb0 [ 3350.995616][T27008] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3351.001534][T27008] RIP: 0033:0x7f812fd3ba39 [ 3351.005958][T27008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3351.025580][T27008] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3351.034036][T27008] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3351.041995][T27008] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 02:40:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x8, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3351.049956][T27008] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3351.057938][T27008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3351.065906][T27008] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:20 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 58) 02:40:20 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000088500040001"], 0x24}}, 0x0) 02:40:20 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800ffffff8d00"/36}}]}]}, 0x64}}, 0x0) 02:40:20 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000041c1000000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:20 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000008000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x300, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:20 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000098500040001"], 0x24}}, 0x0) [ 3351.414054][T27040] FAULT_INJECTION: forcing a failure. [ 3351.414054][T27040] name failslab, interval 1, probability 0, space 0, times 0 [ 3351.469327][T27040] CPU: 1 PID: 27040 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3351.478135][T27040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3351.488203][T27040] Call Trace: [ 3351.491494][T27040] dump_stack_lvl+0xcd/0x134 [ 3351.496115][T27040] should_fail.cold+0x5/0xa [ 3351.500649][T27040] ? crypto_create_tfm_node+0x7f/0x320 [ 3351.506128][T27040] should_failslab+0x5/0x10 [ 3351.510647][T27040] __kmalloc_node+0x75/0x370 [ 3351.515267][T27040] crypto_create_tfm_node+0x7f/0x320 [ 3351.520576][T27040] crypto_spawn_tfm2+0x60/0xb0 [ 3351.525365][T27040] crypto_gcm_init_tfm+0x6d/0x260 [ 3351.530407][T27040] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3351.536062][T27040] crypto_aead_init_tfm+0x138/0x1a0 [ 3351.541291][T27040] crypto_create_tfm_node+0x10d/0x320 [ 3351.546681][T27040] crypto_alloc_tfm_node+0x107/0x260 [ 3351.551997][T27040] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3351.557754][T27040] tipc_crypto_key_init+0x82/0x110 [ 3351.562888][T27040] ? tipc_ehdr_validate+0x240/0x240 [ 3351.568111][T27040] ? crypto_mod_put+0x8c/0x100 [ 3351.572907][T27040] tipc_nl_node_set_key+0xa5d/0xf70 [ 3351.578125][T27040] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3351.584365][T27040] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3351.590600][T27040] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3351.597987][T27040] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3351.605309][T27040] genl_family_rcv_msg_doit+0x228/0x320 [ 3351.610880][T27040] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3351.618271][T27040] ? mutex_lock_io_nested+0x1150/0x1150 [ 3351.623921][T27040] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3351.630161][T27040] ? __radix_tree_lookup+0x211/0x2a0 [ 3351.635449][T27040] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3351.641697][T27040] ? genl_get_cmd+0x3cf/0x480 [ 3351.646369][T27040] genl_rcv_msg+0x328/0x580 [ 3351.650863][T27040] ? genl_get_cmd+0x480/0x480 [ 3351.655530][T27040] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3351.661785][T27040] ? lock_release+0x720/0x720 [ 3351.666463][T27040] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3351.671763][T27040] netlink_rcv_skb+0x153/0x420 [ 3351.676516][T27040] ? genl_get_cmd+0x480/0x480 [ 3351.681200][T27040] ? netlink_ack+0xa60/0xa60 [ 3351.685806][T27040] ? netlink_deliver_tap+0x1b1/0xc30 [ 3351.691091][T27040] genl_rcv+0x24/0x40 [ 3351.695074][T27040] netlink_unicast+0x533/0x7d0 [ 3351.699834][T27040] ? netlink_attachskb+0x890/0x890 [ 3351.704952][T27040] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3351.711184][T27040] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3351.717414][T27040] ? __phys_addr_symbol+0x2c/0x70 [ 3351.722425][T27040] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3351.728174][T27040] ? __check_object_size+0x16e/0x3f0 [ 3351.733475][T27040] netlink_sendmsg+0x86d/0xdb0 [ 3351.738240][T27040] ? netlink_unicast+0x7d0/0x7d0 [ 3351.743223][T27040] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3351.749453][T27040] ? netlink_unicast+0x7d0/0x7d0 [ 3351.754383][T27040] sock_sendmsg+0xcf/0x120 [ 3351.758795][T27040] ____sys_sendmsg+0x6e8/0x810 [ 3351.763580][T27040] ? kernel_sendmsg+0x50/0x50 [ 3351.768254][T27040] ? do_recvmmsg+0x6d0/0x6d0 [ 3351.772841][T27040] ? lock_chain_count+0x20/0x20 [ 3351.777679][T27040] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3351.783677][T27040] ___sys_sendmsg+0xf3/0x170 [ 3351.788267][T27040] ? sendmsg_copy_msghdr+0x160/0x160 [ 3351.793557][T27040] ? __fget_files+0x21b/0x3e0 [ 3351.798233][T27040] ? lock_downgrade+0x6e0/0x6e0 [ 3351.803103][T27040] ? __fget_files+0x23d/0x3e0 [ 3351.807782][T27040] ? __fget_light+0xea/0x280 [ 3351.812382][T27040] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3351.818634][T27040] __sys_sendmsg+0xe5/0x1b0 [ 3351.823124][T27040] ? __sys_sendmsg_sock+0x30/0x30 [ 3351.828154][T27040] ? syscall_enter_from_user_mode+0x21/0x70 [ 3351.834054][T27040] do_syscall_64+0x35/0xb0 [ 3351.838481][T27040] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3351.844385][T27040] RIP: 0033:0x7f812fd3ba39 [ 3351.848800][T27040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3351.868403][T27040] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3351.876804][T27040] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3351.884764][T27040] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3351.892725][T27040] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3351.900683][T27040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3351.908645][T27040] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:21 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000a8500040001"], 0x24}}, 0x0) 02:40:21 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 59) 02:40:21 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000fffffff0000000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000000000000e000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:21 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000019c00"/36}}]}]}, 0x64}}, 0x0) [ 3352.142711][T27058] FAULT_INJECTION: forcing a failure. [ 3352.142711][T27058] name failslab, interval 1, probability 0, space 0, times 0 [ 3352.162591][T27058] CPU: 1 PID: 27058 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3352.171418][T27058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3352.181468][T27058] Call Trace: [ 3352.184743][T27058] dump_stack_lvl+0xcd/0x134 [ 3352.189345][T27058] should_fail.cold+0x5/0xa [ 3352.193849][T27058] ? crypto_create_tfm_node+0x7f/0x320 [ 3352.199304][T27058] should_failslab+0x5/0x10 [ 3352.203800][T27058] __kmalloc_node+0x75/0x370 [ 3352.208396][T27058] crypto_create_tfm_node+0x7f/0x320 [ 3352.213680][T27058] crypto_alloc_tfm_node+0x107/0x260 [ 3352.218969][T27058] cryptd_alloc_skcipher+0x101/0x200 [ 3352.224257][T27058] ? cryptd_hash_exit_tfm+0x40/0x40 [ 3352.229465][T27058] ? __kmalloc_node+0x62/0x370 [ 3352.234240][T27058] ? simd_skcipher_exit+0x40/0x40 [ 3352.239261][T27058] simd_skcipher_init+0x67/0x180 [ 3352.244199][T27058] ? simd_skcipher_exit+0x40/0x40 [ 3352.249218][T27058] crypto_skcipher_init_tfm+0x127/0x180 [ 3352.254764][T27058] crypto_create_tfm_node+0x10d/0x320 [ 3352.260135][T27058] crypto_spawn_tfm2+0x60/0xb0 [ 3352.264894][T27058] crypto_gcm_init_tfm+0x6d/0x260 [ 3352.269916][T27058] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3352.275550][T27058] crypto_aead_init_tfm+0x138/0x1a0 [ 3352.280752][T27058] crypto_create_tfm_node+0x10d/0x320 [ 3352.286121][T27058] crypto_alloc_tfm_node+0x107/0x260 [ 3352.291411][T27058] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3352.297142][T27058] tipc_crypto_key_init+0x82/0x110 [ 3352.302254][T27058] ? tipc_ehdr_validate+0x240/0x240 [ 3352.307456][T27058] ? crypto_mod_put+0x8c/0x100 [ 3352.312221][T27058] tipc_nl_node_set_key+0xa5d/0xf70 [ 3352.317427][T27058] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3352.323673][T27058] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3352.329910][T27058] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3352.337275][T27058] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3352.344562][T27058] genl_family_rcv_msg_doit+0x228/0x320 [ 3352.350107][T27058] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3352.357474][T27058] ? mutex_lock_io_nested+0x1150/0x1150 [ 3352.363028][T27058] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3352.369269][T27058] ? __radix_tree_lookup+0x211/0x2a0 [ 3352.374551][T27058] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3352.380790][T27058] ? genl_get_cmd+0x3cf/0x480 [ 3352.385471][T27058] genl_rcv_msg+0x328/0x580 [ 3352.389976][T27058] ? genl_get_cmd+0x480/0x480 [ 3352.394648][T27058] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3352.400894][T27058] ? lock_release+0x720/0x720 [ 3352.405571][T27058] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3352.410859][T27058] netlink_rcv_skb+0x153/0x420 [ 3352.415618][T27058] ? genl_get_cmd+0x480/0x480 [ 3352.420295][T27058] ? netlink_ack+0xa60/0xa60 [ 3352.424889][T27058] ? netlink_deliver_tap+0x1b1/0xc30 [ 3352.430179][T27058] genl_rcv+0x24/0x40 [ 3352.434156][T27058] netlink_unicast+0x533/0x7d0 [ 3352.438922][T27058] ? netlink_attachskb+0x890/0x890 [ 3352.444026][T27058] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3352.450266][T27058] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3352.456505][T27058] ? __phys_addr_symbol+0x2c/0x70 [ 3352.461527][T27058] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3352.467335][T27058] ? __check_object_size+0x16e/0x3f0 [ 3352.472624][T27058] netlink_sendmsg+0x86d/0xdb0 [ 3352.477389][T27058] ? netlink_unicast+0x7d0/0x7d0 [ 3352.482330][T27058] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3352.488570][T27058] ? netlink_unicast+0x7d0/0x7d0 [ 3352.493506][T27058] sock_sendmsg+0xcf/0x120 [ 3352.497925][T27058] ____sys_sendmsg+0x6e8/0x810 [ 3352.502700][T27058] ? kernel_sendmsg+0x50/0x50 [ 3352.507371][T27058] ? do_recvmmsg+0x6d0/0x6d0 [ 3352.511962][T27058] ? lock_chain_count+0x20/0x20 [ 3352.516810][T27058] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3352.522797][T27058] ___sys_sendmsg+0xf3/0x170 [ 3352.527388][T27058] ? sendmsg_copy_msghdr+0x160/0x160 [ 3352.532677][T27058] ? __fget_files+0x21b/0x3e0 [ 3352.537346][T27058] ? lock_downgrade+0x6e0/0x6e0 [ 3352.542204][T27058] ? __fget_files+0x23d/0x3e0 [ 3352.546884][T27058] ? __fget_light+0xea/0x280 [ 3352.551466][T27058] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3352.557711][T27058] __sys_sendmsg+0xe5/0x1b0 [ 3352.562214][T27058] ? __sys_sendmsg_sock+0x30/0x30 [ 3352.567253][T27058] ? syscall_enter_from_user_mode+0x21/0x70 [ 3352.573150][T27058] do_syscall_64+0x35/0xb0 [ 3352.577557][T27058] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3352.583446][T27058] RIP: 0033:0x7f812fd3ba39 [ 3352.587857][T27058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3352.607463][T27058] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3352.615873][T27058] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3352.623840][T27058] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3352.631805][T27058] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3352.639767][T27058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3352.647730][T27058] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:21 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000b8500040001"], 0x24}}, 0x0) 02:40:21 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 60) 02:40:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000000000000f000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:21 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x2, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:21 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000f0ffff000000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:22 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800ffffff9e00"/36}}]}]}, 0x64}}, 0x0) 02:40:22 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000c8500040001"], 0x24}}, 0x0) [ 3353.027289][T27077] FAULT_INJECTION: forcing a failure. [ 3353.027289][T27077] name failslab, interval 1, probability 0, space 0, times 0 [ 3353.072845][T27077] CPU: 0 PID: 27077 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3353.081653][T27077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3353.091730][T27077] Call Trace: [ 3353.095021][T27077] dump_stack_lvl+0xcd/0x134 [ 3353.099635][T27077] should_fail.cold+0x5/0xa [ 3353.104172][T27077] ? crypto_create_tfm_node+0x7f/0x320 [ 3353.109647][T27077] should_failslab+0x5/0x10 [ 3353.114168][T27077] __kmalloc_node+0x75/0x370 [ 3353.118773][T27077] crypto_create_tfm_node+0x7f/0x320 [ 3353.124060][T27077] crypto_spawn_tfm2+0x60/0xb0 [ 3353.128820][T27077] ? cryptd_skcipher_setkey+0xd0/0xd0 [ 3353.134194][T27077] cryptd_skcipher_init_tfm+0x3a/0xe0 [ 3353.139566][T27077] crypto_skcipher_init_tfm+0x127/0x180 [ 3353.145112][T27077] crypto_create_tfm_node+0x10d/0x320 [ 3353.150484][T27077] crypto_alloc_tfm_node+0x107/0x260 [ 3353.155774][T27077] cryptd_alloc_skcipher+0x101/0x200 [ 3353.161318][T27077] ? cryptd_hash_exit_tfm+0x40/0x40 [ 3353.166513][T27077] ? exc_int3+0xb/0x80 [ 3353.170580][T27077] ? crypto_create_tfm_node+0x7f/0x320 [ 3353.176041][T27077] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3353.182300][T27077] ? simd_skcipher_exit+0x40/0x40 [ 3353.187333][T27077] simd_skcipher_init+0x67/0x180 [ 3353.192274][T27077] ? simd_skcipher_exit+0x40/0x40 [ 3353.197302][T27077] crypto_skcipher_init_tfm+0x127/0x180 [ 3353.202851][T27077] crypto_create_tfm_node+0x10d/0x320 [ 3353.208221][T27077] crypto_spawn_tfm2+0x60/0xb0 [ 3353.212985][T27077] crypto_gcm_init_tfm+0x6d/0x260 [ 3353.218006][T27077] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3353.223633][T27077] crypto_aead_init_tfm+0x138/0x1a0 [ 3353.228831][T27077] crypto_create_tfm_node+0x10d/0x320 [ 3353.234200][T27077] crypto_alloc_tfm_node+0x107/0x260 [ 3353.239487][T27077] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3353.245215][T27077] tipc_crypto_key_init+0x82/0x110 [ 3353.250326][T27077] ? tipc_ehdr_validate+0x240/0x240 [ 3353.255521][T27077] ? crypto_mod_put+0x8c/0x100 [ 3353.260287][T27077] tipc_nl_node_set_key+0xa5d/0xf70 [ 3353.265491][T27077] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3353.271738][T27077] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3353.277982][T27077] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3353.285368][T27077] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3353.292665][T27077] genl_family_rcv_msg_doit+0x228/0x320 [ 3353.298208][T27077] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3353.305571][T27077] ? mutex_lock_io_nested+0x1150/0x1150 [ 3353.311124][T27077] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3353.317362][T27077] ? __radix_tree_lookup+0x211/0x2a0 [ 3353.322643][T27077] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3353.328889][T27077] ? genl_get_cmd+0x3cf/0x480 [ 3353.333566][T27077] genl_rcv_msg+0x328/0x580 [ 3353.338109][T27077] ? genl_get_cmd+0x480/0x480 [ 3353.342781][T27077] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3353.349028][T27077] ? lock_release+0x720/0x720 [ 3353.353700][T27077] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3353.359506][T27077] netlink_rcv_skb+0x153/0x420 [ 3353.364264][T27077] ? genl_get_cmd+0x480/0x480 [ 3353.368952][T27077] ? netlink_ack+0xa60/0xa60 [ 3353.373548][T27077] ? netlink_deliver_tap+0x1b1/0xc30 [ 3353.378835][T27077] genl_rcv+0x24/0x40 [ 3353.382815][T27077] netlink_unicast+0x533/0x7d0 [ 3353.387578][T27077] ? netlink_attachskb+0x890/0x890 [ 3353.392680][T27077] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3353.398920][T27077] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3353.405159][T27077] ? __phys_addr_symbol+0x2c/0x70 [ 3353.410178][T27077] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3353.415895][T27077] ? __check_object_size+0x16e/0x3f0 [ 3353.421181][T27077] netlink_sendmsg+0x86d/0xdb0 [ 3353.425945][T27077] ? netlink_unicast+0x7d0/0x7d0 [ 3353.430890][T27077] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3353.437130][T27077] ? netlink_unicast+0x7d0/0x7d0 [ 3353.442062][T27077] sock_sendmsg+0xcf/0x120 [ 3353.446479][T27077] ____sys_sendmsg+0x6e8/0x810 [ 3353.451241][T27077] ? kernel_sendmsg+0x50/0x50 [ 3353.455911][T27077] ? do_recvmmsg+0x6d0/0x6d0 [ 3353.460939][T27077] ? lock_chain_count+0x20/0x20 [ 3353.465793][T27077] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3353.471778][T27077] ___sys_sendmsg+0xf3/0x170 [ 3353.476372][T27077] ? sendmsg_copy_msghdr+0x160/0x160 [ 3353.481667][T27077] ? __fget_files+0x21b/0x3e0 [ 3353.486338][T27077] ? lock_downgrade+0x6e0/0x6e0 [ 3353.491200][T27077] ? __fget_files+0x23d/0x3e0 [ 3353.495877][T27077] ? __fget_light+0xea/0x280 [ 3353.500466][T27077] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3353.506706][T27077] __sys_sendmsg+0xe5/0x1b0 [ 3353.511211][T27077] ? __sys_sendmsg_sock+0x30/0x30 [ 3353.516428][T27077] ? syscall_enter_from_user_mode+0x21/0x70 [ 3353.522322][T27077] do_syscall_64+0x35/0xb0 [ 3353.526734][T27077] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3353.532627][T27077] RIP: 0033:0x7f812fd3ba39 [ 3353.537044][T27077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3353.556738][T27077] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3353.565494][T27077] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 02:40:22 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000d8500040001"], 0x24}}, 0x0) [ 3353.573459][T27077] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3353.581596][T27077] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3353.589558][T27077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3353.597521][T27077] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:22 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000e8500040001"], 0x24}}, 0x0) 02:40:22 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000f8500040001"], 0x24}}, 0x0) 02:40:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x3, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:22 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000007fffffff000000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:22 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000003ce00"/36}}]}]}, 0x64}}, 0x0) 02:40:22 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 61) 02:40:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000000000003f000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:23 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000009effffff000000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:23 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000108500040001"], 0x24}}, 0x0) [ 3354.111761][T27110] FAULT_INJECTION: forcing a failure. [ 3354.111761][T27110] name failslab, interval 1, probability 0, space 0, times 0 [ 3354.158111][T27110] CPU: 1 PID: 27110 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3354.166911][T27110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3354.176985][T27110] Call Trace: [ 3354.180273][T27110] dump_stack_lvl+0xcd/0x134 [ 3354.184883][T27110] should_fail.cold+0x5/0xa [ 3354.189422][T27110] ? crypto_gcm_setkey+0x13e/0x590 [ 3354.194546][T27110] should_failslab+0x5/0x10 [ 3354.199066][T27110] __kmalloc+0x72/0x320 [ 3354.203257][T27110] crypto_gcm_setkey+0x13e/0x590 [ 3354.208235][T27110] crypto_aead_setkey+0xbf/0x290 [ 3354.213204][T27110] tipc_aead_init.constprop.0+0x17b/0x8f0 [ 3354.218967][T27110] tipc_crypto_key_init+0x82/0x110 [ 3354.224103][T27110] ? tipc_ehdr_validate+0x240/0x240 [ 3354.229322][T27110] ? crypto_mod_put+0x8c/0x100 [ 3354.234115][T27110] tipc_nl_node_set_key+0xa5d/0xf70 [ 3354.239337][T27110] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3354.245615][T27110] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3354.251878][T27110] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3354.259273][T27110] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3354.266586][T27110] genl_family_rcv_msg_doit+0x228/0x320 [ 3354.272156][T27110] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3354.279545][T27110] ? mutex_lock_io_nested+0x1150/0x1150 [ 3354.285121][T27110] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3354.291379][T27110] ? __radix_tree_lookup+0x211/0x2a0 [ 3354.296691][T27110] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3354.302951][T27110] ? genl_get_cmd+0x3cf/0x480 02:40:23 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800fffffff000"/36}}]}]}, 0x64}}, 0x0) 02:40:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000004745000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x4, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3354.307653][T27110] genl_rcv_msg+0x328/0x580 [ 3354.312180][T27110] ? genl_get_cmd+0x480/0x480 [ 3354.316880][T27110] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3354.323150][T27110] ? lock_release+0x720/0x720 [ 3354.327847][T27110] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3354.333156][T27110] netlink_rcv_skb+0x153/0x420 [ 3354.337935][T27110] ? genl_get_cmd+0x480/0x480 [ 3354.342632][T27110] ? netlink_ack+0xa60/0xa60 [ 3354.347250][T27110] ? netlink_deliver_tap+0x1b1/0xc30 [ 3354.352562][T27110] genl_rcv+0x24/0x40 [ 3354.356559][T27110] netlink_unicast+0x533/0x7d0 [ 3354.361349][T27110] ? netlink_attachskb+0x890/0x890 [ 3354.366471][T27110] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3354.372734][T27110] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3354.378990][T27110] ? __phys_addr_symbol+0x2c/0x70 [ 3354.384031][T27110] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3354.389771][T27110] ? __check_object_size+0x16e/0x3f0 [ 3354.395084][T27110] netlink_sendmsg+0x86d/0xdb0 [ 3354.399881][T27110] ? netlink_unicast+0x7d0/0x7d0 [ 3354.404847][T27110] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3354.411117][T27110] ? netlink_unicast+0x7d0/0x7d0 [ 3354.416074][T27110] sock_sendmsg+0xcf/0x120 [ 3354.420510][T27110] ____sys_sendmsg+0x6e8/0x810 [ 3354.425299][T27110] ? kernel_sendmsg+0x50/0x50 [ 3354.429993][T27110] ? do_recvmmsg+0x6d0/0x6d0 [ 3354.434608][T27110] ? lock_chain_count+0x20/0x20 [ 3354.439477][T27110] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3354.445488][T27110] ___sys_sendmsg+0xf3/0x170 [ 3354.450103][T27110] ? sendmsg_copy_msghdr+0x160/0x160 [ 3354.455412][T27110] ? __fget_files+0x21b/0x3e0 [ 3354.460108][T27110] ? lock_downgrade+0x6e0/0x6e0 [ 3354.464997][T27110] ? __fget_files+0x23d/0x3e0 [ 3354.469704][T27110] ? __fget_light+0xea/0x280 [ 3354.474310][T27110] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3354.480582][T27110] __sys_sendmsg+0xe5/0x1b0 [ 3354.485116][T27110] ? __sys_sendmsg_sock+0x30/0x30 [ 3354.490169][T27110] ? syscall_enter_from_user_mode+0x21/0x70 [ 3354.496063][T27110] do_syscall_64+0x35/0xb0 [ 3354.500469][T27110] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3354.506358][T27110] RIP: 0033:0x7f812fd3ba39 [ 3354.510760][T27110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3354.530361][T27110] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3354.538785][T27110] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3354.546743][T27110] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 02:40:23 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000118500040001"], 0x24}}, 0x0) [ 3354.554705][T27110] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3354.562698][T27110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3354.570656][T27110] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:23 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 62) 02:40:23 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800fffffff500"/36}}]}]}, 0x64}}, 0x0) 02:40:23 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000128500040001"], 0x24}}, 0x0) 02:40:23 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000f0ffffff000000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:23 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x7, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000060000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3354.880438][T27137] FAULT_INJECTION: forcing a failure. [ 3354.880438][T27137] name failslab, interval 1, probability 0, space 0, times 0 [ 3354.910645][T27137] CPU: 1 PID: 27137 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3354.919450][T27137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3354.929518][T27137] Call Trace: [ 3354.932807][T27137] dump_stack_lvl+0xcd/0x134 [ 3354.937425][T27137] should_fail.cold+0x5/0xa [ 3354.941955][T27137] ? tipc_aead_init.constprop.0+0x1bb/0x8f0 [ 3354.947874][T27137] should_failslab+0x5/0x10 [ 3354.952392][T27137] kmem_cache_alloc_trace+0x55/0x2b0 [ 3354.957691][T27137] ? crypto_aead_setkey+0x10f/0x290 [ 3354.962918][T27137] tipc_aead_init.constprop.0+0x1bb/0x8f0 [ 3354.968676][T27137] tipc_crypto_key_init+0x82/0x110 [ 3354.973810][T27137] ? tipc_ehdr_validate+0x240/0x240 [ 3354.979035][T27137] ? crypto_mod_put+0x8c/0x100 [ 3354.983815][T27137] tipc_nl_node_set_key+0xa5d/0xf70 [ 3354.989015][T27137] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3354.995264][T27137] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3355.001519][T27137] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3355.008897][T27137] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3355.016177][T27137] genl_family_rcv_msg_doit+0x228/0x320 [ 3355.021735][T27137] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3355.029097][T27137] ? mutex_lock_io_nested+0x1150/0x1150 [ 3355.034645][T27137] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3355.040884][T27137] ? __radix_tree_lookup+0x211/0x2a0 [ 3355.046183][T27137] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3355.052412][T27137] ? genl_get_cmd+0x3cf/0x480 [ 3355.057087][T27137] genl_rcv_msg+0x328/0x580 [ 3355.061585][T27137] ? genl_get_cmd+0x480/0x480 [ 3355.066249][T27137] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3355.072490][T27137] ? lock_release+0x720/0x720 [ 3355.077173][T27137] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3355.082458][T27137] netlink_rcv_skb+0x153/0x420 [ 3355.087225][T27137] ? genl_get_cmd+0x480/0x480 [ 3355.091891][T27137] ? netlink_ack+0xa60/0xa60 [ 3355.096484][T27137] ? netlink_deliver_tap+0x1b1/0xc30 [ 3355.101768][T27137] genl_rcv+0x24/0x40 [ 3355.105775][T27137] netlink_unicast+0x533/0x7d0 [ 3355.110530][T27137] ? netlink_attachskb+0x890/0x890 [ 3355.115631][T27137] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3355.121887][T27137] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3355.128116][T27137] ? __phys_addr_symbol+0x2c/0x70 [ 3355.133128][T27137] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3355.138844][T27137] ? __check_object_size+0x16e/0x3f0 [ 3355.144140][T27137] netlink_sendmsg+0x86d/0xdb0 [ 3355.148906][T27137] ? netlink_unicast+0x7d0/0x7d0 [ 3355.153850][T27137] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3355.160079][T27137] ? netlink_unicast+0x7d0/0x7d0 [ 3355.165006][T27137] sock_sendmsg+0xcf/0x120 [ 3355.169436][T27137] ____sys_sendmsg+0x6e8/0x810 [ 3355.174216][T27137] ? kernel_sendmsg+0x50/0x50 [ 3355.178887][T27137] ? do_recvmmsg+0x6d0/0x6d0 [ 3355.183474][T27137] ? lock_chain_count+0x20/0x20 [ 3355.188315][T27137] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3355.194286][T27137] ___sys_sendmsg+0xf3/0x170 [ 3355.198875][T27137] ? sendmsg_copy_msghdr+0x160/0x160 [ 3355.204188][T27137] ? __fget_files+0x21b/0x3e0 [ 3355.208879][T27137] ? lock_downgrade+0x6e0/0x6e0 [ 3355.213794][T27137] ? __fget_files+0x23d/0x3e0 [ 3355.218468][T27137] ? __fget_light+0xea/0x280 [ 3355.223044][T27137] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3355.229291][T27137] __sys_sendmsg+0xe5/0x1b0 [ 3355.233802][T27137] ? __sys_sendmsg_sock+0x30/0x30 [ 3355.238868][T27137] ? syscall_enter_from_user_mode+0x21/0x70 [ 3355.244771][T27137] do_syscall_64+0x35/0xb0 [ 3355.249170][T27137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3355.255064][T27137] RIP: 0033:0x7f812fd3ba39 [ 3355.259491][T27137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:40:24 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000138500040001"], 0x24}}, 0x0) [ 3355.279091][T27137] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3355.287495][T27137] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3355.295464][T27137] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3355.303428][T27137] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3355.311391][T27137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3355.319372][T27137] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x8, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:24 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 63) 02:40:24 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800fffffffc00"/36}}]}]}, 0x64}}, 0x0) 02:40:24 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000003000000000000"}}]}]}, 0x64}}, 0x0) 02:40:24 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000ffffff9e000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:24 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000148500040001"], 0x24}}, 0x0) [ 3355.607324][T27156] FAULT_INJECTION: forcing a failure. [ 3355.607324][T27156] name failslab, interval 1, probability 0, space 0, times 0 [ 3355.636064][T27156] CPU: 1 PID: 27156 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3355.644866][T27156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3355.654937][T27156] Call Trace: [ 3355.658234][T27156] dump_stack_lvl+0xcd/0x134 [ 3355.662854][T27156] should_fail.cold+0x5/0xa [ 3355.667391][T27156] ? crypto_create_tfm_node+0x7f/0x320 [ 3355.672872][T27156] should_failslab+0x5/0x10 [ 3355.677399][T27156] __kmalloc_node+0x75/0x370 [ 3355.682019][T27156] crypto_create_tfm_node+0x7f/0x320 [ 3355.687320][T27156] crypto_alloc_tfm_node+0x107/0x260 [ 3355.692617][T27156] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3355.698378][T27156] tipc_crypto_key_init+0x82/0x110 [ 3355.703515][T27156] ? tipc_ehdr_validate+0x240/0x240 [ 3355.708737][T27156] ? crypto_mod_put+0x8c/0x100 [ 3355.713534][T27156] tipc_nl_node_set_key+0xa5d/0xf70 [ 3355.718762][T27156] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3355.725035][T27156] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3355.731618][T27156] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3355.738991][T27156] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3355.746299][T27156] genl_family_rcv_msg_doit+0x228/0x320 [ 3355.751841][T27156] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3355.759211][T27156] ? mutex_lock_io_nested+0x1150/0x1150 [ 3355.764760][T27156] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3355.770996][T27156] ? __radix_tree_lookup+0x211/0x2a0 [ 3355.776270][T27156] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3355.782520][T27156] ? genl_get_cmd+0x3cf/0x480 [ 3355.787193][T27156] genl_rcv_msg+0x328/0x580 [ 3355.791687][T27156] ? genl_get_cmd+0x480/0x480 [ 3355.796351][T27156] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3355.802609][T27156] ? lock_release+0x720/0x720 [ 3355.807276][T27156] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3355.812553][T27156] netlink_rcv_skb+0x153/0x420 [ 3355.817305][T27156] ? genl_get_cmd+0x480/0x480 [ 3355.821977][T27156] ? netlink_ack+0xa60/0xa60 [ 3355.826569][T27156] ? netlink_deliver_tap+0x1b1/0xc30 [ 3355.831849][T27156] genl_rcv+0x24/0x40 [ 3355.835821][T27156] netlink_unicast+0x533/0x7d0 [ 3355.840589][T27156] ? netlink_attachskb+0x890/0x890 [ 