66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2230.354119][T11693] RSP: 002b:00007f571d74c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2230.362525][T11693] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2230.370487][T11693] RDX: 0000000000000060 RSI: 0000000020000000 RDI: 0000000000000003 [ 2230.378448][T11693] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2230.386406][T11693] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2230.394464][T11693] R13: 00007ffe36affebf R14: 00007f571d74c300 R15: 0000000000022000 [ 2230.409922][T11681] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 2230.424160][T11681] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. 03:46:13 executing program 2: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011160a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) gettid() r1 = socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000001180)=[{&(0x7f0000000dc0)=""/132, 0x84}, {&(0x7f0000000f00)=""/103, 0x67}, {&(0x7f0000001040)=""/177, 0xb1}, {0x0}], 0x4}, 0x2000) socket$kcm(0x29, 0x0, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) [ 2230.542573][T11695] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 2230.559116][T11695] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2230.571199][T11695] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2230.571199][T11695] !' [ 2230.591965][T11695] CPU: 0 PID: 11695 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 2230.601800][T11695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2230.611863][T11695] Call Trace: [ 2230.615233][T11695] dump_stack_lvl+0xcd/0x134 [ 2230.619864][T11695] sysfs_warn_dup.cold+0x1c/0x29 [ 2230.624814][T11695] sysfs_do_create_link_sd+0x11e/0x140 [ 2230.630293][T11695] sysfs_create_link+0x5f/0xc0 [ 2230.635074][T11695] device_add+0x789/0x2100 [ 2230.639503][T11695] ? mutex_lock_io_nested+0xf00/0xf00 [ 2230.644885][T11695] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2230.650450][T11695] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2230.656708][T11695] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2230.662973][T11695] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2230.669234][T11695] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2230.675232][T11695] wiphy_register+0x1e8a/0x29b0 [ 2230.680109][T11695] ? wiphy_unregister+0xbd0/0xbd0 [ 2230.685150][T11695] ? minstrel_ht_alloc+0x531/0xa00 [ 2230.690280][T11695] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2230.696372][T11695] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2230.701849][T11695] ? ieee80211_restart_hw+0x290/0x290 [ 2230.707375][T11695] ? debug_object_destroy+0x210/0x210 [ 2230.712742][T11695] ? lock_downgrade+0x6e0/0x6e0 [ 2230.717584][T11695] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2230.723033][T11695] ? memset+0x20/0x40 [ 2230.727023][T11695] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2230.733343][T11695] ? __hrtimer_init+0x136/0x280 [ 2230.738205][T11695] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2230.743928][T11695] ? hwsim_virtio_rx_work+0x350/0x350 [ 2230.749298][T11695] ? __kmalloc_track_caller+0x1a0/0x320 [ 2230.754835][T11695] ? memcpy+0x39/0x60 [ 2230.758873][T11695] hwsim_new_radio_nl+0x9bc/0x1080 [ 2230.764088][T11695] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2230.770096][T11695] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2230.776325][T11695] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2230.783709][T11695] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2230.790999][T11695] genl_family_rcv_msg_doit+0x228/0x320 [ 2230.796543][T11695] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2230.803920][T11695] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2230.810151][T11695] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2230.816465][T11695] ? ns_capable+0xde/0x100 [ 2230.820875][T11695] genl_rcv_msg+0x328/0x580 [ 2230.825369][T11695] ? genl_get_cmd+0x480/0x480 [ 2230.830048][T11695] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2230.835957][T11695] ? lock_release+0x720/0x720 [ 2230.840624][T11695] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2230.845896][T11695] ? trace_hardirqs_on+0x5b/0x1c0 [ 2230.850905][T11695] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2230.856613][T11695] netlink_rcv_skb+0x153/0x420 [ 2230.861369][T11695] ? genl_get_cmd+0x480/0x480 [ 2230.866035][T11695] ? netlink_ack+0xa60/0xa60 [ 2230.870623][T11695] ? netlink_deliver_tap+0x236/0xba0 [ 2230.875906][T11695] genl_rcv+0x24/0x40 [ 2230.879872][T11695] netlink_unicast+0x533/0x7d0 [ 2230.884617][T11695] ? netlink_attachskb+0x890/0x890 [ 2230.889750][T11695] ? __virt_addr_valid+0x5d/0x2d0 [ 2230.894848][T11695] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2230.901071][T11695] ? __phys_addr_symbol+0x2c/0x70 [ 2230.906082][T11695] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2230.911807][T11695] ? __check_object_size+0x16e/0x3f0 [ 2230.917093][T11695] netlink_sendmsg+0x85b/0xda0 [ 2230.921865][T11695] ? netlink_unicast+0x7d0/0x7d0 [ 2230.926813][T11695] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2230.933051][T11695] ? netlink_unicast+0x7d0/0x7d0 [ 2230.937980][T11695] sock_sendmsg+0xcf/0x120 [ 2230.942399][T11695] ____sys_sendmsg+0x6e8/0x810 [ 2230.947155][T11695] ? kernel_sendmsg+0x50/0x50 [ 2230.951845][T11695] ? do_recvmmsg+0x6d0/0x6d0 [ 2230.956422][T11695] ? fs_reclaim_release+0x9c/0xf0 [ 2230.961431][T11695] ? lock_downgrade+0x6e0/0x6e0 [ 2230.966265][T11695] ___sys_sendmsg+0xf3/0x170 [ 2230.970839][T11695] ? sendmsg_copy_msghdr+0x160/0x160 [ 2230.976123][T11695] ? __fget_files+0x266/0x3d0 [ 2230.980807][T11695] ? lock_downgrade+0x6e0/0x6e0 [ 2230.985652][T11695] ? futex_exit_release+0x220/0x220 [ 2230.990838][T11695] ? alloc_empty_file+0xd7/0x170 [ 2230.995759][T11695] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2231.001993][T11695] ? __fget_files+0x288/0x3d0 [ 2231.006658][T11695] ? __fget_light+0xea/0x280 [ 2231.011329][T11695] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2231.017555][T11695] __sys_sendmsg+0xe5/0x1b0 [ 2231.022184][T11695] ? __sys_sendmsg_sock+0x30/0x30 [ 2231.027206][T11695] ? syscall_enter_from_user_mode+0x21/0x70 [ 2231.033092][T11695] ? trace_hardirqs_on+0x5b/0x1c0 [ 2231.038207][T11695] do_syscall_64+0x35/0xb0 [ 2231.042633][T11695] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2231.048532][T11695] RIP: 0033:0x4665d9 [ 2231.052410][T11695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2231.072014][T11695] RSP: 002b:00007f571d72b188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2231.080413][T11695] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 03:46:14 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0xf0) socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) 03:46:14 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0xff00) 03:46:14 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2231.779080][T11729] RSP: 002b:00007f0cbc104188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2231.787494][T11729] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2231.795455][T11729] RDX: 0000000000006000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2231.803568][T11729] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2231.811543][T11729] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2231.819520][T11729] R13: 00007fffc9e5e04f R14: 00007f0cbc104300 R15: 0000000000022000 [ 2231.852530][T11741] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2231.866036][T11741] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2231.879086][T11741] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2231.879086][T11741] !' [ 2231.892567][T11741] CPU: 1 PID: 11741 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 2231.902402][T11741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2231.912470][T11741] Call Trace: [ 2231.915759][T11741] dump_stack_lvl+0xcd/0x134 [ 2231.920404][T11741] sysfs_warn_dup.cold+0x1c/0x29 [ 2231.925378][T11741] sysfs_do_create_link_sd+0x11e/0x140 [ 2231.930871][T11741] sysfs_create_link+0x5f/0xc0 [ 2231.935656][T11741] device_add+0x789/0x2100 [ 2231.940089][T11741] ? mutex_lock_io_nested+0xf00/0xf00 [ 2231.945475][T11741] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2231.951034][T11741] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2231.957556][T11741] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2231.963821][T11741] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2231.970065][T11741] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2231.976306][T11741] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2231.982292][T11741] wiphy_register+0x1e8a/0x29b0 [ 2231.987151][T11741] ? wiphy_unregister+0xbd0/0xbd0 [ 2231.992187][T11741] ? minstrel_ht_alloc+0x531/0xa00 [ 2231.997384][T11741] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2232.003452][T11741] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2232.008915][T11741] ? ieee80211_restart_hw+0x290/0x290 [ 2232.014295][T11741] ? debug_object_destroy+0x210/0x210 [ 2232.019699][T11741] ? lock_downgrade+0x6e0/0x6e0 [ 2232.024546][T11741] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2232.030021][T11741] ? memset+0x20/0x40 [ 