00000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0) 06:10:01 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0xfffff000, &(0x7f0000000180)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 500.238447][ T9098] netlink: 'syz-executor.5': attribute type 8 has an invalid length. [ 500.265310][ T9098] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.5'. [ 500.317040][ T9098] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 500.317040][ T9098] !' [ 500.333750][ T9098] CPU: 0 PID: 9098 Comm: syz-executor.5 Not tainted 5.6.0-rc7-syzkaller #0 [ 500.342339][ T9098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 500.352385][ T9098] Call Trace: [ 500.355680][ T9098] dump_stack+0x188/0x20d [ 500.360024][ T9098] sysfs_warn_dup.cold+0x1c/0x2d 06:10:01 executing program 0: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0a24fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 500.364971][ T9098] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 500.371052][ T9098] sysfs_create_link+0x61/0xc0 [ 500.375832][ T9098] device_add+0x71c/0x1bc0 [ 500.380265][ T9098] ? uevent_show+0x360/0x360 [ 500.384868][ T9098] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 500.390984][ T9098] wiphy_register+0x1c46/0x2720 [ 500.395859][ T9098] ? wiphy_unregister+0xf90/0xf90 [ 500.400894][ T9098] ? __kmalloc+0x629/0x7a0 [ 500.405313][ T9098] ? ieee80211_register_hw+0xbea/0x3760 [ 500.410870][ T9098] ? ieee80211_cs_list_valid+0x198/0x280 06:10:01 executing program 0: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0a24fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 500.416535][ T9098] ieee80211_register_hw+0x141d/0x3760 [ 500.422017][ T9098] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 500.427488][ T9098] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 500.433034][ T9098] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 500.439026][ T9098] ? memset+0x20/0x40 [ 500.443007][ T9098] ? __hrtimer_init+0x134/0x260 [ 500.447867][ T9098] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 500.453593][ T9098] ? vprintk_func+0x81/0x17e [ 500.458216][ T9098] ? hwsim_register_received_nl+0x400/0x400 [ 500.464130][ T9098] hwsim_new_radio_nl+0x905/0xf60 [ 500.469161][ T9098] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 500.475071][ T9098] ? cap_capable+0x1eb/0x250 [ 500.479682][ T9098] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 500.486013][ T9098] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 500.492355][ T9098] genl_rcv_msg+0x627/0xdf0 [ 500.496873][ T9098] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 500.503223][ T9098] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 500.509025][ T9098] netlink_rcv_skb+0x15a/0x410 [ 500.513773][ T9098] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 500.520076][ T9098] ? netlink_ack+0xa80/0xa80 [ 500.524657][ T9098] genl_rcv+0x24/0x40 [ 500.528665][ T9098] netlink_unicast+0x537/0x740 [ 500.533430][ T9098] ? netlink_attachskb+0x810/0x810 [ 500.538523][ T9098] ? _copy_from_iter_full+0x25c/0x870 [ 500.543887][ T9098] ? __phys_addr_symbol+0x2c/0x70 [ 500.548907][ T9098] ? __check_object_size+0x171/0x437 [ 500.554211][ T9098] netlink_sendmsg+0x882/0xe10 [ 500.559094][ T9098] ? aa_af_perm+0x260/0x260 06:10:01 executing program 0: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0a24fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 500.563605][ T9098] ? netlink_unicast+0x740/0x740 [ 500.568577][ T9098] ? netlink_unicast+0x740/0x740 [ 500.573519][ T9098] sock_sendmsg+0xcf/0x120 [ 500.578046][ T9098] ____sys_sendmsg+0x6b9/0x7d0 [ 500.582822][ T9098] ? kernel_sendmsg+0x50/0x50 [ 500.587511][ T9098] ? mark_lock+0xbc/0x1220 [ 500.591945][ T9098] ___sys_sendmsg+0x100/0x170 [ 500.596638][ T9098] ? sendmsg_copy_msghdr+0x70/0x70 [ 500.601777][ T9098] ? __fget_files+0x329/0x4f0 [ 500.606477][ T9098] ? ksys_dup3+0x3c0/0x3c0 [ 500.610902][ T9098] ? lock_acquire+0x197/0x420 [ 500.615577][ T9098] ? __might_fault+0xef/0x1d0 [ 500.620272][ T9098] ? __fget_light+0x208/0x270 [ 500.624967][ T9098] __sys_sendmsg+0xec/0x1b0 [ 500.629476][ T9098] ? __sys_sendmsg_sock+0xb0/0xb0 [ 500.634514][ T9098] ? __x64_sys_futex+0x380/0x4f0 [ 500.639495][ T9098] ? trace_hardirqs_off_caller+0x55/0x230 [ 500.645226][ T9098] ? do_syscall_64+0x21/0x7d0 [ 500.649917][ T9098] do_syscall_64+0xf6/0x7d0 [ 500.654431][ T9098] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 500.660336][ T9098] RIP: 0033:0x45c849 06:10:01 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 500.664226][ T9098] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 500.683822][ T9098] RSP: 002b:00007fd76ecbfc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 500.692226][ T9098] RAX: ffffffffffffffda RBX: 00007fd76ecc06d4 RCX: 000000000045c849 [ 500.700192][ T9098] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 500.708160][ T9098] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 06:10:01 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0c24fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 500.716128][ T9098] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 500.724100][ T9098] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 500.748838][ T9135] netlink: 'syz-executor.3': attribute type 8 has an invalid length. 06:10:01 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 500.765621][ T9135] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 500.819400][ T9135] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 500.819400][ T9135] !' [ 500.865982][ T9135] CPU: 0 PID: 9135 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 500.874596][ T9135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 500.884672][ T9135] Call Trace: [ 500.887978][ T9135] dump_stack+0x188/0x20d [ 500.892322][ T9135] sysfs_warn_dup.cold+0x1c/0x2d [ 500.897360][ T9135] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 500.903436][ T9135] sysfs_create_link+0x61/0xc0 [ 500.908219][ T9135] device_add+0x71c/0x1bc0 [ 500.912673][ T9135] ? ieee80211_set_bitrate_flags+0x9d/0x5c0 [ 500.918571][ T9135] ? uevent_show+0x360/0x360 [ 500.923165][ T9135] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 500.929155][ T9135] wiphy_register+0x1c46/0x2720 [ 500.934044][ T9135] ? wiphy_unregister+0xf90/0xf90 [ 500.939071][ T9135] ? retint_kernel+0x2b/0x2b [ 500.943684][ T9135] ? ieee80211_cs_list_valid+0x198/0x280 [ 500.949332][ T9135] ieee80211_register_hw+0x141d/0x3760 [ 500.954816][ T9135] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 500.960272][ T9135] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 500.965796][ T9135] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 500.971761][ T9135] ? memset+0x20/0x40 [ 500.975841][ T9135] ? __hrtimer_init+0x134/0x260 [ 500.980718][ T9135] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 500.986477][ T9135] ? hwsim_register_received_nl+0x400/0x400 [ 500.992384][ T9135] hwsim_new_radio_nl+0x905/0xf60 [ 500.997393][ T9135] ? lockdep_hardirqs_on+0x417/0x5d0 [ 501.002682][ T9135] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 501.008576][ T9135] genl_rcv_msg+0x627/0xdf0 [ 501.013083][ T9135] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 501.019412][ T9135] ? retint_kernel+0x2b/0x2b [ 501.024011][ T9135] netlink_rcv_skb+0x15a/0x410 [ 501.028761][ T9135] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 501.035066][ T9135] ? netlink_ack+0xa80/0xa80 [ 501.039657][ T9135] genl_rcv+0x24/0x40 [ 501.043619][ T9135] netlink_unicast+0x537/0x740 [ 501.048384][ T9135] ? netlink_attachskb+0x810/0x810 [ 501.053477][ T9135] ? _copy_from_iter_full+0x25c/0x870 [ 501.058831][ T9135] ? __phys_addr_symbol+0x2c/0x70 [ 501.063859][ T9135] ? __check_object_size+0x171/0x437 [ 501.069146][ T9135] netlink_sendmsg+0x882/0xe10 [ 501.073902][ T9135] ? aa_af_perm+0x260/0x260 [ 501.078392][ T9135] ? netlink_unicast+0x740/0x740 [ 501.083334][ T9135] ? netlink_unicast+0x740/0x740 [ 501.088255][ T9135] sock_sendmsg+0xcf/0x120 [ 501.092656][ T9135] ____sys_sendmsg+0x6b9/0x7d0 [ 501.097406][ T9135] ? kernel_sendmsg+0x50/0x50 [ 501.102068][ T9135] ? mark_lock+0xbc/0x1220 [ 501.106479][ T9135] ___sys_sendmsg+0x100/0x170 [ 501.111143][ T9135] ? sendmsg_copy_msghdr+0x70/0x70 [ 501.116253][ T9135] ? __fget_files+0x329/0x4f0 [ 501.120917][ T9135] ? ksys_dup3+0x3c0/0x3c0 [ 501.125311][ T9135] ? lock_acquire+0x197/0x420 [ 501.129970][ T9135] ? __might_fault+0xef/0x1d0 [ 501.134640][ T9135] ? __fget_light+0x208/0x270 [ 501.139311][ T9135] __sys_sendmsg+0xec/0x1b0 [ 501.143814][ T9135] ? __sys_sendmsg_sock+0xb0/0xb0 [ 501.148861][ T9135] ? do_syscall_64+0x4f/0x7d0 [ 501.153537][ T9135] do_syscall_64+0xf6/0x7d0 [ 501.158032][ T9135] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 501.163903][ T9135] RIP: 0033:0x45c849 [ 501.167787][ T9135] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 501.187375][ T9135] RSP: 002b:00007f081711fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 501.195782][ T9135] RAX: ffffffffffffffda RBX: 00007f08171206d4 RCX: 000000000045c849 [ 501.203820][ T9135] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 501.211772][ T9135] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 501.219725][ T9135] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 501.227676][ T9135] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:02 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:02 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0xffffff7f, &(0x7f0000000180)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:02 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1}, 0x0) 06:10:02 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:02 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:02 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0e24fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:02 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0xffffff9e, &(0x7f0000000180)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:02 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1}, 0x0) [ 501.451051][T10124] netlink: 'syz-executor.5': attribute type 8 has an invalid length. [ 501.471467][T10124] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.5'. [ 501.528434][T10124] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 501.528434][T10124] !' [ 501.574991][T10124] CPU: 0 PID: 10124 Comm: syz-executor.5 Not tainted 5.6.0-rc7-syzkaller #0 [ 501.583689][T10124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 501.593746][T10124] Call Trace: [ 501.597053][T10124] dump_stack+0x188/0x20d [ 501.601403][T10124] sysfs_warn_dup.cold+0x1c/0x2d [ 501.606347][T10124] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 501.612429][T10124] sysfs_create_link+0x61/0xc0 [ 501.617211][T10124] device_add+0x71c/0x1bc0 06:10:02 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 501.621637][T10124] ? uevent_show+0x360/0x360 [ 501.626234][T10124] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 501.632240][T10124] wiphy_register+0x1c46/0x2720 [ 501.637115][T10124] ? wiphy_unregister+0xf90/0xf90 [ 501.642161][T10124] ? __kmalloc+0x629/0x7a0 [ 501.646586][T10124] ? ieee80211_register_hw+0xbea/0x3760 [ 501.652145][T10124] ? ieee80211_cs_list_valid+0x198/0x280 [ 501.657805][T10124] ieee80211_register_hw+0x141d/0x3760 [ 501.663300][T10124] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 501.668772][T10124] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 501.674336][T10124] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 501.680325][T10124] ? memset+0x20/0x40 [ 501.684313][T10124] ? __hrtimer_init+0x134/0x260 [ 501.689175][T10124] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 501.694898][T10124] ? vprintk_func+0x81/0x17e [ 501.699513][T10124] ? hwsim_register_received_nl+0x400/0x400 [ 501.705422][T10124] hwsim_new_radio_nl+0x905/0xf60 [ 501.710443][T10124] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 501.716325][T10124] ? cap_capable+0x1eb/0x250 06:10:02 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 501.720923][T10124] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 501.727336][T10124] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 501.733675][T10124] genl_rcv_msg+0x627/0xdf0 [ 501.738191][T10124] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 501.744540][T10124] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 501.750360][T10124] netlink_rcv_skb+0x15a/0x410 [ 501.755158][T10124] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 501.761495][T10124] ? netlink_ack+0xa80/0xa80 [ 501.766113][T10124] genl_rcv+0x24/0x40 [ 501.770091][T10124] netlink_unicast+0x537/0x740 [ 501.774869][T10124] ? netlink_attachskb+0x810/0x810 [ 501.779980][T10124] ? _copy_from_iter_full+0x25c/0x870 [ 501.785357][T10124] ? __phys_addr_symbol+0x2c/0x70 [ 501.790390][T10124] ? __check_object_size+0x171/0x437 [ 501.795694][T10124] netlink_sendmsg+0x882/0xe10 [ 501.800472][T10124] ? aa_af_perm+0x260/0x260 [ 501.804971][T10124] ? netlink_unicast+0x740/0x740 [ 501.809925][T10124] ? netlink_unicast+0x740/0x740 [ 501.814864][T10124] sock_sendmsg+0xcf/0x120 [ 501.819283][T10124] ____sys_sendmsg+0x6b9/0x7d0 06:10:02 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 501.824055][T10124] ? kernel_sendmsg+0x50/0x50 [ 501.828739][T10124] ? mark_lock+0xbc/0x1220 [ 501.833176][T10124] ___sys_sendmsg+0x100/0x170 [ 501.837880][T10124] ? sendmsg_copy_msghdr+0x70/0x70 [ 501.843099][T10124] ? __fget_files+0x329/0x4f0 [ 501.847794][T10124] ? ksys_dup3+0x3c0/0x3c0 [ 501.852216][T10124] ? lock_acquire+0x197/0x420 [ 501.856903][T10124] ? __might_fault+0xef/0x1d0 [ 501.861593][T10124] ? __fget_light+0x208/0x270 [ 501.866278][T10124] __sys_sendmsg+0xec/0x1b0 [ 501.870790][T10124] ? __sys_sendmsg_sock+0xb0/0xb0 06:10:02 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 501.875832][T10124] ? __x64_sys_futex+0x380/0x4f0 [ 501.880795][T10124] ? trace_hardirqs_off_caller+0x55/0x230 [ 501.886521][T10124] ? do_syscall_64+0x21/0x7d0 [ 501.891207][T10124] do_syscall_64+0xf6/0x7d0 [ 501.895725][T10124] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 501.901623][T10124] RIP: 0033:0x45c849 [ 501.905518][T10124] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 501.925126][T10124] RSP: 002b:00007fd76ecbfc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 501.933544][T10124] RAX: ffffffffffffffda RBX: 00007fd76ecc06d4 RCX: 000000000045c849 [ 501.941520][T10124] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 501.949495][T10124] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 501.957467][T10124] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 501.965438][T10124] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 502.004766][T10237] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 502.026369][T10237] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 502.124689][T10237] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 502.124689][T10237] !' [ 502.155533][T10237] CPU: 0 PID: 10237 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 502.164213][T10237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 502.174269][T10237] Call Trace: [ 502.177553][T10237] dump_stack+0x188/0x20d [ 502.182005][T10237] sysfs_warn_dup.cold+0x1c/0x2d [ 502.186925][T10237] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 502.192974][T10237] sysfs_create_link+0x61/0xc0 [ 502.197720][T10237] device_add+0x71c/0x1bc0 [ 502.202247][T10237] ? ieee80211_set_bitrate_flags+0x134/0x5c0 [ 502.208219][T10237] ? uevent_show+0x360/0x360 [ 502.212813][T10237] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 502.218799][T10237] wiphy_register+0x1c46/0x2720 [ 502.223639][T10237] ? wiphy_unregister+0xf90/0xf90 [ 502.228647][T10237] ? __kmalloc+0x629/0x7a0 [ 502.233096][T10237] ? ieee80211_register_hw+0xbea/0x3760 [ 502.238754][T10237] ? ieee80211_register_hw+0x940/0x3760 [ 502.244276][T10237] ? ieee80211_cs_list_valid+0x198/0x280 [ 502.249888][T10237] ieee80211_register_hw+0x141d/0x3760 [ 502.255329][T10237] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 502.260800][T10237] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 502.266323][T10237] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 502.272279][T10237] ? memset+0x20/0x40 [ 502.276236][T10237] ? __hrtimer_init+0x134/0x260 [ 502.281159][T10237] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 502.286866][T10237] ? hwsim_register_received_nl+0x400/0x400 [ 502.292766][T10237] hwsim_new_radio_nl+0x905/0xf60 [ 502.297807][T10237] ? lockdep_hardirqs_on+0x417/0x5d0 [ 502.303097][T10237] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 502.308997][T10237] genl_rcv_msg+0x627/0xdf0 [ 502.313509][T10237] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 502.319834][T10237] ? retint_kernel+0x2b/0x2b [ 502.324428][T10237] netlink_rcv_skb+0x15a/0x410 [ 502.329178][T10237] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 502.335490][T10237] ? netlink_ack+0xa80/0xa80 [ 502.340082][T10237] genl_rcv+0x24/0x40 [ 502.344050][T10237] netlink_unicast+0x537/0x740 [ 502.348807][T10237] ? netlink_attachskb+0x810/0x810 [ 502.353906][T10237] ? _copy_from_iter_full+0x25c/0x870 [ 502.359261][T10237] ? __check_object_size+0x39/0x437 [ 502.364450][T10237] netlink_sendmsg+0x882/0xe10 [ 502.369212][T10237] ? aa_af_perm+0x260/0x260 [ 502.373698][T10237] ? netlink_unicast+0x740/0x740 [ 502.378641][T10237] ? netlink_unicast+0x740/0x740 [ 502.383563][T10237] sock_sendmsg+0xcf/0x120 [ 502.387971][T10237] ____sys_sendmsg+0x6b9/0x7d0 [ 502.392733][T10237] ? kernel_sendmsg+0x50/0x50 [ 502.397520][T10237] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 502.402980][T10237] ___sys_sendmsg+0x100/0x170 [ 502.407638][T10237] ? retint_kernel+0x2b/0x2b [ 502.412218][T10237] ? sendmsg_copy_msghdr+0x70/0x70 [ 502.417316][T10237] ? __fget_files+0x2ef/0x4f0 [ 502.421978][T10237] ? __fget_files+0x329/0x4f0 [ 502.426643][T10237] ? ksys_dup3+0x3c0/0x3c0 [ 502.431034][T10237] ? lock_acquire+0x197/0x420 [ 502.435686][T10237] ? __might_fault+0xef/0x1d0 [ 502.440371][T10237] ? __fget_light+0x208/0x270 [ 502.445037][T10237] __sys_sendmsg+0xec/0x1b0 [ 502.449521][T10237] ? __sys_sendmsg_sock+0xb0/0xb0 [ 502.454526][T10237] ? __x64_sys_futex+0x380/0x4f0 [ 502.459474][T10237] ? trace_hardirqs_off_caller+0x55/0x230 [ 502.465180][T10237] ? do_syscall_64+0x21/0x7d0 [ 502.469848][T10237] do_syscall_64+0xf6/0x7d0 [ 502.474336][T10237] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 502.480330][T10237] RIP: 0033:0x45c849 [ 502.484215][T10237] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 502.503800][T10237] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 502.512194][T10237] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 06:10:03 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0x0) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:03 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(0x0, 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:03 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0xfffffff0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:03 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:03 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d1024fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 502.520172][T10237] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 502.528120][T10237] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 502.536075][T10237] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 502.544033][T10237] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c 06:10:03 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1}, 0x0) 06:10:03 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0xffffffff, &(0x7f0000000180)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 502.652709][T10734] netlink: 'syz-executor.5': attribute type 8 has an invalid length. [ 502.691123][T10734] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.5'. 06:10:03 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(0x0, 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 502.741210][T10734] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 502.741210][T10734] !' [ 502.775669][T10734] CPU: 0 PID: 10734 Comm: syz-executor.5 Not tainted 5.6.0-rc7-syzkaller #0 [ 502.784355][T10734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 502.794411][T10734] Call Trace: [ 502.797714][T10734] dump_stack+0x188/0x20d [ 502.802062][T10734] sysfs_warn_dup.cold+0x1c/0x2d [ 502.807020][T10734] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 502.813086][T10734] sysfs_create_link+0x61/0xc0 [ 502.817830][T10734] device_add+0x71c/0x1bc0 [ 502.822232][T10734] ? uevent_show+0x360/0x360 [ 502.826805][T10734] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 502.832766][T10734] wiphy_register+0x1c46/0x2720 [ 502.837658][T10734] ? wiphy_unregister+0xf90/0xf90 [ 502.842662][T10734] ? __kmalloc+0x629/0x7a0 [ 502.847064][T10734] ? ieee80211_register_hw+0xbea/0x3760 [ 502.852601][T10734] ? ieee80211_cs_list_valid+0x198/0x280 [ 502.858217][T10734] ieee80211_register_hw+0x141d/0x3760 [ 502.863669][T10734] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 502.869111][T10734] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 502.874644][T10734] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 502.880613][T10734] ? memset+0x20/0x40 [ 502.884601][T10734] ? __hrtimer_init+0x134/0x260 [ 502.889454][T10734] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 502.895174][T10734] ? vprintk_func+0x81/0x17e [ 502.899753][T10734] ? hwsim_register_received_nl+0x400/0x400 [ 502.905629][T10734] hwsim_new_radio_nl+0x905/0xf60 [ 502.910632][T10734] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 502.916512][T10734] ? cap_capable+0x1eb/0x250 [ 502.921096][T10734] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 502.927488][T10734] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 502.933801][T10734] genl_rcv_msg+0x627/0xdf0 [ 502.938303][T10734] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 502.944618][T10734] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 502.950406][T10734] netlink_rcv_skb+0x15a/0x410 [ 502.955150][T10734] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 502.961456][T10734] ? netlink_ack+0xa80/0xa80 [ 502.966036][T10734] genl_rcv+0x24/0x40 [ 502.970015][T10734] netlink_unicast+0x537/0x740 [ 502.974779][T10734] ? netlink_attachskb+0x810/0x810 [ 502.979871][T10734] ? _copy_from_iter_full+0x25c/0x870 [ 502.985219][T10734] ? __phys_addr_symbol+0x2c/0x70 [ 502.990223][T10734] ? __check_object_size+0x171/0x437 [ 502.995493][T10734] netlink_sendmsg+0x882/0xe10 [ 503.000243][T10734] ? aa_af_perm+0x260/0x260 [ 503.004725][T10734] ? netlink_unicast+0x740/0x740 [ 503.009653][T10734] ? netlink_unicast+0x740/0x740 [ 503.014577][T10734] sock_sendmsg+0xcf/0x120 [ 503.019013][T10734] ____sys_sendmsg+0x6b9/0x7d0 [ 503.023773][T10734] ? kernel_sendmsg+0x50/0x50 [ 503.028474][T10734] ? mark_lock+0xbc/0x1220 [ 503.032880][T10734] ___sys_sendmsg+0x100/0x170 [ 503.037548][T10734] ? sendmsg_copy_msghdr+0x70/0x70 [ 503.042663][T10734] ? __fget_files+0x329/0x4f0 [ 503.047323][T10734] ? ksys_dup3+0x3c0/0x3c0 [ 503.051716][T10734] ? lock_acquire+0x197/0x420 [ 503.056372][T10734] ? __might_fault+0xef/0x1d0 [ 503.061031][T10734] ? __fget_light+0x208/0x270 [ 503.065693][T10734] __sys_sendmsg+0xec/0x1b0 [ 503.070178][T10734] ? __sys_sendmsg_sock+0xb0/0xb0 [ 503.075179][T10734] ? __x64_sys_futex+0x380/0x4f0 [ 503.080103][T10734] ? trace_hardirqs_off_caller+0x55/0x230 [ 503.085807][T10734] ? do_syscall_64+0x21/0x7d0 [ 503.090482][T10734] do_syscall_64+0xf6/0x7d0 [ 503.094972][T10734] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 503.100842][T10734] RIP: 0033:0x45c849 [ 503.104713][T10734] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 503.124289][T10734] RSP: 002b:00007fd76ecbfc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 503.132675][T10734] RAX: ffffffffffffffda RBX: 00007fd76ecc06d4 RCX: 000000000045c849 [ 503.140630][T10734] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 503.148593][T10734] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 503.156539][T10734] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 503.164612][T10734] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:04 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:04 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0xf}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:04 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d1124fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 503.220975][T10800] netlink: 'syz-executor.3': attribute type 8 has an invalid length. 06:10:04 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(0x0, 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 503.307148][T10800] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 503.398239][T10800] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 503.398239][T10800] !' [ 503.431727][T10800] CPU: 1 PID: 10800 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 503.440410][T10800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 503.450457][T10800] Call Trace: [ 503.453856][T10800] dump_stack+0x188/0x20d [ 503.458203][T10800] sysfs_warn_dup.cold+0x1c/0x2d [ 503.463229][T10800] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 503.469309][T10800] sysfs_create_link+0x61/0xc0 [ 503.474083][T10800] device_add+0x71c/0x1bc0 [ 503.478515][T10800] ? ieee80211_set_bitrate_flags+0x2b/0x5c0 [ 503.484404][T10800] ? uevent_show+0x360/0x360 [ 503.489015][T10800] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 503.495013][T10800] wiphy_register+0x1c46/0x2720 [ 503.499888][T10800] ? wiphy_unregister+0xf90/0xf90 [ 503.504919][T10800] ? __kmalloc+0x629/0x7a0 [ 503.509336][T10800] ? ieee80211_register_hw+0xbea/0x3760 [ 503.514896][T10800] ? ieee80211_cs_list_valid+0x198/0x280 [ 503.520543][T10800] ieee80211_register_hw+0x141d/0x3760 [ 503.526028][T10800] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 503.531511][T10800] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 503.537059][T10800] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 503.543044][T10800] ? memset+0x20/0x40 [ 503.547036][T10800] ? __hrtimer_init+0x134/0x260 [ 503.551894][T10800] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 503.557609][T10800] ? vprintk_func+0x81/0x17e [ 503.562203][T10800] ? hwsim_register_received_nl+0x400/0x400 [ 503.568104][T10800] hwsim_new_radio_nl+0x905/0xf60 [ 503.573118][T10800] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 503.578995][T10800] ? cap_capable+0x1eb/0x250 [ 503.583568][T10800] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 503.589882][T10800] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 503.596237][T10800] genl_rcv_msg+0x627/0xdf0 [ 503.600730][T10800] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 503.607065][T10800] ? ___preempt_schedule+0x16/0x18 [ 503.612188][T10800] netlink_rcv_skb+0x15a/0x410 [ 503.616942][T10800] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 503.623244][T10800] ? netlink_ack+0xa80/0xa80 [ 503.627858][T10800] genl_rcv+0x24/0x40 [ 503.631837][T10800] netlink_unicast+0x537/0x740 [ 503.636591][T10800] ? netlink_attachskb+0x810/0x810 [ 503.641709][T10800] netlink_sendmsg+0x882/0xe10 [ 503.646481][T10800] ? aa_af_perm+0x260/0x260 [ 503.650984][T10800] ? netlink_unicast+0x740/0x740 [ 503.655918][T10800] ? netlink_unicast+0x740/0x740 [ 503.660833][T10800] sock_sendmsg+0xcf/0x120 [ 503.665224][T10800] ____sys_sendmsg+0x6b9/0x7d0 [ 503.669995][T10800] ? kernel_sendmsg+0x50/0x50 [ 503.674659][T10800] ? mark_lock+0xbc/0x1220 [ 503.679061][T10800] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 503.684500][T10800] ___sys_sendmsg+0x100/0x170 [ 503.689166][T10800] ? sendmsg_copy_msghdr+0x70/0x70 [ 503.694275][T10800] ? __fget_files+0x329/0x4f0 [ 503.698949][T10800] ? ksys_dup3+0x3c0/0x3c0 [ 503.703342][T10800] ? lock_acquire+0x197/0x420 [ 503.708003][T10800] ? __might_fault+0xef/0x1d0 [ 503.712771][T10800] ? __fget_light+0x208/0x270 [ 503.717431][T10800] __sys_sendmsg+0xec/0x1b0 [ 503.721911][T10800] ? __sys_sendmsg_sock+0xb0/0xb0 [ 503.726910][T10800] ? __x64_sys_futex+0x380/0x4f0 [ 503.731864][T10800] ? trace_hardirqs_off_caller+0x55/0x230 [ 503.737582][T10800] ? do_syscall_64+0x21/0x7d0 [ 503.742250][T10800] do_syscall_64+0xf6/0x7d0 [ 503.746732][T10800] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 503.752614][T10800] RIP: 0033:0x45c849 [ 503.756485][T10800] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 503.776062][T10800] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 503.784599][T10800] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 [ 503.792561][T10800] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 503.800519][T10800] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 503.808471][T10800] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 503.816426][T10800] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c 06:10:04 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0x0) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:04 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011", 0x17}], 0x1}, 0x0) 06:10:04 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x28}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:04 executing program 0: r0 = gettid() capset(&(0x7f0000000080)={0x20080522, r0}, &(0x7f00000000c0)={0x3, 0x6, 0x5, 0x7fff, 0x7d6f, 0x4}) tkill(r0, 0x1000000000016) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000040)) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/ipc\x00') 06:10:04 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:04 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x3c}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:04 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d1224fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:04 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011", 0x17}], 0x1}, 0x0) 06:10:04 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0x0) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 504.044442][T11334] netlink: 'syz-executor.5': attribute type 8 has an invalid length. [ 504.100723][T11334] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.5'. 06:10:04 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x7ffff}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 504.141822][T11334] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 504.141822][T11334] !' [ 504.168078][T11334] CPU: 0 PID: 11334 Comm: syz-executor.5 Not tainted 5.6.0-rc7-syzkaller #0 [ 504.176770][T11334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 504.186824][T11334] Call Trace: 06:10:05 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0x0) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 504.190120][T11334] dump_stack+0x188/0x20d [ 504.194467][T11334] sysfs_warn_dup.cold+0x1c/0x2d [ 504.199430][T11334] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 504.205507][T11334] sysfs_create_link+0x61/0xc0 [ 504.210278][T11334] device_add+0x71c/0x1bc0 [ 504.214710][T11334] ? uevent_show+0x360/0x360 [ 504.219311][T11334] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 504.225308][T11334] wiphy_register+0x1c46/0x2720 [ 504.230199][T11334] ? wiphy_unregister+0xf90/0xf90 [ 504.235238][T11334] ? __kmalloc+0x629/0x7a0 06:10:05 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x2}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 504.239677][T11334] ? ieee80211_register_hw+0xbea/0x3760 [ 504.245426][T11334] ? ieee80211_cs_list_valid+0x198/0x280 [ 504.251070][T11334] ieee80211_register_hw+0x141d/0x3760 [ 504.256559][T11334] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 504.262030][T11334] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 504.267583][T11334] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 504.273569][T11334] ? memset+0x20/0x40 [ 504.277555][T11334] ? __hrtimer_init+0x134/0x260 [ 504.282414][T11334] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 504.288130][T11334] ? vprintk_func+0x81/0x17e [ 504.292760][T11334] ? hwsim_register_received_nl+0x400/0x400 [ 504.298672][T11334] hwsim_new_radio_nl+0x905/0xf60 [ 504.303730][T11334] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 504.309624][T11334] ? cap_capable+0x1eb/0x250 [ 504.314230][T11334] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 504.320567][T11334] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 504.326915][T11334] genl_rcv_msg+0x627/0xdf0 [ 504.331443][T11334] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 504.337799][T11334] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 504.343727][T11334] netlink_rcv_skb+0x15a/0x410 [ 504.348506][T11334] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 504.354843][T11334] ? netlink_ack+0xa80/0xa80 [ 504.359469][T11334] genl_rcv+0x24/0x40 [ 504.363463][T11334] netlink_unicast+0x537/0x740 [ 504.368350][T11334] ? netlink_attachskb+0x810/0x810 [ 504.373465][T11334] ? _copy_from_iter_full+0x25c/0x870 [ 504.378846][T11334] ? __phys_addr_symbol+0x2c/0x70 [ 504.383877][T11334] ? __check_object_size+0x171/0x437 [ 504.389179][T11334] netlink_sendmsg+0x882/0xe10 [ 504.393953][T11334] ? aa_af_perm+0x260/0x260 [ 504.398476][T11334] ? netlink_unicast+0x740/0x740 [ 504.403425][T11334] ? netlink_unicast+0x740/0x740 [ 504.408379][T11334] sock_sendmsg+0xcf/0x120 [ 504.412800][T11334] ____sys_sendmsg+0x6b9/0x7d0 [ 504.417610][T11334] ? kernel_sendmsg+0x50/0x50 [ 504.422306][T11334] ? mark_lock+0xbc/0x1220 [ 504.426750][T11334] ___sys_sendmsg+0x100/0x170 [ 504.431444][T11334] ? sendmsg_copy_msghdr+0x70/0x70 [ 504.436585][T11334] ? __fget_files+0x329/0x4f0 [ 504.441272][T11334] ? ksys_dup3+0x3c0/0x3c0 [ 504.445686][T11334] ? lock_acquire+0x197/0x420 [ 504.450368][T11334] ? __might_fault+0xef/0x1d0 [ 504.455063][T11334] ? __fget_light+0x208/0x270 [ 504.459754][T11334] __sys_sendmsg+0xec/0x1b0 [ 504.464259][T11334] ? __sys_sendmsg_sock+0xb0/0xb0 [ 504.469288][T11334] ? __x64_sys_futex+0x380/0x4f0 [ 504.474246][T11334] ? trace_hardirqs_off_caller+0x55/0x230 [ 504.479980][T11334] ? do_syscall_64+0x21/0x7d0 [ 504.484662][T11334] do_syscall_64+0xf6/0x7d0 [ 504.489179][T11334] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 504.495074][T11334] RIP: 0033:0x45c849 [ 504.498971][T11334] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 504.518704][T11334] RSP: 002b:00007fd76ecbfc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 504.527116][T11334] RAX: ffffffffffffffda RBX: 00007fd76ecc06d4 RCX: 000000000045c849 [ 504.535081][T11334] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 504.543218][T11334] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 504.551183][T11334] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 504.559132][T11334] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 504.589124][T11340] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 504.602898][T11340] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 504.638138][T11340] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 504.638138][T11340] !' [ 504.654338][T11340] CPU: 1 PID: 11340 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 504.663031][T11340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 504.673079][T11340] Call Trace: [ 504.676380][T11340] dump_stack+0x188/0x20d [ 504.680723][T11340] sysfs_warn_dup.cold+0x1c/0x2d [ 504.685670][T11340] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 504.691754][T11340] sysfs_create_link+0x61/0xc0 [ 504.696526][T11340] device_add+0x71c/0x1bc0 [ 504.700957][T11340] ? uevent_show+0x360/0x360 [ 504.705560][T11340] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 504.711540][T11340] wiphy_register+0x1c46/0x2720 [ 504.716381][T11340] ? wiphy_unregister+0xf90/0xf90 [ 504.721504][T11340] ? retint_kernel+0x2b/0x2b [ 504.726082][T11340] ? ieee80211_cs_list_valid+0x198/0x280 [ 504.731700][T11340] ieee80211_register_hw+0x141d/0x3760 [ 504.737156][T11340] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 504.742605][T11340] ? memset_erms+0xb/0x10 [ 504.746927][T11340] ? __hrtimer_init+0x134/0x260 [ 504.751757][T11340] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 504.757490][T11340] ? vprintk_func+0x81/0x17e [ 504.762084][T11340] ? hwsim_register_received_nl+0x400/0x400 [ 504.767981][T11340] hwsim_new_radio_nl+0x905/0xf60 [ 504.772982][T11340] ? lockdep_hardirqs_on+0x417/0x5d0 [ 504.778247][T11340] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 504.784133][T11340] genl_rcv_msg+0x627/0xdf0 [ 504.788662][T11340] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 504.794978][T11340] ? lockdep_hardirqs_on+0x417/0x5d0 [ 504.800241][T11340] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 504.805697][T11340] netlink_rcv_skb+0x15a/0x410 [ 504.810443][T11340] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 504.816748][T11340] ? netlink_ack+0xa80/0xa80 [ 504.821331][T11340] genl_rcv+0x24/0x40 [ 504.825292][T11340] netlink_unicast+0x537/0x740 [ 504.830038][T11340] ? netlink_attachskb+0x810/0x810 [ 504.835132][T11340] ? _copy_from_iter_full+0x25c/0x870 [ 504.840499][T11340] ? __phys_addr_symbol+0x2c/0x70 [ 504.845517][T11340] ? __check_object_size+0x171/0x437 [ 504.850785][T11340] netlink_sendmsg+0x882/0xe10 [ 504.855533][T11340] ? aa_af_perm+0x260/0x260 [ 504.860025][T11340] ? netlink_unicast+0x740/0x740 [ 504.864958][T11340] ? netlink_unicast+0x740/0x740 [ 504.869883][T11340] sock_sendmsg+0xcf/0x120 [ 504.874286][T11340] ____sys_sendmsg+0x6b9/0x7d0 [ 504.879028][T11340] ? kernel_sendmsg+0x50/0x50 [ 504.883682][T11340] ? mark_lock+0xbc/0x1220 [ 504.888142][T11340] ___sys_sendmsg+0x100/0x170 [ 504.892812][T11340] ? sendmsg_copy_msghdr+0x70/0x70 [ 504.897938][T11340] ? __fget_files+0x329/0x4f0 [ 504.902608][T11340] ? ksys_dup3+0x3c0/0x3c0 [ 504.907023][T11340] ? __fget_light+0x208/0x270 [ 504.911698][T11340] __sys_sendmsg+0xec/0x1b0 [ 504.916175][T11340] ? __sys_sendmsg_sock+0xb0/0xb0 [ 504.921233][T11340] ? trace_hardirqs_off_caller+0x55/0x230 [ 504.926982][T11340] ? do_syscall_64+0x21/0x7d0 [ 504.931650][T11340] do_syscall_64+0xf6/0x7d0 [ 504.936149][T11340] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 504.942018][T11340] RIP: 0033:0x45c849 [ 504.945902][T11340] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 504.965493][T11340] RSP: 002b:00007f08170fec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 504.973886][T11340] RAX: ffffffffffffffda RBX: 00007f08170ff6d4 RCX: 000000000045c849 [ 504.981835][T11340] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 504.989781][T11340] RBP: 000000000076bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 504.997773][T11340] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 505.005719][T11340] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bfac 06:10:05 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0x0) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:05 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0x0) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:05 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x8}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:05 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:05 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d1424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:05 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011", 0x17}], 0x1}, 0x0) [ 505.086181][T11669] netlink: 'syz-executor.5': attribute type 8 has an invalid length. [ 505.115633][T11669] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.5'. [ 505.137890][T11669] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 505.137890][T11669] !' [ 505.159091][T11669] CPU: 1 PID: 11669 Comm: syz-executor.5 Not tainted 5.6.0-rc7-syzkaller #0 [ 505.167773][T11669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 505.177826][T11669] Call Trace: [ 505.181132][T11669] dump_stack+0x188/0x20d [ 505.185482][T11669] sysfs_warn_dup.cold+0x1c/0x2d [ 505.190445][T11669] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 505.196530][T11669] sysfs_create_link+0x61/0xc0 [ 505.201288][T11669] device_add+0x71c/0x1bc0 [ 505.205714][T11669] ? uevent_show+0x360/0x360 [ 505.210294][T11669] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 505.216254][T11669] wiphy_register+0x1c46/0x2720 [ 505.221137][T11669] ? wiphy_unregister+0xf90/0xf90 [ 505.226141][T11669] ? __kmalloc+0x629/0x7a0 [ 505.230534][T11669] ? ieee80211_register_hw+0xbea/0x3760 [ 505.236059][T11669] ? ieee80211_cs_list_valid+0x198/0x280 [ 505.241671][T11669] ieee80211_register_hw+0x141d/0x3760 [ 505.247116][T11669] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 505.252554][T11669] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 505.258080][T11669] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 505.264038][T11669] ? memset+0x20/0x40 [ 505.268000][T11669] ? __hrtimer_init+0x134/0x260 [ 505.272835][T11669] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 505.278532][T11669] ? vprintk_func+0x81/0x17e [ 505.283128][T11669] ? hwsim_register_received_nl+0x400/0x400 [ 505.289007][T11669] hwsim_new_radio_nl+0x905/0xf60 [ 505.294012][T11669] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 505.299913][T11669] ? cap_capable+0x1eb/0x250 [ 505.304528][T11669] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 505.310889][T11669] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 505.317238][T11669] genl_rcv_msg+0x627/0xdf0 [ 505.321729][T11669] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 505.328046][T11669] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 505.333836][T11669] netlink_rcv_skb+0x15a/0x410 [ 505.338596][T11669] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 505.345037][T11669] ? netlink_ack+0xa80/0xa80 [ 505.349620][T11669] genl_rcv+0x24/0x40 [ 505.353602][T11669] netlink_unicast+0x537/0x740 [ 505.358347][T11669] ? netlink_attachskb+0x810/0x810 [ 505.363432][T11669] ? _copy_from_iter_full+0x25c/0x870 [ 505.368778][T11669] ? __phys_addr_symbol+0x2c/0x70 [ 505.373864][T11669] ? __check_object_size+0x171/0x437 [ 505.379175][T11669] netlink_sendmsg+0x882/0xe10 [ 505.383923][T11669] ? aa_af_perm+0x260/0x260 [ 505.388411][T11669] ? netlink_unicast+0x740/0x740 [ 505.393349][T11669] ? netlink_unicast+0x740/0x740 [ 505.398265][T11669] sock_sendmsg+0xcf/0x120 [ 505.402662][T11669] ____sys_sendmsg+0x6b9/0x7d0 [ 505.407403][T11669] ? kernel_sendmsg+0x50/0x50 [ 505.412145][T11669] ? mark_lock+0xbc/0x1220 [ 505.416548][T11669] ___sys_sendmsg+0x100/0x170 [ 505.421291][T11669] ? sendmsg_copy_msghdr+0x70/0x70 [ 505.426385][T11669] ? __fget_files+0x329/0x4f0 [ 505.431045][T11669] ? ksys_dup3+0x3c0/0x3c0 [ 505.435442][T11669] ? lock_acquire+0x197/0x420 [ 505.440096][T11669] ? __might_fault+0xef/0x1d0 [ 505.444769][T11669] ? __fget_light+0x208/0x270 [ 505.449430][T11669] __sys_sendmsg+0xec/0x1b0 [ 505.453931][T11669] ? __sys_sendmsg_sock+0xb0/0xb0 [ 505.458945][T11669] ? __x64_sys_futex+0x380/0x4f0 [ 505.463879][T11669] ? trace_hardirqs_off_caller+0x55/0x230 [ 505.469580][T11669] ? do_syscall_64+0x21/0x7d0 [ 505.474236][T11669] do_syscall_64+0xf6/0x7d0 [ 505.478752][T11669] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 505.484637][T11669] RIP: 0033:0x45c849 [ 505.488511][T11669] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 505.508089][T11669] RSP: 002b:00007fd76ecbfc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 505.516476][T11669] RAX: ffffffffffffffda RBX: 00007fd76ecc06d4 RCX: 000000000045c849 [ 505.524422][T11669] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 06:10:06 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_SET_MAX_THREADS(r1, 0x40046205, &(0x7f0000000040)=0x6) r2 = socket(0x1, 0x80000, 0x4001) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) dup(0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x1, 0x1, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r4, 0x8983, &(0x7f0000000140)={0x0, 'syzkaller1\x00', {0x804}}) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRESDEC=r4, @ANYBLOB="83840300000000001400766c616e00000400028008000500", @ANYRES32=r3, @ANYBLOB="08000a0020e96ea02510c2db35ff8f277c039de76535c3c9d08e592de85c0c2bb3b94eb4c650725e4e0031df7575bebb5842be177fd890b26ea0842e54ec863a26db8333aee9bb0f948bea3dce6dc3fecfb83b514cf9319922a7a2baeeab6cc57cc87dca634c53396d9c6090dea7c062ff026e16c0bd0cab788050423c387cfbc54f166ae6b2ba05184344011e25fb2acc5fa1c733f5c5dac29d4fc2b770b9", @ANYRES32, @ANYBLOB="d9e4432d2b53b7e9d4883ed6616f7f2c25864ad8ca2b062ef89f7a7ec1c7dce955c0be5007fe2091693b54da12381d3f539516599b7ed9f8ebed1e7e40529b3607f1a71b3a38bc45f232dc793f62679becf807e0a86ef30bea4f381bddc633aad75425910c1b8f6a346f209eab2b6e1a942a3cc022a6733b8db6cf9a4e4e8bf6e07dd0d5e955f24fc177f1c43ac5e87c7e5d3e756c6af3aded4190e3e397a28d921047afbdb024d7605740f1ad0579eb39883bbf920c1c36ca725c6cf74d2a2b221f"], 0x7}}, 0xc000) [ 505.532374][T11669] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 505.540424][T11669] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 505.548479][T11669] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:06 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0xa}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:06 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d2824fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:06 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e", 0x23}], 0x1}, 0x0) [ 505.608916][T11722] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 505.617145][T11722] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. 06:10:06 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 505.750226][T11722] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 505.750226][T11722] !' 06:10:06 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x2}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 505.811930][T11722] CPU: 0 PID: 11722 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 505.820624][T11722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 505.830677][T11722] Call Trace: [ 505.833971][T11722] dump_stack+0x188/0x20d [ 505.838319][T11722] sysfs_warn_dup.cold+0x1c/0x2d [ 505.843264][T11722] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 505.849333][T11722] sysfs_create_link+0x61/0xc0 [ 505.854097][T11722] device_add+0x71c/0x1bc0 [ 505.858535][T11722] ? retint_kernel+0x2b/0x2b [ 505.863133][T11722] ? uevent_show+0x360/0x360 [ 505.867750][T11722] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 505.873744][T11722] wiphy_register+0x1c46/0x2720 [ 505.878620][T11722] ? wiphy_unregister+0xf90/0xf90 [ 505.883653][T11722] ? retint_kernel+0x2b/0x2b [ 505.888261][T11722] ? ieee80211_cs_list_valid+0x198/0x280 [ 505.893901][T11722] ieee80211_register_hw+0x141d/0x3760 [ 505.899396][T11722] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 505.904867][T11722] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 505.910466][T11722] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 505.916457][T11722] ? hrtimer_init+0x238/0x320 [ 505.921143][T11722] ? memset+0x20/0x40 [ 505.925149][T11722] ? __hrtimer_init+0x134/0x260 [ 505.930012][T11722] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 505.935767][T11722] ? vprintk_func+0x81/0x17e [ 505.940403][T11722] ? hwsim_register_received_nl+0x400/0x400 [ 505.946308][T11722] hwsim_new_radio_nl+0x905/0xf60 [ 505.951342][T11722] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 505.957237][T11722] ? cap_capable+0x1eb/0x250 [ 505.961844][T11722] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 505.968178][T11722] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 505.974526][T11722] genl_rcv_msg+0x627/0xdf0 [ 505.979051][T11722] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 505.985411][T11722] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 505.990854][T11722] netlink_rcv_skb+0x15a/0x410 [ 505.995605][T11722] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 506.001940][T11722] ? netlink_ack+0xa80/0xa80 [ 506.006535][T11722] genl_rcv+0x24/0x40 [ 506.010494][T11722] netlink_unicast+0x537/0x740 [ 506.015240][T11722] ? netlink_attachskb+0x810/0x810 [ 506.020325][T11722] ? _copy_from_iter_full+0x25c/0x870 [ 506.025676][T11722] ? __phys_addr_symbol+0x2c/0x70 [ 506.030792][T11722] ? __check_object_size+0x171/0x437 [ 506.036061][T11722] netlink_sendmsg+0x882/0xe10 [ 506.040833][T11722] ? aa_af_perm+0x260/0x260 [ 506.045342][T11722] ? netlink_unicast+0x740/0x740 [ 506.050283][T11722] ? netlink_unicast+0x740/0x740 [ 506.055201][T11722] sock_sendmsg+0xcf/0x120 [ 506.059599][T11722] ____sys_sendmsg+0x6b9/0x7d0 [ 506.064357][T11722] ? kernel_sendmsg+0x50/0x50 [ 506.069026][T11722] ? mark_lock+0xbc/0x1220 [ 506.073441][T11722] ___sys_sendmsg+0x100/0x170 [ 506.078098][T11722] ? sendmsg_copy_msghdr+0x70/0x70 [ 506.083216][T11722] ? __fget_files+0x329/0x4f0 [ 506.087887][T11722] ? ksys_dup3+0x3c0/0x3c0 [ 506.092273][T11722] ? lock_acquire+0x197/0x420 [ 506.096920][T11722] ? __might_fault+0xef/0x1d0 [ 506.101577][T11722] ? __fget_light+0x208/0x270 [ 506.106246][T11722] __sys_sendmsg+0xec/0x1b0 [ 506.110736][T11722] ? __sys_sendmsg_sock+0xb0/0xb0 [ 506.115735][T11722] ? __x64_sys_futex+0x380/0x4f0 [ 506.120674][T11722] ? trace_hardirqs_off_caller+0x55/0x230 [ 506.126389][T11722] ? do_syscall_64+0x21/0x7d0 [ 506.131070][T11722] do_syscall_64+0xf6/0x7d0 [ 506.135578][T11722] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 506.141463][T11722] RIP: 0033:0x45c849 [ 506.145362][T11722] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 506.164954][T11722] RSP: 002b:00007f081711fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 506.173387][T11722] RAX: ffffffffffffffda RBX: 00007f08171206d4 RCX: 000000000045c849 [ 506.181342][T11722] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 506.189303][T11722] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 506.197281][T11722] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 506.205264][T11722] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:07 executing program 3: socket$kcm(0xa, 0x6, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(0xffffffffffffffff, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r2, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:07 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) add_key$keyring(&(0x7f0000000180)='keyring\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff) readv(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/65, 0x7ffff000}], 0x1) r1 = socket(0x1, 0x1, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000140)={0x0, 'syzkaller1\x00', {0x804}}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vcsu\x00', 0x224042, 0x0) write$vhci(r3, &(0x7f0000000400)=ANY=[@ANYBLOB="041ea5f3588ec4d6121e9e64000000005e4ac3db2877490891cf511204f7fe1e4ff85270b7ab4f6404230e2369db7e6df9440631a309bc420fb364397e0fb39064bbf14f4ed32874dd67eee2abf19d240446b1fcb80f58a5ca75303dff97a96e976be4cd93f28aa4227c04a880204f1cc9e0273253ca8dce188cb44bbf0c8aa0e976f9790db0c3bf926dc70f0843839800b5462fcc191c33d5b35d49c0e430f3a9405ef7da2fa88cc2b30c876ad4e4d6d7e9eedee18ab7b03558fd707c306ceb55"], 0xb8) r4 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = dup2(r1, r4) ioctl$TIOCVHANGUP(r5, 0x5437, 0x0) sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0x98, 0x9, 0x6, 0x401, 0x0, 0x0, {0x1, 0x0, 0x4}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x564}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x5000000}, @IPSET_ATTR_LINENO={0x8}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_ADT={0x3c, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e20}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}}, {0x1c, 0x7, 0x0, 0x1, @IPSET_ATTR_IP2={0x18, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @mcast2}}}]}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x42}}}]}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x9c}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x4004085}, 0x4000) 06:10:07 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e", 0x23}], 0x1}, 0x0) 06:10:07 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 506.294253][T12029] netlink: 'syz-executor.3': attribute type 8 has an invalid length. 06:10:07 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x8}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 506.338954][T12029] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. 06:10:07 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d3524fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:07 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x300}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 506.474237][T12029] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 506.474237][T12029] !' [ 506.498658][T12029] CPU: 0 PID: 12029 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 506.507343][T12029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 506.517406][T12029] Call Trace: [ 506.520708][T12029] dump_stack+0x188/0x20d [ 506.525055][T12029] sysfs_warn_dup.cold+0x1c/0x2d [ 506.530013][T12029] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 506.536283][T12029] sysfs_create_link+0x61/0xc0 [ 506.541060][T12029] device_add+0x71c/0x1bc0 [ 506.545492][T12029] ? uevent_show+0x360/0x360 [ 506.550097][T12029] ? ieee80211_set_bitrate_flags+0x21e/0x5c0 [ 506.556094][T12029] wiphy_register+0x1c46/0x2720 [ 506.560978][T12029] ? wiphy_unregister+0xf90/0xf90 [ 506.566009][T12029] ? retint_kernel+0x2b/0x2b [ 506.570625][T12029] ? ieee80211_register_hw+0x114a/0x3760 [ 506.576270][T12029] ieee80211_register_hw+0x141d/0x3760 [ 506.581751][T12029] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 506.587220][T12029] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 506.592792][T12029] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 506.598788][T12029] ? memset+0x20/0x40 [ 506.602780][T12029] ? __hrtimer_init+0x134/0x260 [ 506.607641][T12029] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 506.613355][T12029] ? lockdep_hardirqs_on+0x417/0x5d0 [ 506.618641][T12029] ? hwsim_register_received_nl+0x400/0x400 [ 506.624519][T12029] ? hwsim_new_radio_nl+0x85f/0xf60 [ 506.629780][T12029] hwsim_new_radio_nl+0x905/0xf60 [ 506.634809][T12029] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 506.640267][T12029] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 506.646175][T12029] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 506.651941][T12029] genl_rcv_msg+0x627/0xdf0 [ 506.656435][T12029] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 506.662756][T12029] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 506.668474][T12029] ? retint_kernel+0x2b/0x2b [ 506.673077][T12029] ? genl_rcv_msg+0x1a/0xdf0 [ 506.677689][T12029] netlink_rcv_skb+0x15a/0x410 [ 506.682443][T12029] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 506.688763][T12029] ? netlink_ack+0xa80/0xa80 [ 506.693357][T12029] genl_rcv+0x24/0x40 [ 506.697332][T12029] netlink_unicast+0x537/0x740 [ 506.702103][T12029] ? netlink_attachskb+0x810/0x810 [ 506.707194][T12029] ? netlink_sendmsg+0x837/0xe10 [ 506.712128][T12029] netlink_sendmsg+0x882/0xe10 [ 506.716882][T12029] ? aa_af_perm+0x260/0x260 [ 506.721365][T12029] ? netlink_unicast+0x740/0x740 [ 506.726290][T12029] ? netlink_unicast+0x740/0x740 [ 506.731219][T12029] sock_sendmsg+0xcf/0x120 [ 506.735635][T12029] ____sys_sendmsg+0x6b9/0x7d0 [ 506.740450][T12029] ? kernel_sendmsg+0x50/0x50 [ 506.745115][T12029] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 506.750809][T12029] ? retint_kernel+0x2b/0x2b [ 506.755380][T12029] ___sys_sendmsg+0x100/0x170 [ 506.760034][T12029] ? sendmsg_copy_msghdr+0x70/0x70 [ 506.765127][T12029] ? __fget_files+0x329/0x4f0 [ 506.769786][T12029] ? ksys_dup3+0x3c0/0x3c0 [ 506.774204][T12029] ? __fget_light+0x208/0x270 [ 506.778897][T12029] __sys_sendmsg+0xec/0x1b0 [ 506.783378][T12029] ? __sys_sendmsg_sock+0xb0/0xb0 [ 506.788389][T12029] ? __x64_sys_futex+0x380/0x4f0 [ 506.793320][T12029] ? trace_hardirqs_off_caller+0x55/0x230 [ 506.799057][T12029] ? do_syscall_64+0x21/0x7d0 [ 506.803715][T12029] do_syscall_64+0xf6/0x7d0 [ 506.808208][T12029] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 506.814097][T12029] RIP: 0033:0x45c849 [ 506.818004][T12029] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 506.837584][T12029] RSP: 002b:00007f081711fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 506.845977][T12029] RAX: ffffffffffffffda RBX: 00007f08171206d4 RCX: 000000000045c849 [ 506.853941][T12029] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 506.861887][T12029] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 06:10:07 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0x0) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 506.869832][T12029] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 506.877786][T12029] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:07 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e", 0x23}], 0x1}, 0x0) 06:10:07 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:07 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:07 executing program 3: socket$kcm(0xa, 0x6, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(0xffffffffffffffff, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r2, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:07 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000", 0x29}], 0x1}, 0x0) 06:10:07 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x2}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:07 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d5a24fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:08 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0x0) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 507.199013][T12510] netlink: 'syz-executor.5': attribute type 8 has an invalid length. [ 507.248339][T12510] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.5'. [ 507.343476][T12510] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 507.343476][T12510] !' [ 507.354557][T12510] CPU: 0 PID: 12510 Comm: syz-executor.5 Not tainted 5.6.0-rc7-syzkaller #0 [ 507.363245][T12510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 507.373493][T12510] Call Trace: [ 507.376791][T12510] dump_stack+0x188/0x20d [ 507.381133][T12510] sysfs_warn_dup.cold+0x1c/0x2d [ 507.386168][T12510] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 507.392244][T12510] sysfs_create_link+0x61/0xc0 [ 507.397017][T12510] device_add+0x71c/0x1bc0 [ 507.401467][T12510] ? uevent_show+0x360/0x360 [ 507.406069][T12510] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 507.412073][T12510] wiphy_register+0x1c46/0x2720 [ 507.416950][T12510] ? wiphy_unregister+0xf90/0xf90 [ 507.421989][T12510] ? retint_kernel+0x2b/0x2b [ 507.426613][T12510] ? ieee80211_cs_list_valid+0x198/0x280 [ 507.432268][T12510] ieee80211_register_hw+0x141d/0x3760 [ 507.437755][T12510] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 507.443226][T12510] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 507.448777][T12510] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 507.454756][T12510] ? memset+0x20/0x40 [ 507.458756][T12510] ? __hrtimer_init+0x134/0x260 [ 507.463621][T12510] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 507.469345][T12510] ? vprintk_func+0x81/0x17e [ 507.473977][T12510] ? hwsim_register_received_nl+0x400/0x400 [ 507.479887][T12510] hwsim_new_radio_nl+0x905/0xf60 [ 507.484922][T12510] ? trace_hardirqs_on_thunk+0x1a/0x1c 06:10:08 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0x0) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:08 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x3}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 507.490391][T12510] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 507.496288][T12510] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 507.502029][T12510] genl_rcv_msg+0x627/0xdf0 [ 507.506516][T12510] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 507.512865][T12510] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 507.518733][T12510] netlink_rcv_skb+0x15a/0x410 [ 507.523494][T12510] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 507.529819][T12510] ? netlink_ack+0xa80/0xa80 [ 507.534440][T12510] genl_rcv+0x24/0x40 [ 507.538425][T12510] netlink_unicast+0x537/0x740 [ 507.543209][T12510] ? netlink_attachskb+0x810/0x810 [ 507.548351][T12510] netlink_sendmsg+0x882/0xe10 [ 507.553138][T12510] ? aa_af_perm+0x260/0x260 [ 507.557657][T12510] ? netlink_unicast+0x740/0x740 [ 507.562629][T12510] ? netlink_unicast+0x740/0x740 [ 507.567577][T12510] sock_sendmsg+0xcf/0x120 [ 507.571992][T12510] ____sys_sendmsg+0x6b9/0x7d0 [ 507.576762][T12510] ? kernel_sendmsg+0x50/0x50 [ 507.581447][T12510] ? retint_kernel+0x2b/0x2b [ 507.586067][T12510] ___sys_sendmsg+0x100/0x170 06:10:08 executing program 0: socket$kcm(0xa, 0x6, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(0xffffffffffffffff, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r2, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 507.590755][T12510] ? sendmsg_copy_msghdr+0x70/0x70 [ 507.595884][T12510] ? __fget_files+0x133/0x4f0 [ 507.600581][T12510] ? __fget_files+0x329/0x4f0 [ 507.605292][T12510] ? ksys_dup3+0x3c0/0x3c0 [ 507.609713][T12510] ? lock_acquire+0x197/0x420 [ 507.614388][T12510] ? __might_fault+0xef/0x1d0 [ 507.619077][T12510] ? __fget_light+0x208/0x270 [ 507.623769][T12510] __sys_sendmsg+0xec/0x1b0 [ 507.628287][T12510] ? __sys_sendmsg_sock+0xb0/0xb0 [ 507.633331][T12510] ? __x64_sys_futex+0x380/0x4f0 [ 507.638297][T12510] ? trace_hardirqs_off_caller+0x55/0x230 [ 507.644028][T12510] ? do_syscall_64+0x21/0x7d0 [ 507.648720][T12510] do_syscall_64+0xf6/0x7d0 [ 507.653240][T12510] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 507.659144][T12510] RIP: 0033:0x45c849 [ 507.663040][T12510] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 507.682640][T12510] RSP: 002b:00007fd76ecbfc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e 06:10:08 executing program 0: socket$kcm(0xa, 0x6, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(0xffffffffffffffff, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r2, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 507.691050][T12510] RAX: ffffffffffffffda RBX: 00007fd76ecc06d4 RCX: 000000000045c849 [ 507.699030][T12510] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 507.707004][T12510] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 507.714972][T12510] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 507.722946][T12510] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:08 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x4}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 507.765761][T12522] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 507.781744][T12522] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. 