3355.845708][T27156] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3355.851951][T27156] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3355.858205][T27156] ? __phys_addr_symbol+0x2c/0x70 [ 3355.863222][T27156] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3355.868962][T27156] ? __check_object_size+0x16e/0x3f0 [ 3355.874250][T27156] netlink_sendmsg+0x86d/0xdb0 [ 3355.879018][T27156] ? netlink_unicast+0x7d0/0x7d0 [ 3355.884008][T27156] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3355.890249][T27156] ? netlink_unicast+0x7d0/0x7d0 [ 3355.895197][T27156] sock_sendmsg+0xcf/0x120 [ 3355.899644][T27156] ____sys_sendmsg+0x6e8/0x810 [ 3355.904400][T27156] ? kernel_sendmsg+0x50/0x50 [ 3355.909064][T27156] ? do_recvmmsg+0x6d0/0x6d0 [ 3355.913645][T27156] ? lock_chain_count+0x20/0x20 [ 3355.918489][T27156] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3355.924485][T27156] ___sys_sendmsg+0xf3/0x170 [ 3355.929075][T27156] ? sendmsg_copy_msghdr+0x160/0x160 [ 3355.934360][T27156] ? __fget_files+0x21b/0x3e0 [ 3355.939035][T27156] ? lock_downgrade+0x6e0/0x6e0 [ 3355.943885][T27156] ? __fget_files+0x23d/0x3e0 [ 3355.948560][T27156] ? __fget_light+0xea/0x280 [ 3355.953149][T27156] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3355.959389][T27156] __sys_sendmsg+0xe5/0x1b0 [ 3355.963890][T27156] ? __sys_sendmsg_sock+0x30/0x30 [ 3355.968916][T27156] ? syscall_enter_from_user_mode+0x21/0x70 [ 3355.974815][T27156] do_syscall_64+0x35/0xb0 [ 3355.979246][T27156] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3355.985154][T27156] RIP: 0033:0x7f812fd3ba39 [ 3355.989559][T27156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:40:25 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000158500040001"], 0x24}}, 0x0) [ 3356.009157][T27156] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3356.017569][T27156] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3356.025554][T27156] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3356.033521][T27156] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3356.041486][T27156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3356.049454][T27156] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:25 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0xe, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:25 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000f0ffff00"/36}}]}]}, 0x64}}, 0x0) 02:40:25 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000340000000000000"}}]}]}, 0x64}}, 0x0) 02:40:25 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 64) 02:40:25 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000ec0000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:25 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000168500040001"], 0x24}}, 0x0) 02:40:25 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0xf, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:25 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000fffffffffffff0000000000000"}}]}]}, 0x64}}, 0x0) [ 3356.409044][T27182] FAULT_INJECTION: forcing a failure. [ 3356.409044][T27182] name failslab, interval 1, probability 0, space 0, times 0 [ 3356.465994][T27182] CPU: 1 PID: 27182 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3356.474811][T27182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3356.484885][T27182] Call Trace: [ 3356.488179][T27182] dump_stack_lvl+0xcd/0x134 [ 3356.492800][T27182] should_fail.cold+0x5/0xa [ 3356.497333][T27182] ? crypto_create_tfm_node+0x7f/0x320 [ 3356.502817][T27182] should_failslab+0x5/0x10 [ 3356.507347][T27182] __kmalloc_node+0x75/0x370 [ 3356.511975][T27182] crypto_create_tfm_node+0x7f/0x320 [ 3356.517291][T27182] crypto_spawn_tfm2+0x60/0xb0 [ 3356.522087][T27182] crypto_gcm_init_tfm+0x3d/0x260 [ 3356.527133][T27182] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3356.532797][T27182] crypto_aead_init_tfm+0x138/0x1a0 [ 3356.538022][T27182] crypto_create_tfm_node+0x10d/0x320 [ 3356.543423][T27182] crypto_alloc_tfm_node+0x107/0x260 [ 3356.548740][T27182] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3356.554516][T27182] tipc_crypto_key_init+0x82/0x110 [ 3356.559656][T27182] ? tipc_ehdr_validate+0x240/0x240 02:40:25 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8007fffffff00"/36}}]}]}, 0x64}}, 0x0) [ 3356.564874][T27182] ? crypto_mod_put+0x8c/0x100 [ 3356.569768][T27182] tipc_nl_node_set_key+0xa5d/0xf70 [ 3356.575001][T27182] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3356.581278][T27182] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3356.587542][T27182] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3356.594933][T27182] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3356.602245][T27182] genl_family_rcv_msg_doit+0x228/0x320 [ 3356.607807][T27182] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 02:40:25 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000178500040001"], 0x24}}, 0x0) [ 3356.615205][T27182] ? mutex_lock_io_nested+0x1150/0x1150 [ 3356.621319][T27182] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3356.627586][T27182] ? __radix_tree_lookup+0x211/0x2a0 [ 3356.632895][T27182] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3356.639158][T27182] ? genl_get_cmd+0x3cf/0x480 [ 3356.643861][T27182] genl_rcv_msg+0x328/0x580 [ 3356.648388][T27182] ? genl_get_cmd+0x480/0x480 [ 3356.653086][T27182] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3356.659360][T27182] ? lock_release+0x720/0x720 [ 3356.664060][T27182] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3356.669374][T27182] netlink_rcv_skb+0x153/0x420 [ 3356.674164][T27182] ? genl_get_cmd+0x480/0x480 [ 3356.678868][T27182] ? netlink_ack+0xa60/0xa60 [ 3356.683487][T27182] ? netlink_deliver_tap+0x1b1/0xc30 [ 3356.688799][T27182] genl_rcv+0x24/0x40 [ 3356.692798][T27182] netlink_unicast+0x533/0x7d0 [ 3356.697586][T27182] ? netlink_attachskb+0x890/0x890 [ 3356.702714][T27182] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3356.708976][T27182] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 02:40:25 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000188500040001"], 0x24}}, 0x0) [ 3356.715237][T27182] ? __phys_addr_symbol+0x2c/0x70 [ 3356.720279][T27182] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3356.726012][T27182] ? __check_object_size+0x16e/0x3f0 [ 3356.731327][T27182] netlink_sendmsg+0x86d/0xdb0 [ 3356.736114][T27182] ? netlink_unicast+0x7d0/0x7d0 [ 3356.741074][T27182] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3356.747338][T27182] ? netlink_unicast+0x7d0/0x7d0 [ 3356.752305][T27182] sock_sendmsg+0xcf/0x120 [ 3356.757177][T27182] ____sys_sendmsg+0x6e8/0x810 [ 3356.761968][T27182] ? kernel_sendmsg+0x50/0x50 [ 3356.766662][T27182] ? do_recvmmsg+0x6d0/0x6d0 [ 3356.771276][T27182] ? lock_chain_count+0x20/0x20 [ 3356.776143][T27182] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3356.782151][T27182] ___sys_sendmsg+0xf3/0x170 [ 3356.786798][T27182] ? sendmsg_copy_msghdr+0x160/0x160 [ 3356.792112][T27182] ? __fget_files+0x21b/0x3e0 [ 3356.796802][T27182] ? lock_downgrade+0x6e0/0x6e0 [ 3356.801696][T27182] ? __fget_files+0x23d/0x3e0 [ 3356.806400][T27182] ? __fget_light+0xea/0x280 [ 3356.811007][T27182] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3356.817447][T27182] __sys_sendmsg+0xe5/0x1b0 [ 3356.821973][T27182] ? __sys_sendmsg_sock+0x30/0x30 [ 3356.827037][T27182] ? syscall_enter_from_user_mode+0x21/0x70 [ 3356.832962][T27182] do_syscall_64+0x35/0xb0 [ 3356.837397][T27182] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3356.843314][T27182] RIP: 0033:0x7f812fd3ba39 [ 3356.847744][T27182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:40:25 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000198500040001"], 0x24}}, 0x0) 02:40:25 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000fffffff0000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3356.867886][T27182] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3356.876314][T27182] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3356.884299][T27182] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3356.892285][T27182] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3356.900268][T27182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3356.908250][T27182] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 [ 3356.926066][ T1157] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) 02:40:26 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 65) 02:40:26 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8008dffffff00"/36}}]}]}, 0x64}}, 0x0) 02:40:26 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000000010000000000"}}]}]}, 0x64}}, 0x0) 02:40:26 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x60, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:26 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000000080ffff000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:26 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001a8500040001"], 0x24}}, 0x0) [ 3357.197734][T27212] FAULT_INJECTION: forcing a failure. [ 3357.197734][T27212] name failslab, interval 1, probability 0, space 0, times 0 [ 3357.228686][T27212] CPU: 1 PID: 27212 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3357.237485][T27212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3357.247551][T27212] Call Trace: [ 3357.250837][T27212] dump_stack_lvl+0xcd/0x134 [ 3357.255451][T27212] should_fail.cold+0x5/0xa [ 3357.259986][T27212] ? crypto_create_tfm_node+0x7f/0x320 [ 3357.265467][T27212] should_failslab+0x5/0x10 [ 3357.269990][T27212] __kmalloc_node+0x75/0x370 [ 3357.274611][T27212] crypto_create_tfm_node+0x7f/0x320 [ 3357.279929][T27212] crypto_alloc_tfm_node+0x107/0x260 [ 3357.285245][T27212] cryptd_alloc_ahash+0x101/0x200 [ 3357.290303][T27212] ? cryptd_ahash_queued+0x70/0x70 [ 3357.295458][T27212] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3357.301022][T27212] ? trace_kmalloc_node+0x32/0x100 [ 3357.306150][T27212] ? ghash_async_exit_tfm+0x40/0x40 [ 3357.311371][T27212] ghash_async_init_tfm+0x21/0x100 [ 3357.316507][T27212] ? ghash_async_exit_tfm+0x40/0x40 [ 3357.321725][T27212] crypto_create_tfm_node+0x19b/0x320 [ 3357.327121][T27212] crypto_spawn_tfm2+0x60/0xb0 [ 3357.331902][T27212] crypto_gcm_init_tfm+0x3d/0x260 [ 3357.336940][T27212] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3357.342596][T27212] crypto_aead_init_tfm+0x138/0x1a0 [ 3357.347815][T27212] crypto_create_tfm_node+0x10d/0x320 [ 3357.353212][T27212] crypto_alloc_tfm_node+0x107/0x260 [ 3357.358522][T27212] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3357.364272][T27212] tipc_crypto_key_init+0x82/0x110 [ 3357.369409][T27212] ? tipc_ehdr_validate+0x240/0x240 [ 3357.374630][T27212] ? crypto_mod_put+0x8c/0x100 [ 3357.379422][T27212] tipc_nl_node_set_key+0xa5d/0xf70 [ 3357.384648][T27212] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3357.390928][T27212] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 02:40:26 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001b8500040001"], 0x24}}, 0x0) [ 3357.397190][T27212] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3357.404587][T27212] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3357.411925][T27212] genl_family_rcv_msg_doit+0x228/0x320 [ 3357.417502][T27212] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3357.424900][T27212] ? mutex_lock_io_nested+0x1150/0x1150 [ 3357.430480][T27212] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3357.436744][T27212] ? __radix_tree_lookup+0x211/0x2a0 [ 3357.442050][T27212] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 02:40:26 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001c8500040001"], 0x24}}, 0x0) [ 3357.448315][T27212] ? genl_get_cmd+0x3cf/0x480 [ 3357.453016][T27212] genl_rcv_msg+0x328/0x580 [ 3357.457539][T27212] ? genl_get_cmd+0x480/0x480 [ 3357.462240][T27212] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3357.468506][T27212] ? lock_release+0x720/0x720 [ 3357.473182][T27212] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3357.478485][T27212] netlink_rcv_skb+0x153/0x420 [ 3357.483269][T27212] ? genl_get_cmd+0x480/0x480 [ 3357.487973][T27212] ? netlink_ack+0xa60/0xa60 [ 3357.492594][T27212] ? netlink_deliver_tap+0x1b1/0xc30 [ 3357.497880][T27212] genl_rcv+0x24/0x40 [ 3357.501857][T27212] netlink_unicast+0x533/0x7d0 [ 3357.506659][T27212] ? netlink_attachskb+0x890/0x890 [ 3357.511790][T27212] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3357.518028][T27212] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3357.524292][T27212] ? __phys_addr_symbol+0x2c/0x70 [ 3357.529326][T27212] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3357.535040][T27212] ? __check_object_size+0x16e/0x3f0 [ 3357.540326][T27212] netlink_sendmsg+0x86d/0xdb0 [ 3357.545106][T27212] ? netlink_unicast+0x7d0/0x7d0 [ 3357.550034][T27212] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3357.556288][T27212] ? netlink_unicast+0x7d0/0x7d0 [ 3357.561213][T27212] sock_sendmsg+0xcf/0x120 [ 3357.565627][T27212] ____sys_sendmsg+0x6e8/0x810 [ 3357.570392][T27212] ? kernel_sendmsg+0x50/0x50 [ 3357.575081][T27212] ? do_recvmmsg+0x6d0/0x6d0 [ 3357.579666][T27212] ? lock_chain_count+0x20/0x20 [ 3357.584509][T27212] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3357.590514][T27212] ___sys_sendmsg+0xf3/0x170 [ 3357.595122][T27212] ? sendmsg_copy_msghdr+0x160/0x160 [ 3357.600403][T27212] ? __fget_files+0x21b/0x3e0 [ 3357.605074][T27212] ? lock_downgrade+0x6e0/0x6e0 [ 3357.609944][T27212] ? __fget_files+0x23d/0x3e0 [ 3357.614624][T27212] ? __fget_light+0xea/0x280 [ 3357.619222][T27212] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3357.625456][T27212] __sys_sendmsg+0xe5/0x1b0 [ 3357.629953][T27212] ? __sys_sendmsg_sock+0x30/0x30 [ 3357.634973][T27212] ? syscall_enter_from_user_mode+0x21/0x70 [ 3357.640869][T27212] do_syscall_64+0x35/0xb0 [ 3357.645302][T27212] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3357.651208][T27212] RIP: 0033:0x7f812fd3ba39 [ 3357.655608][T27212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3357.675551][T27212] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3357.683982][T27212] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3357.691938][T27212] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3357.699900][T27212] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3357.707858][T27212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3357.715814][T27212] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:26 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001d8500040001"], 0x24}}, 0x0) 02:40:26 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000000020000000000"}}]}]}, 0x64}}, 0x0) 02:40:26 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 66) 02:40:26 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8009effffff00"/36}}]}]}, 0x64}}, 0x0) 02:40:26 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000f0ffff000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:26 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0xf0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:26 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001e8500040001"], 0x24}}, 0x0) 02:40:27 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000000030000000000"}}]}]}, 0x64}}, 0x0) [ 3358.040579][T27244] FAULT_INJECTION: forcing a failure. [ 3358.040579][T27244] name failslab, interval 1, probability 0, space 0, times 0 [ 3358.079445][T27244] CPU: 0 PID: 27244 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3358.088245][T27244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3358.098317][T27244] Call Trace: [ 3358.101624][T27244] dump_stack_lvl+0xcd/0x134 [ 3358.106250][T27244] should_fail.cold+0x5/0xa [ 3358.110784][T27244] ? crypto_create_tfm_node+0x7f/0x320 [ 3358.116258][T27244] should_failslab+0x5/0x10 [ 3358.120776][T27244] __kmalloc_node+0x75/0x370 [ 3358.125398][T27244] crypto_create_tfm_node+0x7f/0x320 [ 3358.130706][T27244] crypto_spawn_tfm2+0x60/0xb0 [ 3358.135494][T27244] ? cryptd_skcipher_init_tfm+0xe0/0xe0 [ 3358.141062][T27244] cryptd_hash_init_tfm+0x3c/0x120 [ 3358.146196][T27244] ? cryptd_skcipher_init_tfm+0xe0/0xe0 [ 3358.151767][T27244] crypto_create_tfm_node+0x19b/0x320 [ 3358.157163][T27244] crypto_alloc_tfm_node+0x107/0x260 [ 3358.162473][T27244] cryptd_alloc_ahash+0x101/0x200 [ 3358.167517][T27244] ? cryptd_ahash_queued+0x70/0x70 [ 3358.172671][T27244] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3358.178235][T27244] ? trace_kmalloc_node+0x32/0x100 [ 3358.183368][T27244] ? ghash_async_exit_tfm+0x40/0x40 [ 3358.188593][T27244] ghash_async_init_tfm+0x21/0x100 [ 3358.193728][T27244] ? ghash_async_exit_tfm+0x40/0x40 [ 3358.198933][T27244] crypto_create_tfm_node+0x19b/0x320 [ 3358.204308][T27244] crypto_spawn_tfm2+0x60/0xb0 [ 3358.209069][T27244] crypto_gcm_init_tfm+0x3d/0x260 [ 3358.214090][T27244] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3358.219721][T27244] crypto_aead_init_tfm+0x138/0x1a0 [ 3358.224921][T27244] crypto_create_tfm_node+0x10d/0x320 [ 3358.230293][T27244] crypto_alloc_tfm_node+0x107/0x260 [ 3358.235581][T27244] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3358.241320][T27244] tipc_crypto_key_init+0x82/0x110 [ 3358.246431][T27244] ? tipc_ehdr_validate+0x240/0x240 [ 3358.251629][T27244] ? crypto_mod_put+0x8c/0x100 [ 3358.256409][T27244] tipc_nl_node_set_key+0xa5d/0xf70 [ 3358.261616][T27244] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3358.267868][T27244] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3358.274107][T27244] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3358.281493][T27244] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3358.288791][T27244] genl_family_rcv_msg_doit+0x228/0x320 [ 3358.294337][T27244] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3358.301707][T27244] ? mutex_lock_io_nested+0x1150/0x1150 [ 3358.307261][T27244] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3358.313500][T27244] ? __radix_tree_lookup+0x211/0x2a0 [ 3358.318796][T27244] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3358.325034][T27244] ? genl_get_cmd+0x3cf/0x480 [ 3358.329714][T27244] genl_rcv_msg+0x328/0x580 [ 3358.334231][T27244] ? genl_get_cmd+0x480/0x480 [ 3358.338904][T27244] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3358.345162][T27244] ? lock_release+0x720/0x720 [ 3358.349833][T27244] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3358.355120][T27244] netlink_rcv_skb+0x153/0x420 [ 3358.359885][T27244] ? genl_get_cmd+0x480/0x480 [ 3358.364564][T27244] ? netlink_ack+0xa60/0xa60 [ 3358.369163][T27244] ? netlink_deliver_tap+0x1b1/0xc30 [ 3358.374451][T27244] genl_rcv+0x24/0x40 [ 3358.378439][T27244] netlink_unicast+0x533/0x7d0 [ 3358.383206][T27244] ? netlink_attachskb+0x890/0x890 [ 3358.388312][T27244] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3358.394552][T27244] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3358.400792][T27244] ? __phys_addr_symbol+0x2c/0x70 [ 3358.405813][T27244] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3358.411529][T27244] ? __check_object_size+0x16e/0x3f0 [ 3358.416819][T27244] netlink_sendmsg+0x86d/0xdb0 [ 3358.421592][T27244] ? netlink_unicast+0x7d0/0x7d0 [ 3358.426534][T27244] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3358.432778][T27244] ? netlink_unicast+0x7d0/0x7d0 [ 3358.437715][T27244] sock_sendmsg+0xcf/0x120 [ 3358.442133][T27244] ____sys_sendmsg+0x6e8/0x810 [ 3358.446901][T27244] ? kernel_sendmsg+0x50/0x50 [ 3358.451575][T27244] ? do_recvmmsg+0x6d0/0x6d0 [ 3358.456172][T27244] ? lock_chain_count+0x20/0x20 [ 3358.461038][T27244] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3358.467029][T27244] ___sys_sendmsg+0xf3/0x170 [ 3358.471621][T27244] ? sendmsg_copy_msghdr+0x160/0x160 [ 3358.476909][T27244] ? __fget_files+0x21b/0x3e0 [ 3358.481587][T27244] ? lock_downgrade+0x6e0/0x6e0 [ 3358.486448][T27244] ? __fget_files+0x23d/0x3e0 [ 3358.491126][T27244] ? __fget_light+0xea/0x280 [ 3358.495714][T27244] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3358.501959][T27244] __sys_sendmsg+0xe5/0x1b0 [ 3358.506466][T27244] ? __sys_sendmsg_sock+0x30/0x30 [ 3358.511506][T27244] ? syscall_enter_from_user_mode+0x21/0x70 [ 3358.517408][T27244] do_syscall_64+0x35/0xb0 [ 3358.521854][T27244] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3358.527748][T27244] RIP: 0033:0x7f812fd3ba39 [ 3358.532160][T27244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3358.551767][T27244] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3358.560611][T27244] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3358.568584][T27244] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3358.576549][T27244] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3358.584616][T27244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 02:40:27 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000007fffffff000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:27 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001f8500040001"], 0x24}}, 0x0) [ 3358.592596][T27244] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:27 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000208500040001"], 0x24}}, 0x0) 02:40:27 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800f0ffffff00"/36}}]}]}, 0x64}}, 0x0) 02:40:27 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000000040000000000"}}]}]}, 0x64}}, 0x0) 02:40:27 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000009effffff000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:27 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 67) 02:40:27 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x300, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:28 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000218500040001"], 0x24}}, 0x0) 02:40:28 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800f5ffffff00"/36}}]}]}, 0x64}}, 0x0) [ 3359.005455][T27272] FAULT_INJECTION: forcing a failure. [ 3359.005455][T27272] name failslab, interval 1, probability 0, space 0, times 0 [ 3359.041311][T27272] CPU: 0 PID: 27272 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3359.050127][T27272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3359.060199][T27272] Call Trace: [ 3359.063486][T27272] dump_stack_lvl+0xcd/0x134 [ 3359.068104][T27272] should_fail.cold+0x5/0xa [ 3359.072637][T27272] ? crypto_create_tfm_node+0x7f/0x320 [ 3359.078113][T27272] should_failslab+0x5/0x10 [ 3359.082634][T27272] __kmalloc_node+0x75/0x370 [ 3359.087255][T27272] crypto_create_tfm_node+0x7f/0x320 [ 3359.092568][T27272] crypto_spawn_tfm2+0x60/0xb0 [ 3359.097351][T27272] crypto_gcm_init_tfm+0x6d/0x260 [ 3359.102391][T27272] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3359.108043][T27272] crypto_aead_init_tfm+0x138/0x1a0 [ 3359.113275][T27272] crypto_create_tfm_node+0x10d/0x320 [ 3359.118674][T27272] crypto_alloc_tfm_node+0x107/0x260 [ 3359.123990][T27272] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3359.129757][T27272] tipc_crypto_key_init+0x82/0x110 [ 3359.134895][T27272] ? tipc_ehdr_validate+0x240/0x240 [ 3359.140118][T27272] ? crypto_mod_put+0x8c/0x100 [ 3359.144910][T27272] tipc_nl_node_set_key+0xa5d/0xf70 [ 3359.150140][T27272] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3359.156421][T27272] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3359.162695][T27272] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3359.170091][T27272] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3359.177401][T27272] genl_family_rcv_msg_doit+0x228/0x320 [ 3359.182971][T27272] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3359.190371][T27272] ? mutex_lock_io_nested+0x1150/0x1150 [ 3359.195952][T27272] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3359.202214][T27272] ? __radix_tree_lookup+0x211/0x2a0 [ 3359.207518][T27272] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3359.213782][T27272] ? genl_get_cmd+0x3cf/0x480 [ 3359.218484][T27272] genl_rcv_msg+0x328/0x580 [ 3359.223012][T27272] ? genl_get_cmd+0x480/0x480 [ 3359.227715][T27272] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3359.233989][T27272] ? lock_release+0x720/0x720 [ 3359.238690][T27272] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3359.244005][T27272] netlink_rcv_skb+0x153/0x420 [ 3359.248800][T27272] ? genl_get_cmd+0x480/0x480 02:40:28 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x700, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3359.253499][T27272] ? netlink_ack+0xa60/0xa60 [ 3359.258121][T27272] ? netlink_deliver_tap+0x1b1/0xc30 [ 3359.263435][T27272] genl_rcv+0x24/0x40 [ 3359.267437][T27272] netlink_unicast+0x533/0x7d0 [ 3359.272231][T27272] ? netlink_attachskb+0x890/0x890 [ 3359.277364][T27272] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3359.283637][T27272] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3359.289904][T27272] ? __phys_addr_symbol+0x2c/0x70 [ 3359.294950][T27272] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3359.300692][T27272] ? __check_object_size+0x16e/0x3f0 [ 3359.306009][T27272] netlink_sendmsg+0x86d/0xdb0 [ 3359.310828][T27272] ? netlink_unicast+0x7d0/0x7d0 [ 3359.315800][T27272] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3359.322067][T27272] ? netlink_unicast+0x7d0/0x7d0 [ 3359.327028][T27272] sock_sendmsg+0xcf/0x120 [ 3359.331475][T27272] ____sys_sendmsg+0x6e8/0x810 [ 3359.336262][T27272] ? kernel_sendmsg+0x50/0x50 [ 3359.340960][T27272] ? do_recvmmsg+0x6d0/0x6d0 [ 3359.345576][T27272] ? lock_chain_count+0x20/0x20 [ 3359.350446][T27272] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3359.356462][T27272] ___sys_sendmsg+0xf3/0x170 [ 3359.361081][T27272] ? sendmsg_copy_msghdr+0x160/0x160 [ 3359.366393][T27272] ? __fget_files+0x21b/0x3e0 [ 3359.371099][T27272] ? lock_downgrade+0x6e0/0x6e0 [ 3359.375990][T27272] ? __fget_files+0x23d/0x3e0 [ 3359.380740][T27272] ? __fget_light+0xea/0x280 [ 3359.385345][T27272] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3359.391613][T27272] __sys_sendmsg+0xe5/0x1b0 [ 3359.396139][T27272] ? __sys_sendmsg_sock+0x30/0x30 [ 3359.401200][T27272] ? syscall_enter_from_user_mode+0x21/0x70 [ 3359.407119][T27272] do_syscall_64+0x35/0xb0 [ 3359.411552][T27272] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3359.417462][T27272] RIP: 0033:0x7f812fd3ba39 [ 3359.421903][T27272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3359.441525][T27272] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e 02:40:28 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000228500040001"], 0x24}}, 0x0) [ 3359.449956][T27272] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3359.457948][T27272] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3359.465929][T27272] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3359.473906][T27272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3359.481886][T27272] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:28 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000238500040001"], 0x24}}, 0x0) 02:40:28 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000000050000000000"}}]}]}, 0x64}}, 0x0) 02:40:28 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0xe00, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:28 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000f0ffffff000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:28 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800fcffffff00"/36}}]}]}, 0x64}}, 0x0) 02:40:28 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 68) 02:40:28 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000248500040001"], 0x24}}, 0x0) [ 3359.789872][T27297] FAULT_INJECTION: forcing a failure. [ 3359.789872][T27297] name failslab, interval 1, probability 0, space 0, times 0 [ 3359.834453][T27297] CPU: 0 PID: 27297 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3359.843268][T27297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3359.853338][T27297] Call Trace: [ 3359.856630][T27297] dump_stack_lvl+0xcd/0x134 [ 3359.861248][T27297] should_fail.cold+0x5/0xa [ 3359.865783][T27297] ? crypto_create_tfm_node+0x7f/0x320 [ 3359.871256][T27297] should_failslab+0x5/0x10 [ 3359.875781][T27297] __kmalloc_node+0x75/0x370 [ 3359.880400][T27297] crypto_create_tfm_node+0x7f/0x320 [ 3359.885713][T27297] crypto_alloc_tfm_node+0x107/0x260 [ 3359.891029][T27297] cryptd_alloc_skcipher+0x101/0x200 [ 3359.896343][T27297] ? cryptd_hash_exit_tfm+0x40/0x40 [ 3359.901573][T27297] ? __kmalloc_node+0x62/0x370 [ 3359.906378][T27297] ? simd_skcipher_exit+0x40/0x40 [ 3359.911426][T27297] simd_skcipher_init+0x67/0x180 [ 3359.916383][T27297] ? simd_skcipher_exit+0x40/0x40 [ 3359.921432][T27297] crypto_skcipher_init_tfm+0x127/0x180 [ 3359.927003][T27297] crypto_create_tfm_node+0x10d/0x320 [ 3359.932399][T27297] crypto_spawn_tfm2+0x60/0xb0 [ 3359.937182][T27297] crypto_gcm_init_tfm+0x6d/0x260 [ 3359.942223][T27297] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3359.947865][T27297] crypto_aead_init_tfm+0x138/0x1a0 [ 3359.953070][T27297] crypto_create_tfm_node+0x10d/0x320 [ 3359.958446][T27297] crypto_alloc_tfm_node+0x107/0x260 [ 3359.963740][T27297] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3359.969481][T27297] tipc_crypto_key_init+0x82/0x110 [ 3359.974603][T27297] ? tipc_ehdr_validate+0x240/0x240 [ 3359.979815][T27297] ? crypto_mod_put+0x8c/0x100 [ 3359.984594][T27297] tipc_nl_node_set_key+0xa5d/0xf70 [ 3359.989801][T27297] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3359.996055][T27297] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3360.002307][T27297] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3360.009688][T27297] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3360.016978][T27297] genl_family_rcv_msg_doit+0x228/0x320 [ 3360.022527][T27297] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3360.029900][T27297] ? mutex_lock_io_nested+0x1150/0x1150 [ 3360.035461][T27297] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3360.041702][T27297] ? __radix_tree_lookup+0x211/0x2a0 [ 3360.046992][T27297] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3360.053229][T27297] ? genl_get_cmd+0x3cf/0x480 [ 3360.057909][T27297] genl_rcv_msg+0x328/0x580 [ 3360.062434][T27297] ? genl_get_cmd+0x480/0x480 [ 3360.067115][T27297] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3360.073363][T27297] ? lock_release+0x720/0x720 [ 3360.078037][T27297] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3360.083324][T27297] netlink_rcv_skb+0x153/0x420 [ 3360.088091][T27297] ? genl_get_cmd+0x480/0x480 [ 3360.092771][T27297] ? netlink_ack+0xa60/0xa60 [ 3360.097364][T27297] ? netlink_deliver_tap+0x1b1/0xc30 [ 3360.102653][T27297] genl_rcv+0x24/0x40 [ 3360.106633][T27297] netlink_unicast+0x533/0x7d0 [ 3360.111404][T27297] ? netlink_attachskb+0x890/0x890 [ 3360.116518][T27297] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3360.122763][T27297] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3360.129001][T27297] ? __phys_addr_symbol+0x2c/0x70 [ 3360.134024][T27297] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3360.139755][T27297] ? __check_object_size+0x16e/0x3f0 [ 3360.145045][T27297] netlink_sendmsg+0x86d/0xdb0 [ 3360.149814][T27297] ? netlink_unicast+0x7d0/0x7d0 [ 3360.154753][T27297] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3360.160992][T27297] ? netlink_unicast+0x7d0/0x7d0 [ 3360.166051][T27297] sock_sendmsg+0xcf/0x120 [ 3360.170488][T27297] ____sys_sendmsg+0x6e8/0x810 [ 3360.175362][T27297] ? kernel_sendmsg+0x50/0x50 [ 3360.180041][T27297] ? do_recvmmsg+0x6d0/0x6d0 [ 3360.184637][T27297] ? lock_chain_count+0x20/0x20 [ 3360.189493][T27297] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3360.195532][T27297] ___sys_sendmsg+0xf3/0x170 [ 3360.200133][T27297] ? sendmsg_copy_msghdr+0x160/0x160 [ 3360.205436][T27297] ? __fget_files+0x21b/0x3e0 [ 3360.210149][T27297] ? lock_downgrade+0x6e0/0x6e0 [ 3360.215022][T27297] ? __fget_files+0x23d/0x3e0 [ 3360.219711][T27297] ? __fget_light+0xea/0x280 [ 3360.224317][T27297] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3360.230567][T27297] __sys_sendmsg+0xe5/0x1b0 [ 3360.235077][T27297] ? __sys_sendmsg_sock+0x30/0x30 [ 3360.240203][T27297] ? syscall_enter_from_user_mode+0x21/0x70 [ 