2232.034003][T11741] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2232.040239][T11741] ? __hrtimer_init+0x136/0x280 [ 2232.045103][T11741] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2232.050839][T11741] ? hwsim_virtio_rx_work+0x350/0x350 [ 2232.056222][T11741] ? __kmalloc_track_caller+0x1a0/0x320 [ 2232.061764][T11741] ? memcpy+0x39/0x60 [ 2232.065753][T11741] hwsim_new_radio_nl+0x9bc/0x1080 [ 2232.070874][T11741] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2232.076771][T11741] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2232.083005][T11741] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2232.090559][T11741] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2232.097846][T11741] genl_family_rcv_msg_doit+0x228/0x320 [ 2232.103479][T11741] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2232.110853][T11741] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2232.117115][T11741] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2232.123352][T11741] ? ns_capable+0xde/0x100 [ 2232.127774][T11741] genl_rcv_msg+0x328/0x580 [ 2232.132317][T11741] ? genl_get_cmd+0x480/0x480 [ 2232.137014][T11741] ? lock_downgrade+0x6e0/0x6e0 [ 2232.141858][T11741] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2232.147752][T11741] ? lock_release+0x720/0x720 [ 2232.152429][T11741] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2232.157716][T11741] netlink_rcv_skb+0x153/0x420 [ 2232.162480][T11741] ? genl_get_cmd+0x480/0x480 [ 2232.167157][T11741] ? netlink_ack+0xa60/0xa60 [ 2232.171759][T11741] ? netlink_deliver_tap+0x236/0xba0 [ 2232.177042][T11741] genl_rcv+0x24/0x40 [ 2232.181030][T11741] netlink_unicast+0x533/0x7d0 [ 2232.185791][T11741] ? netlink_attachskb+0x890/0x890 [ 2232.190899][T11741] ? __virt_addr_valid+0x5d/0x2d0 [ 2232.195918][T11741] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2232.202255][T11741] ? __phys_addr_symbol+0x2c/0x70 [ 2232.207280][T11741] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2232.213078][T11741] ? __check_object_size+0x16e/0x3f0 [ 2232.218359][T11741] netlink_sendmsg+0x85b/0xda0 [ 2232.223124][T11741] ? netlink_unicast+0x7d0/0x7d0 [ 2232.228064][T11741] ? netlink_unicast+0x7d0/0x7d0 [ 2232.233084][T11741] sock_sendmsg+0xcf/0x120 [ 2232.237505][T11741] ____sys_sendmsg+0x6e8/0x810 [ 2232.242270][T11741] ? kernel_sendmsg+0x50/0x50 [ 2232.246945][T11741] ? do_recvmmsg+0x6d0/0x6d0 [ 2232.251529][T11741] ? futex_wait_restart+0x200/0x200 [ 2232.256736][T11741] ___sys_sendmsg+0xf3/0x170 [ 2232.261334][T11741] ? sendmsg_copy_msghdr+0x160/0x160 [ 2232.266639][T11741] ? __fget_files+0x266/0x3d0 [ 2232.271323][T11741] ? lock_downgrade+0x6e0/0x6e0 [ 2232.276171][T11741] ? futex_exit_release+0x220/0x220 [ 2232.281365][T11741] ? clockevents_program_event+0x141/0x370 [ 2232.287175][T11741] ? lock_downgrade+0x6e0/0x6e0 [ 2232.292021][T11741] ? __fget_files+0x288/0x3d0 [ 2232.296696][T11741] ? __fget_light+0xea/0x280 [ 2232.301280][T11741] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2232.307527][T11741] __sys_sendmsg+0xe5/0x1b0 [ 2232.312026][T11741] ? __sys_sendmsg_sock+0x30/0x30 [ 2232.317065][T11741] ? syscall_enter_from_user_mode+0x21/0x70 [ 2232.322957][T11741] ? trace_hardirqs_on+0x5b/0x1c0 [ 2232.327981][T11741] do_syscall_64+0x35/0xb0 [ 2232.332393][T11741] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2232.338380][T11741] RIP: 0033:0x4665d9 [ 2232.342269][T11741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2232.361872][T11741] RSP: 002b:00007f2f41cb3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2232.370279][T11741] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2232.378442][T11741] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2232.386413][T11741] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2232.394387][T11741] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2232.402359][T11741] R13: 00007ffcab19058f R14: 00007f2f41cb3300 R15: 0000000000022000 [ 2232.461474][T11751] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 2232.477655][T11751] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2232.503494][T11751] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2232.503494][T11751] !' [ 2232.515169][T11751] CPU: 0 PID: 11751 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2232.525261][T11751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2232.535327][T11751] Call Trace: [ 2232.538615][T11751] dump_stack_lvl+0xcd/0x134 [ 2232.543243][T11751] sysfs_warn_dup.cold+0x1c/0x29 [ 2232.548199][T11751] sysfs_do_create_link_sd+0x11e/0x140 [ 2232.553655][T11751] sysfs_create_link+0x5f/0xc0 [ 2232.558499][T11751] device_add+0x789/0x2100 [ 2232.562913][T11751] ? mutex_lock_io_nested+0xf00/0xf00 [ 2232.568456][T11751] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2232.574004][T11751] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2232.580499][T11751] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2232.586734][T11751] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2232.593014][T11751] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2232.599276][T11751] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2232.605248][T11751] wiphy_register+0x1e8a/0x29b0 [ 2232.610092][T11751] ? wiphy_unregister+0xbd0/0xbd0 [ 2232.615115][T11751] ? minstrel_ht_alloc+0x531/0xa00 [ 2232.620212][T11751] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2232.626271][T11751] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2232.631717][T11751] ? ieee80211_restart_hw+0x290/0x290 [ 2232.637082][T11751] ? debug_object_destroy+0x210/0x210 [ 2232.642465][T11751] ? lock_downgrade+0x6e0/0x6e0 [ 2232.647317][T11751] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2232.652764][T11751] ? memset+0x20/0x40 [ 2232.656746][T11751] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2232.662987][T11751] ? __hrtimer_init+0x136/0x280 [ 2232.667827][T11751] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2232.673542][T11751] ? hwsim_virtio_rx_work+0x350/0x350 [ 2232.678903][T11751] ? __kmalloc_track_caller+0x1a0/0x320 [ 2232.684558][T11751] ? memcpy+0x39/0x60 [ 2232.688554][T11751] hwsim_new_radio_nl+0x9bc/0x1080 [ 2232.693667][T11751] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2232.699574][T11751] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2232.705811][T11751] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2232.713177][T11751] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2232.720450][T11751] genl_family_rcv_msg_doit+0x228/0x320 [ 2232.725988][T11751] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2232.733351][T11751] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2232.739628][T11751] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2232.745861][T11751] ? ns_capable+0xde/0x100 [ 2232.750328][T11751] genl_rcv_msg+0x328/0x580 [ 2232.754826][T11751] ? genl_get_cmd+0x480/0x480 [ 2232.759487][T11751] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2232.765376][T11751] ? lock_release+0x720/0x720 [ 2232.770062][T11751] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2232.775342][T11751] ? trace_hardirqs_on+0x5b/0x1c0 [ 2232.780365][T11751] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2232.786078][T11751] netlink_rcv_skb+0x153/0x420 [ 2232.790854][T11751] ? genl_get_cmd+0x480/0x480 [ 2232.795537][T11751] ? netlink_ack+0xa60/0xa60 [ 2232.800114][T11751] ? netlink_deliver_tap+0x236/0xba0 [ 2232.805384][T11751] genl_rcv+0x24/0x40 [ 2232.809350][T11751] netlink_unicast+0x533/0x7d0 [ 2232.814107][T11751] ? netlink_attachskb+0x890/0x890 [ 2232.819203][T11751] ? __virt_addr_valid+0x5d/0x2d0 [ 2232.824213][T11751] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2232.830455][T11751] ? __phys_addr_symbol+0x2c/0x70 [ 2232.835531][T11751] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2232.841244][T11751] ? __check_object_size+0x16e/0x3f0 [ 2232.846609][T11751] netlink_sendmsg+0x85b/0xda0 [ 2232.851388][T11751] ? netlink_unicast+0x7d0/0x7d0 [ 2232.856310][T11751] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2232.862538][T11751] ? netlink_unicast+0x7d0/0x7d0 [ 2232.867461][T11751] sock_sendmsg+0xcf/0x120 [ 2232.871874][T11751] ____sys_sendmsg+0x6e8/0x810 [ 2232.876626][T11751] ? kernel_sendmsg+0x50/0x50 [ 2232.881299][T11751] ? do_recvmmsg+0x6d0/0x6d0 [ 2232.885877][T11751] ? tomoyo_path_number_perm+0x204/0x590 [ 2232.891677][T11751] ? kfree+0xeb/0x670 [ 2232.895644][T11751] ? tomoyo_path_number_perm+0x441/0x590 [ 2232.901262][T11751] ___sys_sendmsg+0xf3/0x170 [ 2232.905843][T11751] ? sendmsg_copy_msghdr+0x160/0x160 [ 2232.911113][T11751] ? __fget_files+0x266/0x3d0 [ 2232.915792][T11751] ? lock_downgrade+0x6e0/0x6e0 [ 2232.920716][T11751] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2232.926638][T11751] ? do_vfs_ioctl+0x132/0x15d0 [ 2232.931388][T11751] ? __fget_files+0x288/0x3d0 [ 2232.936051][T11751] ? __fget_light+0xea/0x280 [ 2232.940647][T11751] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2232.946887][T11751] __sys_sendmsg+0xe5/0x1b0 [ 2232.951375][T11751] ? __sys_sendmsg_sock+0x30/0x30 [ 2232.956390][T11751] ? syscall_enter_from_user_mode+0x21/0x70 [ 2232.962276][T11751] ? trace_hardirqs_on+0x5b/0x1c0 [ 2232.967292][T11751] do_syscall_64+0x35/0xb0 [ 2232.971705][T11751] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2232.977593][T11751] RIP: 0033:0x4665d9 [ 2232.981610][T11751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2233.001268][T11751] RSP: 002b:00007f0cbc0c2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2233.010366][T11751] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2233.018334][T11751] RDX: 0000000000006000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2233.026289][T11751] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2233.034254][T11751] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2233.042211][T11751] R13: 00007fffc9e5e04f R14: 00007f0cbc0c2300 R15: 0000000000022000 03:46:16 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0xa712) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:16 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2233.623554][T11769] RSP: 002b:00007f2f41c71188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2233.632743][T11769] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2233.640706][T11769] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2233.648667][T11769] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2233.656627][T11769] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2233.664614][T11769] R13: 00007ffcab19058f R14: 00007f2f41c71300 R15: 0000000000022000 03:46:16 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f000000}, 0x0) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x2000) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:16 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0xff0700) 03:46:16 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2234.696070][T11797] RSP: 002b:00007f571d74c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2234.704500][T11797] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2234.712455][T11797] RDX: 00000000000000f0 RSI: 0000000020000000 RDI: 0000000000000003 [ 2234.720423][T11797] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2234.728379][T11797] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2234.736351][T11797] R13: 00007ffe36affebf R14: 00007f571d74c300 R15: 0000000000022000 [ 2234.758857][T11805] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 2234.779053][T11805] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. 03:46:17 executing program 2: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011170a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) gettid() r1 = socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000001180)=[{&(0x7f0000000dc0)=""/132, 0x84}, {&(0x7f0000000f00)=""/103, 0x67}, {&(0x7f0000001040)=""/177, 0xb1}, {0x0}], 0x4}, 0x2000) socket$kcm(0x29, 0x0, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) [ 2234.905077][T11800] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 2234.913369][T11800] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2234.929091][T11800] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2234.929091][T11800] !' [ 2234.941312][T11800] CPU: 1 PID: 11800 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 2234.951156][T11800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2234.961226][T11800] Call Trace: [ 2234.964524][T11800] dump_stack_lvl+0xcd/0x134 [ 2234.969133][T11800] sysfs_warn_dup.cold+0x1c/0x29 [ 2234.974089][T11800] sysfs_do_create_link_sd+0x11e/0x140 [ 2234.979556][T11800] sysfs_create_link+0x5f/0xc0 [ 2234.984348][T11800] device_add+0x789/0x2100 [ 2234.988773][T11800] ? mutex_lock_io_nested+0xf00/0xf00 [ 2234.994153][T11800] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2234.999705][T11800] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2235.005943][T11800] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2235.012179][T11800] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2235.018411][T11800] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2235.024391][T11800] wiphy_register+0x1e8a/0x29b0 [ 2235.029242][T11800] ? wiphy_unregister+0xbd0/0xbd0 [ 2235.034264][T11800] ? minstrel_ht_alloc+0x531/0xa00 [ 2235.039383][T11800] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2235.045453][T11800] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2235.050916][T11800] ? ieee80211_restart_hw+0x290/0x290 [ 2235.056283][T11800] ? debug_object_destroy+0x210/0x210 [ 2235.061651][T11800] ? lock_downgrade+0x6e0/0x6e0 [ 2235.066498][T11800] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2235.071952][T11800] ? memset+0x20/0x40 [ 2235.075931][T11800] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2235.082178][T11800] ? __hrtimer_init+0x136/0x280 [ 2235.087026][T11800] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2235.092837][T11800] ? hwsim_virtio_rx_work+0x350/0x350 [ 2235.098208][T11800] ? __kmalloc_track_caller+0x1a0/0x320 [ 2235.103922][T11800] ? memcpy+0x39/0x60 [ 2235.107901][T11800] hwsim_new_radio_nl+0x9bc/0x1080 [ 2235.113015][T11800] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2235.118911][T11800] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2235.125150][T11800] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2235.132519][T11800] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2235.139803][T11800] genl_family_rcv_msg_doit+0x228/0x320 [ 2235.145367][T11800] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2235.152737][T11800] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2235.158981][T11800] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2235.165216][T11800] ? ns_capable+0xde/0x100 [ 2235.169628][T11800] genl_rcv_msg+0x328/0x580 [ 2235.174129][T11800] ? genl_get_cmd+0x480/0x480 [ 2235.178801][T11800] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2235.184697][T11800] ? lock_release+0x720/0x720 [ 2235.189367][T11800] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2235.194663][T11800] ? trace_hardirqs_on+0x5b/0x1c0 [ 2235.199683][T11800] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2235.205399][T11800] netlink_rcv_skb+0x153/0x420 [ 2235.210161][T11800] ? genl_get_cmd+0x480/0x480 [ 2235.214836][T11800] ? netlink_ack+0xa60/0xa60 [ 2235.219430][T11800] ? netlink_deliver_tap+0x236/0xba0 [ 2235.224725][T11800] genl_rcv+0x24/0x40 [ 2235.228698][T11800] netlink_unicast+0x533/0x7d0 [ 2235.233458][T11800] ? netlink_attachskb+0x890/0x890 [ 2235.238564][T11800] ? __virt_addr_valid+0x5d/0x2d0 [ 2235.243595][T11800] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2235.249858][T11800] ? __phys_addr_symbol+0x2c/0x70 [ 2235.254888][T11800] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2235.260599][T11800] ? __check_object_size+0x16e/0x3f0 [ 2235.265887][T11800] netlink_sendmsg+0x85b/0xda0 [ 2235.270647][T11800] ? netlink_unicast+0x7d0/0x7d0 [ 2235.275580][T11800] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2235.281821][T11800] ? netlink_unicast+0x7d0/0x7d0 [ 2235.286756][T11800] sock_sendmsg+0xcf/0x120 [ 2235.291172][T11800] ____sys_sendmsg+0x6e8/0x810 [ 2235.295936][T11800] ? kernel_sendmsg+0x50/0x50 [ 2235.300618][T11800] ? do_recvmmsg+0x6d0/0x6d0 [ 2235.305205][T11800] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2235.311438][T11800] ? __kfence_alloc+0x37b/0xc20 [ 2235.316287][T11800] ___sys_sendmsg+0xf3/0x170 [ 2235.320870][T11800] ? sendmsg_copy_msghdr+0x160/0x160 [ 2235.326150][T11800] ? __fget_files+0x266/0x3d0 [ 2235.330823][T11800] ? lock_downgrade+0x6e0/0x6e0 [ 2235.335671][T11800] ? futex_exit_release+0x220/0x220 [ 2235.340867][T11800] ? alloc_empty_file+0xd7/0x170 [ 2235.345799][T11800] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2235.352041][T11800] ? __fget_files+0x288/0x3d0 [ 2235.356716][T11800] ? __fget_light+0xea/0x280 [ 2235.361317][T11800] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2235.367642][T11800] __sys_sendmsg+0xe5/0x1b0 [ 2235.372140][T11800] ? __sys_sendmsg_sock+0x30/0x30 [ 2235.377162][T11800] ? syscall_enter_from_user_mode+0x21/0x70 [ 2235.383052][T11800] ? trace_hardirqs_on+0x5b/0x1c0 [ 2235.388081][T11800] do_syscall_64+0x35/0xb0 [ 2235.392488][T11800] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2235.398387][T11800] RIP: 0033:0x4665d9 [ 2235.402270][T11800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2235.421871][T11800] RSP: 002b:00007f571d72b188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2235.430277][T11800] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 2235.438242][T11800] RDX: 00000000000000f0 RSI: 0000000020000000 RDI: 0000000000000003 [ 2235.446215][T11800] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2235.454177][T11800] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038 [ 2235.462146][T11800] R13: 00007ffe36affebf R14: 00007f571d72b300 R15: 0000000000022000 03:46:18 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x700) socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) 03:46:18 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0x2000000) 03:46:18 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2236.035861][T11834] RSP: 002b:00007f0cbc104188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2236.044272][T11834] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2236.052255][T11834] RDX: 000000000000a712 RSI: 0000000020000000 RDI: 0000000000000004 [ 2236.060217][T11834] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2236.068180][T11834] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2236.076143][T11834] R13: 00007fffc9e5e04f R14: 00007f0cbc104300 R15: 0000000000022000 [ 2236.101612][T11850] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2236.109811][T11850] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. 