06:10:08 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 507.844853][T12522] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 507.844853][T12522] !' [ 507.897401][T12522] CPU: 0 PID: 12522 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 507.906095][T12522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 507.916152][T12522] Call Trace: [ 507.919450][T12522] dump_stack+0x188/0x20d [ 507.923801][T12522] sysfs_warn_dup.cold+0x1c/0x2d [ 507.928754][T12522] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 507.934883][T12522] sysfs_create_link+0x61/0xc0 [ 507.939669][T12522] device_add+0x71c/0x1bc0 [ 507.944133][T12522] ? ieee80211_set_bitrate_flags+0x145/0x5c0 [ 507.950116][T12522] ? uevent_show+0x360/0x360 [ 507.954693][T12522] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 507.960665][T12522] wiphy_register+0x1c46/0x2720 [ 507.965509][T12522] ? wiphy_unregister+0xf90/0xf90 [ 507.970520][T12522] ? retint_kernel+0x2b/0x2b [ 507.975099][T12522] ? ieee80211_register_hw+0x113d/0x3760 [ 507.980709][T12522] ? ieee80211_register_hw+0x114a/0x3760 [ 507.986337][T12522] ieee80211_register_hw+0x141d/0x3760 [ 507.991802][T12522] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 507.997248][T12522] ? __hrtimer_init+0x205/0x260 [ 508.002086][T12522] ? kcov_common_handle+0x20/0x20 [ 508.007094][T12522] ? __hrtimer_init+0x134/0x260 [ 508.011933][T12522] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 508.017633][T12522] ? lockdep_hardirqs_on+0x417/0x5d0 [ 508.022917][T12522] ? hwsim_register_received_nl+0x400/0x400 [ 508.028813][T12522] hwsim_new_radio_nl+0x905/0xf60 [ 508.033832][T12522] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 508.039278][T12522] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 508.045152][T12522] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 508.050869][T12522] ? genl_rcv_msg+0x4ca/0xdf0 [ 508.055537][T12522] genl_rcv_msg+0x627/0xdf0 [ 508.060032][T12522] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 508.066342][T12522] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 508.071790][T12522] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 508.077503][T12522] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 508.083843][T12522] netlink_rcv_skb+0x15a/0x410 [ 508.088606][T12522] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 508.094922][T12522] ? netlink_ack+0xa80/0xa80 [ 508.099515][T12522] genl_rcv+0x24/0x40 [ 508.103480][T12522] netlink_unicast+0x537/0x740 [ 508.108232][T12522] ? netlink_attachskb+0x810/0x810 [ 508.113349][T12522] ? _copy_from_iter_full+0x25c/0x870 [ 508.118709][T12522] ? __phys_addr_symbol+0x2c/0x70 [ 508.123717][T12522] ? __check_object_size+0x171/0x437 [ 508.128997][T12522] netlink_sendmsg+0x882/0xe10 [ 508.133755][T12522] ? netlink_unicast+0x740/0x740 [ 508.138696][T12522] ? netlink_unicast+0x740/0x740 [ 508.143617][T12522] sock_sendmsg+0xcf/0x120 [ 508.148020][T12522] ____sys_sendmsg+0x6b9/0x7d0 [ 508.152771][T12522] ? kernel_sendmsg+0x50/0x50 [ 508.157441][T12522] ? mark_lock+0xbc/0x1220 [ 508.161871][T12522] ___sys_sendmsg+0x100/0x170 [ 508.166552][T12522] ? sendmsg_copy_msghdr+0x70/0x70 [ 508.171675][T12522] ? __fget_files+0x329/0x4f0 [ 508.176352][T12522] ? ksys_dup3+0x3c0/0x3c0 [ 508.180752][T12522] ? lock_acquire+0x209/0x420 [ 508.185426][T12522] ? __fget_light+0x208/0x270 [ 508.190214][T12522] __sys_sendmsg+0xec/0x1b0 [ 508.194707][T12522] ? __sys_sendmsg_sock+0xb0/0xb0 [ 508.199736][T12522] ? do_syscall_64+0xbc/0x7d0 [ 508.204407][T12522] do_syscall_64+0xf6/0x7d0 [ 508.208898][T12522] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 508.214773][T12522] RIP: 0033:0x45c849 [ 508.218656][T12522] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 508.238243][T12522] RSP: 002b:00007f081711fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 508.246637][T12522] RAX: ffffffffffffffda RBX: 00007f08171206d4 RCX: 000000000045c849 [ 508.254603][T12522] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 508.262652][T12522] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 508.270611][T12522] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 508.278561][T12522] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:09 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0xa}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 508.344604][T12942] netlink: 'syz-executor.5': attribute type 8 has an invalid length. [ 508.393777][T12942] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.5'. [ 508.462216][T12942] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 508.462216][T12942] !' 06:10:09 executing program 3: socket$kcm(0xa, 0x6, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(0xffffffffffffffff, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r2, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:09 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000", 0x29}], 0x1}, 0x0) 06:10:09 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d6c24fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:09 executing program 0: socket$kcm(0xa, 0x6, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(0xffffffffffffffff, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r2, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:09 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0xe}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 508.553582][T12942] CPU: 0 PID: 12942 Comm: syz-executor.5 Not tainted 5.6.0-rc7-syzkaller #0 [ 508.562288][T12942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 508.572447][T12942] Call Trace: [ 508.575742][T12942] dump_stack+0x188/0x20d [ 508.580094][T12942] sysfs_warn_dup.cold+0x1c/0x2d [ 508.585044][T12942] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 508.591113][T12942] sysfs_create_link+0x61/0xc0 [ 508.595892][T12942] device_add+0x71c/0x1bc0 06:10:09 executing program 0: socket$kcm(0xa, 0x6, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(0xffffffffffffffff, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r2, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 508.600321][T12942] ? uevent_show+0x360/0x360 [ 508.604920][T12942] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 508.610916][T12942] wiphy_register+0x1c46/0x2720 [ 508.615793][T12942] ? wiphy_unregister+0xf90/0xf90 [ 508.620826][T12942] ? retint_kernel+0x2b/0x2b [ 508.625443][T12942] ? ieee80211_register_hw+0x13b6/0x3760 [ 508.631090][T12942] ieee80211_register_hw+0x141d/0x3760 [ 508.636574][T12942] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 508.642044][T12942] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 508.647595][T12942] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 508.653703][T12942] ? memset+0x20/0x40 [ 508.657694][T12942] ? __hrtimer_init+0x134/0x260 [ 508.662562][T12942] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 508.668290][T12942] ? vprintk_func+0x81/0x17e [ 508.672909][T12942] ? hwsim_register_received_nl+0x400/0x400 [ 508.678823][T12942] hwsim_new_radio_nl+0x905/0xf60 [ 508.683845][T12942] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 508.689305][T12942] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 508.695200][T12942] ? smp_apic_timer_interrupt+0x1b6/0x600 06:10:09 executing program 0: socket$kcm(0xa, 0x6, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(0xffffffffffffffff, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r2, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 508.700948][T12942] genl_rcv_msg+0x627/0xdf0 [ 508.705567][T12942] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 508.711930][T12942] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 508.717839][T12942] netlink_rcv_skb+0x15a/0x410 [ 508.722613][T12942] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 508.728963][T12942] ? netlink_ack+0xa80/0xa80 [ 508.733603][T12942] genl_rcv+0x24/0x40 [ 508.737691][T12942] netlink_unicast+0x537/0x740 [ 508.742464][T12942] ? netlink_attachskb+0x810/0x810 [ 508.747585][T12942] ? _copy_from_iter_full+0x25c/0x870 [ 508.752964][T12942] ? __phys_addr_symbol+0x2c/0x70 [ 508.758000][T12942] ? __check_object_size+0x171/0x437 [ 508.763322][T12942] netlink_sendmsg+0x882/0xe10 [ 508.768138][T12942] ? aa_af_perm+0x260/0x260 [ 508.772648][T12942] ? netlink_unicast+0x740/0x740 [ 508.777613][T12942] ? netlink_unicast+0x740/0x740 [ 508.782578][T12942] sock_sendmsg+0xcf/0x120 [ 508.787008][T12942] ____sys_sendmsg+0x6b9/0x7d0 [ 508.791782][T12942] ? kernel_sendmsg+0x50/0x50 [ 508.796466][T12942] ? mark_lock+0xbc/0x1220 06:10:09 executing program 0: socket$kcm(0xa, 0x6, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(0xffffffffffffffff, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r2, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 508.800889][T12942] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 508.806368][T12942] ___sys_sendmsg+0x100/0x170 [ 508.811056][T12942] ? sendmsg_copy_msghdr+0x70/0x70 [ 508.816180][T12942] ? __fget_files+0x143/0x4f0 [ 508.820868][T12942] ? __fget_files+0x329/0x4f0 [ 508.825559][T12942] ? ksys_dup3+0x3c0/0x3c0 [ 508.829981][T12942] ? lock_acquire+0x197/0x420 [ 508.834666][T12942] ? __might_fault+0xef/0x1d0 [ 508.839351][T12942] ? __fget_light+0x208/0x270 [ 508.844045][T12942] __sys_sendmsg+0xec/0x1b0 [ 508.848557][T12942] ? __sys_sendmsg_sock+0xb0/0xb0 [ 508.853589][T12942] ? __x64_sys_futex+0x380/0x4f0 [ 508.858551][T12942] ? trace_hardirqs_off_caller+0x55/0x230 [ 508.864280][T12942] ? do_syscall_64+0x21/0x7d0 [ 508.868968][T12942] do_syscall_64+0xf6/0x7d0 [ 508.873474][T12942] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 508.879365][T12942] RIP: 0033:0x45c849 [ 508.883253][T12942] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 06:10:09 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 508.902847][T12942] RSP: 002b:00007fd76ecbfc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 508.911266][T12942] RAX: ffffffffffffffda RBX: 00007fd76ecc06d4 RCX: 000000000045c849 [ 508.919239][T12942] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 508.927207][T12942] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 508.935175][T12942] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 508.943149][T12942] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:09 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:09 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:09 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000", 0x29}], 0x1}, 0x0) [ 509.041101][T13514] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 509.060340][T13514] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 509.147429][T13514] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 509.147429][T13514] !' [ 509.206708][T13514] CPU: 0 PID: 13514 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 509.215412][T13514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 509.225466][T13514] Call Trace: [ 509.228776][T13514] dump_stack+0x188/0x20d [ 509.233127][T13514] sysfs_warn_dup.cold+0x1c/0x2d [ 509.238082][T13514] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 509.244158][T13514] sysfs_create_link+0x61/0xc0 [ 509.248925][T13514] device_add+0x71c/0x1bc0 [ 509.253357][T13514] ? uevent_show+0x360/0x360 [ 509.257961][T13514] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 509.263958][T13514] wiphy_register+0x1c46/0x2720 [ 509.268841][T13514] ? wiphy_unregister+0xf90/0xf90 [ 509.273871][T13514] ? retint_kernel+0x2b/0x2b [ 509.278461][T13514] ? ieee80211_cs_list_valid+0x198/0x280 [ 509.284078][T13514] ieee80211_register_hw+0x141d/0x3760 [ 509.289520][T13514] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 509.294959][T13514] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 509.300485][T13514] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 509.306473][T13514] ? memset+0x20/0x40 [ 509.310474][T13514] ? __hrtimer_init+0x134/0x260 [ 509.315335][T13514] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 509.321055][T13514] ? printk+0xbf/0xed [ 509.325084][T13514] ? hwsim_register_received_nl+0x400/0x400 [ 509.331011][T13514] hwsim_new_radio_nl+0x905/0xf60 [ 509.336053][T13514] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 509.341936][T13514] ? cap_capable+0x1eb/0x250 [ 509.346545][T13514] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 509.352872][T13514] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 509.359187][T13514] genl_rcv_msg+0x627/0xdf0 [ 509.363676][T13514] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 509.369997][T13514] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 509.375470][T13514] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 509.381190][T13514] ? netlink_rcv_skb+0x308/0x410 [ 509.386111][T13514] netlink_rcv_skb+0x15a/0x410 [ 509.390873][T13514] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 509.397191][T13514] ? netlink_ack+0xa80/0xa80 [ 509.401873][T13514] genl_rcv+0x24/0x40 [ 509.405842][T13514] netlink_unicast+0x537/0x740 [ 509.410598][T13514] ? netlink_attachskb+0x810/0x810 [ 509.415718][T13514] ? _copy_from_iter_full+0x25c/0x870 [ 509.421077][T13514] ? __phys_addr_symbol+0x2c/0x70 [ 509.426092][T13514] ? __check_object_size+0x171/0x437 [ 509.431361][T13514] netlink_sendmsg+0x882/0xe10 [ 509.436121][T13514] ? aa_af_perm+0x260/0x260 [ 509.440625][T13514] ? netlink_unicast+0x740/0x740 [ 509.445563][T13514] ? netlink_unicast+0x740/0x740 [ 509.450492][T13514] sock_sendmsg+0xcf/0x120 [ 509.454910][T13514] ____sys_sendmsg+0x6b9/0x7d0 [ 509.459666][T13514] ? kernel_sendmsg+0x50/0x50 [ 509.464421][T13514] ? mark_lock+0xbc/0x1220 [ 509.468826][T13514] ___sys_sendmsg+0x100/0x170 [ 509.473484][T13514] ? sendmsg_copy_msghdr+0x70/0x70 [ 509.478581][T13514] ? __fget_files+0x329/0x4f0 [ 509.483240][T13514] ? ksys_dup3+0x3c0/0x3c0 [ 509.487645][T13514] ? __fget_light+0x208/0x270 [ 509.492304][T13514] __sys_sendmsg+0xec/0x1b0 [ 509.496793][T13514] ? __sys_sendmsg_sock+0xb0/0xb0 [ 509.501812][T13514] ? __x64_sys_futex+0x380/0x4f0 [ 509.506745][T13514] ? trace_hardirqs_off_caller+0x55/0x230 [ 509.512443][T13514] ? do_syscall_64+0x21/0x7d0 [ 509.517101][T13514] do_syscall_64+0xf6/0x7d0 [ 509.521589][T13514] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 509.527455][T13514] RIP: 0033:0x45c849 [ 509.531332][T13514] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 509.550924][T13514] RSP: 002b:00007f081711fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 509.559368][T13514] RAX: ffffffffffffffda RBX: 00007f08171206d4 RCX: 000000000045c849 [ 509.567321][T13514] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 509.575314][T13514] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 509.583279][T13514] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 509.591237][T13514] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:10 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, 0x0) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:10 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:10 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0409fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:10 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700", 0x2c}], 0x1}, 0x0) 06:10:10 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:10 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x19}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 509.722086][T13804] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 509.775431][T13804] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.4'. 06:10:10 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 509.846993][T13804] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 509.846993][T13804] !' [ 509.870093][T13804] CPU: 0 PID: 13804 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 509.878777][T13804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 509.888830][T13804] Call Trace: [ 509.892145][T13804] dump_stack+0x188/0x20d [ 509.896492][T13804] sysfs_warn_dup.cold+0x1c/0x2d [ 509.901442][T13804] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 509.907518][T13804] sysfs_create_link+0x61/0xc0 [ 509.912292][T13804] device_add+0x71c/0x1bc0 [ 509.916724][T13804] ? uevent_show+0x360/0x360 [ 509.921339][T13804] wiphy_register+0x1c46/0x2720 [ 509.926236][T13804] ? wiphy_unregister+0xf90/0xf90 [ 509.931276][T13804] ? __kmalloc+0x629/0x7a0 [ 509.935699][T13804] ? ieee80211_register_hw+0xbea/0x3760 [ 509.941259][T13804] ? ieee80211_cs_list_valid+0x198/0x280 [ 509.946902][T13804] ieee80211_register_hw+0x141d/0x3760 [ 509.952404][T13804] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 509.957889][T13804] ? retint_kernel+0x2b/0x2b [ 509.962518][T13804] ? __hrtimer_init+0x134/0x260 [ 509.967389][T13804] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 509.973113][T13804] ? vprintk_func+0x81/0x17e [ 509.977734][T13804] ? hwsim_register_received_nl+0x400/0x400 [ 509.983636][T13804] ? lockdep_hardirqs_on+0x417/0x5d0 [ 509.988937][T13804] hwsim_new_radio_nl+0x905/0xf60 06:10:10 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x28}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:10 executing program 0: socket$kcm(0xa, 0x6, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(0xffffffffffffffff, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r2, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 509.993960][T13804] ? lockdep_hardirqs_on+0x417/0x5d0 [ 509.999255][T13804] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 510.005182][T13804] genl_rcv_msg+0x627/0xdf0 [ 510.009707][T13804] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 510.016043][T13804] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 510.021516][T13804] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 510.027278][T13804] ? netlink_rcv_skb+0x101/0x410 [ 510.032234][T13804] netlink_rcv_skb+0x15a/0x410 [ 510.037003][T13804] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 510.043338][T13804] ? netlink_ack+0xa80/0xa80 [ 510.047968][T13804] genl_rcv+0x24/0x40 [ 510.051944][T13804] netlink_unicast+0x537/0x740 [ 510.056718][T13804] ? netlink_attachskb+0x810/0x810 [ 510.061850][T13804] ? _copy_from_iter_full+0x25c/0x870 [ 510.067262][T13804] netlink_sendmsg+0x882/0xe10 [ 510.072045][T13804] ? aa_af_perm+0x260/0x260 [ 510.076552][T13804] ? netlink_unicast+0x740/0x740 [ 510.081530][T13804] ? netlink_unicast+0x740/0x740 [ 510.086496][T13804] sock_sendmsg+0xcf/0x120 [ 510.090920][T13804] ____sys_sendmsg+0x6b9/0x7d0 [ 510.095707][T13804] ? retint_kernel+0x2b/0x2b [ 510.100338][T13804] ? kernel_sendmsg+0x50/0x50 [ 510.105040][T13804] ? sendmsg_copy_msghdr+0x3f/0x70 [ 510.110167][T13804] ? __sanitizer_cov_trace_pc+0x37/0x50 [ 510.115742][T13804] ___sys_sendmsg+0x100/0x170 [ 510.120434][T13804] ? sendmsg_copy_msghdr+0x70/0x70 [ 510.125568][T13804] ? __fget_files+0x329/0x4f0 [ 510.130262][T13804] ? ksys_dup3+0x3c0/0x3c0 [ 510.134680][T13804] ? lock_acquire+0x197/0x420 [ 510.139363][T13804] ? __might_fault+0xef/0x1d0 06:10:10 executing program 0: socket$kcm(0xa, 0x6, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(0xffffffffffffffff, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r2, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 510.144057][T13804] ? __fget_light+0x208/0x270 [ 510.148750][T13804] __sys_sendmsg+0xec/0x1b0 [ 510.153262][T13804] ? __sys_sendmsg_sock+0xb0/0xb0 [ 510.158299][T13804] ? __x64_sys_futex+0x380/0x4f0 [ 510.163284][T13804] ? trace_hardirqs_off_caller+0x55/0x230 [ 510.169020][T13804] ? do_syscall_64+0x21/0x7d0 [ 510.173720][T13804] do_syscall_64+0xf6/0x7d0 [ 510.178246][T13804] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 510.184136][T13804] RIP: 0033:0x45c849 [ 510.188036][T13804] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 510.207640][T13804] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 510.216055][T13804] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 510.224031][T13804] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 510.232009][T13804] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 510.239985][T13804] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 510.247969][T13804] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 510.298104][T13917] netlink: 'syz-executor.3': attribute type 8 has an invalid length. 06:10:11 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x60}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:11 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 510.339126][T13917] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 510.378521][T13917] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 510.378521][T13917] !' [ 510.445419][T13917] CPU: 0 PID: 13917 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 510.454112][T13917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 510.464169][T13917] Call Trace: [ 510.467472][T13917] dump_stack+0x188/0x20d [ 510.471825][T13917] sysfs_warn_dup.cold+0x1c/0x2d [ 510.476778][T13917] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 510.482857][T13917] sysfs_create_link+0x61/0xc0 [ 510.487631][T13917] device_add+0x71c/0x1bc0 [ 510.492075][T13917] ? uevent_show+0x360/0x360 [ 510.496767][T13917] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 510.502759][T13917] wiphy_register+0x1c46/0x2720 [ 510.507621][T13917] ? wiphy_unregister+0xf90/0xf90 [ 510.512651][T13917] ? retint_kernel+0x2b/0x2b [ 510.517262][T13917] ? ieee80211_cs_list_valid+0x198/0x280 [ 510.522892][T13917] ieee80211_register_hw+0x141d/0x3760 [ 510.528365][T13917] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 510.533834][T13917] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 510.539377][T13917] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 510.545342][T13917] ? memset+0x20/0x40 [ 510.549305][T13917] ? __hrtimer_init+0x134/0x260 [ 510.554140][T13917] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 510.559863][T13917] ? hwsim_register_received_nl+0x400/0x400 [ 510.565781][T13917] hwsim_new_radio_nl+0x905/0xf60 [ 510.570794][T13917] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 510.576673][T13917] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 510.582386][T13917] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 510.588715][T13917] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 510.595035][T13917] genl_rcv_msg+0x627/0xdf0 [ 510.599547][T13917] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 510.605866][T13917] ? lockdep_hardirqs_on+0x417/0x5d0 [ 510.611150][T13917] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 510.616632][T13917] netlink_rcv_skb+0x15a/0x410 [ 510.621388][T13917] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 510.627709][T13917] ? netlink_ack+0xa80/0xa80 [ 510.632296][T13917] genl_rcv+0x24/0x40 [ 510.636256][T13917] netlink_unicast+0x537/0x740 [ 510.641007][T13917] ? netlink_attachskb+0x810/0x810 [ 510.646184][T13917] ? _copy_from_iter_full+0x25c/0x870 [ 510.651541][T13917] ? __phys_addr_symbol+0x2c/0x70 [ 510.656549][T13917] ? __check_object_size+0x171/0x437 [ 510.661831][T13917] netlink_sendmsg+0x882/0xe10 [ 510.666586][T13917] ? netlink_unicast+0x740/0x740 [ 510.671516][T13917] ? netlink_unicast+0x740/0x740 [ 510.676436][T13917] sock_sendmsg+0xcf/0x120 [ 510.680839][T13917] ____sys_sendmsg+0x6b9/0x7d0 [ 510.685586][T13917] ? kernel_sendmsg+0x50/0x50 [ 510.690249][T13917] ? mark_lock+0xbc/0x1220 [ 510.694670][T13917] ___sys_sendmsg+0x100/0x170 [ 510.699342][T13917] ? sendmsg_copy_msghdr+0x70/0x70 [ 510.704491][T13917] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 510.709965][T13917] ? lockdep_hardirqs_on+0x417/0x5d0 [ 510.715239][T13917] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 510.720687][T13917] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 510.726397][T13917] ? retint_kernel+0x2b/0x2b [ 510.730992][T13917] __sys_sendmsg+0xec/0x1b0 [ 510.735484][T13917] ? __sys_sendmsg_sock+0xb0/0xb0 [ 510.740492][T13917] ? __x64_sys_futex+0x380/0x4f0 [ 510.745430][T13917] ? trace_hardirqs_off_caller+0x55/0x230 [ 510.751136][T13917] ? do_syscall_64+0x21/0x7d0 [ 510.755884][T13917] do_syscall_64+0xf6/0x7d0 [ 510.760377][T13917] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 510.766253][T13917] RIP: 0033:0x45c849 [ 510.770134][T13917] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 510.789726][T13917] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 510.798126][T13917] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 [ 510.806082][T13917] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 510.814035][T13917] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 510.821989][T13917] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 510.829956][T13917] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c [ 510.868217][T14386] netlink: 'syz-executor.5': attribute type 8 has an invalid length. [ 510.876301][T14386] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.5'. [ 510.913644][T14386] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 510.913644][T14386] !' [ 510.929803][T14386] CPU: 0 PID: 14386 Comm: syz-executor.5 Not tainted 5.6.0-rc7-syzkaller #0 [ 510.938496][T14386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 510.948543][T14386] Call Trace: [ 510.951835][T14386] dump_stack+0x188/0x20d [ 510.956176][T14386] sysfs_warn_dup.cold+0x1c/0x2d 06:10:11 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, 0x0) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:11 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700", 0x2c}], 0x1}, 0x0) 06:10:11 executing program 0: socket$kcm(0xa, 0x6, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(0xffffffffffffffff, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r2, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:11 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d040ffc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:11 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0xf0}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 510.961125][T14386] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 510.967197][T14386] sysfs_create_link+0x61/0xc0 [ 510.971968][T14386] device_add+0x71c/0x1bc0 [ 510.976396][T14386] ? uevent_show+0x360/0x360 [ 510.980995][T14386] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 510.986981][T14386] wiphy_register+0x1c46/0x2720 [ 510.991850][T14386] ? wiphy_unregister+0xf90/0xf90 [ 510.996883][T14386] ? __kmalloc+0x629/0x7a0 [ 511.001306][T14386] ? ieee80211_register_hw+0xbea/0x3760 [ 511.006865][T14386] ? ieee80211_cs_list_valid+0x198/0x280 [ 511.012515][T14386] ieee80211_register_hw+0x141d/0x3760 [ 511.018012][T14386] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 511.023487][T14386] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 511.029045][T14386] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 511.035128][T14386] ? memset+0x20/0x40 [ 511.039116][T14386] ? __hrtimer_init+0x134/0x260 [ 511.043975][T14386] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 511.049710][T14386] ? vprintk_func+0x81/0x17e [ 511.054330][T14386] ? hwsim_register_received_nl+0x400/0x400 06:10:11 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, 0x0) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 511.060246][T14386] hwsim_new_radio_nl+0x905/0xf60 [ 511.065385][T14386] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 511.071282][T14386] ? cap_capable+0x1eb/0x250 [ 511.075886][T14386] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 511.082221][T14386] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 511.088560][T14386] genl_rcv_msg+0x627/0xdf0 [ 511.093097][T14386] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 511.099456][T14386] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 511.105288][T14386] netlink_rcv_skb+0x15a/0x410 [ 511.110059][T14386] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 511.116381][T14386] ? netlink_ack+0xa80/0xa80 [ 511.120996][T14386] genl_rcv+0x24/0x40 [ 511.124983][T14386] netlink_unicast+0x537/0x740 [ 511.129764][T14386] ? netlink_attachskb+0x810/0x810 [ 511.134881][T14386] ? _copy_from_iter_full+0x25c/0x870 [ 511.140279][T14386] ? __phys_addr_symbol+0x2c/0x70 [ 511.145305][T14386] ? __check_object_size+0x171/0x437 [ 511.150604][T14386] netlink_sendmsg+0x882/0xe10 [ 511.155379][T14386] ? aa_af_perm+0x260/0x260 [ 511.159888][T14386] ? netlink_unicast+0x740/0x740 [ 511.164851][T14386] ? netlink_unicast+0x740/0x740 [ 511.169796][T14386] sock_sendmsg+0xcf/0x120 [ 511.174221][T14386] ____sys_sendmsg+0x6b9/0x7d0 [ 511.178993][T14386] ? kernel_sendmsg+0x50/0x50 [ 511.183679][T14386] ? mark_lock+0xbc/0x1220 [ 511.188098][T14386] ___sys_sendmsg+0x100/0x170 [ 511.192780][T14386] ? sendmsg_copy_msghdr+0x70/0x70 [ 511.197917][T14386] ? __fget_files+0x329/0x4f0 [ 511.202595][T14386] ? ksys_dup3+0x3c0/0x3c0 [ 511.206999][T14386] ? lock_acquire+0x197/0x420 06:10:12 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, 0x0) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 511.211685][T14386] ? __might_fault+0xef/0x1d0 [ 511.216377][T14386] ? __fget_light+0x208/0x270 [ 511.221063][T14386] __sys_sendmsg+0xec/0x1b0 [ 511.225591][T14386] ? __sys_sendmsg_sock+0xb0/0xb0 [ 511.230620][T14386] ? __x64_sys_futex+0x380/0x4f0 [ 511.235604][T14386] ? trace_hardirqs_off_caller+0x55/0x230 [ 511.241330][T14386] ? do_syscall_64+0x21/0x7d0 [ 511.246008][T14386] do_syscall_64+0xf6/0x7d0 [ 511.250517][T14386] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 511.256406][T14386] RIP: 0033:0x45c849 [ 511.260306][T14386] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 511.280016][T14386] RSP: 002b:00007fd76ecbfc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 511.288429][T14386] RAX: ffffffffffffffda RBX: 00007fd76ecc06d4 RCX: 000000000045c849 [ 511.296406][T14386] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006 [ 511.304375][T14386] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 06:10:12 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 511.312349][T14386] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 511.320318][T14386] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 511.336873][T14444] netlink: 'syz-executor.4': attribute type 8 has an invalid length. 06:10:12 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, 0x0) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 511.359537][T14444] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.4'. [ 511.393912][T14444] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 511.393912][T14444] !' [ 511.406308][T14444] CPU: 1 PID: 14444 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 511.414982][T14444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 511.425034][T14444] Call Trace: [ 511.428342][T14444] dump_stack+0x188/0x20d [ 511.432693][T14444] sysfs_warn_dup.cold+0x1c/0x2d [ 511.437637][T14444] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 511.443801][T14444] sysfs_create_link+0x61/0xc0 [ 511.448567][T14444] device_add+0x71c/0x1bc0 [ 511.453010][T14444] ? uevent_show+0x360/0x360 [ 511.457604][T14444] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 511.463607][T14444] wiphy_register+0x1c46/0x2720 [ 511.468570][T14444] ? wiphy_unregister+0xf90/0xf90 [ 511.473606][T14444] ? __kmalloc+0x629/0x7a0 [ 511.478032][T14444] ? ieee80211_register_hw+0xbea/0x3760 [ 511.483595][T14444] ? ieee80211_cs_list_valid+0x198/0x280 [ 511.489234][T14444] ieee80211_register_hw+0x141d/0x3760 [ 511.494712][T14444] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 511.500183][T14444] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 511.505746][T14444] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 511.511728][T14444] ? memset+0x20/0x40 [ 511.515720][T14444] ? __hrtimer_init+0x134/0x260 [ 511.520581][T14444] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 511.526299][T14444] ? vprintk_func+0x81/0x17e [ 511.530916][T14444] ? hwsim_register_received_nl+0x400/0x400 [ 511.536830][T14444] hwsim_new_radio_nl+0x905/0xf60 [ 511.541890][T14444] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 511.547786][T14444] ? cap_capable+0x1eb/0x250 [ 511.552401][T14444] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 511.558732][T14444] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 511.565069][T14444] genl_rcv_msg+0x627/0xdf0 [ 511.569676][T14444] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 511.576042][T14444] ? lockdep_hardirqs_on+0x417/0x5d0 [ 511.581343][T14444] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 511.586830][T14444] netlink_rcv_skb+0x15a/0x410 [ 511.591703][T14444] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 511.598039][T14444] ? netlink_ack+0xa80/0xa80 [ 511.602663][T14444] genl_rcv+0x24/0x40 [ 511.606654][T14444] netlink_unicast+0x537/0x740 [ 511.611424][T14444] ? netlink_attachskb+0x810/0x810 [ 511.616538][T14444] ? _copy_from_iter_full+0x25c/0x870 [ 511.621931][T14444] ? __phys_addr_symbol+0x2c/0x70 [ 511.626959][T14444] ? __check_object_size+0x171/0x437 [ 511.632257][T14444] netlink_sendmsg+0x882/0xe10 [ 511.637031][T14444] ? aa_af_perm+0x260/0x260 [ 511.641533][T14444] ? netlink_unicast+0x740/0x740 [ 511.646491][T14444] ? netlink_unicast+0x740/0x740 [ 511.651437][T14444] sock_sendmsg+0xcf/0x120 [ 511.655854][T14444] ____sys_sendmsg+0x6b9/0x7d0 [ 511.660624][T14444] ? kernel_sendmsg+0x50/0x50 [ 511.665326][T14444] ? mark_lock+0xbc/0x1220 [ 511.669767][T14444] ___sys_sendmsg+0x100/0x170 [ 511.674460][T14444] ? sendmsg_copy_msghdr+0x70/0x70 [ 511.679600][T14444] ? __fget_files+0x329/0x4f0 [ 511.684295][T14444] ? ksys_dup3+0x3c0/0x3c0 [ 511.688716][T14444] ? lock_acquire+0x197/0x420 06:10:12 executing program 0: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0409fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:12 executing program 0: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0409fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 511.693399][T14444] ? __might_fault+0xef/0x1d0 [ 511.698097][T14444] ? __fget_light+0x208/0x270 [ 511.702788][T14444] __sys_sendmsg+0xec/0x1b0 [ 511.707282][T14444] ? __sys_sendmsg_sock+0xb0/0xb0 [ 511.712301][T14444] ? __x64_sys_futex+0x380/0x4f0 [ 511.717287][T14444] ? trace_hardirqs_off_caller+0x55/0x230 [ 511.723029][T14444] ? do_syscall_64+0x21/0x7d0 [ 511.727723][T14444] do_syscall_64+0xf6/0x7d0 [ 511.732238][T14444] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 511.738129][T14444] RIP: 0033:0x45c849 06:10:12 executing program 0: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0409fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 511.742020][T14444] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 511.761700][T14444] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 511.770111][T14444] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 511.778092][T14444] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 511.786067][T14444] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 511.794040][T14444] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 511.802012][T14444] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 511.830781][T14550] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 511.857094][T14550] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 511.882727][T14550] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 511.882727][T14550] !' [ 511.894150][T14550] CPU: 1 PID: 14550 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 511.902860][T14550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 511.912914][T14550] Call Trace: [ 511.916210][T14550] dump_stack+0x188/0x20d [ 511.920554][T14550] sysfs_warn_dup.cold+0x1c/0x2d [ 511.925502][T14550] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 511.931660][T14550] sysfs_create_link+0x61/0xc0 [ 511.936430][T14550] device_add+0x71c/0x1bc0 [ 511.940856][T14550] ? uevent_show+0x360/0x360 [ 511.945444][T14550] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 511.951440][T14550] wiphy_register+0x1c46/0x2720 [ 511.956315][T14550] ? wiphy_unregister+0xf90/0xf90 [ 511.961352][T14550] ? __kmalloc+0x629/0x7a0 [ 511.965761][T14550] ? ieee80211_register_hw+0xbea/0x3760 [ 511.971297][T14550] ? ieee80211_cs_list_valid+0x198/0x280 [ 511.976919][T14550] ieee80211_register_hw+0x141d/0x3760 [ 511.982377][T14550] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 511.987825][T14550] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 511.993362][T14550] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 511.999331][T14550] ? memset+0x20/0x40 [ 512.003302][T14550] ? __hrtimer_init+0x134/0x260 [ 512.008142][T14550] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 512.013847][T14550] ? vprintk_func+0x81/0x17e [ 512.018440][T14550] ? hwsim_register_received_nl+0x400/0x400 [ 512.024349][T14550] hwsim_new_radio_nl+0x905/0xf60 [ 512.029364][T14550] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 512.035251][T14550] ? cap_capable+0x1eb/0x250 [ 512.039855][T14550] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 512.046164][T14550] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 512.052476][T14550] genl_rcv_msg+0x627/0xdf0 [ 512.056969][T14550] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 512.063300][T14550] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 512.069098][T14550] netlink_rcv_skb+0x15a/0x410 [ 512.073852][T14550] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 512.080164][T14550] ? netlink_ack+0xa80/0xa80 [ 512.084758][T14550] genl_rcv+0x24/0x40 [ 512.088723][T14550] netlink_unicast+0x537/0x740 [ 512.093468][T14550] ? netlink_attachskb+0x810/0x810 [ 512.098558][T14550] ? netlink_sendmsg+0x837/0xe10 [ 512.103495][T14550] netlink_sendmsg+0x882/0xe10 [ 512.108242][T14550] ? aa_af_perm+0x260/0x260 [ 512.112735][T14550] ? netlink_unicast+0x740/0x740 [ 512.117664][T14550] ? netlink_unicast+0x740/0x740 [ 512.122587][T14550] sock_sendmsg+0xcf/0x120 [ 512.126984][T14550] ____sys_sendmsg+0x6b9/0x7d0 [ 512.131742][T14550] ? kernel_sendmsg+0x50/0x50 [ 512.136400][T14550] ? mark_lock+0xbc/0x1220 [ 512.140816][T14550] ___sys_sendmsg+0x100/0x170 [ 512.145487][T14550] ? sendmsg_copy_msghdr+0x70/0x70 [ 512.150608][T14550] ? __fget_files+0x329/0x4f0 [ 512.155275][T14550] ? ksys_dup3+0x3c0/0x3c0 [ 512.159671][T14550] ? lock_acquire+0x197/0x420 [ 512.164329][T14550] ? __might_fault+0xef/0x1d0 [ 512.168997][T14550] ? __fget_light+0x208/0x270 [ 512.173661][T14550] __sys_sendmsg+0xec/0x1b0 [ 512.178147][T14550] ? __sys_sendmsg_sock+0xb0/0xb0 [ 512.183150][T14550] ? __x64_sys_futex+0x380/0x4f0 [ 512.188086][T14550] ? trace_hardirqs_off_caller+0x55/0x230 [ 512.193786][T14550] ? do_syscall_64+0x21/0x7d0 [ 512.198466][T14550] do_syscall_64+0xf6/0x7d0 [ 512.202953][T14550] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 512.208829][T14550] RIP: 0033:0x45c849 [ 512.212709][T14550] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 512.232291][T14550] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 512.240682][T14550] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 [ 512.248633][T14550] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 512.256586][T14550] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 512.264538][T14550] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 512.272497][T14550] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c 06:10:13 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, 0x0) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:13 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x300}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:13 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700", 0x2c}], 0x1}, 0x0) 06:10:13 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0428fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:13 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:13 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:13 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x38d}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 512.505534][T15397] netlink: 'syz-executor.4': attribute type 8 has an invalid length. 06:10:13 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1", 0x2d}], 0x1}, 0x0) [ 512.549255][T15397] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.4'. [ 512.578829][T15397] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 512.578829][T15397] !' [ 512.597384][T15397] CPU: 0 PID: 15397 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 512.606063][T15397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 512.616116][T15397] Call Trace: [ 512.619431][T15397] dump_stack+0x188/0x20d [ 512.623781][T15397] sysfs_warn_dup.cold+0x1c/0x2d [ 512.628736][T15397] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 512.634816][T15397] sysfs_create_link+0x61/0xc0 [ 512.639579][T15397] device_add+0x71c/0x1bc0 [ 512.644000][T15397] ? uevent_show+0x360/0x360 [ 512.648603][T15397] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 512.654605][T15397] wiphy_register+0x1c46/0x2720 [ 512.659479][T15397] ? wiphy_unregister+0xf90/0xf90 [ 512.664512][T15397] ? retint_kernel+0x2b/0x2b [ 512.669103][T15397] ? ieee80211_cs_list_valid+0x198/0x280 [ 512.674723][T15397] ieee80211_register_hw+0x141d/0x3760 [ 512.680188][T15397] ? __this_cpu_preempt_check+0xf1/0x190 [ 512.685809][T15397] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 512.691270][T15397] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 512.696812][T15397] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 512.702783][T15397] ? memset+0x20/0x40 [ 512.706744][T15397] ? __hrtimer_init+0x134/0x260 [ 512.711588][T15397] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 512.717286][T15397] ? vprintk_func+0x81/0x17e [ 512.721870][T15397] ? hwsim_register_received_nl+0x400/0x400 [ 512.727766][T15397] hwsim_new_radio_nl+0x905/0xf60 [ 512.732792][T15397] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 512.738670][T15397] ? cap_capable+0x1eb/0x250 [ 512.743254][T15397] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 512.749558][T15397] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 512.755963][T15397] genl_rcv_msg+0x627/0xdf0 [ 512.760469][T15397] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 512.766830][T15397] ? lockdep_hardirqs_on+0x320/0x5d0 [ 512.772106][T15397] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 512.777552][T15397] netlink_rcv_skb+0x15a/0x410 [ 512.782313][T15397] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 512.788622][T15397] ? netlink_ack+0xa80/0xa80 [ 512.793204][T15397] ? genl_rcv+0x9/0x40 [ 512.797258][T15397] genl_rcv+0x24/0x40 [ 512.801217][T15397] netlink_unicast+0x537/0x740 [ 512.805970][T15397] ? netlink_attachskb+0x810/0x810 [ 512.811070][T15397] ? _copy_from_iter_full+0x25c/0x870 [ 512.816431][T15397] ? __phys_addr_symbol+0x2c/0x70 [ 512.821438][T15397] ? __check_object_size+0x171/0x437 [ 512.826705][T15397] netlink_sendmsg+0x882/0xe10 [ 512.831474][T15397] ? netlink_unicast+0x740/0x740 [ 512.836439][T15397] ? netlink_unicast+0x740/0x740 [ 512.841362][T15397] sock_sendmsg+0xcf/0x120 [ 512.845762][T15397] ____sys_sendmsg+0x6b9/0x7d0 [ 512.850502][T15397] ? kernel_sendmsg+0x50/0x50 [ 512.855156][T15397] ? mark_lock+0xbc/0x1220 [ 512.859636][T15397] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 512.865078][T15397] ___sys_sendmsg+0x100/0x170 [ 512.869748][T15397] ? sendmsg_copy_msghdr+0x70/0x70 [ 512.874847][T15397] ? __fget_files+0x329/0x4f0 [ 512.879530][T15397] ? ksys_dup3+0x3c0/0x3c0 [ 512.883933][T15397] ? lock_acquire+0x209/0x420 [ 512.888594][T15397] ? __fget_light+0x208/0x270 [ 512.893286][T15397] __sys_sendmsg+0xec/0x1b0 [ 512.897770][T15397] ? __sys_sendmsg_sock+0xb0/0xb0 [ 512.902769][T15397] ? __x64_sys_futex+0x380/0x4f0 [ 512.907739][T15397] ? trace_hardirqs_off_caller+0x55/0x230 [ 512.913454][T15397] ? do_syscall_64+0x21/0x7d0 [ 512.918121][T15397] do_syscall_64+0xf6/0x7d0 [ 512.922634][T15397] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 512.928513][T15397] RIP: 0033:0x45c849 06:10:13 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 512.932385][T15397] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 512.951966][T15397] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 512.960377][T15397] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 512.968339][T15397] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 512.976296][T15397] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 512.984255][T15397] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 512.992202][T15397] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:13 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0xa00}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 513.039752][T15435] netlink: 'syz-executor.5': attribute type 8 has an invalid length. [ 513.062522][T15435] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.5'. 06:10:13 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 513.137112][T15435] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 513.137112][T15435] !' 06:10:13 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0435fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 513.212616][T15435] CPU: 0 PID: 15435 Comm: syz-executor.5 Not tainted 5.6.0-rc7-syzkaller #0 [ 513.221297][T15435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 513.231347][T15435] Call Trace: [ 513.234616][T15435] dump_stack+0x188/0x20d [ 513.238951][T15435] sysfs_warn_dup.cold+0x1c/0x2d [ 513.243902][T15435] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 513.249976][T15435] sysfs_create_link+0x61/0xc0 [ 513.254747][T15435] device_add+0x71c/0x1bc0 [ 513.259178][T15435] ? uevent_show+0x360/0x360 [ 513.263775][T15435] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 513.269772][T15435] wiphy_register+0x1c46/0x2720 [ 513.274650][T15435] ? wiphy_unregister+0xf90/0xf90 [ 513.279672][T15435] ? retint_kernel+0x2b/0x2b [ 513.284262][T15435] ? ieee80211_register_hw+0x2b7f/0x3760 [ 513.289878][T15435] ieee80211_register_hw+0x141d/0x3760 [ 513.295331][T15435] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 513.300777][T15435] ? retint_kernel+0x2b/0x2b [ 513.305366][T15435] ? __hrtimer_init+0x134/0x260 [ 513.310206][T15435] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 513.315915][T15435] ? lockdep_hardirqs_on+0x417/0x5d0 [ 513.321196][T15435] ? hwsim_register_received_nl+0x400/0x400 [ 513.327084][T15435] hwsim_new_radio_nl+0x905/0xf60 [ 513.332091][T15435] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 513.337962][T15435] ? retint_kernel+0x2b/0x2b [ 513.342540][T15435] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 513.348843][T15435] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 513.355160][T15435] genl_rcv_msg+0x627/0xdf0 [ 513.359659][T15435] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 513.366000][T15435] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 513.371810][T15435] netlink_rcv_skb+0x15a/0x410 [ 513.376558][T15435] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 513.382870][T15435] ? netlink_ack+0xa80/0xa80 [ 513.387472][T15435] genl_rcv+0x24/0x40 [ 513.391451][T15435] netlink_unicast+0x537/0x740 [ 513.396217][T15435] ? netlink_attachskb+0x810/0x810 [ 513.401317][T15435] ? _copy_from_iter_full+0x25c/0x870 [ 513.406676][T15435] ? __phys_addr_symbol+0x2c/0x70 [ 513.411683][T15435] ? __check_object_size+0x171/0x437 [ 513.416955][T15435] netlink_sendmsg+0x882/0xe10 [ 513.421710][T15435] ? aa_af_perm+0x260/0x260 [ 513.426195][T15435] ? netlink_unicast+0x740/0x740 [ 513.431133][T15435] ? netlink_unicast+0x740/0x740 [ 513.436050][T15435] sock_sendmsg+0xcf/0x120 [ 513.440448][T15435] ____sys_sendmsg+0x6b9/0x7d0 [ 513.445196][T15435] ? kernel_sendmsg+0x50/0x50 [ 513.449866][T15435] ? mark_lock+0xbc/0x1220 [ 513.454289][T15435] ___sys_sendmsg+0x100/0x170 [ 513.458960][T15435] ? sendmsg_copy_msghdr+0x70/0x70 [ 513.464079][T15435] ? __fget_files+0x329/0x4f0 [ 513.468752][T15435] ? ksys_dup3+0x3c0/0x3c0 [ 513.473158][T15435] ? lock_acquire+0x209/0x420 [ 513.477841][T15435] ? __fget_light+0x208/0x270 [ 513.482518][T15435] __sys_sendmsg+0xec/0x1b0 [ 513.487018][T15435] ? __sys_sendmsg_sock+0xb0/0xb0 [ 513.492036][T15435] ? __x64_sys_futex+0x380/0x4f0 [ 513.496984][T15435] ? trace_hardirqs_off_caller+0x55/0x230 [ 513.502706][T15435] ? do_syscall_64+0x21/0x7d0 [ 513.507373][T15435] do_syscall_64+0xf6/0x7d0 [ 513.511866][T15435] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 513.517748][T15435] RIP: 0033:0x45c849 [ 513.521629][T15435] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 513.541223][T15435] RSP: 002b:00007fd76ecbfc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 513.549615][T15435] RAX: ffffffffffffffda RBX: 00007fd76ecc06d4 RCX: 000000000045c849 [ 513.557565][T15435] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 513.565526][T15435] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 513.573477][T15435] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 513.581428][T15435] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 513.624759][T15452] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 513.647774][T15452] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 513.669682][T15452] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 513.669682][T15452] !' [ 513.698803][T15452] CPU: 0 PID: 15452 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 513.707588][T15452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 513.717636][T15452] Call Trace: [ 513.720933][T15452] dump_stack+0x188/0x20d [ 513.725274][T15452] sysfs_warn_dup.cold+0x1c/0x2d [ 513.730225][T15452] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 513.736310][T15452] sysfs_create_link+0x61/0xc0 [ 513.741077][T15452] device_add+0x71c/0x1bc0 [ 513.745509][T15452] ? uevent_show+0x360/0x360 [ 513.750110][T15452] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 513.756110][T15452] wiphy_register+0x1c46/0x2720 [ 513.761001][T15452] ? wiphy_unregister+0xf90/0xf90 [ 513.766037][T15452] ? __kmalloc+0x629/0x7a0 [ 513.770474][T15452] ? ieee80211_register_hw+0xbea/0x3760 [ 513.776017][T15452] ? ieee80211_cs_list_valid+0x198/0x280 [ 513.781641][T15452] ieee80211_register_hw+0x141d/0x3760 [ 513.787149][T15452] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 513.792600][T15452] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 513.798135][T15452] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 513.804100][T15452] ? memset+0x20/0x40 [ 513.808061][T15452] ? __hrtimer_init+0x134/0x260 [ 513.812894][T15452] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 513.818593][T15452] ? vprintk_func+0x81/0x17e [ 513.823174][T15452] ? hwsim_register_received_nl+0x400/0x400 [ 513.829069][T15452] hwsim_new_radio_nl+0x905/0xf60 [ 513.834073][T15452] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 513.839946][T15452] ? cap_capable+0x1eb/0x250 [ 513.844545][T15452] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 513.850861][T15452] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 513.857170][T15452] genl_rcv_msg+0x627/0xdf0 [ 513.861660][T15452] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 513.867976][T15452] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 513.873438][T15452] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 513.879162][T15452] ? netlink_rcv_skb+0x308/0x410 [ 513.884095][T15452] netlink_rcv_skb+0x15a/0x410 [ 513.888848][T15452] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 513.895160][T15452] ? netlink_ack+0xa80/0xa80 [ 513.899767][T15452] genl_rcv+0x24/0x40 [ 513.903738][T15452] netlink_unicast+0x537/0x740 [ 513.908486][T15452] ? netlink_attachskb+0x810/0x810 [ 513.913575][T15452] ? _copy_from_iter_full+0x25c/0x870 [ 513.918926][T15452] ? __phys_addr_symbol+0x2c/0x70 [ 513.923937][T15452] ? __check_object_size+0x171/0x437 [ 513.929219][T15452] netlink_sendmsg+0x882/0xe10 [ 513.933963][T15452] ? aa_af_perm+0x260/0x260 [ 513.938445][T15452] ? netlink_unicast+0x740/0x740 [ 513.943453][T15452] ? netlink_unicast+0x740/0x740 [ 513.948368][T15452] sock_sendmsg+0xcf/0x120 [ 513.952762][T15452] ____sys_sendmsg+0x6b9/0x7d0 [ 513.957515][T15452] ? kernel_sendmsg+0x50/0x50 [ 513.962182][T15452] ? mark_lock+0xbc/0x1220 [ 513.966595][T15452] ___sys_sendmsg+0x100/0x170 [ 513.971315][T15452] ? sendmsg_copy_msghdr+0x70/0x70 [ 513.976463][T15452] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 513.981909][T15452] ? lockdep_hardirqs_on+0x417/0x5d0 [ 513.987177][T15452] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 513.992619][T15452] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 513.998317][T15452] ? retint_kernel+0x2b/0x2b [ 514.002894][T15452] ? sockfd_lookup_light+0x73/0x170 [ 514.008069][T15452] ? sockfd_lookup_light+0x9c/0x170 [ 514.013251][T15452] __sys_sendmsg+0xec/0x1b0 [ 514.017732][T15452] ? __sys_sendmsg_sock+0xb0/0xb0 [ 514.022750][T15452] ? do_syscall_64+0xbc/0x7d0 [ 514.027411][T15452] do_syscall_64+0xf6/0x7d0 [ 514.031896][T15452] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 514.037768][T15452] RIP: 0033:0x45c849 [ 514.041648][T15452] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 514.061245][T15452] RSP: 002b:00007f081711fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 514.069657][T15452] RAX: ffffffffffffffda RBX: 00007f08171206d4 RCX: 000000000045c849 [ 514.077624][T15452] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 514.085576][T15452] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 06:10:14 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x0, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:14 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0xe00}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:14 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:14 executing program 0: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0428fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:14 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1", 0x2d}], 0x1}, 0x0) [ 514.093539][T15452] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 514.101493][T15452] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:15 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x1400}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 514.187260][T15699] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 514.208128][T15699] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.4'. [ 514.228032][T15699] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 514.228032][T15699] !' [ 514.256471][T15699] CPU: 1 PID: 15699 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 514.265167][T15699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 514.275223][T15699] Call Trace: [ 514.278527][T15699] dump_stack+0x188/0x20d [ 514.282870][T15699] sysfs_warn_dup.cold+0x1c/0x2d [ 514.287815][T15699] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 514.293886][T15699] sysfs_create_link+0x61/0xc0 [ 514.298647][T15699] device_add+0x71c/0x1bc0 [ 514.303054][T15699] ? uevent_show+0x360/0x360 [ 514.307634][T15699] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 514.313603][T15699] wiphy_register+0x1c46/0x2720 [ 514.318467][T15699] ? wiphy_unregister+0xf90/0xf90 [ 514.323473][T15699] ? __kmalloc+0x629/0x7a0 [ 514.327871][T15699] ? ieee80211_register_hw+0xbea/0x3760 [ 514.333409][T15699] ? ieee80211_cs_list_valid+0x198/0x280 [ 514.339030][T15699] ieee80211_register_hw+0x141d/0x3760 [ 514.344505][T15699] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 514.349965][T15699] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 514.355491][T15699] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 514.361461][T15699] ? memset+0x20/0x40 [ 514.365426][T15699] ? __hrtimer_init+0x134/0x260 [ 514.370265][T15699] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 514.375981][T15699] ? vprintk_func+0x81/0x17e [ 514.380568][T15699] ? hwsim_register_received_nl+0x400/0x400 [ 514.386461][T15699] hwsim_new_radio_nl+0x905/0xf60 [ 514.391467][T15699] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 514.397349][T15699] ? cap_capable+0x1eb/0x250 [ 514.401935][T15699] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 514.408249][T15699] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 514.414570][T15699] genl_rcv_msg+0x627/0xdf0 [ 514.419057][T15699] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 514.425399][T15699] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 514.431286][T15699] netlink_rcv_skb+0x15a/0x410 [ 514.436029][T15699] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 514.442363][T15699] ? netlink_ack+0xa80/0xa80 [ 514.446965][T15699] genl_rcv+0x24/0x40 [ 514.450920][T15699] netlink_unicast+0x537/0x740 [ 514.455674][T15699] ? netlink_attachskb+0x810/0x810 [ 514.460769][T15699] ? _copy_from_iter_full+0x25c/0x870 [ 514.466133][T15699] ? __phys_addr_symbol+0x2c/0x70 [ 514.471144][T15699] ? __check_object_size+0x171/0x437 [ 514.476424][T15699] netlink_sendmsg+0x882/0xe10 [ 514.481218][T15699] ? aa_af_perm+0x260/0x260 [ 514.485699][T15699] ? netlink_unicast+0x740/0x740 [ 514.490645][T15699] ? netlink_unicast+0x740/0x740 [ 514.495570][T15699] sock_sendmsg+0xcf/0x120 [ 514.499969][T15699] ____sys_sendmsg+0x6b9/0x7d0 [ 514.504711][T15699] ? kernel_sendmsg+0x50/0x50 [ 514.509383][T15699] ? mark_lock+0xbc/0x1220 [ 514.513827][T15699] ___sys_sendmsg+0x100/0x170 [ 514.518501][T15699] ? sendmsg_copy_msghdr+0x70/0x70 [ 514.523620][T15699] ? __fget_files+0x329/0x4f0 [ 514.528284][T15699] ? ksys_dup3+0x3c0/0x3c0 [ 514.532675][T15699] ? lock_acquire+0x197/0x420 [ 514.537330][T15699] ? __might_fault+0xef/0x1d0 [ 514.542101][T15699] ? __fget_light+0x208/0x270 [ 514.546774][T15699] __sys_sendmsg+0xec/0x1b0 [ 514.551273][T15699] ? __sys_sendmsg_sock+0xb0/0xb0 [ 514.556298][T15699] ? __x64_sys_futex+0x380/0x4f0 [ 514.561244][T15699] ? trace_hardirqs_off_caller+0x55/0x230 [ 514.566961][T15699] ? do_syscall_64+0x21/0x7d0 [ 514.571622][T15699] do_syscall_64+0xf6/0x7d0 [ 514.576248][T15699] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 514.582115][T15699] RIP: 0033:0x45c849 [ 514.585986][T15699] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 514.605613][T15699] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 514.614003][T15699] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 514.621953][T15699] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 514.629906][T15699] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 514.637855][T15699] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 514.645801][T15699] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:15 executing program 0: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0428fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:15 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x1900}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:15 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d045afc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 514.705684][T15947] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 514.743280][T15947] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. 06:10:15 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:15 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1", 0x2d}], 0x1}, 0x0) [ 514.785528][T15947] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 514.785528][T15947] !' [ 514.871901][T15947] CPU: 0 PID: 15947 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 514.880602][T15947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 514.890675][T15947] Call Trace: [ 514.893973][T15947] dump_stack+0x188/0x20d [ 514.898336][T15947] sysfs_warn_dup.cold+0x1c/0x2d [ 514.903282][T15947] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 514.909367][T15947] sysfs_create_link+0x61/0xc0 [ 514.914135][T15947] device_add+0x71c/0x1bc0 [ 514.918564][T15947] ? ieee80211_set_bitrate_flags+0x81/0x5c0 [ 514.924464][T15947] ? uevent_show+0x360/0x360 [ 514.929083][T15947] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 514.935087][T15947] wiphy_register+0x1c46/0x2720 [ 514.939955][T15947] ? wiphy_unregister+0xf90/0xf90 [ 514.944976][T15947] ? retint_kernel+0x2b/0x2b [ 514.949583][T15947] ? ieee80211_register_hw+0x1226/0x3760 [ 514.955222][T15947] ieee80211_register_hw+0x141d/0x3760 [ 514.960711][T15947] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 514.966189][T15947] ? __hrtimer_init+0x96/0x260 06:10:15 executing program 0: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0428fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 514.970959][T15947] ? __hrtimer_init+0xb6/0x260 [ 514.975818][T15947] ? __hrtimer_init+0x134/0x260 [ 514.980692][T15947] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 514.986450][T15947] ? hwsim_register_received_nl+0x400/0x400 [ 514.992371][T15947] hwsim_new_radio_nl+0x905/0xf60 [ 514.997403][T15947] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 515.003310][T15947] ? cap_capable+0x1eb/0x250 [ 515.007924][T15947] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 515.014261][T15947] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 515.020611][T15947] genl_rcv_msg+0x627/0xdf0 [ 515.025157][T15947] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 515.031484][T15947] ? lockdep_hardirqs_on+0x417/0x5d0 [ 515.036770][T15947] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 515.042248][T15947] netlink_rcv_skb+0x15a/0x410 [ 515.047020][T15947] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 515.053360][T15947] ? netlink_ack+0xa80/0xa80 [ 515.057985][T15947] genl_rcv+0x24/0x40 [ 515.061970][T15947] netlink_unicast+0x537/0x740 [ 515.066748][T15947] ? netlink_attachskb+0x810/0x810 [ 515.071867][T15947] ? _copy_from_iter_full+0x25c/0x870 [ 515.077247][T15947] ? __phys_addr_symbol+0x2c/0x70 [ 515.082278][T15947] ? __check_object_size+0x171/0x437 [ 515.087585][T15947] netlink_sendmsg+0x882/0xe10 [ 515.092360][T15947] ? aa_af_perm+0x260/0x260 [ 515.096866][T15947] ? netlink_unicast+0x740/0x740 [ 515.101830][T15947] ? netlink_unicast+0x740/0x740 [ 515.106770][T15947] sock_sendmsg+0xcf/0x120 [ 515.111281][T15947] ____sys_sendmsg+0x6b9/0x7d0 [ 515.116143][T15947] ? kernel_sendmsg+0x50/0x50 [ 515.120800][T15947] ? mark_lock+0xbc/0x1220 [ 515.125201][T15947] ___sys_sendmsg+0x100/0x170 [ 515.129859][T15947] ? sendmsg_copy_msghdr+0x70/0x70 [ 515.135169][T15947] ? __fget_files+0x329/0x4f0 [ 515.139829][T15947] ? ksys_dup3+0x3c0/0x3c0 [ 515.144229][T15947] ? __might_fault+0x158/0x1d0 [ 515.148984][T15947] ? __fget_light+0x208/0x270 [ 515.153675][T15947] __sys_sendmsg+0xec/0x1b0 [ 515.158277][T15947] ? __sys_sendmsg_sock+0xb0/0xb0 [ 515.163301][T15947] ? __x64_sys_futex+0x380/0x4f0 [ 515.168234][T15947] ? trace_hardirqs_off_caller+0x55/0x230 [ 515.173945][T15947] ? do_syscall_64+0x21/0x7d0 [ 515.178616][T15947] do_syscall_64+0xf6/0x7d0 [ 515.183103][T15947] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 515.188978][T15947] RIP: 0033:0x45c849 [ 515.192863][T15947] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 515.212448][T15947] RSP: 002b:00007f081711fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 515.220843][T15947] RAX: ffffffffffffffda RBX: 00007f08171206d4 RCX: 000000000045c849 [ 515.228933][T15947] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 515.236880][T15947] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 515.244828][T15947] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 515.252789][T15947] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:16 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x0, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:16 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) ioctl$ASHMEM_SET_NAME(r1, 0x41007701, &(0x7f0000000040)='ppp\x00') sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x3ff, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x38, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ppp={{0x8, 0x1, 'ppp\x00'}, {0xc, 0x2, 0x0, 0x1, {0x8, 0x1, r1}}}}]}, 0x38}}, 0x0) [ 515.287257][T16236] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 515.321815][T16236] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.4'. 