3360.246104][T27297] do_syscall_64+0x35/0xb0 [ 3360.250530][T27297] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3360.256421][T27297] RIP: 0033:0x7f812fd3ba39 [ 3360.260838][T27297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:40:29 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000258500040001"], 0x24}}, 0x0) [ 3360.280460][T27297] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3360.288872][T27297] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3360.296837][T27297] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3360.304799][T27297] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3360.312762][T27297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3360.320724][T27297] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:29 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0xf00, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:29 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000268500040001"], 0x24}}, 0x0) 02:40:29 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000000060000000000"}}]}]}, 0x64}}, 0x0) 02:40:29 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000020000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:29 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000030000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:29 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 69) 02:40:29 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000278500040001"], 0x24}}, 0x0) 02:40:29 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x6000, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3360.679997][T27325] FAULT_INJECTION: forcing a failure. [ 3360.679997][T27325] name failslab, interval 1, probability 0, space 0, times 0 [ 3360.719572][T27325] CPU: 0 PID: 27325 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3360.728376][T27325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3360.738456][T27325] Call Trace: [ 3360.741749][T27325] dump_stack_lvl+0xcd/0x134 [ 3360.746459][T27325] should_fail.cold+0x5/0xa [ 3360.750993][T27325] ? crypto_create_tfm_node+0x7f/0x320 [ 3360.756472][T27325] should_failslab+0x5/0x10 [ 3360.760990][T27325] __kmalloc_node+0x75/0x370 [ 3360.765611][T27325] crypto_create_tfm_node+0x7f/0x320 [ 3360.770919][T27325] crypto_spawn_tfm2+0x60/0xb0 [ 3360.775702][T27325] ? cryptd_skcipher_setkey+0xd0/0xd0 [ 3360.781094][T27325] cryptd_skcipher_init_tfm+0x3a/0xe0 [ 3360.786495][T27325] crypto_skcipher_init_tfm+0x127/0x180 [ 3360.792070][T27325] crypto_create_tfm_node+0x10d/0x320 [ 3360.797469][T27325] crypto_alloc_tfm_node+0x107/0x260 [ 3360.802784][T27325] cryptd_alloc_skcipher+0x101/0x200 [ 3360.808094][T27325] ? cryptd_hash_exit_tfm+0x40/0x40 [ 3360.813435][T27325] ? __kmalloc_node+0x62/0x370 [ 3360.818243][T27325] ? simd_skcipher_exit+0x40/0x40 [ 3360.823289][T27325] simd_skcipher_init+0x67/0x180 [ 3360.828246][T27325] ? simd_skcipher_exit+0x40/0x40 [ 3360.833291][T27325] crypto_skcipher_init_tfm+0x127/0x180 [ 3360.838859][T27325] crypto_create_tfm_node+0x10d/0x320 [ 3360.844256][T27325] crypto_spawn_tfm2+0x60/0xb0 [ 3360.849037][T27325] crypto_gcm_init_tfm+0x6d/0x260 [ 3360.854063][T27325] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3360.859696][T27325] crypto_aead_init_tfm+0x138/0x1a0 [ 3360.864899][T27325] crypto_create_tfm_node+0x10d/0x320 [ 3360.870281][T27325] crypto_alloc_tfm_node+0x107/0x260 [ 3360.875580][T27325] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3360.881320][T27325] tipc_crypto_key_init+0x82/0x110 [ 3360.886957][T27325] ? tipc_ehdr_validate+0x240/0x240 [ 3360.892154][T27325] ? crypto_mod_put+0x8c/0x100 [ 3360.896925][T27325] tipc_nl_node_set_key+0xa5d/0xf70 [ 3360.902132][T27325] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3360.908384][T27325] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3360.914631][T27325] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3360.922001][T27325] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3360.929292][T27325] genl_family_rcv_msg_doit+0x228/0x320 [ 3360.934838][T27325] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3360.942207][T27325] ? mutex_lock_io_nested+0x1150/0x1150 [ 3360.947759][T27325] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3360.953998][T27325] ? __radix_tree_lookup+0x211/0x2a0 [ 3360.959284][T27325] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3360.965522][T27325] ? genl_get_cmd+0x3cf/0x480 [ 3360.970214][T27325] genl_rcv_msg+0x328/0x580 [ 3360.974717][T27325] ? genl_get_cmd+0x480/0x480 [ 3360.979394][T27325] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3360.985645][T27325] ? lock_release+0x720/0x720 [ 3360.990320][T27325] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3360.995613][T27325] netlink_rcv_skb+0x153/0x420 [ 3361.000376][T27325] ? genl_get_cmd+0x480/0x480 [ 3361.005178][T27325] ? netlink_ack+0xa60/0xa60 [ 3361.009781][T27325] ? netlink_deliver_tap+0x1b1/0xc30 [ 3361.015071][T27325] genl_rcv+0x24/0x40 [ 3361.019055][T27325] netlink_unicast+0x533/0x7d0 [ 3361.023833][T27325] ? netlink_attachskb+0x890/0x890 [ 3361.028953][T27325] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3361.035209][T27325] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3361.041446][T27325] ? __phys_addr_symbol+0x2c/0x70 [ 3361.046471][T27325] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3361.052188][T27325] ? __check_object_size+0x16e/0x3f0 [ 3361.057479][T27325] netlink_sendmsg+0x86d/0xdb0 [ 3361.062247][T27325] ? netlink_unicast+0x7d0/0x7d0 [ 3361.067185][T27325] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3361.073426][T27325] ? netlink_unicast+0x7d0/0x7d0 [ 3361.078364][T27325] sock_sendmsg+0xcf/0x120 [ 3361.082797][T27325] ____sys_sendmsg+0x6e8/0x810 [ 3361.087567][T27325] ? kernel_sendmsg+0x50/0x50 [ 3361.092241][T27325] ? do_recvmmsg+0x6d0/0x6d0 [ 3361.096833][T27325] ? lock_chain_count+0x20/0x20 [ 3361.101681][T27325] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3361.107668][T27325] ___sys_sendmsg+0xf3/0x170 [ 3361.112261][T27325] ? sendmsg_copy_msghdr+0x160/0x160 [ 3361.117550][T27325] ? __fget_files+0x21b/0x3e0 [ 3361.122226][T27325] ? lock_downgrade+0x6e0/0x6e0 [ 3361.127087][T27325] ? __fget_files+0x23d/0x3e0 [ 3361.131772][T27325] ? __fget_light+0xea/0x280 [ 3361.136366][T27325] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3361.142609][T27325] __sys_sendmsg+0xe5/0x1b0 [ 3361.147115][T27325] ? __sys_sendmsg_sock+0x30/0x30 [ 3361.152151][T27325] ? syscall_enter_from_user_mode+0x21/0x70 [ 3361.158048][T27325] do_syscall_64+0x35/0xb0 [ 3361.162461][T27325] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3361.168354][T27325] RIP: 0033:0x7f812fd3ba39 [ 3361.172768][T27325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3361.192392][T27325] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3361.200799][T27325] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3361.208763][T27325] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3361.216727][T27325] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 02:40:30 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000000070000000000"}}]}]}, 0x64}}, 0x0) 02:40:30 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000030000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3361.224688][T27325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3361.232649][T27325] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:30 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000288500040001"], 0x24}}, 0x0) 02:40:30 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000298500040001"], 0x24}}, 0x0) 02:40:30 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0xf000, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:30 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000000080000000000"}}]}]}, 0x64}}, 0x0) 02:40:30 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 70) 02:40:30 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800fffffffffffff00000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:30 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000040000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:30 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000008600040001"], 0x24}}, 0x0) 02:40:30 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0xf0ffff, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:30 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000100000000000000"}}]}]}, 0x64}}, 0x0) [ 3361.740692][T27357] FAULT_INJECTION: forcing a failure. [ 3361.740692][T27357] name failslab, interval 1, probability 0, space 0, times 0 02:40:30 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000000090000000000"}}]}]}, 0x64}}, 0x0) [ 3361.825664][T27357] CPU: 0 PID: 27357 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3361.834606][T27357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3361.844678][T27357] Call Trace: [ 3361.847959][T27357] dump_stack_lvl+0xcd/0x134 [ 3361.852556][T27357] should_fail.cold+0x5/0xa [ 3361.857074][T27357] ? crypto_gcm_setkey+0x13e/0x590 [ 3361.862184][T27357] should_failslab+0x5/0x10 [ 3361.866689][T27357] __kmalloc+0x72/0x320 [ 3361.870853][T27357] crypto_gcm_setkey+0x13e/0x590 [ 3361.875795][T27357] crypto_aead_setkey+0xbf/0x290 [ 3361.880737][T27357] tipc_aead_init.constprop.0+0x17b/0x8f0 [ 3361.886473][T27357] tipc_crypto_key_init+0x82/0x110 [ 3361.891588][T27357] ? tipc_ehdr_validate+0x240/0x240 [ 3361.896784][T27357] ? crypto_mod_put+0x8c/0x100 [ 3361.901556][T27357] tipc_nl_node_set_key+0xa5d/0xf70 [ 3361.906761][T27357] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3361.913013][T27357] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3361.919252][T27357] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3361.926621][T27357] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3361.933909][T27357] genl_family_rcv_msg_doit+0x228/0x320 [ 3361.939458][T27357] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3361.946830][T27357] ? mutex_lock_io_nested+0x1150/0x1150 [ 3361.952387][T27357] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3361.958634][T27357] ? __radix_tree_lookup+0x211/0x2a0 [ 3361.963926][T27357] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3361.970267][T27357] ? genl_get_cmd+0x3cf/0x480 [ 3361.975043][T27357] genl_rcv_msg+0x328/0x580 [ 3361.979553][T27357] ? genl_get_cmd+0x480/0x480 [ 3361.984234][T27357] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3361.990496][T27357] ? lock_release+0x720/0x720 [ 3361.995183][T27357] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3362.000500][T27357] netlink_rcv_skb+0x153/0x420 [ 3362.005265][T27357] ? genl_get_cmd+0x480/0x480 [ 3362.009940][T27357] ? netlink_ack+0xa60/0xa60 [ 3362.014536][T27357] ? netlink_deliver_tap+0x1b1/0xc30 [ 3362.019837][T27357] genl_rcv+0x24/0x40 [ 3362.023815][T27357] netlink_unicast+0x533/0x7d0 [ 3362.028592][T27357] ? netlink_attachskb+0x890/0x890 [ 3362.033709][T27357] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3362.039961][T27357] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3362.046211][T27357] ? __phys_addr_symbol+0x2c/0x70 [ 3362.051241][T27357] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3362.056958][T27357] ? __check_object_size+0x16e/0x3f0 [ 3362.062251][T27357] netlink_sendmsg+0x86d/0xdb0 [ 3362.067020][T27357] ? netlink_unicast+0x7d0/0x7d0 [ 3362.071961][T27357] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3362.078203][T27357] ? netlink_unicast+0x7d0/0x7d0 [ 3362.083135][T27357] sock_sendmsg+0xcf/0x120 [ 3362.087551][T27357] ____sys_sendmsg+0x6e8/0x810 [ 3362.092316][T27357] ? kernel_sendmsg+0x50/0x50 [ 3362.096987][T27357] ? do_recvmmsg+0x6d0/0x6d0 [ 3362.101580][T27357] ? lock_chain_count+0x20/0x20 [ 3362.106429][T27357] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3362.112415][T27357] ___sys_sendmsg+0xf3/0x170 [ 3362.117008][T27357] ? sendmsg_copy_msghdr+0x160/0x160 [ 3362.122299][T27357] ? __fget_files+0x21b/0x3e0 [ 3362.126976][T27357] ? lock_downgrade+0x6e0/0x6e0 [ 3362.131839][T27357] ? __fget_files+0x23d/0x3e0 [ 3362.136518][T27357] ? __fget_light+0xea/0x280 [ 3362.141103][T27357] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3362.147346][T27357] __sys_sendmsg+0xe5/0x1b0 [ 3362.151853][T27357] ? __sys_sendmsg_sock+0x30/0x30 [ 3362.156893][T27357] ? syscall_enter_from_user_mode+0x21/0x70 [ 3362.162791][T27357] do_syscall_64+0x35/0xb0 [ 3362.167202][T27357] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3362.173095][T27357] RIP: 0033:0x7f812fd3ba39 [ 3362.177505][T27357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3362.197108][T27357] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3362.205516][T27357] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3362.213481][T27357] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 02:40:31 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000018600040001"], 0x24}}, 0x0) [ 3362.221447][T27357] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3362.229413][T27357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3362.237380][T27357] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:31 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000070000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:31 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000028600040001"], 0x24}}, 0x0) 02:40:31 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000200000000000000"}}]}]}, 0x64}}, 0x0) 02:40:31 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x1000000, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:31 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 71) 02:40:31 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000038600040001"], 0x24}}, 0x0) 02:40:31 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000000000000000e0000000000"}}]}]}, 0x64}}, 0x0) 02:40:31 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000080000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:31 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000300000000000000"}}]}]}, 0x64}}, 0x0) 02:40:31 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000048600040001"], 0x24}}, 0x0) [ 3362.721215][T27391] FAULT_INJECTION: forcing a failure. [ 3362.721215][T27391] name failslab, interval 1, probability 0, space 0, times 0 [ 3362.782730][T27391] CPU: 1 PID: 27391 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3362.791546][T27391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3362.801612][T27391] Call Trace: [ 3362.804893][T27391] dump_stack_lvl+0xcd/0x134 [ 3362.809510][T27391] should_fail.cold+0x5/0xa [ 3362.814047][T27391] ? tipc_aead_init.constprop.0+0x1bb/0x8f0 [ 3362.819965][T27391] should_failslab+0x5/0x10 [ 3362.824484][T27391] kmem_cache_alloc_trace+0x55/0x2b0 02:40:31 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000058600040001"], 0x24}}, 0x0) [ 3362.829795][T27391] ? crypto_aead_setkey+0x10f/0x290 [ 3362.835025][T27391] tipc_aead_init.constprop.0+0x1bb/0x8f0 [ 3362.840783][T27391] tipc_crypto_key_init+0x82/0x110 [ 3362.845930][T27391] ? tipc_ehdr_validate+0x240/0x240 [ 3362.851147][T27391] ? crypto_mod_put+0x8c/0x100 [ 3362.855943][T27391] tipc_nl_node_set_key+0xa5d/0xf70 [ 3362.861170][T27391] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3362.867449][T27391] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3362.873716][T27391] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 02:40:31 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000068600040001"], 0x24}}, 0x0) [ 3362.881109][T27391] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3362.888430][T27391] genl_family_rcv_msg_doit+0x228/0x320 [ 3362.894003][T27391] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3362.901394][T27391] ? mutex_lock_io_nested+0x1150/0x1150 [ 3362.906978][T27391] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3362.913243][T27391] ? __radix_tree_lookup+0x211/0x2a0 [ 3362.918545][T27391] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3362.924805][T27391] ? genl_get_cmd+0x3cf/0x480 [ 3362.929512][T27391] genl_rcv_msg+0x328/0x580 [ 3362.934038][T27391] ? genl_get_cmd+0x480/0x480 [ 3362.938729][T27391] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3362.945001][T27391] ? lock_release+0x720/0x720 [ 3362.949695][T27391] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3362.955012][T27391] netlink_rcv_skb+0x153/0x420 [ 3362.959795][T27391] ? genl_get_cmd+0x480/0x480 [ 3362.964498][T27391] ? netlink_ack+0xa60/0xa60 [ 3362.969117][T27391] ? netlink_deliver_tap+0x1b1/0xc30 [ 3362.974429][T27391] genl_rcv+0x24/0x40 [ 3362.978428][T27391] netlink_unicast+0x533/0x7d0 02:40:32 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000078600040001"], 0x24}}, 0x0) [ 3362.983215][T27391] ? netlink_attachskb+0x890/0x890 [ 3362.988339][T27391] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3362.994602][T27391] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3363.000858][T27391] ? __phys_addr_symbol+0x2c/0x70 [ 3363.005898][T27391] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3363.011820][T27391] ? __check_object_size+0x16e/0x3f0 [ 3363.017126][T27391] netlink_sendmsg+0x86d/0xdb0 [ 3363.021920][T27391] ? netlink_unicast+0x7d0/0x7d0 [ 3363.026879][T27391] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3363.033111][T27391] ? netlink_unicast+0x7d0/0x7d0 [ 3363.038057][T27391] sock_sendmsg+0xcf/0x120 [ 3363.042468][T27391] ____sys_sendmsg+0x6e8/0x810 [ 3363.047233][T27391] ? kernel_sendmsg+0x50/0x50 [ 3363.051915][T27391] ? do_recvmmsg+0x6d0/0x6d0 [ 3363.056496][T27391] ? lock_chain_count+0x20/0x20 [ 3363.061341][T27391] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3363.067349][T27391] ___sys_sendmsg+0xf3/0x170 [ 3363.071931][T27391] ? sendmsg_copy_msghdr+0x160/0x160 [ 3363.077217][T27391] ? __fget_files+0x21b/0x3e0 [ 3363.081918][T27391] ? lock_downgrade+0x6e0/0x6e0 [ 3363.086827][T27391] ? __fget_files+0x23d/0x3e0 [ 3363.091493][T27391] ? __fget_light+0xea/0x280 [ 3363.096071][T27391] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3363.102305][T27391] __sys_sendmsg+0xe5/0x1b0 [ 3363.106807][T27391] ? __sys_sendmsg_sock+0x30/0x30 [ 3363.111847][T27391] ? syscall_enter_from_user_mode+0x21/0x70 [ 3363.117815][T27391] do_syscall_64+0x35/0xb0 [ 3363.122241][T27391] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3363.128133][T27391] RIP: 0033:0x7f812fd3ba39 [ 3363.132537][T27391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3363.152134][T27391] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3363.160550][T27391] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3363.168507][T27391] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3363.176467][T27391] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 02:40:32 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x2000000, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3363.184425][T27391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3363.192392][T27391] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:32 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000088600040001"], 0x24}}, 0x0) 02:40:32 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 72) 02:40:32 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000000000000000f0000000000"}}]}]}, 0x64}}, 0x0) 02:40:32 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000400000000000000"}}]}]}, 0x64}}, 0x0) 02:40:32 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000000e0000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:32 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x3000000, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3363.470728][T27418] FAULT_INJECTION: forcing a failure. [ 3363.470728][T27418] name failslab, interval 1, probability 0, space 0, times 0 02:40:32 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000098600040001"], 0x24}}, 0x0) [ 3363.542503][T27418] CPU: 1 PID: 27418 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3363.551330][T27418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3363.561407][T27418] Call Trace: [ 3363.564694][T27418] dump_stack_lvl+0xcd/0x134 [ 3363.569311][T27418] should_fail.cold+0x5/0xa [ 3363.573844][T27418] ? crypto_create_tfm_node+0x7f/0x320 [ 3363.579328][T27418] should_failslab+0x5/0x10 [ 3363.583851][T27418] __kmalloc_node+0x75/0x370 02:40:32 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000a8600040001"], 0x24}}, 0x0) [ 3363.588475][T27418] crypto_create_tfm_node+0x7f/0x320 [ 3363.593788][T27418] crypto_alloc_tfm_node+0x107/0x260 [ 3363.599102][T27418] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3363.604862][T27418] tipc_crypto_key_init+0x82/0x110 [ 3363.609996][T27418] ? tipc_ehdr_validate+0x240/0x240 [ 3363.615215][T27418] ? crypto_mod_put+0x8c/0x100 [ 3363.620013][T27418] tipc_nl_node_set_key+0xa5d/0xf70 [ 3363.625240][T27418] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3363.631520][T27418] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3363.637782][T27418] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3363.645173][T27418] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3363.652486][T27418] genl_family_rcv_msg_doit+0x228/0x320 [ 3363.658059][T27418] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3363.665795][T27418] ? mutex_lock_io_nested+0x1150/0x1150 [ 3363.671373][T27418] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3363.677631][T27418] ? __radix_tree_lookup+0x211/0x2a0 [ 3363.682942][T27418] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 02:40:32 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000b8600040001"], 0x24}}, 0x0) [ 3363.689208][T27418] ? genl_get_cmd+0x3cf/0x480 [ 3363.693916][T27418] genl_rcv_msg+0x328/0x580 [ 3363.698444][T27418] ? genl_get_cmd+0x480/0x480 [ 3363.703140][T27418] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3363.709415][T27418] ? lock_release+0x720/0x720 [ 3363.714105][T27418] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3363.719405][T27418] netlink_rcv_skb+0x153/0x420 [ 3363.724166][T27418] ? genl_get_cmd+0x480/0x480 [ 3363.728843][T27418] ? netlink_ack+0xa60/0xa60 [ 3363.733456][T27418] ? netlink_deliver_tap+0x1b1/0xc30 [ 3363.738756][T27418] genl_rcv+0x24/0x40 [ 3363.742724][T27418] netlink_unicast+0x533/0x7d0 [ 3363.747483][T27418] ? netlink_attachskb+0x890/0x890 [ 3363.752584][T27418] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3363.758820][T27418] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3363.765051][T27418] ? __phys_addr_symbol+0x2c/0x70 [ 3363.770067][T27418] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3363.775775][T27418] ? __check_object_size+0x16e/0x3f0 [ 3363.781052][T27418] netlink_sendmsg+0x86d/0xdb0 [ 3363.785808][T27418] ? netlink_unicast+0x7d0/0x7d0 [ 3363.790747][T27418] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3363.796976][T27418] ? netlink_unicast+0x7d0/0x7d0 [ 3363.801909][T27418] sock_sendmsg+0xcf/0x120 [ 3363.806347][T27418] ____sys_sendmsg+0x6e8/0x810 [ 3363.811126][T27418] ? kernel_sendmsg+0x50/0x50 [ 3363.815791][T27418] ? do_recvmmsg+0x6d0/0x6d0 [ 3363.820380][T27418] ? lock_chain_count+0x20/0x20 [ 3363.825254][T27418] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3363.831265][T27418] ___sys_sendmsg+0xf3/0x170 [ 3363.835882][T27418] ? sendmsg_copy_msghdr+0x160/0x160 02:40:32 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000c8600040001"], 0x24}}, 0x0) [ 3363.841204][T27418] ? __fget_files+0x21b/0x3e0 [ 3363.845905][T27418] ? lock_downgrade+0x6e0/0x6e0 [ 3363.850793][T27418] ? __fget_files+0x23d/0x3e0 [ 3363.855499][T27418] ? __fget_light+0xea/0x280 [ 3363.860110][T27418] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3363.866381][T27418] __sys_sendmsg+0xe5/0x1b0 [ 3363.870908][T27418] ? __sys_sendmsg_sock+0x30/0x30 [ 3363.875978][T27418] ? syscall_enter_from_user_mode+0x21/0x70 [ 3363.881900][T27418] do_syscall_64+0x35/0xb0 [ 3363.886340][T27418] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3363.892252][T27418] RIP: 0033:0x7f812fd3ba39 [ 3363.896665][T27418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3363.916267][T27418] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3363.924668][T27418] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3363.932631][T27418] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3363.940610][T27418] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3363.948579][T27418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3363.956541][T27418] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:33 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 73) 02:40:33 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000000000000003f0000000000"}}]}]}, 0x64}}, 0x0) 02:40:33 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000500000000000000"}}]}]}, 0x64}}, 0x0) 02:40:33 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000000f0000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:33 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x4000000, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:33 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000d8600040001"], 0x24}}, 0x0) [ 3364.171202][T27441] FAULT_INJECTION: forcing a failure. [ 3364.171202][T27441] name failslab, interval 1, probability 0, space 0, times 0 [ 3364.228464][T27441] CPU: 1 PID: 27441 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3364.237277][T27441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3364.247350][T27441] Call Trace: [ 3364.250648][T27441] dump_stack_lvl+0xcd/0x134 [ 3364.255275][T27441] should_fail.cold+0x5/0xa [ 3364.259813][T27441] ? crypto_create_tfm_node+0x7f/0x320 [ 3364.265298][T27441] should_failslab+0x5/0x10 [ 3364.269825][T27441] __kmalloc_node+0x75/0x370 [ 3364.274449][T27441] crypto_create_tfm_node+0x7f/0x320 [ 3364.279765][T27441] crypto_spawn_tfm2+0x60/0xb0 [ 3364.284557][T27441] crypto_gcm_init_tfm+0x3d/0x260 [ 3364.289603][T27441] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3364.295256][T27441] crypto_aead_init_tfm+0x138/0x1a0 [ 3364.300483][T27441] crypto_create_tfm_node+0x10d/0x320 [ 3364.305883][T27441] crypto_alloc_tfm_node+0x107/0x260 [ 3364.311206][T27441] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3364.316968][T27441] tipc_crypto_key_init+0x82/0x110 [ 3364.322111][T27441] ? tipc_ehdr_validate+0x240/0x240 [ 3364.327333][T27441] ? crypto_mod_put+0x8c/0x100 [ 3364.332128][T27441] tipc_nl_node_set_key+0xa5d/0xf70 [ 3364.337351][T27441] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3364.343594][T27441] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3364.349870][T27441] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3364.357238][T27441] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3364.364552][T27441] genl_family_rcv_msg_doit+0x228/0x320 [ 3364.370127][T27441] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3364.377528][T27441] ? mutex_lock_io_nested+0x1150/0x1150 [ 3364.383105][T27441] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3364.389360][T27441] ? __radix_tree_lookup+0x211/0x2a0 [ 3364.394636][T27441] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3364.400872][T27441] ? genl_get_cmd+0x3cf/0x480 [ 3364.405573][T27441] genl_rcv_msg+0x328/0x580 [ 3364.410071][T27441] ? genl_get_cmd+0x480/0x480 [ 3364.414739][T27441] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3364.420986][T27441] ? lock_release+0x720/0x720 [ 3364.425768][T27441] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3364.431080][T27441] netlink_rcv_skb+0x153/0x420 [ 3364.435865][T27441] ? genl_get_cmd+0x480/0x480 [ 3364.440599][T27441] ? netlink_ack+0xa60/0xa60 [ 3364.445218][T27441] ? netlink_deliver_tap+0x1b1/0xc30 [ 3364.450518][T27441] genl_rcv+0x24/0x40 [ 3364.454492][T27441] netlink_unicast+0x533/0x7d0 [ 3364.459260][T27441] ? netlink_attachskb+0x890/0x890 [ 3364.464379][T27441] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3364.470614][T27441] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3364.476845][T27441] ? __phys_addr_symbol+0x2c/0x70 [ 3364.481859][T27441] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3364.487572][T27441] ? __check_object_size+0x16e/0x3f0 [ 3364.492870][T27441] netlink_sendmsg+0x86d/0xdb0 [ 3364.497643][T27441] ? netlink_unicast+0x7d0/0x7d0 [ 3364.502595][T27441] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3364.508850][T27441] ? netlink_unicast+0x7d0/0x7d0 [ 3364.513786][T27441] sock_sendmsg+0xcf/0x120 [ 3364.518219][T27441] ____sys_sendmsg+0x6e8/0x810 [ 3364.522995][T27441] ? kernel_sendmsg+0x50/0x50 [ 3364.527661][T27441] ? do_recvmmsg+0x6d0/0x6d0 [ 3364.532245][T27441] ? lock_chain_count+0x20/0x20 [ 3364.537091][T27441] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3364.543119][T27441] ___sys_sendmsg+0xf3/0x170 [ 3364.547732][T27441] ? sendmsg_copy_msghdr+0x160/0x160 [ 3364.553012][T27441] ? __fget_files+0x21b/0x3e0 [ 3364.557705][T27441] ? lock_downgrade+0x6e0/0x6e0 [ 3364.562594][T27441] ? __fget_files+0x23d/0x3e0 [ 3364.567276][T27441] ? __fget_light+0xea/0x280 [ 3364.571882][T27441] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3364.578125][T27441] __sys_sendmsg+0xe5/0x1b0 [ 3364.582629][T27441] ? __sys_sendmsg_sock+0x30/0x30 [ 3364.587657][T27441] ? syscall_enter_from_user_mode+0x21/0x70 [ 3364.593553][T27441] do_syscall_64+0x35/0xb0 [ 3364.597960][T27441] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3364.603846][T27441] RIP: 0033:0x7f812fd3ba39 [ 3364.608269][T27441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3364.627891][T27441] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3364.636296][T27441] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3364.644262][T27441] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3364.652243][T27441] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3364.660216][T27441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3364.668175][T27441] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:33 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000e8600040001"], 0x24}}, 0x0) 02:40:33 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000000600000000000"}}]}]}, 0x64}}, 0x0) 02:40:33 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000600000000000000"}}]}]}, 0x64}}, 0x0) 02:40:33 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000600000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:33 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 74) 02:40:33 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x7000000, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:34 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000f8600040001"], 0x24}}, 0x0) 02:40:34 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000ffffff9e0000000000"}}]}]}, 0x64}}, 0x0) [ 3365.032437][T27470] FAULT_INJECTION: forcing a failure. [ 3365.032437][T27470] name failslab, interval 1, probability 0, space 0, times 0 [ 3365.055577][T27470] CPU: 0 PID: 27470 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3365.064389][T27470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3365.074460][T27470] Call Trace: [ 3365.077751][T27470] dump_stack_lvl+0xcd/0x134 [ 3365.082365][T27470] should_fail.cold+0x5/0xa [ 3365.086900][T27470] ? crypto_create_tfm_node+0x7f/0x320 [ 3365.092378][T27470] should_failslab+0x5/0x10 [ 3365.096900][T27470] __kmalloc_node+0x75/0x370 [ 3365.101522][T27470] crypto_create_tfm_node+0x7f/0x320 [ 3365.106833][T27470] crypto_alloc_tfm_node+0x107/0x260 [ 3365.112149][T27470] cryptd_alloc_ahash+0x101/0x200 [ 3365.117199][T27470] ? cryptd_ahash_queued+0x70/0x70 [ 3365.122353][T27470] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3365.127919][T27470] ? trace_kmalloc_node+0x32/0x100 [ 3365.133061][T27470] ? ghash_async_exit_tfm+0x40/0x40 [ 3365.138288][T27470] ghash_async_init_tfm+0x21/0x100 [ 3365.143418][T27470] ? ghash_async_exit_tfm+0x40/0x40 [ 3365.148620][T27470] crypto_create_tfm_node+0x19b/0x320 [ 3365.153996][T27470] crypto_spawn_tfm2+0x60/0xb0 [ 3365.158764][T27470] crypto_gcm_init_tfm+0x3d/0x260 [ 3365.163976][T27470] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3365.169614][T27470] crypto_aead_init_tfm+0x138/0x1a0 [ 3365.174815][T27470] crypto_create_tfm_node+0x10d/0x320 [ 3365.180197][T27470] crypto_alloc_tfm_node+0x107/0x260 [ 3365.185491][T27470] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3365.191227][T27470] tipc_crypto_key_init+0x82/0x110 [ 3365.196340][T27470] ? tipc_ehdr_validate+0x240/0x240 [ 3365.201540][T27470] ? crypto_mod_put+0x8c/0x100 [ 3365.206318][T27470] tipc_nl_node_set_key+0xa5d/0xf70 [ 3365.211525][T27470] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3365.217782][T27470] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3365.224021][T27470] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3365.231389][T27470] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3365.238681][T27470] genl_family_rcv_msg_doit+0x228/0x320 [ 3365.244230][T27470] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3365.251605][T27470] ? mutex_lock_io_nested+0x1150/0x1150 [ 3365.257159][T27470] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3365.263400][T27470] ? __radix_tree_lookup+0x211/0x2a0 [ 3365.268684][T27470] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3365.274925][T27470] ? genl_get_cmd+0x3cf/0x480 [ 3365.279607][T27470] genl_rcv_msg+0x328/0x580 [ 3365.284116][T27470] ? genl_get_cmd+0x480/0x480 [ 3365.288792][T27470] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3365.295039][T27470] ? lock_release+0x720/0x720 [ 3365.299718][T27470] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3365.305007][T27470] netlink_rcv_skb+0x153/0x420 [ 3365.309769][T27470] ? genl_get_cmd+0x480/0x480 [ 3365.314445][T27470] ? netlink_ack+0xa60/0xa60 [ 3365.319038][T27470] ? netlink_deliver_tap+0x1b1/0xc30 [ 3365.324327][T27470] genl_rcv+0x24/0x40 [ 3365.328307][T27470] netlink_unicast+0x533/0x7d0 [ 3365.333075][T27470] ? netlink_attachskb+0x890/0x890 [ 3365.338183][T27470] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3365.344423][T27470] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3365.350665][T27470] ? __phys_addr_symbol+0x2c/0x70 [ 3365.355687][T27470] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3365.361403][T27470] ? __check_object_size+0x16e/0x3f0 [ 3365.366692][T27470] netlink_sendmsg+0x86d/0xdb0 [ 3365.371480][T27470] ? netlink_unicast+0x7d0/0x7d0 [ 3365.376423][T27470] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3365.382665][T27470] ? netlink_unicast+0x7d0/0x7d0 [ 3365.387605][T27470] sock_sendmsg+0xcf/0x120 [ 3365.392036][T27470] ____sys_sendmsg+0x6e8/0x810 [ 3365.396802][T27470] ? kernel_sendmsg+0x50/0x50 [ 3365.401474][T27470] ? do_recvmmsg+0x6d0/0x6d0 [ 3365.406073][T27470] ? lock_chain_count+0x20/0x20 [ 3365.410937][T27470] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3365.416923][T27470] ___sys_sendmsg+0xf3/0x170 [ 3365.421516][T27470] ? sendmsg_copy_msghdr+0x160/0x160 [ 3365.426810][T27470] ? __fget_files+0x21b/0x3e0 [ 3365.431501][T27470] ? lock_downgrade+0x6e0/0x6e0 [ 3365.436368][T27470] ? __fget_files+0x23d/0x3e0 [ 3365.441048][T27470] ? __fget_light+0xea/0x280 [ 3365.445638][T27470] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3365.451882][T27470] __sys_sendmsg+0xe5/0x1b0 [ 3365.456384][T27470] ? __sys_sendmsg_sock+0x30/0x30 [ 3365.461422][T27470] ? syscall_enter_from_user_mode+0x21/0x70 [ 3365.467320][T27470] do_syscall_64+0x35/0xb0 [ 3365.471732][T27470] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3365.477624][T27470] RIP: 0033:0x7f812fd3ba39 [ 3365.482038][T27470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3365.502336][T27470] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3365.510746][T27470] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3365.518711][T27470] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3365.526673][T27470] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 02:40:34 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x8000000, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:34 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000700000000000000"}}]}]}, 0x64}}, 0x0) [ 3365.534634][T27470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3365.542597][T27470] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:34 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000108600040001"], 0x24}}, 0x0) 02:40:34 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000f00000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:34 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 75) 02:40:34 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000041c10000000000"}}]}]}, 0x64}}, 0x0) 02:40:34 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000900000000000000"}}]}]}, 0x64}}, 0x0) 02:40:34 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0xe000000, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:34 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000118600040001"], 0x24}}, 0x0) [ 3365.891100][T27491] FAULT_INJECTION: forcing a failure. [ 3365.891100][T27491] name failslab, interval 1, probability 0, space 0, times 0 [ 3365.925800][T27491] CPU: 0 PID: 27491 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3365.934599][T27491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3365.944667][T27491] Call Trace: [ 3365.947955][T27491] dump_stack_lvl+0xcd/0x134 [ 3365.952568][T27491] should_fail.cold+0x5/0xa [ 3365.957114][T27491] ? crypto_create_tfm_node+0x7f/0x320 [ 3365.962597][T27491] should_failslab+0x5/0x10 [ 3365.967117][T27491] __kmalloc_node+0x75/0x370 [ 3365.971741][T27491] crypto_create_tfm_node+0x7f/0x320 [ 3365.977055][T27491] crypto_spawn_tfm2+0x60/0xb0 [ 3365.981851][T27491] ? cryptd_skcipher_init_tfm+0xe0/0xe0 [ 3365.987424][T27491] cryptd_hash_init_tfm+0x3c/0x120 [ 3365.992559][T27491] ? cryptd_skcipher_init_tfm+0xe0/0xe0 [ 3365.998192][T27491] crypto_create_tfm_node+0x19b/0x320 [ 3366.003592][T27491] crypto_alloc_tfm_node+0x107/0x260 [ 3366.008910][T27491] cryptd_alloc_ahash+0x101/0x200 [ 3366.013958][T27491] ? cryptd_ahash_queued+0x70/0x70 [ 3366.019117][T27491] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3366.024680][T27491] ? trace_kmalloc_node+0x32/0x100 [ 3366.029814][T27491] ? ghash_async_exit_tfm+0x40/0x40 [ 3366.035038][T27491] ghash_async_init_tfm+0x21/0x100 02:40:35 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000300000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3366.040176][T27491] ? ghash_async_exit_tfm+0x40/0x40 [ 3366.045399][T27491] crypto_create_tfm_node+0x19b/0x320 [ 3366.050795][T27491] crypto_spawn_tfm2+0x60/0xb0 [ 3366.055583][T27491] crypto_gcm_init_tfm+0x3d/0x260 [ 3366.060625][T27491] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3366.066279][T27491] crypto_aead_init_tfm+0x138/0x1a0 [ 3366.071499][T27491] crypto_create_tfm_node+0x10d/0x320 [ 3366.076930][T27491] crypto_alloc_tfm_node+0x107/0x260 [ 3366.082229][T27491] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3366.087965][T27491] tipc_crypto_key_init+0x82/0x110 [ 3366.093091][T27491] ? tipc_ehdr_validate+0x240/0x240 [ 3366.098289][T27491] ? crypto_mod_put+0x8c/0x100 [ 3366.103059][T27491] tipc_nl_node_set_key+0xa5d/0xf70 [ 3366.108268][T27491] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3366.114520][T27491] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3366.120769][T27491] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3366.128140][T27491] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3366.135431][T27491] genl_family_rcv_msg_doit+0x228/0x320 [ 3366.140984][T27491] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3366.148361][T27491] ? mutex_lock_io_nested+0x1150/0x1150 [ 3366.153918][T27491] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3366.160158][T27491] ? __radix_tree_lookup+0x211/0x2a0 [ 3366.165443][T27491] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3366.171682][T27491] ? genl_get_cmd+0x3cf/0x480 [ 3366.176386][T27491] genl_rcv_msg+0x328/0x580 [ 3366.180891][T27491] ? genl_get_cmd+0x480/0x480 [ 3366.185684][T27491] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3366.191933][T27491] ? lock_release+0x720/0x720 [ 3366.196609][T27491] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3366.201912][T27491] netlink_rcv_skb+0x153/0x420 [ 3366.206673][T27491] ? genl_get_cmd+0x480/0x480 [ 3366.211349][T27491] ? netlink_ack+0xa60/0xa60 [ 3366.215942][T27491] ? netlink_deliver_tap+0x1b1/0xc30 [ 3366.221233][T27491] genl_rcv+0x24/0x40 [ 3366.225215][T27491] netlink_unicast+0x533/0x7d0 [ 3366.229981][T27491] ? netlink_attachskb+0x890/0x890 [ 3366.235091][T27491] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3366.241330][T27491] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3366.247570][T27491] ? __phys_addr_symbol+0x2c/0x70 [ 3366.252591][T27491] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3366.258309][T27491] ? __check_object_size+0x16e/0x3f0 [ 3366.263599][T27491] netlink_sendmsg+0x86d/0xdb0 [ 3366.268365][T27491] ? netlink_unicast+0x7d0/0x7d0 [ 3366.273308][T27491] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3366.279551][T27491] ? netlink_unicast+0x7d0/0x7d0 [ 3366.284485][T27491] sock_sendmsg+0xcf/0x120 [ 3366.288903][T27491] ____sys_sendmsg+0x6e8/0x810 [ 3366.293671][T27491] ? kernel_sendmsg+0x50/0x50 [ 3366.298359][T27491] ? do_recvmmsg+0x6d0/0x6d0 [ 3366.302954][T27491] ? lock_chain_count+0x20/0x20 [ 3366.307809][T27491] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3366.313793][T27491] ___sys_sendmsg+0xf3/0x170 [ 3366.318385][T27491] ? sendmsg_copy_msghdr+0x160/0x160 [ 3366.323675][T27491] ? __fget_files+0x21b/0x3e0 [ 3366.328350][T27491] ? lock_downgrade+0x6e0/0x6e0 [ 3366.333211][T27491] ? __fget_files+0x23d/0x3e0 [ 3366.337892][T27491] ? __fget_light+0xea/0x280 [ 3366.342477][T27491] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3366.348753][T27491] __sys_sendmsg+0xe5/0x1b0 [ 3366.353257][T27491] ? __sys_sendmsg_sock+0x30/0x30 [ 3366.358293][T27491] ? syscall_enter_from_user_mode+0x21/0x70 [ 3366.364193][T27491] do_syscall_64+0x35/0xb0 [ 3366.368604][T27491] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3366.374495][T27491] RIP: 0033:0x7f812fd3ba39 [ 3366.378911][T27491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3366.398513][T27491] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3366.406928][T27491] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3366.414897][T27491] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3366.422863][T27491] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3366.430826][T27491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 02:40:35 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000128600040001"], 0x24}}, 0x0) [ 3366.438788][T27491] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:35 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000fffffff00000000000"}}]}]}, 0x64}}, 0x0) 02:40:35 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 76) 02:40:35 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000000003d0c00000000000000"}}]}]}, 0x64}}, 0x0) 02:40:35 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0xf000000, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:35 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000700000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:35 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000138600040001"], 0x24}}, 0x0) [ 3366.757227][T27514] FAULT_INJECTION: forcing a failure. [ 3366.757227][T27514] name failslab, interval 1, probability 0, space 0, times 0 [ 3366.805004][T27514] CPU: 1 PID: 27514 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3366.813807][T27514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3366.823870][T27514] Call Trace: [ 3366.827165][T27514] dump_stack_lvl+0xcd/0x134 [ 3366.831784][T27514] should_fail.cold+0x5/0xa [ 3366.836322][T27514] ? crypto_create_tfm_node+0x7f/0x320 [ 3366.841793][T27514] should_failslab+0x5/0x10 [ 3366.846317][T27514] __kmalloc_node+0x75/0x370 [ 3366.850944][T27514] crypto_create_tfm_node+0x7f/0x320 [ 3366.856259][T27514] crypto_spawn_tfm2+0x60/0xb0 [ 3366.861050][T27514] crypto_gcm_init_tfm+0x6d/0x260 [ 3366.866092][T27514] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3366.871745][T27514] crypto_aead_init_tfm+0x138/0x1a0 [ 3366.876978][T27514] crypto_create_tfm_node+0x10d/0x320 [ 3366.882378][T27514] crypto_alloc_tfm_node+0x107/0x260 [ 3366.887688][T27514] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3366.893454][T27514] tipc_crypto_key_init+0x82/0x110 [ 3366.898601][T27514] ? tipc_ehdr_validate+0x240/0x240 02:40:35 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000148600040001"], 0x24}}, 0x0) 02:40:35 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000000007fffffff0000000000"}}]}]}, 0x64}}, 0x0) [ 3366.903826][T27514] ? crypto_mod_put+0x8c/0x100 [ 3366.908620][T27514] tipc_nl_node_set_key+0xa5d/0xf70 [ 3366.913842][T27514] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3366.920114][T27514] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3366.926371][T27514] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3366.933762][T27514] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3366.941069][T27514] genl_family_rcv_msg_doit+0x228/0x320 [ 3366.946637][T27514] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 02:40:36 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000158600040001"], 0x24}}, 0x0) [ 3366.954037][T27514] ? mutex_lock_io_nested+0x1150/0x1150 [ 3366.959616][T27514] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3366.965885][T27514] ? __radix_tree_lookup+0x211/0x2a0 [ 3366.971191][T27514] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3366.977448][T27514] ? genl_get_cmd+0x3cf/0x480 [ 3366.982148][T27514] genl_rcv_msg+0x328/0x580 [ 3366.986678][T27514] ? genl_get_cmd+0x480/0x480 [ 3366.991376][T27514] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3366.997677][T27514] ? lock_release+0x720/0x720 02:40:36 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000168600040001"], 0x24}}, 0x0) [ 3367.002376][T27514] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3367.007694][T27514] netlink_rcv_skb+0x153/0x420 [ 3367.012482][T27514] ? genl_get_cmd+0x480/0x480 [ 3367.017180][T27514] ? netlink_ack+0xa60/0xa60 [ 3367.021798][T27514] ? netlink_deliver_tap+0x1b1/0xc30 [ 3367.027109][T27514] genl_rcv+0x24/0x40 [ 3367.031107][T27514] netlink_unicast+0x533/0x7d0 [ 3367.035893][T27514] ? netlink_attachskb+0x890/0x890 [ 3367.041020][T27514] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3367.047282][T27514] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3367.053548][T27514] ? __phys_addr_symbol+0x2c/0x70 [ 3367.058597][T27514] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3367.064339][T27514] ? __check_object_size+0x16e/0x3f0 [ 3367.069655][T27514] netlink_sendmsg+0x86d/0xdb0 [ 3367.074456][T27514] ? netlink_unicast+0x7d0/0x7d0 [ 3367.079422][T27514] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3367.085687][T27514] ? netlink_unicast+0x7d0/0x7d0 [ 3367.090642][T27514] sock_sendmsg+0xcf/0x120 [ 3367.095085][T27514] ____sys_sendmsg+0x6e8/0x810 [ 3367.099881][T27514] ? kernel_sendmsg+0x50/0x50 02:40:36 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000178600040001"], 0x24}}, 0x0) [ 3367.104576][T27514] ? do_recvmmsg+0x6d0/0x6d0 [ 3367.109190][T27514] ? lock_chain_count+0x20/0x20 [ 3367.114076][T27514] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3367.120087][T27514] ___sys_sendmsg+0xf3/0x170 [ 3367.124705][T27514] ? sendmsg_copy_msghdr+0x160/0x160 [ 3367.130023][T27514] ? __fget_files+0x21b/0x3e0 [ 3367.134717][T27514] ? lock_downgrade+0x6e0/0x6e0 [ 3367.139614][T27514] ? __fget_files+0x23d/0x3e0 [ 3367.144321][T27514] ? __fget_light+0xea/0x280 [ 3367.148929][T27514] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 02:40:36 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000188600040001"], 0x24}}, 0x0) [ 3367.155203][T27514] __sys_sendmsg+0xe5/0x1b0 [ 3367.159732][T27514] ? __sys_sendmsg_sock+0x30/0x30 [ 3367.164794][T27514] ? syscall_enter_from_user_mode+0x21/0x70 [ 3367.170717][T27514] do_syscall_64+0x35/0xb0 [ 3367.175151][T27514] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3367.181065][T27514] RIP: 0033:0x7f812fd3ba39 [ 3367.185493][T27514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:40:36 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000198600040001"], 0x24}}, 0x0) [ 3367.205120][T27514] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3367.213556][T27514] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3367.221540][T27514] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3367.229521][T27514] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3367.237503][T27514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3367.245484][T27514] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:36 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 77) 02:40:36 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001a8600040001"], 0x24}}, 0x0) 02:40:36 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000e00000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:36 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000000f00000000000000"}}]}]}, 0x64}}, 0x0) 02:40:36 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x4cf13793, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:36 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000ffffffff0000000000"}}]}]}, 0x64}}, 0x0) 02:40:36 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001b8600040001"], 0x24}}, 0x0) 02:40:36 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000021500000000000000"}}]}]}, 0x64}}, 0x0) 02:40:36 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000c00e00000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3367.640844][T27556] FAULT_INJECTION: forcing a failure. [ 3367.640844][T27556] name failslab, interval 1, probability 0, space 0, times 0 02:40:36 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000f0ffffffffffff0000000000"}}]}]}, 0x64}}, 0x0) [ 3367.684975][T27556] CPU: 1 PID: 27556 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3367.693785][T27556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3367.703854][T27556] Call Trace: [ 3367.707142][T27556] dump_stack_lvl+0xcd/0x134 [ 3367.711757][T27556] should_fail.cold+0x5/0xa [ 3367.716290][T27556] ? crypto_create_tfm_node+0x7f/0x320 [ 3367.721764][T27556] should_failslab+0x5/0x10 [ 3367.726287][T27556] __kmalloc_node+0x75/0x370 [ 3367.730914][T27556] crypto_create_tfm_node+0x7f/0x320 [ 3367.736237][T27556] crypto_alloc_tfm_node+0x107/0x260 [ 3367.741553][T27556] cryptd_alloc_skcipher+0x101/0x200 [ 3367.746868][T27556] ? cryptd_hash_exit_tfm+0x40/0x40 [ 3367.752094][T27556] ? __kmalloc_node+0x62/0x370 [ 3367.756916][T27556] ? simd_skcipher_exit+0x40/0x40 [ 3367.761970][T27556] simd_skcipher_init+0x67/0x180 [ 3367.766927][T27556] ? simd_skcipher_exit+0x40/0x40 [ 3367.771977][T27556] crypto_skcipher_init_tfm+0x127/0x180 [ 3367.777550][T27556] crypto_create_tfm_node+0x10d/0x320 [ 3367.782955][T27556] crypto_spawn_tfm2+0x60/0xb0 [ 3367.787739][T27556] crypto_gcm_init_tfm+0x6d/0x260 [ 3367.792780][T27556] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3367.798433][T27556] crypto_aead_init_tfm+0x138/0x1a0 [ 3367.803655][T27556] crypto_create_tfm_node+0x10d/0x320 [ 3367.809050][T27556] crypto_alloc_tfm_node+0x107/0x260 [ 3367.814362][T27556] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3367.820123][T27556] tipc_crypto_key_init+0x82/0x110 [ 3367.825255][T27556] ? tipc_ehdr_validate+0x240/0x240 [ 3367.830474][T27556] ? crypto_mod_put+0x8c/0x100 [ 3367.835264][T27556] tipc_nl_node_set_key+0xa5d/0xf70 [ 3367.840484][T27556] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3367.846764][T27556] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3367.853010][T27556] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3367.860375][T27556] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3367.867675][T27556] genl_family_rcv_msg_doit+0x228/0x320 [ 3367.873215][T27556] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3367.880590][T27556] ? mutex_lock_io_nested+0x1150/0x1150 [ 3367.886133][T27556] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3367.892364][T27556] ? __radix_tree_lookup+0x211/0x2a0 [ 3367.897638][T27556] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3367.903873][T27556] ? genl_get_cmd+0x3cf/0x480 [ 3367.908567][T27556] genl_rcv_msg+0x328/0x580 [ 3367.913060][T27556] ? genl_get_cmd+0x480/0x480 [ 3367.917727][T27556] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3367.923977][T27556] ? lock_release+0x720/0x720 [ 3367.928666][T27556] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 3367.934468][T27556] netlink_rcv_skb+0x153/0x420 [ 3367.939221][T27556] ? genl_get_cmd+0x480/0x480 [ 3367.943902][T27556] ? netlink_ack+0xa60/0xa60 [ 3367.948594][T27556] ? netlink_deliver_tap+0x1b1/0xc30 [ 3367.953894][T27556] genl_rcv+0x24/0x40 [ 3367.957868][T27556] netlink_unicast+0x533/0x7d0 [ 3367.962627][T27556] ? netlink_attachskb+0x890/0x890 [ 3367.967739][T27556] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3367.973972][T27556] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3367.980209][T27556] ? __phys_addr_symbol+0x2c/0x70 [ 3367.985337][T27556] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3367.991047][T27556] ? __check_object_size+0x16e/0x3f0 [ 3367.996328][T27556] netlink_sendmsg+0x86d/0xdb0 [ 3368.001088][T27556] ? netlink_unicast+0x7d0/0x7d0 [ 3368.006037][T27556] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3368.012298][T27556] ? netlink_unicast+0x7d0/0x7d0 [ 3368.017232][T27556] sock_sendmsg+0xcf/0x120 [ 3368.021662][T27556] ____sys_sendmsg+0x6e8/0x810 [ 3368.026441][T27556] ? kernel_sendmsg+0x50/0x50 [ 3368.031106][T27556] ? do_recvmmsg+0x6d0/0x6d0 [ 3368.035691][T27556] ? lock_chain_count+0x20/0x20 [ 3368.040532][T27556] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3368.046521][T27556] ___sys_sendmsg+0xf3/0x170 [ 3368.051101][T27556] ? sendmsg_copy_msghdr+0x160/0x160 [ 3368.056389][T27556] ? __fget_files+0x21b/0x3e0 [ 3368.061081][T27556] ? lock_downgrade+0x6e0/0x6e0 [ 3368.065938][T27556] ? __fget_files+0x23d/0x3e0 [ 3368.070611][T27556] ? __fget_light+0xea/0x280 [ 3368.075203][T27556] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3368.081440][T27556] __sys_sendmsg+0xe5/0x1b0 [ 3368.085935][T27556] ? __sys_sendmsg_sock+0x30/0x30 [ 3368.090959][T27556] ? syscall_enter_from_user_mode+0x21/0x70 [ 3368.096850][T27556] do_syscall_64+0x35/0xb0 [ 3368.101290][T27556] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3368.107177][T27556] RIP: 0033:0x7f812fd3ba39 [ 3368.111579][T27556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:40:37 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001c8600040001"], 0x24}}, 0x0) [ 3368.131236][T27556] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3368.139664][T27556] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3368.147625][T27556] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3368.155583][T27556] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3368.163541][T27556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3368.171502][T27556] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:37 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000f00000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:37 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 78) 02:40:37 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000200"/36}}]}]}, 0x64}}, 0x0) 02:40:37 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x60000000, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:37 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000012000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:37 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001d8600040001"], 0x24}}, 0x0) 02:40:37 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000003f00000000000000"}}]}]}, 0x64}}, 0x0) 02:40:37 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000003f00000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3368.522573][T27583] FAULT_INJECTION: forcing a failure. [ 3368.522573][T27583] name failslab, interval 1, probability 0, space 0, times 0 [ 3368.583735][T27583] CPU: 1 PID: 27583 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3368.592543][T27583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3368.602607][T27583] Call Trace: [ 3368.605899][T27583] dump_stack_lvl+0xcd/0x134 [ 3368.610519][T27583] should_fail.cold+0x5/0xa [ 3368.615054][T27583] ? crypto_create_tfm_node+0x7f/0x320 [ 3368.620535][T27583] should_failslab+0x5/0x10 [ 3368.625057][T27583] __kmalloc_node+0x75/0x370 [ 3368.629694][T27583] crypto_create_tfm_node+0x7f/0x320 [ 3368.634983][T27583] crypto_spawn_tfm2+0x60/0xb0 [ 3368.639769][T27583] ? cryptd_skcipher_setkey+0xd0/0xd0 [ 3368.645164][T27583] cryptd_skcipher_init_tfm+0x3a/0xe0 [ 3368.650562][T27583] crypto_skcipher_init_tfm+0x127/0x180 [ 3368.656130][T27583] crypto_create_tfm_node+0x10d/0x320 [ 3368.661531][T27583] crypto_alloc_tfm_node+0x107/0x260 [ 3368.666849][T27583] cryptd_alloc_skcipher+0x101/0x200 [ 3368.672163][T27583] ? cryptd_hash_exit_tfm+0x40/0x40 [ 3368.677387][T27583] ? __kmalloc_node+0x62/0x370 [ 3368.682193][T27583] ? simd_skcipher_exit+0x40/0x40 [ 3368.687244][T27583] simd_skcipher_init+0x67/0x180 [ 3368.692200][T27583] ? simd_skcipher_exit+0x40/0x40 [ 3368.697240][T27583] crypto_skcipher_init_tfm+0x127/0x180 [ 3368.702811][T27583] crypto_create_tfm_node+0x10d/0x320 [ 3368.708210][T27583] crypto_spawn_tfm2+0x60/0xb0 [ 3368.712995][T27583] crypto_gcm_init_tfm+0x6d/0x260 [ 3368.718035][T27583] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3368.723657][T27583] crypto_aead_init_tfm+0x138/0x1a0 [ 3368.728858][T27583] crypto_create_tfm_node+0x10d/0x320 [ 3368.734241][T27583] crypto_alloc_tfm_node+0x107/0x260 [ 3368.739519][T27583] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3368.745256][T27583] tipc_crypto_key_init+0x82/0x110 [ 3368.750401][T27583] ? tipc_ehdr_validate+0x240/0x240 [ 3368.755614][T27583] ? crypto_mod_put+0x8c/0x100 [ 3368.760373][T27583] tipc_nl_node_set_key+0xa5d/0xf70 [ 3368.765577][T27583] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3368.771847][T27583] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3368.778112][T27583] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3368.785482][T27583] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3368.792785][T27583] genl_family_rcv_msg_doit+0x228/0x320 [ 3368.798321][T27583] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3368.805680][T27583] ? mutex_lock_io_nested+0x1150/0x1150 [ 3368.811224][T27583] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3368.817456][T27583] ? __radix_tree_lookup+0x211/0x2a0 [ 3368.822736][T27583] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3368.830162][T27583] ? genl_get_cmd+0x3cf/0x480 [ 3368.834853][T27583] genl_rcv_msg+0x328/0x580 [ 3368.839345][T27583] ? genl_get_cmd+0x480/0x480 [ 3368.844017][T27583] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3368.850321][T27583] ? lock_release+0x720/0x720 [ 3368.854988][T27583] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3368.860282][T27583] netlink_rcv_skb+0x153/0x420 [ 3368.865038][T27583] ? genl_get_cmd+0x480/0x480 [ 3368.869707][T27583] ? netlink_ack+0xa60/0xa60 [ 3368.874321][T27583] ? netlink_deliver_tap+0x1b1/0xc30 [ 3368.879620][T27583] genl_rcv+0x24/0x40 [ 3368.883590][T27583] netlink_unicast+0x533/0x7d0 [ 3368.888391][T27583] ? netlink_attachskb+0x890/0x890 [ 3368.893492][T27583] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3368.899745][T27583] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3368.905980][T27583] ? __phys_addr_symbol+0x2c/0x70 [ 3368.911018][T27583] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3368.916728][T27583] ? __check_object_size+0x16e/0x3f0 [ 3368.922016][T27583] netlink_sendmsg+0x86d/0xdb0 [ 3368.926774][T27583] ? netlink_unicast+0x7d0/0x7d0 [ 3368.931709][T27583] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3368.937983][T27583] ? netlink_unicast+0x7d0/0x7d0 [ 3368.942934][T27583] sock_sendmsg+0xcf/0x120 [ 3368.947357][T27583] ____sys_sendmsg+0x6e8/0x810 [ 3368.952116][T27583] ? kernel_sendmsg+0x50/0x50 [ 3368.956784][T27583] ? do_recvmmsg+0x6d0/0x6d0 [ 3368.961386][T27583] ? lock_chain_count+0x20/0x20 [ 3368.966235][T27583] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3368.972209][T27583] ___sys_sendmsg+0xf3/0x170 [ 3368.976788][T27583] ? sendmsg_copy_msghdr+0x160/0x160 [ 3368.982080][T27583] ? __fget_files+0x21b/0x3e0 [ 3368.986745][T27583] ? lock_downgrade+0x6e0/0x6e0 [ 3368.991610][T27583] ? __fget_files+0x23d/0x3e0 [ 3368.996300][T27583] ? __fget_light+0xea/0x280 [ 3369.000897][T27583] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3369.007147][T27583] __sys_sendmsg+0xe5/0x1b0 [ 3369.011677][T27583] ? __sys_sendmsg_sock+0x30/0x30 [ 3369.016725][T27583] ? syscall_enter_from_user_mode+0x21/0x70 [ 3369.022613][T27583] do_syscall_64+0x35/0xb0 [ 3369.027023][T27583] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3369.032907][T27583] RIP: 0033:0x7f812fd3ba39 [ 3369.037314][T27583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3369.056911][T27583] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3369.065316][T27583] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3369.073367][T27583] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 02:40:38 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001e8600040001"], 0x24}}, 0x0) [ 3369.081349][T27583] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3369.089315][T27583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3369.097272][T27583] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:38 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001f8600040001"], 0x24}}, 0x0) 02:40:38 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000300"/36}}]}]}, 0x64}}, 0x0) 02:40:38 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000208600040001"], 0x24}}, 0x0) 02:40:38 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000474500000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:38 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 79) 02:40:38 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x9337f14c, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:38 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000004400000000000000"}}]}]}, 0x64}}, 0x0) 02:40:38 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000400"/36}}]}]}, 0x64}}, 0x0) 02:40:38 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000218600040001"], 0x24}}, 0x0) 02:40:38 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x9effffff, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3369.619472][T27615] FAULT_INJECTION: forcing a failure. [ 3369.619472][T27615] name failslab, interval 1, probability 0, space 0, times 0 02:40:38 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000454700000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3369.678661][T27615] CPU: 1 PID: 27615 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3369.687469][T27615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3369.697535][T27615] Call Trace: [ 3369.700830][T27615] dump_stack_lvl+0xcd/0x134 [ 3369.705451][T27615] should_fail.cold+0x5/0xa [ 3369.709990][T27615] ? crypto_gcm_setkey+0x13e/0x590 [ 3369.715125][T27615] should_failslab+0x5/0x10 [ 3369.719647][T27615] __kmalloc+0x72/0x320 [ 3369.723836][T27615] crypto_gcm_setkey+0x13e/0x590 [ 3369.728808][T27615] crypto_aead_setkey+0xbf/0x290 [ 3369.733774][T27615] tipc_aead_init.constprop.0+0x17b/0x8f0 [ 3369.739540][T27615] tipc_crypto_key_init+0x82/0x110 [ 3369.744674][T27615] ? tipc_ehdr_validate+0x240/0x240 [ 3369.749887][T27615] ? crypto_mod_put+0x8c/0x100 [ 3369.754680][T27615] tipc_nl_node_set_key+0xa5d/0xf70 [ 3369.759907][T27615] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3369.766184][T27615] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3369.772449][T27615] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3369.779848][T27615] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3369.787161][T27615] genl_family_rcv_msg_doit+0x228/0x320 [ 3369.792732][T27615] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3369.800127][T27615] ? mutex_lock_io_nested+0x1150/0x1150 [ 3369.805707][T27615] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3369.811971][T27615] ? __radix_tree_lookup+0x211/0x2a0 [ 3369.817276][T27615] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3369.823543][T27615] ? genl_get_cmd+0x3cf/0x480 [ 3369.828243][T27615] genl_rcv_msg+0x328/0x580 [ 3369.832767][T27615] ? genl_get_cmd+0x480/0x480 [ 3369.837474][T27615] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3369.843751][T27615] ? lock_release+0x720/0x720 [ 3369.848454][T27615] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3369.853769][T27615] netlink_rcv_skb+0x153/0x420 [ 3369.858558][T27615] ? genl_get_cmd+0x480/0x480 [ 3369.863255][T27615] ? netlink_ack+0xa60/0xa60 [ 3369.867872][T27615] ? netlink_deliver_tap+0x1b1/0xc30 [ 3369.873164][T27615] genl_rcv+0x24/0x40 [ 3369.877142][T27615] netlink_unicast+0x533/0x7d0 [ 3369.881932][T27615] ? netlink_attachskb+0x890/0x890 [ 3369.887056][T27615] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3369.893317][T27615] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3369.899575][T27615] ? __phys_addr_symbol+0x2c/0x70 [ 3369.904617][T27615] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3369.910352][T27615] ? __check_object_size+0x16e/0x3f0 [ 3369.915645][T27615] netlink_sendmsg+0x86d/0xdb0 [ 3369.920420][T27615] ? netlink_unicast+0x7d0/0x7d0 [ 3369.925357][T27615] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3369.931590][T27615] ? netlink_unicast+0x7d0/0x7d0 [ 3369.936514][T27615] sock_sendmsg+0xcf/0x120 [ 3369.940924][T27615] ____sys_sendmsg+0x6e8/0x810 [ 3369.945681][T27615] ? kernel_sendmsg+0x50/0x50 [ 3369.950367][T27615] ? do_recvmmsg+0x6d0/0x6d0 [ 3369.954979][T27615] ? lock_chain_count+0x20/0x20 [ 3369.959842][T27615] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3369.965821][T27615] ___sys_sendmsg+0xf3/0x170 [ 3369.970418][T27615] ? sendmsg_copy_msghdr+0x160/0x160 [ 3369.975725][T27615] ? __fget_files+0x21b/0x3e0 [ 3369.980397][T27615] ? lock_downgrade+0x6e0/0x6e0 [ 3369.985287][T27615] ? __fget_files+0x23d/0x3e0 [ 3369.989964][T27615] ? __fget_light+0xea/0x280 [ 3369.994543][T27615] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3370.000814][T27615] __sys_sendmsg+0xe5/0x1b0 [ 3370.005317][T27615] ? __sys_sendmsg_sock+0x30/0x30 [ 3370.010344][T27615] ? syscall_enter_from_user_mode+0x21/0x70 [ 3370.016236][T27615] do_syscall_64+0x35/0xb0 [ 3370.020650][T27615] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3370.026544][T27615] RIP: 0033:0x7f812fd3ba39 [ 3370.030950][T27615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3370.050548][T27615] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3370.058950][T27615] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3370.066922][T27615] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 02:40:39 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000228600040001"], 0x24}}, 0x0) [ 3370.074898][T27615] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3370.082856][T27615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3370.090818][T27615] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:39 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000238600040001"], 0x24}}, 0x0) 02:40:39 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 80) 02:40:39 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000500"/36}}]}]}, 0x64}}, 0x0) 02:40:39 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0xf0ffffff, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:39 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000035600000000000000"}}]}]}, 0x64}}, 0x0) 02:40:39 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000006000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:39 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000248600040001"], 0x24}}, 0x0) [ 3370.474267][T27642] FAULT_INJECTION: forcing a failure. [ 3370.474267][T27642] name failslab, interval 1, probability 0, space 0, times 0 [ 3370.551054][T27642] CPU: 1 PID: 27642 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3370.559869][T27642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3370.569942][T27642] Call Trace: [ 3370.573237][T27642] dump_stack_lvl+0xcd/0x134 [ 3370.577866][T27642] should_fail.cold+0x5/0xa [ 3370.582410][T27642] ? tipc_aead_init.constprop.0+0x1bb/0x8f0 [ 3370.588324][T27642] should_failslab+0x5/0x10 [ 3370.592840][T27642] kmem_cache_alloc_trace+0x55/0x2b0 [ 3370.598147][T27642] ? crypto_aead_setkey+0x10f/0x290 [ 3370.603372][T27642] tipc_aead_init.constprop.0+0x1bb/0x8f0 [ 3370.609134][T27642] tipc_crypto_key_init+0x82/0x110 [ 3370.614271][T27642] ? tipc_ehdr_validate+0x240/0x240 [ 3370.619486][T27642] ? crypto_mod_put+0x8c/0x100 [ 3370.624257][T27642] tipc_nl_node_set_key+0xa5d/0xf70 [ 3370.629563][T27642] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3370.635808][T27642] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3370.642049][T27642] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3370.649435][T27642] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3370.656720][T27642] genl_family_rcv_msg_doit+0x228/0x320 [ 3370.662268][T27642] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3370.669628][T27642] ? mutex_lock_io_nested+0x1150/0x1150 [ 3370.675172][T27642] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3370.681404][T27642] ? __radix_tree_lookup+0x211/0x2a0 [ 3370.686695][T27642] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3370.692953][T27642] ? genl_get_cmd+0x3cf/0x480 [ 3370.697625][T27642] genl_rcv_msg+0x328/0x580 [ 3370.702118][T27642] ? genl_get_cmd+0x480/0x480 [ 3370.706790][T27642] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3370.713052][T27642] ? lock_release+0x720/0x720 [ 3370.717720][T27642] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3370.723015][T27642] netlink_rcv_skb+0x153/0x420 [ 3370.727775][T27642] ? genl_get_cmd+0x480/0x480 [ 3370.732447][T27642] ? netlink_ack+0xa60/0xa60 [ 3370.737042][T27642] ? netlink_deliver_tap+0x1b1/0xc30 [ 3370.742317][T27642] genl_rcv+0x24/0x40 [ 3370.746295][T27642] netlink_unicast+0x533/0x7d0 [ 3370.751061][T27642] ? netlink_attachskb+0x890/0x890 [ 3370.756170][T27642] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3370.762407][T27642] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3370.768664][T27642] ? __phys_addr_symbol+0x2c/0x70 [ 3370.773696][T27642] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3370.779431][T27642] ? __check_object_size+0x16e/0x3f0 [ 3370.784711][T27642] netlink_sendmsg+0x86d/0xdb0 [ 3370.789485][T27642] ? netlink_unicast+0x7d0/0x7d0 [ 3370.794436][T27642] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3370.800678][T27642] ? netlink_unicast+0x7d0/0x7d0 [ 3370.805630][T27642] sock_sendmsg+0xcf/0x120 [ 3370.810058][T27642] ____sys_sendmsg+0x6e8/0x810 [ 3370.814835][T27642] ? kernel_sendmsg+0x50/0x50 [ 3370.819504][T27642] ? do_recvmmsg+0x6d0/0x6d0 [ 3370.824099][T27642] ? lock_chain_count+0x20/0x20 [ 3370.828944][T27642] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3370.834929][T27642] ___sys_sendmsg+0xf3/0x170 [ 3370.839535][T27642] ? sendmsg_copy_msghdr+0x160/0x160 [ 3370.844816][T27642] ? __fget_files+0x21b/0x3e0 [ 3370.849503][T27642] ? lock_downgrade+0x6e0/0x6e0 [ 3370.854351][T27642] ? __fget_files+0x23d/0x3e0 [ 3370.859023][T27642] ? __fget_light+0xea/0x280 [ 3370.863602][T27642] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3370.869862][T27642] __sys_sendmsg+0xe5/0x1b0 [ 3370.874445][T27642] ? __sys_sendmsg_sock+0x30/0x30 [ 3370.879470][T27642] ? syscall_enter_from_user_mode+0x21/0x70 [ 3370.885362][T27642] do_syscall_64+0x35/0xb0 [ 3370.889785][T27642] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3370.895672][T27642] RIP: 0033:0x7f812fd3ba39 [ 3370.900077][T27642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3370.919711][T27642] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3370.928119][T27642] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3370.936100][T27642] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3370.944065][T27642] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 02:40:40 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000258600040001"], 0x24}}, 0x0) [ 3370.952038][T27642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3370.960000][T27642] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:40 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000268600040001"], 0x24}}, 0x0) 02:40:40 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000278600040001"], 0x24}}, 0x0) 02:40:40 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000000ec000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:40 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0xfffff000, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:40 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000006b00000000000000"}}]}]}, 0x64}}, 0x0) 02:40:40 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 81) 02:40:40 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000600"/36}}]}]}, 0x64}}, 0x0) 02:40:40 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000288600040001"], 0x24}}, 0x0) 02:40:40 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0xffffff7f, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3371.535805][T27670] FAULT_INJECTION: forcing a failure. [ 3371.535805][T27670] name failslab, interval 1, probability 0, space 0, times 0 [ 3371.567615][T27670] CPU: 0 PID: 27670 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3371.576419][T27670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3371.586493][T27670] Call Trace: [ 3371.589780][T27670] dump_stack_lvl+0xcd/0x134 [ 3371.594400][T27670] should_fail.cold+0x5/0xa [ 3371.598936][T27670] ? crypto_create_tfm_node+0x7f/0x320 [ 3371.604423][T27670] should_failslab+0x5/0x10 [ 3371.608944][T27670] __kmalloc_node+0x75/0x370 [ 3371.613568][T27670] crypto_create_tfm_node+0x7f/0x320 [ 3371.618882][T27670] crypto_alloc_tfm_node+0x107/0x260 [ 3371.624195][T27670] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3371.629956][T27670] tipc_crypto_key_init+0x82/0x110 [ 3371.635095][T27670] ? tipc_ehdr_validate+0x240/0x240 [ 3371.640315][T27670] ? crypto_mod_put+0x8c/0x100 [ 3371.645106][T27670] tipc_nl_node_set_key+0xa5d/0xf70 [ 3371.650332][T27670] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3371.656624][T27670] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3371.662894][T27670] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3371.670287][T27670] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3371.677601][T27670] genl_family_rcv_msg_doit+0x228/0x320 [ 3371.683178][T27670] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3371.690567][T27670] ? mutex_lock_io_nested+0x1150/0x1150 [ 3371.696144][T27670] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3371.702402][T27670] ? __radix_tree_lookup+0x211/0x2a0 [ 3371.707705][T27670] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3371.713963][T27670] ? genl_get_cmd+0x3cf/0x480 [ 3371.718668][T27670] genl_rcv_msg+0x328/0x580 [ 3371.723196][T27670] ? genl_get_cmd+0x480/0x480 [ 3371.727894][T27670] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3371.734161][T27670] ? lock_release+0x720/0x720 [ 3371.738854][T27670] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3371.744165][T27670] netlink_rcv_skb+0x153/0x420 [ 3371.748949][T27670] ? genl_get_cmd+0x480/0x480 [ 3371.753655][T27670] ? netlink_ack+0xa60/0xa60 [ 3371.758274][T27670] ? netlink_deliver_tap+0x1b1/0xc30 [ 3371.763582][T27670] genl_rcv+0x24/0x40 [ 3371.767578][T27670] netlink_unicast+0x533/0x7d0 [ 3371.772373][T27670] ? netlink_attachskb+0x890/0x890 [ 3371.777493][T27670] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3371.783751][T27670] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3371.790012][T27670] ? __phys_addr_symbol+0x2c/0x70 [ 3371.795049][T27670] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3371.800788][T27670] ? __check_object_size+0x16e/0x3f0 [ 3371.806100][T27670] netlink_sendmsg+0x86d/0xdb0 [ 3371.810891][T27670] ? netlink_unicast+0x7d0/0x7d0 [ 3371.815846][T27670] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3371.822117][T27670] ? netlink_unicast+0x7d0/0x7d0 [ 3371.827076][T27670] sock_sendmsg+0xcf/0x120 [ 3371.831516][T27670] ____sys_sendmsg+0x6e8/0x810 [ 3371.836300][T27670] ? kernel_sendmsg+0x50/0x50 [ 3371.840992][T27670] ? do_recvmmsg+0x6d0/0x6d0 [ 3371.845602][T27670] ? lock_chain_count+0x20/0x20 [ 3371.850471][T27670] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3371.856479][T27670] ___sys_sendmsg+0xf3/0x170 [ 3371.861095][T27670] ? sendmsg_copy_msghdr+0x160/0x160 [ 3371.866414][T27670] ? __fget_files+0x21b/0x3e0 [ 3371.871107][T27670] ? lock_downgrade+0x6e0/0x6e0 [ 3371.875998][T27670] ? __fget_files+0x23d/0x3e0 [ 3371.880704][T27670] ? __fget_light+0xea/0x280 [ 3371.885309][T27670] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3371.891578][T27670] __sys_sendmsg+0xe5/0x1b0 [ 3371.896100][T27670] ? __sys_sendmsg_sock+0x30/0x30 [ 3371.901169][T27670] ? syscall_enter_from_user_mode+0x21/0x70 [ 3371.907086][T27670] do_syscall_64+0x35/0xb0 [ 3371.911517][T27670] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3371.917432][T27670] RIP: 0033:0x7f812fd3ba39 02:40:40 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000298600040001"], 0x24}}, 0x0) 02:40:40 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000008700040001"], 0x24}}, 0x0) 02:40:40 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000018700040001"], 0x24}}, 0x0) [ 3371.921857][T27670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3371.941476][T27670] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3371.949906][T27670] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3371.957891][T27670] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3371.965870][T27670] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3371.973850][T27670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 02:40:41 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000028700040001"], 0x24}}, 0x0) 02:40:41 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000000000f000000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3371.981832][T27670] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:41 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000008100000000000000"}}]}]}, 0x64}}, 0x0) 02:40:41 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 82) 02:40:41 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000700"/36}}]}]}, 0x64}}, 0x0) 02:40:41 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0xffffff9e, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:41 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000004003000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:41 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000038700040001"], 0x24}}, 0x0) [ 3372.245582][T27700] FAULT_INJECTION: forcing a failure. [ 3372.245582][T27700] name failslab, interval 1, probability 0, space 0, times 0 [ 3372.294180][T27700] CPU: 0 PID: 27700 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3372.302978][T27700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3372.313045][T27700] Call Trace: [ 3372.316332][T27700] dump_stack_lvl+0xcd/0x134 [ 3372.320948][T27700] should_fail.cold+0x5/0xa [ 3372.325483][T27700] ? crypto_create_tfm_node+0x7f/0x320 [ 3372.330958][T27700] should_failslab+0x5/0x10 [ 3372.335481][T27700] __kmalloc_node+0x75/0x370 [ 3372.340105][T27700] crypto_create_tfm_node+0x7f/0x320 [ 3372.345420][T27700] crypto_spawn_tfm2+0x60/0xb0 [ 3372.350208][T27700] crypto_gcm_init_tfm+0x3d/0x260 [ 3372.355262][T27700] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3372.360923][T27700] crypto_aead_init_tfm+0x138/0x1a0 [ 3372.366149][T27700] crypto_create_tfm_node+0x10d/0x320 [ 3372.371546][T27700] crypto_alloc_tfm_node+0x107/0x260 [ 3372.376859][T27700] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3372.382622][T27700] tipc_crypto_key_init+0x82/0x110 [ 3372.387760][T27700] ? tipc_ehdr_validate+0x240/0x240 02:40:41 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000048700040001"], 0x24}}, 0x0) [ 3372.392984][T27700] ? crypto_mod_put+0x8c/0x100 [ 3372.397776][T27700] tipc_nl_node_set_key+0xa5d/0xf70 [ 3372.403007][T27700] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3372.409280][T27700] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3372.415537][T27700] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3372.422932][T27700] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3372.430244][T27700] genl_family_rcv_msg_doit+0x228/0x320 [ 3372.435813][T27700] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3372.443200][T27700] ? mutex_lock_io_nested+0x1150/0x1150 [ 3372.448773][T27700] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3372.455037][T27700] ? __radix_tree_lookup+0x211/0x2a0 [ 3372.460342][T27700] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3372.466606][T27700] ? genl_get_cmd+0x3cf/0x480 [ 3372.471306][T27700] genl_rcv_msg+0x328/0x580 [ 3372.475833][T27700] ? genl_get_cmd+0x480/0x480 [ 3372.480528][T27700] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3372.486799][T27700] ? lock_release+0x720/0x720 02:40:41 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000058700040001"], 0x24}}, 0x0) [ 3372.491494][T27700] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3372.496803][T27700] netlink_rcv_skb+0x153/0x420 [ 3372.501583][T27700] ? genl_get_cmd+0x480/0x480 [ 3372.506277][T27700] ? netlink_ack+0xa60/0xa60 [ 3372.510891][T27700] ? netlink_deliver_tap+0x1b1/0xc30 [ 3372.516203][T27700] genl_rcv+0x24/0x40 [ 3372.520202][T27700] netlink_unicast+0x533/0x7d0 [ 3372.524990][T27700] ? netlink_attachskb+0x890/0x890 [ 3372.530121][T27700] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3372.536386][T27700] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3372.542650][T27700] ? __phys_addr_symbol+0x2c/0x70 [ 3372.547690][T27700] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3372.553427][T27700] ? __check_object_size+0x16e/0x3f0 [ 3372.558740][T27700] netlink_sendmsg+0x86d/0xdb0 [ 3372.563530][T27700] ? netlink_unicast+0x7d0/0x7d0 [ 3372.568494][T27700] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3372.574759][T27700] ? netlink_unicast+0x7d0/0x7d0 [ 3372.579715][T27700] sock_sendmsg+0xcf/0x120 [ 3372.584152][T27700] ____sys_sendmsg+0x6e8/0x810 [ 3372.588939][T27700] ? kernel_sendmsg+0x50/0x50 02:40:41 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000068700040001"], 0x24}}, 0x0) [ 3372.593633][T27700] ? do_recvmmsg+0x6d0/0x6d0 [ 3372.598252][T27700] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3372.604251][T27700] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3372.610245][T27700] ? lock_chain_count+0x20/0x20 [ 3372.615130][T27700] ___sys_sendmsg+0xf3/0x170 [ 3372.619746][T27700] ? sendmsg_copy_msghdr+0x160/0x160 [ 3372.625060][T27700] ? __fget_files+0x21b/0x3e0 [ 3372.629760][T27700] ? lock_downgrade+0x6e0/0x6e0 [ 3372.634649][T27700] ? __fget_files+0x23d/0x3e0 [ 3372.639347][T27700] ? __fget_light+0xea/0x280 02:40:41 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000078700040001"], 0x24}}, 0x0) [ 3372.643951][T27700] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3372.650208][T27700] __sys_sendmsg+0xe5/0x1b0 [ 3372.654737][T27700] ? __sys_sendmsg_sock+0x30/0x30 [ 3372.659800][T27700] ? syscall_enter_from_user_mode+0x21/0x70 [ 3372.665718][T27700] do_syscall_64+0x35/0xb0 [ 3372.670145][T27700] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3372.676057][T27700] RIP: 0033:0x7f812fd3ba39 [ 3372.680490][T27700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3372.700115][T27700] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3372.708543][T27700] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3372.716523][T27700] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3372.724518][T27700] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3372.732499][T27700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 02:40:41 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000088700040001"], 0x24}}, 0x0) [ 3372.740480][T27700] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:41 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000800"/36}}]}]}, 0x64}}, 0x0) 02:40:41 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000038100000000000000"}}]}]}, 0x64}}, 0x0) 02:40:41 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 83) 02:40:41 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0xfffffff0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:41 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000004000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:42 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000098700040001"], 0x24}}, 0x0) [ 3372.984733][T27726] FAULT_INJECTION: forcing a failure. [ 3372.984733][T27726] name failslab, interval 1, probability 0, space 0, times 0 [ 3373.026175][T27726] CPU: 0 PID: 27726 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3373.034976][T27726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3373.045045][T27726] Call Trace: [ 3373.048329][T27726] dump_stack_lvl+0xcd/0x134 [ 3373.052943][T27726] should_fail.cold+0x5/0xa [ 3373.057476][T27726] ? crypto_create_tfm_node+0x7f/0x320 [ 3373.062958][T27726] should_failslab+0x5/0x10 [ 3373.067475][T27726] __kmalloc_node+0x75/0x370 [ 3373.072099][T27726] crypto_create_tfm_node+0x7f/0x320 [ 3373.077412][T27726] crypto_alloc_tfm_node+0x107/0x260 [ 3373.082730][T27726] cryptd_alloc_ahash+0x101/0x200 [ 3373.087776][T27726] ? cryptd_ahash_queued+0x70/0x70 [ 3373.092929][T27726] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3373.098494][T27726] ? trace_kmalloc_node+0x32/0x100 [ 3373.103632][T27726] ? ghash_async_exit_tfm+0x40/0x40 [ 3373.108855][T27726] ghash_async_init_tfm+0x21/0x100 [ 3373.113985][T27726] ? ghash_async_exit_tfm+0x40/0x40 [ 3373.119201][T27726] crypto_create_tfm_node+0x19b/0x320 02:40:42 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000a8700040001"], 0x24}}, 0x0) [ 3373.124599][T27726] crypto_spawn_tfm2+0x60/0xb0 [ 3373.129382][T27726] crypto_gcm_init_tfm+0x3d/0x260 [ 3373.134422][T27726] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3373.140080][T27726] crypto_aead_init_tfm+0x138/0x1a0 [ 3373.145302][T27726] crypto_create_tfm_node+0x10d/0x320 [ 3373.150696][T27726] crypto_alloc_tfm_node+0x107/0x260 [ 3373.156001][T27726] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3373.161761][T27726] tipc_crypto_key_init+0x82/0x110 [ 3373.166893][T27726] ? tipc_ehdr_validate+0x240/0x240 [ 3373.172112][T27726] ? crypto_mod_put+0x8c/0x100 [ 3373.176902][T27726] tipc_nl_node_set_key+0xa5d/0xf70 [ 3373.182129][T27726] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3373.188402][T27726] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3373.194658][T27726] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3373.202049][T27726] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3373.209364][T27726] genl_family_rcv_msg_doit+0x228/0x320 [ 3373.214924][T27726] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 02:40:42 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000b8700040001"], 0x24}}, 0x0) [ 3373.222313][T27726] ? mutex_lock_io_nested+0x1150/0x1150 [ 3373.227888][T27726] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3373.234144][T27726] ? __radix_tree_lookup+0x211/0x2a0 [ 3373.239446][T27726] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3373.245705][T27726] ? genl_get_cmd+0x3cf/0x480 [ 3373.250407][T27726] genl_rcv_msg+0x328/0x580 [ 3373.254929][T27726] ? genl_get_cmd+0x480/0x480 [ 3373.259623][T27726] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3373.265895][T27726] ? lock_release+0x720/0x720 [ 3373.270589][T27726] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3373.275896][T27726] netlink_rcv_skb+0x153/0x420 [ 3373.280679][T27726] ? genl_get_cmd+0x480/0x480 [ 3373.285378][T27726] ? netlink_ack+0xa60/0xa60 [ 3373.289996][T27726] ? netlink_deliver_tap+0x1b1/0xc30 [ 3373.295306][T27726] genl_rcv+0x24/0x40 [ 3373.299305][T27726] netlink_unicast+0x533/0x7d0 [ 3373.304091][T27726] ? netlink_attachskb+0x890/0x890 [ 3373.309222][T27726] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3373.315482][T27726] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3373.321745][T27726] ? __phys_addr_symbol+0x2c/0x70 02:40:42 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000c8700040001"], 0x24}}, 0x0) [ 3373.326783][T27726] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3373.332518][T27726] ? __check_object_size+0x16e/0x3f0 [ 3373.337839][T27726] netlink_sendmsg+0x86d/0xdb0 [ 3373.342634][T27726] ? netlink_unicast+0x7d0/0x7d0 [ 3373.347599][T27726] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3373.353864][T27726] ? netlink_unicast+0x7d0/0x7d0 [ 3373.358819][T27726] sock_sendmsg+0xcf/0x120 [ 3373.363256][T27726] ____sys_sendmsg+0x6e8/0x810 [ 3373.368041][T27726] ? kernel_sendmsg+0x50/0x50 [ 3373.372733][T27726] ? do_recvmmsg+0x6d0/0x6d0 [ 3373.377354][T27726] ? lock_chain_count+0x20/0x20 [ 3373.382224][T27726] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3373.388237][T27726] ___sys_sendmsg+0xf3/0x170 [ 3373.392855][T27726] ? sendmsg_copy_msghdr+0x160/0x160 [ 3373.398165][T27726] ? __fget_files+0x21b/0x3e0 [ 3373.402860][T27726] ? lock_downgrade+0x6e0/0x6e0 [ 3373.407745][T27726] ? __fget_files+0x23d/0x3e0 [ 3373.412447][T27726] ? __fget_light+0xea/0x280 [ 3373.417053][T27726] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3373.423319][T27726] __sys_sendmsg+0xe5/0x1b0 [ 3373.427839][T27726] ? __sys_sendmsg_sock+0x30/0x30 [ 3373.432899][T27726] ? syscall_enter_from_user_mode+0x21/0x70 [ 3373.438818][T27726] do_syscall_64+0x35/0xb0 [ 3373.443247][T27726] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3373.449164][T27726] RIP: 0033:0x7f812fd3ba39 [ 3373.453591][T27726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:40:42 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000d8700040001"], 0x24}}, 0x0) 02:40:42 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000900"/36}}]}]}, 0x64}}, 0x0) [ 3373.473208][T27726] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3373.481637][T27726] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3373.489621][T27726] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3373.497606][T27726] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3373.505584][T27726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3373.513598][T27726] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:42 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000e8700040001"], 0x24}}, 0x0) 02:40:42 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000000ffffff8d00000000000000"}}]}]}, 0x64}}, 0x0) 02:40:42 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0xffffffff, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:42 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 84) 02:40:42 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000340000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:42 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000e00"/36}}]}]}, 0x64}}, 0x0) 02:40:42 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000f8700040001"], 0x24}}, 0x0) 02:40:42 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3373.884619][T27760] FAULT_INJECTION: forcing a failure. [ 3373.884619][T27760] name failslab, interval 1, probability 0, space 0, times 0 [ 3373.949332][T27760] CPU: 0 PID: 27760 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3373.958145][T27760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3373.968217][T27760] Call Trace: [ 3373.971522][T27760] dump_stack_lvl+0xcd/0x134 [ 3373.976132][T27760] should_fail.cold+0x5/0xa [ 3373.980646][T27760] ? crypto_create_tfm_node+0x7f/0x320 [ 3373.986108][T27760] should_failslab+0x5/0x10 [ 3373.990609][T27760] __kmalloc_node+0x75/0x370 [ 3373.995220][T27760] crypto_create_tfm_node+0x7f/0x320 [ 3374.000533][T27760] crypto_spawn_tfm2+0x60/0xb0 [ 3374.005311][T27760] ? cryptd_skcipher_init_tfm+0xe0/0xe0 [ 3374.010870][T27760] cryptd_hash_init_tfm+0x3c/0x120 [ 3374.015987][T27760] ? cryptd_skcipher_init_tfm+0xe0/0xe0 [ 3374.021619][T27760] crypto_create_tfm_node+0x19b/0x320 [ 3374.026993][T27760] crypto_alloc_tfm_node+0x107/0x260 [ 3374.032282][T27760] cryptd_alloc_ahash+0x101/0x200 [ 3374.037304][T27760] ? cryptd_ahash_queued+0x70/0x70 [ 3374.042428][T27760] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3374.047972][T27760] ? trace_kmalloc_node+0x32/0x100 [ 3374.053108][T27760] ? ghash_async_exit_tfm+0x40/0x40 [ 3374.058310][T27760] ghash_async_init_tfm+0x21/0x100 [ 3374.063422][T27760] ? ghash_async_exit_tfm+0x40/0x40 [ 3374.068623][T27760] crypto_create_tfm_node+0x19b/0x320 [ 3374.073997][T27760] crypto_spawn_tfm2+0x60/0xb0 [ 3374.078763][T27760] crypto_gcm_init_tfm+0x3d/0x260 [ 3374.083785][T27760] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3374.089415][T27760] crypto_aead_init_tfm+0x138/0x1a0 [ 3374.094613][T27760] crypto_create_tfm_node+0x10d/0x320 [ 3374.099982][T27760] crypto_alloc_tfm_node+0x107/0x260 [ 3374.105270][T27760] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3374.111001][T27760] tipc_crypto_key_init+0x82/0x110 [ 3374.116115][T27760] ? tipc_ehdr_validate+0x240/0x240 [ 3374.121311][T27760] ? crypto_mod_put+0x8c/0x100 [ 3374.126080][T27760] tipc_nl_node_set_key+0xa5d/0xf70 [ 3374.131281][T27760] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3374.137530][T27760] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3374.143769][T27760] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3374.151139][T27760] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3374.158425][T27760] genl_family_rcv_msg_doit+0x228/0x320 [ 3374.163970][T27760] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3374.171335][T27760] ? mutex_lock_io_nested+0x1150/0x1150 [ 3374.176887][T27760] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3374.183127][T27760] ? __radix_tree_lookup+0x211/0x2a0 [ 3374.188410][T27760] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3374.194649][T27760] ? genl_get_cmd+0x3cf/0x480 [ 3374.199324][T27760] genl_rcv_msg+0x328/0x580 [ 3374.203839][T27760] ? genl_get_cmd+0x480/0x480 [ 3374.208534][T27760] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3374.214793][T27760] ? lock_release+0x720/0x720 [ 3374.219474][T27760] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3374.224771][T27760] netlink_rcv_skb+0x153/0x420 [ 3374.229538][T27760] ? genl_get_cmd+0x480/0x480 [ 3374.234217][T27760] ? netlink_ack+0xa60/0xa60 [ 3374.238831][T27760] ? netlink_deliver_tap+0x1b1/0xc30 [ 3374.244126][T27760] genl_rcv+0x24/0x40 [ 3374.248107][T27760] netlink_unicast+0x533/0x7d0 [ 3374.252876][T27760] ? netlink_attachskb+0x890/0x890 [ 3374.257984][T27760] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3374.264231][T27760] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3374.270484][T27760] ? __phys_addr_symbol+0x2c/0x70 [ 3374.275506][T27760] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3374.281223][T27760] ? __check_object_size+0x16e/0x3f0 [ 3374.286514][T27760] netlink_sendmsg+0x86d/0xdb0 [ 3374.291283][T27760] ? netlink_unicast+0x7d0/0x7d0 [ 3374.296222][T27760] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3374.302463][T27760] ? netlink_unicast+0x7d0/0x7d0 [ 3374.307400][T27760] sock_sendmsg+0xcf/0x120 [ 3374.311821][T27760] ____sys_sendmsg+0x6e8/0x810 [ 3374.316584][T27760] ? kernel_sendmsg+0x50/0x50 [ 3374.321257][T27760] ? do_recvmmsg+0x6d0/0x6d0 [ 3374.325851][T27760] ? lock_chain_count+0x20/0x20 [ 3374.330700][T27760] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3374.336688][T27760] ___sys_sendmsg+0xf3/0x170 [ 3374.341293][T27760] ? sendmsg_copy_msghdr+0x160/0x160 [ 3374.346586][T27760] ? __fget_files+0x21b/0x3e0 [ 3374.351258][T27760] ? lock_downgrade+0x6e0/0x6e0 [ 3374.356118][T27760] ? __fget_files+0x23d/0x3e0 [ 3374.360800][T27760] ? __fget_light+0xea/0x280 [ 3374.365389][T27760] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3374.371636][T27760] __sys_sendmsg+0xe5/0x1b0 [ 3374.376137][T27760] ? __sys_sendmsg_sock+0x30/0x30 [ 3374.381175][T27760] ? syscall_enter_from_user_mode+0x21/0x70 [ 3374.387071][T27760] do_syscall_64+0x35/0xb0 [ 3374.391481][T27760] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3374.397371][T27760] RIP: 0033:0x7f812fd3ba39 [ 