03:46:19 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0x3000000) [ 2236.208230][T11850] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2236.208230][T11850] !' [ 2236.231177][T11850] CPU: 1 PID: 11850 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 2236.241046][T11850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2236.251101][T11850] Call Trace: [ 2236.254375][T11850] dump_stack_lvl+0xcd/0x134 [ 2236.258970][T11850] sysfs_warn_dup.cold+0x1c/0x29 [ 2236.263922][T11850] sysfs_do_create_link_sd+0x11e/0x140 [ 2236.269388][T11850] sysfs_create_link+0x5f/0xc0 [ 2236.274148][T11850] device_add+0x789/0x2100 [ 2236.278561][T11850] ? mutex_lock_io_nested+0xf00/0xf00 [ 2236.283950][T11850] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2236.289506][T11850] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2236.296023][T11850] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2236.302260][T11850] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2236.308946][T11850] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2236.315193][T11850] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2236.321180][T11850] wiphy_register+0x1e8a/0x29b0 [ 2236.326039][T11850] ? wiphy_unregister+0xbd0/0xbd0 [ 2236.331172][T11850] ? minstrel_ht_alloc+0x531/0xa00 [ 2236.336287][T11850] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2236.342357][T11850] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2236.347832][T11850] ? ieee80211_restart_hw+0x290/0x290 [ 2236.353810][T11850] ? debug_object_destroy+0x210/0x210 [ 2236.359176][T11850] ? lock_downgrade+0x6e0/0x6e0 [ 2236.364019][T11850] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2236.369472][T11850] ? memset+0x20/0x40 [ 2236.373452][T11850] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2236.379685][T11850] ? __hrtimer_init+0x136/0x280 [ 2236.384536][T11850] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2236.390263][T11850] ? hwsim_virtio_rx_work+0x350/0x350 [ 2236.395656][T11850] ? __kmalloc_track_caller+0x1a0/0x320 [ 2236.401194][T11850] ? memcpy+0x39/0x60 [ 2236.405183][T11850] hwsim_new_radio_nl+0x9bc/0x1080 [ 2236.410298][T11850] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2236.416190][T11850] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2236.422424][T11850] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2236.429792][T11850] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2236.437086][T11850] genl_family_rcv_msg_doit+0x228/0x320 [ 2236.442630][T11850] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2236.450085][T11850] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2236.456323][T11850] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2236.462556][T11850] ? ns_capable+0xde/0x100 [ 2236.466963][T11850] genl_rcv_msg+0x328/0x580 [ 2236.471475][T11850] ? genl_get_cmd+0x480/0x480 [ 2236.476151][T11850] ? lock_downgrade+0x6e0/0x6e0 [ 2236.480993][T11850] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2236.486887][T11850] ? lock_release+0x720/0x720 [ 2236.491658][T11850] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2236.497047][T11850] netlink_rcv_skb+0x153/0x420 [ 2236.501823][T11850] ? genl_get_cmd+0x480/0x480 [ 2236.506521][T11850] ? netlink_ack+0xa60/0xa60 [ 2236.511115][T11850] ? netlink_deliver_tap+0x236/0xba0 [ 2236.516410][T11850] genl_rcv+0x24/0x40 [ 2236.520399][T11850] netlink_unicast+0x533/0x7d0 [ 2236.525169][T11850] ? netlink_attachskb+0x890/0x890 [ 2236.530280][T11850] ? netlink_sendmsg+0x7d3/0xda0 [ 2236.535230][T11850] netlink_sendmsg+0x85b/0xda0 [ 2236.540004][T11850] ? netlink_unicast+0x7d0/0x7d0 [ 2236.544937][T11850] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2236.551184][T11850] ? netlink_unicast+0x7d0/0x7d0 [ 2236.556114][T11850] sock_sendmsg+0xcf/0x120 [ 2236.560530][T11850] ____sys_sendmsg+0x6e8/0x810 [ 2236.565305][T11850] ? kernel_sendmsg+0x50/0x50 [ 2236.569976][T11850] ? do_recvmmsg+0x6d0/0x6d0 [ 2236.574558][T11850] ? futex_wait_restart+0x200/0x200 [ 2236.579763][T11850] ___sys_sendmsg+0xf3/0x170 [ 2236.584439][T11850] ? sendmsg_copy_msghdr+0x160/0x160 [ 2236.589732][T11850] ? __fget_files+0x266/0x3d0 [ 2236.594411][T11850] ? lock_downgrade+0x6e0/0x6e0 [ 2236.599351][T11850] ? futex_exit_release+0x220/0x220 [ 2236.604546][T11850] ? clockevents_program_event+0x141/0x370 [ 2236.610344][T11850] ? lock_downgrade+0x6e0/0x6e0 [ 2236.615191][T11850] ? __fget_files+0x288/0x3d0 [ 2236.619868][T11850] ? __fget_light+0xea/0x280 [ 