06:10:16 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x2800}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 515.376956][T16236] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 515.376956][T16236] !' [ 515.389675][T16236] CPU: 0 PID: 16236 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 515.398441][T16236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 515.408496][T16236] Call Trace: [ 515.411795][T16236] dump_stack+0x188/0x20d [ 515.416140][T16236] sysfs_warn_dup.cold+0x1c/0x2d [ 515.421094][T16236] sysfs_do_create_link_sd.isra.0+0x119/0x130 06:10:16 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x0, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 515.427175][T16236] sysfs_create_link+0x61/0xc0 [ 515.432067][T16236] device_add+0x71c/0x1bc0 [ 515.436502][T16236] ? uevent_show+0x360/0x360 [ 515.441095][T16236] ? wiphy_register+0x1c3e/0x2720 [ 515.446134][T16236] wiphy_register+0x1c46/0x2720 [ 515.451009][T16236] ? wiphy_unregister+0xf90/0xf90 [ 515.456137][T16236] ? retint_kernel+0x2b/0x2b [ 515.460743][T16236] ? ieee80211_register_hw+0x2e13/0x3760 [ 515.466393][T16236] ieee80211_register_hw+0x141d/0x3760 [ 515.471887][T16236] ? ieee80211_ifa_changed+0xdc0/0xdc0 06:10:16 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x0, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 515.477345][T16236] ? __hrtimer_init+0x96/0x260 [ 515.482104][T16236] ? __hrtimer_init+0xd3/0x260 [ 515.486871][T16236] ? __hrtimer_init+0x134/0x260 [ 515.491735][T16236] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 515.497457][T16236] ? vprintk_func+0x81/0x17e [ 515.502076][T16236] ? hwsim_register_received_nl+0x400/0x400 [ 515.507989][T16236] hwsim_new_radio_nl+0x905/0xf60 [ 515.513032][T16236] ? lockdep_hardirqs_on+0x417/0x5d0 [ 515.518322][T16236] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 515.524245][T16236] genl_rcv_msg+0x627/0xdf0 [ 515.528757][T16236] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 515.535089][T16236] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 515.540885][T16236] netlink_rcv_skb+0x15a/0x410 [ 515.545646][T16236] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 515.551995][T16236] ? netlink_ack+0xa80/0xa80 [ 515.556593][T16236] genl_rcv+0x24/0x40 [ 515.560582][T16236] netlink_unicast+0x537/0x740 [ 515.565368][T16236] ? netlink_attachskb+0x810/0x810 [ 515.570472][T16236] ? _copy_from_iter_full+0x25c/0x870 [ 515.575842][T16236] ? __phys_addr_symbol+0x2c/0x70 [ 515.580890][T16236] ? __check_object_size+0x171/0x437 [ 515.586182][T16236] netlink_sendmsg+0x882/0xe10 [ 515.590953][T16236] ? aa_af_perm+0x260/0x260 [ 515.595458][T16236] ? netlink_unicast+0x740/0x740 [ 515.600403][T16236] ? netlink_unicast+0x740/0x740 [ 515.605325][T16236] sock_sendmsg+0xcf/0x120 [ 515.609725][T16236] ____sys_sendmsg+0x6b9/0x7d0 [ 515.614472][T16236] ? kernel_sendmsg+0x50/0x50 [ 515.619140][T16236] ? mark_lock+0xbc/0x1220 [ 515.623544][T16236] ___sys_sendmsg+0x100/0x170 [ 515.628224][T16236] ? sendmsg_copy_msghdr+0x70/0x70 [ 515.633358][T16236] ? __fget_files+0x329/0x4f0 [ 515.638021][T16236] ? ksys_dup3+0x3c0/0x3c0 [ 515.642411][T16236] ? lock_acquire+0x197/0x420 [ 515.647110][T16236] ? __might_fault+0xef/0x1d0 [ 515.651782][T16236] ? __fget_light+0x208/0x270 [ 515.656451][T16236] __sys_sendmsg+0xec/0x1b0 [ 515.660935][T16236] ? __sys_sendmsg_sock+0xb0/0xb0 [ 515.665953][T16236] ? __x64_sys_futex+0x380/0x4f0 [ 515.670903][T16236] ? trace_hardirqs_off_caller+0x55/0x230 [ 515.676603][T16236] ? do_syscall_64+0x21/0x7d0 [ 515.681264][T16236] do_syscall_64+0xf6/0x7d0 [ 515.685753][T16236] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 515.691635][T16236] RIP: 0033:0x45c849 [ 515.695535][T16236] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 515.715114][T16236] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 515.723509][T16236] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 515.731462][T16236] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 515.739419][T16236] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 515.747380][T16236] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 515.755347][T16236] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:16 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x6000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 515.813431][T16497] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 515.841437][T16497] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. 06:10:16 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x0, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:16 executing program 0 (fault-call:13 fault-nth:0): socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 515.967344][T16497] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 515.967344][T16497] !' [ 516.011183][T16497] CPU: 1 PID: 16497 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 516.019870][T16497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 516.029925][T16497] Call Trace: [ 516.033243][T16497] dump_stack+0x188/0x20d [ 516.037605][T16497] sysfs_warn_dup.cold+0x1c/0x2d [ 516.042560][T16497] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 516.048644][T16497] sysfs_create_link+0x61/0xc0 [ 516.053419][T16497] device_add+0x71c/0x1bc0 [ 516.057854][T16497] ? ieee80211_set_bitrate_flags+0x53/0x5c0 [ 516.063751][T16497] ? uevent_show+0x360/0x360 [ 516.068346][T16497] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 516.074337][T16497] wiphy_register+0x1c46/0x2720 [ 516.079215][T16497] ? wiphy_unregister+0xf90/0xf90 [ 516.084241][T16497] ? retint_kernel+0x2b/0x2b [ 516.088845][T16497] ? ieee80211_cs_list_valid+0x198/0x280 [ 516.094490][T16497] ieee80211_register_hw+0x141d/0x3760 [ 516.099967][T16497] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 516.105436][T16497] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 516.110992][T16497] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 516.116994][T16497] ? memset+0x20/0x40 [ 516.120986][T16497] ? __hrtimer_init+0x134/0x260 [ 516.125853][T16497] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 516.131717][T16497] ? hwsim_register_received_nl+0x400/0x400 [ 516.137607][T16497] ? vprintk_func+0x81/0x17e [ 516.142209][T16497] ? __nla_validate_parse+0x15e/0x1cd0 [ 516.147679][T16497] hwsim_new_radio_nl+0x905/0xf60 [ 516.152711][T16497] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 516.158602][T16497] ? cap_capable+0x1eb/0x250 [ 516.163212][T16497] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 516.169541][T16497] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 516.175873][T16497] genl_rcv_msg+0x627/0xdf0 [ 516.180400][T16497] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 516.186756][T16497] ? retint_kernel+0x2b/0x2b [ 516.191386][T16497] netlink_rcv_skb+0x15a/0x410 [ 516.196160][T16497] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 516.202496][T16497] ? netlink_ack+0xa80/0xa80 [ 516.207116][T16497] genl_rcv+0x24/0x40 [ 516.211097][T16497] netlink_unicast+0x537/0x740 [ 516.215875][T16497] ? netlink_attachskb+0x810/0x810 [ 516.220995][T16497] ? _copy_from_iter_full+0x25c/0x870 [ 516.226378][T16497] ? __phys_addr_symbol+0x2c/0x70 [ 516.231409][T16497] ? __check_object_size+0x171/0x437 [ 516.236712][T16497] netlink_sendmsg+0x882/0xe10 [ 516.241486][T16497] ? aa_af_perm+0x260/0x260 [ 516.246000][T16497] ? netlink_unicast+0x740/0x740 [ 516.250950][T16497] ? netlink_unicast+0x740/0x740 [ 516.255885][T16497] sock_sendmsg+0xcf/0x120 06:10:17 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0463fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:17 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x8d03}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:17 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 516.260309][T16497] ____sys_sendmsg+0x6b9/0x7d0 [ 516.265077][T16497] ? kernel_sendmsg+0x50/0x50 [ 516.269760][T16497] ? mark_lock+0xbc/0x1220 [ 516.274190][T16497] ___sys_sendmsg+0x100/0x170 [ 516.278892][T16497] ? sendmsg_copy_msghdr+0x70/0x70 [ 516.284029][T16497] ? __fget_files+0x329/0x4f0 [ 516.288728][T16497] ? ksys_dup3+0x3c0/0x3c0 [ 516.293145][T16497] ? lock_acquire+0x197/0x420 [ 516.297819][T16497] ? __might_fault+0xef/0x1d0 [ 516.302520][T16497] ? __fget_light+0x208/0x270 [ 516.307206][T16497] __sys_sendmsg+0xec/0x1b0 [ 516.311713][T16497] ? __sys_sendmsg_sock+0xb0/0xb0 [ 516.316742][T16497] ? __x64_sys_futex+0x380/0x4f0 [ 516.321701][T16497] ? trace_hardirqs_off_caller+0x55/0x230 [ 516.327423][T16497] ? do_syscall_64+0x21/0x7d0 [ 516.332113][T16497] do_syscall_64+0xf6/0x7d0 [ 516.336630][T16497] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 516.342513][T16497] RIP: 0033:0x45c849 06:10:17 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') r5 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000300)='/proc/capi/capi20\x00', 0x10042, 0x0) ioctl$UDMABUF_CREATE_LIST(r0, 0x40087543, &(0x7f0000000340)={0x1, 0x1, [{r5, 0x0, 0x8000, 0x8000}]}) sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 516.346407][T16497] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 516.366014][T16497] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 516.374423][T16497] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 [ 516.382402][T16497] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 516.390372][T16497] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 516.398360][T16497] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 516.406323][T16497] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c 06:10:17 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x0, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:17 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0xf000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 516.440817][T16758] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 516.475124][T16758] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 516.553719][T16758] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 516.553719][T16758] !' [ 516.574451][T16758] CPU: 1 PID: 16758 Comm: syz-executor.2 Not tainted 5.6.0-rc7-syzkaller #0 [ 516.583260][T16758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 516.593315][T16758] Call Trace: [ 516.596613][T16758] dump_stack+0x188/0x20d [ 516.601059][T16758] sysfs_warn_dup.cold+0x1c/0x2d [ 516.606007][T16758] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 516.612076][T16758] sysfs_create_link+0x61/0xc0 [ 516.616863][T16758] device_add+0x71c/0x1bc0 [ 516.621290][T16758] ? uevent_show+0x360/0x360 [ 516.625891][T16758] wiphy_register+0x1c46/0x2720 [ 516.630737][T16758] ? wiphy_unregister+0xf90/0xf90 [ 516.635754][T16758] ? retint_kernel+0x2b/0x2b [ 516.640335][T16758] ? ieee80211_cs_list_valid+0x198/0x280 [ 516.645967][T16758] ieee80211_register_hw+0x141d/0x3760 [ 516.651426][T16758] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 516.656882][T16758] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 516.662507][T16758] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 516.668488][T16758] ? memset+0x20/0x40 [ 516.672455][T16758] ? __hrtimer_init+0x134/0x260 [ 516.677294][T16758] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 516.682996][T16758] ? lockdep_hardirqs_on+0x417/0x5d0 [ 516.688296][T16758] ? hwsim_register_received_nl+0x400/0x400 [ 516.694187][T16758] hwsim_new_radio_nl+0x905/0xf60 [ 516.699205][T16758] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 516.705080][T16758] ? cap_capable+0x1eb/0x250 [ 516.709663][T16758] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 516.715972][T16758] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 516.722389][T16758] genl_rcv_msg+0x627/0xdf0 [ 516.726893][T16758] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 516.733211][T16758] ? retint_kernel+0x2b/0x2b [ 516.737802][T16758] netlink_rcv_skb+0x15a/0x410 [ 516.742549][T16758] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 516.748861][T16758] ? netlink_ack+0xa80/0xa80 [ 516.753459][T16758] genl_rcv+0x24/0x40 [ 516.757421][T16758] netlink_unicast+0x537/0x740 [ 516.762174][T16758] ? netlink_attachskb+0x810/0x810 [ 516.767269][T16758] ? _copy_from_iter_full+0x25c/0x870 [ 516.772623][T16758] ? __phys_addr_symbol+0x2c/0x70 [ 516.777624][T16758] ? __check_object_size+0x171/0x437 [ 516.782895][T16758] netlink_sendmsg+0x882/0xe10 [ 516.787660][T16758] ? aa_af_perm+0x260/0x260 [ 516.792165][T16758] ? netlink_unicast+0x740/0x740 [ 516.797101][T16758] ? netlink_unicast+0x740/0x740 [ 516.802024][T16758] sock_sendmsg+0xcf/0x120 [ 516.806426][T16758] ____sys_sendmsg+0x6b9/0x7d0 [ 516.811178][T16758] ? kernel_sendmsg+0x50/0x50 [ 516.815841][T16758] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 516.821289][T16758] ___sys_sendmsg+0x100/0x170 [ 516.825945][T16758] ? retint_kernel+0x2b/0x2b [ 516.830516][T16758] ? sendmsg_copy_msghdr+0x70/0x70 [ 516.835616][T16758] ? __fget_files+0x329/0x4f0 [ 516.840286][T16758] ? ksys_dup3+0x3c0/0x3c0 [ 516.844681][T16758] ? lock_acquire+0x209/0x420 [ 516.849345][T16758] ? __fget_light+0x208/0x270 [ 516.854014][T16758] __sys_sendmsg+0xec/0x1b0 [ 516.858503][T16758] ? __sys_sendmsg_sock+0xb0/0xb0 [ 516.863506][T16758] ? __x64_sys_futex+0x380/0x4f0 [ 516.868437][T16758] ? trace_hardirqs_off_caller+0x55/0x230 [ 516.874139][T16758] ? do_syscall_64+0x21/0x7d0 [ 516.878804][T16758] do_syscall_64+0xf6/0x7d0 [ 516.883296][T16758] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 516.889188][T16758] RIP: 0033:0x45c849 [ 516.893065][T16758] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 516.912652][T16758] RSP: 002b:00007faf1896ec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 516.921043][T16758] RAX: ffffffffffffffda RBX: 00007faf1896f6d4 RCX: 000000000045c849 [ 516.928996][T16758] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 516.936954][T16758] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 516.944905][T16758] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 06:10:17 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) close(r5) ioctl$EXT4_IOC_SWAP_BOOT(r5, 0x6611) r6 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 516.952862][T16758] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c [ 517.017978][T16970] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 517.033289][T16970] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.4'. [ 517.103259][T16970] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 517.103259][T16970] !' [ 517.159148][T16970] CPU: 0 PID: 16970 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 517.167836][T16970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 517.177887][T16970] Call Trace: [ 517.181187][T16970] dump_stack+0x188/0x20d [ 517.185539][T16970] sysfs_warn_dup.cold+0x1c/0x2d [ 517.190497][T16970] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 517.196579][T16970] sysfs_create_link+0x61/0xc0 [ 517.201350][T16970] device_add+0x71c/0x1bc0 [ 517.205779][T16970] ? uevent_show+0x360/0x360 [ 517.210377][T16970] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 517.216379][T16970] wiphy_register+0x1c46/0x2720 [ 517.221254][T16970] ? wiphy_unregister+0xf90/0xf90 [ 517.226280][T16970] ? retint_kernel+0x2b/0x2b [ 517.230890][T16970] ? ieee80211_register_hw+0x13b6/0x3760 [ 517.236534][T16970] ieee80211_register_hw+0x141d/0x3760 [ 517.242014][T16970] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 517.247483][T16970] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 517.253040][T16970] ? rcu_read_lock_any_held.part.0+0x50/0x50 06:10:18 executing program 2: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x0, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:18 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x0, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:18 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x34000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:18 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, &(0x7f0000000300)={0x9, 0x9, 0xfc00000000000000, 0x1, 0x5, 0xff}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = dup2(r5, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$TIOCSERGETLSR(r6, 0x5459, &(0x7f0000000400)) sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1400ff03751b293ed8cdd8e92c111e004133ffce0aee1c2de42014ec8044728d83292d87ca0c8ab0b5b0afb1d245ef585ccf145f79732d8634a94b585108855eaaeeda89218f9b1fd8b4b9762d0b9c7824c57beea53c1a62fbb07ac42ee951263c6699f3472b244c094541822fde8b4a6d75adcb32f2764e3399282dbf999974995330424dc4d81ba82ea39bd004a640727e03c6ec2d2fc6b2ac4f2fd5e05bbea71ad89330ffa07e93aa95e1fdc7e0cbf0b6a8d4e34e74d9", @ANYRES16=r4, @ANYBLOB="11002abd70000000000010000000"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="fe5d6847", @ANYRES16=r3, @ANYBLOB="00002abd7000fcdbdf2509000000080005000000000008000400030000004c0001800c00070010000000160000000700060073680000060001000a000000080009000000000014000300ac14141c00000000000000000000000008000b00736970000800080002000000"], 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x9080, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa9d, 0x3, @perf_bp={&(0x7f0000000480), 0x8}, 0x0, 0x40000000003, 0x8000000, 0x0, 0x4, 0x4}, 0x0, 0xc, 0xffffffffffffffff, 0x0) r7 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f00000003c0)=@usbdevfs_disconnect={0x7}) [ 517.259028][T16970] ? memset+0x20/0x40 [ 517.263016][T16970] ? __hrtimer_init+0x134/0x260 [ 517.267874][T16970] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 517.273705][T16970] ? lockdep_hardirqs_on+0x417/0x5d0 [ 517.279024][T16970] ? hwsim_register_received_nl+0x400/0x400 [ 517.284944][T16970] hwsim_new_radio_nl+0x905/0xf60 [ 517.289973][T16970] ? retint_kernel+0x2b/0x2b [ 517.294579][T16970] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 517.300494][T16970] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 517.306814][T16970] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 517.313150][T16970] genl_rcv_msg+0x627/0xdf0 [ 517.317673][T16970] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 517.324006][T16970] ? retint_kernel+0x2b/0x2b [ 517.328622][T16970] netlink_rcv_skb+0x15a/0x410 [ 517.333393][T16970] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 517.339723][T16970] ? netlink_ack+0xa80/0xa80 [ 517.344348][T16970] genl_rcv+0x24/0x40 [ 517.348330][T16970] netlink_unicast+0x537/0x740 [ 517.353103][T16970] ? netlink_attachskb+0x810/0x810 06:10:18 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) r1 = socket(0x1, 0x1, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000140)={0x0, 'syzkaller1\x00', {0x804}}) setsockopt$inet_int(r1, 0x0, 0xe, &(0x7f0000000300)=0xffffffd1, 0x4) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r5 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r3, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r5, 0x11, 0x70bd2a, 0x4}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r4, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7f}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@remote}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'dh\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0xffffffffffffff98, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 517.358211][T16970] ? _copy_from_iter_full+0x25c/0x870 [ 517.363589][T16970] ? __phys_addr_symbol+0x2c/0x70 [ 517.368619][T16970] ? __check_object_size+0x171/0x437 [ 517.373913][T16970] netlink_sendmsg+0x882/0xe10 [ 517.378688][T16970] ? aa_af_perm+0x260/0x260 [ 517.383209][T16970] ? netlink_unicast+0x740/0x740 [ 517.388172][T16970] ? netlink_unicast+0x740/0x740 [ 517.393116][T16970] sock_sendmsg+0xcf/0x120 [ 517.397534][T16970] ____sys_sendmsg+0x6b9/0x7d0 [ 517.402310][T16970] ? kernel_sendmsg+0x50/0x50 [ 517.407002][T16970] ? mark_lock+0xbc/0x1220 [ 517.411442][T16970] ___sys_sendmsg+0x100/0x170 [ 517.416139][T16970] ? sendmsg_copy_msghdr+0x70/0x70 [ 517.421274][T16970] ? __fget_files+0x329/0x4f0 [ 517.426099][T16970] ? ksys_dup3+0x3c0/0x3c0 [ 517.430518][T16970] ? lock_acquire+0x197/0x420 [ 517.435195][T16970] ? __might_fault+0xef/0x1d0 [ 517.439894][T16970] ? __fget_light+0x208/0x270 [ 517.444594][T16970] __sys_sendmsg+0xec/0x1b0 [ 517.449121][T16970] ? __sys_sendmsg_sock+0xb0/0xb0 [ 517.454152][T16970] ? __x64_sys_futex+0x380/0x4f0 [ 517.459115][T16970] ? trace_hardirqs_off_caller+0x55/0x230 [ 517.464832][T16970] ? do_syscall_64+0x21/0x7d0 [ 517.469518][T16970] do_syscall_64+0xf6/0x7d0 [ 517.474034][T16970] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 517.479923][T16970] RIP: 0033:0x45c849 [ 517.483818][T16970] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 517.503417][T16970] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 517.511831][T16970] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 517.519799][T16970] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 517.527767][T16970] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 517.535739][T16970] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 517.543703][T16970] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 517.562790][T17245] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 517.575464][T17245] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 517.591470][T17245] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 517.591470][T17245] !' [ 517.615507][T17245] CPU: 1 PID: 17245 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 517.624178][T17245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 517.634226][T17245] Call Trace: [ 517.637524][T17245] dump_stack+0x188/0x20d [ 517.641883][T17245] sysfs_warn_dup.cold+0x1c/0x2d [ 517.646840][T17245] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 517.652925][T17245] sysfs_create_link+0x61/0xc0 [ 517.657700][T17245] device_add+0x71c/0x1bc0 [ 517.662133][T17245] ? uevent_show+0x360/0x360 [ 517.666733][T17245] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 517.672729][T17245] wiphy_register+0x1c46/0x2720 [ 517.677600][T17245] ? wiphy_unregister+0xf90/0xf90 [ 517.682629][T17245] ? __kmalloc+0x629/0x7a0 [ 517.687049][T17245] ? ieee80211_register_hw+0xbea/0x3760 [ 517.692604][T17245] ? ieee80211_cs_list_valid+0x198/0x280 [ 517.698252][T17245] ieee80211_register_hw+0x141d/0x3760 [ 517.703740][T17245] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 517.709216][T17245] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 517.714781][T17245] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 517.720772][T17245] ? memset+0x20/0x40 [ 517.724751][T17245] ? __hrtimer_init+0x134/0x260 [ 517.729610][T17245] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 517.735340][T17245] ? vprintk_func+0x81/0x17e [ 517.739963][T17245] ? hwsim_register_received_nl+0x400/0x400 [ 517.745877][T17245] hwsim_new_radio_nl+0x905/0xf60 [ 517.750912][T17245] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 517.756806][T17245] ? cap_capable+0x1eb/0x250 [ 517.761432][T17245] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 517.767763][T17245] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 517.774103][T17245] genl_rcv_msg+0x627/0xdf0 [ 517.778621][T17245] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 517.784966][T17245] ? lockdep_hardirqs_on+0x417/0x5d0 [ 517.790268][T17245] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 517.796098][T17245] ? retint_kernel+0x2b/0x2b [ 517.800705][T17245] netlink_rcv_skb+0x15a/0x410 [ 517.805480][T17245] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 517.811819][T17245] ? netlink_ack+0xa80/0xa80 06:10:18 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d046cfc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:18 executing program 0: socket$kcm(0xa, 0x6, 0x0) ioctl$VIDIOC_S_TUNER(0xffffffffffffffff, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffefc) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000006c0)=ANY=[@ANYBLOB="0000f100f76f527aadccf6a9edcabfc005e448ecd1ed5c6337b56309d5e92abf8854b8e4f75717bf093b56cc5a6797b4ab213eb8fd163dee4cb28fee75370e8cd2f0e4b141b383d9924d0d2256419263765d41296b7d63b549535cd3a3dd092ec84f1054912a8bd2f78ae15f5b6ae9e47c0095e1547f0a378102381d0a78e9550c78c62b7a2e8659c380b001168dcb1b333df087762187a9092018fbeb895a377019079954b2db032c69aa8c07f2c701551940a512232ab894833db065fa6e63ba2d15b1fcdbed89ce01c3ae", @ANYRES16=r2, @ANYBLOB="00002abd7000fcdbdf250900000008000500000000000800040003000000440001800c00070010000000160000000700060073680000060001000a00000008000900000000000c000700160000002000000008000b00736970000800080002000000e3473e9a97dcc063ed1f9f82908152c4"], 0x68}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) ioctl$CAPI_GET_PROFILE(0xffffffffffffffff, 0xc0404309, &(0x7f00000003c0)=0x100) perf_event_open(&(0x7f000001d000)={0x3, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0x1}, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shutdown(0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000680)=[@in={0x2, 0x0, @rand_addr=0x40}]}, &(0x7f0000000180)=0x10) r4 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000300)={r5, 0x8}, &(0x7f0000000340)=0x8) r6 = socket$kcm(0x10, 0x2, 0x10) ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501) sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:18 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x400300}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 517.816451][T17245] genl_rcv+0x24/0x40 [ 517.820441][T17245] netlink_unicast+0x537/0x740 [ 517.825220][T17245] ? netlink_attachskb+0x810/0x810 [ 517.830333][T17245] ? _copy_from_iter_full+0x25c/0x870 [ 517.835698][T17245] ? __phys_addr_symbol+0x2c/0x70 [ 517.840714][T17245] ? __check_object_size+0x171/0x437 [ 517.846013][T17245] netlink_sendmsg+0x882/0xe10 [ 517.850801][T17245] ? aa_af_perm+0x260/0x260 [ 517.855309][T17245] ? netlink_unicast+0x740/0x740 [ 517.860268][T17245] ? netlink_unicast+0x740/0x740 [ 517.865208][T17245] sock_sendmsg+0xcf/0x120 [ 517.869633][T17245] ____sys_sendmsg+0x6b9/0x7d0 [ 517.874415][T17245] ? kernel_sendmsg+0x50/0x50 [ 517.879118][T17245] ? mark_lock+0xbc/0x1220 [ 517.883561][T17245] ___sys_sendmsg+0x100/0x170 [ 517.888262][T17245] ? sendmsg_copy_msghdr+0x70/0x70 [ 517.893387][T17245] ? __fget_files+0x329/0x4f0 [ 517.898093][T17245] ? ksys_dup3+0x3c0/0x3c0 [ 517.902506][T17245] ? lock_acquire+0x209/0x420 [ 517.907207][T17245] ? __fget_light+0x208/0x270 [ 517.911906][T17245] __sys_sendmsg+0xec/0x1b0 06:10:18 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="ec720000", @ANYRES16=r4, @ANYBLOB="11002abd70000000000010000000"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)={0x6c, r3, 0x0, 0x70bd2b, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_DEST={0x4}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'rr\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x3404c004}, 0x24000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket(0x2, 0xa, 0x8) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001700)='nl80211\x00') sendmsg$NL80211_CMD_DEL_STATION(r5, &(0x7f0000001840)={&(0x7f00000016c0), 0xc, &(0x7f0000001800)={&(0x7f0000001740)={0xa0, r6, 0x1, 0x70bd26, 0x25dfdbff, {}, [@NL80211_ATTR_STA_EXT_CAPABILITY={0x81, 0xac, "d049bda85a471125712697a803f71fc77a2e1cbe7719715ec7af0be922bc3d5062a90cbdb828652dff516882585d75e88705a38f7837821a671384d5f9e8bd0980a4b53c54e76fd57d822a4a753c117d5f2dc55052f287de9e033674f15de934193510e3fb5bb91338f6924cccee6bca226bcab47d8fd6d834464dbc25"}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x1}]}, 0xa0}, 0x1, 0x0, 0x0, 0x40046}, 0x4) r7 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 517.916406][T17245] ? __sys_sendmsg_sock+0xb0/0xb0 [ 517.921433][T17245] ? __x64_sys_futex+0x380/0x4f0 [ 517.926386][T17245] ? trace_hardirqs_off_caller+0x55/0x230 [ 517.932110][T17245] ? do_syscall_64+0x21/0x7d0 [ 517.936794][T17245] do_syscall_64+0xf6/0x7d0 [ 517.941302][T17245] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 517.947188][T17245] RIP: 0033:0x45c849 [ 517.951081][T17245] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 517.970686][T17245] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 517.979104][T17245] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 [ 517.987075][T17245] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 517.995049][T17245] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 518.003022][T17245] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 518.010996][T17245] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c 06:10:18 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x0, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:18 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 518.037912][T17474] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 518.070377][T17474] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. 06:10:18 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0xf0ffff}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 518.085534][T17474] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 518.085534][T17474] !' [ 518.152882][T17474] CPU: 1 PID: 17474 Comm: syz-executor.2 Not tainted 5.6.0-rc7-syzkaller #0 [ 518.161574][T17474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 518.171625][T17474] Call Trace: [ 518.174902][T17474] dump_stack+0x188/0x20d [ 518.179236][T17474] sysfs_warn_dup.cold+0x1c/0x2d [ 518.184194][T17474] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 518.190275][T17474] sysfs_create_link+0x61/0xc0 [ 518.195056][T17474] device_add+0x71c/0x1bc0 [ 518.199494][T17474] ? uevent_show+0x360/0x360 [ 518.204097][T17474] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 518.210097][T17474] wiphy_register+0x1c46/0x2720 [ 518.214976][T17474] ? wiphy_unregister+0xf90/0xf90 [ 518.220008][T17474] ? __kmalloc+0x629/0x7a0 [ 518.224425][T17474] ? ieee80211_register_hw+0xbea/0x3760 [ 518.229984][T17474] ? ieee80211_cs_list_valid+0x198/0x280 [ 518.235649][T17474] ieee80211_register_hw+0x141d/0x3760 [ 518.241138][T17474] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 518.246607][T17474] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 518.252159][T17474] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 518.258152][T17474] ? memset+0x20/0x40 [ 518.262161][T17474] ? __hrtimer_init+0x134/0x260 [ 518.267028][T17474] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 518.272753][T17474] ? vprintk_func+0x81/0x17e [ 518.277353][T17474] ? hwsim_register_received_nl+0x400/0x400 [ 518.283234][T17474] hwsim_new_radio_nl+0x905/0xf60 [ 518.288266][T17474] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 518.294168][T17474] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 518.300481][T17474] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 518.306989][T17474] genl_rcv_msg+0x627/0xdf0 [ 518.311507][T17474] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 518.317868][T17474] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 518.323670][T17474] netlink_rcv_skb+0x15a/0x410 [ 518.328427][T17474] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 518.334744][T17474] ? netlink_ack+0xa80/0xa80 [ 518.339469][T17474] genl_rcv+0x24/0x40 [ 518.343576][T17474] netlink_unicast+0x537/0x740 [ 518.348358][T17474] ? netlink_attachskb+0x810/0x810 [ 518.353466][T17474] ? _copy_from_iter_full+0x25c/0x870 [ 518.358832][T17474] ? __phys_addr_symbol+0x2c/0x70 [ 518.363855][T17474] ? __check_object_size+0x171/0x437 [ 518.369148][T17474] netlink_sendmsg+0x882/0xe10 [ 518.373944][T17474] ? aa_af_perm+0x260/0x260 [ 518.378497][T17474] ? netlink_unicast+0x740/0x740 [ 518.383438][T17474] ? netlink_unicast+0x740/0x740 [ 518.388370][T17474] sock_sendmsg+0xcf/0x120 [ 518.392797][T17474] ____sys_sendmsg+0x6b9/0x7d0 [ 518.397569][T17474] ? kernel_sendmsg+0x50/0x50 [ 518.402239][T17474] ? mark_lock+0xbc/0x1220 [ 518.406642][T17474] ___sys_sendmsg+0x100/0x170 [ 518.411304][T17474] ? sendmsg_copy_msghdr+0x70/0x70 [ 518.416405][T17474] ? __fget_files+0x329/0x4f0 [ 518.421084][T17474] ? ksys_dup3+0x3c0/0x3c0 [ 518.425498][T17474] ? lock_acquire+0x197/0x420 [ 518.430180][T17474] ? __might_fault+0xef/0x1d0 [ 518.434857][T17474] ? __fget_light+0x208/0x270 [ 518.439531][T17474] __sys_sendmsg+0xec/0x1b0 [ 518.444024][T17474] ? __sys_sendmsg_sock+0xb0/0xb0 [ 518.449058][T17474] ? do_syscall_64+0x4f/0x7d0 [ 518.453740][T17474] do_syscall_64+0xf6/0x7d0 [ 518.458247][T17474] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 518.464134][T17474] RIP: 0033:0x45c849 [ 518.468031][T17474] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 518.487631][T17474] RSP: 002b:00007faf1896ec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 518.496041][T17474] RAX: ffffffffffffffda RBX: 00007faf1896f6d4 RCX: 000000000045c849 [ 518.504005][T17474] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 518.511953][T17474] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 518.519910][T17474] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 518.527882][T17474] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c [ 518.542859][T17704] netlink: 'syz-executor.4': attribute type 8 has an invalid length. 06:10:19 executing program 2: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0463fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:19 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) read$dsp(r0, &(0x7f0000000300)=""/84, 0x54) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 518.596038][T17704] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.4'. 06:10:19 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x1000000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 518.641882][T17704] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 518.641882][T17704] !' [ 518.658650][T17704] CPU: 1 PID: 17704 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 518.667339][T17704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 518.677391][T17704] Call Trace: [ 518.680689][T17704] dump_stack+0x188/0x20d [ 518.685020][T17704] sysfs_warn_dup.cold+0x1c/0x2d [ 518.689958][T17704] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 518.696036][T17704] sysfs_create_link+0x61/0xc0 [ 518.700855][T17704] device_add+0x71c/0x1bc0 [ 518.705401][T17704] ? uevent_show+0x360/0x360 [ 518.710008][T17704] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 518.716005][T17704] wiphy_register+0x1c46/0x2720 [ 518.720876][T17704] ? wiphy_unregister+0xf90/0xf90 [ 518.725902][T17704] ? retint_kernel+0x2b/0x2b [ 518.730518][T17704] ? ieee80211_cs_list_valid+0x198/0x280 [ 518.736236][T17704] ieee80211_register_hw+0x141d/0x3760 [ 518.741769][T17704] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 518.747210][T17704] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 518.752737][T17704] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 518.758714][T17704] ? memset+0x20/0x40 [ 518.762689][T17704] ? __hrtimer_init+0x134/0x260 [ 518.767540][T17704] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 518.773252][T17704] ? vprintk_func+0x81/0x17e [ 518.777856][T17704] ? hwsim_register_received_nl+0x400/0x400 [ 518.783751][T17704] hwsim_new_radio_nl+0x905/0xf60 [ 518.788783][T17704] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 518.794667][T17704] ? cap_capable+0x1eb/0x250 [ 518.799249][T17704] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 518.805561][T17704] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 518.811905][T17704] genl_rcv_msg+0x627/0xdf0 [ 518.816408][T17704] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 518.822723][T17704] ? retint_kernel+0x2b/0x2b [ 518.827307][T17704] netlink_rcv_skb+0x15a/0x410 [ 518.832084][T17704] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 518.838415][T17704] ? netlink_ack+0xa80/0xa80 [ 518.843078][T17704] genl_rcv+0x24/0x40 [ 518.847079][T17704] netlink_unicast+0x537/0x740 [ 518.851847][T17704] ? netlink_attachskb+0x810/0x810 [ 518.856955][T17704] ? _copy_from_iter_full+0x25c/0x870 [ 518.862305][T17704] ? __phys_addr_symbol+0x2c/0x70 [ 518.867317][T17704] ? __check_object_size+0x171/0x437 [ 518.872605][T17704] netlink_sendmsg+0x882/0xe10 [ 518.877363][T17704] ? netlink_unicast+0x740/0x740 [ 518.882288][T17704] ? netlink_unicast+0x740/0x740 [ 518.887202][T17704] sock_sendmsg+0xcf/0x120 [ 518.891613][T17704] ____sys_sendmsg+0x6b9/0x7d0 [ 518.896373][T17704] ? kernel_sendmsg+0x50/0x50 [ 518.901038][T17704] ? mark_lock+0xbc/0x1220 [ 518.905447][T17704] ___sys_sendmsg+0x100/0x170 [ 518.910132][T17704] ? sendmsg_copy_msghdr+0x70/0x70 [ 518.915250][T17704] ? __fget_files+0x329/0x4f0 [ 518.919914][T17704] ? ksys_dup3+0x3c0/0x3c0 [ 518.924309][T17704] ? lock_acquire+0x209/0x420 [ 518.929002][T17704] ? __fget_light+0x208/0x270 [ 518.933695][T17704] __sys_sendmsg+0xec/0x1b0 [ 518.938207][T17704] ? __sys_sendmsg_sock+0xb0/0xb0 [ 518.943250][T17704] do_syscall_64+0xf6/0x7d0 [ 518.947761][T17704] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 518.953642][T17704] RIP: 0033:0x45c849 [ 518.957524][T17704] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 518.977116][T17704] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 518.985508][T17704] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 518.993462][T17704] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 519.001411][T17704] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 519.009375][T17704] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 519.017347][T17704] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:19 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x2000000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:19 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 519.048412][T18022] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 519.061275][T18022] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 519.100369][T18022] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 519.100369][T18022] !' [ 519.144396][T18022] CPU: 1 PID: 18022 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 519.153079][T18022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 519.163132][T18022] Call Trace: [ 519.166430][T18022] dump_stack+0x188/0x20d [ 519.170803][T18022] sysfs_warn_dup.cold+0x1c/0x2d [ 519.175861][T18022] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 519.181956][T18022] sysfs_create_link+0x61/0xc0 [ 519.186730][T18022] device_add+0x71c/0x1bc0 06:10:20 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc09100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 519.191157][T18022] ? uevent_show+0x360/0x360 [ 519.195761][T18022] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 519.201755][T18022] wiphy_register+0x1c46/0x2720 [ 519.206625][T18022] ? wiphy_unregister+0xf90/0xf90 [ 519.211668][T18022] ? __kmalloc+0x629/0x7a0 [ 519.216088][T18022] ? ieee80211_register_hw+0xbea/0x3760 [ 519.221641][T18022] ? ieee80211_cs_list_valid+0x198/0x280 [ 519.227278][T18022] ieee80211_register_hw+0x141d/0x3760 [ 519.232761][T18022] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 519.238236][T18022] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 519.243794][T18022] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 519.249777][T18022] ? memset+0x20/0x40 [ 519.253764][T18022] ? __hrtimer_init+0x134/0x260 [ 519.258627][T18022] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 519.264351][T18022] ? vprintk_func+0x81/0x17e [ 519.268969][T18022] ? hwsim_register_received_nl+0x400/0x400 [ 519.274880][T18022] hwsim_new_radio_nl+0x905/0xf60 [ 519.279917][T18022] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 519.285812][T18022] ? cap_capable+0x1eb/0x250 [ 519.290423][T18022] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 519.296767][T18022] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 519.303116][T18022] genl_rcv_msg+0x627/0xdf0 [ 519.307644][T18022] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 519.313973][T18022] ? mark_held_locks+0x9f/0xe0 [ 519.318747][T18022] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 519.324210][T18022] ? lockdep_hardirqs_on+0x417/0x5d0 [ 519.329514][T18022] ? retint_kernel+0x2b/0x2b [ 519.334102][T18022] netlink_rcv_skb+0x15a/0x410 [ 519.338878][T18022] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 519.345198][T18022] ? netlink_ack+0xa80/0xa80 [ 519.349803][T18022] genl_rcv+0x24/0x40 [ 519.353772][T18022] netlink_unicast+0x537/0x740 [ 519.358535][T18022] ? netlink_attachskb+0x810/0x810 [ 519.363636][T18022] ? _copy_from_iter_full+0x25c/0x870 [ 519.368994][T18022] ? __phys_addr_symbol+0x2c/0x70 [ 519.374014][T18022] ? __check_object_size+0x171/0x437 [ 519.379296][T18022] netlink_sendmsg+0x882/0xe10 [ 519.384070][T18022] ? aa_af_perm+0x260/0x260 [ 519.388587][T18022] ? netlink_unicast+0x740/0x740 [ 519.393526][T18022] ? netlink_unicast+0x740/0x740 [ 519.398453][T18022] sock_sendmsg+0xcf/0x120 [ 519.402860][T18022] ____sys_sendmsg+0x6b9/0x7d0 [ 519.407726][T18022] ? kernel_sendmsg+0x50/0x50 [ 519.412408][T18022] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 519.417883][T18022] ___sys_sendmsg+0x100/0x170 [ 519.422561][T18022] ? sendmsg_copy_msghdr+0x70/0x70 [ 519.427673][T18022] ? __fget_files+0xc3/0x4f0 [ 519.432273][T18022] ? __fget_files+0x329/0x4f0 [ 519.436961][T18022] ? ksys_dup3+0x3c0/0x3c0 [ 519.441419][T18022] ? __fget_light+0x208/0x270 [ 519.446091][T18022] __sys_sendmsg+0xec/0x1b0 [ 519.450588][T18022] ? __sys_sendmsg_sock+0xb0/0xb0 [ 519.455615][T18022] ? __x64_sys_futex+0x380/0x4f0 [ 519.460575][T18022] ? trace_hardirqs_off_caller+0x55/0x230 [ 519.466287][T18022] ? do_syscall_64+0x21/0x7d0 [ 519.470988][T18022] do_syscall_64+0xf6/0x7d0 [ 519.475474][T18022] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 519.481344][T18022] RIP: 0033:0x45c849 [ 519.485217][T18022] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 519.504847][T18022] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 519.513234][T18022] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 [ 519.521184][T18022] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 519.529258][T18022] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 519.537228][T18022] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 06:10:20 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000340)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_ENABLE(r1, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000480)={0x1b8, r5, 0x8, 0x70bd27, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0x38, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x400}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xe}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}]}]}, @TIPC_NLA_NET={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0xb7}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7c}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x81}]}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xffffffffffff7fff}]}, @TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1fce}]}, @TIPC_NLA_LINK={0x118, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x101}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1ff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x20}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}, @TIPC_NLA_LINK_PROP={0x4c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_WIN={0x8}]}]}]}, 0x1b8}, 0x1, 0x0, 0x0, 0x4000001}, 0x0) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r3, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r6, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r4, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 519.545180][T18022] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c [ 519.557657][T18025] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 519.571612][T18025] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 519.603494][T18025] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 519.603494][T18025] !' [ 519.614062][T18025] CPU: 1 PID: 18025 Comm: syz-executor.2 Not tainted 5.6.0-rc7-syzkaller #0 [ 519.622740][T18025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 519.632790][T18025] Call Trace: [ 519.636087][T18025] dump_stack+0x188/0x20d [ 519.640429][T18025] sysfs_warn_dup.cold+0x1c/0x2d [ 519.645488][T18025] sysfs_do_create_link_sd.isra.0+0x119/0x130 06:10:20 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) getsockname$inet(r1, &(0x7f0000000300)={0x2, 0x0, @loopback}, &(0x7f0000000340)=0x10) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r5 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r3, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='\'\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="11002abd70000000000010000000"], 0x14}}, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = dup2(r6, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) write$midi(r7, &(0x7f0000000480)="002786c53e91497cd20f292dc2f5891c64c901b4610fa86168bc7207040d43ab86aa90b0b807511f31a2ade11d8cbcb607cd80f2b6bf4125afba3ba6b73cfe7d5a181a74b898c555ad6265dce6be15eaead2ab44d1af8a09e6a06cd875fb0f5c905d319983defa0a76c57c823184fffe4ac690f44b9f53db64ee8c5722ce5208ad0c353f2b204e523e63c9688f20570a559579", 0x93) sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r4, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 519.651559][T18025] sysfs_create_link+0x61/0xc0 [ 519.656325][T18025] device_add+0x71c/0x1bc0 [ 519.660770][T18025] ? uevent_show+0x360/0x360 [ 519.665352][T18025] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 519.671340][T18025] wiphy_register+0x1c46/0x2720 [ 519.676216][T18025] ? wiphy_unregister+0xf90/0xf90 [ 519.681245][T18025] ? __kmalloc+0x629/0x7a0 [ 519.685662][T18025] ? ieee80211_register_hw+0xbea/0x3760 [ 519.691214][T18025] ? ieee80211_cs_list_valid+0x198/0x280 [ 519.696866][T18025] ieee80211_register_hw+0x141d/0x3760 [ 519.702342][T18025] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 519.707808][T18025] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 519.713357][T18025] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 519.719342][T18025] ? memset+0x20/0x40 [ 519.723323][T18025] ? __hrtimer_init+0x134/0x260 [ 519.728185][T18025] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 519.733907][T18025] ? vprintk_func+0x81/0x17e [ 519.738524][T18025] ? hwsim_register_received_nl+0x400/0x400 [ 519.744431][T18025] hwsim_new_radio_nl+0x905/0xf60 [ 519.749460][T18025] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 519.755350][T18025] ? cap_capable+0x1eb/0x250 [ 519.759957][T18025] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 519.766293][T18025] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 519.772637][T18025] genl_rcv_msg+0x627/0xdf0 [ 519.777169][T18025] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 519.783527][T18025] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 519.789373][T18025] netlink_rcv_skb+0x15a/0x410 [ 519.794155][T18025] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 519.800487][T18025] ? netlink_ack+0xa80/0xa80 [ 519.805102][T18025] genl_rcv+0x24/0x40 [ 519.809098][T18025] netlink_unicast+0x537/0x740 [ 519.813882][T18025] ? netlink_attachskb+0x810/0x810 [ 519.818996][T18025] ? _copy_from_iter_full+0x25c/0x870 [ 519.824372][T18025] ? __phys_addr_symbol+0x2c/0x70 [ 519.829405][T18025] ? __check_object_size+0x171/0x437 [ 519.834703][T18025] netlink_sendmsg+0x882/0xe10 [ 519.839477][T18025] ? aa_af_perm+0x260/0x260 [ 519.843991][T18025] ? netlink_unicast+0x740/0x740 [ 519.848960][T18025] ? netlink_unicast+0x740/0x740 [ 519.853913][T18025] sock_sendmsg+0xcf/0x120 [ 519.858351][T18025] ____sys_sendmsg+0x6b9/0x7d0 [ 519.863118][T18025] ? kernel_sendmsg+0x50/0x50 [ 519.867810][T18025] ? mark_lock+0xbc/0x1220 [ 519.872243][T18025] ___sys_sendmsg+0x100/0x170 [ 519.876931][T18025] ? sendmsg_copy_msghdr+0x70/0x70 [ 519.882065][T18025] ? __fget_files+0x329/0x4f0 [ 519.886773][T18025] ? ksys_dup3+0x3c0/0x3c0 [ 519.891193][T18025] ? lock_acquire+0x197/0x420 [ 519.895873][T18025] ? __might_fault+0xef/0x1d0 [ 519.900558][T18025] ? __fget_light+0x208/0x270 06:10:20 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') fstat(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = socket(0x11, 0x800000003, 0x0) bind(r5, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2ac5000000012e0b3836005404b0e0301a060075f2e3ff5f163ee340b700000080000000000000fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c65400"}, 0x80) getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f0000000480)={{{@in6=@remote, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xe8) shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000840)={{0x0, 0x0, 0x0, r6, r4}, 0xb8fb, 0x0, 0x3, 0x8000}) write$P9_RGETATTR(0xffffffffffffffff, &(0x7f0000000480)={0xa0, 0x19, 0x2, {0x1001, {0x90, 0x3, 0x3}, 0xa, 0x0, r4, 0x1f, 0x4929, 0x2, 0xffffffffffffffe0, 0x3, 0xfdd1, 0x3, 0x101, 0x4, 0x100, 0x9a7, 0x8, 0xffffffff, 0x1738, 0x99e}}, 0xa0) r7 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r7, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 519.905249][T18025] __sys_sendmsg+0xec/0x1b0 [ 519.909754][T18025] ? __sys_sendmsg_sock+0xb0/0xb0 [ 519.914781][T18025] ? __x64_sys_futex+0x380/0x4f0 [ 519.919743][T18025] ? trace_hardirqs_off_caller+0x55/0x230 [ 519.925493][T18025] ? do_syscall_64+0x21/0x7d0 [ 519.930183][T18025] do_syscall_64+0xf6/0x7d0 [ 519.934696][T18025] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 519.940581][T18025] RIP: 0033:0x45c849 [ 519.944474][T18025] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 519.964065][T18025] RSP: 002b:00007faf189b0c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 519.972466][T18025] RAX: ffffffffffffffda RBX: 00007faf189b16d4 RCX: 000000000045c849 [ 519.980534][T18025] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 519.988506][T18025] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 519.996480][T18025] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 06:10:20 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x0, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:20 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) r1 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/net/pfkey\x00', 0x8c0, 0x0) r3 = socket(0x1, 0x1, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, &(0x7f0000000140)={0x0, 'syzkaller1\x00', {0x804}}) ioctl$VIDIOC_DQBUF(r1, 0xc0585611, &(0x7f00000003c0)={0x1, 0x2, 0x4, 0x20000000, 0x9, {0x77359400}, {0x4, 0xc, 0xa4, 0xe2, 0x20, 0x5, "c92a56e4"}, 0x100, 0x1, @fd=r2, 0x3, 0x0, r3}) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r7 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r5, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r7, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r4, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r6, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 520.004452][T18025] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:20 executing program 2: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d045afc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:20 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x3000000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 520.047775][T18238] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 520.098791][T18238] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.4'. 06:10:20 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 520.206210][T18238] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 520.206210][T18238] !' [ 520.218703][T18238] CPU: 1 PID: 18238 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 520.227389][T18238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 520.237446][T18238] Call Trace: [ 520.240741][T18238] dump_stack+0x188/0x20d [ 520.245085][T18238] sysfs_warn_dup.cold+0x1c/0x2d [ 520.250034][T18238] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 520.256107][T18238] sysfs_create_link+0x61/0xc0 [ 520.260871][T18238] device_add+0x71c/0x1bc0 [ 520.265301][T18238] ? uevent_show+0x360/0x360 [ 520.269903][T18238] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 520.275912][T18238] wiphy_register+0x1c46/0x2720 [ 520.280808][T18238] ? wiphy_unregister+0xf90/0xf90 [ 520.285843][T18238] ? __kmalloc+0x629/0x7a0 [ 520.290267][T18238] ? ieee80211_register_hw+0xbea/0x3760 [ 520.295817][T18238] ? ieee80211_register_hw+0xa58/0x3760 [ 520.301375][T18238] ? ieee80211_cs_list_valid+0x198/0x280 [ 520.307025][T18238] ieee80211_register_hw+0x141d/0x3760 [ 520.312516][T18238] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 520.317990][T18238] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 520.323543][T18238] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 520.329541][T18238] ? memset+0x20/0x40 [ 520.333549][T18238] ? __hrtimer_init+0x134/0x260 [ 520.338476][T18238] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 520.344197][T18238] ? vprintk_func+0x81/0x17e [ 520.348810][T18238] ? hwsim_register_received_nl+0x400/0x400 [ 520.354719][T18238] hwsim_new_radio_nl+0x905/0xf60 [ 520.359744][T18238] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 520.365631][T18238] ? security_capable+0x20/0xc0 [ 520.370465][T18238] ? cap_capable+0x1eb/0x250 [ 520.375062][T18238] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 520.381373][T18238] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 520.387689][T18238] genl_rcv_msg+0x627/0xdf0 [ 520.392183][T18238] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 520.398505][T18238] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 520.404297][T18238] netlink_rcv_skb+0x15a/0x410 [ 520.409058][T18238] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 520.415368][T18238] ? netlink_ack+0xa80/0xa80 [ 520.419959][T18238] genl_rcv+0x24/0x40 [ 520.423924][T18238] netlink_unicast+0x537/0x740 [ 520.428677][T18238] ? netlink_attachskb+0x810/0x810 [ 520.433766][T18238] ? _copy_from_iter_full+0x25c/0x870 [ 520.439123][T18238] ? __phys_addr_symbol+0x2c/0x70 [ 520.444131][T18238] ? __check_object_size+0x171/0x437 [ 520.449408][T18238] netlink_sendmsg+0x882/0xe10 [ 520.454158][T18238] ? aa_af_perm+0x260/0x260 [ 520.458641][T18238] ? netlink_unicast+0x740/0x740 [ 520.463574][T18238] ? netlink_unicast+0x740/0x740 [ 520.468495][T18238] sock_sendmsg+0xcf/0x120 [ 520.472911][T18238] ____sys_sendmsg+0x6b9/0x7d0 [ 520.477676][T18238] ? kernel_sendmsg+0x50/0x50 [ 520.482341][T18238] ? mark_lock+0xbc/0x1220 [ 520.486752][T18238] ___sys_sendmsg+0x100/0x170 [ 520.491414][T18238] ? sendmsg_copy_msghdr+0x70/0x70 [ 520.496526][T18238] ? __fget_files+0x329/0x4f0 [ 520.501193][T18238] ? ksys_dup3+0x3c0/0x3c0 [ 520.505597][T18238] ? __fget_light+0x50/0x270 [ 520.510174][T18238] ? __fget_light+0x208/0x270 [ 520.514841][T18238] __sys_sendmsg+0xec/0x1b0 [ 520.519329][T18238] ? __sys_sendmsg_sock+0xb0/0xb0 [ 520.524352][T18238] ? trace_hardirqs_off_caller+0x55/0x230 [ 520.530058][T18238] ? do_syscall_64+0x21/0x7d0 [ 520.534719][T18238] do_syscall_64+0xf6/0x7d0 [ 520.539220][T18238] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 520.545090][T18238] RIP: 0033:0x45c849 [ 520.548971][T18238] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 520.568550][T18238] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 520.576939][T18238] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 520.584909][T18238] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 520.592865][T18238] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 06:10:21 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') r4 = socket$inet6_tcp(0xa, 0x1, 0x0) dup2(r4, r4) r5 = socket(0x1, 0x1, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r5, 0x8983, &(0x7f0000000140)={0x0, 'syzkaller1\x00', {0x804}}) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) dup2(r6, r6) sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="14004000", @ANYBLOB="9cfc91be64874a71501fde0b2e15d401747759e57d762bd0fda43b9578ea40179efe464af0ff", @ANYPTR64=&(0x7f00000003c0)=ANY=[@ANYRESDEC=r4, @ANYPTR=&(0x7f0000000300)=ANY=[@ANYRES16=r5, @ANYPTR64, @ANYRESHEX, @ANYPTR64, @ANYRESOCT=r6, @ANYRES64, @ANYRES64], @ANYRES16]], 0x3}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="00002abd7000fcdbdf2509000000080005000000000008000400030000003f0001800c00070010000000160000000700060073680000060001000a000000080009000000000014000300ac1414bb0000000000000000000000cfcd000b00736970000800080002000000"], 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:21 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x4000000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 520.600815][T18238] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 520.608768][T18238] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:21 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0xa000000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 520.699404][T18653] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 520.710246][T18653] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. 06:10:21 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc0a100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 520.768317][T18653] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 520.768317][T18653] !' [ 520.798291][T18653] CPU: 1 PID: 18653 Comm: syz-executor.2 Not tainted 5.6.0-rc7-syzkaller #0 [ 520.806983][T18653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 520.817079][T18653] Call Trace: [ 520.820370][T18653] dump_stack+0x188/0x20d [ 520.824717][T18653] sysfs_warn_dup.cold+0x1c/0x2d [ 520.829671][T18653] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 520.835739][T18653] sysfs_create_link+0x61/0xc0 [ 520.840489][T18653] device_add+0x71c/0x1bc0 [ 520.844893][T18653] ? uevent_show+0x360/0x360 [ 520.849472][T18653] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 520.855445][T18653] wiphy_register+0x1c46/0x2720 [ 520.860300][T18653] ? wiphy_unregister+0xf90/0xf90 [ 520.865309][T18653] ? __kmalloc+0x629/0x7a0 [ 520.869707][T18653] ? ieee80211_register_hw+0xbea/0x3760 [ 520.875249][T18653] ? ieee80211_register_hw+0x2146/0x3760 [ 520.880867][T18653] ? ieee80211_cs_list_valid+0x198/0x280 [ 520.886480][T18653] ieee80211_register_hw+0x141d/0x3760 [ 520.891932][T18653] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 520.897375][T18653] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 520.902905][T18653] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 520.908881][T18653] ? memset+0x20/0x40 [ 520.912865][T18653] ? __hrtimer_init+0x134/0x260 [ 520.917710][T18653] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 520.923415][T18653] ? vprintk_func+0x81/0x17e [ 520.928013][T18653] ? hwsim_register_received_nl+0x400/0x400 [ 520.933916][T18653] hwsim_new_radio_nl+0x905/0xf60 [ 520.938936][T18653] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 520.944818][T18653] ? cap_capable+0x1eb/0x250 [ 520.949409][T18653] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 520.955719][T18653] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 520.962063][T18653] genl_rcv_msg+0x627/0xdf0 [ 520.966563][T18653] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 520.972899][T18653] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 520.978694][T18653] netlink_rcv_skb+0x15a/0x410 [ 520.983443][T18653] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 520.989756][T18653] ? netlink_ack+0xa80/0xa80 [ 520.994347][T18653] genl_rcv+0x24/0x40 [ 520.998311][T18653] netlink_unicast+0x537/0x740 [ 521.003081][T18653] ? netlink_attachskb+0x810/0x810 [ 521.008174][T18653] ? _copy_from_iter_full+0x25c/0x870 [ 521.013530][T18653] ? __phys_addr_symbol+0x2c/0x70 [ 521.018533][T18653] ? __check_object_size+0x171/0x437 [ 521.023808][T18653] netlink_sendmsg+0x882/0xe10 [ 521.028557][T18653] ? aa_af_perm+0x260/0x260 [ 521.033043][T18653] ? netlink_unicast+0x740/0x740 [ 521.037972][T18653] ? netlink_unicast+0x740/0x740 [ 521.042891][T18653] sock_sendmsg+0xcf/0x120 [ 521.047312][T18653] ____sys_sendmsg+0x6b9/0x7d0 [ 521.052068][T18653] ? kernel_sendmsg+0x50/0x50 [ 521.056738][T18653] ? mark_lock+0xbc/0x1220 [ 521.061153][T18653] ___sys_sendmsg+0x100/0x170 [ 521.065821][T18653] ? sendmsg_copy_msghdr+0x70/0x70 [ 521.070935][T18653] ? __fget_files+0x329/0x4f0 [ 521.075602][T18653] ? ksys_dup3+0x3c0/0x3c0 [ 521.080004][T18653] ? lock_acquire+0x197/0x420 [ 521.084667][T18653] ? __might_fault+0xef/0x1d0 [ 521.089337][T18653] ? __fget_light+0x208/0x270 [ 521.094007][T18653] __sys_sendmsg+0xec/0x1b0 [ 521.098493][T18653] ? __sys_sendmsg_sock+0xb0/0xb0 [ 521.103497][T18653] ? __x64_sys_futex+0x380/0x4f0 [ 521.108425][T18653] ? trace_hardirqs_off_caller+0x55/0x230 [ 521.114127][T18653] ? do_syscall_64+0x21/0x7d0 [ 521.118795][T18653] do_syscall_64+0xf6/0x7d0 [ 521.123284][T18653] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 521.129153][T18653] RIP: 0033:0x45c849 [ 521.133030][T18653] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 521.152629][T18653] RSP: 002b:00007faf189b0c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 521.161023][T18653] RAX: ffffffffffffffda RBX: 00007faf189b16d4 RCX: 000000000045c849 06:10:22 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="11002abd70000000000010000000"], 0x14}}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) dup2(r5, r5) shutdown(r5, 0x1) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 521.168986][T18653] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 521.176934][T18653] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 521.184883][T18653] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 521.192851][T18653] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:22 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0xe000000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 521.283967][T18655] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 521.309012][T18655] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. 