3374.401782][T27760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3374.421383][T27760] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3374.429799][T27760] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3374.437767][T27760] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 02:40:43 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000019c00000000000000"}}]}]}, 0x64}}, 0x0) [ 3374.445730][T27760] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3374.453716][T27760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3374.461682][T27760] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:43 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000108700040001"], 0x24}}, 0x0) 02:40:43 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000000f00"/36}}]}]}, 0x64}}, 0x0) 02:40:43 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000ffff80000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:43 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 85) 02:40:43 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x2, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:43 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000000ffffff9e00000000000000"}}]}]}, 0x64}}, 0x0) 02:40:43 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000118700040001"], 0x24}}, 0x0) 02:40:43 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c8000000006000"/36}}]}]}, 0x64}}, 0x0) [ 3374.819097][T27789] FAULT_INJECTION: forcing a failure. [ 3374.819097][T27789] name failslab, interval 1, probability 0, space 0, times 0 02:40:43 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000fffff0000600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3374.878077][T27789] CPU: 1 PID: 27789 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3374.886888][T27789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3374.896968][T27789] Call Trace: [ 3374.900259][T27789] dump_stack_lvl+0xcd/0x134 [ 3374.904876][T27789] should_fail.cold+0x5/0xa [ 3374.909417][T27789] ? crypto_create_tfm_node+0x7f/0x320 [ 3374.914897][T27789] should_failslab+0x5/0x10 [ 3374.919420][T27789] __kmalloc_node+0x75/0x370 [ 3374.924049][T27789] crypto_create_tfm_node+0x7f/0x320 [ 3374.929360][T27789] crypto_spawn_tfm2+0x60/0xb0 [ 3374.934146][T27789] crypto_gcm_init_tfm+0x6d/0x260 [ 3374.939190][T27789] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3374.944845][T27789] crypto_aead_init_tfm+0x138/0x1a0 [ 3374.950071][T27789] crypto_create_tfm_node+0x10d/0x320 [ 3374.955478][T27789] crypto_alloc_tfm_node+0x107/0x260 [ 3374.960795][T27789] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3374.966554][T27789] tipc_crypto_key_init+0x82/0x110 [ 3374.971691][T27789] ? tipc_ehdr_validate+0x240/0x240 [ 3374.976904][T27789] ? crypto_mod_put+0x8c/0x100 [ 3374.981672][T27789] tipc_nl_node_set_key+0xa5d/0xf70 [ 3374.986867][T27789] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3374.993107][T27789] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3374.999348][T27789] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3375.006715][T27789] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3375.014016][T27789] genl_family_rcv_msg_doit+0x228/0x320 [ 3375.019560][T27789] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3375.026960][T27789] ? mutex_lock_io_nested+0x1150/0x1150 [ 3375.032549][T27789] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3375.038805][T27789] ? __radix_tree_lookup+0x211/0x2a0 [ 3375.044078][T27789] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3375.050314][T27789] ? genl_get_cmd+0x3cf/0x480 [ 3375.054995][T27789] genl_rcv_msg+0x328/0x580 [ 3375.059495][T27789] ? genl_get_cmd+0x480/0x480 [ 3375.064163][T27789] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3375.070403][T27789] ? lock_release+0x720/0x720 [ 3375.075071][T27789] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3375.080348][T27789] netlink_rcv_skb+0x153/0x420 [ 3375.085106][T27789] ? genl_get_cmd+0x480/0x480 [ 3375.089801][T27789] ? netlink_ack+0xa60/0xa60 [ 3375.094382][T27789] ? netlink_deliver_tap+0x1b1/0xc30 [ 3375.099690][T27789] genl_rcv+0x24/0x40 [ 3375.103672][T27789] netlink_unicast+0x533/0x7d0 [ 3375.108449][T27789] ? netlink_attachskb+0x890/0x890 [ 3375.113564][T27789] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3375.119797][T27789] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3375.126027][T27789] ? __phys_addr_symbol+0x2c/0x70 [ 3375.131059][T27789] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3375.136778][T27789] ? __check_object_size+0x16e/0x3f0 [ 3375.142059][T27789] netlink_sendmsg+0x86d/0xdb0 [ 3375.146830][T27789] ? netlink_unicast+0x7d0/0x7d0 [ 3375.151776][T27789] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3375.158529][T27789] ? netlink_unicast+0x7d0/0x7d0 [ 3375.163457][T27789] sock_sendmsg+0xcf/0x120 [ 3375.167866][T27789] ____sys_sendmsg+0x6e8/0x810 [ 3375.172622][T27789] ? kernel_sendmsg+0x50/0x50 [ 3375.177287][T27789] ? do_recvmmsg+0x6d0/0x6d0 [ 3375.181897][T27789] ? lock_chain_count+0x20/0x20 [ 3375.186739][T27789] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3375.192712][T27789] ___sys_sendmsg+0xf3/0x170 [ 3375.197300][T27789] ? sendmsg_copy_msghdr+0x160/0x160 [ 3375.202604][T27789] ? __fget_files+0x21b/0x3e0 [ 3375.207266][T27789] ? lock_downgrade+0x6e0/0x6e0 [ 3375.212112][T27789] ? __fget_files+0x23d/0x3e0 [ 3375.216790][T27789] ? __fget_light+0xea/0x280 [ 3375.221394][T27789] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3375.227628][T27789] __sys_sendmsg+0xe5/0x1b0 [ 3375.232122][T27789] ? __sys_sendmsg_sock+0x30/0x30 [ 3375.237146][T27789] ? syscall_enter_from_user_mode+0x21/0x70 [ 3375.243046][T27789] do_syscall_64+0x35/0xb0 [ 3375.247469][T27789] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3375.253384][T27789] RIP: 0033:0x7f812fd3ba39 [ 3375.257786][T27789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:40:44 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000128700040001"], 0x24}}, 0x0) [ 3375.277384][T27789] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3375.285807][T27789] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3375.293762][T27789] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3375.301720][T27789] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3375.309679][T27789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3375.317660][T27789] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:44 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000138700040001"], 0x24}}, 0x0) 02:40:44 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000000010600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:44 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 86) 02:40:44 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x3, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:44 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000000000003ce00000000000000"}}]}]}, 0x64}}, 0x0) 02:40:44 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000f000"/36}}]}]}, 0x64}}, 0x0) [ 3375.566956][T27810] FAULT_INJECTION: forcing a failure. [ 3375.566956][T27810] name failslab, interval 1, probability 0, space 0, times 0 [ 3375.606334][T27810] CPU: 1 PID: 27810 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3375.615146][T27810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3375.625215][T27810] Call Trace: [ 3375.628505][T27810] dump_stack_lvl+0xcd/0x134 [ 3375.633119][T27810] should_fail.cold+0x5/0xa [ 3375.637650][T27810] ? crypto_create_tfm_node+0x7f/0x320 [ 3375.643128][T27810] should_failslab+0x5/0x10 [ 3375.647646][T27810] __kmalloc_node+0x75/0x370 [ 3375.652266][T27810] crypto_create_tfm_node+0x7f/0x320 [ 3375.657579][T27810] crypto_alloc_tfm_node+0x107/0x260 [ 3375.662894][T27810] cryptd_alloc_skcipher+0x101/0x200 [ 3375.668208][T27810] ? cryptd_hash_exit_tfm+0x40/0x40 [ 3375.673436][T27810] ? __kmalloc_node+0x62/0x370 [ 3375.678241][T27810] ? simd_skcipher_exit+0x40/0x40 [ 3375.683290][T27810] simd_skcipher_init+0x67/0x180 [ 3375.688255][T27810] ? simd_skcipher_exit+0x40/0x40 [ 3375.693296][T27810] crypto_skcipher_init_tfm+0x127/0x180 [ 3375.698872][T27810] crypto_create_tfm_node+0x10d/0x320 [ 3375.704274][T27810] crypto_spawn_tfm2+0x60/0xb0 [ 3375.709062][T27810] crypto_gcm_init_tfm+0x6d/0x260 [ 3375.714098][T27810] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3375.719725][T27810] crypto_aead_init_tfm+0x138/0x1a0 [ 3375.724918][T27810] crypto_create_tfm_node+0x10d/0x320 [ 3375.730290][T27810] crypto_alloc_tfm_node+0x107/0x260 [ 3375.735596][T27810] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3375.741314][T27810] tipc_crypto_key_init+0x82/0x110 [ 3375.746419][T27810] ? tipc_ehdr_validate+0x240/0x240 [ 3375.751611][T27810] ? crypto_mod_put+0x8c/0x100 [ 3375.756390][T27810] tipc_nl_node_set_key+0xa5d/0xf70 [ 3375.761591][T27810] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3375.767848][T27810] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3375.774080][T27810] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3375.781448][T27810] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3375.788727][T27810] genl_family_rcv_msg_doit+0x228/0x320 [ 3375.794272][T27810] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3375.801633][T27810] ? mutex_lock_io_nested+0x1150/0x1150 [ 3375.807173][T27810] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3375.813411][T27810] ? __radix_tree_lookup+0x211/0x2a0 [ 3375.818699][T27810] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3375.824931][T27810] ? genl_get_cmd+0x3cf/0x480 [ 3375.829598][T27810] genl_rcv_msg+0x328/0x580 [ 3375.834093][T27810] ? genl_get_cmd+0x480/0x480 [ 3375.838757][T27810] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3375.845000][T27810] ? lock_release+0x720/0x720 [ 3375.849687][T27810] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3375.854964][T27810] netlink_rcv_skb+0x153/0x420 [ 3375.859720][T27810] ? genl_get_cmd+0x480/0x480 [ 3375.864406][T27810] ? netlink_ack+0xa60/0xa60 [ 3375.868986][T27810] ? netlink_deliver_tap+0x1b1/0xc30 [ 3375.874261][T27810] genl_rcv+0x24/0x40 [ 3375.878232][T27810] netlink_unicast+0x533/0x7d0 [ 3375.882987][T27810] ? netlink_attachskb+0x890/0x890 [ 3375.888082][T27810] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3375.894311][T27810] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3375.900545][T27810] ? __phys_addr_symbol+0x2c/0x70 [ 3375.905556][T27810] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3375.911260][T27810] ? __check_object_size+0x16e/0x3f0 [ 3375.916541][T27810] netlink_sendmsg+0x86d/0xdb0 [ 3375.921303][T27810] ? netlink_unicast+0x7d0/0x7d0 [ 3375.926251][T27810] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3375.932522][T27810] ? netlink_unicast+0x7d0/0x7d0 [ 3375.937453][T27810] sock_sendmsg+0xcf/0x120 [ 3375.941887][T27810] ____sys_sendmsg+0x6e8/0x810 [ 3375.946671][T27810] ? kernel_sendmsg+0x50/0x50 [ 3375.951350][T27810] ? do_recvmmsg+0x6d0/0x6d0 [ 3375.955930][T27810] ? lock_chain_count+0x20/0x20 [ 3375.960774][T27810] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3375.966773][T27810] ___sys_sendmsg+0xf3/0x170 [ 3375.971355][T27810] ? sendmsg_copy_msghdr+0x160/0x160 [ 3375.976693][T27810] ? __fget_files+0x21b/0x3e0 [ 3375.981363][T27810] ? lock_downgrade+0x6e0/0x6e0 [ 3375.986225][T27810] ? __fget_files+0x23d/0x3e0 [ 3375.991003][T27810] ? __fget_light+0xea/0x280 [ 3375.995668][T27810] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3376.001912][T27810] __sys_sendmsg+0xe5/0x1b0 [ 3376.006436][T27810] ? __sys_sendmsg_sock+0x30/0x30 [ 3376.011465][T27810] ? syscall_enter_from_user_mode+0x21/0x70 [ 3376.017354][T27810] do_syscall_64+0x35/0xb0 [ 3376.021758][T27810] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3376.027642][T27810] RIP: 0033:0x7f812fd3ba39 [ 3376.032089][T27810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3376.051687][T27810] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3376.060088][T27810] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 02:40:45 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000148700040001"], 0x24}}, 0x0) [ 3376.068096][T27810] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3376.076057][T27810] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3376.084012][T27810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3376.091966][T27810] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:45 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 87) 02:40:45 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000000020600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:45 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000000fffffff000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:45 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x4, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:45 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000300"/36}}]}]}, 0x64}}, 0x0) 02:40:45 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000158700040001"], 0x24}}, 0x0) [ 3376.344760][T27829] FAULT_INJECTION: forcing a failure. [ 3376.344760][T27829] name failslab, interval 1, probability 0, space 0, times 0 [ 3376.381086][T27829] CPU: 1 PID: 27829 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3376.389882][T27829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3376.399932][T27829] Call Trace: [ 3376.403204][T27829] dump_stack_lvl+0xcd/0x134 [ 3376.407817][T27829] should_fail.cold+0x5/0xa [ 3376.412329][T27829] ? crypto_create_tfm_node+0x7f/0x320 [ 3376.417789][T27829] should_failslab+0x5/0x10 [ 3376.422300][T27829] __kmalloc_node+0x75/0x370 [ 3376.426902][T27829] crypto_create_tfm_node+0x7f/0x320 [ 3376.432200][T27829] crypto_spawn_tfm2+0x60/0xb0 [ 3376.436964][T27829] ? cryptd_skcipher_setkey+0xd0/0xd0 [ 3376.442342][T27829] cryptd_skcipher_init_tfm+0x3a/0xe0 [ 3376.447716][T27829] crypto_skcipher_init_tfm+0x127/0x180 [ 3376.453263][T27829] crypto_create_tfm_node+0x10d/0x320 [ 3376.458638][T27829] crypto_alloc_tfm_node+0x107/0x260 [ 3376.463932][T27829] cryptd_alloc_skcipher+0x101/0x200 [ 3376.469231][T27829] ? cryptd_hash_exit_tfm+0x40/0x40 [ 3376.474435][T27829] ? __kmalloc_node+0x62/0x370 [ 3376.479213][T27829] ? simd_skcipher_exit+0x40/0x40 [ 3376.484242][T27829] simd_skcipher_init+0x67/0x180 [ 3376.489179][T27829] ? simd_skcipher_exit+0x40/0x40 [ 3376.494202][T27829] crypto_skcipher_init_tfm+0x127/0x180 [ 3376.499748][T27829] crypto_create_tfm_node+0x10d/0x320 [ 3376.505119][T27829] crypto_spawn_tfm2+0x60/0xb0 [ 3376.509880][T27829] crypto_gcm_init_tfm+0x6d/0x260 [ 3376.514901][T27829] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3376.520534][T27829] crypto_aead_init_tfm+0x138/0x1a0 [ 3376.525736][T27829] crypto_create_tfm_node+0x10d/0x320 [ 3376.531112][T27829] crypto_alloc_tfm_node+0x107/0x260 [ 3376.536402][T27829] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3376.542135][T27829] tipc_crypto_key_init+0x82/0x110 [ 3376.547245][T27829] ? tipc_ehdr_validate+0x240/0x240 [ 3376.552449][T27829] ? crypto_mod_put+0x8c/0x100 [ 3376.557219][T27829] tipc_nl_node_set_key+0xa5d/0xf70 [ 3376.562425][T27829] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3376.568678][T27829] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3376.574917][T27829] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3376.582288][T27829] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3376.589602][T27829] genl_family_rcv_msg_doit+0x228/0x320 [ 3376.595156][T27829] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3376.602533][T27829] ? mutex_lock_io_nested+0x1150/0x1150 [ 3376.608093][T27829] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3376.614339][T27829] ? __radix_tree_lookup+0x211/0x2a0 [ 3376.619625][T27829] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3376.625867][T27829] ? genl_get_cmd+0x3cf/0x480 [ 3376.630548][T27829] genl_rcv_msg+0x328/0x580 [ 3376.635051][T27829] ? genl_get_cmd+0x480/0x480 [ 3376.639726][T27829] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3376.645974][T27829] ? lock_release+0x720/0x720 [ 3376.650650][T27829] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3376.655937][T27829] netlink_rcv_skb+0x153/0x420 [ 3376.660700][T27829] ? genl_get_cmd+0x480/0x480 [ 3376.665378][T27829] ? netlink_ack+0xa60/0xa60 [ 3376.669974][T27829] ? netlink_deliver_tap+0x1b1/0xc30 [ 3376.675260][T27829] genl_rcv+0x24/0x40 [ 3376.679245][T27829] netlink_unicast+0x533/0x7d0 [ 3376.684016][T27829] ? netlink_attachskb+0x890/0x890 [ 3376.689122][T27829] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3376.695380][T27829] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3376.701617][T27829] ? __phys_addr_symbol+0x2c/0x70 [ 3376.706638][T27829] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3376.712359][T27829] ? __check_object_size+0x16e/0x3f0 [ 3376.717650][T27829] netlink_sendmsg+0x86d/0xdb0 [ 3376.722417][T27829] ? netlink_unicast+0x7d0/0x7d0 [ 3376.727358][T27829] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3376.733603][T27829] ? netlink_unicast+0x7d0/0x7d0 [ 3376.738539][T27829] sock_sendmsg+0xcf/0x120 [ 3376.742955][T27829] ____sys_sendmsg+0x6e8/0x810 [ 3376.747722][T27829] ? kernel_sendmsg+0x50/0x50 [ 3376.752397][T27829] ? do_recvmmsg+0x6d0/0x6d0 [ 3376.756988][T27829] ? lock_chain_count+0x20/0x20 [ 3376.761838][T27829] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3376.767822][T27829] ___sys_sendmsg+0xf3/0x170 [ 3376.772413][T27829] ? sendmsg_copy_msghdr+0x160/0x160 [ 3376.777702][T27829] ? __fget_files+0x21b/0x3e0 [ 3376.782378][T27829] ? lock_downgrade+0x6e0/0x6e0 [ 3376.787239][T27829] ? __fget_files+0x23d/0x3e0 [ 3376.791923][T27829] ? __fget_light+0xea/0x280 [ 3376.796509][T27829] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3376.802751][T27829] __sys_sendmsg+0xe5/0x1b0 [ 3376.807255][T27829] ? __sys_sendmsg_sock+0x30/0x30 [ 3376.812320][T27829] ? syscall_enter_from_user_mode+0x21/0x70 [ 3376.818247][T27829] do_syscall_64+0x35/0xb0 [ 3376.822675][T27829] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3376.828570][T27829] RIP: 0033:0x7f812fd3ba39 [ 3376.832987][T27829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3376.852602][T27829] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3376.861020][T27829] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3376.868984][T27829] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3376.876947][T27829] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3376.884911][T27829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3376.892891][T27829] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:46 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000168700040001"], 0x24}}, 0x0) 02:40:46 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x7, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:46 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000000030600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:46 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000500"/36}}]}]}, 0x64}}, 0x0) 02:40:46 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000000fffffff500000000000000"}}]}]}, 0x64}}, 0x0) 02:40:46 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 88) [ 3377.245547][T27858] FAULT_INJECTION: forcing a failure. [ 3377.245547][T27858] name failslab, interval 1, probability 0, space 0, times 0 02:40:46 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000178700040001"], 0x24}}, 0x0) 02:40:46 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x8, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:46 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000000040600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3377.286842][T27858] CPU: 1 PID: 27858 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3377.295654][T27858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3377.305729][T27858] Call Trace: [ 3377.309019][T27858] dump_stack_lvl+0xcd/0x134 [ 3377.313632][T27858] should_fail.cold+0x5/0xa [ 3377.318169][T27858] ? crypto_gcm_setkey+0x13e/0x590 [ 3377.323301][T27858] should_failslab+0x5/0x10 [ 3377.327819][T27858] __kmalloc+0x72/0x320 [ 3377.332002][T27858] crypto_gcm_setkey+0x13e/0x590 [ 3377.336970][T27858] crypto_aead_setkey+0xbf/0x290 [ 3377.341936][T27858] tipc_aead_init.constprop.0+0x17b/0x8f0 [ 3377.347698][T27858] tipc_crypto_key_init+0x82/0x110 [ 3377.352832][T27858] ? tipc_ehdr_validate+0x240/0x240 [ 3377.358052][T27858] ? crypto_mod_put+0x8c/0x100 [ 3377.362843][T27858] tipc_nl_node_set_key+0xa5d/0xf70 [ 3377.368068][T27858] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3377.374320][T27858] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3377.380585][T27858] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3377.387976][T27858] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3377.395290][T27858] genl_family_rcv_msg_doit+0x228/0x320 [ 3377.400855][T27858] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3377.408248][T27858] ? mutex_lock_io_nested+0x1150/0x1150 [ 3377.413832][T27858] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3377.420096][T27858] ? __radix_tree_lookup+0x211/0x2a0 [ 3377.425399][T27858] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3377.431665][T27858] ? genl_get_cmd+0x3cf/0x480 [ 3377.436367][T27858] genl_rcv_msg+0x328/0x580 [ 3377.440889][T27858] ? genl_get_cmd+0x480/0x480 [ 3377.445588][T27858] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3377.451859][T27858] ? lock_release+0x720/0x720 [ 3377.456555][T27858] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3377.461872][T27858] netlink_rcv_skb+0x153/0x420 [ 3377.466656][T27858] ? genl_get_cmd+0x480/0x480 [ 3377.471441][T27858] ? netlink_ack+0xa60/0xa60 [ 3377.476059][T27858] ? netlink_deliver_tap+0x1b1/0xc30 [ 3377.481372][T27858] genl_rcv+0x24/0x40 [ 3377.485373][T27858] netlink_unicast+0x533/0x7d0 [ 3377.490153][T27858] ? netlink_attachskb+0x890/0x890 [ 3377.495253][T27858] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3377.501546][T27858] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3377.507780][T27858] ? __phys_addr_symbol+0x2c/0x70 [ 3377.512813][T27858] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3377.518519][T27858] ? __check_object_size+0x16e/0x3f0 [ 3377.523806][T27858] netlink_sendmsg+0x86d/0xdb0 [ 3377.528585][T27858] ? netlink_unicast+0x7d0/0x7d0 [ 3377.533516][T27858] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3377.539748][T27858] ? netlink_unicast+0x7d0/0x7d0 [ 3377.544674][T27858] sock_sendmsg+0xcf/0x120 [ 3377.549083][T27858] ____sys_sendmsg+0x6e8/0x810 [ 3377.553836][T27858] ? kernel_sendmsg+0x50/0x50 [ 3377.558557][T27858] ? do_recvmmsg+0x6d0/0x6d0 [ 3377.563140][T27858] ? lock_chain_count+0x20/0x20 [ 3377.568004][T27858] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3377.573976][T27858] ___sys_sendmsg+0xf3/0x170 [ 3377.578556][T27858] ? sendmsg_copy_msghdr+0x160/0x160 [ 3377.583832][T27858] ? __fget_files+0x21b/0x3e0 [ 3377.588496][T27858] ? lock_downgrade+0x6e0/0x6e0 [ 3377.593343][T27858] ? __fget_files+0x23d/0x3e0 [ 3377.598030][T27858] ? __fget_light+0xea/0x280 [ 3377.602632][T27858] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3377.608864][T27858] __sys_sendmsg+0xe5/0x1b0 [ 3377.613364][T27858] ? __sys_sendmsg_sock+0x30/0x30 [ 3377.618488][T27858] ? syscall_enter_from_user_mode+0x21/0x70 [ 3377.624379][T27858] do_syscall_64+0x35/0xb0 [ 3377.628782][T27858] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3377.634671][T27858] RIP: 0033:0x7f812fd3ba39 [ 3377.639102][T27858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3377.658725][T27858] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3377.667144][T27858] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3377.675116][T27858] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 02:40:46 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000000fffffffc00000000000000"}}]}]}, 0x64}}, 0x0) [ 3377.683078][T27858] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3377.691054][T27858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3377.699006][T27858] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:46 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 89) 02:40:46 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000188700040001"], 0x24}}, 0x0) 02:40:46 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000600"/36}}]}]}, 0x64}}, 0x0) 02:40:46 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0xe, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:46 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000000070600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3377.903818][T27874] FAULT_INJECTION: forcing a failure. [ 3377.903818][T27874] name failslab, interval 1, probability 0, space 0, times 0 [ 3377.952184][T27874] CPU: 1 PID: 27874 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3377.961003][T27874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3377.971073][T27874] Call Trace: [ 3377.974367][T27874] dump_stack_lvl+0xcd/0x134 [ 3377.978983][T27874] should_fail.cold+0x5/0xa [ 3377.983525][T27874] ? tipc_aead_init.constprop.0+0x1bb/0x8f0 [ 3377.989442][T27874] should_failslab+0x5/0x10 [ 3377.993961][T27874] kmem_cache_alloc_trace+0x55/0x2b0 [ 3377.999269][T27874] ? crypto_aead_setkey+0x10f/0x290 [ 3378.004497][T27874] tipc_aead_init.constprop.0+0x1bb/0x8f0 [ 3378.010261][T27874] tipc_crypto_key_init+0x82/0x110 [ 3378.015395][T27874] ? tipc_ehdr_validate+0x240/0x240 [ 3378.020614][T27874] ? crypto_mod_put+0x8c/0x100 [ 3378.025409][T27874] tipc_nl_node_set_key+0xa5d/0xf70 [ 3378.030644][T27874] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3378.036931][T27874] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3378.043195][T27874] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 02:40:47 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000198700040001"], 0x24}}, 0x0) [ 3378.050592][T27874] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3378.057901][T27874] genl_family_rcv_msg_doit+0x228/0x320 [ 3378.063451][T27874] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3378.070842][T27874] ? mutex_lock_io_nested+0x1150/0x1150 [ 3378.076416][T27874] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3378.082678][T27874] ? __radix_tree_lookup+0x211/0x2a0 [ 3378.087980][T27874] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3378.094247][T27874] ? genl_get_cmd+0x3cf/0x480 02:40:47 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001a8700040001"], 0x24}}, 0x0) [ 3378.098950][T27874] genl_rcv_msg+0x328/0x580 [ 3378.103478][T27874] ? genl_get_cmd+0x480/0x480 [ 3378.108170][T27874] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3378.114478][T27874] ? lock_release+0x720/0x720 [ 3378.119171][T27874] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3378.124489][T27874] netlink_rcv_skb+0x153/0x420 [ 3378.129300][T27874] ? genl_get_cmd+0x480/0x480 [ 3378.133998][T27874] ? netlink_ack+0xa60/0xa60 [ 3378.138615][T27874] ? netlink_deliver_tap+0x1b1/0xc30 [ 3378.143926][T27874] genl_rcv+0x24/0x40 [ 3378.147924][T27874] netlink_unicast+0x533/0x7d0 02:40:47 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001b8700040001"], 0x24}}, 0x0) [ 3378.152709][T27874] ? netlink_attachskb+0x890/0x890 [ 3378.157835][T27874] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3378.164098][T27874] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3378.170360][T27874] ? __phys_addr_symbol+0x2c/0x70 [ 3378.175405][T27874] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3378.181142][T27874] ? __check_object_size+0x16e/0x3f0 [ 3378.186440][T27874] netlink_sendmsg+0x86d/0xdb0 [ 3378.191237][T27874] ? netlink_unicast+0x7d0/0x7d0 [ 3378.196203][T27874] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 02:40:47 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001c8700040001"], 0x24}}, 0x0) [ 3378.202472][T27874] ? netlink_unicast+0x7d0/0x7d0 [ 3378.207427][T27874] sock_sendmsg+0xcf/0x120 [ 3378.211866][T27874] ____sys_sendmsg+0x6e8/0x810 [ 3378.216651][T27874] ? kernel_sendmsg+0x50/0x50 [ 3378.221342][T27874] ? do_recvmmsg+0x6d0/0x6d0 [ 3378.225958][T27874] ? lock_chain_count+0x20/0x20 [ 3378.230825][T27874] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3378.236843][T27874] ___sys_sendmsg+0xf3/0x170 [ 3378.241460][T27874] ? sendmsg_copy_msghdr+0x160/0x160 [ 3378.246772][T27874] ? __fget_files+0x21b/0x3e0 02:40:47 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001d8700040001"], 0x24}}, 0x0) [ 3378.251468][T27874] ? lock_downgrade+0x6e0/0x6e0 [ 3378.256358][T27874] ? __fget_files+0x23d/0x3e0 [ 3378.261164][T27874] ? __fget_light+0xea/0x280 [ 3378.265779][T27874] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3378.272063][T27874] __sys_sendmsg+0xe5/0x1b0 [ 3378.276590][T27874] ? __sys_sendmsg_sock+0x30/0x30 [ 3378.281647][T27874] ? syscall_enter_from_user_mode+0x21/0x70 [ 3378.287567][T27874] do_syscall_64+0x35/0xb0 [ 3378.292003][T27874] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3378.297922][T27874] RIP: 0033:0x7f812fd3ba39 02:40:47 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001e8700040001"], 0x24}}, 0x0) [ 3378.302439][T27874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3378.322069][T27874] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3378.330501][T27874] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3378.338486][T27874] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3378.346469][T27874] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3378.354456][T27874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3378.362438][T27874] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:47 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100001f8700040001"], 0x24}}, 0x0) 02:40:47 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 90) 02:40:47 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000007fffffff00000000000000"}}]}]}, 0x64}}, 0x0) 02:40:47 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000700"/36}}]}]}, 0x64}}, 0x0) 02:40:47 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000000080600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:47 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0xf, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3378.577635][T27906] FAULT_INJECTION: forcing a failure. [ 3378.577635][T27906] name failslab, interval 1, probability 0, space 0, times 0 [ 3378.610126][T27906] CPU: 1 PID: 27906 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 02:40:47 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000208700040001"], 0x24}}, 0x0) [ 3378.618929][T27906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3378.629000][T27906] Call Trace: [ 3378.632291][T27906] dump_stack_lvl+0xcd/0x134 [ 3378.636909][T27906] should_fail.cold+0x5/0xa [ 3378.641448][T27906] ? crypto_create_tfm_node+0x7f/0x320 [ 3378.646928][T27906] should_failslab+0x5/0x10 [ 3378.651452][T27906] __kmalloc_node+0x75/0x370 [ 3378.656083][T27906] crypto_create_tfm_node+0x7f/0x320 [ 3378.661426][T27906] crypto_alloc_tfm_node+0x107/0x260 [ 3378.666749][T27906] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3378.672510][T27906] tipc_crypto_key_init+0x82/0x110 [ 3378.677645][T27906] ? tipc_ehdr_validate+0x240/0x240 [ 3378.682866][T27906] ? crypto_mod_put+0x8c/0x100 [ 3378.687659][T27906] tipc_nl_node_set_key+0xa5d/0xf70 [ 3378.692890][T27906] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3378.699167][T27906] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3378.705432][T27906] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3378.712831][T27906] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3378.720147][T27906] genl_family_rcv_msg_doit+0x228/0x320 02:40:47 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000218700040001"], 0x24}}, 0x0) [ 3378.725723][T27906] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3378.733112][T27906] ? mutex_lock_io_nested+0x1150/0x1150 [ 3378.738693][T27906] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3378.744957][T27906] ? __radix_tree_lookup+0x211/0x2a0 [ 3378.750262][T27906] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3378.756520][T27906] ? genl_get_cmd+0x3cf/0x480 [ 3378.761228][T27906] genl_rcv_msg+0x328/0x580 [ 3378.765756][T27906] ? genl_get_cmd+0x480/0x480 [ 3378.770452][T27906] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 