06:10:22 executing program 2: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d045afc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 521.339700][T18655] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 521.339700][T18655] !' [ 521.368785][T18655] CPU: 0 PID: 18655 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 521.377475][T18655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 521.387531][T18655] Call Trace: [ 521.390831][T18655] dump_stack+0x188/0x20d [ 521.395182][T18655] sysfs_warn_dup.cold+0x1c/0x2d [ 521.400142][T18655] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 521.406239][T18655] sysfs_create_link+0x61/0xc0 [ 521.411013][T18655] device_add+0x71c/0x1bc0 [ 521.415445][T18655] ? uevent_show+0x360/0x360 [ 521.420046][T18655] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 521.426046][T18655] wiphy_register+0x1c46/0x2720 [ 521.430920][T18655] ? wiphy_unregister+0xf90/0xf90 [ 521.435975][T18655] ? __kmalloc+0x629/0x7a0 [ 521.440395][T18655] ? ieee80211_register_hw+0xbea/0x3760 [ 521.445960][T18655] ? ieee80211_cs_list_valid+0x198/0x280 [ 521.451603][T18655] ieee80211_register_hw+0x141d/0x3760 [ 521.457088][T18655] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 521.462558][T18655] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 521.468115][T18655] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 521.474102][T18655] ? memset+0x20/0x40 [ 521.478103][T18655] ? __hrtimer_init+0x134/0x260 [ 521.483072][T18655] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 521.488799][T18655] ? vprintk_func+0x81/0x17e [ 521.493426][T18655] ? hwsim_register_received_nl+0x400/0x400 [ 521.499322][T18655] hwsim_new_radio_nl+0x905/0xf60 [ 521.504341][T18655] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 521.510225][T18655] ? cap_capable+0x1eb/0x250 [ 521.514806][T18655] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 521.521108][T18655] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 521.527417][T18655] genl_rcv_msg+0x627/0xdf0 [ 521.531915][T18655] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 521.538244][T18655] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 521.544041][T18655] netlink_rcv_skb+0x15a/0x410 [ 521.548792][T18655] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 521.555098][T18655] ? netlink_ack+0xa80/0xa80 [ 521.559679][T18655] genl_rcv+0x24/0x40 [ 521.563643][T18655] netlink_unicast+0x537/0x740 [ 521.568391][T18655] ? netlink_attachskb+0x810/0x810 [ 521.573593][T18655] ? _copy_from_iter_full+0x25c/0x870 [ 521.578960][T18655] ? __phys_addr_symbol+0x2c/0x70 [ 521.583966][T18655] ? __check_object_size+0x171/0x437 [ 521.589234][T18655] netlink_sendmsg+0x882/0xe10 [ 521.593999][T18655] ? aa_af_perm+0x260/0x260 [ 521.598568][T18655] ? netlink_unicast+0x740/0x740 [ 521.603498][T18655] ? netlink_unicast+0x740/0x740 [ 521.608417][T18655] sock_sendmsg+0xcf/0x120 [ 521.612815][T18655] ____sys_sendmsg+0x6b9/0x7d0 [ 521.617571][T18655] ? kernel_sendmsg+0x50/0x50 [ 521.622238][T18655] ? mark_lock+0xbc/0x1220 [ 521.626648][T18655] ___sys_sendmsg+0x100/0x170 [ 521.631345][T18655] ? sendmsg_copy_msghdr+0x70/0x70 [ 521.636463][T18655] ? __fget_files+0x329/0x4f0 [ 521.641133][T18655] ? ksys_dup3+0x3c0/0x3c0 [ 521.645522][T18655] ? lock_acquire+0x197/0x420 [ 521.650189][T18655] ? __might_fault+0xef/0x1d0 [ 521.654849][T18655] ? __fget_light+0x208/0x270 [ 521.659517][T18655] __sys_sendmsg+0xec/0x1b0 [ 521.663995][T18655] ? __sys_sendmsg_sock+0xb0/0xb0 [ 521.669007][T18655] ? trace_hardirqs_off_caller+0x55/0x230 [ 521.674707][T18655] ? do_syscall_64+0x21/0x7d0 [ 521.679374][T18655] do_syscall_64+0xf6/0x7d0 [ 521.683867][T18655] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 521.689764][T18655] RIP: 0033:0x45c849 [ 521.693656][T18655] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 521.713262][T18655] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 521.721644][T18655] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 [ 521.729590][T18655] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 521.737556][T18655] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 521.745527][T18655] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 521.753491][T18655] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c 06:10:22 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x0, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:22 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) setregid(0x0, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:22 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, 0x0, 0x0) [ 521.787923][T19069] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 521.789158][ T0] NOHZ: local_softirq_pending 08 [ 521.796057][T19069] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.4'. 06:10:22 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x14000000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 521.839159][T19069] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 521.839159][T19069] !' [ 521.851574][T19069] CPU: 0 PID: 19069 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 521.860376][T19069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 521.870434][T19069] Call Trace: [ 521.873737][T19069] dump_stack+0x188/0x20d [ 521.878078][T19069] sysfs_warn_dup.cold+0x1c/0x2d [ 521.883030][T19069] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 521.889119][T19069] sysfs_create_link+0x61/0xc0 [ 521.893890][T19069] device_add+0x71c/0x1bc0 [ 521.898332][T19069] ? uevent_show+0x360/0x360 [ 521.902937][T19069] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 521.908944][T19069] wiphy_register+0x1c46/0x2720 [ 521.913824][T19069] ? wiphy_unregister+0xf90/0xf90 [ 521.918864][T19069] ? ieee80211_register_hw+0x13b6/0x3760 [ 521.924527][T19069] ieee80211_register_hw+0x141d/0x3760 [ 521.930022][T19069] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 521.935491][T19069] ? __hrtimer_init+0x4a/0x260 [ 521.940268][T19069] ? memset+0x20/0x40 [ 521.944257][T19069] ? memset+0x20/0x40 [ 521.948244][T19069] ? __hrtimer_init+0x134/0x260 [ 521.953108][T19069] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 521.958828][T19069] ? lockdep_hardirqs_on+0x417/0x5d0 [ 521.964132][T19069] ? hwsim_register_received_nl+0x400/0x400 [ 521.970036][T19069] ? hwsim_new_radio_nl+0x1b9/0xf60 [ 521.975246][T19069] hwsim_new_radio_nl+0x905/0xf60 [ 521.980286][T19069] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 06:10:22 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="11002abd70000000000600000000"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 521.986190][T19069] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 521.991936][T19069] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 521.998272][T19069] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 522.004616][T19069] genl_rcv_msg+0x627/0xdf0 [ 522.009139][T19069] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 522.015487][T19069] ? retint_kernel+0x2b/0x2b [ 522.020115][T19069] netlink_rcv_skb+0x15a/0x410 [ 522.024883][T19069] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 522.031202][T19069] ? netlink_ack+0xa80/0xa80 [ 522.035816][T19069] genl_rcv+0x24/0x40 [ 522.039790][T19069] netlink_unicast+0x537/0x740 [ 522.044545][T19069] ? netlink_attachskb+0x810/0x810 [ 522.049643][T19069] ? _copy_from_iter_full+0x25c/0x870 [ 522.054997][T19069] ? __phys_addr_symbol+0x2c/0x70 [ 522.060003][T19069] ? __check_object_size+0x171/0x437 [ 522.065283][T19069] netlink_sendmsg+0x882/0xe10 [ 522.070036][T19069] ? aa_af_perm+0x260/0x260 [ 522.074524][T19069] ? netlink_unicast+0x740/0x740 [ 522.079457][T19069] ? netlink_unicast+0x740/0x740 [ 522.084390][T19069] sock_sendmsg+0xcf/0x120 [ 522.088794][T19069] ____sys_sendmsg+0x6b9/0x7d0 [ 522.093546][T19069] ? kernel_sendmsg+0x50/0x50 [ 522.098211][T19069] ? mark_lock+0xbc/0x1220 [ 522.102636][T19069] ___sys_sendmsg+0x100/0x170 [ 522.107304][T19069] ? sendmsg_copy_msghdr+0x70/0x70 [ 522.112436][T19069] ? __fget_files+0x329/0x4f0 [ 522.117119][T19069] ? ksys_dup3+0x3c0/0x3c0 [ 522.121519][T19069] ? lock_acquire+0x209/0x420 [ 522.126192][T19069] ? __fget_light+0x208/0x270 [ 522.130864][T19069] __sys_sendmsg+0xec/0x1b0 [ 522.135347][T19069] ? __sys_sendmsg_sock+0xb0/0xb0 [ 522.140375][T19069] ? do_syscall_64+0x4f/0x7d0 [ 522.145041][T19069] do_syscall_64+0xf6/0x7d0 [ 522.149534][T19069] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 522.155411][T19069] RIP: 0033:0x45c849 [ 522.159292][T19069] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 522.178877][T19069] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 522.187288][T19069] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 522.195244][T19069] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 522.203199][T19069] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 522.211151][T19069] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 522.219105][T19069] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 522.264732][T19175] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 522.280269][T19175] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.2'. [ 522.318762][T19175] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 522.318762][T19175] !' [ 522.332906][T19175] CPU: 0 PID: 19175 Comm: syz-executor.2 Not tainted 5.6.0-rc7-syzkaller #0 [ 522.341590][T19175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 522.351747][T19175] Call Trace: [ 522.355017][T19175] dump_stack+0x188/0x20d [ 522.359333][T19175] sysfs_warn_dup.cold+0x1c/0x2d [ 522.364251][T19175] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 522.370294][T19175] sysfs_create_link+0x61/0xc0 [ 522.375043][T19175] device_add+0x71c/0x1bc0 [ 522.379441][T19175] ? uevent_show+0x360/0x360 [ 522.384010][T19175] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 522.389966][T19175] wiphy_register+0x1c46/0x2720 [ 522.394801][T19175] ? wiphy_unregister+0xf90/0xf90 [ 522.399807][T19175] ? __kmalloc+0x629/0x7a0 [ 522.404342][T19175] ? ieee80211_register_hw+0xbea/0x3760 [ 522.409869][T19175] ? ieee80211_cs_list_valid+0x198/0x280 [ 522.415481][T19175] ieee80211_register_hw+0x141d/0x3760 [ 522.421051][T19175] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 522.426502][T19175] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 522.432037][T19175] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 522.438017][T19175] ? memset+0x20/0x40 [ 522.441979][T19175] ? __hrtimer_init+0x134/0x260 [ 522.446828][T19175] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 522.452541][T19175] ? vprintk_func+0x81/0x17e [ 522.457122][T19175] ? hwsim_register_received_nl+0x400/0x400 [ 522.463003][T19175] hwsim_new_radio_nl+0x905/0xf60 [ 522.468029][T19175] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 522.473908][T19175] ? cap_capable+0x1eb/0x250 [ 522.478515][T19175] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 522.484833][T19175] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 522.491159][T19175] genl_rcv_msg+0x627/0xdf0 [ 522.495648][T19175] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 522.501961][T19175] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 522.507749][T19175] netlink_rcv_skb+0x15a/0x410 [ 522.512492][T19175] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 522.518796][T19175] ? netlink_ack+0xa80/0xa80 [ 522.523376][T19175] genl_rcv+0x24/0x40 [ 522.527334][T19175] netlink_unicast+0x537/0x740 [ 522.532089][T19175] ? netlink_attachskb+0x810/0x810 [ 522.537193][T19175] ? _copy_from_iter_full+0x25c/0x870 [ 522.542568][T19175] ? __phys_addr_symbol+0x2c/0x70 [ 522.547566][T19175] ? __check_object_size+0x171/0x437 [ 522.552829][T19175] netlink_sendmsg+0x882/0xe10 [ 522.557569][T19175] ? aa_af_perm+0x260/0x260 [ 522.562045][T19175] ? netlink_unicast+0x740/0x740 [ 522.566973][T19175] ? netlink_unicast+0x740/0x740 [ 522.571891][T19175] sock_sendmsg+0xcf/0x120 [ 522.576324][T19175] ____sys_sendmsg+0x6b9/0x7d0 [ 522.581074][T19175] ? kernel_sendmsg+0x50/0x50 [ 522.585743][T19175] ___sys_sendmsg+0x100/0x170 [ 522.590409][T19175] ? sendmsg_copy_msghdr+0x70/0x70 [ 522.595516][T19175] ? __fget_files+0x329/0x4f0 [ 522.600180][T19175] ? ksys_dup3+0x3c0/0x3c0 [ 522.604581][T19175] ? __schedule+0x93c/0x1f90 [ 522.609155][T19175] ? __fget_light+0x208/0x270 [ 522.613818][T19175] __sys_sendmsg+0xec/0x1b0 [ 522.618303][T19175] ? __sys_sendmsg_sock+0xb0/0xb0 [ 522.623324][T19175] ? do_syscall_64+0xbc/0x7d0 [ 522.627983][T19175] do_syscall_64+0xf6/0x7d0 [ 522.632472][T19175] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 522.638344][T19175] RIP: 0033:0x45c849 [ 522.642222][T19175] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 522.661800][T19175] RSP: 002b:00007faf189b0c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e 06:10:23 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x19000000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 522.670183][T19175] RAX: ffffffffffffffda RBX: 00007faf189b16d4 RCX: 000000000045c849 [ 522.678129][T19175] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 522.686080][T19175] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 522.694031][T19175] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 522.701985][T19175] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:23 executing program 2: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/userio\x00', 0x250040, 0x0) writev(r3, &(0x7f0000000340), 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) close(r4) r5 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x36b8, 0x127040) write$binfmt_elf64(r5, &(0x7f00000003c0)=ANY=[], 0x0) close(r2) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000040)={0x7ff}, 0x10) write(0xffffffffffffffff, &(0x7f0000000180)="2000000012005f0214f9f407000000000a", 0x11) accept4$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000180)=0x14, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) writev(r1, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce6908", 0x7}], 0x1) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfef0) splice(r0, 0x0, r2, 0x0, 0x80000001, 0x0) 06:10:23 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, 0x0, 0x0) [ 522.767134][T19069] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 522.787743][T19069] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.4'. [ 522.851007][T19069] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 522.851007][T19069] !' [ 522.884741][T19069] CPU: 0 PID: 19069 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 522.893430][T19069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 522.903482][T19069] Call Trace: [ 522.906786][T19069] dump_stack+0x188/0x20d [ 522.911134][T19069] sysfs_warn_dup.cold+0x1c/0x2d [ 522.916092][T19069] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 522.922171][T19069] sysfs_create_link+0x61/0xc0 [ 522.926942][T19069] device_add+0x71c/0x1bc0 [ 522.931373][T19069] ? uevent_show+0x360/0x360 [ 522.935970][T19069] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 522.941979][T19069] wiphy_register+0x1c46/0x2720 [ 522.946856][T19069] ? wiphy_unregister+0xf90/0xf90 [ 522.951892][T19069] ? __kmalloc+0x629/0x7a0 [ 522.956323][T19069] ? ieee80211_register_hw+0xbea/0x3760 [ 522.961886][T19069] ? ieee80211_cs_list_valid+0x198/0x280 [ 522.967529][T19069] ieee80211_register_hw+0x141d/0x3760 [ 522.973006][T19069] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 522.978461][T19069] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 522.984008][T19069] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 522.989979][T19069] ? memset+0x20/0x40 [ 522.993947][T19069] ? __hrtimer_init+0x134/0x260 [ 522.998796][T19069] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 523.004495][T19069] ? vprintk_func+0x81/0x17e [ 523.009074][T19069] ? hwsim_register_received_nl+0x400/0x400 [ 523.014951][T19069] hwsim_new_radio_nl+0x905/0xf60 [ 523.019986][T19069] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 523.025873][T19069] ? cap_capable+0x1eb/0x250 [ 523.030485][T19069] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 523.036818][T19069] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 523.043165][T19069] genl_rcv_msg+0x627/0xdf0 [ 523.047689][T19069] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 523.054012][T19069] ? lockdep_hardirqs_on+0x417/0x5d0 [ 523.059291][T19069] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 523.064766][T19069] netlink_rcv_skb+0x15a/0x410 [ 523.069516][T19069] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 523.075835][T19069] ? netlink_ack+0xa80/0xa80 [ 523.080430][T19069] genl_rcv+0x24/0x40 [ 523.084406][T19069] netlink_unicast+0x537/0x740 [ 523.089161][T19069] ? netlink_attachskb+0x810/0x810 [ 523.094250][T19069] ? _copy_from_iter_full+0x25c/0x870 [ 523.099597][T19069] ? __phys_addr_symbol+0x2c/0x70 [ 523.104640][T19069] ? __check_object_size+0x171/0x437 [ 523.109938][T19069] netlink_sendmsg+0x882/0xe10 [ 523.114686][T19069] ? aa_af_perm+0x260/0x260 [ 523.119175][T19069] ? netlink_unicast+0x740/0x740 [ 523.124117][T19069] ? netlink_unicast+0x740/0x740 [ 523.129046][T19069] sock_sendmsg+0xcf/0x120 [ 523.133462][T19069] ____sys_sendmsg+0x6b9/0x7d0 [ 523.138207][T19069] ? kernel_sendmsg+0x50/0x50 [ 523.142862][T19069] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 523.148557][T19069] ? retint_kernel+0x2b/0x2b [ 523.153144][T19069] ___sys_sendmsg+0x100/0x170 [ 523.157805][T19069] ? sendmsg_copy_msghdr+0x70/0x70 [ 523.162900][T19069] ? __fget_files+0x329/0x4f0 [ 523.167576][T19069] ? ksys_dup3+0x3c0/0x3c0 [ 523.172031][T19069] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 523.177752][T19069] ? retint_kernel+0x2b/0x2b [ 523.182335][T19069] ? __fget_light+0x208/0x270 [ 523.186996][T19069] __sys_sendmsg+0xec/0x1b0 [ 523.191475][T19069] ? __sys_sendmsg_sock+0xb0/0xb0 [ 523.196478][T19069] ? __x64_sys_futex+0x380/0x4f0 [ 523.201411][T19069] ? trace_hardirqs_off_caller+0x55/0x230 [ 523.207107][T19069] ? do_syscall_64+0x21/0x7d0 [ 523.211810][T19069] do_syscall_64+0xf6/0x7d0 [ 523.216296][T19069] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 523.222172][T19069] RIP: 0033:0x45c849 [ 523.226055][T19069] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 523.245633][T19069] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 523.254015][T19069] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 523.261967][T19069] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 523.269926][T19069] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 523.277896][T19069] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 523.285850][T19069] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 523.302174][T19393] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 523.317702][T19393] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 523.337138][T19393] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 523.337138][T19393] !' 06:10:24 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc25100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:24 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TIOCGETD(r2, 0x5424, &(0x7f0000000300)) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r4, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000c2", @ANYRES16=r6, @ANYBLOB="11002abd70000000000010000000"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r3, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r5, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:24 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x28000000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 523.346980][T19393] CPU: 0 PID: 19393 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 523.355651][T19393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 523.365706][T19393] Call Trace: [ 523.369006][T19393] dump_stack+0x188/0x20d [ 523.373355][T19393] sysfs_warn_dup.cold+0x1c/0x2d [ 523.378310][T19393] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 523.384388][T19393] sysfs_create_link+0x61/0xc0 [ 523.389159][T19393] device_add+0x71c/0x1bc0 [ 523.393612][T19393] ? uevent_show+0x360/0x360 [ 523.398211][T19393] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 523.404205][T19393] wiphy_register+0x1c46/0x2720 [ 523.409081][T19393] ? wiphy_unregister+0xf90/0xf90 [ 523.414116][T19393] ? __kmalloc+0x629/0x7a0 [ 523.418557][T19393] ? ieee80211_register_hw+0xbea/0x3760 [ 523.424113][T19393] ? ieee80211_cs_list_valid+0x198/0x280 [ 523.429768][T19393] ieee80211_register_hw+0x141d/0x3760 [ 523.435251][T19393] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 523.440781][T19393] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 523.446375][T19393] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 523.452352][T19393] ? memset+0x20/0x40 [ 523.456329][T19393] ? __hrtimer_init+0x134/0x260 [ 523.461178][T19393] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 523.466882][T19393] ? vprintk_func+0x81/0x17e [ 523.471476][T19393] ? hwsim_register_received_nl+0x400/0x400 [ 523.477360][T19393] hwsim_new_radio_nl+0x905/0xf60 [ 523.482372][T19393] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 523.488265][T19393] ? cap_capable+0x1eb/0x250 [ 523.492854][T19393] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 523.499163][T19393] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 523.505481][T19393] genl_rcv_msg+0x627/0xdf0 [ 523.509982][T19393] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 523.516314][T19393] ? lockdep_hardirqs_on+0x417/0x5d0 [ 523.521588][T19393] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 523.527043][T19393] netlink_rcv_skb+0x15a/0x410 [ 523.531801][T19393] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 523.538128][T19393] ? netlink_ack+0xa80/0xa80 [ 523.542734][T19393] genl_rcv+0x24/0x40 [ 523.546721][T19393] netlink_unicast+0x537/0x740 [ 523.551485][T19393] ? netlink_attachskb+0x810/0x810 [ 523.556591][T19393] netlink_sendmsg+0x882/0xe10 [ 523.561349][T19393] ? aa_af_perm+0x260/0x260 [ 523.565841][T19393] ? netlink_unicast+0x740/0x740 [ 523.570777][T19393] ? netlink_unicast+0x740/0x740 [ 523.575699][T19393] sock_sendmsg+0xcf/0x120 [ 523.580101][T19393] ____sys_sendmsg+0x6b9/0x7d0 [ 523.584850][T19393] ? kernel_sendmsg+0x50/0x50 [ 523.589534][T19393] ? mark_lock+0xbc/0x1220 [ 523.593947][T19393] ___sys_sendmsg+0x100/0x170 [ 523.598617][T19393] ? sendmsg_copy_msghdr+0x70/0x70 [ 523.603725][T19393] ? __fget_files+0x329/0x4f0 [ 523.608396][T19393] ? ksys_dup3+0x3c0/0x3c0 [ 523.612793][T19393] ? lock_acquire+0x197/0x420 [ 523.617451][T19393] ? __might_fault+0xef/0x1d0 [ 523.622125][T19393] ? __fget_light+0x208/0x270 [ 523.626797][T19393] __sys_sendmsg+0xec/0x1b0 [ 523.631282][T19393] ? __sys_sendmsg_sock+0xb0/0xb0 [ 523.636345][T19393] ? __x64_sys_futex+0x380/0x4f0 [ 523.641299][T19393] ? trace_hardirqs_off_caller+0x55/0x230 [ 523.647027][T19393] ? do_syscall_64+0x21/0x7d0 [ 523.651710][T19393] do_syscall_64+0xf6/0x7d0 [ 523.656214][T19393] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 523.662097][T19393] RIP: 0033:0x45c849 [ 523.665980][T19393] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 523.685565][T19393] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 523.693958][T19393] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 06:10:24 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x41c1, 0x40, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 523.701911][T19393] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 523.709863][T19393] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 523.717822][T19393] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 523.725779][T19393] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c 06:10:24 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x0, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:24 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x60000000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:24 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, 0x0, 0x0) 06:10:24 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc63100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 523.914661][T19818] netlink: 'syz-executor.3': attribute type 8 has an invalid length. 06:10:24 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x8d030000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 523.967903][T19818] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. 06:10:24 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = dup2(r5, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) write$P9_RSTAT(r6, &(0x7f0000000300)={0x4e, 0x7d, 0x1, {0x0, 0x47, 0x1, 0x6, {0x2, 0x3, 0x8}, 0x80000, 0x80, 0xfffffeff, 0x8000, 0x3, 'sh\x00', 0xb, '/dev/hwrng\x00', 0x0, '', 0x6, 'em0,*\xd3'}}, 0x4e) r7 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:24 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 524.049524][T19818] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 524.049524][T19818] !' [ 524.062834][T19818] CPU: 0 PID: 19818 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 524.071524][T19818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 524.081580][T19818] Call Trace: [ 524.084883][T19818] dump_stack+0x188/0x20d [ 524.089243][T19818] sysfs_warn_dup.cold+0x1c/0x2d [ 524.094195][T19818] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 524.100281][T19818] sysfs_create_link+0x61/0xc0 [ 524.105064][T19818] device_add+0x71c/0x1bc0 [ 524.109499][T19818] ? uevent_show+0x360/0x360 [ 524.114103][T19818] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 524.120107][T19818] wiphy_register+0x1c46/0x2720 [ 524.124986][T19818] ? wiphy_unregister+0xf90/0xf90 [ 524.130011][T19818] ? retint_kernel+0x2b/0x2b [ 524.134615][T19818] ? ieee80211_register_hw+0xd5f/0x3760 [ 524.140169][T19818] ? ieee80211_cs_list_valid+0x198/0x280 [ 524.145830][T19818] ieee80211_register_hw+0x141d/0x3760 [ 524.151318][T19818] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 524.156791][T19818] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 524.162348][T19818] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 524.168340][T19818] ? memset+0x20/0x40 [ 524.172331][T19818] ? __hrtimer_init+0x134/0x260 [ 524.177193][T19818] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 524.182942][T19818] ? hwsim_register_received_nl+0x400/0x400 [ 524.188859][T19818] hwsim_new_radio_nl+0x905/0xf60 [ 524.193894][T19818] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 524.199383][T19818] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 524.205284][T19818] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 524.211038][T19818] genl_rcv_msg+0x627/0xdf0 [ 524.215564][T19818] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 524.221919][T19818] ? lockdep_hardirqs_on+0x417/0x5d0 [ 524.227222][T19818] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 524.232949][T19818] ? retint_kernel+0x2b/0x2b [ 524.237556][T19818] netlink_rcv_skb+0x15a/0x410 [ 524.242333][T19818] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 06:10:25 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x6a501, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x600c2, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="11b886e77c410f2956e1c414002a160f72fd25d87e00fc145e05c3cfa46467eec553a85df2d53cbf8e33af25193abfc63af01be03dbf5e1879ee6478bd3a5c05585c6e13c7b282bdc1079ed4aa9b87532e2067ee8af6fb94c45701a4360fcea0dd545009d35f440a4493a2e4a1aac27dd6cdf5578055f84de1c097b92b3b9bf5cc25499223ddfd9bd6a91c3d39992c174be92adea5351a28ff4d036f3fa0d419a3a614b0aaf36e8766a55da884eddb74e6d823c8f1a1a5824efd0bf0bd472af9e2dfeacb305aee87ed0a100b0efc353da2e57d9cb9c3b4f912e52941623add5806000000000000000675a185f268f95be8399d52a27d5500"/259], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000003c0)=ANY=[@ANYBLOB="70bc0000", @ANYRES16=r3, @ANYBLOB="00002abd7000fcdbdf2509000000080005000000000008000400030000004c0001800c0007001000444e963d05160000000700060073680000060001000a000000080009000000000014000300ac1414bb00000000000000000000000008000b00736970000800080002000000"], 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PPPIOCATTACH(r0, 0x4004743d, &(0x7f0000000300)=0x2) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 524.248667][T19818] ? netlink_ack+0xa80/0xa80 [ 524.253295][T19818] genl_rcv+0x24/0x40 [ 524.257284][T19818] netlink_unicast+0x537/0x740 [ 524.262061][T19818] ? netlink_attachskb+0x810/0x810 [ 524.267171][T19818] ? _copy_from_iter_full+0x25c/0x870 [ 524.272546][T19818] ? __phys_addr_symbol+0x2c/0x70 [ 524.277571][T19818] ? __check_object_size+0x171/0x437 [ 524.282874][T19818] netlink_sendmsg+0x882/0xe10 [ 524.287651][T19818] ? netlink_unicast+0x740/0x740 [ 524.292605][T19818] ? netlink_unicast+0x740/0x740 [ 524.297535][T19818] sock_sendmsg+0xcf/0x120 [ 524.301949][T19818] ____sys_sendmsg+0x6b9/0x7d0 [ 524.306740][T19818] ? kernel_sendmsg+0x50/0x50 [ 524.311427][T19818] ? mark_lock+0xbc/0x1220 [ 524.315864][T19818] ___sys_sendmsg+0x100/0x170 [ 524.320548][T19818] ? sendmsg_copy_msghdr+0x70/0x70 [ 524.325683][T19818] ? __fget_files+0x329/0x4f0 [ 524.330381][T19818] ? ksys_dup3+0x3c0/0x3c0 [ 524.334814][T19818] ? __fget_light+0x208/0x270 [ 524.339506][T19818] __sys_sendmsg+0xec/0x1b0 [ 524.344012][T19818] ? __sys_sendmsg_sock+0xb0/0xb0 [ 524.349064][T19818] ? trace_hardirqs_off_caller+0x55/0x230 [ 524.354797][T19818] ? do_syscall_64+0x21/0x7d0 [ 524.359482][T19818] do_syscall_64+0xf6/0x7d0 [ 524.363996][T19818] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 524.369887][T19818] RIP: 0033:0x45c849 [ 524.373782][T19818] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 06:10:25 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) syz_open_dev$sndpcmc(&(0x7f0000000300)='/dev/snd/pcmC#D#c\x00', 0xfffffffffffffffa, 0x40000) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x6}, 0x0, 0x80000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = dup2(r6, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$TIOCEXCL(r7, 0x540c) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 524.393379][T19818] RSP: 002b:00007f081711fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 524.401790][T19818] RAX: ffffffffffffffda RBX: 00007f08171206d4 RCX: 000000000045c849 [ 524.409763][T19818] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 524.417732][T19818] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 524.425706][T19818] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 524.433766][T19818] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:25 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:25 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x9effffff}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 524.505293][T19926] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 524.520807][T19926] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.4'. 06:10:25 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x0, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:25 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) [ 524.619286][T19926] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 524.619286][T19926] !' [ 524.663780][T19926] CPU: 1 PID: 19926 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 524.672469][T19926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 524.682522][T19926] Call Trace: [ 524.685835][T19926] dump_stack+0x188/0x20d [ 524.690184][T19926] sysfs_warn_dup.cold+0x1c/0x2d [ 524.695135][T19926] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 524.701213][T19926] sysfs_create_link+0x61/0xc0 [ 524.705982][T19926] device_add+0x71c/0x1bc0 [ 524.710421][T19926] ? uevent_show+0x360/0x360 [ 524.715029][T19926] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 524.721038][T19926] wiphy_register+0x1c46/0x2720 [ 524.725916][T19926] ? wiphy_unregister+0xf90/0xf90 [ 524.730949][T19926] ? __kmalloc+0x629/0x7a0 [ 524.735366][T19926] ? ieee80211_register_hw+0xbea/0x3760 [ 524.740925][T19926] ? ieee80211_cs_list_valid+0x198/0x280 [ 524.746568][T19926] ieee80211_register_hw+0x141d/0x3760 [ 524.752052][T19926] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 524.757519][T19926] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 524.763070][T19926] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 524.769052][T19926] ? memset+0x20/0x40 [ 524.773037][T19926] ? __hrtimer_init+0x134/0x260 [ 524.777903][T19926] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 524.783625][T19926] ? vprintk_func+0x81/0x17e [ 524.788247][T19926] ? hwsim_register_received_nl+0x400/0x400 [ 524.794161][T19926] hwsim_new_radio_nl+0x905/0xf60 [ 524.799200][T19926] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 524.805091][T19926] ? cap_capable+0x1eb/0x250 [ 524.809697][T19926] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 524.816032][T19926] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 524.822375][T19926] genl_rcv_msg+0x627/0xdf0 [ 524.826903][T19926] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 524.833232][T19926] ? lockdep_hardirqs_on+0x417/0x5d0 [ 524.838528][T19926] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 524.844032][T19926] netlink_rcv_skb+0x15a/0x410 [ 524.848812][T19926] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 524.855164][T19926] ? netlink_ack+0xa80/0xa80 [ 524.859790][T19926] genl_rcv+0x24/0x40 [ 524.863781][T19926] netlink_unicast+0x537/0x740 [ 524.868563][T19926] ? netlink_attachskb+0x810/0x810 [ 524.873682][T19926] ? _copy_from_iter_full+0x25c/0x870 [ 524.879056][T19926] ? __phys_addr_symbol+0x2c/0x70 [ 524.884086][T19926] ? __check_object_size+0x171/0x437 [ 524.889386][T19926] netlink_sendmsg+0x882/0xe10 [ 524.894170][T19926] ? aa_af_perm+0x260/0x260 [ 524.898680][T19926] ? netlink_unicast+0x740/0x740 [ 524.903637][T19926] ? netlink_unicast+0x740/0x740 [ 524.908582][T19926] sock_sendmsg+0xcf/0x120 [ 524.913005][T19926] ____sys_sendmsg+0x6b9/0x7d0 [ 524.917782][T19926] ? kernel_sendmsg+0x50/0x50 [ 524.922495][T19926] ___sys_sendmsg+0x100/0x170 [ 524.927184][T19926] ? sendmsg_copy_msghdr+0x70/0x70 [ 524.932318][T19926] ? __fget_files+0x329/0x4f0 [ 524.937008][T19926] ? ksys_dup3+0x3c0/0x3c0 [ 524.941436][T19926] ? finish_task_switch+0x119/0x750 [ 524.946636][T19926] ? _raw_spin_unlock_irq+0x1f/0x80 [ 524.951959][T19926] ? lockdep_hardirqs_on+0x417/0x5d0 [ 524.957255][T19926] ? __fget_light+0x208/0x270 [ 524.961946][T19926] __sys_sendmsg+0xec/0x1b0 [ 524.966454][T19926] ? __sys_sendmsg_sock+0xb0/0xb0 [ 524.971500][T19926] ? trace_hardirqs_off_caller+0x55/0x230 [ 524.977225][T19926] ? do_syscall_64+0x21/0x7d0 [ 524.981912][T19926] do_syscall_64+0xf6/0x7d0 [ 524.986446][T19926] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 524.992336][T19926] RIP: 0033:0x45c849 06:10:25 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:25 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 524.996234][T19926] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 525.015838][T19926] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 525.024266][T19926] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 525.032242][T19926] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 525.040215][T19926] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 525.048181][T19926] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 525.056144][T19926] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 525.158546][T20405] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 525.183498][T20405] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. 06:10:26 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc6c100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 525.281715][T20405] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 525.281715][T20405] !' [ 525.318339][T20405] CPU: 0 PID: 20405 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 525.327030][T20405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 525.337089][T20405] Call Trace: [ 525.340403][T20405] dump_stack+0x188/0x20d [ 525.344747][T20405] sysfs_warn_dup.cold+0x1c/0x2d [ 525.349694][T20405] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 525.355775][T20405] sysfs_create_link+0x61/0xc0 [ 525.360543][T20405] device_add+0x71c/0x1bc0 [ 525.364984][T20405] ? uevent_show+0x360/0x360 [ 525.369579][T20405] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 525.375582][T20405] wiphy_register+0x1c46/0x2720 [ 525.380459][T20405] ? wiphy_unregister+0xf90/0xf90 [ 525.385492][T20405] ? retint_kernel+0x2b/0x2b [ 525.390108][T20405] ? ieee80211_cs_list_valid+0x198/0x280 [ 525.395757][T20405] ieee80211_register_hw+0x141d/0x3760 [ 525.401240][T20405] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 525.406710][T20405] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 525.412265][T20405] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 525.418244][T20405] ? hrtimer_init+0x36/0x320 [ 525.422846][T20405] ? memset+0x20/0x40 [ 525.426835][T20405] ? __hrtimer_init+0x134/0x260 [ 525.431699][T20405] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 525.437421][T20405] ? lockdep_hardirqs_on+0x417/0x5d0 [ 525.442733][T20405] ? hwsim_register_received_nl+0x400/0x400 [ 525.448636][T20405] ? hwsim_new_radio_nl+0x1a3/0xf60 [ 525.453845][T20405] hwsim_new_radio_nl+0x905/0xf60 [ 525.458882][T20405] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 525.464777][T20405] ? cap_capable+0x1eb/0x250 [ 525.469396][T20405] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 525.475726][T20405] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 525.482062][T20405] genl_rcv_msg+0x627/0xdf0 [ 525.486588][T20405] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 525.492951][T20405] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 525.498774][T20405] netlink_rcv_skb+0x15a/0x410 [ 525.503649][T20405] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 525.509989][T20405] ? netlink_ack+0xa80/0xa80 [ 525.514614][T20405] genl_rcv+0x24/0x40 [ 525.518607][T20405] netlink_unicast+0x537/0x740 [ 525.523385][T20405] ? netlink_attachskb+0x810/0x810 [ 525.528505][T20405] ? _copy_from_iter_full+0x25c/0x870 [ 525.533888][T20405] ? __phys_addr_symbol+0x2c/0x70 [ 525.538921][T20405] ? __check_object_size+0x171/0x437 [ 525.544221][T20405] netlink_sendmsg+0x882/0xe10 [ 525.549004][T20405] ? aa_af_perm+0x260/0x260 [ 525.553519][T20405] ? netlink_unicast+0x740/0x740 [ 525.558486][T20405] ? netlink_unicast+0x740/0x740 [ 525.563433][T20405] sock_sendmsg+0xcf/0x120 [ 525.567857][T20405] ____sys_sendmsg+0x6b9/0x7d0 [ 525.572634][T20405] ? kernel_sendmsg+0x50/0x50 [ 525.577324][T20405] ? mark_lock+0xbc/0x1220 [ 525.581762][T20405] ___sys_sendmsg+0x100/0x170 [ 525.586441][T20405] ? sendmsg_copy_msghdr+0x70/0x70 [ 525.591584][T20405] ? __fget_files+0x329/0x4f0 [ 525.596274][T20405] ? ksys_dup3+0x3c0/0x3c0 [ 525.600686][T20405] ? lock_acquire+0x209/0x420 [ 525.605385][T20405] ? __fget_light+0x208/0x270 [ 525.610086][T20405] __sys_sendmsg+0xec/0x1b0 [ 525.614601][T20405] ? __sys_sendmsg_sock+0xb0/0xb0 [ 525.619632][T20405] ? __x64_sys_futex+0x380/0x4f0 [ 525.624605][T20405] ? trace_hardirqs_off_caller+0x55/0x230 [ 525.630334][T20405] ? do_syscall_64+0x21/0x7d0 [ 525.635039][T20405] do_syscall_64+0xf6/0x7d0 [ 525.639564][T20405] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 525.645455][T20405] RIP: 0033:0x45c849 [ 525.649350][T20405] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 525.668950][T20405] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e 06:10:26 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="00002abd7000fcdbdf2509000000080005000000000008000400030000004c0001800c00070010000000160000000700060073680000060001000a000000080009000000e3ebdedd178227e4bea6000014000300ac1414bb00000000000000000000000008000b007369"], 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:26 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0xf0ffffff}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:26 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) 06:10:26 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$sock_inet_udp_SIOCOUTQ(r2, 0x5411, &(0x7f0000000300)) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r4, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="11002abd70000000000010000000be656a05b1777b292c55607c1d9ace81b653cb9d4731ac2c"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r3, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000480)={0xb8, r5, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_DEST={0x44, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_L_THRESH={0x8}, @IPVS_DEST_ATTR_FWD_METHOD={0x8}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x800}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x400}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x4}, @IPVS_DEST_ATTR_FWD_METHOD={0x8}, @IPVS_DEST_ATTR_L_THRESH={0x8}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x400}]}, @IPVS_CMD_ATTR_SERVICE={0x58, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@remote}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) r7 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000340)='/dev/ocfs2_control\x00', 0x200000, 0x0) ioctl$TIOCOUTQ(r7, 0x5411, &(0x7f00000003c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:26 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:26 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="11002abdc48e0900ba2a63409cca71ba91e32570000000000010000000"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x6c, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0xe}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x48, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x12}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0x8, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 525.677364][T20405] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 [ 525.685342][T20405] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 525.693323][T20405] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 525.701294][T20405] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 525.709273][T20405] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c 06:10:26 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:26 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x0, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 525.749466][T20638] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 525.772099][T20638] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.4'. 06:10:26 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0xfffff000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 525.858225][T20638] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 525.858225][T20638] !' [ 525.897168][T20638] CPU: 1 PID: 20638 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 525.905945][T20638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 525.915992][T20638] Call Trace: [ 525.919305][T20638] dump_stack+0x188/0x20d [ 525.923651][T20638] sysfs_warn_dup.cold+0x1c/0x2d [ 525.928598][T20638] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 525.934679][T20638] sysfs_create_link+0x61/0xc0 [ 525.939447][T20638] device_add+0x71c/0x1bc0 [ 525.943872][T20638] ? uevent_show+0x360/0x360 [ 525.948457][T20638] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 525.954448][T20638] wiphy_register+0x1c46/0x2720 [ 525.959325][T20638] ? wiphy_unregister+0xf90/0xf90 [ 525.964359][T20638] ? __kmalloc+0x629/0x7a0 [ 525.968784][T20638] ? ieee80211_register_hw+0xbea/0x3760 [ 525.974348][T20638] ? ieee80211_cs_list_valid+0x198/0x280 [ 525.979985][T20638] ieee80211_register_hw+0x141d/0x3760 [ 525.985463][T20638] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 525.990936][T20638] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 525.996491][T20638] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 526.002479][T20638] ? memset+0x20/0x40 [ 526.006464][T20638] ? __hrtimer_init+0x134/0x260 [ 526.011334][T20638] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 526.017061][T20638] ? lockdep_hardirqs_on+0x417/0x5d0 [ 526.022373][T20638] ? hwsim_register_received_nl+0x400/0x400 [ 526.028287][T20638] hwsim_new_radio_nl+0x905/0xf60 [ 526.033324][T20638] ? retint_kernel+0x2b/0x2b [ 526.037927][T20638] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 526.043848][T20638] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 526.050181][T20638] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 526.056526][T20638] genl_rcv_msg+0x627/0xdf0 [ 526.061065][T20638] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 526.067425][T20638] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 526.073251][T20638] netlink_rcv_skb+0x15a/0x410 [ 526.078029][T20638] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 526.084373][T20638] ? netlink_ack+0xa80/0xa80 [ 526.088993][T20638] genl_rcv+0x24/0x40 [ 526.092986][T20638] netlink_unicast+0x537/0x740 [ 526.097767][T20638] ? netlink_attachskb+0x810/0x810 [ 526.102878][T20638] ? _copy_from_iter_full+0x25c/0x870 06:10:26 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:26 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x448043, 0x10e) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="11002abd7000000000001000000018a34ddad31cb8f4504faa49a68587de57e7346e3453c980514d4b268c724a45ee3a12535fa2246460f0884ff41dcae54e172afe1f3e7d45eae712ec1dfd0c2bd089486cf1239ceae535252e9a245e95e378a0a2be7bfc0398fe84bf7443a81d516e2a3dde8d6c96b6c73b6b51df74c7c474b6d0e213a73812ca21a056e1ee7528f65603b225f49854f5d81cc0dda10ec29cc0bbefec145c0c9c0e88ad83b546ff9a9990e03e8315d348b19f16797a1c704ce8f2c485610582b4b92d5220efe87956540843915875dd4bdd50236951c2bf067f70873ef6958d751b83fe81f40d7db9f700fb21a0ce79b643a769cafb8a8fb741d1b4bcd1ef128a7118f141cd537a63d94fa684e7d313812ba6ab3b514a86cccc34dcf6903178b228e0fad195ff2ba962b9b5adbd9da1bede97524a3adcf1007ee4babe833866dd6a1d0e15318b2a245135ee9167c750fe21853ad341d556b1967eb6a33ba58974d9100a3d09e91192ae139e6894cd01ade2285d385026bf61a111f9a197d381f8895daf948ec639800565e63999e40a5036d58bedda134fe2cc1087a7343708e7fc703a661ba4963714b2db6250c52f1095dbd2bd7a0000000000000000000000b28edad5bfb3e3d687c2f07debb504e6d07283a91579ebc72a3f83255f697aeaf57c31899d75d8cf5b24de6be5b239640ca1d179b13f99816599321a77d5c079d46adfd61f6f82a6b5570e3185c95513582774bf833ca284"], 0x14}}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = dup2(r5, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x8008551d, &(0x7f0000000340)={0x770d, 0x15, [{0xd, 0x1}, {0xd, 0x1}, {0x1, 0x1}, {0xa}, {}, {0xb}, {0xe, 0x1}, {0x9}, {0x0, 0x1}, {0x9, 0x1}, {0x6}, {0x4}, {0x4}, {0xb}, {0x9, 0x1}, {}, {0x1}, {0x5, 0x1}, {0x1}, {0xb, 0x1}, {0x4}]}) ioctl$EVIOCSABS2F(r6, 0x401845ef, &(0x7f0000000300)={0x2, 0x80000000, 0x1ac1, 0x2, 0x9, 0x6}) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x2c}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = socket$kcm(0x10, 0x1, 0x10) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 526.108250][T20638] ? __phys_addr_symbol+0x2c/0x70 [ 526.113280][T20638] ? __check_object_size+0x171/0x437 [ 526.118579][T20638] netlink_sendmsg+0x882/0xe10 [ 526.123352][T20638] ? aa_af_perm+0x260/0x260 [ 526.127861][T20638] ? netlink_unicast+0x740/0x740 [ 526.132828][T20638] ? netlink_unicast+0x740/0x740 [ 526.137788][T20638] sock_sendmsg+0xcf/0x120 [ 526.142216][T20638] ____sys_sendmsg+0x6b9/0x7d0 [ 526.146992][T20638] ? kernel_sendmsg+0x50/0x50 [ 526.151682][T20638] ? mark_lock+0xbc/0x1220 [ 526.156124][T20638] ___sys_sendmsg+0x100/0x170 [ 526.160812][T20638] ? sendmsg_copy_msghdr+0x70/0x70 [ 526.165941][T20638] ? __fget_files+0x329/0x4f0 [ 526.170632][T20638] ? ksys_dup3+0x3c0/0x3c0 [ 526.175050][T20638] ? lock_acquire+0x197/0x420 [ 526.179729][T20638] ? __might_fault+0xef/0x1d0 [ 526.184425][T20638] ? __fget_light+0x208/0x270 [ 526.189114][T20638] __sys_sendmsg+0xec/0x1b0 [ 526.193636][T20638] ? __sys_sendmsg_sock+0xb0/0xb0 [ 526.198678][T20638] ? __x64_sys_futex+0x380/0x4f0 [ 526.203664][T20638] ? trace_hardirqs_off_caller+0x55/0x230 [ 526.209397][T20638] ? do_syscall_64+0x21/0x7d0 [ 526.214128][T20638] do_syscall_64+0xf6/0x7d0 [ 526.218649][T20638] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 526.224580][T20638] RIP: 0033:0x45c849 [ 526.228486][T20638] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 526.248090][T20638] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 526.256505][T20638] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 526.264475][T20638] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 526.272446][T20638] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 526.280419][T20638] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 526.288387][T20638] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 526.346649][T20986] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 526.363671][T20986] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. 06:10:27 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60020011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:27 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) removexattr(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)=@known='trusted.syz\x00') ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:27 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) 06:10:27 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0xffffff7f}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:27 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 526.502775][T20986] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 526.502775][T20986] !' [ 526.545088][T20986] CPU: 1 PID: 20986 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 526.553782][T20986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 526.563836][T20986] Call Trace: [ 526.567134][T20986] dump_stack+0x188/0x20d [ 526.571485][T20986] sysfs_warn_dup.cold+0x1c/0x2d [ 526.576439][T20986] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 526.582521][T20986] sysfs_create_link+0x61/0xc0 [ 526.587300][T20986] device_add+0x71c/0x1bc0 06:10:27 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 526.591731][T20986] ? ieee80211_set_bitrate_flags+0x36f/0x5c0 [ 526.597719][T20986] ? uevent_show+0x360/0x360 [ 526.602321][T20986] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 526.608322][T20986] wiphy_register+0x1c46/0x2720 [ 526.613206][T20986] ? wiphy_unregister+0xf90/0xf90 [ 526.618253][T20986] ? retint_kernel+0x2b/0x2b [ 526.622868][T20986] ? ieee80211_cs_list_valid+0x198/0x280 [ 526.628527][T20986] ieee80211_register_hw+0x141d/0x3760 [ 526.634035][T20986] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 526.639499][T20986] ? rcu_read_lock_sched_held+0x9c/0xd0 06:10:27 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB="f8ffffff8389efb17c59bbbf433ff8df399fad34f076c12e45fb69ea3fb21110eeecaca514b1f0be3999bc5670fb43a78486f16a3e0e3409964a5c4fab5d13f4b393635a0142273d97cfaa49514d9073721ef2354b1536cadda59f0785e99d53b751347f7edc40f08f47951ee44febd4b00092711793cddc7ce42b174d733c0cc7e31d036bc4f713857d7b582873e7fbf1878c8aaf105891f7eeddbf57e52de0cff7fb13ac7c53f4c6c8582da30209c5d8b15e52a22857cf295f341733f75120b28c86da06afebd84fba3cdb3362fd25680da1a2", @ANYRES16=r4, @ANYBLOB="11002abd70000000000010000000"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 526.645047][T20986] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 526.651040][T20986] ? memset+0x20/0x40 [ 526.655030][T20986] ? __hrtimer_init+0x134/0x260 [ 526.659912][T20986] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 526.665745][T20986] ? vprintk_func+0x81/0x17e [ 526.670368][T20986] ? hwsim_register_received_nl+0x400/0x400 [ 526.676286][T20986] hwsim_new_radio_nl+0x905/0xf60 [ 526.681328][T20986] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 526.687207][T20986] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 526.692941][T20986] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 526.699272][T20986] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 526.705612][T20986] genl_rcv_msg+0x627/0xdf0 [ 526.710121][T20986] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 526.716432][T20986] ? mark_held_locks+0x9f/0xe0 [ 526.721181][T20986] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 526.726660][T20986] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 526.732372][T20986] ? retint_kernel+0x2b/0x2b [ 526.736953][T20986] netlink_rcv_skb+0x15a/0x410 [ 526.741723][T20986] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 526.748039][T20986] ? netlink_ack+0xa80/0xa80 [ 526.752633][T20986] genl_rcv+0x24/0x40 [ 526.756596][T20986] netlink_unicast+0x537/0x740 [ 526.761348][T20986] ? netlink_attachskb+0x810/0x810 [ 526.766441][T20986] ? _copy_from_iter_full+0x25c/0x870 [ 526.771798][T20986] ? __phys_addr_symbol+0x2c/0x70 [ 526.776803][T20986] ? __check_object_size+0x171/0x437 [ 526.782081][T20986] netlink_sendmsg+0x882/0xe10 [ 526.786848][T20986] ? aa_af_perm+0x260/0x260 [ 526.791343][T20986] ? netlink_unicast+0x740/0x740 [ 526.796289][T20986] ? netlink_unicast+0x740/0x740 [ 526.801231][T20986] sock_sendmsg+0xcf/0x120 [ 526.805646][T20986] ____sys_sendmsg+0x6b9/0x7d0 [ 526.810400][T20986] ? kernel_sendmsg+0x50/0x50 [ 526.815077][T20986] ___sys_sendmsg+0x100/0x170 [ 526.819743][T20986] ? sendmsg_copy_msghdr+0x70/0x70 [ 526.824847][T20986] ? __fget_files+0x329/0x4f0 [ 526.829513][T20986] ? ksys_dup3+0x3c0/0x3c0 [ 526.833914][T20986] ? _raw_spin_unlock_irq+0x4b/0x80 [ 526.839107][T20986] ? __fget_light+0x208/0x270 [ 526.843782][T20986] __sys_sendmsg+0xec/0x1b0 [ 526.848270][T20986] ? __sys_sendmsg_sock+0xb0/0xb0 [ 526.853297][T20986] ? trace_hardirqs_off_caller+0x55/0x230 [ 526.859002][T20986] ? do_syscall_64+0x21/0x7d0 [ 526.863666][T20986] do_syscall_64+0xf6/0x7d0 [ 526.868246][T20986] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 526.874118][T20986] RIP: 0033:0x45c849 [ 526.877998][T20986] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 526.897692][T20986] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 526.906083][T20986] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 [ 526.914032][T20986] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 526.922092][T20986] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 526.930046][T20986] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 526.938039][T20986] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c 06:10:27 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 526.989652][T21311] netlink: 212940 bytes leftover after parsing attributes in process `syz-executor.4'. 06:10:28 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:28 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0xffffff9e}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:28 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="00002abd7000fcdbdf2509000000080005000000000008000406000000004c0001800c00070010000000160000000700060073680000060001000a0000000800090000000032ba0014000300ac1414bb00000000000000000000000008000b00736970000800080002000000"], 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:28 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x2e9, 0x0) 06:10:28 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60030011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:28 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0) 06:10:28 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x2e9, 0x0) 06:10:28 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0xfffffff0}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:28 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0) [ 527.384444][T21708] netlink: 212940 bytes leftover after parsing attributes in process `syz-executor.4'. 06:10:28 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup2(r3, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$SNDRV_PCM_IOCTL_CHANNEL_INFO(r4, 0x80184132, &(0x7f00000003c0)) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r6, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r5, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) r8 = syz_open_dev$vcsu(&(0x7f0000000300)='/dev/vcsu#\x00', 0x8f0d, 0x80100) ioctl$TCSETS(r8, 0x5402, &(0x7f0000000340)={0x7, 0x401, 0x1, 0x5, 0x7, "6739e9876d8dc8bc22316241b33db85208a886"}) 06:10:28 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x2e9, 0x0) 06:10:28 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0xffffffff}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 527.732287][T21735] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 527.759143][T21735] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 527.796833][T21735] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 527.796833][T21735] !' [ 527.819494][T21735] CPU: 0 PID: 21735 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 527.828179][T21735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 527.838230][T21735] Call Trace: [ 527.841524][T21735] dump_stack+0x188/0x20d [ 527.845873][T21735] sysfs_warn_dup.cold+0x1c/0x2d [ 527.850817][T21735] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 527.856888][T21735] sysfs_create_link+0x61/0xc0 [ 527.861663][T21735] device_add+0x71c/0x1bc0 [ 527.866092][T21735] ? uevent_show+0x360/0x360 [ 527.870702][T21735] wiphy_register+0x1c46/0x2720 [ 527.875592][T21735] ? wiphy_unregister+0xf90/0xf90 [ 527.880654][T21735] ? ieee80211_register_hw+0x13b6/0x3760 [ 527.886300][T21735] ieee80211_register_hw+0x141d/0x3760 [ 527.891790][T21735] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 527.897258][T21735] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 527.902804][T21735] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 527.908767][T21735] ? memset+0x20/0x40 [ 527.912736][T21735] ? __hrtimer_init+0x134/0x260 [ 527.917582][T21735] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 527.923285][T21735] ? vprintk_func+0x81/0x17e [ 527.927869][T21735] ? hwsim_register_received_nl+0x400/0x400 [ 527.933756][T21735] hwsim_new_radio_nl+0x905/0xf60 [ 527.938768][T21735] ? lockdep_hardirqs_on+0x417/0x5d0 [ 527.944044][T21735] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 527.949936][T21735] genl_rcv_msg+0x627/0xdf0 [ 527.954460][T21735] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 527.960774][T21735] ? retint_kernel+0x2b/0x2b [ 527.965358][T21735] netlink_rcv_skb+0x15a/0x410 [ 527.970105][T21735] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 527.976409][T21735] ? netlink_ack+0xa80/0xa80 [ 527.981027][T21735] genl_rcv+0x24/0x40 [ 527.984983][T21735] netlink_unicast+0x537/0x740 [ 527.989730][T21735] ? netlink_attachskb+0x810/0x810 [ 527.994866][T21735] ? _copy_from_iter_full+0x25c/0x870 [ 528.000215][T21735] ? __phys_addr_symbol+0x2c/0x70 [ 528.005216][T21735] ? __check_object_size+0x171/0x437 [ 528.010486][T21735] netlink_sendmsg+0x882/0xe10 [ 528.015231][T21735] ? aa_af_perm+0x260/0x260 [ 528.019708][T21735] ? netlink_unicast+0x740/0x740 [ 528.024627][T21735] ? netlink_unicast+0x740/0x740 [ 528.029538][T21735] sock_sendmsg+0xcf/0x120 [ 528.033930][T21735] ____sys_sendmsg+0x6b9/0x7d0 [ 528.038674][T21735] ? kernel_sendmsg+0x50/0x50 [ 528.043325][T21735] ? retint_kernel+0x2b/0x2b [ 528.047898][T21735] ? ___sys_sendmsg+0xe6/0x170 [ 528.052649][T21735] ___sys_sendmsg+0x100/0x170 [ 528.057328][T21735] ? sendmsg_copy_msghdr+0x70/0x70 [ 528.062438][T21735] ? __fget_files+0x329/0x4f0 [ 528.067097][T21735] ? ksys_dup3+0x3c0/0x3c0 [ 528.071489][T21735] ? lock_acquire+0x197/0x420 [ 528.076154][T21735] ? __might_fault+0xef/0x1d0 [ 528.080812][T21735] ? __fget_light+0x208/0x270 [ 528.085478][T21735] __sys_sendmsg+0xec/0x1b0 [ 528.089959][T21735] ? __sys_sendmsg_sock+0xb0/0xb0 [ 528.094956][T21735] ? __x64_sys_futex+0x380/0x4f0 [ 528.100015][T21735] ? trace_hardirqs_off_caller+0x55/0x230 [ 528.105710][T21735] ? do_syscall_64+0x21/0x7d0 [ 528.110364][T21735] do_syscall_64+0xf6/0x7d0 [ 528.114855][T21735] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 528.120738][T21735] RIP: 0033:0x45c849 [ 528.124612][T21735] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 528.144224][T21735] RSP: 002b:00007f08170fec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 528.152609][T21735] RAX: ffffffffffffffda RBX: 00007f08170ff6d4 RCX: 000000000045c849 [ 528.160557][T21735] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 528.168507][T21735] RBP: 000000000076bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 528.176451][T21735] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 528.184533][T21735] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bfac 06:10:29 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:29 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:29 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="dc071d15ba2d6755ab920500009ea74cbc", @ANYRES16=r3, @ANYBLOB="00002abd7000fcdbdf2509000000080005000000000008000400030000004c0001800c00070010000000160000000700060073680000060001000a000000080009000000000014000300ac1414bb00000000000000000000000008000b00736970000800080002000000"], 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r7, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r8, 0x11}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r6, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r8, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x20000000) sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)={0xbc, r8, 0x2, 0x70bd2c, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x28, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@rand_addr=0x1ff}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x7}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e20}]}, @IPVS_CMD_ATTR_DEST={0x70, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x63}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e24}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@empty}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@remote}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x6}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x200}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0xfffffffb}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x4}]}, 0xbc}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 06:10:29 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0) 06:10:29 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:29 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60040011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:29 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x2}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:29 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0) [ 528.361569][T22069] netlink: 'syz-executor.3': attribute type 8 has an invalid length. 