02:40:47 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000228700040001"], 0x24}}, 0x0) [ 3378.776724][T27906] ? lock_release+0x720/0x720 [ 3378.781435][T27906] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3378.786749][T27906] netlink_rcv_skb+0x153/0x420 [ 3378.791533][T27906] ? genl_get_cmd+0x480/0x480 [ 3378.796243][T27906] ? netlink_ack+0xa60/0xa60 [ 3378.800864][T27906] ? netlink_deliver_tap+0x1b1/0xc30 [ 3378.806175][T27906] genl_rcv+0x24/0x40 [ 3378.810176][T27906] netlink_unicast+0x533/0x7d0 [ 3378.814973][T27906] ? netlink_attachskb+0x890/0x890 [ 3378.820105][T27906] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 02:40:47 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000238700040001"], 0x24}}, 0x0) [ 3378.826367][T27906] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3378.832631][T27906] ? __phys_addr_symbol+0x2c/0x70 [ 3378.837678][T27906] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3378.843409][T27906] ? __check_object_size+0x16e/0x3f0 [ 3378.848720][T27906] netlink_sendmsg+0x86d/0xdb0 [ 3378.853511][T27906] ? netlink_unicast+0x7d0/0x7d0 [ 3378.858906][T27906] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3378.865174][T27906] ? netlink_unicast+0x7d0/0x7d0 [ 3378.870139][T27906] sock_sendmsg+0xcf/0x120 [ 3378.874577][T27906] ____sys_sendmsg+0x6e8/0x810 [ 3378.879363][T27906] ? kernel_sendmsg+0x50/0x50 [ 3378.884060][T27906] ? do_recvmmsg+0x6d0/0x6d0 [ 3378.888673][T27906] ? lock_chain_count+0x20/0x20 [ 3378.893542][T27906] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3378.899554][T27906] ___sys_sendmsg+0xf3/0x170 [ 3378.904166][T27906] ? sendmsg_copy_msghdr+0x160/0x160 [ 3378.909483][T27906] ? __fget_files+0x21b/0x3e0 [ 3378.914176][T27906] ? lock_downgrade+0x6e0/0x6e0 [ 3378.919065][T27906] ? __fget_files+0x23d/0x3e0 [ 3378.923767][T27906] ? __fget_light+0xea/0x280 02:40:47 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000248700040001"], 0x24}}, 0x0) [ 3378.928375][T27906] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3378.934650][T27906] __sys_sendmsg+0xe5/0x1b0 [ 3378.939175][T27906] ? __sys_sendmsg_sock+0x30/0x30 [ 3378.944254][T27906] ? syscall_enter_from_user_mode+0x21/0x70 [ 3378.950176][T27906] do_syscall_64+0x35/0xb0 [ 3378.954613][T27906] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3378.960526][T27906] RIP: 0033:0x7f812fd3ba39 02:40:48 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000258700040001"], 0x24}}, 0x0) [ 3378.964955][T27906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3378.984577][T27906] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3378.993005][T27906] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3379.000993][T27906] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3379.008987][T27906] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3379.017067][T27906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 02:40:48 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000268700040001"], 0x24}}, 0x0) [ 3379.025048][T27906] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:48 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 91) 02:40:48 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000000ffffffff00000000000000"}}]}]}, 0x64}}, 0x0) 02:40:48 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000278700040001"], 0x24}}, 0x0) 02:40:48 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000000000000e0600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:48 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x60, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:48 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000900"/36}}]}]}, 0x64}}, 0x0) 02:40:48 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000288700040001"], 0x24}}, 0x0) [ 3379.414527][T27950] FAULT_INJECTION: forcing a failure. [ 3379.414527][T27950] name failslab, interval 1, probability 0, space 0, times 0 02:40:48 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000000000000f0600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:48 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0xf0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3379.477798][T27950] CPU: 1 PID: 27950 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3379.486601][T27950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3379.496665][T27950] Call Trace: [ 3379.499955][T27950] dump_stack_lvl+0xcd/0x134 [ 3379.504570][T27950] should_fail.cold+0x5/0xa [ 3379.509106][T27950] ? crypto_create_tfm_node+0x7f/0x320 [ 3379.514586][T27950] should_failslab+0x5/0x10 [ 3379.519114][T27950] __kmalloc_node+0x75/0x370 [ 3379.523743][T27950] crypto_create_tfm_node+0x7f/0x320 [ 3379.529057][T27950] crypto_spawn_tfm2+0x60/0xb0 [ 3379.533842][T27950] crypto_gcm_init_tfm+0x3d/0x260 [ 3379.538968][T27950] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3379.544623][T27950] crypto_aead_init_tfm+0x138/0x1a0 [ 3379.549848][T27950] crypto_create_tfm_node+0x10d/0x320 [ 3379.555244][T27950] crypto_alloc_tfm_node+0x107/0x260 [ 3379.560559][T27950] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3379.566321][T27950] tipc_crypto_key_init+0x82/0x110 [ 3379.571457][T27950] ? tipc_ehdr_validate+0x240/0x240 [ 3379.576676][T27950] ? crypto_mod_put+0x8c/0x100 [ 3379.581464][T27950] tipc_nl_node_set_key+0xa5d/0xf70 [ 3379.586692][T27950] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3379.592963][T27950] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3379.599227][T27950] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3379.606619][T27950] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3379.613931][T27950] genl_family_rcv_msg_doit+0x228/0x320 [ 3379.619499][T27950] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3379.626888][T27950] ? mutex_lock_io_nested+0x1150/0x1150 [ 3379.632468][T27950] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3379.638732][T27950] ? __radix_tree_lookup+0x211/0x2a0 [ 3379.644117][T27950] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3379.650382][T27950] ? genl_get_cmd+0x3cf/0x480 [ 3379.655070][T27950] genl_rcv_msg+0x328/0x580 [ 3379.659567][T27950] ? genl_get_cmd+0x480/0x480 [ 3379.664242][T27950] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3379.670495][T27950] ? lock_release+0x720/0x720 [ 3379.675162][T27950] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3379.680441][T27950] netlink_rcv_skb+0x153/0x420 [ 3379.685192][T27950] ? genl_get_cmd+0x480/0x480 [ 3379.689865][T27950] ? netlink_ack+0xa60/0xa60 [ 3379.694672][T27950] ? netlink_deliver_tap+0x1b1/0xc30 [ 3379.699958][T27950] genl_rcv+0x24/0x40 [ 3379.703950][T27950] netlink_unicast+0x533/0x7d0 [ 3379.708703][T27950] ? netlink_attachskb+0x890/0x890 [ 3379.713803][T27950] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3379.720068][T27950] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3379.726300][T27950] ? __phys_addr_symbol+0x2c/0x70 [ 3379.731314][T27950] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3379.737022][T27950] ? __check_object_size+0x16e/0x3f0 [ 3379.742310][T27950] netlink_sendmsg+0x86d/0xdb0 [ 3379.747080][T27950] ? netlink_unicast+0x7d0/0x7d0 [ 3379.752018][T27950] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3379.758252][T27950] ? netlink_unicast+0x7d0/0x7d0 [ 3379.763185][T27950] sock_sendmsg+0xcf/0x120 [ 3379.767612][T27950] ____sys_sendmsg+0x6e8/0x810 [ 3379.772394][T27950] ? kernel_sendmsg+0x50/0x50 [ 3379.777061][T27950] ? do_recvmmsg+0x6d0/0x6d0 [ 3379.781642][T27950] ? lock_chain_count+0x20/0x20 [ 3379.786480][T27950] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3379.792452][T27950] ___sys_sendmsg+0xf3/0x170 [ 3379.797037][T27950] ? sendmsg_copy_msghdr+0x160/0x160 [ 3379.802316][T27950] ? __fget_files+0x21b/0x3e0 [ 3379.806987][T27950] ? lock_downgrade+0x6e0/0x6e0 [ 3379.811867][T27950] ? __fget_files+0x23d/0x3e0 [ 3379.816549][T27950] ? __fget_light+0xea/0x280 [ 3379.821131][T27950] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3379.827369][T27950] __sys_sendmsg+0xe5/0x1b0 [ 3379.831892][T27950] ? __sys_sendmsg_sock+0x30/0x30 [ 3379.836921][T27950] ? syscall_enter_from_user_mode+0x21/0x70 [ 3379.842816][T27950] do_syscall_64+0x35/0xb0 [ 3379.847230][T27950] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3379.853124][T27950] RIP: 0033:0x7f812fd3ba39 [ 3379.857576][T27950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:40:48 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000e00"/36}}]}]}, 0x64}}, 0x0) 02:40:48 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000f0ffffffffffff00000000000000"}}]}]}, 0x64}}, 0x0) [ 3379.877173][T27950] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3379.885574][T27950] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3379.893535][T27950] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3379.901510][T27950] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3379.909466][T27950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3379.917432][T27950] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:49 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x300, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:49 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 92) 02:40:49 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000f00"/36}}]}]}, 0x64}}, 0x0) 02:40:49 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000298700040001"], 0x24}}, 0x0) 02:40:49 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000200"/36}}]}]}, 0x64}}, 0x0) 02:40:49 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000000000003f0600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:49 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x700, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3380.229654][T27974] FAULT_INJECTION: forcing a failure. [ 3380.229654][T27974] name failslab, interval 1, probability 0, space 0, times 0 [ 3380.262818][T27974] CPU: 0 PID: 27974 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3380.271638][T27974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3380.281703][T27974] Call Trace: [ 3380.284999][T27974] dump_stack_lvl+0xcd/0x134 [ 3380.289623][T27974] should_fail.cold+0x5/0xa [ 3380.294165][T27974] ? crypto_create_tfm_node+0x7f/0x320 [ 3380.299644][T27974] should_failslab+0x5/0x10 [ 3380.304168][T27974] __kmalloc_node+0x75/0x370 [ 3380.308793][T27974] crypto_create_tfm_node+0x7f/0x320 [ 3380.314108][T27974] crypto_alloc_tfm_node+0x107/0x260 [ 3380.319423][T27974] cryptd_alloc_ahash+0x101/0x200 [ 3380.324476][T27974] ? cryptd_ahash_queued+0x70/0x70 [ 3380.329638][T27974] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3380.335211][T27974] ? trace_kmalloc_node+0x32/0x100 [ 3380.340343][T27974] ? ghash_async_exit_tfm+0x40/0x40 [ 3380.345567][T27974] ghash_async_init_tfm+0x21/0x100 [ 3380.350704][T27974] ? ghash_async_exit_tfm+0x40/0x40 [ 3380.355926][T27974] crypto_create_tfm_node+0x19b/0x320 [ 3380.361338][T27974] crypto_spawn_tfm2+0x60/0xb0 [ 3380.366126][T27974] crypto_gcm_init_tfm+0x3d/0x260 [ 3380.371179][T27974] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3380.376821][T27974] crypto_aead_init_tfm+0x138/0x1a0 [ 3380.382025][T27974] crypto_create_tfm_node+0x10d/0x320 [ 3380.387400][T27974] crypto_alloc_tfm_node+0x107/0x260 [ 3380.392690][T27974] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3380.398426][T27974] tipc_crypto_key_init+0x82/0x110 [ 3380.403630][T27974] ? tipc_ehdr_validate+0x240/0x240 [ 3380.408852][T27974] ? crypto_mod_put+0x8c/0x100 [ 3380.413625][T27974] tipc_nl_node_set_key+0xa5d/0xf70 [ 3380.418836][T27974] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3380.425174][T27974] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3380.431416][T27974] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3380.438790][T27974] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3380.446082][T27974] genl_family_rcv_msg_doit+0x228/0x320 [ 3380.451635][T27974] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3380.460480][T27974] ? mutex_lock_io_nested+0x1150/0x1150 [ 3380.466039][T27974] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3380.472278][T27974] ? __radix_tree_lookup+0x211/0x2a0 [ 3380.477561][T27974] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3380.483805][T27974] ? genl_get_cmd+0x3cf/0x480 [ 3380.488485][T27974] genl_rcv_msg+0x328/0x580 [ 3380.492991][T27974] ? genl_get_cmd+0x480/0x480 [ 3380.497667][T27974] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3380.503917][T27974] ? lock_release+0x720/0x720 [ 3380.508592][T27974] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3380.513884][T27974] netlink_rcv_skb+0x153/0x420 [ 3380.518653][T27974] ? genl_get_cmd+0x480/0x480 [ 3380.523336][T27974] ? netlink_ack+0xa60/0xa60 [ 3380.527948][T27974] ? netlink_deliver_tap+0x1b1/0xc30 [ 3380.533258][T27974] genl_rcv+0x24/0x40 [ 3380.537238][T27974] netlink_unicast+0x533/0x7d0 [ 3380.542024][T27974] ? netlink_attachskb+0x890/0x890 [ 3380.547144][T27974] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3380.553388][T27974] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3380.559629][T27974] ? __phys_addr_symbol+0x2c/0x70 [ 3380.564653][T27974] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3380.570373][T27974] ? __check_object_size+0x16e/0x3f0 [ 3380.575674][T27974] netlink_sendmsg+0x86d/0xdb0 [ 3380.580452][T27974] ? netlink_unicast+0x7d0/0x7d0 [ 3380.585399][T27974] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3380.591642][T27974] ? netlink_unicast+0x7d0/0x7d0 [ 3380.596584][T27974] sock_sendmsg+0xcf/0x120 [ 3380.601008][T27974] ____sys_sendmsg+0x6e8/0x810 [ 3380.605775][T27974] ? kernel_sendmsg+0x50/0x50 [ 3380.610449][T27974] ? do_recvmmsg+0x6d0/0x6d0 [ 3380.615056][T27974] ? lock_chain_count+0x20/0x20 [ 3380.619905][T27974] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3380.625892][T27974] ___sys_sendmsg+0xf3/0x170 [ 3380.630485][T27974] ? sendmsg_copy_msghdr+0x160/0x160 [ 3380.635778][T27974] ? __fget_files+0x21b/0x3e0 [ 3380.640467][T27974] ? lock_downgrade+0x6e0/0x6e0 [ 3380.645329][T27974] ? __fget_files+0x23d/0x3e0 [ 3380.650010][T27974] ? __fget_light+0xea/0x280 [ 3380.654598][T27974] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3380.660842][T27974] __sys_sendmsg+0xe5/0x1b0 [ 3380.665349][T27974] ? __sys_sendmsg_sock+0x30/0x30 [ 3380.670400][T27974] ? syscall_enter_from_user_mode+0x21/0x70 [ 3380.676297][T27974] do_syscall_64+0x35/0xb0 [ 3380.680709][T27974] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3380.686602][T27974] RIP: 0033:0x7f812fd3ba39 [ 3380.691028][T27974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3380.710630][T27974] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3380.719046][T27974] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3380.727018][T27974] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3380.734987][T27974] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3380.742963][T27974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3380.750925][T27974] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:49 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000008800040001"], 0x24}}, 0x0) 02:40:49 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000003f00"/36}}]}]}, 0x64}}, 0x0) 02:40:50 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0xe00, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:50 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000300"/36}}]}]}, 0x64}}, 0x0) 02:40:50 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000047450600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:50 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 93) 02:40:50 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000018800040001"], 0x24}}, 0x0) 02:40:50 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000c14100"/36}}]}]}, 0x64}}, 0x0) [ 3381.107350][T28003] FAULT_INJECTION: forcing a failure. [ 3381.107350][T28003] name failslab, interval 1, probability 0, space 0, times 0 [ 3381.125740][T28003] CPU: 1 PID: 28003 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3381.134540][T28003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3381.144645][T28003] Call Trace: [ 3381.147933][T28003] dump_stack_lvl+0xcd/0x134 [ 3381.152645][T28003] should_fail.cold+0x5/0xa [ 3381.157180][T28003] ? crypto_create_tfm_node+0x7f/0x320 [ 3381.162655][T28003] should_failslab+0x5/0x10 [ 3381.167175][T28003] __kmalloc_node+0x75/0x370 [ 3381.171795][T28003] crypto_create_tfm_node+0x7f/0x320 [ 3381.177092][T28003] crypto_spawn_tfm2+0x60/0xb0 [ 3381.181854][T28003] ? cryptd_skcipher_init_tfm+0xe0/0xe0 [ 3381.187402][T28003] cryptd_hash_init_tfm+0x3c/0x120 [ 3381.192512][T28003] ? cryptd_skcipher_init_tfm+0xe0/0xe0 [ 3381.198058][T28003] crypto_create_tfm_node+0x19b/0x320 [ 3381.203432][T28003] crypto_alloc_tfm_node+0x107/0x260 [ 3381.208727][T28003] cryptd_alloc_ahash+0x101/0x200 [ 3381.213753][T28003] ? cryptd_ahash_queued+0x70/0x70 [ 3381.218873][T28003] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3381.225125][T28003] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3381.230669][T28003] ? trace_kmalloc_node+0x32/0x100 [ 3381.235783][T28003] ? ghash_async_exit_tfm+0x40/0x40 [ 3381.241007][T28003] ghash_async_init_tfm+0x21/0x100 [ 3381.246123][T28003] ? ghash_async_exit_tfm+0x40/0x40 [ 3381.251337][T28003] crypto_create_tfm_node+0x19b/0x320 [ 3381.256714][T28003] crypto_spawn_tfm2+0x60/0xb0 [ 3381.261478][T28003] crypto_gcm_init_tfm+0x3d/0x260 [ 3381.266499][T28003] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3381.272130][T28003] crypto_aead_init_tfm+0x138/0x1a0 [ 3381.277416][T28003] crypto_create_tfm_node+0x10d/0x320 [ 3381.282792][T28003] crypto_alloc_tfm_node+0x107/0x260 [ 3381.288081][T28003] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3381.293816][T28003] tipc_crypto_key_init+0x82/0x110 [ 3381.298940][T28003] ? tipc_ehdr_validate+0x240/0x240 [ 3381.304138][T28003] ? crypto_mod_put+0x8c/0x100 [ 3381.308909][T28003] tipc_nl_node_set_key+0xa5d/0xf70 [ 3381.314115][T28003] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3381.320362][T28003] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3381.326614][T28003] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3381.333983][T28003] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3381.341450][T28003] genl_family_rcv_msg_doit+0x228/0x320 [ 3381.346998][T28003] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3381.354380][T28003] ? mutex_lock_io_nested+0x1150/0x1150 [ 3381.359933][T28003] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3381.366173][T28003] ? __radix_tree_lookup+0x211/0x2a0 [ 3381.371459][T28003] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3381.377696][T28003] ? genl_get_cmd+0x3cf/0x480 [ 3381.382387][T28003] genl_rcv_msg+0x328/0x580 [ 3381.386892][T28003] ? genl_get_cmd+0x480/0x480 [ 3381.391583][T28003] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3381.397829][T28003] ? lock_release+0x720/0x720 [ 3381.402503][T28003] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3381.407796][T28003] netlink_rcv_skb+0x153/0x420 [ 3381.412559][T28003] ? genl_get_cmd+0x480/0x480 [ 3381.417237][T28003] ? netlink_ack+0xa60/0xa60 [ 3381.421830][T28003] ? netlink_deliver_tap+0x1b1/0xc30 [ 3381.427121][T28003] genl_rcv+0x24/0x40 [ 3381.431101][T28003] netlink_unicast+0x533/0x7d0 [ 3381.435873][T28003] ? netlink_attachskb+0x890/0x890 [ 3381.440994][T28003] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3381.447237][T28003] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3381.453475][T28003] ? __phys_addr_symbol+0x2c/0x70 [ 3381.458504][T28003] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3381.464223][T28003] ? __check_object_size+0x16e/0x3f0 [ 3381.469514][T28003] netlink_sendmsg+0x86d/0xdb0 [ 3381.474297][T28003] ? netlink_unicast+0x7d0/0x7d0 [ 3381.479239][T28003] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3381.485484][T28003] ? netlink_unicast+0x7d0/0x7d0 [ 3381.490419][T28003] sock_sendmsg+0xcf/0x120 [ 3381.494842][T28003] ____sys_sendmsg+0x6e8/0x810 [ 3381.499695][T28003] ? kernel_sendmsg+0x50/0x50 [ 3381.504369][T28003] ? do_recvmmsg+0x6d0/0x6d0 [ 3381.508966][T28003] ? lock_chain_count+0x20/0x20 [ 3381.513814][T28003] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3381.519802][T28003] ___sys_sendmsg+0xf3/0x170 [ 3381.524394][T28003] ? sendmsg_copy_msghdr+0x160/0x160 [ 3381.529701][T28003] ? __fget_files+0x21b/0x3e0 [ 3381.534376][T28003] ? lock_downgrade+0x6e0/0x6e0 [ 3381.539237][T28003] ? __fget_files+0x23d/0x3e0 [ 3381.543916][T28003] ? __fget_light+0xea/0x280 [ 3381.548505][T28003] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3381.554747][T28003] __sys_sendmsg+0xe5/0x1b0 [ 3381.559251][T28003] ? __sys_sendmsg_sock+0x30/0x30 [ 3381.564288][T28003] ? syscall_enter_from_user_mode+0x21/0x70 [ 3381.570197][T28003] do_syscall_64+0x35/0xb0 [ 3381.574610][T28003] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3381.580504][T28003] RIP: 0033:0x7f812fd3ba39 [ 3381.584913][T28003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3381.604516][T28003] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3381.612926][T28003] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3381.620894][T28003] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3381.628860][T28003] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3381.636833][T28003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3381.644795][T28003] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:50 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000028800040001"], 0x24}}, 0x0) 02:40:50 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000006000"/36}}]}]}, 0x64}}, 0x0) 02:40:50 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0xf00, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:50 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 94) 02:40:50 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000000000600600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:50 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000400"/36}}]}]}, 0x64}}, 0x0) 02:40:51 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000038800040001"], 0x24}}, 0x0) 02:40:51 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x6000, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3382.006068][T28025] FAULT_INJECTION: forcing a failure. [ 3382.006068][T28025] name failslab, interval 1, probability 0, space 0, times 0 [ 3382.040188][T28025] CPU: 0 PID: 28025 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3382.048997][T28025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3382.059073][T28025] Call Trace: [ 3382.062364][T28025] dump_stack_lvl+0xcd/0x134 [ 3382.066978][T28025] should_fail.cold+0x5/0xa [ 3382.071512][T28025] ? crypto_create_tfm_node+0x7f/0x320 [ 3382.076992][T28025] should_failslab+0x5/0x10 [ 3382.081514][T28025] __kmalloc_node+0x75/0x370 [ 3382.086134][T28025] crypto_create_tfm_node+0x7f/0x320 [ 3382.091446][T28025] crypto_spawn_tfm2+0x60/0xb0 [ 3382.096231][T28025] crypto_gcm_init_tfm+0x6d/0x260 [ 3382.101279][T28025] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3382.106937][T28025] crypto_aead_init_tfm+0x138/0x1a0 [ 3382.112160][T28025] crypto_create_tfm_node+0x10d/0x320 [ 3382.117569][T28025] crypto_alloc_tfm_node+0x107/0x260 [ 3382.122882][T28025] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3382.128651][T28025] tipc_crypto_key_init+0x82/0x110 [ 3382.133789][T28025] ? tipc_ehdr_validate+0x240/0x240 [ 3382.139007][T28025] ? crypto_mod_put+0x8c/0x100 [ 3382.143802][T28025] tipc_nl_node_set_key+0xa5d/0xf70 [ 3382.149032][T28025] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3382.155308][T28025] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3382.161575][T28025] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3382.168970][T28025] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3382.176284][T28025] genl_family_rcv_msg_doit+0x228/0x320 [ 3382.181851][T28025] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3382.189248][T28025] ? mutex_lock_io_nested+0x1150/0x1150 [ 3382.194830][T28025] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3382.201093][T28025] ? __radix_tree_lookup+0x211/0x2a0 [ 3382.206395][T28025] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3382.212640][T28025] ? genl_get_cmd+0x3cf/0x480 [ 3382.217321][T28025] genl_rcv_msg+0x328/0x580 [ 3382.221825][T28025] ? genl_get_cmd+0x480/0x480 [ 3382.226510][T28025] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3382.232759][T28025] ? lock_release+0x720/0x720 [ 3382.237437][T28025] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3382.242726][T28025] netlink_rcv_skb+0x153/0x420 [ 3382.247486][T28025] ? genl_get_cmd+0x480/0x480 [ 3382.252166][T28025] ? netlink_ack+0xa60/0xa60 [ 3382.256761][T28025] ? netlink_deliver_tap+0x1b1/0xc30 [ 3382.262048][T28025] genl_rcv+0x24/0x40 [ 3382.266024][T28025] netlink_unicast+0x533/0x7d0 [ 3382.270792][T28025] ? netlink_attachskb+0x890/0x890 [ 3382.275902][T28025] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3382.282144][T28025] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3382.288384][T28025] ? __phys_addr_symbol+0x2c/0x70 [ 3382.293406][T28025] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3382.299122][T28025] ? __check_object_size+0x16e/0x3f0 [ 3382.304411][T28025] netlink_sendmsg+0x86d/0xdb0 [ 3382.309176][T28025] ? netlink_unicast+0x7d0/0x7d0 [ 3382.314143][T28025] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3382.320383][T28025] ? netlink_unicast+0x7d0/0x7d0 [ 3382.325330][T28025] sock_sendmsg+0xcf/0x120 [ 3382.329751][T28025] ____sys_sendmsg+0x6e8/0x810 [ 3382.334517][T28025] ? kernel_sendmsg+0x50/0x50 [ 3382.339188][T28025] ? do_recvmmsg+0x6d0/0x6d0 [ 3382.343780][T28025] ? lock_chain_count+0x20/0x20 [ 3382.348634][T28025] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3382.354619][T28025] ___sys_sendmsg+0xf3/0x170 [ 3382.359212][T28025] ? sendmsg_copy_msghdr+0x160/0x160 [ 3382.364501][T28025] ? __fget_files+0x21b/0x3e0 [ 3382.369177][T28025] ? lock_downgrade+0x6e0/0x6e0 [ 3382.374039][T28025] ? __fget_files+0x23d/0x3e0 [ 3382.378719][T28025] ? __fget_light+0xea/0x280 [ 3382.383304][T28025] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3382.389548][T28025] __sys_sendmsg+0xe5/0x1b0 [ 3382.394051][T28025] ? __sys_sendmsg_sock+0x30/0x30 [ 3382.399092][T28025] ? syscall_enter_from_user_mode+0x21/0x70 [ 3382.404991][T28025] do_syscall_64+0x35/0xb0 [ 3382.409404][T28025] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3382.415298][T28025] RIP: 0033:0x7f812fd3ba39 [ 3382.419709][T28025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3382.439397][T28025] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3382.447803][T28025] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 02:40:51 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000041c100"/36}}]}]}, 0x64}}, 0x0) [ 3382.455859][T28025] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3382.463826][T28025] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3382.471791][T28025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3382.479752][T28025] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:51 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000048800040001"], 0x24}}, 0x0) 02:40:51 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000000000f000"/36}}]}]}, 0x64}}, 0x0) 02:40:51 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000ffffff9e0600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:51 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000500"/36}}]}]}, 0x64}}, 0x0) 02:40:51 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0xf000, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:51 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 95) 02:40:51 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000003000000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:51 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000058800040001"], 0x24}}, 0x0) 02:40:51 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000000000000ec00600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:51 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0xf0ffff, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3382.902384][T28055] FAULT_INJECTION: forcing a failure. [ 3382.902384][T28055] name failslab, interval 1, probability 0, space 0, times 0 [ 3382.971926][T28055] CPU: 1 PID: 28055 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3382.980735][T28055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3382.990807][T28055] Call Trace: [ 3382.994113][T28055] dump_stack_lvl+0xcd/0x134 [ 3382.998729][T28055] should_fail.cold+0x5/0xa [ 3383.003261][T28055] ? crypto_create_tfm_node+0x7f/0x320 [ 3383.008736][T28055] should_failslab+0x5/0x10 [ 3383.013259][T28055] __kmalloc_node+0x75/0x370 [ 3383.017891][T28055] crypto_create_tfm_node+0x7f/0x320 [ 3383.023214][T28055] crypto_alloc_tfm_node+0x107/0x260 [ 3383.028530][T28055] cryptd_alloc_skcipher+0x101/0x200 [ 3383.033928][T28055] ? cryptd_hash_exit_tfm+0x40/0x40 [ 3383.039155][T28055] ? __kmalloc_node+0x62/0x370 [ 3383.043956][T28055] ? simd_skcipher_exit+0x40/0x40 [ 3383.049005][T28055] simd_skcipher_init+0x67/0x180 [ 3383.053964][T28055] ? simd_skcipher_exit+0x40/0x40 [ 3383.059008][T28055] crypto_skcipher_init_tfm+0x127/0x180 [ 3383.064570][T28055] crypto_create_tfm_node+0x10d/0x320 [ 3383.069968][T28055] crypto_spawn_tfm2+0x60/0xb0 [ 3383.074753][T28055] crypto_gcm_init_tfm+0x6d/0x260 [ 3383.079793][T28055] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3383.085451][T28055] crypto_aead_init_tfm+0x138/0x1a0 [ 3383.090672][T28055] crypto_create_tfm_node+0x10d/0x320 [ 3383.096068][T28055] crypto_alloc_tfm_node+0x107/0x260 [ 3383.101381][T28055] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3383.107125][T28055] tipc_crypto_key_init+0x82/0x110 [ 3383.112240][T28055] ? tipc_ehdr_validate+0x240/0x240 [ 3383.117452][T28055] ? crypto_mod_put+0x8c/0x100 [ 3383.122241][T28055] tipc_nl_node_set_key+0xa5d/0xf70 [ 3383.127467][T28055] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3383.133741][T28055] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3383.140001][T28055] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3383.147390][T28055] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3383.154705][T28055] genl_family_rcv_msg_doit+0x228/0x320 [ 3383.160278][T28055] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3383.167676][T28055] ? mutex_lock_io_nested+0x1150/0x1150 [ 3383.173257][T28055] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3383.179504][T28055] ? __radix_tree_lookup+0x211/0x2a0 [ 3383.184803][T28055] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3383.191033][T28055] ? genl_get_cmd+0x3cf/0x480 [ 3383.195707][T28055] genl_rcv_msg+0x328/0x580 [ 3383.200233][T28055] ? genl_get_cmd+0x480/0x480 [ 3383.204921][T28055] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3383.211261][T28055] ? lock_release+0x720/0x720 [ 3383.215930][T28055] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3383.221208][T28055] netlink_rcv_skb+0x153/0x420 [ 3383.225958][T28055] ? genl_get_cmd+0x480/0x480 [ 3383.230623][T28055] ? netlink_ack+0xa60/0xa60 [ 3383.235224][T28055] ? netlink_deliver_tap+0x1b1/0xc30 [ 3383.240511][T28055] genl_rcv+0x24/0x40 [ 3383.244505][T28055] netlink_unicast+0x533/0x7d0 [ 3383.249284][T28055] ? netlink_attachskb+0x890/0x890 [ 3383.254384][T28055] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3383.260655][T28055] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3383.266889][T28055] ? __phys_addr_symbol+0x2c/0x70 [ 3383.271927][T28055] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3383.277631][T28055] ? __check_object_size+0x16e/0x3f0 [ 3383.282921][T28055] netlink_sendmsg+0x86d/0xdb0 [ 3383.287701][T28055] ? netlink_unicast+0x7d0/0x7d0 [ 3383.292629][T28055] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3383.298868][T28055] ? netlink_unicast+0x7d0/0x7d0 [ 3383.303808][T28055] sock_sendmsg+0xcf/0x120 [ 3383.308216][T28055] ____sys_sendmsg+0x6e8/0x810 [ 3383.312970][T28055] ? kernel_sendmsg+0x50/0x50 [ 3383.317634][T28055] ? do_recvmmsg+0x6d0/0x6d0 [ 3383.322237][T28055] ? lock_chain_count+0x20/0x20 [ 