06:10:29 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x10000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 528.435790][T22069] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 528.501421][T22069] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 528.501421][T22069] !' [ 528.542593][T22069] CPU: 1 PID: 22069 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 528.551286][T22069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 528.561335][T22069] Call Trace: [ 528.564625][T22069] dump_stack+0x188/0x20d [ 528.568969][T22069] sysfs_warn_dup.cold+0x1c/0x2d [ 528.573916][T22069] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 528.579990][T22069] sysfs_create_link+0x61/0xc0 [ 528.584765][T22069] device_add+0x71c/0x1bc0 [ 528.589222][T22069] ? uevent_show+0x360/0x360 [ 528.593831][T22069] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 528.599845][T22069] wiphy_register+0x1c46/0x2720 [ 528.604737][T22069] ? wiphy_unregister+0xf90/0xf90 [ 528.609768][T22069] ? __kmalloc+0x629/0x7a0 [ 528.614192][T22069] ? ieee80211_register_hw+0xbea/0x3760 [ 528.619746][T22069] ? ieee80211_cs_list_valid+0x198/0x280 [ 528.625387][T22069] ieee80211_register_hw+0x141d/0x3760 [ 528.630863][T22069] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 528.636325][T22069] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 528.641953][T22069] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 528.647958][T22069] ? memset+0x20/0x40 [ 528.651968][T22069] ? __hrtimer_init+0x134/0x260 [ 528.656835][T22069] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 528.662556][T22069] ? vprintk_func+0x81/0x17e [ 528.667176][T22069] ? hwsim_register_received_nl+0x400/0x400 [ 528.673088][T22069] hwsim_new_radio_nl+0x905/0xf60 [ 528.678116][T22069] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 528.683582][T22069] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 06:10:29 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = socket(0x1, 0x1, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r4, 0x8983, &(0x7f0000000140)={0x0, 'syzkaller1\x00', {0x804}}) ioctl$SIOCPNGETOBJECT(r4, 0x89e0, &(0x7f0000000300)=0x4) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000001", @ANYRES16=r5, @ANYBLOB="11002abd70000000000010000000"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="ecfb3acd", @ANYRES16=r3, @ANYBLOB="00002abd7000fcdbdf2509000000080005000000000008000400030000004c0001800c00070010000000160000000700060073680000060001000a000000080009000000000014000300ac1414bb00000000000000000000000008000b00736970000800080002000000"], 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = socket$kcm(0x10, 0x6, 0x10) sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:29 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x3}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:29 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60050011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 528.689486][T22069] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 528.695248][T22069] genl_rcv_msg+0x627/0xdf0 [ 528.699786][T22069] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 528.706150][T22069] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 528.711972][T22069] netlink_rcv_skb+0x15a/0x410 [ 528.716748][T22069] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 528.723093][T22069] ? netlink_ack+0xa80/0xa80 [ 528.727718][T22069] genl_rcv+0x24/0x40 [ 528.731703][T22069] netlink_unicast+0x537/0x740 [ 528.736489][T22069] ? netlink_attachskb+0x810/0x810 [ 528.741599][T22069] ? _copy_from_iter_full+0x25c/0x870 [ 528.747081][T22069] ? __phys_addr_symbol+0x2c/0x70 [ 528.752113][T22069] ? __check_object_size+0x171/0x437 [ 528.757408][T22069] netlink_sendmsg+0x882/0xe10 [ 528.762183][T22069] ? aa_af_perm+0x260/0x260 [ 528.766689][T22069] ? netlink_unicast+0x740/0x740 [ 528.771624][T22069] ? retint_kernel+0x2b/0x2b [ 528.776234][T22069] ? netlink_unicast+0x740/0x740 [ 528.781282][T22069] sock_sendmsg+0xcf/0x120 [ 528.785719][T22069] ____sys_sendmsg+0x6b9/0x7d0 [ 528.790494][T22069] ? kernel_sendmsg+0x50/0x50 [ 528.795186][T22069] ? mark_lock+0xbc/0x1220 [ 528.799636][T22069] ___sys_sendmsg+0x100/0x170 [ 528.804327][T22069] ? sendmsg_copy_msghdr+0x70/0x70 [ 528.809554][T22069] ? __fget_files+0x329/0x4f0 [ 528.814248][T22069] ? ksys_dup3+0x3c0/0x3c0 [ 528.818671][T22069] ? lock_acquire+0x197/0x420 [ 528.823708][T22069] ? __might_fault+0xef/0x1d0 [ 528.828405][T22069] ? __fget_light+0x208/0x270 [ 528.833104][T22069] __sys_sendmsg+0xec/0x1b0 [ 528.837628][T22069] ? __sys_sendmsg_sock+0xb0/0xb0 [ 528.842659][T22069] ? __x64_sys_futex+0x380/0x4f0 [ 528.847628][T22069] ? trace_hardirqs_off_caller+0x55/0x230 [ 528.853364][T22069] ? do_syscall_64+0x21/0x7d0 [ 528.858062][T22069] do_syscall_64+0xf6/0x7d0 [ 528.862585][T22069] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 528.868482][T22069] RIP: 0033:0x45c849 [ 528.872382][T22069] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 528.891978][T22069] RSP: 002b:00007f081711fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 528.900392][T22069] RAX: ffffffffffffffda RBX: 00007f08171206d4 RCX: 000000000045c849 [ 528.908374][T22069] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 528.916351][T22069] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 528.924324][T22069] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 528.932294][T22069] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:29 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 529.007837][T22474] netlink: 206524 bytes leftover after parsing attributes in process `syz-executor.4'. 06:10:29 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:29 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) r1 = syz_open_dev$vcsu(&(0x7f0000000300)='/dev/vcsu#\x00', 0xa1, 0x80) write$FUSE_NOTIFY_INVAL_INODE(r1, &(0x7f0000000340)={0x28, 0x2, 0x0, {0x3, 0x0, 0x8aa1}}, 0x28) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r5 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r3, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r5, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r4, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:29 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0) 06:10:29 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x4}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 529.126051][T22581] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 529.147734][T22581] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. 06:10:30 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60060011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 529.242898][T22581] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 529.242898][T22581] !' [ 529.299081][T22581] CPU: 0 PID: 22581 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 529.307875][T22581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 529.317928][T22581] Call Trace: [ 529.321326][T22581] dump_stack+0x188/0x20d [ 529.325682][T22581] sysfs_warn_dup.cold+0x1c/0x2d [ 529.330636][T22581] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 529.336710][T22581] sysfs_create_link+0x61/0xc0 [ 529.341480][T22581] device_add+0x71c/0x1bc0 [ 529.345909][T22581] ? uevent_show+0x360/0x360 [ 529.350500][T22581] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 529.356599][T22581] wiphy_register+0x1c46/0x2720 [ 529.361466][T22581] ? wiphy_unregister+0xf90/0xf90 [ 529.366492][T22581] ? __kmalloc+0x629/0x7a0 [ 529.370911][T22581] ? ieee80211_register_hw+0xbea/0x3760 [ 529.376466][T22581] ? ieee80211_cs_list_valid+0x198/0x280 [ 529.382116][T22581] ieee80211_register_hw+0x141d/0x3760 [ 529.387605][T22581] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 529.393068][T22581] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 529.398623][T22581] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 529.404608][T22581] ? memset+0x20/0x40 [ 529.408601][T22581] ? __hrtimer_init+0x134/0x260 [ 529.413459][T22581] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 529.419226][T22581] ? hwsim_register_received_nl+0x400/0x400 [ 529.425768][T22581] hwsim_new_radio_nl+0x905/0xf60 [ 529.430798][T22581] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 529.436264][T22581] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 529.442167][T22581] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 529.447928][T22581] genl_rcv_msg+0x627/0xdf0 [ 529.452453][T22581] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 529.458811][T22581] ? lockdep_hardirqs_on+0x417/0x5d0 [ 529.464117][T22581] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 529.469585][T22581] netlink_rcv_skb+0x15a/0x410 [ 529.474353][T22581] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 529.480690][T22581] ? netlink_ack+0xa80/0xa80 [ 529.485315][T22581] genl_rcv+0x24/0x40 [ 529.489320][T22581] netlink_unicast+0x537/0x740 [ 529.494093][T22581] ? netlink_attachskb+0x810/0x810 [ 529.499206][T22581] ? _copy_from_iter_full+0x25c/0x870 [ 529.504581][T22581] ? __phys_addr_symbol+0x2c/0x70 [ 529.509609][T22581] ? __check_object_size+0x171/0x437 [ 529.514906][T22581] netlink_sendmsg+0x882/0xe10 [ 529.519677][T22581] ? aa_af_perm+0x260/0x260 [ 529.524183][T22581] ? netlink_unicast+0x740/0x740 [ 529.529138][T22581] ? netlink_unicast+0x740/0x740 [ 529.534075][T22581] sock_sendmsg+0xcf/0x120 [ 529.538497][T22581] ____sys_sendmsg+0x6b9/0x7d0 [ 529.543278][T22581] ? kernel_sendmsg+0x50/0x50 [ 529.547973][T22581] ? mark_lock+0xbc/0x1220 [ 529.552413][T22581] ___sys_sendmsg+0x100/0x170 [ 529.557100][T22581] ? sendmsg_copy_msghdr+0x70/0x70 [ 529.562229][T22581] ? __fget_files+0x329/0x4f0 [ 529.566926][T22581] ? ksys_dup3+0x3c0/0x3c0 [ 529.571342][T22581] ? lock_acquire+0x197/0x420 [ 529.576024][T22581] ? __might_fault+0xef/0x1d0 [ 529.580741][T22581] ? __fget_light+0x208/0x270 [ 529.585449][T22581] __sys_sendmsg+0xec/0x1b0 [ 529.589959][T22581] ? __sys_sendmsg_sock+0xb0/0xb0 [ 529.595018][T22581] ? do_syscall_64+0x4f/0x7d0 [ 529.599717][T22581] do_syscall_64+0xf6/0x7d0 [ 529.604234][T22581] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 529.610145][T22581] RIP: 0033:0x45c849 [ 529.614045][T22581] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 529.633657][T22581] RSP: 002b:00007f081711fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 529.642082][T22581] RAX: ffffffffffffffda RBX: 00007f08171206d4 RCX: 000000000045c849 06:10:30 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:30 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167701000000bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="00002abd7000fcdbdf2509000000080005000000000008000400030000004c0001800c00070010000000160000000700060073680000060001000a000000080009000000000014000300ac1414bb00a7f45b4e5243cb5f2cd05732590000000000000000000008000b"], 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vga_arbiter\x00', 0x0, 0x0) ioctl$DRM_IOCTL_AUTH_MAGIC(r5, 0x40046411, &(0x7f00000003c0)=0x5) r6 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)}, 0x0) 06:10:30 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0xa}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 529.650148][T22581] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 529.658124][T22581] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 529.666098][T22581] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 529.674071][T22581] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:30 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0) [ 529.707598][T22860] netlink: 206524 bytes leftover after parsing attributes in process `syz-executor.4'. 06:10:30 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)={0x74, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x50, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'none\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xaf85}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x18}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x4}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000044) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:30 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0xe}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:30 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 529.771135][T22860] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 529.771135][T22860] !' [ 529.797865][T22860] CPU: 0 PID: 22860 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 529.806551][T22860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 529.816602][T22860] Call Trace: [ 529.819914][T22860] dump_stack+0x188/0x20d [ 529.824261][T22860] sysfs_warn_dup.cold+0x1c/0x2d [ 529.829206][T22860] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 529.835281][T22860] sysfs_create_link+0x61/0xc0 [ 529.840052][T22860] device_add+0x71c/0x1bc0 [ 529.844491][T22860] ? uevent_show+0x360/0x360 [ 529.849292][T22860] wiphy_register+0x1c46/0x2720 [ 529.854171][T22860] ? wiphy_unregister+0xf90/0xf90 [ 529.859212][T22860] ? ieee80211_cs_list_valid+0x23/0x280 [ 529.864770][T22860] ? ieee80211_cs_list_valid+0x1b0/0x280 [ 529.870425][T22860] ? ieee80211_cs_list_valid+0x198/0x280 [ 529.876075][T22860] ieee80211_register_hw+0x141d/0x3760 [ 529.881561][T22860] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 529.887046][T22860] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 529.892600][T22860] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 529.898584][T22860] ? memset+0x20/0x40 [ 529.902584][T22860] ? __hrtimer_init+0x134/0x260 [ 529.907444][T22860] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 529.913181][T22860] ? vprintk_func+0x81/0x17e [ 529.917804][T22860] ? hwsim_register_received_nl+0x400/0x400 [ 529.923721][T22860] hwsim_new_radio_nl+0x905/0xf60 [ 529.928750][T22860] ? lockdep_hardirqs_on+0x417/0x5d0 [ 529.934052][T22860] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 529.939981][T22860] genl_rcv_msg+0x627/0xdf0 [ 529.944504][T22860] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 529.950857][T22860] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 529.956680][T22860] netlink_rcv_skb+0x15a/0x410 [ 529.961452][T22860] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 529.967783][T22860] ? netlink_ack+0xa80/0xa80 [ 529.972419][T22860] genl_rcv+0x24/0x40 [ 529.976418][T22860] netlink_unicast+0x537/0x740 [ 529.981201][T22860] ? netlink_attachskb+0x810/0x810 [ 529.986313][T22860] ? _copy_from_iter_full+0x25c/0x870 [ 529.991688][T22860] ? __phys_addr_symbol+0x2c/0x70 [ 529.996716][T22860] ? __check_object_size+0x171/0x437 [ 530.002014][T22860] netlink_sendmsg+0x882/0xe10 [ 530.006791][T22860] ? aa_af_perm+0x260/0x260 [ 530.011306][T22860] ? netlink_unicast+0x740/0x740 [ 530.016266][T22860] ? netlink_unicast+0x740/0x740 [ 530.021213][T22860] sock_sendmsg+0xcf/0x120 [ 530.025641][T22860] ____sys_sendmsg+0x6b9/0x7d0 [ 530.030416][T22860] ? kernel_sendmsg+0x50/0x50 [ 530.035103][T22860] ? mark_lock+0xbc/0x1220 [ 530.039660][T22860] ___sys_sendmsg+0x100/0x170 [ 530.044355][T22860] ? sendmsg_copy_msghdr+0x70/0x70 [ 530.049495][T22860] ? __fget_files+0x329/0x4f0 [ 530.054197][T22860] ? ksys_dup3+0x3c0/0x3c0 [ 530.058618][T22860] ? lock_acquire+0x197/0x420 [ 530.063297][T22860] ? __might_fault+0xef/0x1d0 [ 530.067994][T22860] ? __fget_light+0x208/0x270 [ 530.072693][T22860] __sys_sendmsg+0xec/0x1b0 [ 530.077206][T22860] ? __sys_sendmsg_sock+0xb0/0xb0 [ 530.082241][T22860] ? __x64_sys_futex+0x380/0x4f0 [ 530.087209][T22860] ? trace_hardirqs_off_caller+0x55/0x230 [ 530.092938][T22860] ? do_syscall_64+0x21/0x7d0 [ 530.097625][T22860] do_syscall_64+0xf6/0x7d0 [ 530.102142][T22860] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 530.108038][T22860] RIP: 0033:0x45c849 [ 530.111937][T22860] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 530.131531][T22860] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 530.139936][T22860] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 530.147975][T22860] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 530.155926][T22860] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 530.163876][T22860] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 06:10:30 executing program 2: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 530.171827][T22860] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 530.209043][T23212] netlink: 'syz-executor.3': attribute type 8 has an invalid length. 06:10:31 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1}, 0x0) 06:10:31 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 530.251831][T23212] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. 06:10:31 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000600)={0xc8, 0x0, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0xa0, 0x8, 0x0, 0x1, [{0x9c, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g='\xd1s(\x99\xf6\x11\xcd\x89\x94\x03M\x7fA=\xc9Wc\x0eT\x93\xc2\x85\xac\xa4\x00e\xcbc\x11\xbeik'}, @WGPEER_A_ALLOWEDIPS={0x74, 0x9, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x3}}]}, {0x34, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}]}, {0x4}]}]}]}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0xc8}}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000009d80)=[{{&(0x7f0000000480)=@ipx, 0x80, &(0x7f0000000b80)=[{&(0x7f0000000500)=""/160, 0xa0}, {&(0x7f00000005c0)=""/118, 0x76}, {&(0x7f0000000640)=""/80, 0x50}, {&(0x7f00000006c0)=""/219, 0xdb}, {&(0x7f00000007c0)=""/149, 0x95}, {&(0x7f0000000880)=""/148, 0x94}, {&(0x7f0000000940)=""/22, 0x16}, {&(0x7f0000000980)=""/93, 0x5d}, {&(0x7f0000000a00)=""/180, 0xb4}, {&(0x7f0000000ac0)=""/145, 0x91}], 0xa, &(0x7f0000000c40)=""/43, 0x2b}, 0x8000}, {{0x0, 0x0, &(0x7f0000000cc0)=[{&(0x7f0000000c80)=""/57, 0x39}], 0x1}, 0x9222}, {{&(0x7f0000000d00)=@ax25={{}, [@bcast, @default, @bcast, @default, @bcast, @remote, @bcast]}, 0x80, &(0x7f0000000dc0)=[{&(0x7f0000000d80)=""/21, 0x15}], 0x1}, 0x5d39}, {{0x0, 0x0, &(0x7f0000000f80)=[{&(0x7f0000000e00)=""/162, 0xa2}, {&(0x7f0000000ec0)=""/173, 0xad}], 0x2, &(0x7f0000000fc0)=""/14, 0xe}, 0x23a}, {{&(0x7f0000001000)=@pppoe={0x18, 0x0, {0x0, @link_local}}, 0x80, &(0x7f00000016c0)=[{&(0x7f0000001080)=""/174, 0xae}, {&(0x7f0000001140)=""/174, 0xae}, {&(0x7f0000001200)=""/46, 0x2e}, {&(0x7f0000001240)=""/70, 0x46}, {&(0x7f00000012c0)=""/254, 0xfe}, {&(0x7f00000013c0)=""/206, 0xce}, {&(0x7f00000014c0)=""/172, 0xac}, {&(0x7f0000001580)=""/104, 0x68}, {&(0x7f0000001600)=""/170, 0xaa}], 0x9, &(0x7f0000001780)=""/175, 0xaf}, 0x1}, {{&(0x7f0000001840)=@xdp, 0x80, &(0x7f0000003a40)=[{&(0x7f00000018c0)=""/255, 0xff}, {&(0x7f00000019c0)=""/4096, 0x1000}, {&(0x7f00000029c0)=""/100, 0x64}, {&(0x7f0000002a40)=""/4096, 0x1000}], 0x4, &(0x7f0000003a80)=""/38, 0x26}, 0x12}, {{&(0x7f0000003ac0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x80, &(0x7f0000003c40)=[{&(0x7f0000003b40)=""/245, 0xf5}], 0x1, &(0x7f0000003c80)=""/104, 0x68}, 0x70f}, {{0x0, 0x0, &(0x7f0000008040)=[{&(0x7f0000003d00)=""/229, 0xe5}, {&(0x7f0000003e00)=""/220, 0xdc}, {&(0x7f0000003f00)=""/4096, 0x1000}, {&(0x7f0000004f00)=""/4096, 0x1000}, {&(0x7f0000005f00)=""/80, 0x50}, {&(0x7f0000005f80)=""/4096, 0x1000}, {&(0x7f0000006f80)=""/190, 0xbe}, {&(0x7f0000007040)=""/4096, 0x1000}], 0x8, &(0x7f00000080c0)=""/4096, 0x1000}, 0xd2}, {{&(0x7f00000090c0)=@rc, 0x80, &(0x7f0000009580)=[{&(0x7f0000009140)=""/45, 0x2d}, {&(0x7f0000009180)=""/92, 0x5c}, {&(0x7f0000009200)=""/123, 0x7b}, {&(0x7f0000009280)=""/197, 0xc5}, {&(0x7f0000009380)=""/222, 0xde}, {&(0x7f0000009480)=""/229, 0xe5}], 0x6, &(0x7f0000009600)=""/97, 0x61}, 0x9}, {{&(0x7f0000009680)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f0000009c00)=[{&(0x7f0000009700)=""/216, 0xd8}, {&(0x7f0000009800)=""/148, 0x94}, {&(0x7f00000098c0)=""/59, 0x3b}, {&(0x7f0000009900)=""/222, 0xde}, {&(0x7f0000009a00)=""/125, 0x7d}, {&(0x7f0000009a80)=""/97, 0x61}, {&(0x7f0000009b00)=""/163, 0xa3}, {&(0x7f0000009bc0)}], 0x8, &(0x7f0000009c80)=""/217, 0xd9}, 0x10000}], 0xa, 0x40002042, &(0x7f000000a000)={0x0, 0x989680}) sendmsg$WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f000000b640)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x20044}, 0xc, &(0x7f000000b600)={&(0x7f000000a040)={0x15c0, 0x0, 0x10, 0x70bd27, 0x25dfdbfc, {}, [@WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r3}, @WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_PEERS={0x155c, 0x8, 0x0, 0x1, [{0x30, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "af7fb4b19f0fcba40f1f7f539479b34bec2e3571d70db9b109ed574fd63131d4"}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x9}]}, {0x6e8, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x260, 0x9, 0x0, 0x1, [{0x64, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @rand_addr="54a2d5c4c13009c07d042638dcd3e87d"}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x9}, {0x5, 0x3, 0x3}}]}, {0xb8, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}]}, {0x124, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr="7ebec9a303d178fe80cfbac382f656ea"}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr="c4e9049f84bc49356437d388efbb2424"}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0xd2c}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x1}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x2}}]}]}, @WGPEER_A_FLAGS={0x8, 0x3, 0x1}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x7}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e22, 0x400, @dev={0xfe, 0x80, [], 0x1a}, 0x1}}, @WGPEER_A_ALLOWEDIPS={0x2bc, 0x9, 0x0, 0x1, [{0x88, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}]}, {0x40, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}]}, {0xa0, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr="85c0b350c533f13e955d9f90141b5cfc"}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x20}, {0x5, 0x3, 0x1}}]}, {0xac, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x1b}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr="d7143684a46ece300b126221a371d1ec"}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, [], 0x43}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr="190a57cb56f7433816d9fd90b268a2cf"}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x13}}}, {0x5, 0x3, 0x3}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}]}]}, @WGPEER_A_ALLOWEDIPS={0x198, 0x9, 0x0, 0x1, [{0xb8, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x22}}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}]}, {0xdc, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}]}]}]}, {0x9c8, 0x0, 0x0, 0x1, [@WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x1ff}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e24, @multicast2}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g='\xd1s(\x99\xf6\x11\xcd\x89\x94\x03M\x7fA=\xc9Wc\x0eT\x93\xc2\x85\xac\xa4\x00e\xcbc\x11\xbeik'}, @WGPEER_A_ALLOWEDIPS={0x1f0, 0x9, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x1}}]}, {0xf4, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x3}}]}, {0xd0, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr="1649ca46bde2fa0dd02775cd38daed16"}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x2}}]}]}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "d5223cbbb53e6b55df31bba4e3e0a10a0e7bd13c60cd3aab3e757b28242a624f"}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x8}, @WGPEER_A_ALLOWEDIPS={0x758, 0x9, 0x0, 0x1, [{0x13c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, [], 0x10}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, [], 0x14}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x2c}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x2c}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x2c}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr="63b4255e49363b96394d5742c3598afa"}, {0x5, 0x3, 0x3}}]}, {0x70, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x2}}]}, {0x118, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, [], 0x43}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={[], [], @loopback}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0xfffffff7}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x1}}]}, {0x7c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x32}}, {0x5, 0x3, 0x2}}]}, {0x7c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, [], 0x1e}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0xb}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x2}}]}, {0x118, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}]}, {0xb8, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={[], [], @broadcast}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x3}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x2}}]}, {0x124, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={[], [], @multicast2}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}]}]}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x2}]}, {0x478, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ALLOWEDIPS={0x2d8, 0x9, 0x0, 0x1, [{0x40, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x2}}]}, {0x4}, {0xe8, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x42}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x32}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, [], 0xb}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x1d}}, {0x5, 0x3, 0x1}}]}, {0x4c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr="0057b46293421b2728dc35f76cf40645"}, {0x5, 0x3, 0x3}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x2}}]}, {0xb8, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x3}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}]}]}, @WGPEER_A_ALLOWEDIPS={0x194, 0x9, 0x0, 0x1, [{0x94, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}]}, {0x7c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x982c}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x4}, {0x5, 0x3, 0x3}}]}, {0x4c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={[], [], @loopback}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}]}, {0x34, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x3}}]}]}]}]}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @c='\xa0\xcb\x87\x9aG\xf5\xbcdL\x0ei?\xa6\xd01\xc7J\x15S\xb6\xe9\x01\xb9\xff/Q\x8cx\x04/\xb5B'}]}, 0x15c0}, 0x1, 0x0, 0x0, 0x1}, 0x400c000) r4 = socket$nl_generic(0x10, 0x3, 0x10) splice(r0, &(0x7f0000000300)=0x3f, r4, &(0x7f0000000340)=0xfffffffffffffffe, 0x4, 0xa) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') socket$inet6_sctp(0xa, 0x5, 0x84) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r4, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r6, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r5, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 530.379001][T23212] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 530.379001][T23212] !' [ 530.427706][T23212] CPU: 0 PID: 23212 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 530.436388][T23212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 530.446440][T23212] Call Trace: [ 530.449740][T23212] dump_stack+0x188/0x20d [ 530.454085][T23212] sysfs_warn_dup.cold+0x1c/0x2d [ 530.459051][T23212] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 530.465139][T23212] sysfs_create_link+0x61/0xc0 [ 530.469912][T23212] device_add+0x71c/0x1bc0 [ 530.474342][T23212] ? ieee80211_set_bitrate_flags+0x2b/0x5c0 [ 530.480241][T23212] ? uevent_show+0x360/0x360 [ 530.484845][T23212] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 530.490845][T23212] wiphy_register+0x1c46/0x2720 [ 530.495727][T23212] ? wiphy_unregister+0xf90/0xf90 [ 530.500759][T23212] ? retint_kernel+0x2b/0x2b [ 530.505394][T23212] ? ieee80211_cs_list_valid+0x198/0x280 [ 530.511147][T23212] ieee80211_register_hw+0x141d/0x3760 [ 530.516651][T23212] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 530.522117][T23212] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 530.527687][T23212] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 530.533678][T23212] ? memset+0x20/0x40 [ 530.537738][T23212] ? __hrtimer_init+0x134/0x260 [ 530.542687][T23212] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 530.548498][T23212] ? lockdep_hardirqs_on+0x417/0x5d0 [ 530.553816][T23212] ? hwsim_register_received_nl+0x400/0x400 [ 530.559732][T23212] hwsim_new_radio_nl+0x905/0xf60 [ 530.564789][T23212] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 530.570686][T23212] ? cap_capable+0x1eb/0x250 [ 530.575301][T23212] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 530.581635][T23212] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 530.587983][T23212] genl_rcv_msg+0x627/0xdf0 [ 530.592506][T23212] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 530.598872][T23212] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 530.604700][T23212] netlink_rcv_skb+0x15a/0x410 [ 530.609479][T23212] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 530.615815][T23212] ? netlink_ack+0xa80/0xa80 [ 530.620444][T23212] genl_rcv+0x24/0x40 [ 530.624433][T23212] netlink_unicast+0x537/0x740 [ 530.629208][T23212] ? netlink_attachskb+0x810/0x810 [ 530.634328][T23212] ? _copy_from_iter_full+0x25c/0x870 [ 530.639799][T23212] ? __phys_addr_symbol+0x2c/0x70 [ 530.644829][T23212] ? __check_object_size+0x171/0x437 [ 530.650123][T23212] netlink_sendmsg+0x882/0xe10 [ 530.654900][T23212] ? retint_kernel+0x2b/0x2b [ 530.659495][T23212] ? netlink_unicast+0x740/0x740 [ 530.664434][T23212] ? netlink_unicast+0x740/0x740 [ 530.669396][T23212] ? netlink_unicast+0x740/0x740 [ 530.674341][T23212] sock_sendmsg+0xcf/0x120 [ 530.678765][T23212] ____sys_sendmsg+0x6b9/0x7d0 [ 530.683541][T23212] ? kernel_sendmsg+0x50/0x50 [ 530.688226][T23212] ? mark_lock+0xbc/0x1220 [ 530.692653][T23212] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 530.698138][T23212] ___sys_sendmsg+0x100/0x170 [ 530.702821][T23212] ? sendmsg_copy_msghdr+0x70/0x70 [ 530.707966][T23212] ? __fget_files+0x329/0x4f0 [ 530.712661][T23212] ? ksys_dup3+0x3c0/0x3c0 [ 530.717082][T23212] ? lock_acquire+0x209/0x420 [ 530.721776][T23212] ? __fget_light+0x208/0x270 [ 530.726474][T23212] __sys_sendmsg+0xec/0x1b0 [ 530.730988][T23212] ? __sys_sendmsg_sock+0xb0/0xb0 [ 530.736033][T23212] ? do_syscall_64+0x4f/0x7d0 [ 530.740704][T23212] do_syscall_64+0xf6/0x7d0 [ 530.745194][T23212] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 530.751066][T23212] RIP: 0033:0x45c849 [ 530.754945][T23212] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 06:10:31 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60070011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:31 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x19}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:31 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r2 = socket$netlink(0x10, 0x3, 0x0) openat$cgroup_type(r1, &(0x7f0000000300)='cgroup.type\x00', 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r5 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r3, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r5, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r4, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:31 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="00002abd7000fca4e580bbdd4d9f90b8590ddbdf2509000000000005000000000008000400030000004c0001800c00070010000000160000000700060073680000060001000a000000084009000000000014000300ac1414bb00000000000000000000000008000b007369700008000800020000008a35d39c93a694da1fbb0c60c5827ac04f3fe0388e0ca6e14bc2147628157a54c94cf34bd4e79bb92499cb3bc35facf5a2c791704cf8f41bfd0b7ee8211033da756cd5167bbcf7f708aae382a0531d1f5fb38b262467972fd3f3f85f413c8511e3f211a038622aab51e41940c5d445ff3dadd8f772ff3c022b4e051cfe95b778ef6c910e0cdd78e5e322fe292792ccfc9d4a9e4e6be3d60a253622d53ad7315edf6d04fd9e230dba3c77adadabf2c440513b5aff1682fdcf094bbcd0953bd6d3ff897ec9cfb00210fe901fe94954a39b1c5521beb24216451ffd26cc8585409d7537468bad3d637407554ada8e5980a0441a46"], 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 530.774526][T23212] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 530.782920][T23212] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 [ 530.790876][T23212] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 530.798825][T23212] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 530.806775][T23212] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 530.814736][T23212] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c 06:10:31 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:31 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1}, 0x0) 06:10:31 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x28}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 530.879828][T23527] netlink: 206524 bytes leftover after parsing attributes in process `syz-executor.4'. [ 530.915355][T23527] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 530.915355][T23527] !' [ 530.960375][T23527] CPU: 1 PID: 23527 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 530.969071][T23527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 530.979131][T23527] Call Trace: [ 530.982428][T23527] dump_stack+0x188/0x20d [ 530.986781][T23527] sysfs_warn_dup.cold+0x1c/0x2d [ 530.991733][T23527] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 530.997866][T23527] sysfs_create_link+0x61/0xc0 [ 531.002635][T23527] device_add+0x71c/0x1bc0 [ 531.007059][T23527] ? uevent_show+0x360/0x360 [ 531.011650][T23527] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 531.017649][T23527] wiphy_register+0x1c46/0x2720 [ 531.022535][T23527] ? wiphy_unregister+0xf90/0xf90 [ 531.027566][T23527] ? __kmalloc+0x629/0x7a0 [ 531.031990][T23527] ? ieee80211_register_hw+0xbea/0x3760 [ 531.037550][T23527] ? ieee80211_cs_list_valid+0x198/0x280 [ 531.043196][T23527] ieee80211_register_hw+0x141d/0x3760 [ 531.048686][T23527] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 531.054159][T23527] ? rcu_read_lock_sched_held+0x9c/0xd0 06:10:31 executing program 2: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 531.059711][T23527] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 531.065702][T23527] ? memset+0x20/0x40 [ 531.069687][T23527] ? __hrtimer_init+0x134/0x260 [ 531.074542][T23527] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 531.080262][T23527] ? vprintk_func+0x81/0x17e [ 531.084876][T23527] ? hwsim_register_received_nl+0x400/0x400 [ 531.090788][T23527] hwsim_new_radio_nl+0x905/0xf60 [ 531.095832][T23527] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 531.101725][T23527] ? cap_capable+0x1eb/0x250 [ 531.106342][T23527] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 531.112677][T23527] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 531.119024][T23527] genl_rcv_msg+0x627/0xdf0 [ 531.124047][T23527] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 531.130426][T23527] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 531.136254][T23527] netlink_rcv_skb+0x15a/0x410 [ 531.141032][T23527] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 531.147367][T23527] ? netlink_ack+0xa80/0xa80 [ 531.151987][T23527] genl_rcv+0x24/0x40 [ 531.155984][T23527] netlink_unicast+0x537/0x740 [ 531.160765][T23527] ? netlink_attachskb+0x810/0x810 [ 531.165909][T23527] ? _copy_from_iter_full+0x25c/0x870 [ 531.171284][T23527] ? __phys_addr_symbol+0x2c/0x70 [ 531.176310][T23527] ? __check_object_size+0x171/0x437 [ 531.181616][T23527] netlink_sendmsg+0x882/0xe10 [ 531.186401][T23527] ? aa_af_perm+0x260/0x260 [ 531.190906][T23527] ? netlink_unicast+0x740/0x740 [ 531.195863][T23527] ? netlink_unicast+0x740/0x740 [ 531.200818][T23527] sock_sendmsg+0xcf/0x120 [ 531.205246][T23527] ____sys_sendmsg+0x6b9/0x7d0 [ 531.210014][T23527] ? kernel_sendmsg+0x50/0x50 [ 531.214712][T23527] ? mark_lock+0xbc/0x1220 [ 531.219146][T23527] ___sys_sendmsg+0x100/0x170 [ 531.223832][T23527] ? sendmsg_copy_msghdr+0x70/0x70 [ 531.228968][T23527] ? __fget_files+0x329/0x4f0 [ 531.233668][T23527] ? ksys_dup3+0x3c0/0x3c0 [ 531.238089][T23527] ? lock_acquire+0x197/0x420 [ 531.242778][T23527] ? __might_fault+0xef/0x1d0 [ 531.247572][T23527] ? __fget_light+0x208/0x270 [ 531.252271][T23527] __sys_sendmsg+0xec/0x1b0 [ 531.256780][T23527] ? __sys_sendmsg_sock+0xb0/0xb0 [ 531.261810][T23527] ? __x64_sys_futex+0x380/0x4f0 [ 531.266773][T23527] ? trace_hardirqs_off_caller+0x55/0x230 [ 531.272518][T23527] ? do_syscall_64+0x21/0x7d0 [ 531.277205][T23527] do_syscall_64+0xf6/0x7d0 [ 531.281715][T23527] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 531.287599][T23527] RIP: 0033:0x45c849 [ 531.291498][T23527] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 06:10:32 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = dup2(r4, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) write$FUSE_NOTIFY_RETRIEVE(r5, &(0x7f0000000300)={0x30, 0x5, 0x0, {0x0, 0x3, 0x714f, 0xffffffff}}, 0x30) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r6, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="00002abd7000fcdbdf2509000500000000000000000008000400030000004c0001800c00070010000000160000000700060073680000060001000a000000080009000000000014000300ac1414bb00000000000000000000000008000b00736970000800080002000000"], 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 531.311094][T23527] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 531.319503][T23527] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 531.327472][T23527] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 531.335443][T23527] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 531.343414][T23527] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 531.351383][T23527] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:32 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x60}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:32 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1}, 0x0) [ 531.428465][T23811] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 531.457662][T23811] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. 06:10:32 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r5 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r3, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r5, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r4, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) r6 = socket(0x1, 0x1, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r6, 0x8983, &(0x7f0000000140)={0x0, 'syzkaller1\x00', {0x804}}) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000480)={0x3, 0x12c1, 0x2, {0x8, @sliced={0x1, [0x18fc, 0x8, 0x2d32, 0x76f, 0x9, 0x1bbe, 0x8, 0x0, 0x1, 0x6, 0x75, 0x1, 0x1ff, 0xaf3, 0x7, 0x4, 0x8f, 0x5, 0x7, 0xffff, 0x306c, 0x401, 0x7, 0x3, 0x800, 0x0, 0x8001, 0x8001, 0x9, 0x8, 0x0, 0x4, 0x6, 0x2, 0x8, 0x7, 0x0, 0x1, 0x4, 0x7f, 0x20, 0x3ff, 0xfffb, 0x6, 0x40, 0x7f, 0x8, 0x2], 0xfffffff7}}, 0x1}) ioctl$SIOCGETNODEID(r6, 0x89e1, &(0x7f0000000300)={0x3}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:32 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60080011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 531.614238][T23811] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 531.614238][T23811] !' [ 531.650798][T23811] CPU: 0 PID: 23811 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 531.659484][T23811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 531.669559][T23811] Call Trace: [ 531.672861][T23811] dump_stack+0x188/0x20d [ 531.677222][T23811] sysfs_warn_dup.cold+0x1c/0x2d [ 531.682171][T23811] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 531.688252][T23811] sysfs_create_link+0x61/0xc0 [ 531.693018][T23811] device_add+0x71c/0x1bc0 [ 531.697454][T23811] ? uevent_show+0x360/0x360 [ 531.702056][T23811] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 531.708057][T23811] wiphy_register+0x1c46/0x2720 [ 531.712935][T23811] ? wiphy_unregister+0xf90/0xf90 [ 531.717975][T23811] ? ieee80211_register_hw+0x13b6/0x3760 [ 531.723617][T23811] ieee80211_register_hw+0x141d/0x3760 [ 531.729096][T23811] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 531.734571][T23811] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 531.740127][T23811] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 531.746116][T23811] ? memset+0x20/0x40 [ 531.750103][T23811] ? __hrtimer_init+0x134/0x260 [ 531.754959][T23811] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 531.760679][T23811] ? lockdep_hardirqs_on+0x417/0x5d0 [ 531.765989][T23811] ? hwsim_register_received_nl+0x400/0x400 [ 531.771886][T23811] ? hwsim_new_radio_nl+0x8f6/0xf60 [ 531.777090][T23811] hwsim_new_radio_nl+0x905/0xf60 [ 531.782147][T23811] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 531.788045][T23811] ? cap_capable+0x1eb/0x250 [ 531.792658][T23811] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 531.798988][T23811] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 531.805330][T23811] genl_rcv_msg+0x627/0xdf0 [ 531.809853][T23811] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 531.816208][T23811] ? lockdep_hardirqs_on+0x417/0x5d0 [ 531.821501][T23811] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 531.827081][T23811] netlink_rcv_skb+0x15a/0x410 [ 531.831859][T23811] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 531.838195][T23811] ? netlink_ack+0xa80/0xa80 [ 531.842820][T23811] genl_rcv+0x24/0x40 [ 531.846805][T23811] netlink_unicast+0x537/0x740 [ 531.851582][T23811] ? netlink_attachskb+0x810/0x810 [ 531.856729][T23811] ? _copy_from_iter_full+0x25c/0x870 [ 531.862107][T23811] ? __phys_addr_symbol+0x2c/0x70 [ 531.867147][T23811] ? __check_object_size+0x171/0x437 [ 531.872446][T23811] netlink_sendmsg+0x882/0xe10 [ 531.877226][T23811] ? aa_af_perm+0x260/0x260 [ 531.881739][T23811] ? netlink_unicast+0x740/0x740 [ 531.886706][T23811] ? netlink_unicast+0x740/0x740 [ 531.891660][T23811] sock_sendmsg+0xcf/0x120 [ 531.896086][T23811] ____sys_sendmsg+0x6b9/0x7d0 [ 531.900860][T23811] ? kernel_sendmsg+0x50/0x50 [ 531.905541][T23811] ? mark_lock+0xbc/0x1220 [ 531.909966][T23811] ___sys_sendmsg+0x100/0x170 [ 531.914662][T23811] ? sendmsg_copy_msghdr+0x70/0x70 [ 531.919796][T23811] ? __fget_files+0x329/0x4f0 [ 531.924510][T23811] ? ksys_dup3+0x3c0/0x3c0 [ 531.928926][T23811] ? lock_acquire+0x197/0x420 [ 531.933617][T23811] ? __might_fault+0xef/0x1d0 [ 531.938309][T23811] ? __fget_light+0x208/0x270 [ 531.943002][T23811] __sys_sendmsg+0xec/0x1b0 [ 531.947507][T23811] ? __sys_sendmsg_sock+0xb0/0xb0 [ 531.952529][T23811] ? __x64_sys_futex+0x380/0x4f0 [ 531.957494][T23811] ? trace_hardirqs_off_caller+0x55/0x230 [ 531.963230][T23811] ? do_syscall_64+0x21/0x7d0 [ 531.967932][T23811] do_syscall_64+0xf6/0x7d0 [ 531.972444][T23811] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 531.978335][T23811] RIP: 0033:0x45c849 [ 531.982400][T23811] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 532.002002][T23811] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e 06:10:32 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0xf0}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:32 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="11002abd7000000000001000004e4700"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="00002abd7000fcdbdf2509000000080005000000000008000400030000004c0001800c00070090071ac0c90a3b8c007647bdb410000000160000000700060073680000060001000a000000080009000000001014000300ac1414bb00000000000000000000000008000b00736970000800080002000000a9aa0d47e5a4c01ec0861bbbe4289750124cf697fc82199316ef8b68a230f3c2f4258019f747230ce768932e85705168a8505b6a3457a6423bc7028f13bb89c89a14037829c9ec9bc6eca637dd6a1c9bd53aafbf83d9c055ae3cbfbd99aab1ff7633aa2d8d3b586e70c0ef1d664729edeabbfaef37cb49c9fbf2012e7656b6bbb959ffe681e943c7bef3600382023fe2cc3f19e63a12f036d37fe289736714ff13105642000000000000000000"], 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:32 executing program 2: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 532.010411][T23811] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 [ 532.018381][T23811] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 532.026352][T23811] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 532.034324][T23811] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 532.042297][T23811] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c [ 532.147779][T24142] netlink: 206524 bytes leftover after parsing attributes in process `syz-executor.4'. 06:10:33 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:33 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_FLAGS={0x0, 0x7, {0x24, 0x10}}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0xffffffffffffffcd, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:33 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x300}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:33 executing program 2: perf_event_open(&(0x7f0000001340)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:33 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011", 0x17}], 0x1}, 0x0) [ 532.224824][T24142] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 532.224824][T24142] !' [ 532.247860][T24142] CPU: 0 PID: 24142 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 532.256645][T24142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 532.266699][T24142] Call Trace: [ 532.270001][T24142] dump_stack+0x188/0x20d [ 532.274350][T24142] sysfs_warn_dup.cold+0x1c/0x2d [ 532.279307][T24142] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 532.285393][T24142] sysfs_create_link+0x61/0xc0 [ 532.290169][T24142] device_add+0x71c/0x1bc0 [ 532.294600][T24142] ? retint_kernel+0x2b/0x2b [ 532.299220][T24142] ? uevent_show+0x360/0x360 [ 532.303824][T24142] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 532.309820][T24142] wiphy_register+0x1c46/0x2720 [ 532.314695][T24142] ? wiphy_unregister+0xf90/0xf90 [ 532.319724][T24142] ? retint_kernel+0x2b/0x2b 06:10:33 executing program 2: perf_event_open(&(0x7f0000001340)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:33 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb631e3261c16776092c1fe52df38ca243a4b87330400f800", 0x4, 0x10, 0x7, 0x3, 0x4, 0x2, 0x6, 0x3}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="11002abd7000ddffffff0f000000"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) shutdown(0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000680)=[@in={0x2, 0x0, @rand_addr=0x40}]}, &(0x7f0000000180)=0x10) r6 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000000)={r7, @in={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, &(0x7f0000000100)=0x100) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000003c0)={r7, 0x80, &(0x7f0000000300)=[@in={0x2, 0x4e20, @local}, @in6={0xa, 0x4e23, 0x9, @remote, 0x3}, @in6={0xa, 0x4e20, 0x1, @remote, 0xffc5}, @in6={0xa, 0x4e23, 0x1, @mcast2, 0x80000000}, @in6={0xa, 0x4e21, 0x4, @dev={0xfe, 0x80, [], 0x28}, 0x5}]}, &(0x7f0000000400)=0x10) [ 532.324326][T24142] ? ieee80211_cs_list_valid+0x198/0x280 [ 532.329964][T24142] ieee80211_register_hw+0x141d/0x3760 [ 532.335462][T24142] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 532.340929][T24142] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 532.346482][T24142] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 532.352501][T24142] ? memset+0x20/0x40 [ 532.356490][T24142] ? __hrtimer_init+0x134/0x260 [ 532.361350][T24142] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 532.367064][T24142] ? vprintk_func+0x81/0x17e [ 532.371676][T24142] ? hwsim_register_received_nl+0x400/0x400 [ 532.377602][T24142] hwsim_new_radio_nl+0x905/0xf60 [ 532.382639][T24142] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 532.388535][T24142] ? cap_capable+0x1eb/0x250 [ 532.393154][T24142] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 532.399486][T24142] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 532.405837][T24142] genl_rcv_msg+0x627/0xdf0 [ 532.410357][T24142] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 532.416730][T24142] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 06:10:33 executing program 2: perf_event_open(&(0x7f0000001340)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 532.422559][T24142] netlink_rcv_skb+0x15a/0x410 [ 532.427324][T24142] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 532.433670][T24142] ? netlink_ack+0xa80/0xa80 [ 532.438292][T24142] genl_rcv+0x24/0x40 [ 532.442282][T24142] netlink_unicast+0x537/0x740 [ 532.447057][T24142] ? netlink_attachskb+0x810/0x810 [ 532.452187][T24142] ? _copy_from_iter_full+0x25c/0x870 [ 532.457562][T24142] ? __phys_addr_symbol+0x2c/0x70 [ 532.462590][T24142] ? __check_object_size+0x171/0x437 [ 532.467886][T24142] netlink_sendmsg+0x882/0xe10 [ 532.472655][T24142] ? aa_af_perm+0x260/0x260 [ 532.477161][T24142] ? netlink_unicast+0x740/0x740 [ 532.482105][T24142] ? netlink_unicast+0x740/0x740 [ 532.487031][T24142] sock_sendmsg+0xcf/0x120 [ 532.491429][T24142] ____sys_sendmsg+0x6b9/0x7d0 [ 532.496178][T24142] ? kernel_sendmsg+0x50/0x50 [ 532.500841][T24142] ? mark_lock+0xbc/0x1220 [ 532.505377][T24142] ___sys_sendmsg+0x100/0x170 [ 532.510050][T24142] ? sendmsg_copy_msghdr+0x70/0x70 [ 532.515161][T24142] ? __fget_files+0x329/0x4f0 [ 532.519829][T24142] ? ksys_dup3+0x3c0/0x3c0 [ 532.524229][T24142] ? lock_acquire+0x197/0x420 [ 532.528888][T24142] ? __might_fault+0xef/0x1d0 [ 532.533554][T24142] ? __fget_light+0x208/0x270 [ 532.538221][T24142] __sys_sendmsg+0xec/0x1b0 [ 532.542718][T24142] ? __sys_sendmsg_sock+0xb0/0xb0 [ 532.547738][T24142] ? __x64_sys_futex+0x380/0x4f0 [ 532.552668][T24142] ? trace_hardirqs_off_caller+0x55/0x230 [ 532.558371][T24142] ? do_syscall_64+0x21/0x7d0 [ 532.563035][T24142] do_syscall_64+0xf6/0x7d0 [ 532.567530][T24142] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 532.573401][T24142] RIP: 0033:0x45c849 [ 532.577294][T24142] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 532.596876][T24142] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 532.605271][T24142] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 532.613226][T24142] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 532.621183][T24142] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 532.629139][T24142] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 532.637093][T24142] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 532.798535][T24696] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 532.806782][T24696] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 532.870763][T24696] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 532.870763][T24696] !' [ 532.891935][T24696] CPU: 1 PID: 24696 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 532.900619][T24696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 532.910681][T24696] Call Trace: [ 532.913977][T24696] dump_stack+0x188/0x20d [ 532.918323][T24696] sysfs_warn_dup.cold+0x1c/0x2d [ 532.923269][T24696] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 532.929353][T24696] sysfs_create_link+0x61/0xc0 [ 532.934127][T24696] device_add+0x71c/0x1bc0 [ 532.938564][T24696] ? ieee80211_set_bitrate_flags+0xf9/0x5c0 [ 532.944471][T24696] ? uevent_show+0x360/0x360 [ 532.949073][T24696] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 532.955079][T24696] wiphy_register+0x1c46/0x2720 [ 532.959955][T24696] ? wiphy_unregister+0xf90/0xf90 [ 532.964976][T24696] ? __kmalloc+0x629/0x7a0 [ 532.969370][T24696] ? ieee80211_register_hw+0xbea/0x3760 [ 532.974893][T24696] ? cfg80211_chandef_create+0x11/0x420 [ 532.980429][T24696] ? __sanitizer_cov_trace_pc+0x2e/0x50 [ 532.985967][T24696] ? ieee80211_cs_list_valid+0x198/0x280 [ 532.991582][T24696] ieee80211_register_hw+0x141d/0x3760 [ 532.997057][T24696] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 533.002498][T24696] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 533.008042][T24696] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 533.014015][T24696] ? memset+0x20/0x40 [ 533.017994][T24696] ? __hrtimer_init+0x134/0x260 [ 533.022845][T24696] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 533.028556][T24696] ? lockdep_hardirqs_on+0x417/0x5d0 [ 533.033844][T24696] ? hwsim_register_received_nl+0x400/0x400 [ 533.039742][T24696] hwsim_new_radio_nl+0x905/0xf60 [ 533.044757][T24696] ? lockdep_hardirqs_on+0x417/0x5d0 [ 533.050034][T24696] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 533.055925][T24696] genl_rcv_msg+0x627/0xdf0 [ 533.060550][T24696] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 533.066869][T24696] ? lockdep_hardirqs_on+0x417/0x5d0 [ 533.072143][T24696] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 533.077626][T24696] netlink_rcv_skb+0x15a/0x410 [ 533.082399][T24696] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 533.088721][T24696] ? netlink_ack+0xa80/0xa80 [ 533.093313][T24696] genl_rcv+0x24/0x40 [ 533.097323][T24696] netlink_unicast+0x537/0x740 [ 533.102064][T24696] ? netlink_attachskb+0x810/0x810 [ 533.107165][T24696] ? _copy_from_iter_full+0x25c/0x870 [ 533.112569][T24696] ? __phys_addr_symbol+0x2c/0x70 [ 533.117591][T24696] ? __check_object_size+0x171/0x437 [ 533.123285][T24696] ? netlink_sendmsg+0x632/0xe10 [ 533.128222][T24696] netlink_sendmsg+0x882/0xe10 [ 533.132983][T24696] ? aa_af_perm+0x260/0x260 [ 533.137468][T24696] ? netlink_unicast+0x740/0x740 [ 533.142398][T24696] ? netlink_unicast+0x740/0x740 [ 533.147313][T24696] sock_sendmsg+0xcf/0x120 [ 533.151709][T24696] ____sys_sendmsg+0x6b9/0x7d0 [ 533.156541][T24696] ? kernel_sendmsg+0x50/0x50 [ 533.161201][T24696] ? mark_lock+0xbc/0x1220 [ 533.165601][T24696] ___sys_sendmsg+0x100/0x170 [ 533.170255][T24696] ? sendmsg_copy_msghdr+0x70/0x70 [ 533.175349][T24696] ? __fget_files+0x329/0x4f0 [ 533.180038][T24696] ? ksys_dup3+0x3c0/0x3c0 [ 533.184437][T24696] ? lock_acquire+0x209/0x420 [ 533.189126][T24696] ? __fget_light+0x208/0x270 [ 533.193793][T24696] __sys_sendmsg+0xec/0x1b0 [ 533.198284][T24696] ? __sys_sendmsg_sock+0xb0/0xb0 [ 533.203310][T24696] ? do_syscall_64+0x4f/0x7d0 [ 533.207994][T24696] do_syscall_64+0xf6/0x7d0 [ 533.212491][T24696] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 533.218364][T24696] RIP: 0033:0x45c849 [ 533.222249][T24696] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 533.241831][T24696] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 533.250217][T24696] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 [ 533.258169][T24696] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 533.266129][T24696] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 533.274078][T24696] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 533.282028][T24696] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c 06:10:34 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60090011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:34 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000500)={0x7c, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x58, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@broadcast}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x3c, 0x4, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0xa}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x200000c0}, 0x24048080) perf_event_open(&(0x7f0000000480)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:34 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x38d}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:34 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:34 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011", 0x17}], 0x1}, 0x0) 06:10:34 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 533.424771][T24810] netlink: 'syz-executor.3': attribute type 8 has an invalid length. 06:10:34 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0xa00}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:34 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011", 0x17}], 0x1}, 0x0) 06:10:34 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 533.466915][T24810] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. 06:10:34 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x1, 0x1, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000200)={0x0, 'ip6_vti0\x00'}) setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, &(0x7f0000000480)={0x2, {{0xa, 0x4e22, 0x8, @mcast1, 0x5}}, 0x0, 0x2, [{{0xa, 0x4e24, 0x5, @remote, 0x10001}}, {{0xa, 0x4e20, 0x8, @mcast2, 0x7b3c}}]}, 0x190) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000700)={r4, @in={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}, [0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, 0x0, 0x0, 0x0, 0x9, 0x4000000000000]}, &(0x7f0000000100)=0x100) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000300)={r4, 0x401, 0x10}, &(0x7f0000000340)=0xc) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r7 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r5, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0x14, r7, 0x1, 0x70bd2a}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000640)=ANY=[@ANYBLOB="c8c3b54537595c610cde5993c771b5394a868d33cc380e646e8e052d8e9e80217d", @ANYRES16=r6, @ANYBLOB="00002abd7000fcdbdf2509000000080005000000000008000400030000004c0001800c00070010000000160000000700060073680000060001000a000000080009000000000014000300ac1414bb00000000000000000000000008000b00736970000800080002000000"], 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x7, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x1, 0x0, 0xffff, 0x7, 0x2}, 0x0, 0x2, 0xffffffffffffffff, 0x0) r8 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 533.585586][T24810] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 533.585586][T24810] !' [ 533.623033][T24810] CPU: 0 PID: 24810 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 533.631717][T24810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 533.641878][T24810] Call Trace: [ 533.645176][T24810] dump_stack+0x188/0x20d [ 533.649507][T24810] sysfs_warn_dup.cold+0x1c/0x2d [ 533.654447][T24810] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 533.660523][T24810] sysfs_create_link+0x61/0xc0 [ 533.665300][T24810] device_add+0x71c/0x1bc0 [ 533.669733][T24810] ? retint_kernel+0x2b/0x2b [ 533.674332][T24810] ? uevent_show+0x360/0x360 [ 533.678929][T24810] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 06:10:34 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x400003}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e22}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2b}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 533.684931][T24810] wiphy_register+0x1c46/0x2720 [ 533.689803][T24810] ? wiphy_unregister+0xf90/0xf90 [ 533.694835][T24810] ? retint_kernel+0x2b/0x2b [ 533.699444][T24810] ? ieee80211_register_hw+0x132e/0x3760 [ 533.705086][T24810] ieee80211_register_hw+0x141d/0x3760 [ 533.710679][T24810] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 533.716152][T24810] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 533.722138][T24810] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 533.728129][T24810] ? memset+0x20/0x40 06:10:34 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') mknod$loop(&(0x7f0000000300)='./file0\x00', 0x2000, 0x1) sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 533.732126][T24810] ? __hrtimer_init+0x134/0x260 [ 533.736987][T24810] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 533.742741][T24810] ? hwsim_register_received_nl+0x400/0x400 [ 533.748664][T24810] hwsim_new_radio_nl+0x905/0xf60 [ 533.753693][T24810] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 533.759161][T24810] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 533.765058][T24810] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 533.770800][T24810] ? genl_rcv_msg+0x4ca/0xdf0 [ 533.775496][T24810] genl_rcv_msg+0x627/0xdf0 [ 533.780017][T24810] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 533.786382][T24810] ? retint_kernel+0x2b/0x2b [ 533.791121][T24810] netlink_rcv_skb+0x15a/0x410 [ 533.795896][T24810] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 533.802230][T24810] ? netlink_ack+0xa80/0xa80 [ 533.806858][T24810] genl_rcv+0x24/0x40 [ 533.810841][T24810] netlink_unicast+0x537/0x740 [ 533.815616][T24810] ? netlink_attachskb+0x810/0x810 [ 533.820960][T24810] ? _copy_from_iter_full+0x25c/0x870 [ 533.826341][T24810] ? __phys_addr_symbol+0x2c/0x70 [ 533.831370][T24810] ? __check_object_size+0x171/0x437 [ 533.836665][T24810] netlink_sendmsg+0x882/0xe10 [ 533.841444][T24810] ? aa_af_perm+0x260/0x260 [ 533.845949][T24810] ? netlink_unicast+0x740/0x740 [ 533.850895][T24810] ? netlink_unicast+0x740/0x740 [ 533.855859][T24810] sock_sendmsg+0xcf/0x120 [ 533.860286][T24810] ____sys_sendmsg+0x6b9/0x7d0 [ 533.865059][T24810] ? kernel_sendmsg+0x50/0x50 [ 533.869745][T24810] ? mark_lock+0xbc/0x1220 [ 533.874183][T24810] ___sys_sendmsg+0x100/0x170 [ 533.878864][T24810] ? sendmsg_copy_msghdr+0x70/0x70 [ 533.883994][T24810] ? __fget_files+0x329/0x4f0 [ 533.888694][T24810] ? ksys_dup3+0x3c0/0x3c0 [ 533.893115][T24810] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 533.898837][T24810] ? retint_kernel+0x2b/0x2b [ 533.903488][T24810] ? __fget_light+0x208/0x270 [ 533.908182][T24810] __sys_sendmsg+0xec/0x1b0 [ 533.912690][T24810] ? __sys_sendmsg_sock+0xb0/0xb0 [ 533.917726][T24810] ? __x64_sys_futex+0x380/0x4f0 [ 533.922660][T24810] ? trace_hardirqs_off_caller+0x55/0x230 [ 533.928366][T24810] ? do_syscall_64+0x21/0x7d0 [ 533.933020][T24810] do_syscall_64+0xf6/0x7d0 [ 533.937506][T24810] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 533.943522][T24810] RIP: 0033:0x45c849 [ 533.947393][T24810] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 533.966976][T24810] RSP: 002b:00007f081711fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 533.975357][T24810] RAX: ffffffffffffffda RBX: 00007f08171206d4 RCX: 000000000045c849 [ 533.983303][T24810] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 533.991249][T24810] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 533.999195][T24810] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 534.007141][T24810] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 534.040830][T24895] netlink: 189576 bytes leftover after parsing attributes in process `syz-executor.4'. [ 534.076662][T24895] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 534.076662][T24895] !' [ 534.092160][T24895] CPU: 0 PID: 24895 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 534.100832][T24895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 534.110863][T24895] Call Trace: [ 534.114152][T24895] dump_stack+0x188/0x20d [ 534.118484][T24895] sysfs_warn_dup.cold+0x1c/0x2d [ 534.123411][T24895] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 534.129465][T24895] sysfs_create_link+0x61/0xc0 [ 534.134214][T24895] device_add+0x71c/0x1bc0 [ 534.138617][T24895] ? retint_kernel+0x2b/0x2b [ 534.143190][T24895] ? uevent_show+0x360/0x360 [ 534.147763][T24895] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 534.153728][T24895] wiphy_register+0x1c46/0x2720 [ 534.158581][T24895] ? wiphy_unregister+0xf90/0xf90 [ 534.163588][T24895] ? retint_kernel+0x2b/0x2b [ 534.168182][T24895] ? ieee80211_register_hw+0x13b6/0x3760 [ 534.173800][T24895] ieee80211_register_hw+0x141d/0x3760 [ 534.179266][T24895] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 534.184730][T24895] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 534.190261][T24895] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 534.196233][T24895] ? memset+0x20/0x40 [ 534.200211][T24895] ? __hrtimer_init+0x134/0x260 [ 534.205047][T24895] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 534.210832][T24895] ? vprintk_func+0x81/0x17e [ 534.215438][T24895] ? hwsim_register_received_nl+0x400/0x400 [ 534.221323][T24895] hwsim_new_radio_nl+0x905/0xf60 [ 534.226328][T24895] ? lockdep_hardirqs_on+0x325/0x5d0 [ 534.231604][T24895] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 534.237492][T24895] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 534.243803][T24895] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 534.250121][T24895] genl_rcv_msg+0x627/0xdf0 [ 534.254617][T24895] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 534.260946][T24895] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 534.266741][T24895] netlink_rcv_skb+0x15a/0x410 [ 534.271490][T24895] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 534.277813][T24895] ? netlink_ack+0xa80/0xa80 [ 534.282403][T24895] genl_rcv+0x24/0x40 [ 534.286393][T24895] netlink_unicast+0x537/0x740 [ 534.291161][T24895] ? netlink_attachskb+0x810/0x810 [ 534.296261][T24895] ? _copy_from_iter_full+0x25c/0x870 [ 534.301619][T24895] ? __phys_addr_symbol+0x2c/0x70 [ 534.306634][T24895] ? __check_object_size+0x171/0x437 [ 534.311910][T24895] netlink_sendmsg+0x882/0xe10 [ 534.316677][T24895] ? aa_af_perm+0x260/0x260 [ 534.321178][T24895] ? netlink_unicast+0x740/0x740 [ 534.326124][T24895] ? netlink_unicast+0x740/0x740 [ 534.331058][T24895] sock_sendmsg+0xcf/0x120 [ 534.335475][T24895] ____sys_sendmsg+0x6b9/0x7d0 [ 534.340345][T24895] ? kernel_sendmsg+0x50/0x50 [ 534.345046][T24895] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 534.350517][T24895] ___sys_sendmsg+0x100/0x170 [ 534.355183][T24895] ? sendmsg_copy_msghdr+0x70/0x70 [ 534.360313][T24895] ? __fget_files+0x38d/0x4f0 [ 534.364989][T24895] ? __fget_files+0x329/0x4f0 [ 534.369663][T24895] ? ksys_dup3+0x3c0/0x3c0 [ 534.374071][T24895] ? lock_acquire+0x197/0x420 [ 534.378735][T24895] ? __might_fault+0xef/0x1d0 [ 534.383409][T24895] ? __fget_light+0x208/0x270 [ 534.388077][T24895] __sys_sendmsg+0xec/0x1b0 [ 534.392564][T24895] ? __sys_sendmsg_sock+0xb0/0xb0 [ 534.397587][T24895] ? __x64_sys_futex+0x380/0x4f0 [ 534.402523][T24895] ? trace_hardirqs_off_caller+0x55/0x230 [ 534.408229][T24895] ? do_syscall_64+0x21/0x7d0 [ 534.412892][T24895] do_syscall_64+0xf6/0x7d0 [ 534.417385][T24895] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 534.423269][T24895] RIP: 0033:0x45c849 [ 534.427150][T24895] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 534.446821][T24895] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 534.455213][T24895] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 534.463165][T24895] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 534.471120][T24895] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 534.479072][T24895] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 534.487024][T24895] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:35 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc600a0011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:35 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) dup3(r0, r1, 0x80000) r2 = socket$netlink(0x10, 0x3, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', &(0x7f0000000640)=[&(0x7f0000000340)='\x00', &(0x7f00000003c0)='/dev/hwrng\x00', &(0x7f0000000400)='/dev/hwrng\x00', &(0x7f0000000480)='.}em0\x00', &(0x7f00000004c0)='sh\x00', &(0x7f0000000500)='wlan0\x00', &(0x7f0000000540)='sh\x00', &(0x7f0000000580)='/dev/hwrng\x00', &(0x7f00000005c0)='\x00', &(0x7f0000000600)='/dev/hwrng\x00'], &(0x7f0000000800)=[&(0x7f0000000200)='\x00', &(0x7f00000006c0)='+cpuset$\x02\x00', &(0x7f0000000700)='IPVS\x00', &(0x7f0000000740)='}vmnet1!\x00', &(0x7f0000000780)='.}em0\x00', &(0x7f00000007c0)='sh\x00'], 0x400) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r5 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r3, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r5, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x2c, r4, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:35 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:35 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0xe00}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:35 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:35 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e", 0x23}], 0x1}, 0x0) 06:10:35 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e", 0x23}], 0x1}, 0x0) [ 534.686113][T25450] netlink: 189576 bytes leftover after parsing attributes in process `syz-executor.4'. 06:10:35 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x1400}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:35 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x42a43, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)={0x78, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0x54, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x3}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e22}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xfffffc00}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x9}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1f}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}]}, 0x78}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) r6 = socket(0x1, 0x1, 0x0) r7 = socket(0x1, 0x1, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r7, 0x8983, &(0x7f0000000140)={0x0, 'syzkaller1\x00', {0x804}}) connect$l2tp6(r7, &(0x7f0000000480)={0xa, 0x0, 0x4, @local, 0x5}, 0x20) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r6, 0x8983, &(0x7f0000000140)={0x0, 'syzkaller1\x00', {0x804}}) sendmsg$NFT_MSG_GETTABLE(r6, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000200)={0x34, 0x1, 0xa, 0x801, 0x0, 0x0, {0x7, 0x0, 0x5}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x4000000) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 534.766746][T25450] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 534.766746][T25450] !' [ 534.791832][T25450] CPU: 0 PID: 25450 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 534.800517][T25450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 534.810569][T25450] Call Trace: [ 534.813873][T25450] dump_stack+0x188/0x20d [ 534.818221][T25450] sysfs_warn_dup.cold+0x1c/0x2d [ 534.823506][T25450] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 534.829583][T25450] sysfs_create_link+0x61/0xc0 [ 534.834351][T25450] device_add+0x71c/0x1bc0 [ 534.838787][T25450] ? uevent_show+0x360/0x360 [ 534.843409][T25450] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 534.849407][T25450] wiphy_register+0x1c46/0x2720 [ 534.854284][T25450] ? wiphy_unregister+0xf90/0xf90 [ 534.859306][T25450] ? retint_kernel+0x2b/0x2b 06:10:35 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000001c0)=0x1) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r5 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r3, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r5, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00002abd7000fcdbdf2509000000080005000000008008000400030000004c0001800c00070012000000160000000000000073680000060001000a000000080009000000000014000300ac1414bb00000000000000000000000008000b0073697000080008000200000000bfd2468461bea0270e15b7151a3c57877de2234bc14d25786a4a8e2078562cf745c4eeac69ee569800cafc1a913f258dc52de4d1942ecb8cd5d0cec5cb6f7822d97f1b436b9aa6039a715f3172cd3d12658470f4441a8af0b77084984e32577d4671cda4bbc0a12031eda486005faba11efaa8f1a4a685a357f18623bb934a0f3b54f1cf4ea3e584c1402b169456672e70542cf22b8027da448e2f5beb75cbdcc72f9a939f88b20078e036234bd6d00c509642058dc8fd761b54b2b78132c1cdda55cb0f531c926e72ed3ad216581505fe701e9189501391fe3ec89552a07fc88d746c110e7be1ff9b1a312719250baa8882dc8b8e221a2100"/365], 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) r6 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 534.863934][T25450] ? ieee80211_register_hw+0x2ae8/0x3760 [ 534.869581][T25450] ieee80211_register_hw+0x141d/0x3760 [ 534.875046][T25450] ? calibrate_delay.cold+0x3db/0x3f6 [ 534.880431][T25450] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 534.885901][T25450] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 534.891651][T25450] ? __hrtimer_init+0x134/0x260 [ 534.896518][T25450] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 534.902268][T25450] ? hwsim_register_received_nl+0x400/0x400 [ 534.908179][T25450] hwsim_new_radio_nl+0x905/0xf60 06:10:35 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000002a40)={'vxcan1\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000002b40)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000002b00)={&(0x7f0000002a80)=@getqdisc={0x44, 0x26, 0x400, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0xffe0, 0x8}, {0xa, 0xb}, {0xfff1, 0x2}}, [{0x4}, {0x4}, {0x4}, {0x4}, {0x4}, {0x4}, {0x4}, {0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') sendmsg$NL80211_CMD_GET_MPATH(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000640)={&(0x7f0000000480)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000227bd7000fedbdf2515006be66100040a001adbaaaaaaaaaaa3c91ef0f3e3d56a52211907ec06d652defebc9310f2d6663a367ca029199966fee51cb415a32926e30de208b5f604fe916162d4fab50ec7d6be1167d80703c8e0c8797d4b0e146c3a673f3a0b2ff13a0a6837f740f27d3a7a35ddbc66e131356a098ba08228394e49"], 0x20}, 0x1, 0x0, 0x0, 0x8004}, 0x880) r7 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r5, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="1400f59d", @ANYRES16=r7, @ANYBLOB="11002abd70000000000010000000"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000006c0)={0x84, r6, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e22}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x30000}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}]}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 534.913211][T25450] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 534.919105][T25450] ? cap_capable+0x1eb/0x250 [ 534.924268][T25450] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 534.930607][T25450] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 534.936954][T25450] genl_rcv_msg+0x627/0xdf0 [ 534.941494][T25450] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 534.947852][T25450] ? lockdep_hardirqs_on+0x417/0x5d0 [ 534.953147][T25450] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 534.958649][T25450] netlink_rcv_skb+0x15a/0x410 [ 534.963421][T25450] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 534.969750][T25450] ? netlink_ack+0xa80/0xa80 [ 534.974379][T25450] genl_rcv+0x24/0x40 [ 534.978367][T25450] netlink_unicast+0x537/0x740 [ 534.983143][T25450] ? netlink_attachskb+0x810/0x810 [ 534.988256][T25450] ? _copy_from_iter_full+0x25c/0x870 [ 534.993624][T25450] ? __phys_addr_symbol+0x2c/0x70 [ 534.998649][T25450] ? __check_object_size+0x171/0x437 [ 535.004032][T25450] netlink_sendmsg+0x882/0xe10 [ 535.008805][T25450] ? aa_af_perm+0x260/0x260 [ 535.013316][T25450] ? netlink_unicast+0x740/0x740 [ 535.018271][T25450] ? netlink_unicast+0x740/0x740 [ 535.023216][T25450] sock_sendmsg+0xcf/0x120 [ 535.027638][T25450] ____sys_sendmsg+0x6b9/0x7d0 [ 535.032415][T25450] ? kernel_sendmsg+0x50/0x50 [ 535.037097][T25450] ? mark_lock+0xbc/0x1220 [ 535.041517][T25450] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 535.047009][T25450] ___sys_sendmsg+0x100/0x170 [ 535.051693][T25450] ? sendmsg_copy_msghdr+0x70/0x70 [ 535.056833][T25450] ? __fget_files+0x329/0x4f0 [ 535.061519][T25450] ? ksys_dup3+0x3c0/0x3c0 [ 535.065934][T25450] ? lock_acquire+0x197/0x420 [ 535.070613][T25450] ? __might_fault+0xef/0x1d0 [ 535.075307][T25450] ? __fget_light+0x208/0x270 [ 535.080001][T25450] __sys_sendmsg+0xec/0x1b0 [ 535.084512][T25450] ? __sys_sendmsg_sock+0xb0/0xb0 [ 535.089540][T25450] ? __x64_sys_futex+0x380/0x4f0 [ 535.094500][T25450] ? trace_hardirqs_off_caller+0x55/0x230 [ 535.100240][T25450] ? do_syscall_64+0x21/0x7d0 [ 535.104926][T25450] do_syscall_64+0xf6/0x7d0 [ 535.109440][T25450] entry_SYSCALL_64_after_hwframe+0x49/0xbe 06:10:35 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) fstat(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2ac5000000012e0b3836005404b0e0301a060075f2e3ff5f163ee340b700000080000000000000fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c65400"}, 0x80) getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000480)={{{@in6=@remote, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xe8) shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000840)={{0x0, 0x0, 0x0, r4, r2}, 0xb8fb, 0x0, 0x3, 0x8000}) semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f0000000300)={{0x2, 0x0, 0x0, 0x0, r2, 0x22, 0x6}, 0x7, 0x200, 0x0, 0x0, 0x0, 0x0, 0x40}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r7 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r5, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r7, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r6, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 535.115330][T25450] RIP: 0033:0x45c849 [ 535.119230][T25450] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 535.139260][T25450] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 535.147672][T25450] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 535.155647][T25450] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 535.163640][T25450] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 535.171609][T25450] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 535.179579][T25450] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 535.218973][T25439] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 535.257923][T25439] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. 06:10:36 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc600b0011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:36 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:36 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') ioctl$DRM_IOCTL_MODE_ADDFB(r0, 0xc01c64ae, &(0x7f0000000340)={0x5, 0x50d9, 0x3, 0x8, 0x8, 0x9, 0x1}) sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="11002abd70000000000010000000550c0365874a9bb943db174e2385c43162b641fc590fff16d6e7dc8dde12d1"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x64, r3, 0x20, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}, @IPVS_CMD_ATTR_SERVICE={0x40, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x4084}, 0x20000000) ioctl$BLKBSZSET(r0, 0x40081271, &(0x7f0000000300)=0x236) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:36 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x1900}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 535.351571][T25439] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 535.351571][T25439] !' [ 535.366272][T25439] CPU: 0 PID: 25439 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 535.374956][T25439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 535.385008][T25439] Call Trace: [ 535.388310][T25439] dump_stack+0x188/0x20d [ 535.392650][T25439] sysfs_warn_dup.cold+0x1c/0x2d [ 535.397597][T25439] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 535.403685][T25439] sysfs_create_link+0x61/0xc0 [ 535.408453][T25439] device_add+0x71c/0x1bc0 [ 535.412879][T25439] ? ieee80211_set_bitrate_flags+0xf9/0x5c0 [ 535.418774][T25439] ? uevent_show+0x360/0x360 [ 535.423367][T25439] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 535.429362][T25439] wiphy_register+0x1c46/0x2720 [ 535.434232][T25439] ? wiphy_unregister+0xf90/0xf90 [ 535.439269][T25439] ? retint_kernel+0x2b/0x2b [ 535.443882][T25439] ? ieee80211_cs_list_valid+0x198/0x280 [ 535.449526][T25439] ieee80211_register_hw+0x141d/0x3760 [ 535.454994][T25439] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 535.460443][T25439] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 535.465970][T25439] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 535.471936][T25439] ? memset+0x20/0x40 [ 535.475900][T25439] ? __hrtimer_init+0x134/0x260 [ 535.480741][T25439] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 535.486445][T25439] ? lockdep_hardirqs_on+0x417/0x5d0 [ 535.491727][T25439] ? hwsim_register_received_nl+0x400/0x400 [ 535.497612][T25439] hwsim_new_radio_nl+0x905/0xf60 [ 535.502626][T25439] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 535.508502][T25439] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 535.514232][T25439] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 535.520549][T25439] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 535.526870][T25439] genl_rcv_msg+0x627/0xdf0 [ 535.531369][T25439] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 535.537701][T25439] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 535.543529][T25439] netlink_rcv_skb+0x15a/0x410 [ 535.548280][T25439] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 535.554592][T25439] ? netlink_ack+0xa80/0xa80 [ 535.559185][T25439] genl_rcv+0x24/0x40 [ 535.563148][T25439] netlink_unicast+0x537/0x740 [ 535.567989][T25439] ? netlink_attachskb+0x810/0x810 [ 535.573080][T25439] ? _copy_from_iter_full+0x25c/0x870 [ 535.578428][T25439] ? __phys_addr_symbol+0x2c/0x70 [ 535.583432][T25439] ? __check_object_size+0x171/0x437 [ 535.588723][T25439] netlink_sendmsg+0x882/0xe10 [ 535.593471][T25439] ? aa_af_perm+0x260/0x260 [ 535.597954][T25439] ? netlink_unicast+0x740/0x740 [ 535.602870][T25439] ? retint_kernel+0x2b/0x2b [ 535.607453][T25439] ? netlink_unicast+0x740/0x740 [ 535.612374][T25439] sock_sendmsg+0xcf/0x120 [ 535.616771][T25439] ____sys_sendmsg+0x6b9/0x7d0 [ 535.621521][T25439] ? kernel_sendmsg+0x50/0x50 [ 535.626179][T25439] ? __fget_files+0x307/0x4f0 [ 535.630860][T25439] ___sys_sendmsg+0x100/0x170 [ 535.635540][T25439] ? sendmsg_copy_msghdr+0x70/0x70 [ 535.640645][T25439] ? __fget_files+0x329/0x4f0 [ 535.645307][T25439] ? ksys_dup3+0x3c0/0x3c0 [ 535.649703][T25439] ? lock_acquire+0x197/0x420 [ 535.654359][T25439] ? __might_fault+0xef/0x1d0 [ 535.659031][T25439] ? __fget_light+0x208/0x270 [ 535.663703][T25439] __sys_sendmsg+0xec/0x1b0 [ 535.668192][T25439] ? __sys_sendmsg_sock+0xb0/0xb0 [ 535.673197][T25439] ? __x64_sys_futex+0x380/0x4f0 [ 535.678147][T25439] ? trace_hardirqs_off_caller+0x55/0x230 [ 535.683867][T25439] ? do_syscall_64+0x21/0x7d0 [ 535.688541][T25439] do_syscall_64+0xf6/0x7d0 [ 535.693034][T25439] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 535.698909][T25439] RIP: 0033:0x45c849 [ 535.702789][T25439] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 535.722380][T25439] RSP: 002b:00007f081711fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 535.730781][T25439] RAX: ffffffffffffffda RBX: 00007f08171206d4 RCX: 000000000045c849 [ 535.738742][T25439] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 535.746699][T25439] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 535.754655][T25439] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 535.762608][T25439] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:36 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:36 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x2800}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:36 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e", 0x23}], 0x1}, 0x0) 06:10:36 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) dup2(r0, r0) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000300)=""/34) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="eed67604006b", @ANYRES16=r4, @ANYBLOB="11002abd70000000000010000000"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="00002abd7000fcdbdf2509000000080005000000000008000400030000004c0001800c00070010000000160000000700060500000000060001000a000000080009000000000014000300ac1414bb00000000000000000000000008000b0073697000080008ca02000000"], 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x4, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) r6 = socket$alg(0x26, 0x5, 0x0) sendmmsg$sock(0xffffffffffffffff, &(0x7f00000008c0)=[{{&(0x7f00000003c0)=@pppol2tpin6={0x18, 0x1, {0x0, r6, 0x2, 0x2, 0x2, 0x1, {0xa, 0x4e23, 0x9, @mcast1, 0x5}}}, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000480)="7a5e23cb31777991316091ce285f72991944550f956d4dde161392ce9b5f39de5e96726110c6067fd837a6352f9ffb236f4745b10850663cf8ae3ca2ff7d820b65f99d8f9d46d4c83a9c4bd520c5c64f8564b66637c5", 0x56}, {&(0x7f0000000500)="39c4a1c8d6f3d869750b1bc1545e63e3d0cf3b18c9746e2df780e2c4a33f819066a746643b1c37fed6255c4c1ae47e2f94d706e7e35fa1368d944e8f759fc230420574693a3a44ee4374837f6804773520d43540325d5e9d1043efdf49f12842", 0x60}, {&(0x7f0000000580)="dd6def27beb56415ebd5afd806a797823560c326ea73409f204da9f92d3da94286a6ed3427a781fbbcab4fe67cca255b38fde31d189c5c9ce641d1bb2a250a20fceea332500152649d58f4e455d6d96f9529561ad428cf7b99d3e29d2ed9244dd79b79fe9b4000c92da3b7ef5fa0305af7421a003e5e284e19c15c80d1c52dd491d07f651525ae20a4ca9f9aa0206cef8d199905d5e8ef57acebee804313987a67a03393fabb017308812df407898f910874b78a2e767871a30bef17a5e02ade3a2fa05c4bbad592a5391270e6215674c2ff15f9c568536838d4abb5baf3c639bc02904cd63dedf7ba287c8429e5b7432516a9c46d2b6e086e656c4d", 0xfc}, {&(0x7f0000000680)="8d581381ebc314948dc4529cf1689a94663dd2c2d80e4df2b158c5", 0x1b}, {&(0x7f00000006c0)="b7c2bd5d2b4a4ba6cc20c495f80f4ff306f98026bb5a73da57cdc2e61ecc20bdf317c8dfdbda536f70aee66def9bd3e6959ef4421e8b156289a5eb31f6fc8dbdd15f7745a1278568dfde56408ade7aa21a05c9a4090954642f71adb2e4aec2ccf1ac3b8869469fb6002d13b1afaf0fb2a107b6f0c3c6166b8694dfddfa1fdf6ffc27c9ceb8701464f8b421ce257c1fe0d5e1c1d9d93a4cd74fca96e0566043089a582bf041521620a0d78937a98bc74f4b165a7e35520fa3906cdee3", 0xbc}, {&(0x7f0000000780)="1e23c355f1440b7af263f7", 0xb}], 0x6, &(0x7f0000000840)=[@timestamping={{0x14, 0x1, 0x25, 0xb0}}, @timestamping={{0x14, 0x1, 0x25, 0xdd}}, @mark={{0x14}}], 0x48}}], 0x1, 0x80) [ 536.012308][T26303] netlink: 'syz-executor.3': attribute type 8 has an invalid length. 06:10:36 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x6000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:36 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000", 0x29}], 0x1}, 0x0) [ 536.055129][T26303] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 536.133888][T26303] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 536.133888][T26303] !' [ 536.187062][T26303] CPU: 1 PID: 26303 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 536.195754][T26303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 536.205812][T26303] Call Trace: [ 536.209112][T26303] dump_stack+0x188/0x20d [ 536.213458][T26303] sysfs_warn_dup.cold+0x1c/0x2d [ 536.218409][T26303] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 536.224904][T26303] sysfs_create_link+0x61/0xc0 [ 536.229705][T26303] device_add+0x71c/0x1bc0 06:10:37 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) write$FUSE_LK(0xffffffffffffffff, &(0x7f00000004c0)={0x28, 0x0, 0x2, {{0x0, 0x8, 0x2}}}, 0x28) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000300)='/dev/qat_adf_ctl\x00', 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = dup2(r4, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) sendmsg$nl_route(r3, &(0x7f00000003c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000700)={&(0x7f0000000400)=@bridge_getlink={0x28, 0x12, 0x8, 0x70bd25, 0x25dfdbfe, {0x7, 0x0, 0x0, 0x0, 0x0, 0x585}, [@IFLA_GROUP={0x8, 0x1b, 0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x100}, 0x10) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r6, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r6, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x10}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 536.234134][T26303] ? retint_kernel+0x2b/0x2b [ 536.238734][T26303] ? uevent_show+0x360/0x360 [ 536.243441][T26303] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 536.249446][T26303] wiphy_register+0x1c46/0x2720 [ 536.254332][T26303] ? wiphy_unregister+0xf90/0xf90 [ 536.259367][T26303] ? retint_kernel+0x2b/0x2b [ 536.263977][T26303] ? ieee80211_register_hw+0x1226/0x3760 [ 536.269632][T26303] ieee80211_register_hw+0x141d/0x3760 [ 536.275206][T26303] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 536.280676][T26303] ? rcu_read_lock_sched_held+0x9c/0xd0 06:10:37 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='U\x00p\x00', @ANYRES16=r4, @ANYBLOB="11002abd70000000000010000000"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket(0x1, 0x1, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r5, 0x8983, &(0x7f0000000140)={0x0, 'syzkaller1\x00', {0x804}}) setsockopt$packet_tx_ring(r5, 0x107, 0xd, &(0x7f0000000300)=@req3={0x2, 0xfffffff8, 0xfffffff8, 0x8001, 0x1f, 0x1, 0x2}, 0x1c) r6 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 536.286234][T26303] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 536.292224][T26303] ? memset+0x20/0x40 [ 536.296213][T26303] ? __hrtimer_init+0x134/0x260 [ 536.301076][T26303] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 536.306834][T26303] ? hwsim_register_received_nl+0x400/0x400 [ 536.312746][T26303] hwsim_new_radio_nl+0x905/0xf60 [ 536.317778][T26303] ? lockdep_hardirqs_on+0x417/0x5d0 [ 536.323076][T26303] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 536.329013][T26303] genl_rcv_msg+0x627/0xdf0 [ 536.333546][T26303] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 536.339985][T26303] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 536.345740][T26303] netlink_rcv_skb+0x15a/0x410 [ 536.350513][T26303] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 536.356858][T26303] ? netlink_ack+0xa80/0xa80 [ 536.361486][T26303] genl_rcv+0x24/0x40 [ 536.365477][T26303] netlink_unicast+0x537/0x740 [ 536.370329][T26303] ? netlink_attachskb+0x810/0x810 [ 536.375451][T26303] ? security_netlink_send+0x13/0xa0 [ 536.380733][T26303] ? __sanitizer_cov_trace_pc+0x37/0x50 [ 536.386287][T26303] netlink_sendmsg+0x882/0xe10 [ 536.391061][T26303] ? aa_af_perm+0x260/0x260 [ 536.395562][T26303] ? netlink_unicast+0x740/0x740 [ 536.400531][T26303] ? netlink_unicast+0x740/0x740 [ 536.405467][T26303] sock_sendmsg+0xcf/0x120 [ 536.409886][T26303] ____sys_sendmsg+0x6b9/0x7d0 [ 536.414662][T26303] ? kernel_sendmsg+0x50/0x50 [ 536.419353][T26303] ? mark_lock+0xbc/0x1220 [ 536.423794][T26303] ___sys_sendmsg+0x100/0x170 [ 536.428487][T26303] ? sendmsg_copy_msghdr+0x70/0x70 [ 536.433624][T26303] ? __fget_files+0x329/0x4f0 [ 536.438316][T26303] ? ksys_dup3+0x3c0/0x3c0 [ 536.442736][T26303] ? lock_acquire+0x197/0x420 [ 536.447419][T26303] ? __might_fault+0xef/0x1d0 [ 536.452118][T26303] ? __fget_light+0x208/0x270 [ 536.456811][T26303] __sys_sendmsg+0xec/0x1b0 [ 536.461324][T26303] ? __sys_sendmsg_sock+0xb0/0xb0 [ 536.466385][T26303] ? do_syscall_64+0x4f/0x7d0 [ 536.471085][T26303] do_syscall_64+0xf6/0x7d0 [ 536.475607][T26303] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 536.481502][T26303] RIP: 0033:0x45c849 [ 536.485402][T26303] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 536.504997][T26303] RSP: 002b:00007f081711fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 536.513387][T26303] RAX: ffffffffffffffda RBX: 00007f08171206d4 RCX: 000000000045c849 [ 536.521390][T26303] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 536.529339][T26303] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 536.537285][T26303] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 536.545271][T26303] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 536.651666][T26164] netlink: 189576 bytes leftover after parsing attributes in process `syz-executor.4'. [ 536.686320][T26164] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 536.686320][T26164] !' [ 536.704966][T26164] CPU: 1 PID: 26164 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 536.713657][T26164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 536.723706][T26164] Call Trace: [ 536.726978][T26164] dump_stack+0x188/0x20d [ 536.731293][T26164] sysfs_warn_dup.cold+0x1c/0x2d [ 536.736208][T26164] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 536.742263][T26164] sysfs_create_link+0x61/0xc0 [ 536.747017][T26164] device_add+0x71c/0x1bc0 [ 536.751464][T26164] ? uevent_show+0x360/0x360 [ 536.756040][T26164] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 536.762049][T26164] wiphy_register+0x1c46/0x2720 [ 536.766889][T26164] ? wiphy_unregister+0xf90/0xf90 [ 536.771893][T26164] ? __kmalloc+0x629/0x7a0 [ 536.776287][T26164] ? ieee80211_register_hw+0xbea/0x3760 [ 536.781816][T26164] ? ieee80211_cs_list_valid+0x198/0x280 [ 536.787428][T26164] ieee80211_register_hw+0x141d/0x3760 [ 536.792873][T26164] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 536.798323][T26164] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 536.803875][T26164] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 536.809850][T26164] ? memset+0x20/0x40 [ 536.813841][T26164] ? __hrtimer_init+0x134/0x260 [ 536.818689][T26164] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 536.824396][T26164] ? vprintk_func+0x81/0x17e [ 536.828998][T26164] ? hwsim_register_received_nl+0x400/0x400 [ 536.834888][T26164] hwsim_new_radio_nl+0x905/0xf60 [ 536.839908][T26164] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 536.845796][T26164] ? cap_capable+0x1eb/0x250 [ 536.850382][T26164] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 536.856697][T26164] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 536.863012][T26164] genl_rcv_msg+0x627/0xdf0 [ 536.867506][T26164] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 536.873831][T26164] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 536.879640][T26164] netlink_rcv_skb+0x15a/0x410 [ 536.884397][T26164] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 536.890703][T26164] ? netlink_ack+0xa80/0xa80 [ 536.895278][T26164] genl_rcv+0x24/0x40 [ 536.899245][T26164] netlink_unicast+0x537/0x740 [ 536.903995][T26164] ? netlink_attachskb+0x810/0x810 [ 536.909089][T26164] ? _copy_from_iter_full+0x25c/0x870 [ 536.914447][T26164] ? __phys_addr_symbol+0x2c/0x70 [ 536.919468][T26164] ? __check_object_size+0x171/0x437 [ 536.925288][T26164] netlink_sendmsg+0x882/0xe10 [ 536.930048][T26164] ? aa_af_perm+0x260/0x260 [ 536.934538][T26164] ? netlink_unicast+0x740/0x740 [ 536.939503][T26164] ? netlink_unicast+0x740/0x740 [ 536.944456][T26164] sock_sendmsg+0xcf/0x120 [ 536.948866][T26164] ____sys_sendmsg+0x6b9/0x7d0 [ 536.953673][T26164] ? kernel_sendmsg+0x50/0x50 [ 536.958358][T26164] ? mark_lock+0xbc/0x1220 [ 536.962772][T26164] ___sys_sendmsg+0x100/0x170 [ 536.967430][T26164] ? sendmsg_copy_msghdr+0x70/0x70 [ 536.972542][T26164] ? __fget_files+0x329/0x4f0 [ 536.977196][T26164] ? ksys_dup3+0x3c0/0x3c0 [ 536.981588][T26164] ? lock_acquire+0x197/0x420 [ 536.986240][T26164] ? __might_fault+0xef/0x1d0 [ 536.990911][T26164] ? __fget_light+0x208/0x270 [ 536.995575][T26164] __sys_sendmsg+0xec/0x1b0 [ 537.000068][T26164] ? __sys_sendmsg_sock+0xb0/0xb0 [ 537.005078][T26164] ? __x64_sys_futex+0x380/0x4f0 [ 537.010027][T26164] ? trace_hardirqs_off_caller+0x55/0x230 [ 537.015735][T26164] ? do_syscall_64+0x21/0x7d0 [ 537.020391][T26164] do_syscall_64+0xf6/0x7d0 [ 537.024874][T26164] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 537.030753][T26164] RIP: 0033:0x45c849 [ 537.034636][T26164] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 537.054216][T26164] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 537.062604][T26164] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 537.070552][T26164] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 537.078597][T26164] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 537.086555][T26164] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 537.094504][T26164] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:37 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc600c0011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:37 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="daf132c2da321c440000100000061c861edb45068210323c4c5cfa018c8f43839879d6ce8954a0d19ab0e1e7418dab973139cad9e6fb8f6af8b5479c42b7b698e7a48fde2b85568cf420855c9cb8dc6dab1e9074cb17763ecf51eb5c3a7818e5b6b8bc978715131d94d3230901ae27d223f316f6d8330d5ee681942c2f25f3e288753314469ab6075bdc0100000000000000e64a7e1928ce257bf2b184f40d1b2c4f087f84e42bc540dac9facc37c08c6576a4e2c4aa299461ebd854721fc0f282fc1f64ea08d66bcddecb3c70e6df0d2db644de95ec36858c3110ec0e6fe6f4b592e353a2eecf9b8a54cd3214814bc8e0783569d4ffd623dfa740edebbe32e73b5951c12b90fec86fc34339288a625859d9c428937fdc0d93e9b2767dab54822247850c04eff83a43604b6022dfcc230a1ee0d5b62af77008c79e6b5ee7d425b97dbf80f58a0b7243ccc9862008c73972309ff1b931265002e8e23f1f4a0379bf9e13b3133f1a9e8b3bf4b3a7c9b3b9da7f3aa0675d600210b7d7ade3e606bcf6bbfe99e6d80256bb76a8272e6a0e155a12854a10fdcc57e07894539b82357e4f2c6d87098be842a31749a9ff744c20900fd92c08668b1ac76c34a986330cd1f195d3cd0846237d34f7968cebcce33912d151043fccc32a8ccdd1d36290cca63d73f8a27fe40797abfcbfa4fda9b2cc9954ef574adb09258e83ebaa4c2043bdc75b8f6ea35ed5d506368abbb6c0ee32b408abd3b6d0f6adaf38cae545e19f50e6137eb146bc48bbd083"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:37 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:37 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x8d03}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:37 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:37 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000", 0x29}], 0x1}, 0x0) [ 537.233934][T26801] netlink: 189576 bytes leftover after parsing attributes in process `syz-executor.4'. 06:10:38 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0xf000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:38 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000", 0x29}], 0x1}, 0x0) 06:10:38 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') r4 = socket(0x1, 0x1, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r4, 0x8983, &(0x7f0000000140)={0x0, 'syzkaller1\x00', {0x804}}) sendmsg$IPVS_CMD_ZERO(r4, &(0x7f0000000300)={&(0x7f0000000000), 0xc, &(0x7f0000000340)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x400c000) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r2, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0xef90}], 0x1}, 0x40040) [ 537.327284][T26801] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 537.327284][T26801] !' [ 537.385182][T26801] CPU: 0 PID: 26801 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 537.393872][T26801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 537.403930][T26801] Call Trace: [ 537.407246][T26801] dump_stack+0x188/0x20d [ 537.411585][T26801] sysfs_warn_dup.cold+0x1c/0x2d [ 537.416542][T26801] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 537.422622][T26801] sysfs_create_link+0x61/0xc0 [ 537.427414][T26801] device_add+0x71c/0x1bc0 [ 537.431841][T26801] ? ieee80211_set_bitrate_flags+0x418/0x5c0 [ 537.437826][T26801] ? uevent_show+0x360/0x360 [ 537.442424][T26801] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 537.448418][T26801] wiphy_register+0x1c46/0x2720 [ 537.453288][T26801] ? wiphy_unregister+0xf90/0xf90 [ 537.458317][T26801] ? retint_kernel+0x2b/0x2b [ 537.462928][T26801] ? ieee80211_cs_list_valid+0x198/0x280 [ 537.468573][T26801] ieee80211_register_hw+0x141d/0x3760 [ 537.474053][T26801] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 537.479635][T26801] ? __hrtimer_init+0x1eb/0x260 [ 537.484499][T26801] ? __hrtimer_init+0x134/0x260 [ 537.489370][T26801] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 537.495122][T26801] ? hwsim_register_received_nl+0x400/0x400 [ 537.501035][T26801] hwsim_new_radio_nl+0x905/0xf60 [ 537.506063][T26801] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 537.511533][T26801] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 537.517485][T26801] genl_rcv_msg+0x627/0xdf0 [ 537.522690][T26801] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 537.529135][T26801] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 537.534597][T26801] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 537.540336][T26801] ? netlink_rcv_skb+0x148/0x410 [ 537.545285][T26801] netlink_rcv_skb+0x15a/0x410 [ 537.550081][T26801] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 537.556413][T26801] ? netlink_ack+0xa80/0xa80 [ 537.561030][T26801] genl_rcv+0x24/0x40 [ 537.565016][T26801] netlink_unicast+0x537/0x740 [ 537.569790][T26801] ? netlink_attachskb+0x810/0x810 [ 537.574910][T26801] ? netlink_sendmsg+0x7f7/0xe10 [ 537.579858][T26801] netlink_sendmsg+0x882/0xe10 [ 537.584629][T26801] ? aa_af_perm+0x260/0x260 [ 537.589144][T26801] ? netlink_unicast+0x740/0x740 [ 537.594103][T26801] ? netlink_unicast+0x740/0x740 [ 537.599044][T26801] sock_sendmsg+0xcf/0x120 [ 537.603479][T26801] ____sys_sendmsg+0x6b9/0x7d0 [ 537.608252][T26801] ? kernel_sendmsg+0x50/0x50 [ 537.612931][T26801] ? mark_lock+0xbc/0x1220 [ 537.617351][T26801] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 537.622829][T26801] ___sys_sendmsg+0x100/0x170 [ 537.627546][T26801] ? sendmsg_copy_msghdr+0x70/0x70 [ 537.632699][T26801] ? __fget_files+0x329/0x4f0 [ 537.637391][T26801] ? ksys_dup3+0x3c0/0x3c0 [ 537.641821][T26801] ? check_memory_region+0x11a/0x190 [ 537.647119][T26801] ? __fget_light+0x208/0x270 [ 537.651836][T26801] __sys_sendmsg+0xec/0x1b0 [ 537.656346][T26801] ? __sys_sendmsg_sock+0xb0/0xb0 [ 537.661372][T26801] ? __x64_sys_futex+0x380/0x4f0 [ 537.666334][T26801] ? trace_hardirqs_off_caller+0x55/0x230 [ 537.672062][T26801] ? do_syscall_64+0x21/0x7d0 [ 537.676748][T26801] do_syscall_64+0xf6/0x7d0 06:10:38 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') r5 = socket$inet_sctp(0x2, 0x5, 0x84) r6 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000000)={r7, @in={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, &(0x7f0000000100)=0x100) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000340)={r7}, 0x8) ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r5, 0x8983, &(0x7f0000000300)={0x2, 'ip_vti0\x00', {0x3f}, 0x1}) sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x4c, r3, 0x0, 0x70bd26, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_DEST={0x28, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x51}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xffff}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@mcast1}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 537.681253][T26801] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 537.687141][T26801] RIP: 0033:0x45c849 [ 537.691038][T26801] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 537.710634][T26801] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 537.719047][T26801] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 537.727015][T26801] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 06:10:38 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:38 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000140)={0x0, 'syzkaller1\x00', {0x804}}) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(0xffffffffffffffff, 0x111, 0x1, 0x822, 0x4) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r5 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r3, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r5, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000240)={&(0x7f00000003c0)=ANY=[@ANYBLOB="2800000062d3a765f4e7fa0100000000080000de97ff9ad7500ab05fc8321dc148462b42c6bb77cd0300000000000000e92d08c1384dd5754ad1b40b10a2a0fe8c02d1e12628fbc5d04a980f64c4", @ANYRES16=r4, @ANYBLOB="00002abd7000fcdbdf2509000000080005000000000008000400030000005d000180"], 0x28}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = dup2(r6, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$DRM_IOCTL_VERSION(r7, 0xc0406400, &(0x7f0000000300)={0x800, 0x4455fee0, 0x6, 0xa5, &(0x7f0000000480)=""/165, 0x5, &(0x7f0000000200)=""/5, 0xea, &(0x7f0000000540)=""/234}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x441c1, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) r8 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 537.734985][T26801] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 537.742954][T26801] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 537.750929][T26801] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 537.841851][T26903] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 537.881823][T26903] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 537.982505][T26903] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 537.982505][T26903] !' 06:10:38 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc600d0011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:38 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x34000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:38 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="00002abd7000fcdbdf2509000000080005000000000008000400030000004c0001800c00070010000000160000000700060073680000060001000a000000080009000000000014000300ac1414bb00000000006970000800080002000000"], 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000300), 0x2}, 0x6001}, 0x0, 0x6, 0xffffffffffffffff, 0x8) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 538.098502][T26903] CPU: 0 PID: 26903 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 538.107210][T26903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 538.117270][T26903] Call Trace: [ 538.120570][T26903] dump_stack+0x188/0x20d [ 538.124927][T26903] sysfs_warn_dup.cold+0x1c/0x2d [ 538.129880][T26903] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 538.135962][T26903] sysfs_create_link+0x61/0xc0 [ 538.140732][T26903] device_add+0x71c/0x1bc0 [ 538.145159][T26903] ? ieee80211_set_bitrate_flags+0x36f/0x5c0 [ 538.151153][T26903] ? uevent_show+0x360/0x360 [ 538.155756][T26903] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 538.161757][T26903] wiphy_register+0x1c46/0x2720 [ 538.166651][T26903] ? wiphy_unregister+0xf90/0xf90 [ 538.171684][T26903] ? retint_kernel+0x2b/0x2b [ 538.176294][T26903] ? ieee80211_register_hw+0x13b6/0x3760 [ 538.181942][T26903] ieee80211_register_hw+0x141d/0x3760 [ 538.187438][T26903] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 538.192917][T26903] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 538.198471][T26903] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 538.204462][T26903] ? memset+0x20/0x40 [ 538.208458][T26903] ? __hrtimer_init+0x134/0x260 [ 538.213332][T26903] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 538.219086][T26903] ? hwsim_register_received_nl+0x400/0x400 [ 538.225105][T26903] hwsim_new_radio_nl+0x905/0xf60 [ 538.230132][T26903] ? retint_kernel+0x2b/0x2b [ 538.234733][T26903] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 538.240648][T26903] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 06:10:39 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1612434aa794c2b6}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a, 0x25dfdbfc}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20008000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 538.246973][T26903] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 538.253399][T26903] genl_rcv_msg+0x627/0xdf0 [ 538.257926][T26903] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 538.264295][T26903] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 538.270224][T26903] netlink_rcv_skb+0x15a/0x410 [ 538.275002][T26903] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 538.281337][T26903] ? netlink_ack+0xa80/0xa80 [ 538.285965][T26903] genl_rcv+0x24/0x40 [ 538.289949][T26903] netlink_unicast+0x537/0x740 [ 538.294726][T26903] ? netlink_attachskb+0x810/0x810 [ 538.299843][T26903] ? _copy_from_iter_full+0x25c/0x870 [ 538.305221][T26903] ? __phys_addr_symbol+0x2c/0x70 [ 538.310252][T26903] ? __check_object_size+0x171/0x437 [ 538.315554][T26903] netlink_sendmsg+0x882/0xe10 [ 538.320338][T26903] ? aa_af_perm+0x260/0x260 [ 538.324847][T26903] ? netlink_unicast+0x740/0x740 [ 538.329807][T26903] ? netlink_unicast+0x740/0x740 [ 538.334757][T26903] sock_sendmsg+0xcf/0x120 [ 538.339180][T26903] ____sys_sendmsg+0x6b9/0x7d0 [ 538.343968][T26903] ? kernel_sendmsg+0x50/0x50 [ 538.348660][T26903] ? mark_lock+0xbc/0x1220 [ 538.353100][T26903] ___sys_sendmsg+0x100/0x170 [ 538.357790][T26903] ? sendmsg_copy_msghdr+0x70/0x70 [ 538.362935][T26903] ? __fget_files+0x329/0x4f0 [ 538.367632][T26903] ? ksys_dup3+0x3c0/0x3c0 [ 538.372149][T26903] ? lock_acquire+0x197/0x420 [ 538.376836][T26903] ? __might_fault+0xef/0x1d0 [ 538.381526][T26903] ? __fget_light+0x208/0x270 [ 538.386212][T26903] __sys_sendmsg+0xec/0x1b0 [ 538.390711][T26903] ? __sys_sendmsg_sock+0xb0/0xb0 [ 538.395733][T26903] ? retint_kernel+0x2b/0x2b [ 538.400339][T26903] ? __x64_sys_sendmsg+0xd/0xb0 [ 538.405191][T26903] ? __x64_sys_sendmsg+0x47/0xb0 [ 538.410136][T26903] do_syscall_64+0xf6/0x7d0 [ 538.414668][T26903] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 538.420559][T26903] RIP: 0033:0x45c849 [ 538.424457][T26903] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 538.444061][T26903] RSP: 002b:00007f08170fec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 538.452473][T26903] RAX: ffffffffffffffda RBX: 00007f08170ff6d4 RCX: 000000000045c849 [ 538.460441][T26903] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 538.468405][T26903] RBP: 000000000076bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 538.476365][T26903] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 538.484341][T26903] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bfac 06:10:39 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:39 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="00002abd7000fcdbdf2509000000080005000000000008000400030000004c0001800c00070010000000160000000700060073680000060001000a000000080009000000000014000300ac1414bb00000000000000000000000008000b007369700008000800020000002e8e18be0092e982b09c298deca6f694309855770540673c648ab13a003cacba51f6d41e3b68c980ed0323cf02ab162b91ed87b32974dc2d29a5b96a0ec648611801bc5374b7ca7fe7c0e886b2a9ca86659bd18266eb33fc8396048872939c860f8390fe274bda4ce3a1ac941f0da4f05e27db83c4f68abd638e327ea8f5117e5d8e9082fcc254d8d218c07f6050ad7374bfe893fd2fc63fdf024fa809105f3cec175ec44e2cbd3216c2cf64c56b09096fd5a8dec39c442693c198d187c82fa4aa2102280198c7347f63c8473b700924ad030966f0102f41fbc814064190d6659e89f5ee30ccea07bc93317385976259455a2b075f05ed0f60611ae8d8ae8f9524e555856e3c848a39b8a51af247"], 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 538.547188][T27517] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 538.564034][T27517] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.4'. 06:10:39 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700", 0x2c}], 0x1}, 0x0) [ 538.632554][T27517] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 538.632554][T27517] !' [ 538.677689][T27517] CPU: 1 PID: 27517 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 538.686480][T27517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 538.696552][T27517] Call Trace: [ 538.699854][T27517] dump_stack+0x188/0x20d [ 538.704196][T27517] sysfs_warn_dup.cold+0x1c/0x2d [ 538.709153][T27517] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 538.715223][T27517] sysfs_create_link+0x61/0xc0 [ 538.720005][T27517] device_add+0x71c/0x1bc0 [ 538.724443][T27517] ? uevent_show+0x360/0x360 [ 538.729040][T27517] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 538.735032][T27517] wiphy_register+0x1c46/0x2720 [ 538.739902][T27517] ? wiphy_unregister+0xf90/0xf90 [ 538.744917][T27517] ? retint_kernel+0x2b/0x2b [ 538.749525][T27517] ? ieee80211_cs_list_valid+0x198/0x280 [ 538.755164][T27517] ieee80211_register_hw+0x141d/0x3760 [ 538.760647][T27517] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 538.766112][T27517] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 538.771663][T27517] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 538.777651][T27517] ? memset+0x20/0x40 [ 538.781635][T27517] ? __hrtimer_init+0x134/0x260 [ 538.786494][T27517] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 538.792237][T27517] ? hwsim_register_received_nl+0x400/0x400 [ 538.798158][T27517] hwsim_new_radio_nl+0x905/0xf60 [ 538.803186][T27517] ? retint_kernel+0x2b/0x2b [ 538.807778][T27517] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 538.813689][T27517] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 538.820040][T27517] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 538.826388][T27517] genl_rcv_msg+0x627/0xdf0 [ 538.830908][T27517] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 538.837270][T27517] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 538.843087][T27517] netlink_rcv_skb+0x15a/0x410 [ 538.847846][T27517] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 538.854172][T27517] ? netlink_ack+0xa80/0xa80 [ 538.858793][T27517] genl_rcv+0x24/0x40 [ 538.862775][T27517] netlink_unicast+0x537/0x740 [ 538.867556][T27517] ? netlink_attachskb+0x810/0x810 [ 538.872671][T27517] ? _copy_from_iter_full+0x25c/0x870 [ 538.878047][T27517] ? __phys_addr_symbol+0x2c/0x70 [ 538.883078][T27517] ? __check_object_size+0x171/0x437 [ 538.888382][T27517] netlink_sendmsg+0x882/0xe10 [ 538.893244][T27517] ? aa_af_perm+0x260/0x260 [ 538.897749][T27517] ? netlink_unicast+0x740/0x740 [ 538.902707][T27517] ? netlink_unicast+0x740/0x740 [ 538.907652][T27517] sock_sendmsg+0xcf/0x120 [ 538.912085][T27517] ____sys_sendmsg+0x6b9/0x7d0 [ 538.916919][T27517] ? kernel_sendmsg+0x50/0x50 [ 538.921605][T27517] ? mark_lock+0xbc/0x1220 06:10:39 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:39 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x400300}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 538.926044][T27517] ___sys_sendmsg+0x100/0x170 [ 538.930729][T27517] ? sendmsg_copy_msghdr+0x70/0x70 [ 538.935874][T27517] ? __fget_files+0x329/0x4f0 [ 538.940568][T27517] ? ksys_dup3+0x3c0/0x3c0 [ 538.944986][T27517] ? lock_acquire+0x197/0x420 [ 538.949660][T27517] ? __might_fault+0xef/0x1d0 [ 538.954349][T27517] ? __fget_light+0x208/0x270 [ 538.959041][T27517] __sys_sendmsg+0xec/0x1b0 [ 538.963551][T27517] ? __sys_sendmsg_sock+0xb0/0xb0 [ 538.968661][T27517] ? __x64_sys_futex+0x380/0x4f0 [ 538.973615][T27517] ? trace_hardirqs_off_caller+0x55/0x230 [ 538.979356][T27517] ? do_syscall_64+0x21/0x7d0 [ 538.984045][T27517] do_syscall_64+0xf6/0x7d0 [ 538.988564][T27517] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 538.994456][T27517] RIP: 0033:0x45c849 [ 538.998354][T27517] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 539.017952][T27517] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 539.026346][T27517] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 539.034298][T27517] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 539.042250][T27517] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 539.050203][T27517] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 539.058156][T27517] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:39 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0xf0ffff}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:39 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:39 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$UI_SET_LEDBIT(r0, 0x40045569, 0x4) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r3, &(0x7f0000000300)="5cdfde9fa4e5faeeb62399ab92fc1725d4c7687410f85bbc7e44e0a686357dde240c12c71b6f7623d323af", &(0x7f00000003c0)="742e7101b74c0e68b1a240c89c8d824cabb0b7fbb0feb192af73cae6ba482d2577ad11e9d84d8492285bca822a597e70f632371273575cd6646532bb1efa8234c556428cf8fd374e06a0dc472c6f41ec1cd0d6f370b87751a59dc9a1c92c21a9f698e9"}, 0x20) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r4, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r6, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r5, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 539.125852][T27643] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 539.145756][T27643] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 539.222339][T27643] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 539.222339][T27643] !' 06:10:40 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc600e0011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 539.294256][T27643] CPU: 1 PID: 27643 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 539.302956][T27643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 539.313021][T27643] Call Trace: [ 539.316320][T27643] dump_stack+0x188/0x20d [ 539.320662][T27643] sysfs_warn_dup.cold+0x1c/0x2d [ 539.325618][T27643] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 539.331703][T27643] sysfs_create_link+0x61/0xc0 [ 539.336478][T27643] device_add+0x71c/0x1bc0 [ 539.340911][T27643] ? uevent_show+0x360/0x360 [ 539.345516][T27643] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 539.351515][T27643] wiphy_register+0x1c46/0x2720 [ 539.356388][T27643] ? wiphy_unregister+0xf90/0xf90 [ 539.361420][T27643] ? retint_kernel+0x2b/0x2b [ 539.366034][T27643] ? ieee80211_cs_list_valid+0x198/0x280 [ 539.371674][T27643] ieee80211_register_hw+0x141d/0x3760 [ 539.377158][T27643] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 539.382631][T27643] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 539.388187][T27643] ? rcu_read_lock_any_held.part.0+0x50/0x50 06:10:40 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0) [ 539.394178][T27643] ? memset+0x20/0x40 [ 539.398165][T27643] ? __hrtimer_init+0x134/0x260 [ 539.403027][T27643] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 539.408779][T27643] ? hwsim_register_received_nl+0x400/0x400 [ 539.414700][T27643] hwsim_new_radio_nl+0x905/0xf60 [ 539.419733][T27643] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 539.425630][T27643] ? cap_capable+0x1eb/0x250 [ 539.430242][T27643] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 539.436574][T27643] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 539.442920][T27643] genl_rcv_msg+0x627/0xdf0 [ 539.447454][T27643] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 539.453818][T27643] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 539.459638][T27643] netlink_rcv_skb+0x15a/0x410 [ 539.464410][T27643] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 539.470746][T27643] ? netlink_ack+0xa80/0xa80 [ 539.475363][T27643] genl_rcv+0x24/0x40 [ 539.479350][T27643] netlink_unicast+0x537/0x740 [ 539.484132][T27643] ? netlink_attachskb+0x810/0x810 [ 539.489247][T27643] ? _copy_from_iter_full+0x25c/0x870 [ 539.494628][T27643] ? __phys_addr_symbol+0x2c/0x70 [ 539.499661][T27643] ? __check_object_size+0x171/0x437 [ 539.504960][T27643] netlink_sendmsg+0x882/0xe10 [ 539.509751][T27643] ? aa_af_perm+0x260/0x260 [ 539.514269][T27643] ? netlink_unicast+0x740/0x740 [ 539.519233][T27643] ? netlink_unicast+0x740/0x740 [ 539.524176][T27643] sock_sendmsg+0xcf/0x120 [ 539.528599][T27643] ____sys_sendmsg+0x6b9/0x7d0 [ 539.533386][T27643] ? kernel_sendmsg+0x50/0x50 [ 539.538095][T27643] ___sys_sendmsg+0x100/0x170 [ 539.542783][T27643] ? sendmsg_copy_msghdr+0x70/0x70 [ 539.547926][T27643] ? __fget_files+0x329/0x4f0 [ 539.552624][T27643] ? ksys_dup3+0x3c0/0x3c0 [ 539.557055][T27643] ? _raw_spin_unlock_irq+0x4b/0x80 [ 539.562286][T27643] ? __fget_light+0x208/0x270 [ 539.566977][T27643] __sys_sendmsg+0xec/0x1b0 [ 539.571480][T27643] ? __sys_sendmsg_sock+0xb0/0xb0 [ 539.576531][T27643] ? trace_hardirqs_off_caller+0x55/0x230 [ 539.582260][T27643] ? do_syscall_64+0x21/0x7d0 [ 539.586955][T27643] do_syscall_64+0xf6/0x7d0 06:10:40 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:40 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffffffff8bd, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x938}, 0x0, 0x3, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 539.591468][T27643] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 539.597357][T27643] RIP: 0033:0x45c849 [ 539.601257][T27643] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 539.620875][T27643] RSP: 002b:00007f081711fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 539.629293][T27643] RAX: ffffffffffffffda RBX: 00007f08171206d4 RCX: 000000000045c849 [ 539.637256][T27643] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 539.645232][T27643] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 539.653195][T27643] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 539.661164][T27643] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 539.762114][T28053] netlink: 'syz-executor.4': attribute type 8 has an invalid length. 06:10:40 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:40 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x1000000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:40 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700", 0x2c}], 0x1}, 0x0) [ 539.833967][T28053] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.4'. 06:10:40 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000b80)={0x64, r4, 0x1, 0x70bd2a, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x50, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @empty}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x9}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0xee}]}]}, 0x64}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="70000002", @ANYRES16=r3, @ANYBLOB="00002abd7000fcdbdf2509000000080005000000000008000400030000004c0801800c00070010000000160000000700060073680000060001000a000000080009000000000014000300ac1414bb00000000000000000000000008000b00736970000800080002000000"], 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340)='nl80211\x00') sendmsg$NL80211_CMD_SET_BEACON(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000480)={0x6dc, r5, 0x100, 0x70bd2a, 0x25dfdbfb, {}, [@NL80211_ATTR_IE_RIC={0x12f, 0xb2, "7facffe76695bffd21ed88865afac91b561387206eadb6e583ad1d518299f0a2450cc6144b3dc266ca3bf721e81f96d74a7ee818584175091f9cf3f4da2719ca0826d41895fbfa0027217348a5e067de99fdc1a2a8f339bedcb176fce8ac73d2cc4a113854590c3128e89a2e00f8fe2d45f4a55707fc89e2ea33838acc5a8a0230d4371fc7060caa1ad0a435b50fde61edc1607125198bb54f1ab728f3b8116c81a4af07b3b7895cd31b2f98293ec0529b54632170f8594feb23840152634d7d0d1541e5bc68313a36b6bd1018044d4dd9c9c9cd22c28334db061b6bed3216227933bd97485150c31a17d71d6cc3e42f0ae77893515f7bee0ad2376119c27433e19adc5477504826a533670b8135ebc3f1be61a44e795ad5bb777c8cded009ca16d230264d4776c9cbfe4d"}, @NL80211_ATTR_FTM_RESPONDER={0x8, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}, @NL80211_ATTR_IE={0x579, 0x2a, "34f9e9e3a9875f9ec1c60ee89d558bfe20147744507c056f870e34b0c5d37cf33edc7753bc4a9326a16f9968f43c8ed051e5e96a57896568f6777465cb3e68c02f918b46a243f324a8877dd1f506295e851e2158246854a29c523176439bd43ef88f5d9af2dbbdf9886198cb531d150f010a900134ea77d92e501e23748143660e0e047ab044c0aca062bccd543aa5465f27b4de3d8394c2184cdb7c95ec424860315104509a9ce83592f90c08744540d77b97d7308f789e6a2a00059947063c8ce335895945d830ec93ce076e3d180a0fbee79431a8a5ca800c7eaffa1179d108f024448a00580d8f1b0686f67bd7ccf08a0d086f99d0cf50fd72aa26052d97d9417c819165d988045410288ade74ab7a8d65f71bf1a0fd09165de3a21b17cd1fa0c1772bb611c46ca9fcbc371fcd460e94f0ff742bf74a0c241cb7b976d57e7397f1af7fa3c728cec1b36c86b45efe987a0f745efb84682dc72471c6d02e42298e44f670b9634ea2c373a5bee87b3c1d918c1f3c9acff6b865120fc73bc989e2ce54a2398944830a5739b852747a41945303aad2b840498f8b953f58209530488ffbecfe0489a16d331d80b24bfc21a94ef2b27576b4289e84adb135fb2d56ad582046dee44702fa3d46309ec285c68e283898abc93d317fd7b75208c1a065881cd3297aee11d605b6c23cc01216c61fe2baed11adc2db426b2222f2e4adedee6abeca9fb7eb21926a1549c892c811c6e429f515e2c554770f264889a3a0e8df5b27414c9342e823af49c4ef24500390105e221b79306c9a2721794915f0d71025662025c1736d13d8226986a1fb1a328d95d2698a4a77bb89926e4f1b3292f7815eb8fcbe9a452f3bafc1c651ce4e57a1d295727528eb5dd77439783bdcba1995e54969d0c1706552ce074b560c1b6ecb38ac2b9ef13bfb7fbc05f6ba34aad2209aa5edc5dce8d10c5c8b46817f1a4e6ae71f5452a725f39fa9601c878af4b007e8e48d326f3c89375000ce4a0b2e613e5a553155be76531960bab1e12994d593a2e8dd6b76dd933ca50b8dae07ff8d3cfb11ac0eb12923e0335828025b76f771e60a88ae96f86e3b782a97372485698541ef5a1756554c9270ae90cece55f4fc6d823aed12b1e845169586a2adb0a6c7ef59e9f15ec2f4a25f44d668f659f3b555e9237387c087a1ae17f521e1e0621d2dd6baf690c36b8582496fb438d55cae0f263742124fcbccb21c4cc3c6ac1f5c7879aa9cbba45c8c1e52dddd1fedef1918fe4c843a95955a94ab594681ea4e09955974601acd958209887d21d47fb25f7ab74ff3c6bffcaeec43ba55b9cc24e294f9a1722e09b0f57d235b74c4a8a9936057d9b8a14ae96744684997c3a8853c26257f5d2928a29c46183c98d3edfcb5e093de75d9c9cd8dd2b22e2c23bee8d83d74a11eb50568297bfd2c22de508e8928fa1635af1e5d4160e6a4242305c5ea235c813cd6357d1becad26c58ed2dd8acc1fd3a11a509392c20e7115945d7d2c94194b771f92889f981f56260735cd7af06947fac86379b7de1f56ec2f153bada26796e64ec92ba9c3a0fba30fd04a20e8cc8ea618222d80cf4adb38c5ffb985a32409fc97895ff2143bbfedaca607479ec50ded84de53a5510e772de0b0fe4d3c33787cf0d4bcb6d3ddc0491e9210b52abb1ae7cd2da6b8ec9029793b060d4831e3429a6a82498e1c3c5eede7b14e839b90b73bb85d4560b744742ac31c497b28d3cd01a4fe215ea1bda32552dd3d6a868ff540ce8f7a70a3926e49b442b935610c32d0b0d5488a92c96d63d7f5de827e2b3a7d078612c5b5c27fab3d2dba76a97d4dbd5ba3bd06a17c6d2e18d40daecfb18ef179606ccd1bbbf831f3ef1137dffd7591176e6af44c74f09aaa6af020157284c254b3cf2daa26cd5e269571c88b9d77f924ec43ac100621b263278721b82b152ddebc05a3d35bd7202878568b1042e4"}, @NL80211_ATTR_P2P_OPPPS={0x5}, @NL80211_ATTR_SMPS_MODE={0x5}, @NL80211_ATTR_PBSS={0x4}]}, 0x6dc}, 0x1, 0x0, 0x0, 0x4008804}, 0x24000081) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = dup2(r6, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x240, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x0, 0xffffffffffffffff, r7, 0x0) r8 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:40 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x2000000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 539.986881][T28053] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 539.986881][T28053] !' [ 540.053194][T28053] CPU: 0 PID: 28053 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 540.061901][T28053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 540.071956][T28053] Call Trace: [ 540.075256][T28053] dump_stack+0x188/0x20d [ 540.079603][T28053] sysfs_warn_dup.cold+0x1c/0x2d [ 540.084547][T28053] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 540.090618][T28053] sysfs_create_link+0x61/0xc0 [ 540.095389][T28053] device_add+0x71c/0x1bc0 [ 540.099833][T28053] ? uevent_show+0x360/0x360 [ 540.104437][T28053] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 540.110431][T28053] wiphy_register+0x1c46/0x2720 [ 540.115295][T28053] ? wiphy_unregister+0xf90/0xf90 [ 540.120316][T28053] ? retint_kernel+0x2b/0x2b [ 540.124928][T28053] ? ieee80211_register_hw+0x12c8/0x3760 [ 540.130570][T28053] ? ieee80211_register_hw+0x12d2/0x3760 [ 540.136211][T28053] ieee80211_register_hw+0x141d/0x3760 [ 540.141705][T28053] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 540.147170][T28053] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 540.152825][T28053] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 540.158810][T28053] ? memset+0x20/0x40 [ 540.162805][T28053] ? __hrtimer_init+0x134/0x260 [ 540.167666][T28053] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 540.173384][T28053] ? vprintk_func+0x81/0x17e [ 540.178003][T28053] ? hwsim_register_received_nl+0x400/0x400 [ 540.183918][T28053] hwsim_new_radio_nl+0x905/0xf60 [ 540.188949][T28053] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 540.194398][T28053] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 540.200305][T28053] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 540.206040][T28053] genl_rcv_msg+0x627/0xdf0 [ 540.210541][T28053] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 540.216878][T28053] ? lockdep_hardirqs_on+0x417/0x5d0 [ 540.222257][T28053] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 540.227724][T28053] netlink_rcv_skb+0x15a/0x410 [ 540.232484][T28053] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 540.238802][T28053] ? netlink_ack+0xa80/0xa80 [ 540.243403][T28053] genl_rcv+0x24/0x40 [ 540.247383][T28053] netlink_unicast+0x537/0x740 [ 540.252149][T28053] ? netlink_attachskb+0x810/0x810 [ 540.257252][T28053] ? _copy_from_iter_full+0x25c/0x870 [ 540.262618][T28053] ? __phys_addr_symbol+0x2c/0x70 [ 540.267633][T28053] ? __check_object_size+0x171/0x437 [ 540.272920][T28053] netlink_sendmsg+0x882/0xe10 [ 540.277684][T28053] ? aa_af_perm+0x260/0x260 [ 540.282174][T28053] ? netlink_unicast+0x740/0x740 [ 540.287115][T28053] ? netlink_unicast+0x740/0x740 [ 540.292048][T28053] sock_sendmsg+0xcf/0x120 [ 540.296472][T28053] ____sys_sendmsg+0x6b9/0x7d0 [ 540.301231][T28053] ? kernel_sendmsg+0x50/0x50 [ 540.305915][T28053] ___sys_sendmsg+0x100/0x170 [ 540.310592][T28053] ? sendmsg_copy_msghdr+0x70/0x70 [ 540.315716][T28053] ? __fget_files+0x329/0x4f0 [ 540.320391][T28053] ? ksys_dup3+0x3c0/0x3c0 [ 540.324817][T28053] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 540.330524][T28053] ? retint_kernel+0x2b/0x2b [ 540.335106][T28053] ? __fget_light+0x208/0x270 [ 540.339774][T28053] __sys_sendmsg+0xec/0x1b0 [ 540.344263][T28053] ? __sys_sendmsg_sock+0xb0/0xb0 [ 540.349446][T28053] ? trace_hardirqs_off_caller+0x55/0x230 [ 540.355156][T28053] ? do_syscall_64+0x21/0x7d0 [ 540.359824][T28053] do_syscall_64+0xf6/0x7d0 [ 540.364328][T28053] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 540.370209][T28053] RIP: 0033:0x45c849 [ 540.374087][T28053] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 540.393675][T28053] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e 06:10:40 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x3000000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:40 executing program 0: r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:41 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x0, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 540.402069][T28053] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 540.410020][T28053] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 540.417970][T28053] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 540.425924][T28053] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 540.433887][T28053] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 540.488948][T28346] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 540.508771][T28346] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. 