3383.327143][T28055] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3383.333118][T28055] ___sys_sendmsg+0xf3/0x170 [ 3383.337703][T28055] ? sendmsg_copy_msghdr+0x160/0x160 [ 3383.342981][T28055] ? __fget_files+0x21b/0x3e0 [ 3383.347688][T28055] ? lock_downgrade+0x6e0/0x6e0 [ 3383.352550][T28055] ? __fget_files+0x23d/0x3e0 [ 3383.357248][T28055] ? __fget_light+0xea/0x280 [ 3383.361845][T28055] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3383.368095][T28055] __sys_sendmsg+0xe5/0x1b0 [ 3383.372606][T28055] ? __sys_sendmsg_sock+0x30/0x30 [ 3383.377627][T28055] ? syscall_enter_from_user_mode+0x21/0x70 [ 3383.383514][T28055] do_syscall_64+0x35/0xb0 [ 3383.387916][T28055] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3383.393799][T28055] RIP: 0033:0x7f812fd3ba39 [ 3383.398234][T28055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:40:52 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000068800040001"], 0x24}}, 0x0) 02:40:52 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000600"/36}}]}]}, 0x64}}, 0x0) [ 3383.417834][T28055] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3383.426255][T28055] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3383.434211][T28055] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3383.442170][T28055] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3383.450145][T28055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3383.458103][T28055] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:52 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000078800040001"], 0x24}}, 0x0) 02:40:52 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x1000000, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:52 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000004003000000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:52 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 96) 02:40:52 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000fffffff00600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:52 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000700"/36}}]}]}, 0x64}}, 0x0) 02:40:52 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000088800040001"], 0x24}}, 0x0) 02:40:52 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000340000000000000000000"}}]}]}, 0x64}}, 0x0) [ 3383.825047][T28088] FAULT_INJECTION: forcing a failure. [ 3383.825047][T28088] name failslab, interval 1, probability 0, space 0, times 0 [ 3383.905588][T28088] CPU: 0 PID: 28088 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3383.914386][T28088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3383.924443][T28088] Call Trace: [ 3383.927715][T28088] dump_stack_lvl+0xcd/0x134 [ 3383.932312][T28088] should_fail.cold+0x5/0xa [ 3383.936818][T28088] ? crypto_create_tfm_node+0x7f/0x320 [ 3383.942273][T28088] should_failslab+0x5/0x10 [ 3383.946788][T28088] __kmalloc_node+0x75/0x370 [ 3383.951386][T28088] crypto_create_tfm_node+0x7f/0x320 [ 3383.956691][T28088] crypto_spawn_tfm2+0x60/0xb0 [ 3383.961453][T28088] ? cryptd_skcipher_setkey+0xd0/0xd0 [ 3383.966829][T28088] cryptd_skcipher_init_tfm+0x3a/0xe0 [ 3383.972205][T28088] crypto_skcipher_init_tfm+0x127/0x180 [ 3383.977928][T28088] crypto_create_tfm_node+0x10d/0x320 [ 3383.983332][T28088] crypto_alloc_tfm_node+0x107/0x260 [ 3383.988636][T28088] cryptd_alloc_skcipher+0x101/0x200 [ 3383.993929][T28088] ? cryptd_hash_exit_tfm+0x40/0x40 [ 3383.999136][T28088] ? __kmalloc_node+0x62/0x370 [ 3384.003922][T28088] ? simd_skcipher_exit+0x40/0x40 [ 3384.008952][T28088] simd_skcipher_init+0x67/0x180 [ 3384.013908][T28088] ? simd_skcipher_exit+0x40/0x40 [ 3384.018936][T28088] crypto_skcipher_init_tfm+0x127/0x180 [ 3384.024489][T28088] crypto_create_tfm_node+0x10d/0x320 [ 3384.029863][T28088] crypto_spawn_tfm2+0x60/0xb0 [ 3384.034631][T28088] crypto_gcm_init_tfm+0x6d/0x260 [ 3384.039655][T28088] ? crypto_rfc4106_init_tfm+0x1b0/0x1b0 [ 3384.045285][T28088] crypto_aead_init_tfm+0x138/0x1a0 [ 3384.050490][T28088] crypto_create_tfm_node+0x10d/0x320 [ 3384.055865][T28088] crypto_alloc_tfm_node+0x107/0x260 [ 3384.061162][T28088] tipc_aead_init.constprop.0+0x11c/0x8f0 [ 3384.066902][T28088] tipc_crypto_key_init+0x82/0x110 [ 3384.072019][T28088] ? tipc_ehdr_validate+0x240/0x240 [ 3384.077217][T28088] ? crypto_mod_put+0x8c/0x100 [ 3384.081994][T28088] tipc_nl_node_set_key+0xa5d/0xf70 [ 3384.087199][T28088] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3384.093452][T28088] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3384.099689][T28088] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3384.107058][T28088] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3384.114346][T28088] genl_family_rcv_msg_doit+0x228/0x320 [ 3384.119893][T28088] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3384.127263][T28088] ? mutex_lock_io_nested+0x1150/0x1150 [ 3384.132816][T28088] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3384.139053][T28088] ? __radix_tree_lookup+0x211/0x2a0 [ 3384.144337][T28088] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3384.150578][T28088] ? genl_get_cmd+0x3cf/0x480 [ 3384.155257][T28088] genl_rcv_msg+0x328/0x580 [ 3384.159763][T28088] ? genl_get_cmd+0x480/0x480 [ 3384.164435][T28088] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3384.170682][T28088] ? lock_release+0x720/0x720 [ 3384.175356][T28088] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3384.180642][T28088] netlink_rcv_skb+0x153/0x420 [ 3384.185405][T28088] ? genl_get_cmd+0x480/0x480 [ 3384.190080][T28088] ? netlink_ack+0xa60/0xa60 [ 3384.194672][T28088] ? netlink_deliver_tap+0x1b1/0xc30 [ 3384.199960][T28088] genl_rcv+0x24/0x40 [ 3384.203938][T28088] netlink_unicast+0x533/0x7d0 [ 3384.208705][T28088] ? netlink_attachskb+0x890/0x890 [ 3384.213814][T28088] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3384.220054][T28088] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3384.226291][T28088] ? __phys_addr_symbol+0x2c/0x70 [ 3384.231315][T28088] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3384.237029][T28088] ? __check_object_size+0x16e/0x3f0 [ 3384.242318][T28088] netlink_sendmsg+0x86d/0xdb0 [ 3384.247088][T28088] ? netlink_unicast+0x7d0/0x7d0 [ 3384.252033][T28088] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3384.258273][T28088] ? netlink_unicast+0x7d0/0x7d0 [ 3384.263211][T28088] sock_sendmsg+0xcf/0x120 [ 3384.267632][T28088] ____sys_sendmsg+0x6e8/0x810 [ 3384.272397][T28088] ? kernel_sendmsg+0x50/0x50 [ 3384.277071][T28088] ? do_recvmmsg+0x6d0/0x6d0 [ 3384.281667][T28088] ? lock_chain_count+0x20/0x20 [ 3384.286516][T28088] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3384.292500][T28088] ___sys_sendmsg+0xf3/0x170 [ 3384.297095][T28088] ? sendmsg_copy_msghdr+0x160/0x160 [ 3384.302385][T28088] ? __fget_files+0x21b/0x3e0 [ 3384.307059][T28088] ? lock_downgrade+0x6e0/0x6e0 [ 3384.311920][T28088] ? __fget_files+0x23d/0x3e0 [ 3384.316599][T28088] ? __fget_light+0xea/0x280 [ 3384.321188][T28088] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3384.327437][T28088] __sys_sendmsg+0xe5/0x1b0 [ 3384.331942][T28088] ? __sys_sendmsg_sock+0x30/0x30 [ 3384.336984][T28088] ? syscall_enter_from_user_mode+0x21/0x70 [ 3384.342884][T28088] do_syscall_64+0x35/0xb0 [ 3384.347294][T28088] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3384.353187][T28088] RIP: 0033:0x7f812fd3ba39 [ 3384.357604][T28088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3384.377210][T28088] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3384.385628][T28088] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3384.393600][T28088] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 02:40:53 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x2000000, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3384.401568][T28088] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3384.409540][T28088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3384.417509][T28088] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:53 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000098800040001"], 0x24}}, 0x0) 02:40:53 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000fffff0000000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:53 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000000080ffff0600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:53 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000900"/36}}]}]}, 0x64}}, 0x0) 02:40:53 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 97) 02:40:53 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x3000000, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:53 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000a8800040001"], 0x24}}, 0x0) 02:40:53 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000010000000000000000"}}]}]}, 0x64}}, 0x0) [ 3384.803781][T28116] FAULT_INJECTION: forcing a failure. [ 3384.803781][T28116] name failslab, interval 1, probability 0, space 0, times 0 [ 3384.847003][T28116] CPU: 0 PID: 28116 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3384.855809][T28116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3384.865879][T28116] Call Trace: [ 3384.869166][T28116] dump_stack_lvl+0xcd/0x134 [ 3384.873787][T28116] should_fail.cold+0x5/0xa [ 3384.878321][T28116] ? crypto_gcm_setkey+0x13e/0x590 [ 3384.883449][T28116] should_failslab+0x5/0x10 [ 3384.887966][T28116] __kmalloc+0x72/0x320 [ 3384.892132][T28116] crypto_gcm_setkey+0x13e/0x590 [ 3384.897082][T28116] crypto_aead_setkey+0xbf/0x290 [ 3384.902022][T28116] tipc_aead_init.constprop.0+0x17b/0x8f0 [ 3384.907758][T28116] tipc_crypto_key_init+0x82/0x110 [ 3384.912871][T28116] ? tipc_ehdr_validate+0x240/0x240 [ 3384.918068][T28116] ? crypto_mod_put+0x8c/0x100 [ 3384.922836][T28116] tipc_nl_node_set_key+0xa5d/0xf70 [ 3384.928128][T28116] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3384.934379][T28116] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3384.940621][T28116] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3384.947993][T28116] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3384.955281][T28116] genl_family_rcv_msg_doit+0x228/0x320 [ 3384.960832][T28116] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3384.968203][T28116] ? mutex_lock_io_nested+0x1150/0x1150 [ 3384.973757][T28116] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3384.979996][T28116] ? __radix_tree_lookup+0x211/0x2a0 [ 3384.985294][T28116] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3384.991531][T28116] ? genl_get_cmd+0x3cf/0x480 [ 3384.996217][T28116] genl_rcv_msg+0x328/0x580 [ 3385.000727][T28116] ? genl_get_cmd+0x480/0x480 [ 3385.005412][T28116] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3385.011662][T28116] ? lock_release+0x720/0x720 [ 3385.016346][T28116] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3385.021639][T28116] netlink_rcv_skb+0x153/0x420 [ 3385.026411][T28116] ? genl_get_cmd+0x480/0x480 [ 3385.031091][T28116] ? netlink_ack+0xa60/0xa60 [ 3385.035699][T28116] ? netlink_deliver_tap+0x1b1/0xc30 [ 3385.041010][T28116] genl_rcv+0x24/0x40 [ 3385.044991][T28116] netlink_unicast+0x533/0x7d0 [ 3385.049762][T28116] ? netlink_attachskb+0x890/0x890 [ 3385.054871][T28116] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3385.061111][T28116] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3385.067358][T28116] ? __phys_addr_symbol+0x2c/0x70 [ 3385.072382][T28116] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3385.078099][T28116] ? __check_object_size+0x16e/0x3f0 [ 3385.083391][T28116] netlink_sendmsg+0x86d/0xdb0 [ 3385.088158][T28116] ? netlink_unicast+0x7d0/0x7d0 [ 3385.093100][T28116] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3385.099348][T28116] ? netlink_unicast+0x7d0/0x7d0 [ 3385.104285][T28116] sock_sendmsg+0xcf/0x120 [ 3385.108708][T28116] ____sys_sendmsg+0x6e8/0x810 [ 3385.113473][T28116] ? kernel_sendmsg+0x50/0x50 [ 3385.118145][T28116] ? do_recvmmsg+0x6d0/0x6d0 [ 3385.122739][T28116] ? lock_chain_count+0x20/0x20 [ 3385.127589][T28116] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3385.133576][T28116] ___sys_sendmsg+0xf3/0x170 [ 3385.138168][T28116] ? sendmsg_copy_msghdr+0x160/0x160 [ 3385.143458][T28116] ? __fget_files+0x21b/0x3e0 [ 3385.148133][T28116] ? lock_downgrade+0x6e0/0x6e0 [ 3385.152995][T28116] ? __fget_files+0x23d/0x3e0 [ 3385.157674][T28116] ? __fget_light+0xea/0x280 [ 3385.162267][T28116] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3385.168510][T28116] __sys_sendmsg+0xe5/0x1b0 [ 3385.173014][T28116] ? __sys_sendmsg_sock+0x30/0x30 [ 3385.178051][T28116] ? syscall_enter_from_user_mode+0x21/0x70 [ 3385.183952][T28116] do_syscall_64+0x35/0xb0 [ 3385.188367][T28116] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3385.194260][T28116] RIP: 0033:0x7f812fd3ba39 [ 3385.198675][T28116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3385.218283][T28116] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3385.226696][T28116] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3385.234660][T28116] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3385.242628][T28116] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3385.250592][T28116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3385.258558][T28116] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:54 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="11070000000000f0ffff0600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:54 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000b8800040001"], 0x24}}, 0x0) 02:40:54 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x4000000, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:54 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000f00"/36}}]}]}, 0x64}}, 0x0) 02:40:54 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000020000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:54 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 98) 02:40:54 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000007fffffff0600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:54 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000c8800040001"], 0x24}}, 0x0) [ 3385.590987][T28139] FAULT_INJECTION: forcing a failure. [ 3385.590987][T28139] name failslab, interval 1, probability 0, space 0, times 0 02:40:54 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800004400"/36}}]}]}, 0x64}}, 0x0) [ 3385.635069][T28139] CPU: 0 PID: 28139 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3385.643868][T28139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3385.653936][T28139] Call Trace: [ 3385.657227][T28139] dump_stack_lvl+0xcd/0x134 [ 3385.661841][T28139] should_fail.cold+0x5/0xa [ 3385.666374][T28139] ? crypto_gcm_setkey+0x13e/0x590 [ 3385.671511][T28139] should_failslab+0x5/0x10 [ 3385.676030][T28139] __kmalloc+0x72/0x320 [ 3385.680216][T28139] crypto_gcm_setkey+0x13e/0x590 [ 3385.685181][T28139] crypto_aead_setkey+0xbf/0x290 [ 3385.690150][T28139] tipc_aead_init.constprop.0+0x17b/0x8f0 [ 3385.695912][T28139] tipc_crypto_key_init+0x82/0x110 [ 3385.701049][T28139] ? tipc_ehdr_validate+0x240/0x240 [ 3385.706270][T28139] ? crypto_mod_put+0x8c/0x100 [ 3385.711134][T28139] tipc_nl_node_set_key+0xa5d/0xf70 [ 3385.716349][T28139] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3385.722598][T28139] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3385.728842][T28139] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3385.736210][T28139] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3385.743507][T28139] genl_family_rcv_msg_doit+0x228/0x320 [ 3385.749054][T28139] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3385.756428][T28139] ? mutex_lock_io_nested+0x1150/0x1150 [ 3385.761981][T28139] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3385.768224][T28139] ? __radix_tree_lookup+0x211/0x2a0 [ 3385.773508][T28139] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3385.779750][T28139] ? genl_get_cmd+0x3cf/0x480 [ 3385.784451][T28139] genl_rcv_msg+0x328/0x580 [ 3385.788957][T28139] ? genl_get_cmd+0x480/0x480 [ 3385.793634][T28139] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3385.799892][T28139] ? lock_release+0x720/0x720 [ 3385.804567][T28139] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3385.809856][T28139] netlink_rcv_skb+0x153/0x420 [ 3385.814619][T28139] ? genl_get_cmd+0x480/0x480 [ 3385.819300][T28139] ? netlink_ack+0xa60/0xa60 [ 3385.823894][T28139] ? netlink_deliver_tap+0x1b1/0xc30 [ 3385.829181][T28139] genl_rcv+0x24/0x40 [ 3385.833164][T28139] netlink_unicast+0x533/0x7d0 [ 3385.837932][T28139] ? netlink_attachskb+0x890/0x890 [ 3385.843040][T28139] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3385.849281][T28139] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3385.855517][T28139] ? __phys_addr_symbol+0x2c/0x70 [ 3385.860544][T28139] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3385.866260][T28139] ? __check_object_size+0x16e/0x3f0 [ 3385.871549][T28139] netlink_sendmsg+0x86d/0xdb0 [ 3385.876314][T28139] ? netlink_unicast+0x7d0/0x7d0 [ 3385.881342][T28139] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3385.887584][T28139] ? netlink_unicast+0x7d0/0x7d0 [ 3385.892525][T28139] sock_sendmsg+0xcf/0x120 [ 3385.896941][T28139] ____sys_sendmsg+0x6e8/0x810 [ 3385.901708][T28139] ? kernel_sendmsg+0x50/0x50 [ 3385.906379][T28139] ? do_recvmmsg+0x6d0/0x6d0 [ 3385.910984][T28139] ? lock_chain_count+0x20/0x20 [ 3385.915829][T28139] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3385.921822][T28139] ___sys_sendmsg+0xf3/0x170 [ 3385.926412][T28139] ? sendmsg_copy_msghdr+0x160/0x160 [ 3385.931701][T28139] ? __fget_files+0x21b/0x3e0 [ 3385.936373][T28139] ? lock_downgrade+0x6e0/0x6e0 [ 3385.941234][T28139] ? __fget_files+0x23d/0x3e0 [ 3385.945914][T28139] ? __fget_light+0xea/0x280 [ 3385.950499][T28139] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3385.956743][T28139] __sys_sendmsg+0xe5/0x1b0 [ 3385.961253][T28139] ? __sys_sendmsg_sock+0x30/0x30 [ 3385.966301][T28139] ? syscall_enter_from_user_mode+0x21/0x70 [ 3385.972201][T28139] do_syscall_64+0x35/0xb0 [ 3385.976623][T28139] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3385.982517][T28139] RIP: 0033:0x7f812fd3ba39 [ 3385.986928][T28139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3386.006554][T28139] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3386.014965][T28139] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3386.022933][T28139] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 02:40:55 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x7000000, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) [ 3386.030898][T28139] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3386.038864][T28139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3386.046829][T28139] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:55 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000d8800040001"], 0x24}}, 0x0) 02:40:55 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800006b00"/36}}]}]}, 0x64}}, 0x0) 02:40:55 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="1107000000009effffff0600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) 02:40:55 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000030000000000000000"}}]}]}, 0x64}}, 0x0) 02:40:55 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) (fail_nth: 99) 02:40:55 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x8000000, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800"/36}}]}]}, 0x64}}, 0x0) 02:40:55 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000e8800040001"], 0x24}}, 0x0) 02:40:55 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c80000f000"/36}}]}]}, 0x64}}, 0x0) 02:40:55 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x64, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "87d6e5dada2cab2612fd053a12391811067d43c800000000000000040000000000000000"}}]}]}, 0x64}}, 0x0) [ 3386.467825][T28170] FAULT_INJECTION: forcing a failure. [ 3386.467825][T28170] name failslab, interval 1, probability 0, space 0, times 0 02:40:55 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="110700000000f0ffffff0600000008000300", @ANYRES32=r3], 0x1c}}, 0x0) [ 3386.534373][T28170] CPU: 1 PID: 28170 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3386.543179][T28170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3386.553249][T28170] Call Trace: [ 3386.556547][T28170] dump_stack_lvl+0xcd/0x134 [ 3386.561178][T28170] should_fail.cold+0x5/0xa [ 3386.565716][T28170] should_failslab+0x5/0x10 [ 3386.570245][T28170] __kmalloc_track_caller+0x79/0x310 [ 3386.575542][T28170] ? tipc_aead_init.constprop.0+0x418/0x8f0 [ 3386.581456][T28170] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3386.587002][T28170] kmemdup+0x23/0x50 [ 3386.590958][T28170] tipc_aead_init.constprop.0+0x418/0x8f0 [ 3386.596692][T28170] tipc_crypto_key_init+0x82/0x110 [ 3386.601806][T28170] ? tipc_ehdr_validate+0x240/0x240 [ 3386.607002][T28170] ? crypto_mod_put+0x8c/0x100 [ 3386.611770][T28170] tipc_nl_node_set_key+0xa5d/0xf70 [ 3386.616972][T28170] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3386.623224][T28170] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3386.629469][T28170] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3386.636846][T28170] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3386.644151][T28170] genl_family_rcv_msg_doit+0x228/0x320 [ 3386.649715][T28170] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3386.657087][T28170] ? mutex_lock_io_nested+0x1150/0x1150 [ 3386.662644][T28170] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3386.668883][T28170] ? __radix_tree_lookup+0x211/0x2a0 [ 3386.674167][T28170] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3386.680407][T28170] ? genl_get_cmd+0x3cf/0x480 [ 3386.685087][T28170] genl_rcv_msg+0x328/0x580 [ 3386.689597][T28170] ? genl_get_cmd+0x480/0x480 [ 3386.694273][T28170] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3386.700519][T28170] ? lock_release+0x720/0x720 [ 3386.705195][T28170] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3386.710488][T28170] netlink_rcv_skb+0x153/0x420 [ 3386.715265][T28170] ? genl_get_cmd+0x480/0x480 [ 3386.719943][T28170] ? netlink_ack+0xa60/0xa60 [ 3386.724537][T28170] ? netlink_deliver_tap+0x1b1/0xc30 [ 3386.729826][T28170] genl_rcv+0x24/0x40 [ 3386.733805][T28170] netlink_unicast+0x533/0x7d0 [ 3386.738572][T28170] ? netlink_attachskb+0x890/0x890 [ 3386.743683][T28170] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3386.749926][T28170] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3386.756164][T28170] ? __phys_addr_symbol+0x2c/0x70 [ 3386.761186][T28170] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3386.766903][T28170] ? __check_object_size+0x16e/0x3f0 [ 3386.772196][T28170] netlink_sendmsg+0x86d/0xdb0 [ 3386.776963][T28170] ? netlink_unicast+0x7d0/0x7d0 [ 3386.781905][T28170] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3386.788144][T28170] ? netlink_unicast+0x7d0/0x7d0 [ 3386.793093][T28170] sock_sendmsg+0xcf/0x120 [ 3386.797535][T28170] ____sys_sendmsg+0x6e8/0x810 [ 3386.802323][T28170] ? kernel_sendmsg+0x50/0x50 [ 3386.807000][T28170] ? do_recvmmsg+0x6d0/0x6d0 [ 3386.811601][T28170] ? lock_chain_count+0x20/0x20 [ 3386.816453][T28170] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3386.822444][T28170] ___sys_sendmsg+0xf3/0x170 [ 3386.827038][T28170] ? sendmsg_copy_msghdr+0x160/0x160 [ 3386.832326][T28170] ? __fget_files+0x21b/0x3e0 [ 3386.837008][T28170] ? lock_downgrade+0x6e0/0x6e0 [ 3386.841871][T28170] ? __fget_files+0x23d/0x3e0 [ 3386.846555][T28170] ? __fget_light+0xea/0x280 [ 3386.851143][T28170] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3386.857387][T28170] __sys_sendmsg+0xe5/0x1b0 [ 3386.861890][T28170] ? __sys_sendmsg_sock+0x30/0x30 [ 3386.866933][T28170] ? syscall_enter_from_user_mode+0x21/0x70 [ 3386.872829][T28170] do_syscall_64+0x35/0xb0 [ 3386.877239][T28170] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3386.883130][T28170] RIP: 0033:0x7f812fd3ba39 [ 3386.887546][T28170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3386.907147][T28170] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3386.915556][T28170] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 [ 3386.923523][T28170] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3386.931494][T28170] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3386.939465][T28170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3386.947427][T28170] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 02:40:56 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c00198008000100000f8800040001"], 0x24}}, 0x0) [ 3387.085901][T28170] general protection fault, probably for non-canonical address 0xdffffc0000000004: 0000 [#1] PREEMPT SMP KASAN [ 3387.097654][T28170] KASAN: null-ptr-deref in range [0x0000000000000020-0x0000000000000027] [ 3387.106069][T28170] CPU: 1 PID: 28170 Comm: syz-executor.4 Not tainted 5.15.0-rc5-syzkaller #0 [ 3387.114846][T28170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3387.124903][T28170] RIP: 0010:tipc_crypto_key_distr+0x218/0xa80 [ 3387.130993][T28170] Code: 02 00 0f 85 66 08 00 00 48 8b 45 00 49 8d 4d 20 48 89 ca 48 89 4c 24 10 48 c1 ea 03 48 89 04 24 48 b8 00 00 00 00 00 fc ff df <0f> b6 14 02 48 89 c8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 b0 [ 3387.150608][T28170] RSP: 0018:ffffc900138073f0 EFLAGS: 00010202 [ 3387.156685][T28170] RAX: dffffc0000000000 RBX: ffff88807280b200 RCX: 0000000000000020 [ 3387.164663][T28170] RDX: 0000000000000004 RSI: ffffffff88b13737 RDI: ffff88807280b240 [ 3387.172640][T28170] RBP: ffff8880718d1400 R08: 0000000000000000 R09: 0000000000000000 [ 3387.180617][T28170] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001 [ 3387.188587][T28170] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000048 [ 3387.196560][T28170] FS: 00007f812d2b1700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 3387.205499][T28170] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 3387.212099][T28170] CR2: 000055bdc54ff090 CR3: 0000000048b6a000 CR4: 00000000003506e0 [ 3387.220084][T28170] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 3387.228059][T28170] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 3387.236040][T28170] Call Trace: [ 3387.239325][T28170] ? tipc_aead_init.constprop.0+0x533/0x8f0 [ 3387.245240][T28170] ? tipc_crypto_msg_rcv+0x990/0x990 [ 3387.250551][T28170] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3387.256809][T28170] ? tipc_crypto_key_init+0xc1/0x110 [ 3387.262110][T28170] ? tipc_ehdr_validate+0x240/0x240 [ 3387.267320][T28170] ? crypto_mod_put+0x8c/0x100 [ 3387.272102][T28170] tipc_nl_node_set_key+0xa95/0xf70 [ 3387.277321][T28170] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3387.283587][T28170] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3387.289849][T28170] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 3387.297231][T28170] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 3387.304591][T28170] genl_family_rcv_msg_doit+0x228/0x320 [ 3387.310171][T28170] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 3387.317542][T28170] ? mutex_lock_io_nested+0x1150/0x1150 [ 3387.323134][T28170] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 3387.329361][T28170] ? __radix_tree_lookup+0x211/0x2a0 [ 3387.334634][T28170] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3387.340862][T28170] ? genl_get_cmd+0x3cf/0x480 [ 3387.345545][T28170] genl_rcv_msg+0x328/0x580 [ 3387.350037][T28170] ? genl_get_cmd+0x480/0x480 [ 3387.354697][T28170] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 3387.360927][T28170] ? lock_release+0x720/0x720 [ 3387.365589][T28170] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 3387.370862][T28170] netlink_rcv_skb+0x153/0x420 [ 3387.375611][T28170] ? genl_get_cmd+0x480/0x480 [ 3387.380278][T28170] ? netlink_ack+0xa60/0xa60 [ 3387.384876][T28170] ? netlink_deliver_tap+0x1b1/0xc30 [ 3387.390153][T28170] genl_rcv+0x24/0x40 [ 3387.394142][T28170] netlink_unicast+0x533/0x7d0 [ 3387.398969][T28170] ? netlink_attachskb+0x890/0x890 [ 3387.404084][T28170] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3387.410332][T28170] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3387.416559][T28170] ? __phys_addr_symbol+0x2c/0x70 [ 3387.421572][T28170] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 3387.427288][T28170] ? __check_object_size+0x16e/0x3f0 [ 3387.432567][T28170] netlink_sendmsg+0x86d/0xdb0 [ 3387.437320][T28170] ? netlink_unicast+0x7d0/0x7d0 [ 3387.442261][T28170] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 3387.448533][T28170] ? netlink_unicast+0x7d0/0x7d0 [ 3387.453455][T28170] sock_sendmsg+0xcf/0x120 [ 3387.457858][T28170] ____sys_sendmsg+0x6e8/0x810 [ 3387.462610][T28170] ? kernel_sendmsg+0x50/0x50 [ 3387.467269][T28170] ? do_recvmmsg+0x6d0/0x6d0 [ 3387.471842][T28170] ? lock_chain_count+0x20/0x20 [ 3387.476679][T28170] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 3387.482669][T28170] ___sys_sendmsg+0xf3/0x170 [ 3387.487245][T28170] ? sendmsg_copy_msghdr+0x160/0x160 [ 3387.492514][T28170] ? __fget_files+0x21b/0x3e0 [ 3387.497176][T28170] ? lock_downgrade+0x6e0/0x6e0 [ 3387.502019][T28170] ? __fget_files+0x23d/0x3e0 [ 3387.506703][T28170] ? __fget_light+0xea/0x280 [ 3387.511279][T28170] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 3387.517526][T28170] __sys_sendmsg+0xe5/0x1b0 [ 3387.522027][T28170] ? __sys_sendmsg_sock+0x30/0x30 [ 3387.527045][T28170] ? syscall_enter_from_user_mode+0x21/0x70 [ 3387.532933][T28170] do_syscall_64+0x35/0xb0 [ 3387.537377][T28170] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 3387.543273][T28170] RIP: 0033:0x7f812fd3ba39 [ 3387.547674][T28170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3387.567367][T28170] RSP: 002b:00007f812d2b1188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3387.575770][T28170] RAX: ffffffffffffffda RBX: 00007f812fe3ef60 RCX: 00007f812fd3ba39 02:40:56 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000108800040001"], 0x24}}, 0x0) 02:40:56 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000118800040001"], 0x24}}, 0x0) 02:40:56 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000128800040001"], 0x24}}, 0x0) 02:40:56 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000138800040001"], 0x24}}, 0x0) 02:40:56 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000000101ff4f000e680800000200020000000c0019800800010000148800040001"], 0x24}}, 0x0) [ 3387.583734][T28170] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 3387.591690][T28170] RBP: 00007f812d2b11d0 R08: 0000000000000000 R09: 0000000000000000 [ 3387.599643][T28170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3387.607597][T28170] R13: 00007ffe48b1eebf R14: 00007f812d2b1300 R15: 0000000000022000 [ 3387.615583][T28170] Modules linked in: [ 3387.643861][T28170] ---[ end trace 264abd8b8bddab15 ]--- [ 3387.650488][T28170] RIP: 0010:tipc_crypto_key_distr+0x218/0xa80 [ 3387.656784][T28170] Code: 02 00 0f 85 66 08 00 00 48 8b 45 00 49 8d 4d 20 48 89 ca 48 89 4c 24 10 48 c1 ea 03 48 89 04 24 48 b8 00 00 00 00 00 fc ff df <0f> b6 14 02 48 89 c8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 b0 [ 3387.678481][T28170] RSP: 0018:ffffc900138073f0 EFLAGS: 00010202 [ 3387.685709][T28170] RAX: dffffc0000000000 RBX: ffff88807280b200 RCX: 0000000000000020 [ 3387.696326][T28170] RDX: 0000000000000004 RSI: ffffffff88b13737 RDI: ffff88807280b240 [ 3387.704819][T28170] RBP: ffff8880718d1400 R08: 0000000000000000 R09: 0000000000000000 [ 3387.714475][T28170] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001 [ 3387.722885][T28170] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000048 [ 3387.733000][T28170] FS: 00007f812d2b1700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 3387.742661][T28170] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 3387.749294][T28170] CR2: 0000001b2d521000 CR3: 0000000048b6a000 CR4: 00000000003506e0 [ 3387.758323][T28170] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 3387.766709][T28170] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 3387.775145][T28170] Kernel panic - not syncing: Fatal exception [ 3387.781441][T28170] Kernel Offset: disabled [ 3387.785759][T28170] Rebooting in 86400 seconds..