06:10:41 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60110011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:41 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700", 0x2c}], 0x1}, 0x0) 06:10:41 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x4000000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:41 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="11002abd700000000000100000000322aae3e4ff358ff778aca075ad070ae7913f535531ae361e6894dec1e6a26ace5e60e8827fce2832b15033ba3b722ac202441600305ed14013a683c28208bbcd45f5c968213b0cc96c137274a1990a1a8acacdd9b9"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket(0x1, 0x1, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r5, 0x8983, &(0x7f0000000140)={0x0, 'syzkaller1\x00', {0x804}}) setsockopt$inet6_int(r5, 0x29, 0x4c, &(0x7f0000000540)=0x4, 0x4) execve(&(0x7f0000000300)='./file0\x00', &(0x7f00000003c0)=[&(0x7f0000000340)='sip\x00'], &(0x7f0000000480)=[&(0x7f0000000400)='IPVS\x00']) r6 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 540.673390][T28346] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 540.673390][T28346] !' [ 540.703485][T28346] CPU: 0 PID: 28346 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 540.712185][T28346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 540.722240][T28346] Call Trace: [ 540.725554][T28346] dump_stack+0x188/0x20d [ 540.729897][T28346] sysfs_warn_dup.cold+0x1c/0x2d [ 540.734845][T28346] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 540.740918][T28346] sysfs_create_link+0x61/0xc0 [ 540.745693][T28346] device_add+0x71c/0x1bc0 [ 540.750126][T28346] ? ieee80211_set_bitrate_flags+0x81/0x5c0 [ 540.756029][T28346] ? uevent_show+0x360/0x360 [ 540.760643][T28346] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 540.766637][T28346] wiphy_register+0x1c46/0x2720 [ 540.771507][T28346] ? wiphy_unregister+0xf90/0xf90 [ 540.776545][T28346] ? retint_kernel+0x2b/0x2b [ 540.781168][T28346] ? ieee80211_register_hw+0x13b6/0x3760 [ 540.786816][T28346] ieee80211_register_hw+0x141d/0x3760 [ 540.792300][T28346] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 540.797808][T28346] ? __hrtimer_init+0x5c/0x260 [ 540.802588][T28346] ? __sanitizer_cov_trace_const_cmp4+0x4/0x20 [ 540.808759][T28346] ? __hrtimer_init+0x134/0x260 [ 540.813628][T28346] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 540.819357][T28346] ? lockdep_hardirqs_on+0x417/0x5d0 [ 540.824672][T28346] ? hwsim_register_received_nl+0x400/0x400 [ 540.830582][T28346] hwsim_new_radio_nl+0x905/0xf60 [ 540.835614][T28346] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 540.841515][T28346] ? cap_capable+0x1eb/0x250 [ 540.846133][T28346] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 540.852461][T28346] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 540.858802][T28346] genl_rcv_msg+0x627/0xdf0 [ 540.863329][T28346] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 540.869693][T28346] ? mark_held_locks+0x9f/0xe0 [ 540.874473][T28346] netlink_rcv_skb+0x15a/0x410 [ 540.879247][T28346] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 540.885580][T28346] ? netlink_ack+0xa80/0xa80 [ 540.890177][T28346] ? retint_kernel+0x2b/0x2b [ 540.894805][T28346] ? down_read+0x110/0x420 [ 540.899229][T28346] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 540.905569][T28346] genl_rcv+0x24/0x40 [ 540.909559][T28346] netlink_unicast+0x537/0x740 [ 540.914347][T28346] ? netlink_attachskb+0x810/0x810 [ 540.919459][T28346] ? _copy_from_iter_full+0x25c/0x870 [ 540.924822][T28346] ? __phys_addr_symbol+0x2c/0x70 [ 540.929836][T28346] ? __check_object_size+0x171/0x437 [ 540.935163][T28346] netlink_sendmsg+0x882/0xe10 [ 540.939944][T28346] ? aa_af_perm+0x260/0x260 [ 540.944457][T28346] ? netlink_unicast+0x740/0x740 [ 540.949414][T28346] ? netlink_unicast+0x740/0x740 [ 540.954369][T28346] sock_sendmsg+0xcf/0x120 [ 540.958793][T28346] ____sys_sendmsg+0x6b9/0x7d0 [ 540.963570][T28346] ? kernel_sendmsg+0x50/0x50 [ 540.968252][T28346] ? mark_lock+0xbc/0x1220 [ 540.972676][T28346] ___sys_sendmsg+0x100/0x170 [ 540.977341][T28346] ? sendmsg_copy_msghdr+0x70/0x70 [ 540.982445][T28346] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 540.987910][T28346] ? lockdep_hardirqs_on+0x417/0x5d0 [ 540.993180][T28346] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 540.998628][T28346] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 541.004336][T28346] ? retint_kernel+0x2b/0x2b [ 541.008930][T28346] ? __fget_light+0x208/0x270 [ 541.013599][T28346] ? __sanitizer_cov_trace_pc+0x44/0x50 [ 541.019141][T28346] ? __fget_light+0x208/0x270 [ 541.023825][T28346] __sys_sendmsg+0xec/0x1b0 [ 541.028322][T28346] ? __sys_sendmsg_sock+0xb0/0xb0 [ 541.033346][T28346] ? do_syscall_64+0x4f/0x7d0 [ 541.038007][T28346] do_syscall_64+0xf6/0x7d0 [ 541.042504][T28346] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 541.048386][T28346] RIP: 0033:0x45c849 [ 541.052278][T28346] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 541.071860][T28346] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 541.080252][T28346] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 [ 541.088212][T28346] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 541.096162][T28346] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 541.104111][T28346] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 541.112065][T28346] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c 06:10:41 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(0x0) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:41 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x0, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:41 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$char_usb(r0, &(0x7f0000000300)="4abbfcdcededfa2965e24aaa7b2d37f868db57fa1d451659de8feb245e21c3324c47a845d482dd1d5cbba45e4b9f1b57a1903f53e32641501ded67ac79f1abd6633eaf6762b3c5a698c2d6270a", 0x4d) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:41 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1", 0x2d}], 0x1}, 0x0) [ 541.138822][T28696] netlink: 'syz-executor.4': attribute type 23 has an invalid length. [ 541.174909][T28696] netlink: 151480 bytes leftover after parsing attributes in process `syz-executor.4'. 06:10:42 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0xa000000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 541.226733][T28984] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 541.266465][T28984] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. 06:10:42 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x0, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 541.392633][T28984] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 541.392633][T28984] !' [ 541.410006][T28984] CPU: 1 PID: 28984 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 541.418690][T28984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 541.428737][T28984] Call Trace: [ 541.432030][T28984] dump_stack+0x188/0x20d [ 541.436372][T28984] sysfs_warn_dup.cold+0x1c/0x2d [ 541.441335][T28984] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 541.447413][T28984] sysfs_create_link+0x61/0xc0 [ 541.452188][T28984] device_add+0x71c/0x1bc0 [ 541.456629][T28984] ? ieee80211_set_bitrate_flags+0x134/0x5c0 [ 541.462623][T28984] ? uevent_show+0x360/0x360 [ 541.467231][T28984] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 541.473226][T28984] wiphy_register+0x1c46/0x2720 [ 541.478090][T28984] ? wiphy_unregister+0xf90/0xf90 [ 541.483113][T28984] ? retint_kernel+0x2b/0x2b [ 541.487718][T28984] ? ieee80211_register_hw+0x1283/0x3760 [ 541.493361][T28984] ieee80211_register_hw+0x141d/0x3760 [ 541.498860][T28984] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 541.504325][T28984] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 541.509876][T28984] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 541.515853][T28984] ? memset+0x20/0x40 [ 541.519835][T28984] ? __hrtimer_init+0x134/0x260 [ 541.524729][T28984] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 541.530477][T28984] ? hwsim_register_received_nl+0x400/0x400 [ 541.536370][T28984] ? __nla_validate_parse+0x172/0x1cd0 [ 541.541847][T28984] hwsim_new_radio_nl+0x905/0xf60 [ 541.546872][T28984] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 541.552340][T28984] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 541.558243][T28984] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 541.563998][T28984] genl_rcv_msg+0x627/0xdf0 [ 541.568523][T28984] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 541.574881][T28984] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 541.580706][T28984] netlink_rcv_skb+0x15a/0x410 [ 541.585485][T28984] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 541.591819][T28984] ? netlink_ack+0xa80/0xa80 [ 541.596440][T28984] genl_rcv+0x24/0x40 [ 541.600426][T28984] netlink_unicast+0x537/0x740 [ 541.605205][T28984] ? netlink_attachskb+0x810/0x810 [ 541.610322][T28984] ? _copy_from_iter_full+0x25c/0x870 [ 541.615701][T28984] ? __phys_addr_symbol+0x2c/0x70 [ 541.620732][T28984] ? __check_object_size+0x171/0x437 [ 541.626032][T28984] netlink_sendmsg+0x882/0xe10 [ 541.630804][T28984] ? aa_af_perm+0x260/0x260 [ 541.635312][T28984] ? netlink_unicast+0x740/0x740 [ 541.640276][T28984] ? netlink_unicast+0x740/0x740 [ 541.645214][T28984] sock_sendmsg+0xcf/0x120 [ 541.649639][T28984] ____sys_sendmsg+0x6b9/0x7d0 [ 541.654416][T28984] ? kernel_sendmsg+0x50/0x50 [ 541.659109][T28984] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 541.664590][T28984] ___sys_sendmsg+0x100/0x170 [ 541.669291][T28984] ? sendmsg_copy_msghdr+0x70/0x70 [ 541.674424][T28984] ? __fget_files+0x329/0x4f0 [ 541.679118][T28984] ? ksys_dup3+0x3c0/0x3c0 [ 541.683556][T28984] ? lock_acquire+0x197/0x420 [ 541.688237][T28984] ? __might_fault+0xef/0x1d0 [ 541.692925][T28984] ? __fget_light+0x208/0x270 [ 541.697616][T28984] __sys_sendmsg+0xec/0x1b0 [ 541.702127][T28984] ? __sys_sendmsg_sock+0xb0/0xb0 [ 541.707182][T28984] ? do_syscall_64+0xbc/0x7d0 [ 541.711870][T28984] do_syscall_64+0xf6/0x7d0 [ 541.716384][T28984] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 541.722278][T28984] RIP: 0033:0x45c849 06:10:42 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60120011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 541.726180][T28984] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 541.745780][T28984] RSP: 002b:00007f08170fec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 541.754207][T28984] RAX: ffffffffffffffda RBX: 00007f08170ff6d4 RCX: 000000000045c849 [ 541.762180][T28984] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 541.770149][T28984] RBP: 000000000076bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 541.778118][T28984] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 541.786085][T28984] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bfac 06:10:42 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0xe000000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:42 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(0x0) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 541.833599][T29223] netlink: 'syz-executor.4': attribute type 23 has an invalid length. [ 541.842367][T29223] netlink: 151480 bytes leftover after parsing attributes in process `syz-executor.4'. 06:10:42 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1", 0x2d}], 0x1}, 0x0) 06:10:42 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:42 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x14000000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:42 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60280011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 542.051894][T29335] netlink: 'syz-executor.3': attribute type 8 has an invalid length. 06:10:42 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1", 0x2d}], 0x1}, 0x0) [ 542.107769][T29335] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. 06:10:42 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:43 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x19000000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 542.253111][T29335] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 542.253111][T29335] !' [ 542.294647][T29335] CPU: 1 PID: 29335 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 542.303463][T29335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 542.313521][T29335] Call Trace: [ 542.316828][T29335] dump_stack+0x188/0x20d [ 542.321286][T29335] sysfs_warn_dup.cold+0x1c/0x2d [ 542.326236][T29335] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 542.332443][T29335] sysfs_create_link+0x61/0xc0 [ 542.337214][T29335] device_add+0x71c/0x1bc0 [ 542.341646][T29335] ? uevent_show+0x360/0x360 [ 542.346256][T29335] wiphy_register+0x1c46/0x2720 [ 542.351131][T29335] ? wiphy_unregister+0xf90/0xf90 [ 542.356158][T29335] ? ieee80211_cs_list_valid+0x23/0x280 [ 542.361708][T29335] ? ieee80211_cs_list_valid+0x1aa/0x280 [ 542.367350][T29335] ? ieee80211_cs_list_valid+0x198/0x280 [ 542.372990][T29335] ieee80211_register_hw+0x141d/0x3760 [ 542.378467][T29335] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 542.383931][T29335] ? retint_kernel+0x2b/0x2b [ 542.388549][T29335] ? __hrtimer_init+0x134/0x260 06:10:43 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 542.393402][T29335] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 542.399144][T29335] ? hwsim_register_received_nl+0x400/0x400 [ 542.405050][T29335] hwsim_new_radio_nl+0x905/0xf60 [ 542.410076][T29335] ? lockdep_hardirqs_on+0x417/0x5d0 [ 542.415372][T29335] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 542.421296][T29335] genl_rcv_msg+0x627/0xdf0 [ 542.425818][T29335] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 542.432173][T29335] ? ___preempt_schedule+0x16/0x18 [ 542.437303][T29335] netlink_rcv_skb+0x15a/0x410 [ 542.442076][T29335] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 542.448412][T29335] ? netlink_ack+0xa80/0xa80 [ 542.453031][T29335] genl_rcv+0x24/0x40 [ 542.457023][T29335] netlink_unicast+0x537/0x740 [ 542.461801][T29335] ? netlink_attachskb+0x810/0x810 [ 542.466910][T29335] ? _copy_from_iter_full+0x25c/0x870 [ 542.472285][T29335] ? __phys_addr_symbol+0x2c/0x70 [ 542.477323][T29335] ? __check_object_size+0x171/0x437 [ 542.482620][T29335] netlink_sendmsg+0x882/0xe10 [ 542.487396][T29335] ? aa_af_perm+0x260/0x260 [ 542.491903][T29335] ? netlink_unicast+0x740/0x740 [ 542.496866][T29335] ? netlink_unicast+0x740/0x740 [ 542.501810][T29335] sock_sendmsg+0xcf/0x120 [ 542.506238][T29335] ____sys_sendmsg+0x6b9/0x7d0 [ 542.511008][T29335] ? kernel_sendmsg+0x50/0x50 [ 542.515695][T29335] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 542.521181][T29335] ___sys_sendmsg+0x100/0x170 [ 542.525870][T29335] ? sendmsg_copy_msghdr+0x70/0x70 [ 542.530999][T29335] ? __fget_files+0xc3/0x4f0 [ 542.535603][T29335] ? __fget_files+0x329/0x4f0 [ 542.540301][T29335] ? ksys_dup3+0x3c0/0x3c0 06:10:43 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 542.544717][T29335] ? lock_acquire+0x197/0x420 [ 542.549392][T29335] ? __might_fault+0xef/0x1d0 [ 542.554083][T29335] ? __fget_light+0x208/0x270 [ 542.558772][T29335] __sys_sendmsg+0xec/0x1b0 [ 542.563280][T29335] ? __sys_sendmsg_sock+0xb0/0xb0 [ 542.568309][T29335] ? __x64_sys_futex+0x380/0x4f0 [ 542.573268][T29335] ? trace_hardirqs_off_caller+0x55/0x230 [ 542.579018][T29335] ? do_syscall_64+0x21/0x7d0 [ 542.583731][T29335] do_syscall_64+0xf6/0x7d0 [ 542.588246][T29335] entry_SYSCALL_64_after_hwframe+0x49/0xbe 06:10:43 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 542.594139][T29335] RIP: 0033:0x45c849 [ 542.598031][T29335] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 542.617630][T29335] RSP: 002b:00007f08170fec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 542.626047][T29335] RAX: ffffffffffffffda RBX: 00007f08170ff6d4 RCX: 000000000045c849 [ 542.634018][T29335] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008 [ 542.641995][T29335] RBP: 000000000076bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 542.649968][T29335] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 542.657946][T29335] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bfac 06:10:43 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 543.032682][T29343] netlink: 212900 bytes leftover after parsing attributes in process `syz-executor.4'. [ 543.058854][T29343] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 543.058854][T29343] !' [ 543.072720][T29343] CPU: 1 PID: 29343 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 06:10:43 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(0x0) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:43 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x28000000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:43 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, 0x0, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 543.081406][T29343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 543.091463][T29343] Call Trace: [ 543.094782][T29343] dump_stack+0x188/0x20d [ 543.099131][T29343] sysfs_warn_dup.cold+0x1c/0x2d [ 543.104082][T29343] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 543.110162][T29343] sysfs_create_link+0x61/0xc0 [ 543.114934][T29343] device_add+0x71c/0x1bc0 [ 543.119363][T29343] ? uevent_show+0x360/0x360 [ 543.123968][T29343] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 543.129962][T29343] wiphy_register+0x1c46/0x2720 [ 543.134817][T29343] ? wiphy_unregister+0xf90/0xf90 [ 543.139832][T29343] ? __kmalloc+0x629/0x7a0 [ 543.144254][T29343] ? ieee80211_register_hw+0xbea/0x3760 [ 543.149799][T29343] ? ieee80211_cs_list_valid+0x198/0x280 [ 543.155419][T29343] ieee80211_register_hw+0x141d/0x3760 [ 543.160877][T29343] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 543.166323][T29343] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 543.171851][T29343] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 543.177819][T29343] ? memset+0x20/0x40 [ 543.181798][T29343] ? __hrtimer_init+0x134/0x260 [ 543.186638][T29343] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 543.192341][T29343] ? vprintk_func+0x81/0x17e [ 543.196934][T29343] ? hwsim_register_received_nl+0x400/0x400 [ 543.202826][T29343] hwsim_new_radio_nl+0x905/0xf60 [ 543.207852][T29343] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 543.213727][T29343] ? cap_capable+0x1eb/0x250 [ 543.218314][T29343] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 543.224623][T29343] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 543.230958][T29343] genl_rcv_msg+0x627/0xdf0 [ 543.235475][T29343] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 543.241799][T29343] ? retint_kernel+0x2b/0x2b [ 543.246403][T29343] netlink_rcv_skb+0x15a/0x410 [ 543.251262][T29343] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 543.257675][T29343] ? netlink_ack+0xa80/0xa80 [ 543.262266][T29343] genl_rcv+0x24/0x40 [ 543.266232][T29343] netlink_unicast+0x537/0x740 [ 543.270997][T29343] ? netlink_attachskb+0x810/0x810 [ 543.276086][T29343] ? _copy_from_iter_full+0x25c/0x870 [ 543.281444][T29343] ? __phys_addr_symbol+0x2c/0x70 [ 543.286454][T29343] ? __check_object_size+0x171/0x437 [ 543.291739][T29343] netlink_sendmsg+0x882/0xe10 [ 543.296504][T29343] ? aa_af_perm+0x260/0x260 [ 543.300993][T29343] ? netlink_unicast+0x740/0x740 [ 543.305931][T29343] ? netlink_unicast+0x740/0x740 [ 543.310868][T29343] sock_sendmsg+0xcf/0x120 [ 543.315270][T29343] ____sys_sendmsg+0x6b9/0x7d0 [ 543.320020][T29343] ? kernel_sendmsg+0x50/0x50 [ 543.324701][T29343] ? mark_lock+0xbc/0x1220 [ 543.329111][T29343] ___sys_sendmsg+0x100/0x170 [ 543.333772][T29343] ? sendmsg_copy_msghdr+0x70/0x70 [ 543.338881][T29343] ? __fget_files+0x329/0x4f0 [ 543.343548][T29343] ? ksys_dup3+0x3c0/0x3c0 [ 543.347947][T29343] ? lock_acquire+0x197/0x420 [ 543.352607][T29343] ? __might_fault+0xef/0x1d0 [ 543.357275][T29343] ? __fget_light+0x208/0x270 [ 543.361946][T29343] __sys_sendmsg+0xec/0x1b0 [ 543.366458][T29343] ? __sys_sendmsg_sock+0xb0/0xb0 [ 543.371489][T29343] ? do_syscall_64+0x4f/0x7d0 [ 543.376162][T29343] do_syscall_64+0xf6/0x7d0 [ 543.380659][T29343] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 543.386532][T29343] RIP: 0033:0x45c849 [ 543.390411][T29343] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 543.410000][T29343] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 543.418394][T29343] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 543.426349][T29343] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 543.434301][T29343] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 543.442255][T29343] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 543.450214][T29343] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:44 executing program 5: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(0x0) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:44 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc602f0011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:44 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, 0x0, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:44 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x60000000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 543.723688][T29581] netlink: 'syz-executor.5': attribute type 8 has an invalid length. 06:10:44 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, 0x0, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 543.816208][T29581] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.5'. 06:10:44 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x8d030000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 543.913095][T29581] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 543.913095][T29581] !' 06:10:44 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 543.975608][T29581] CPU: 1 PID: 29581 Comm: syz-executor.5 Not tainted 5.6.0-rc7-syzkaller #0 [ 543.984296][T29581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 543.994353][T29581] Call Trace: [ 543.997655][T29581] dump_stack+0x188/0x20d [ 544.002003][T29581] sysfs_warn_dup.cold+0x1c/0x2d [ 544.006955][T29581] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 544.013034][T29581] sysfs_create_link+0x61/0xc0 [ 544.017824][T29581] device_add+0x71c/0x1bc0 [ 544.022256][T29581] ? uevent_show+0x360/0x360 [ 544.026872][T29581] wiphy_register+0x1c46/0x2720 [ 544.031747][T29581] ? wiphy_unregister+0xf90/0xf90 [ 544.036791][T29581] ? ieee80211_register_hw+0x13b6/0x3760 [ 544.042465][T29581] ieee80211_register_hw+0x141d/0x3760 [ 544.047943][T29581] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 544.053426][T29581] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 544.058975][T29581] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 544.064970][T29581] ? memset+0x20/0x40 [ 544.068961][T29581] ? __hrtimer_init+0x134/0x260 06:10:44 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = dup2(r5, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000001800)='NLBL_CALIPSO\x00') sendmsg$NLBL_CALIPSO_C_REMOVE(0xffffffffffffffff, &(0x7f0000002540)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000002500)={&(0x7f00000006c0)=ANY=[@ANYBLOB="1210003af74d8e6fb5055b8514a5e5b5ea163ff513910896f6d8050c4e27f5f50d550f249bae234e53d3cbb8f0101b5296c0e4215ae3995ba27044767e21bc54f56d4012e263cfe07a830bba70d8cd07605ac370afa96dc5", @ANYRES16=r7, @ANYBLOB="000826bd7000fddbdf2502000000080002000200000008000200020000000800020002000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x4048000) sendmsg$NLBL_CALIPSO_C_ADD(r6, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0009a51bb71ab66da75882f5062c", @ANYRES16=r7, @ANYBLOB="040029bd7000fddbdf250100000008000200020000000800010002000000080001000000000008000200020000000800020002000000"], 0x3c}, 0x1, 0x0, 0x0, 0x4000008}, 0x81) sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="70000100", @ANYRES16=r3, @ANYBLOB="00002abd7000fcdbdf2509000000080005000000000008000400030000004c0001800c00070010000000160000000700060073680000060001000a000000080009000000000014000300ac1414bb00000000000000000000000008000b00736970000800080002000000"], 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 544.073825][T29581] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 544.079542][T29581] ? lockdep_hardirqs_on+0x417/0x5d0 [ 544.084848][T29581] ? hwsim_register_received_nl+0x400/0x400 [ 544.090757][T29581] hwsim_new_radio_nl+0x905/0xf60 [ 544.095795][T29581] ? retint_kernel+0x2b/0x2b [ 544.100403][T29581] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 544.106318][T29581] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 544.112650][T29581] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 544.118991][T29581] genl_rcv_msg+0x627/0xdf0 [ 544.123510][T29581] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 544.129862][T29581] ? lockdep_hardirqs_on+0x417/0x5d0 [ 544.135148][T29581] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 544.140618][T29581] netlink_rcv_skb+0x15a/0x410 [ 544.145395][T29581] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 544.151727][T29581] ? netlink_ack+0xa80/0xa80 [ 544.156352][T29581] genl_rcv+0x24/0x40 [ 544.160341][T29581] netlink_unicast+0x537/0x740 [ 544.165119][T29581] ? netlink_attachskb+0x810/0x810 [ 544.170229][T29581] ? _copy_from_iter_full+0x25c/0x870 06:10:44 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 544.175610][T29581] ? __phys_addr_symbol+0x2c/0x70 [ 544.180746][T29581] ? __check_object_size+0x171/0x437 [ 544.186056][T29581] netlink_sendmsg+0x882/0xe10 [ 544.190837][T29581] ? aa_af_perm+0x260/0x260 [ 544.195361][T29581] ? netlink_unicast+0x740/0x740 [ 544.200320][T29581] ? netlink_unicast+0x740/0x740 [ 544.205271][T29581] sock_sendmsg+0xcf/0x120 [ 544.209700][T29581] ____sys_sendmsg+0x6b9/0x7d0 [ 544.214472][T29581] ? kernel_sendmsg+0x50/0x50 [ 544.219158][T29581] ? mark_lock+0xbc/0x1220 [ 544.223595][T29581] ___sys_sendmsg+0x100/0x170 [ 544.228284][T29581] ? sendmsg_copy_msghdr+0x70/0x70 [ 544.233420][T29581] ? __fget_files+0x329/0x4f0 [ 544.238133][T29581] ? ksys_dup3+0x3c0/0x3c0 [ 544.242552][T29581] ? lock_acquire+0x197/0x420 [ 544.247234][T29581] ? __might_fault+0xef/0x1d0 [ 544.251922][T29581] ? __fget_light+0x208/0x270 [ 544.256607][T29581] __sys_sendmsg+0xec/0x1b0 [ 544.261112][T29581] ? __sys_sendmsg_sock+0xb0/0xb0 [ 544.266131][T29581] ? __x64_sys_futex+0x380/0x4f0 [ 544.271104][T29581] ? trace_hardirqs_off_caller+0x55/0x230 [ 544.276821][T29581] ? do_syscall_64+0x21/0x7d0 [ 544.281501][T29581] do_syscall_64+0xf6/0x7d0 [ 544.286016][T29581] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 544.291909][T29581] RIP: 0033:0x45c849 [ 544.295814][T29581] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 544.315421][T29581] RSP: 002b:00007fd76ecbfc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 544.323840][T29581] RAX: ffffffffffffffda RBX: 00007fd76ecc06d4 RCX: 000000000045c849 [ 544.331820][T29581] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 544.339796][T29581] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 544.347774][T29581] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 544.355744][T29581] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 544.392947][T29589] netlink: 212892 bytes leftover after parsing attributes in process `syz-executor.4'. [ 544.431942][T29589] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 544.431942][T29589] !' [ 544.473686][T29589] CPU: 1 PID: 29589 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 544.482374][T29589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 544.492429][T29589] Call Trace: [ 544.495748][T29589] dump_stack+0x188/0x20d [ 544.500097][T29589] sysfs_warn_dup.cold+0x1c/0x2d [ 544.505050][T29589] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 544.511126][T29589] sysfs_create_link+0x61/0xc0 [ 544.515897][T29589] device_add+0x71c/0x1bc0 [ 544.520335][T29589] ? uevent_show+0x360/0x360 [ 544.524939][T29589] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 544.530969][T29589] wiphy_register+0x1c46/0x2720 [ 544.535851][T29589] ? wiphy_unregister+0xf90/0xf90 [ 544.540893][T29589] ? __kmalloc+0x629/0x7a0 [ 544.545317][T29589] ? ieee80211_register_hw+0xbea/0x3760 [ 544.550876][T29589] ? ieee80211_cs_list_valid+0x198/0x280 [ 544.556525][T29589] ieee80211_register_hw+0x141d/0x3760 [ 544.562036][T29589] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 544.567504][T29589] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 544.573062][T29589] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 544.579053][T29589] ? memset+0x20/0x40 [ 544.583041][T29589] ? __hrtimer_init+0x134/0x260 [ 544.588007][T29589] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 544.593733][T29589] ? vprintk_func+0x81/0x17e [ 544.598354][T29589] ? hwsim_register_received_nl+0x400/0x400 [ 544.604270][T29589] hwsim_new_radio_nl+0x905/0xf60 [ 544.609314][T29589] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 544.615194][T29589] ? cap_capable+0x1eb/0x250 [ 544.619791][T29589] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 544.626114][T29589] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 544.632438][T29589] genl_rcv_msg+0x627/0xdf0 [ 544.636956][T29589] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 544.643280][T29589] ? ___preempt_schedule+0x16/0x18 [ 544.648388][T29589] netlink_rcv_skb+0x15a/0x410 [ 544.653132][T29589] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 544.659454][T29589] ? netlink_ack+0xa80/0xa80 [ 544.664044][T29589] genl_rcv+0x24/0x40 [ 544.668006][T29589] netlink_unicast+0x537/0x740 [ 544.672761][T29589] ? netlink_attachskb+0x810/0x810 [ 544.677861][T29589] ? _copy_from_iter_full+0x25c/0x870 [ 544.683235][T29589] ? __phys_addr_symbol+0x2c/0x70 [ 544.688247][T29589] ? __check_object_size+0x171/0x437 [ 544.693516][T29589] netlink_sendmsg+0x882/0xe10 [ 544.698278][T29589] ? aa_af_perm+0x260/0x260 [ 544.702777][T29589] ? netlink_unicast+0x740/0x740 [ 544.707699][T29589] ? netlink_unicast+0x740/0x740 [ 544.712613][T29589] sock_sendmsg+0xcf/0x120 [ 544.717010][T29589] ____sys_sendmsg+0x6b9/0x7d0 [ 544.721771][T29589] ? kernel_sendmsg+0x50/0x50 [ 544.726440][T29589] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 544.731906][T29589] ___sys_sendmsg+0x100/0x170 [ 544.736571][T29589] ? sendmsg_copy_msghdr+0x70/0x70 [ 544.741685][T29589] ? __fget_files+0x38d/0x4f0 [ 544.746364][T29589] ? __fget_files+0x329/0x4f0 [ 544.751031][T29589] ? ksys_dup3+0x3c0/0x3c0 [ 544.755423][T29589] ? lock_acquire+0x197/0x420 [ 544.760090][T29589] ? __might_fault+0xef/0x1d0 [ 544.764779][T29589] ? __fget_light+0x208/0x270 [ 544.769452][T29589] __sys_sendmsg+0xec/0x1b0 [ 544.773932][T29589] ? __sys_sendmsg_sock+0xb0/0xb0 [ 544.778969][T29589] ? trace_hardirqs_off_caller+0x55/0x230 [ 544.784696][T29589] ? do_syscall_64+0x21/0x7d0 [ 544.789462][T29589] do_syscall_64+0xf6/0x7d0 [ 544.793964][T29589] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 544.799843][T29589] RIP: 0033:0x45c849 [ 544.803731][T29589] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 544.823310][T29589] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 544.831699][T29589] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 544.839667][T29589] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 544.847638][T29589] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 544.855597][T29589] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 544.863567][T29589] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 544.877259][T29591] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 544.891959][T29591] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 544.905484][T29591] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 544.905484][T29591] !' [ 544.918237][T29591] CPU: 1 PID: 29591 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 544.926924][T29591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 544.936973][T29591] Call Trace: [ 544.940270][T29591] dump_stack+0x188/0x20d [ 544.944959][T29591] sysfs_warn_dup.cold+0x1c/0x2d [ 544.949903][T29591] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 544.955963][T29591] sysfs_create_link+0x61/0xc0 [ 544.960721][T29591] device_add+0x71c/0x1bc0 [ 544.965159][T29591] ? uevent_show+0x360/0x360 [ 544.969749][T29591] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 544.975723][T29591] wiphy_register+0x1c46/0x2720 [ 544.980566][T29591] ? wiphy_unregister+0xf90/0xf90 [ 544.985576][T29591] ? __kmalloc+0x629/0x7a0 [ 544.989982][T29591] ? ieee80211_register_hw+0xbea/0x3760 [ 544.995520][T29591] ? ieee80211_cs_list_valid+0x198/0x280 [ 545.001134][T29591] ieee80211_register_hw+0x141d/0x3760 [ 545.006607][T29591] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 545.012067][T29591] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 545.017618][T29591] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 545.023604][T29591] ? memset+0x20/0x40 [ 545.027577][T29591] ? __hrtimer_init+0x134/0x260 [ 545.032420][T29591] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 545.038123][T29591] ? vprintk_func+0x81/0x17e [ 545.042712][T29591] ? hwsim_register_received_nl+0x400/0x400 [ 545.048615][T29591] hwsim_new_radio_nl+0x905/0xf60 [ 545.053630][T29591] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 545.059544][T29591] ? cap_capable+0x1eb/0x250 [ 545.064127][T29591] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 545.070459][T29591] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 545.076786][T29591] genl_rcv_msg+0x627/0xdf0 [ 545.081279][T29591] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 545.087611][T29591] ? retint_kernel+0x2b/0x2b [ 545.092202][T29591] netlink_rcv_skb+0x15a/0x410 [ 545.096947][T29591] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 545.103252][T29591] ? netlink_ack+0xa80/0xa80 [ 545.107859][T29591] genl_rcv+0x24/0x40 [ 545.111831][T29591] netlink_unicast+0x537/0x740 [ 545.116574][T29591] ? netlink_attachskb+0x810/0x810 [ 545.121666][T29591] ? _copy_from_iter_full+0x25c/0x870 [ 545.127016][T29591] ? __phys_addr_symbol+0x2c/0x70 [ 545.132017][T29591] ? __check_object_size+0x171/0x437 [ 545.137286][T29591] netlink_sendmsg+0x882/0xe10 [ 545.142033][T29591] ? aa_af_perm+0x260/0x260 [ 545.146555][T29591] ? netlink_unicast+0x740/0x740 [ 545.151510][T29591] ? netlink_unicast+0x740/0x740 [ 545.156439][T29591] sock_sendmsg+0xcf/0x120 [ 545.160837][T29591] ____sys_sendmsg+0x6b9/0x7d0 [ 545.165616][T29591] ? kernel_sendmsg+0x50/0x50 [ 545.170286][T29591] ? mark_lock+0xbc/0x1220 [ 545.174702][T29591] ___sys_sendmsg+0x100/0x170 [ 545.179370][T29591] ? sendmsg_copy_msghdr+0x70/0x70 [ 545.184481][T29591] ? __fget_files+0x329/0x4f0 [ 545.189157][T29591] ? ksys_dup3+0x3c0/0x3c0 [ 545.193560][T29591] ? lock_acquire+0x197/0x420 [ 545.198223][T29591] ? __might_fault+0xef/0x1d0 [ 545.202927][T29591] ? __fget_light+0x208/0x270 [ 545.207617][T29591] __sys_sendmsg+0xec/0x1b0 [ 545.212123][T29591] ? __sys_sendmsg_sock+0xb0/0xb0 [ 545.217124][T29591] ? __x64_sys_futex+0x380/0x4f0 [ 545.222048][T29591] ? trace_hardirqs_off_caller+0x55/0x230 [ 545.227760][T29591] ? do_syscall_64+0x21/0x7d0 [ 545.232443][T29591] do_syscall_64+0xf6/0x7d0 [ 545.236936][T29591] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 545.242810][T29591] RIP: 0033:0x45c849 [ 545.246688][T29591] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 545.266285][T29591] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 545.274727][T29591] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 [ 545.282711][T29591] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 545.290668][T29591] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 545.298649][T29591] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 545.306607][T29591] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c 06:10:46 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(0x0) sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:46 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) fsetxattr$trusted_overlay_upper(r2, &(0x7f0000000300)='trusted.overlay.upper\x00', &(0x7f00000003c0)={0x0, 0xfb, 0x74, 0x2, 0x3f, "34ea7b262e5ccc895b5b1f85adee1071", "9ebcc5e8e2340f20ec107eac8799ad00f686d767379bd1471c7d505e4458ff77b4b6f5ca05483b16646bb8e851d558eea6f93305ce6d95f859fb639770b898f7916a0e22167927f60322d7274ffb5e6e3c779c06dfa3f180997d249c3112f3"}, 0x74, 0x2) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r4, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r6, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r3, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r5, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:46 executing program 5: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60110011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:46 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x9effffff}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:46 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:46 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60350011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 545.393971][T29822] netlink: 212884 bytes leftover after parsing attributes in process `syz-executor.4'. [ 545.429399][T29822] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 545.429399][T29822] !' [ 545.443926][T29822] CPU: 1 PID: 29822 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 545.452610][T29822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 545.462660][T29822] Call Trace: [ 545.465943][T29822] dump_stack+0x188/0x20d [ 545.470279][T29822] sysfs_warn_dup.cold+0x1c/0x2d [ 545.475256][T29822] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 545.481334][T29822] sysfs_create_link+0x61/0xc0 [ 545.486099][T29822] device_add+0x71c/0x1bc0 06:10:46 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0xf0ffffff}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 545.490525][T29822] ? uevent_show+0x360/0x360 [ 545.495131][T29822] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 545.501130][T29822] wiphy_register+0x1c46/0x2720 [ 545.506011][T29822] ? wiphy_unregister+0xf90/0xf90 [ 545.511042][T29822] ? __kmalloc+0x629/0x7a0 [ 545.515470][T29822] ? ieee80211_register_hw+0xbea/0x3760 [ 545.521023][T29822] ? ieee80211_cs_list_valid+0x198/0x280 [ 545.526672][T29822] ieee80211_register_hw+0x141d/0x3760 [ 545.532157][T29822] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 545.537633][T29822] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 545.543186][T29822] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 545.549171][T29822] ? memset+0x20/0x40 [ 545.553153][T29822] ? __hrtimer_init+0x134/0x260 [ 545.558013][T29822] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 545.563730][T29822] ? vprintk_func+0x81/0x17e [ 545.568343][T29822] ? hwsim_register_received_nl+0x400/0x400 [ 545.574243][T29822] hwsim_new_radio_nl+0x905/0xf60 [ 545.579272][T29822] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 545.585158][T29822] ? cap_capable+0x1eb/0x250 06:10:46 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, 0x0, 0x0) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 545.589757][T29822] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 545.596188][T29822] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 545.602524][T29822] genl_rcv_msg+0x627/0xdf0 [ 545.607054][T29822] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 545.613406][T29822] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 545.619236][T29822] netlink_rcv_skb+0x15a/0x410 [ 545.624007][T29822] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 545.630339][T29822] ? netlink_ack+0xa80/0xa80 [ 545.634958][T29822] genl_rcv+0x24/0x40 [ 545.638946][T29822] netlink_unicast+0x537/0x740 [ 545.643738][T29822] ? netlink_attachskb+0x810/0x810 [ 545.648865][T29822] ? _copy_from_iter_full+0x25c/0x870 [ 545.654236][T29822] ? __phys_addr_symbol+0x2c/0x70 [ 545.659269][T29822] ? __check_object_size+0x171/0x437 [ 545.664571][T29822] netlink_sendmsg+0x882/0xe10 [ 545.669349][T29822] ? aa_af_perm+0x260/0x260 [ 545.673861][T29822] ? netlink_unicast+0x740/0x740 [ 545.678834][T29822] ? netlink_unicast+0x740/0x740 [ 545.683783][T29822] sock_sendmsg+0xcf/0x120 [ 545.688215][T29822] ____sys_sendmsg+0x6b9/0x7d0 [ 545.693003][T29822] ? kernel_sendmsg+0x50/0x50 [ 545.697694][T29822] ? mark_lock+0xbc/0x1220 [ 545.702139][T29822] ___sys_sendmsg+0x100/0x170 [ 545.706823][T29822] ? sendmsg_copy_msghdr+0x70/0x70 [ 545.711960][T29822] ? __fget_files+0x329/0x4f0 [ 545.716656][T29822] ? ksys_dup3+0x3c0/0x3c0 [ 545.721075][T29822] ? lock_acquire+0x197/0x420 [ 545.725753][T29822] ? __might_fault+0xef/0x1d0 [ 545.730444][T29822] ? __fget_light+0x208/0x270 [ 545.735164][T29822] __sys_sendmsg+0xec/0x1b0 [ 545.739669][T29822] ? __sys_sendmsg_sock+0xb0/0xb0 [ 545.744698][T29822] ? __x64_sys_futex+0x380/0x4f0 [ 545.749666][T29822] ? trace_hardirqs_off_caller+0x55/0x230 [ 545.755396][T29822] ? do_syscall_64+0x21/0x7d0 [ 545.760084][T29822] do_syscall_64+0xf6/0x7d0 [ 545.764599][T29822] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 545.770523][T29822] RIP: 0033:0x45c849 [ 545.774421][T29822] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 06:10:46 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, 0x0, 0x0) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 545.794020][T29822] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 545.802438][T29822] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 545.810412][T29822] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 545.818390][T29822] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 545.826366][T29822] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 545.834338][T29822] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:46 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0xfffff000}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 545.882629][T29819] netlink: 'syz-executor.5': attribute type 23 has an invalid length. [ 545.899082][T29819] netlink: 151480 bytes leftover after parsing attributes in process `syz-executor.5'. 06:10:46 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3ac68167755928078bf0b39beb3e6c1fe52df38ca243a4b874d523df1", 0x1, 0x1, 0x5, 0x0, 0x4, 0x2, 0x4, 0x1}) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r5 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r3, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r5, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r4, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) setsockopt$inet_dccp_int(r1, 0x21, 0x3d, &(0x7f0000000300)=0x6, 0x4) [ 545.951108][T29894] netlink: 'syz-executor.3': attribute type 8 has an invalid length. 06:10:46 executing program 5: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60110011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 546.065963][T29894] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 546.065963][T29894] !' [ 546.113494][T29894] CPU: 0 PID: 29894 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 546.122176][T29894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 546.132233][T29894] Call Trace: [ 546.135546][T29894] dump_stack+0x188/0x20d [ 546.139898][T29894] sysfs_warn_dup.cold+0x1c/0x2d [ 546.144846][T29894] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 546.150914][T29894] sysfs_create_link+0x61/0xc0 [ 546.155694][T29894] device_add+0x71c/0x1bc0 [ 546.160215][T29894] ? ieee80211_set_bitrate_flags+0x324/0x5c0 [ 546.166201][T29894] ? uevent_show+0x360/0x360 [ 546.170793][T29894] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 546.176792][T29894] wiphy_register+0x1c46/0x2720 [ 546.181663][T29894] ? wiphy_unregister+0xf90/0xf90 [ 546.186717][T29894] ? retint_kernel+0x2b/0x2b [ 546.191324][T29894] ? ieee80211_cs_list_valid+0x198/0x280 [ 546.196966][T29894] ieee80211_register_hw+0x141d/0x3760 [ 546.202449][T29894] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 546.207933][T29894] ? retint_kernel+0x2b/0x2b [ 546.212525][T29894] ? __hrtimer_init+0x134/0x260 [ 546.217357][T29894] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 546.223068][T29894] ? hwsim_register_received_nl+0x400/0x400 [ 546.228959][T29894] hwsim_new_radio_nl+0x905/0xf60 [ 546.233971][T29894] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 546.239845][T29894] ? cap_capable+0x1eb/0x250 [ 546.244432][T29894] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 546.250734][T29894] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 546.257046][T29894] genl_rcv_msg+0x627/0xdf0 [ 546.261540][T29894] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 546.267864][T29894] ? lockdep_hardirqs_on+0x417/0x5d0 [ 546.273129][T29894] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 546.278571][T29894] netlink_rcv_skb+0x15a/0x410 [ 546.283327][T29894] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 546.289634][T29894] ? netlink_ack+0xa80/0xa80 [ 546.294224][T29894] genl_rcv+0x24/0x40 [ 546.298188][T29894] netlink_unicast+0x537/0x740 [ 546.302951][T29894] ? netlink_attachskb+0x810/0x810 [ 546.308043][T29894] ? _copy_from_iter_full+0x25c/0x870 [ 546.313409][T29894] ? __phys_addr_symbol+0x2c/0x70 [ 546.318422][T29894] ? __check_object_size+0x171/0x437 [ 546.323702][T29894] netlink_sendmsg+0x882/0xe10 [ 546.328454][T29894] ? aa_af_perm+0x260/0x260 [ 546.332937][T29894] ? netlink_unicast+0x740/0x740 [ 546.337864][T29894] ? netlink_unicast+0x740/0x740 [ 546.342785][T29894] sock_sendmsg+0xcf/0x120 [ 546.347217][T29894] ____sys_sendmsg+0x6b9/0x7d0 [ 546.351988][T29894] ? kernel_sendmsg+0x50/0x50 [ 546.356648][T29894] ? mark_lock+0xbc/0x1220 [ 546.361062][T29894] ___sys_sendmsg+0x100/0x170 [ 546.365732][T29894] ? sendmsg_copy_msghdr+0x70/0x70 [ 546.370852][T29894] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 546.376305][T29894] ? lockdep_hardirqs_on+0x417/0x5d0 [ 546.381575][T29894] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 546.387024][T29894] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 546.392721][T29894] ? retint_kernel+0x2b/0x2b [ 546.397298][T29894] ? sockfd_lookup_light+0xc6/0x170 [ 546.402481][T29894] __sys_sendmsg+0xec/0x1b0 [ 546.406964][T29894] ? __sys_sendmsg_sock+0xb0/0xb0 [ 546.411966][T29894] ? __x64_sys_futex+0x380/0x4f0 [ 546.416909][T29894] ? trace_hardirqs_off_caller+0x55/0x230 [ 546.422619][T29894] ? do_syscall_64+0x21/0x7d0 [ 546.427281][T29894] do_syscall_64+0xf6/0x7d0 [ 546.431767][T29894] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 546.437639][T29894] RIP: 0033:0x45c849 [ 546.441519][T29894] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 546.461102][T29894] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 546.469490][T29894] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 [ 546.477443][T29894] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 546.485395][T29894] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 546.493346][T29894] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 546.501298][T29894] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c 06:10:47 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, 0x0, 0x0) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:47 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0xffffff7f}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:47 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(0x0) sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:47 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc605a0011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 546.518367][T30044] netlink: 'syz-executor.5': attribute type 23 has an invalid length. [ 546.531215][T30044] __nla_validate_parse: 1 callbacks suppressed [ 546.531224][T30044] netlink: 151480 bytes leftover after parsing attributes in process `syz-executor.5'. 06:10:47 executing program 5: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60110011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 546.627181][T30096] netlink: 212848 bytes leftover after parsing attributes in process `syz-executor.4'. 06:10:47 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0xffffff9e}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:47 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vcs\x00', 0xa001, 0x0) ioctl$SNDRV_PCM_IOCTL_START(r1, 0x4142, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000300)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r4, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r5, 0x11, 0x70bd2a}, 0x14}}, 0x0) openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000340)='/dev/mISDNtimer\x00', 0x124040, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r3, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000a00)={0x70, r5, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e21}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x3a, 0x14}}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$alg(r2, &(0x7f00000009c0)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000480)="293eadfd537566b2ecc0cf93d15c17816debabdcea4e684090e07f832d89d550114dc0f248037f51dacb388b9ce3e2b6590358b43b79ed398290c272bef1b4d65fbc229e4c2cccf52da95f13ef901620be38b97d326cb5be801300de268c0a73194e4fee2acbcfa08c3daa09df6e4197be009aa357f1c3b12d3cb45395f593b2841ea0399537205344f0e2b678a4ce184bd67ce71f45b2e49cf91421f51adec569723f0115eb8b05f2cac55c4787d1917aeca772c585c357628f7ef5217bc9", 0xbf}, {&(0x7f00000003c0)="e172999e6bab74d8e3f586d703e8d41a6c7a0179ad755b528bade2bbb4ac5a5cddb611454449741e4268fa18efe3dce7ba57a6977919db2bc5cfbda2182fdc3fa7d3a9ece40e3a5d890f2d40160cd1b641f5231689303ab5e0ff135404092f36a4ce13d9f9dd5a768a4d0a0000ef90d0ca8978e2421b", 0x76}, {&(0x7f0000000540)="ea37b543f7a6eb38bde826f51368de5d4bce1a113a834ecd9386abcb89ba168c94230f7d279f6bc0532a32633c96e74a9caf6ea987c37893a8eea17f85955743f245f6d2ac50a6526ffc4598bce4320a21e98d4e8e151b8e58d28dc98b6266075bde6fa7f0f0722677458d822981a2d9b71275b45cea06a451f48f1ea89cde68196ddc2f6313870ae9c4577af1b90d0df9240cdfb8a6e50086997c69be9858cb8beec59841a77fcc519c9e", 0xab}, {&(0x7f0000000600)="00d369dfc626af8db2883b7a6083d01ffab3dee9dbaae1859ab82ac07a4d1dd24b38e2f00e9f0ba0be675501e9b755b7bae6e9506070117a8dbc00fbe7a17b249131e4e401f4da661c6e4b09eb5ec152450bea47d5411ed85623d0fb26a4122aded9745af4bd38c6591564e671503d4fff25bf79afda3a79304b2009", 0x7c}, {&(0x7f0000000680)="4989a95df13b91ea134b48aaa19273f31d166b782685bebbd5846bdbac6df35a50cee3dfd528ac2cb0a85a8ee9e97f1a4ca7a5c9139e64ae4a37b9db859f82f634c27af6ecf5906529aaf058e4fb4c023d8281ff441de8ceab3af5ce1cc32fabe646e84888af73ee64ad2b62db8708a72d6d60a2efb7be63d7471f95bebad0adaf7a0f442fbddde4172366eb974e821ab39021c883be8c9021ccb39d270665769ae457fb65ba6d24ce2d0d7db084d2b0ac5040595db97d", 0xb7}, {&(0x7f0000000740)="3000f46c952c2d9ab06dc05348452ce708bd7aa95dfdcdaf3f14a098ae4f3744d380904d34d3e095ae060337b81d0593aec967753f7f3defad971772239a786d2cbe51ca7f8a9bd90f520090bbabf1ba256f36921d986c2a89bdb2f544c121b71a5b849b70cd69a763757826744e8b9f0ee3beee882699fcb81b95191f5317e86643", 0x82}, {&(0x7f0000000340)}, {&(0x7f0000000800)="f373e424d9e7fc17cb408650283d0cc0579e06691c30d0e9fd1a8b4737e2ea871e306deda4ac463ee2e3709c49c50229382e3e5a5cc494b61d27a87344edd9388f4a303d46d47e66a0f22387453214b7d6edb3d6adce573d9bab79197804bd8c48343e381b7796c61ea72d45ae015503fec4d7941e81acd816d1d42a758cbdb94a65653c72243d8109ca7d5d2b2d85f9259f325895efc4f838a55bf863d9fda0181edbc6483c01c07f", 0xa9}], 0x8, &(0x7f0000000940)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x9}, @op={0x18}, @assoc={0x18, 0x117, 0x4, 0x5}, @assoc={0x18, 0x117, 0x4, 0x80}], 0x78, 0x20000050}, 0x81) r6 = socket$pptp(0x18, 0x1, 0x2) write$binfmt_aout(r6, &(0x7f0000000a80)={{0x1cb, 0x1, 0x1, 0x83, 0x1de, 0xfff, 0x28e, 0x9}, "d5dbf169b2ae066ef608efb01093717cb63d58c17b95e203d74ae05379d77f49e33fa3b20b878632eec953d9eb9e173490b725f67169fede6a500d3eb76e674a7d749c5073d03e1e5a75e79574193a1dcca4fc5ccb786a2a7b35193f95d87dd98a91964c019f27753e9ef5d332f9e40e0f853a88f3e6c8c27ce8a9d778c776bae38a3a4c2db42bff740cc0756122c7dea7063da56ef97af7d44d04946f05d7b421f3be806b89e1d01017384cffe3649dcaabda8a", [[], [], [], [], [], [], [], []]}, 0x8d4) r7 = socket$kcm(0x10, 0xf, 0x10) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 546.723547][T30096] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 546.723547][T30096] !' [ 546.796612][T30096] CPU: 0 PID: 30096 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 546.805397][T30096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 546.815464][T30096] Call Trace: [ 546.818767][T30096] dump_stack+0x188/0x20d [ 546.823118][T30096] sysfs_warn_dup.cold+0x1c/0x2d [ 546.828064][T30096] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 546.834141][T30096] sysfs_create_link+0x61/0xc0 [ 546.838911][T30096] device_add+0x71c/0x1bc0 [ 546.843341][T30096] ? ieee80211_set_bitrate_flags+0x350/0x5c0 [ 546.849329][T30096] ? uevent_show+0x360/0x360 [ 546.853923][T30096] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 546.859912][T30096] wiphy_register+0x1c46/0x2720 [ 546.864773][T30096] ? wiphy_unregister+0xf90/0xf90 [ 546.869807][T30096] ? __kmalloc+0x629/0x7a0 [ 546.874235][T30096] ? ieee80211_register_hw+0xbea/0x3760 [ 546.879782][T30096] ? cfg80211_chandef_create+0xd2/0x420 [ 546.885322][T30096] ? cfg80211_chandef_create+0x23a/0x420 [ 546.890955][T30096] ? __sanitizer_cov_trace_pc+0x22/0x50 [ 546.896505][T30096] ? ieee80211_cs_list_valid+0x198/0x280 [ 546.902154][T30096] ieee80211_register_hw+0x141d/0x3760 [ 546.907649][T30096] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 546.913132][T30096] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 546.918688][T30096] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 546.924704][T30096] ? memset+0x20/0x40 [ 546.928693][T30096] ? __hrtimer_init+0x134/0x260 [ 546.933569][T30096] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 546.939318][T30096] ? hwsim_register_received_nl+0x400/0x400 [ 546.945224][T30096] ? vprintk_func+0x81/0x17e [ 546.949808][T30096] ? __nla_validate_parse+0x15e/0x1cd0 [ 546.955380][T30096] hwsim_new_radio_nl+0x905/0xf60 [ 546.960415][T30096] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 546.966443][T30096] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 546.972773][T30096] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 546.979118][T30096] genl_rcv_msg+0x627/0xdf0 [ 546.983637][T30096] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 546.989971][T30096] ? lockdep_hardirqs_on+0x417/0x5d0 [ 546.995259][T30096] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 547.000755][T30096] netlink_rcv_skb+0x15a/0x410 [ 547.005531][T30096] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 547.011865][T30096] ? netlink_ack+0xa80/0xa80 [ 547.016494][T30096] genl_rcv+0x24/0x40 [ 547.020477][T30096] netlink_unicast+0x537/0x740 [ 547.025256][T30096] ? netlink_attachskb+0x810/0x810 [ 547.030376][T30096] ? _copy_from_iter_full+0x25c/0x870 [ 547.035749][T30096] ? __phys_addr_symbol+0x2c/0x70 [ 547.040776][T30096] ? __check_object_size+0x171/0x437 [ 547.046084][T30096] netlink_sendmsg+0x882/0xe10 [ 547.050861][T30096] ? aa_af_perm+0x260/0x260 [ 547.055370][T30096] ? netlink_unicast+0x740/0x740 [ 547.060334][T30096] ? netlink_unicast+0x740/0x740 [ 547.065279][T30096] sock_sendmsg+0xcf/0x120 [ 547.069703][T30096] ____sys_sendmsg+0x6b9/0x7d0 [ 547.074473][T30096] ? retint_kernel+0x2b/0x2b [ 547.079065][T30096] ? kernel_sendmsg+0x50/0x50 [ 547.083754][T30096] ? copy_msghdr_from_user+0x2be/0x420 [ 547.089217][T30096] ? sendmsg_copy_msghdr+0x3a/0x70 [ 547.094338][T30096] ___sys_sendmsg+0x100/0x170 [ 547.099041][T30096] ? sendmsg_copy_msghdr+0x70/0x70 [ 547.104175][T30096] ? __fget_files+0x329/0x4f0 [ 547.108870][T30096] ? ksys_dup3+0x3c0/0x3c0 [ 547.113311][T30096] ? __fget_light+0x208/0x270 [ 547.118027][T30096] __sys_sendmsg+0xec/0x1b0 [ 547.122544][T30096] ? __sys_sendmsg_sock+0xb0/0xb0 [ 547.127610][T30096] ? do_syscall_64+0x4f/0x7d0 [ 547.132300][T30096] do_syscall_64+0xf6/0x7d0 [ 547.136825][T30096] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 547.142712][T30096] RIP: 0033:0x45c849 [ 547.146612][T30096] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 547.166212][T30096] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 547.174618][T30096] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 547.182589][T30096] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 547.190550][T30096] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 547.198513][T30096] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 547.206475][T30096] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:48 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:48 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0xfffffff0}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:48 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:48 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0xffffffff}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:48 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:48 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:48 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 547.821177][T30158] netlink: 'syz-executor.5': attribute type 23 has an invalid length. [ 547.849416][T30158] netlink: 151480 bytes leftover after parsing attributes in process `syz-executor.5'. [ 547.890210][T30164] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 547.918030][T30164] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 547.968973][T30164] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 547.968973][T30164] !' [ 548.009020][T30164] CPU: 0 PID: 30164 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 548.017706][T30164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 548.027761][T30164] Call Trace: [ 548.031050][T30164] dump_stack+0x188/0x20d [ 548.035386][T30164] sysfs_warn_dup.cold+0x1c/0x2d [ 548.040436][T30164] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 548.046521][T30164] sysfs_create_link+0x61/0xc0 [ 548.051298][T30164] device_add+0x71c/0x1bc0 [ 548.055735][T30164] ? uevent_show+0x360/0x360 [ 548.060339][T30164] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 548.066340][T30164] wiphy_register+0x1c46/0x2720 [ 548.071220][T30164] ? wiphy_unregister+0xf90/0xf90 [ 548.076255][T30164] ? __kmalloc+0x629/0x7a0 [ 548.080681][T30164] ? ieee80211_register_hw+0xbea/0x3760 [ 548.086345][T30164] ? ieee80211_cs_list_valid+0x198/0x280 [ 548.091994][T30164] ieee80211_register_hw+0x141d/0x3760 [ 548.097502][T30164] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 548.102970][T30164] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 548.108503][T30164] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 548.114468][T30164] ? memset+0x20/0x40 [ 548.118444][T30164] ? __hrtimer_init+0x134/0x260 [ 548.123305][T30164] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 548.129010][T30164] ? vprintk_func+0x81/0x17e [ 548.133595][T30164] ? hwsim_register_received_nl+0x400/0x400 [ 548.139480][T30164] hwsim_new_radio_nl+0x905/0xf60 [ 548.144506][T30164] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 548.150379][T30164] ? cap_capable+0x1eb/0x250 [ 548.154956][T30164] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 548.161265][T30164] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 548.167584][T30164] genl_rcv_msg+0x627/0xdf0 [ 548.172080][T30164] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 548.178390][T30164] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 548.184086][T30164] ? retint_kernel+0x2b/0x2b [ 548.188685][T30164] ? check_memory_region+0x117/0x190 [ 548.193995][T30164] netlink_rcv_skb+0x15a/0x410 [ 548.198781][T30164] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 548.205094][T30164] ? netlink_ack+0xa80/0xa80 [ 548.209682][T30164] genl_rcv+0x24/0x40 [ 548.213707][T30164] netlink_unicast+0x537/0x740 [ 548.218462][T30164] ? netlink_attachskb+0x810/0x810 [ 548.223563][T30164] ? _copy_from_iter_full+0x25c/0x870 [ 548.228946][T30164] ? __phys_addr_symbol+0x2c/0x70 [ 548.233958][T30164] ? __check_object_size+0x171/0x437 [ 548.239244][T30164] netlink_sendmsg+0x882/0xe10 [ 548.243999][T30164] ? netlink_unicast+0x740/0x740 [ 548.248926][T30164] ? netlink_sendmsg+0x4/0xe10 [ 548.253673][T30164] ? netlink_unicast+0x740/0x740 [ 548.258593][T30164] sock_sendmsg+0xcf/0x120 [ 548.262996][T30164] ____sys_sendmsg+0x6b9/0x7d0 [ 548.267746][T30164] ? kernel_sendmsg+0x50/0x50 [ 548.272410][T30164] ? __fget_files+0x307/0x4f0 [ 548.277095][T30164] ___sys_sendmsg+0x100/0x170 [ 548.281764][T30164] ? sendmsg_copy_msghdr+0x70/0x70 [ 548.286870][T30164] ? __fget_files+0x329/0x4f0 [ 548.291536][T30164] ? ksys_dup3+0x3c0/0x3c0 [ 548.295936][T30164] ? lock_acquire+0x197/0x420 [ 548.300598][T30164] ? __might_fault+0xef/0x1d0 [ 548.305267][T30164] ? __fget_light+0x208/0x270 [ 548.309939][T30164] __sys_sendmsg+0xec/0x1b0 [ 548.314432][T30164] ? __sys_sendmsg_sock+0xb0/0xb0 [ 548.319440][T30164] ? __x64_sys_futex+0x380/0x4f0 [ 548.324374][T30164] ? trace_hardirqs_off_caller+0x55/0x230 [ 548.330079][T30164] ? do_syscall_64+0x21/0x7d0 [ 548.334744][T30164] do_syscall_64+0xf6/0x7d0 [ 548.339260][T30164] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 548.345137][T30164] RIP: 0033:0x45c849 [ 548.349018][T30164] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 06:10:49 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(0x0) sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:49 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:49 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc606c0011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:49 executing program 5: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60110011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:49 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') bind$can_j1939(0xffffffffffffffff, &(0x7f0000000040)={0x1d, 0x0, 0x0, {0x0, 0x0, 0x7}}, 0x18) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = dup2(r5, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) getsockopt$inet_mreqn(r6, 0x0, 0x24, &(0x7f0000002f40)={@initdev, @rand_addr, 0x0}, &(0x7f0000002f80)=0xc) sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f0000003600)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000035c0)={&(0x7f0000002fc0)={0x5c8, 0x0, 0x8, 0x70bd2d, 0x25dfdbff, {}, [{{0x8}, {0xf8, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8, 0x4, 0xa4c}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x5}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x5}, {0x8, 0x4, 0x8}}}]}}, {{0x8}, {0x13c, 0x2, 0x0, 0x1, [{0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0xc, 0x4, [{0xbe, 0x40, 0x6, 0xdf82}]}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x5}, {0x4}}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x5}, {0x8, 0x4, 0x80000001}}}]}}, {{0x8}, {0xb8, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x5}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8, 0x4, 0x15}}, {0x8}}}]}}, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x5}, {0x8, 0x4, 0x81}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8}, {0xb4, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x5}, {0x8, 0x4, 0xfffffffb}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x5}, {0x8, 0x4, 0x2}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x5}, {0x8, 0x4, 0x400}}, {0x8}}}]}}, {{0x8}, {0x168, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x3c, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0xb, 0x4, 'random\x00'}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x5}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x5}, {0x8, 0x4, 0x7fff}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}]}}]}, 0x5c8}, 0x1, 0x0, 0x0, 0x48000}, 0x4004800) sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:49 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 548.368609][T30164] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 548.377008][T30164] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 [ 548.384968][T30164] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 548.392921][T30164] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 548.400876][T30164] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 548.408837][T30164] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c 06:10:49 executing program 5: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60110011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 548.478571][T30398] netlink: 212832 bytes leftover after parsing attributes in process `syz-executor.4'. [ 548.563107][T30398] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 548.563107][T30398] !' [ 548.582432][T30398] CPU: 0 PID: 30398 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 548.591128][T30398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 548.601198][T30398] Call Trace: [ 548.604503][T30398] dump_stack+0x188/0x20d [ 548.608868][T30398] sysfs_warn_dup.cold+0x1c/0x2d [ 548.613821][T30398] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 548.619906][T30398] sysfs_create_link+0x61/0xc0 [ 548.624694][T30398] device_add+0x71c/0x1bc0 [ 548.629141][T30398] ? ieee80211_set_bitrate_flags+0xf9/0x5c0 [ 548.635051][T30398] ? uevent_show+0x360/0x360 [ 548.639666][T30398] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 548.645671][T30398] wiphy_register+0x1c46/0x2720 [ 548.650556][T30398] ? wiphy_unregister+0xf90/0xf90 [ 548.655596][T30398] ? retint_kernel+0x2b/0x2b [ 548.660217][T30398] ? ieee80211_register_hw+0x24e0/0x3760 [ 548.665870][T30398] ieee80211_register_hw+0x141d/0x3760 [ 548.671363][T30398] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 548.676932][T30398] ? hrtimer_init+0x264/0x320 [ 548.681626][T30398] ? memset+0x20/0x40 [ 548.685625][T30398] ? __hrtimer_init+0x134/0x260 [ 548.690623][T30398] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 548.696472][T30398] ? hwsim_register_received_nl+0x400/0x400 [ 548.702397][T30398] hwsim_new_radio_nl+0x905/0xf60 [ 548.707455][T30398] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 548.713365][T30398] ? __nla_validate_parse+0x2af/0x1cd0 [ 548.718938][T30398] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 548.725293][T30398] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 548.731788][T30398] genl_rcv_msg+0x627/0xdf0 [ 548.736395][T30398] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 548.742764][T30398] ? lockdep_hardirqs_on+0x417/0x5d0 [ 548.748062][T30398] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 548.753560][T30398] netlink_rcv_skb+0x15a/0x410 [ 548.758338][T30398] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 548.764678][T30398] ? netlink_ack+0xa80/0xa80 [ 548.769317][T30398] genl_rcv+0x24/0x40 [ 548.773310][T30398] netlink_unicast+0x537/0x740 [ 548.778101][T30398] ? netlink_attachskb+0x810/0x810 [ 548.783220][T30398] ? _copy_from_iter_full+0x25c/0x870 [ 548.788612][T30398] ? __phys_addr_symbol+0x2c/0x70 [ 548.793646][T30398] ? __check_object_size+0x171/0x437 [ 548.798948][T30398] netlink_sendmsg+0x882/0xe10 [ 548.803732][T30398] ? aa_af_perm+0x260/0x260 [ 548.808245][T30398] ? netlink_unicast+0x740/0x740 [ 548.813221][T30398] ? netlink_unicast+0x740/0x740 [ 548.818170][T30398] sock_sendmsg+0xcf/0x120 [ 548.822598][T30398] ____sys_sendmsg+0x6b9/0x7d0 [ 548.827381][T30398] ? kernel_sendmsg+0x50/0x50 [ 548.832087][T30398] ? mark_lock+0xbc/0x1220 [ 548.836512][T30398] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 548.841997][T30398] ___sys_sendmsg+0x100/0x170 [ 548.846691][T30398] ? sendmsg_copy_msghdr+0x70/0x70 [ 548.851831][T30398] ? __fget_files+0x329/0x4f0 [ 548.856549][T30398] ? ksys_dup3+0x3c0/0x3c0 [ 548.861068][T30398] ? _copy_to_user+0x124/0x150 [ 548.865853][T30398] ? __fget_light+0x208/0x270 [ 548.870555][T30398] __sys_sendmsg+0xec/0x1b0 [ 548.875074][T30398] ? __sys_sendmsg_sock+0xb0/0xb0 [ 548.880291][T30398] ? __x64_sys_futex+0x380/0x4f0 [ 548.885266][T30398] ? trace_hardirqs_off_caller+0x55/0x230 [ 548.891023][T30398] ? do_syscall_64+0x21/0x7d0 [ 548.895715][T30398] do_syscall_64+0xf6/0x7d0 [ 548.900240][T30398] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 548.906143][T30398] RIP: 0033:0x45c849 [ 548.910049][T30398] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 548.929741][T30398] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 548.938160][T30398] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 548.946249][T30398] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 548.954230][T30398] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 06:10:49 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:49 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:49 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000300)={0x80000001, 0x1933}) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="11002aad70000000000010000000"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x101}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:49 executing program 5: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60110011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:49 executing program 5: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60110011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 548.962210][T30398] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 548.970193][T30398] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 549.003452][T30621] netlink: 'syz-executor.5': attribute type 23 has an invalid length. [ 549.041168][T30621] netlink: 151480 bytes leftover after parsing attributes in process `syz-executor.5'. [ 549.060869][T30622] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 549.074761][T30622] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 549.148927][T30622] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 549.148927][T30622] !' [ 549.169987][T30622] CPU: 1 PID: 30622 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 549.178679][T30622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 549.188879][T30622] Call Trace: [ 549.192180][T30622] dump_stack+0x188/0x20d [ 549.196536][T30622] sysfs_warn_dup.cold+0x1c/0x2d [ 549.201489][T30622] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 549.207566][T30622] sysfs_create_link+0x61/0xc0 [ 549.212362][T30622] device_add+0x71c/0x1bc0 [ 549.216810][T30622] ? uevent_show+0x360/0x360 [ 549.221425][T30622] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 549.227443][T30622] wiphy_register+0x1c46/0x2720 [ 549.232317][T30622] ? wiphy_unregister+0xf90/0xf90 [ 549.237364][T30622] ? ieee80211_cs_list_valid+0x198/0x280 [ 549.243013][T30622] ieee80211_register_hw+0x141d/0x3760 [ 549.248498][T30622] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 549.253972][T30622] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 549.259620][T30622] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 549.265617][T30622] ? memset+0x20/0x40 [ 549.269611][T30622] ? __hrtimer_init+0x134/0x260 [ 549.274480][T30622] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 549.280242][T30622] ? hwsim_register_received_nl+0x400/0x400 [ 549.286139][T30622] hwsim_new_radio_nl+0x905/0xf60 [ 549.291150][T30622] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 549.297046][T30622] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 549.303377][T30622] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 549.309714][T30622] genl_rcv_msg+0x627/0xdf0 [ 549.314221][T30622] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 549.320558][T30622] ? mark_held_locks+0x9f/0xe0 [ 549.325319][T30622] netlink_rcv_skb+0x15a/0x410 [ 549.330075][T30622] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 549.336395][T30622] ? netlink_ack+0xa80/0xa80 [ 549.340972][T30622] ? retint_kernel+0x2b/0x2b [ 549.345555][T30622] ? down_read+0x110/0x420 [ 549.349989][T30622] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 549.356309][T30622] genl_rcv+0x24/0x40 [ 549.360281][T30622] netlink_unicast+0x537/0x740 [ 549.365042][T30622] ? netlink_attachskb+0x810/0x810 [ 549.370279][T30622] ? _copy_from_iter_full+0x25c/0x870 [ 549.375830][T30622] ? __phys_addr_symbol+0x2c/0x70 [ 549.380843][T30622] ? __check_object_size+0x171/0x437 [ 549.386141][T30622] netlink_sendmsg+0x882/0xe10 [ 549.390906][T30622] ? aa_af_perm+0x260/0x260 [ 549.395400][T30622] ? netlink_unicast+0x740/0x740 [ 549.400344][T30622] ? netlink_unicast+0x740/0x740 [ 549.405285][T30622] sock_sendmsg+0xcf/0x120 [ 549.409694][T30622] ____sys_sendmsg+0x6b9/0x7d0 [ 549.414448][T30622] ? kernel_sendmsg+0x50/0x50 [ 549.419135][T30622] ? lockdep_hardirqs_on+0x417/0x5d0 [ 549.424436][T30622] ___sys_sendmsg+0x100/0x170 [ 549.429109][T30622] ? sendmsg_copy_msghdr+0x70/0x70 [ 549.434219][T30622] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 549.439668][T30622] ? lockdep_hardirqs_on+0x417/0x5d0 [ 549.444942][T30622] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 549.450401][T30622] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 549.456117][T30622] ? retint_kernel+0x2b/0x2b [ 549.460713][T30622] __sys_sendmsg+0xec/0x1b0 [ 549.465224][T30622] ? __sys_sendmsg_sock+0xb0/0xb0 [ 549.470229][T30622] ? __x64_sys_futex+0x380/0x4f0 [ 549.475164][T30622] ? trace_hardirqs_off_caller+0x55/0x230 [ 549.480875][T30622] ? do_syscall_64+0x21/0x7d0 [ 549.485543][T30622] do_syscall_64+0xf6/0x7d0 [ 549.490039][T30622] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 549.496046][T30622] RIP: 0033:0x45c849 [ 549.499941][T30622] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 549.519535][T30622] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 549.527931][T30622] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 [ 549.535890][T30622] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 06:10:50 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r2, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:50 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000580)='/dev/bsg\x00', 0x400000, 0x0) ioctl$SOUND_MIXER_READ_RECMASK(r0, 0x80044dfd, &(0x7f00000005c0)) socket$kcm(0xa, 0x6, 0x0) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r1, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r4, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="11002abd70000000000010000000"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r3, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r5, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@empty}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000340)={&(0x7f0000000300)="6205a248045b", &(0x7f00000003c0)=""/76, &(0x7f0000000480)="4bc52940b85fb7c83fcb8791a0a5560b5688248f63efb868fc57119a2452b3a03ed92af3434fa0c9bb93ff380fc5cfaa0b3e596b06ad91bed5367bb35ab769994821141efb0d7cbe4333dbb5d37419e8638bbd12d7a9ef0ce1f8aa20f9", &(0x7f0000000500)="5562c63bb929978f0df859c00aa8dadeba2399ae89030625738d5ab5d0617388f1b2af509e6318f8d44e7f7fb58521258fd386390a62293968b449f40b8437bcd56a9e40", 0x7, r2, 0x4}, 0x38) r7 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:50 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x4}}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:50 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:50 executing program 5: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60110011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:50 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60000611400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 549.543853][T30622] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 549.551811][T30622] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 549.559771][T30622] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c [ 549.638163][T30734] netlink: 211404 bytes leftover after parsing attributes in process `syz-executor.4'. [ 549.689447][T30734] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 549.689447][T30734] !' [ 549.733407][T30734] CPU: 1 PID: 30734 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 549.742111][T30734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 549.752169][T30734] Call Trace: [ 549.755565][T30734] dump_stack+0x188/0x20d [ 549.760028][T30734] sysfs_warn_dup.cold+0x1c/0x2d [ 549.764990][T30734] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 549.771078][T30734] sysfs_create_link+0x61/0xc0 [ 549.775856][T30734] device_add+0x71c/0x1bc0 [ 549.780295][T30734] ? uevent_show+0x360/0x360 [ 549.785001][T30734] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 549.791101][T30734] wiphy_register+0x1c46/0x2720 [ 549.795976][T30734] ? wiphy_unregister+0xf90/0xf90 [ 549.801016][T30734] ? __kmalloc+0x629/0x7a0 [ 549.805446][T30734] ? ieee80211_register_hw+0xbea/0x3760 [ 549.811008][T30734] ? ieee80211_cs_list_valid+0x198/0x280 [ 549.816672][T30734] ieee80211_register_hw+0x141d/0x3760 [ 549.822160][T30734] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 549.827628][T30734] ? rcu_read_lock_sched_held+0x9c/0xd0 06:10:50 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="b4da0000", @ANYRES16=r4, @ANYBLOB="11002abd70000000000010000000"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) socket$inet6_tcp(0xa, 0x1, 0x0) r5 = socket(0x1, 0x1, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r5, 0x8983, &(0x7f0000000140)={0x0, 'syzkaller1\x00', {0x804}}) r6 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ttyprintk\x00', 0x42400, 0x0) r7 = dup2(r6, r5) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 549.833170][T30734] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 549.839169][T30734] ? memset+0x20/0x40 [ 549.843157][T30734] ? __hrtimer_init+0x134/0x260 [ 549.848024][T30734] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 549.853755][T30734] ? vprintk_func+0x81/0x17e [ 549.858381][T30734] ? hwsim_register_received_nl+0x400/0x400 [ 549.864311][T30734] hwsim_new_radio_nl+0x905/0xf60 [ 549.869374][T30734] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 549.875275][T30734] ? cap_capable+0x1eb/0x250 [ 549.879892][T30734] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 549.886218][T30734] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 549.892576][T30734] genl_rcv_msg+0x627/0xdf0 [ 549.897102][T30734] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 549.903460][T30734] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 549.909305][T30734] netlink_rcv_skb+0x15a/0x410 [ 549.914103][T30734] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 549.920445][T30734] ? netlink_ack+0xa80/0xa80 [ 549.925075][T30734] genl_rcv+0x24/0x40 [ 549.929065][T30734] netlink_unicast+0x537/0x740 06:10:50 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:50 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 549.933846][T30734] ? netlink_attachskb+0x810/0x810 [ 549.938969][T30734] ? _copy_from_iter_full+0x25c/0x870 [ 549.944359][T30734] ? __phys_addr_symbol+0x2c/0x70 [ 549.949504][T30734] ? __check_object_size+0x171/0x437 [ 549.954943][T30734] netlink_sendmsg+0x882/0xe10 [ 549.959733][T30734] ? aa_af_perm+0x260/0x260 [ 549.964248][T30734] ? netlink_unicast+0x740/0x740 [ 549.969216][T30734] ? netlink_unicast+0x740/0x740 [ 549.974171][T30734] sock_sendmsg+0xcf/0x120 [ 549.978605][T30734] ____sys_sendmsg+0x6b9/0x7d0 [ 549.983384][T30734] ? kernel_sendmsg+0x50/0x50 [ 549.988078][T30734] ? mark_lock+0xbc/0x1220 [ 549.992530][T30734] ___sys_sendmsg+0x100/0x170 [ 549.997225][T30734] ? sendmsg_copy_msghdr+0x70/0x70 [ 550.002373][T30734] ? __fget_files+0x329/0x4f0 [ 550.007081][T30734] ? ksys_dup3+0x3c0/0x3c0 [ 550.011507][T30734] ? lock_acquire+0x197/0x420 [ 550.016199][T30734] ? __might_fault+0xef/0x1d0 [ 550.020904][T30734] ? __fget_light+0x208/0x270 [ 550.025610][T30734] __sys_sendmsg+0xec/0x1b0 [ 550.030129][T30734] ? __sys_sendmsg_sock+0xb0/0xb0 06:10:50 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="1426b5752412253f6ba4", @ANYRES16=r4, @ANYBLOB="11002abd70000000000010000000"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000480)={0x98, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_SERVICE={0x34, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x14}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wlc\x00'}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_FWMARK={0x8}]}, @IPVS_CMD_ATTR_SERVICE={0x48, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x40}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x25}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x34048004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x0, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 550.035162][T30734] ? __x64_sys_futex+0x380/0x4f0 [ 550.040136][T30734] ? trace_hardirqs_off_caller+0x55/0x230 [ 550.045873][T30734] ? do_syscall_64+0x21/0x7d0 [ 550.050564][T30734] do_syscall_64+0xf6/0x7d0 [ 550.055083][T30734] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 550.060981][T30734] RIP: 0033:0x45c849 [ 550.064891][T30734] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 550.084587][T30734] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 550.093019][T30734] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 550.101012][T30734] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 550.108987][T30734] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 550.117068][T30734] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 550.125044][T30734] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:51 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xe}}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 550.183458][T30736] netlink: 'syz-executor.5': attribute type 23 has an invalid length. [ 550.201231][T30736] netlink: 151480 bytes leftover after parsing attributes in process `syz-executor.5'. 06:10:51 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 550.246027][T30948] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 550.264676][T30948] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 550.373087][T30948] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 550.373087][T30948] !' [ 550.437691][T30948] CPU: 1 PID: 30948 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 550.446412][T30948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 550.456475][T30948] Call Trace: [ 550.459776][T30948] dump_stack+0x188/0x20d [ 550.464128][T30948] sysfs_warn_dup.cold+0x1c/0x2d [ 550.469085][T30948] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 550.475179][T30948] sysfs_create_link+0x61/0xc0 [ 550.479955][T30948] device_add+0x71c/0x1bc0 [ 550.484396][T30948] ? uevent_show+0x360/0x360 [ 550.488999][T30948] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 550.494997][T30948] wiphy_register+0x1c46/0x2720 [ 550.499877][T30948] ? wiphy_unregister+0xf90/0xf90 [ 550.504911][T30948] ? retint_kernel+0x2b/0x2b [ 550.509530][T30948] ? ieee80211_register_hw+0x1084/0x3760 [ 550.515180][T30948] ? ieee80211_cs_list_valid+0x198/0x280 [ 550.520832][T30948] ieee80211_register_hw+0x141d/0x3760 [ 550.526331][T30948] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 550.531807][T30948] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 550.537356][T30948] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 550.543365][T30948] ? memset+0x20/0x40 [ 550.547358][T30948] ? __hrtimer_init+0x134/0x260 [ 550.552226][T30948] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 550.557982][T30948] ? vprintk_func+0x81/0x17e [ 550.562606][T30948] ? hwsim_register_received_nl+0x400/0x400 [ 550.568526][T30948] hwsim_new_radio_nl+0x905/0xf60 [ 550.573565][T30948] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 550.579500][T30948] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 550.585840][T30948] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 550.592193][T30948] genl_rcv_msg+0x627/0xdf0 [ 550.596720][T30948] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 550.603068][T30948] ? retint_kernel+0x2b/0x2b [ 550.607695][T30948] netlink_rcv_skb+0x15a/0x410 [ 550.612476][T30948] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 550.618816][T30948] ? netlink_ack+0xa80/0xa80 [ 550.623444][T30948] genl_rcv+0x24/0x40 [ 550.627443][T30948] netlink_unicast+0x537/0x740 [ 550.632232][T30948] ? netlink_attachskb+0x810/0x810 [ 550.637344][T30948] ? _copy_from_iter_full+0x25c/0x870 [ 550.642715][T30948] ? __phys_addr_symbol+0x2c/0x70 [ 550.647759][T30948] ? __check_object_size+0x171/0x437 [ 550.653145][T30948] netlink_sendmsg+0x882/0xe10 [ 550.657903][T30948] ? aa_af_perm+0x260/0x260 [ 550.662508][T30948] ? netlink_unicast+0x740/0x740 [ 550.667435][T30948] ? tomoyo_socket_sendmsg+0x13/0x30 [ 550.672715][T30948] ? netlink_unicast+0x740/0x740 [ 550.677648][T30948] sock_sendmsg+0xcf/0x120 [ 550.682115][T30948] ____sys_sendmsg+0x6b9/0x7d0 [ 550.686876][T30948] ? kernel_sendmsg+0x50/0x50 [ 550.691541][T30948] ? mark_lock+0xbc/0x1220 [ 550.695948][T30948] ___sys_sendmsg+0x100/0x170 [ 550.700614][T30948] ? sendmsg_copy_msghdr+0x70/0x70 [ 550.705721][T30948] ? __fget_files+0x329/0x4f0 [ 550.710392][T30948] ? ksys_dup3+0x3c0/0x3c0 [ 550.714793][T30948] ? lock_acquire+0x209/0x420 [ 550.719468][T30948] ? __fget_light+0x208/0x270 [ 550.724134][T30948] __sys_sendmsg+0xec/0x1b0 [ 550.728622][T30948] ? __sys_sendmsg_sock+0xb0/0xb0 [ 550.733628][T30948] ? __x64_sys_futex+0x380/0x4f0 [ 550.738558][T30948] ? trace_hardirqs_off_caller+0x55/0x230 [ 550.744262][T30948] ? do_syscall_64+0x21/0x7d0 [ 550.748923][T30948] do_syscall_64+0xf6/0x7d0 [ 550.753419][T30948] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 550.759295][T30948] RIP: 0033:0x45c849 [ 550.763172][T30948] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 06:10:51 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r2, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:51 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x200008, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) dup2(r6, r6) preadv(r6, &(0x7f00000003c0)=[{&(0x7f0000000480)=""/177, 0xb1}, {&(0x7f0000000540)=""/153, 0x99}, {&(0x7f0000000600)=""/4096, 0x1000}, {&(0x7f0000001600)=""/190, 0xbe}, {&(0x7f00000016c0)=""/244, 0xf4}, {&(0x7f00000017c0)=""/178, 0xb2}, {&(0x7f0000001880)=""/157, 0x9d}, {&(0x7f0000000300)=""/89, 0x59}], 0x8, 0x0) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:51 executing program 5: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60110011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:51 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x14}}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:51 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x0, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:51 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60000711400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 550.782759][T30948] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 550.791151][T30948] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 [ 550.799112][T30948] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 550.807065][T30948] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 550.815021][T30948] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 550.822979][T30948] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c 06:10:51 executing program 5: r0 = socket$kcm(0x10, 0x0, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60110011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 550.895575][T31172] netlink: 'syz-executor.5': attribute type 23 has an invalid length. [ 550.930079][T31165] netlink: 'syz-executor.3': attribute type 8 has an invalid length. 06:10:51 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x19}}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:51 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x0, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:51 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) open(&(0x7f0000000300)='./file0\x00', 0x8000, 0x1b0) [ 551.024675][T31165] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 551.024675][T31165] !' [ 551.097889][T31165] CPU: 1 PID: 31165 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 551.106592][T31165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 551.116672][T31165] Call Trace: [ 551.119978][T31165] dump_stack+0x188/0x20d [ 551.124330][T31165] sysfs_warn_dup.cold+0x1c/0x2d [ 551.129288][T31165] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 551.135506][T31165] sysfs_create_link+0x61/0xc0 [ 551.140292][T31165] device_add+0x71c/0x1bc0 [ 551.144733][T31165] ? ieee80211_set_bitrate_flags+0x153/0x5c0 [ 551.150728][T31165] ? uevent_show+0x360/0x360 [ 551.155339][T31165] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 551.161339][T31165] wiphy_register+0x1c46/0x2720 [ 551.166233][T31165] ? wiphy_unregister+0xf90/0xf90 [ 551.171263][T31165] ? retint_kernel+0x2b/0x2b [ 551.175886][T31165] ? ieee80211_register_hw+0x2dcd/0x3760 [ 551.181738][T31165] ieee80211_register_hw+0x141d/0x3760 [ 551.187216][T31165] ? lockdep_hardirqs_on+0x321/0x5d0 [ 551.192517][T31165] ? calibrate_delay.cold+0x3db/0x3f6 [ 551.197914][T31165] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 551.203388][T31165] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 551.208948][T31165] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 551.215026][T31165] ? memset+0x20/0x40 [ 551.219038][T31165] ? __hrtimer_init+0x134/0x260 [ 551.223906][T31165] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 551.229676][T31165] ? hwsim_register_received_nl+0x400/0x400 [ 551.235617][T31165] hwsim_new_radio_nl+0x905/0xf60 [ 551.240661][T31165] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 551.246559][T31165] ? cap_capable+0x1eb/0x250 [ 551.251169][T31165] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 551.257502][T31165] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 551.263850][T31165] genl_rcv_msg+0x627/0xdf0 [ 551.268382][T31165] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 551.274748][T31165] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 551.280578][T31165] netlink_rcv_skb+0x15a/0x410 [ 551.285353][T31165] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 551.291692][T31165] ? netlink_ack+0xa80/0xa80 [ 551.296318][T31165] genl_rcv+0x24/0x40 [ 551.300321][T31165] netlink_unicast+0x537/0x740 [ 551.305102][T31165] ? netlink_attachskb+0x810/0x810 [ 551.310332][T31165] ? _copy_from_iter_full+0x25c/0x870 [ 551.315728][T31165] ? __phys_addr_symbol+0x2c/0x70 [ 551.320894][T31165] ? __check_object_size+0x171/0x437 [ 551.326206][T31165] netlink_sendmsg+0x882/0xe10 [ 551.330997][T31165] ? aa_af_perm+0x260/0x260 [ 551.335513][T31165] ? netlink_unicast+0x740/0x740 [ 551.340489][T31165] ? netlink_unicast+0x740/0x740 06:10:51 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x1184, 0x4, 0x2, 0xb, 0x4001}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="11002abd70b90000000000100000cbd167394f5f0000"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = dup2(r5, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) write$P9_RWRITE(r6, &(0x7f0000000300)={0xb, 0x77, 0x2, 0xec}, 0xb) r7 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:52 executing program 5: r0 = socket$kcm(0x10, 0x0, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60110011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) [ 551.345527][T31165] sock_sendmsg+0xcf/0x120 [ 551.349961][T31165] ____sys_sendmsg+0x6b9/0x7d0 [ 551.354827][T31165] ? kernel_sendmsg+0x50/0x50 [ 551.359525][T31165] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 551.365012][T31165] ___sys_sendmsg+0x100/0x170 [ 551.369700][T31165] ? retint_kernel+0x2b/0x2b [ 551.374305][T31165] ? sendmsg_copy_msghdr+0x70/0x70 [ 551.379444][T31165] ? __fget_files+0x329/0x4f0 [ 551.384143][T31165] ? ksys_dup3+0x3c0/0x3c0 [ 551.388566][T31165] ? lock_acquire+0x197/0x420 [ 551.393254][T31165] ? __might_fault+0xef/0x1d0 [ 551.397951][T31165] ? __fget_light+0x208/0x270 [ 551.402652][T31165] __sys_sendmsg+0xec/0x1b0 [ 551.407163][T31165] ? __sys_sendmsg_sock+0xb0/0xb0 [ 551.412241][T31165] ? do_syscall_64+0xbc/0x7d0 [ 551.416935][T31165] do_syscall_64+0xf6/0x7d0 [ 551.421454][T31165] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 551.427354][T31165] RIP: 0033:0x45c849 [ 551.431261][T31165] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 551.450881][T31165] RSP: 002b:00007f081711fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 551.459401][T31165] RAX: ffffffffffffffda RBX: 00007f08171206d4 RCX: 000000000045c849 [ 551.467381][T31165] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 551.475446][T31165] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 551.483434][T31165] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 551.491412][T31165] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 551.521337][T31169] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 551.521337][T31169] !' [ 551.542222][T31169] CPU: 1 PID: 31169 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 551.550904][T31169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 551.560941][T31169] Call Trace: [ 551.564222][T31169] dump_stack+0x188/0x20d [ 551.568547][T31169] sysfs_warn_dup.cold+0x1c/0x2d [ 551.573469][T31169] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 551.579525][T31169] sysfs_create_link+0x61/0xc0 [ 551.584278][T31169] device_add+0x71c/0x1bc0 [ 551.588701][T31169] ? uevent_show+0x360/0x360 [ 551.593297][T31169] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 551.599289][T31169] wiphy_register+0x1c46/0x2720 [ 551.604149][T31169] ? wiphy_unregister+0xf90/0xf90 [ 551.609181][T31169] ? __kmalloc+0x629/0x7a0 [ 551.613601][T31169] ? ieee80211_register_hw+0xbea/0x3760 [ 551.619167][T31169] ? ieee80211_cs_list_valid+0x198/0x280 [ 551.624809][T31169] ieee80211_register_hw+0x141d/0x3760 [ 551.630278][T31169] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 551.635735][T31169] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 551.641283][T31169] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 551.647262][T31169] ? memset+0x20/0x40 [ 551.651240][T31169] ? __hrtimer_init+0x134/0x260 [ 551.656185][T31169] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 551.661917][T31169] ? hwsim_register_received_nl+0x400/0x400 [ 551.667809][T31169] hwsim_new_radio_nl+0x905/0xf60 [ 551.672822][T31169] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 551.678699][T31169] ? cap_capable+0x1eb/0x250 [ 551.683287][T31169] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 551.689598][T31169] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 551.695918][T31169] genl_rcv_msg+0x627/0xdf0 [ 551.700417][T31169] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 551.706747][T31169] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 551.712552][T31169] netlink_rcv_skb+0x15a/0x410 [ 551.717316][T31169] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 551.723776][T31169] ? netlink_ack+0xa80/0xa80 [ 551.728384][T31169] genl_rcv+0x24/0x40 [ 551.732365][T31169] netlink_unicast+0x537/0x740 [ 551.737244][T31169] ? netlink_attachskb+0x810/0x810 [ 551.742358][T31169] ? _copy_from_iter_full+0x25c/0x870 [ 551.747764][T31169] ? __phys_addr_symbol+0x2c/0x70 [ 551.752788][T31169] ? __check_object_size+0x171/0x437 [ 551.758071][T31169] netlink_sendmsg+0x882/0xe10 [ 551.762841][T31169] ? aa_af_perm+0x260/0x260 [ 551.767336][T31169] ? netlink_unicast+0x740/0x740 [ 551.772297][T31169] ? netlink_unicast+0x740/0x740 [ 551.777235][T31169] sock_sendmsg+0xcf/0x120 [ 551.781663][T31169] ____sys_sendmsg+0x6b9/0x7d0 [ 551.786432][T31169] ? kernel_sendmsg+0x50/0x50 [ 551.791115][T31169] ? mark_lock+0xbc/0x1220 [ 551.795664][T31169] ___sys_sendmsg+0x100/0x170 [ 551.800347][T31169] ? sendmsg_copy_msghdr+0x70/0x70 [ 551.805472][T31169] ? __fget_files+0x329/0x4f0 [ 551.810164][T31169] ? ksys_dup3+0x3c0/0x3c0 [ 551.814583][T31169] ? lock_acquire+0x197/0x420 [ 551.819262][T31169] ? __might_fault+0xef/0x1d0 [ 551.823953][T31169] ? __fget_light+0x208/0x270 [ 551.828630][T31169] __sys_sendmsg+0xec/0x1b0 [ 551.833126][T31169] ? __sys_sendmsg_sock+0xb0/0xb0 [ 551.838140][T31169] ? __x64_sys_futex+0x380/0x4f0 [ 551.843087][T31169] ? trace_hardirqs_off_caller+0x55/0x230 [ 551.848797][T31169] ? do_syscall_64+0x21/0x7d0 [ 551.853467][T31169] do_syscall_64+0xf6/0x7d0 [ 551.857966][T31169] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 551.863930][T31169] RIP: 0033:0x45c849 [ 551.867811][T31169] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 551.887410][T31169] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 551.895811][T31169] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 551.903770][T31169] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 551.911726][T31169] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 551.919684][T31169] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 551.927646][T31169] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c 06:10:52 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r2, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:52 executing program 5: r0 = socket$kcm(0x10, 0x0, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60110011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:52 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x0, 0x0, 0x6}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:52 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="7b3f5dbfe2eb80e84d9dd84c206021e0c58c6faf60f823c701", @ANYRES16=r4, @ANYBLOB="11002abd70000000000010000000"], 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x68, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x532b}, @IPVS_CMD_ATTR_SERVICE={0x44, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x2}, @IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'none\x00'}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x6}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:52 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x28}}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:52 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60586511400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:52 executing program 5: socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60110011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:52 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x60}}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 552.103525][T31613] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 552.131807][T31613] __nla_validate_parse: 3 callbacks suppressed [ 552.131828][T31613] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. 06:10:53 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="07ea16fc85062c99b3a46bfb9331aea6e3869078783c5a1abeae987df28206849eb1f001692b03ea4b1a6c0fe13b4aa72fb4ecd293aa45040000009651e5dc3ac5b41ad16684b800888e7df5e8c44472f446e9000000", @ANYRES16=r3, @ANYBLOB="00002abd7000fcdbdf2509000000080005000000000008000400030000004c0001800c00070010000000160000000700060073680000060001000a000000080009000000000014000300ac1414bb00000000000000000000000008000b00736970000800080002000000"], 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:53 executing program 5: socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60110011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:53 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 552.308092][T31613] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 552.308092][T31613] !' [ 552.338653][T31613] CPU: 0 PID: 31613 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 552.347353][T31613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 552.357502][T31613] Call Trace: [ 552.360815][T31613] dump_stack+0x188/0x20d [ 552.365258][T31613] sysfs_warn_dup.cold+0x1c/0x2d [ 552.370212][T31613] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 552.376389][T31613] sysfs_create_link+0x61/0xc0 [ 552.381167][T31613] device_add+0x71c/0x1bc0 [ 552.385608][T31613] ? uevent_show+0x360/0x360 [ 552.390216][T31613] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 552.396208][T31613] wiphy_register+0x1c46/0x2720 [ 552.401081][T31613] ? wiphy_unregister+0xf90/0xf90 [ 552.406203][T31613] ? retint_kernel+0x2b/0x2b [ 552.410819][T31613] ? ieee80211_register_hw+0x1376/0x3760 [ 552.416479][T31613] ieee80211_register_hw+0x141d/0x3760 [ 552.421972][T31613] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 552.427447][T31613] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 552.433006][T31613] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 552.439005][T31613] ? memset+0x20/0x40 [ 552.442996][T31613] ? __hrtimer_init+0x134/0x260 [ 552.447883][T31613] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 552.453730][T31613] ? hwsim_register_received_nl+0x400/0x400 [ 552.459654][T31613] hwsim_new_radio_nl+0x905/0xf60 [ 552.464873][T31613] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 552.470777][T31613] ? cap_capable+0x1eb/0x250 [ 552.475391][T31613] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 552.481728][T31613] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 552.488084][T31613] genl_rcv_msg+0x627/0xdf0 [ 552.492611][T31613] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 552.498984][T31613] ? retint_kernel+0x2b/0x2b [ 552.503614][T31613] netlink_rcv_skb+0x15a/0x410 [ 552.508389][T31613] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 552.514724][T31613] ? netlink_ack+0xa80/0xa80 [ 552.519367][T31613] genl_rcv+0x24/0x40 [ 552.523360][T31613] netlink_unicast+0x537/0x740 [ 552.528143][T31613] ? netlink_attachskb+0x810/0x810 [ 552.533266][T31613] ? _copy_from_iter_full+0x25c/0x870 [ 552.538689][T31613] ? __phys_addr_symbol+0x2c/0x70 [ 552.543727][T31613] ? __check_object_size+0x171/0x437 [ 552.549028][T31613] netlink_sendmsg+0x882/0xe10 [ 552.553803][T31613] ? aa_af_perm+0x260/0x260 [ 552.558315][T31613] ? netlink_unicast+0x740/0x740 [ 552.563280][T31613] ? netlink_unicast+0x740/0x740 [ 552.568226][T31613] sock_sendmsg+0xcf/0x120 [ 552.572652][T31613] ____sys_sendmsg+0x6b9/0x7d0 [ 552.577429][T31613] ? kernel_sendmsg+0x50/0x50 [ 552.582122][T31613] ? mark_lock+0xbc/0x1220 [ 552.586561][T31613] ___sys_sendmsg+0x100/0x170 [ 552.591263][T31613] ? sendmsg_copy_msghdr+0x70/0x70 [ 552.596407][T31613] ? __fget_files+0x329/0x4f0 [ 552.601110][T31613] ? ksys_dup3+0x3c0/0x3c0 06:10:53 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) [ 552.605537][T31613] ? lock_acquire+0x197/0x420 [ 552.610223][T31613] ? __might_fault+0xef/0x1d0 [ 552.614924][T31613] ? __fget_light+0x208/0x270 [ 552.619625][T31613] __sys_sendmsg+0xec/0x1b0 [ 552.624129][T31613] ? __sys_sendmsg_sock+0xb0/0xb0 [ 552.629173][T31613] ? trace_hardirqs_off_caller+0x55/0x230 [ 552.634904][T31613] ? do_syscall_64+0x21/0x7d0 [ 552.639592][T31613] do_syscall_64+0xf6/0x7d0 [ 552.644113][T31613] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 552.650099][T31613] RIP: 0033:0x45c849 [ 552.654000][T31613] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 552.673602][T31613] RSP: 002b:00007f081711fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 552.682145][T31613] RAX: ffffffffffffffda RBX: 00007f08171206d4 RCX: 000000000045c849 [ 552.690126][T31613] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007 [ 552.698106][T31613] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 552.706089][T31613] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 552.714074][T31613] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 552.747647][T31704] netlink: 186996 bytes leftover after parsing attributes in process `syz-executor.4'. 06:10:53 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, 0x0, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:53 executing program 5: socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60110011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:53 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:53 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x2, 0x70bd2a}, 0x14}}, 0x4048051) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:53 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x2}}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 552.782067][T31704] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 552.782067][T31704] !' [ 552.827719][T31704] CPU: 1 PID: 31704 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 552.836502][T31704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 552.846650][T31704] Call Trace: [ 552.849953][T31704] dump_stack+0x188/0x20d [ 552.854302][T31704] sysfs_warn_dup.cold+0x1c/0x2d [ 552.859259][T31704] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 552.865339][T31704] sysfs_create_link+0x61/0xc0 [ 552.870115][T31704] device_add+0x71c/0x1bc0 [ 552.874547][T31704] ? ieee80211_set_bitrate_flags+0x350/0x5c0 [ 552.880543][T31704] ? uevent_show+0x360/0x360 [ 552.885242][T31704] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 552.891241][T31704] wiphy_register+0x1c46/0x2720 [ 552.896130][T31704] ? wiphy_unregister+0xf90/0xf90 [ 552.901165][T31704] ? retint_kernel+0x2b/0x2b [ 552.905777][T31704] ? ieee80211_register_hw+0x13a9/0x3760 [ 552.911438][T31704] ieee80211_register_hw+0x141d/0x3760 [ 552.916921][T31704] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 552.922399][T31704] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 552.927959][T31704] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 552.933948][T31704] ? memset+0x20/0x40 [ 552.938070][T31704] ? __hrtimer_init+0x134/0x260 [ 552.943037][T31704] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 552.948773][T31704] ? vprintk_func+0x81/0x17e [ 552.953399][T31704] ? hwsim_register_received_nl+0x400/0x400 [ 552.959334][T31704] hwsim_new_radio_nl+0x905/0xf60 [ 552.964381][T31704] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 552.970281][T31704] ? cap_capable+0x1eb/0x250 [ 552.974887][T31704] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 552.981218][T31704] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 552.987564][T31704] genl_rcv_msg+0x627/0xdf0 [ 552.992073][T31704] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 552.998406][T31704] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 553.004211][T31704] netlink_rcv_skb+0x15a/0x410 [ 553.008965][T31704] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 553.015279][T31704] ? netlink_ack+0xa80/0xa80 [ 553.019877][T31704] genl_rcv+0x24/0x40 [ 553.023933][T31704] netlink_unicast+0x537/0x740 [ 553.028690][T31704] ? netlink_attachskb+0x810/0x810 [ 553.033802][T31704] ? _copy_from_iter_full+0x25c/0x870 [ 553.039160][T31704] ? __phys_addr_symbol+0x2c/0x70 [ 553.044170][T31704] ? __check_object_size+0x171/0x437 [ 553.049446][T31704] netlink_sendmsg+0x882/0xe10 [ 553.054204][T31704] ? aa_af_perm+0x260/0x260 [ 553.058696][T31704] ? netlink_unicast+0x740/0x740 [ 553.063632][T31704] ? netlink_unicast+0x740/0x740 [ 553.068557][T31704] sock_sendmsg+0xcf/0x120 [ 553.072977][T31704] ____sys_sendmsg+0x6b9/0x7d0 [ 553.077742][T31704] ? kernel_sendmsg+0x50/0x50 [ 553.082410][T31704] ? mark_lock+0xbc/0x1220 [ 553.086830][T31704] ___sys_sendmsg+0x100/0x170 [ 553.091498][T31704] ? sendmsg_copy_msghdr+0x70/0x70 [ 553.096620][T31704] ? __fget_files+0x329/0x4f0 [ 553.101293][T31704] ? ksys_dup3+0x3c0/0x3c0 [ 553.105697][T31704] ? lock_acquire+0x197/0x420 [ 553.110364][T31704] ? __might_fault+0xef/0x1d0 [ 553.115044][T31704] ? __fget_light+0x208/0x270 [ 553.119724][T31704] __sys_sendmsg+0xec/0x1b0 [ 553.124215][T31704] ? __sys_sendmsg_sock+0xb0/0xb0 [ 553.129226][T31704] ? __x64_sys_futex+0x380/0x4f0 [ 553.134334][T31704] ? trace_hardirqs_off_caller+0x55/0x230 [ 553.140054][T31704] ? do_syscall_64+0x21/0x7d0 [ 553.144739][T31704] do_syscall_64+0xf6/0x7d0 [ 553.149262][T31704] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 553.155142][T31704] RIP: 0033:0x45c849 [ 553.159030][T31704] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 553.178708][T31704] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 553.187105][T31704] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 553.195065][T31704] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 553.203025][T31704] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 553.210984][T31704] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 553.218945][T31704] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 553.330422][T31917] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 553.345422][T31917] netlink: 185520 bytes leftover after parsing attributes in process `syz-executor.3'. [ 553.390276][T31917] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 553.390276][T31917] !' [ 553.408790][T31917] CPU: 1 PID: 31917 Comm: syz-executor.3 Not tainted 5.6.0-rc7-syzkaller #0 [ 553.417476][T31917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 553.427525][T31917] Call Trace: [ 553.430820][T31917] dump_stack+0x188/0x20d [ 553.435190][T31917] sysfs_warn_dup.cold+0x1c/0x2d [ 553.440157][T31917] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 553.446238][T31917] sysfs_create_link+0x61/0xc0 [ 553.451014][T31917] device_add+0x71c/0x1bc0 [ 553.455457][T31917] ? uevent_show+0x360/0x360 [ 553.460061][T31917] ? ieee80211_set_bitrate_flags+0x20b/0x5c0 [ 553.466165][T31917] wiphy_register+0x1c46/0x2720 [ 553.471049][T31917] ? wiphy_unregister+0xf90/0xf90 [ 553.476094][T31917] ? __kmalloc+0x629/0x7a0 [ 553.480516][T31917] ? ieee80211_register_hw+0xbea/0x3760 06:10:54 executing program 4: write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60008111400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:54 executing program 5: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, 0x0, 0x0) 06:10:54 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 06:10:54 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCSIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r1, 0x8983, &(0x7f0000000300)={0x8, 'vlan0\x00', {'macsec0\x00'}, 0x1f}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:54 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x3}}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) 06:10:54 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000680)=[@in={0x2, 0x0, @rand_addr=0x40}]}, &(0x7f0000000180)=0x10) r6 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000000)={r7, @in={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, &(0x7f0000000100)=0x100) getsockopt$inet_sctp6_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000340)=@assoc_value={r7, 0xb03}, &(0x7f00000003c0)=0x8) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000300)=0x3) [ 553.486062][T31917] ? ieee80211_register_hw+0xbc5/0x3760 [ 553.491610][T31917] ? ieee80211_cs_list_valid+0x198/0x280 [ 553.497254][T31917] ieee80211_register_hw+0x141d/0x3760 [ 553.502733][T31917] ? ieee80211_ifa_changed+0xdc0/0xdc0 [ 553.508211][T31917] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 553.513763][T31917] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 553.519749][T31917] ? memset+0x20/0x40 [ 553.523732][T31917] ? __hrtimer_init+0x134/0x260 [ 553.528591][T31917] mac80211_hwsim_new_radio+0x2187/0x43d0 [ 553.534308][T31917] ? _raw_spin_unlock_irq+0x1f/0x80 06:10:54 executing program 5: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, 0x0, 0x0) [ 553.539531][T31917] ? hwsim_register_received_nl+0x400/0x400 [ 553.545443][T31917] hwsim_new_radio_nl+0x905/0xf60 [ 553.550471][T31917] ? lockdep_hardirqs_on+0x417/0x5d0 [ 553.555781][T31917] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 553.561681][T31917] ? preempt_schedule_irq+0xee/0x150 [ 553.566997][T31917] genl_rcv_msg+0x627/0xdf0 [ 553.571516][T31917] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 553.577854][T31917] ? retint_kernel+0x2b/0x2b [ 553.582487][T31917] netlink_rcv_skb+0x15a/0x410 [ 553.587270][T31917] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 553.593609][T31917] ? netlink_ack+0xa80/0xa80 [ 553.598237][T31917] genl_rcv+0x24/0x40 [ 553.602232][T31917] netlink_unicast+0x537/0x740 [ 553.607010][T31917] ? netlink_attachskb+0x810/0x810 [ 553.612122][T31917] ? _copy_from_iter_full+0x25c/0x870 [ 553.617494][T31917] ? __phys_addr_symbol+0x2c/0x70 [ 553.622519][T31917] ? __check_object_size+0x171/0x437 [ 553.627834][T31917] netlink_sendmsg+0x882/0xe10 [ 553.632614][T31917] ? aa_af_perm+0x260/0x260 [ 553.637123][T31917] ? netlink_unicast+0x740/0x740 [ 553.642083][T31917] ? netlink_unicast+0x740/0x740 [ 553.647032][T31917] sock_sendmsg+0xcf/0x120 [ 553.651460][T31917] ____sys_sendmsg+0x6b9/0x7d0 [ 553.656231][T31917] ? kernel_sendmsg+0x50/0x50 [ 553.660930][T31917] ? mark_lock+0xbc/0x1220 [ 553.665372][T31917] ___sys_sendmsg+0x100/0x170 [ 553.670061][T31917] ? sendmsg_copy_msghdr+0x70/0x70 [ 553.675190][T31917] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 553.680656][T31917] ? lockdep_hardirqs_on+0x417/0x5d0 [ 553.685951][T31917] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 553.691427][T31917] ? smp_apic_timer_interrupt+0x1b6/0x600 [ 553.697143][T31917] ? retint_kernel+0x2b/0x2b [ 553.701722][T31917] ? sockfd_lookup_light+0x69/0x170 [ 553.706900][T31917] ? sockfd_lookup_light+0x73/0x170 [ 553.712084][T31917] ? __sanitizer_cov_trace_pc+0x27/0x50 [ 553.717637][T31917] __sys_sendmsg+0xec/0x1b0 [ 553.722124][T31917] ? __sys_sendmsg_sock+0xb0/0xb0 [ 553.727148][T31917] ? do_syscall_64+0x4f/0x7d0 [ 553.731814][T31917] do_syscall_64+0xf6/0x7d0 [ 553.736319][T31917] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 553.742205][T31917] RIP: 0033:0x45c849 [ 553.746087][T31917] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 553.765677][T31917] RSP: 002b:00007f08170ddc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 553.774071][T31917] RAX: ffffffffffffffda RBX: 00007f08170de6d4 RCX: 000000000045c849 [ 553.782022][T31917] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009 [ 553.789973][T31917] RBP: 000000000076c040 R08: 0000000000000000 R09: 0000000000000000 [ 553.797929][T31917] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 553.805888][T31917] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076c04c [ 553.827752][T32121] netlink: 179916 bytes leftover after parsing attributes in process `syz-executor.4'. [ 553.867566][T32121] ------------[ cut here ]------------ [ 553.873039][T32121] precision 33020 too large [ 553.873851][T32121] WARNING: CPU: 1 PID: 32121 at lib/vsprintf.c:2471 set_precision+0x13a/0x170 [ 553.887192][T32121] Kernel panic - not syncing: panic_on_warn set ... [ 553.893784][T32121] CPU: 1 PID: 32121 Comm: syz-executor.4 Not tainted 5.6.0-rc7-syzkaller #0 [ 553.902449][T32121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 553.912497][T32121] Call Trace: [ 553.915790][T32121] dump_stack+0x188/0x20d [ 553.920130][T32121] ? set_precision+0x90/0x170 [ 553.924830][T32121] panic+0x2e3/0x75c [ 553.928753][T32121] ? add_taint.cold+0x16/0x16 [ 553.933448][T32121] ? __probe_kernel_read+0x188/0x1d0 [ 553.938733][T32121] ? __warn.cold+0x14/0x35 [ 553.943159][T32121] ? set_precision+0x13a/0x170 [ 553.947936][T32121] __warn.cold+0x2f/0x35 [ 553.952214][T32121] ? set_precision+0x13a/0x170 [ 553.956986][T32121] report_bug+0x27b/0x2f0 [ 553.961327][T32121] do_error_trap+0x12b/0x220 [ 553.965922][T32121] ? set_precision+0x13a/0x170 [ 553.970707][T32121] do_invalid_op+0x32/0x40 [ 553.975122][T32121] ? set_precision+0x13a/0x170 [ 553.979891][T32121] invalid_op+0x23/0x30 [ 553.984063][T32121] RIP: 0010:set_precision+0x13a/0x170 [ 553.989437][T32121] Code: b6 df 88 5d 07 5b 5d 41 5c 41 5d e9 90 58 ba f9 e8 8b 58 ba f9 89 de 48 c7 c7 00 2a da 88 c6 05 a3 61 a9 02 01 e8 6e 69 8c f9 <0f> 0b e9 67 ff ff ff be 08 00 00 00 48 89 ef e8 42 1f f7 f9 e9 14 [ 554.009038][T32121] RSP: 0018:ffffc900059d72d8 EFLAGS: 00010286 [ 554.015102][T32121] RAX: 0000000000000000 RBX: 00000000000080fc RCX: 0000000000000000 [ 554.023175][T32121] RDX: 0000000000011a68 RSI: ffffffff815c06c1 RDI: fffff52000b3ae4d [ 554.031146][T32121] RBP: ffffc900059d7368 R08: ffff88809069c600 R09: fffffbfff180e57b [ 554.039115][T32121] R10: fffffbfff180e57a R11: ffffffff8c072bd7 R12: 0000000000000000 [ 554.047090][T32121] R13: ffffc900059d736f R14: 0000000000000018 R15: ffffc900059d7400 [ 554.055089][T32121] ? vprintk_func+0x81/0x17e [ 554.059697][T32121] ? set_precision+0x13a/0x170 [ 554.064469][T32121] vsnprintf+0x894/0x14f0 [ 554.068820][T32121] ? pointer+0x680/0x680 [ 554.073076][T32121] ? __irq_work_queue_local+0x11d/0x180 [ 554.078636][T32121] kvasprintf+0x9c/0x150 [ 554.082901][T32121] ? bust_spinlocks+0xe0/0xe0 [ 554.087595][T32121] ? vprintk_func+0x81/0x17e [ 554.092201][T32121] kasprintf+0xbb/0xf0 [ 554.096275][T32121] ? kvasprintf_const+0x190/0x190 [ 554.101303][T32121] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 554.107105][T32121] ? ___ratelimit+0x59/0x573 [ 554.111695][T32121] hwsim_new_radio_nl+0x8db/0xf60 [ 554.116914][T32121] ? mac80211_hwsim_new_radio+0x43d0/0x43d0 [ 554.122789][T32121] ? cap_capable+0x1eb/0x250 [ 554.127364][T32121] ? genl_family_rcv_msg_attrs_parse+0x1bd/0x320 [ 554.133777][T32121] ? genl_family_rcv_msg_attrs_parse+0x1c7/0x320 [ 554.140108][T32121] genl_rcv_msg+0x627/0xdf0 [ 554.144610][T32121] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 554.150918][T32121] ? mark_held_locks+0x9f/0xe0 [ 554.155662][T32121] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 554.161131][T32121] ? smp_apic_timer_interrupt+0x1b6/0x600 06:10:54 executing program 3: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x0, 0x0, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, 0x0, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:54 executing program 2: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x1, 0x0, 0x6}}, 0xe8) sendmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x2e9, 0x0) 06:10:54 executing program 5: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, 0x0, 0x0) 06:10:54 executing program 0: socket$kcm(0xa, 0x6, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22100, 0xd) socket$unix(0x1, 0x7, 0x0) ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000100)={0x8, "adb6b1e3261c167755928078bf0b39beb3e6c1fe52df38ca243a4b8733523df1", 0x1, 0x20, 0x5, 0x0, 0x4, 0x2, 0x6, 0x1}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000440), 0xfffffffffffffe35) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x11, 0x70bd2a}, 0x14}}, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x16}}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x3404c004}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030024000705d21b80788c63940d0424fc60100011400a2f0000051982c1375b3e37096b088000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 06:10:54 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x4}}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x1405}], {0x14}}, 0x3c}}, 0x0) [ 554.166837][T32121] ? retint_kernel+0x2b/0x2b [ 554.171405][T32121] netlink_rcv_skb+0x15a/0x410 [ 554.176161][T32121] ? genl_family_rcv_msg_attrs_parse+0x320/0x320 [ 554.182489][T32121] ? netlink_ack+0xa80/0xa80 [ 554.187111][T32121] genl_rcv+0x24/0x40 [ 554.191093][T32121] netlink_unicast+0x537/0x740 [ 554.195866][T32121] ? netlink_attachskb+0x810/0x810 [ 554.200979][T32121] ? _copy_from_iter_full+0x25c/0x870 [ 554.206478][T32121] ? __phys_addr_symbol+0x2c/0x70 [ 554.211521][T32121] ? __check_object_size+0x171/0x437 [ 554.216825][T32121] netlink_sendmsg+0x882/0xe10 [ 554.221613][T32121] ? aa_af_perm+0x260/0x260 [ 554.226123][T32121] ? netlink_unicast+0x740/0x740 [ 554.231080][T32121] ? netlink_unicast+0x740/0x740 [ 554.236018][T32121] sock_sendmsg+0xcf/0x120 [ 554.240449][T32121] ____sys_sendmsg+0x6b9/0x7d0 [ 554.245223][T32121] ? kernel_sendmsg+0x50/0x50 [ 554.249912][T32121] ? mark_lock+0xbc/0x1220 [ 554.254354][T32121] ___sys_sendmsg+0x100/0x170 [ 554.259043][T32121] ? sendmsg_copy_msghdr+0x70/0x70 [ 554.264179][T32121] ? __fget_files+0x329/0x4f0 [ 554.268867][T32121] ? ksys_dup3+0x3c0/0x3c0 [ 554.273278][T32121] ? lock_acquire+0x197/0x420 [ 554.277943][T32121] ? __might_fault+0xef/0x1d0 [ 554.282613][T32121] ? __fget_light+0x208/0x270 [ 554.287281][T32121] __sys_sendmsg+0xec/0x1b0 [ 554.291766][T32121] ? __sys_sendmsg_sock+0xb0/0xb0 [ 554.296792][T32121] ? do_syscall_64+0x4f/0x7d0 [ 554.301465][T32121] do_syscall_64+0xf6/0x7d0 [ 554.305952][T32121] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 554.311838][T32121] RIP: 0033:0x45c849 [ 554.315715][T32121] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 554.335426][T32121] RSP: 002b:00007f03f7053c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 554.343820][T32121] RAX: ffffffffffffffda RBX: 00007f03f70546d4 RCX: 000000000045c849 [ 554.351771][T32121] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 554.359732][T32121] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 [ 554.367693][T32121] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 554.375649][T32121] R13: 00000000000009f1 R14: 00000000004cca8d R15: 000000000076bf0c [ 554.385002][T32121] Kernel Offset: disabled [ 554.389417][T32121] Rebooting in 86400 seconds..