2236.624452][T11850] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2236.630691][T11850] __sys_sendmsg+0xe5/0x1b0 [ 2236.635191][T11850] ? __sys_sendmsg_sock+0x30/0x30 [ 2236.640215][T11850] ? syscall_enter_from_user_mode+0x21/0x70 [ 2236.646104][T11850] ? trace_hardirqs_on+0x5b/0x1c0 [ 2236.651127][T11850] do_syscall_64+0x35/0xb0 [ 2236.655539][T11850] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2236.661440][T11850] RIP: 0033:0x4665d9 [ 2236.665328][T11850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2236.684939][T11850] RSP: 002b:00007f2f41cb3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2236.693370][T11850] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2236.701335][T11850] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2236.709298][T11850] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2236.717260][T11850] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2236.725222][T11850] R13: 00007ffcab19058f R14: 00007f2f41cb3300 R15: 0000000000022000 [ 2236.801539][T11857] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 2236.826087][T11857] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2236.844553][T11857] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2236.844553][T11857] !' [ 2236.857912][T11857] CPU: 0 PID: 11857 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2236.867950][T11857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2236.878069][T11857] Call Trace: [ 2236.881421][T11857] dump_stack_lvl+0xcd/0x134 [ 2236.886024][T11857] sysfs_warn_dup.cold+0x1c/0x29 [ 2236.890961][T11857] sysfs_do_create_link_sd+0x11e/0x140 [ 2236.896414][T11857] sysfs_create_link+0x5f/0xc0 [ 2236.901168][T11857] device_add+0x789/0x2100 [ 2236.905577][T11857] ? mutex_lock_io_nested+0xf00/0xf00 [ 2236.911032][T11857] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2236.916574][T11857] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2236.923155][T11857] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2236.929417][T11857] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2236.935657][T11857] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2236.942159][T11857] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2236.948132][T11857] wiphy_register+0x1e8a/0x29b0 [ 2236.952977][T11857] ? wiphy_unregister+0xbd0/0xbd0 [ 2236.958004][T11857] ? minstrel_ht_alloc+0x531/0xa00 [ 2236.963101][T11857] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2236.969161][T11857] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2236.974611][T11857] ? ieee80211_restart_hw+0x290/0x290 [ 2236.979998][T11857] ? debug_object_destroy+0x210/0x210 [ 2236.985361][T11857] ? lock_downgrade+0x6e0/0x6e0 [ 2236.990208][T11857] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2236.995671][T11857] ? memset+0x20/0x40 [ 2236.999649][T11857] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2237.005874][T11857] ? __hrtimer_init+0x136/0x280 [ 2237.010725][T11857] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2237.016437][T11857] ? hwsim_virtio_rx_work+0x350/0x350 [ 2237.021792][T11857] ? __kmalloc_track_caller+0x1a0/0x320 [ 2237.027324][T11857] ? memcpy+0x39/0x60 [ 2237.031308][T11857] hwsim_new_radio_nl+0x9bc/0x1080 [ 2237.036426][T11857] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2237.042307][T11857] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2237.048534][T11857] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2237.055899][T11857] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2237.063183][T11857] genl_family_rcv_msg_doit+0x228/0x320 [ 2237.068802][T11857] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2237.076158][T11857] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2237.082388][T11857] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2237.088613][T11857] ? ns_capable+0xde/0x100 [ 2237.093097][T11857] genl_rcv_msg+0x328/0x580 [ 2237.097598][T11857] ? genl_get_cmd+0x480/0x480 [ 2237.102261][T11857] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2237.108239][T11857] ? lock_release+0x720/0x720 [ 2237.112906][T11857] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2237.118173][T11857] ? trace_hardirqs_on+0x5b/0x1c0 [ 2237.123195][T11857] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2237.128908][T11857] netlink_rcv_skb+0x153/0x420 [ 2237.133662][T11857] ? genl_get_cmd+0x480/0x480 [ 2237.138337][T11857] ? netlink_ack+0xa60/0xa60 [ 2237.142915][T11857] ? netlink_deliver_tap+0x236/0xba0 [ 2237.148184][T11857] genl_rcv+0x24/0x40 [ 2237.152151][T11857] netlink_unicast+0x533/0x7d0 [ 2237.156919][T11857] ? netlink_attachskb+0x890/0x890 [ 2237.162022][T11857] ? __virt_addr_valid+0x5d/0x2d0 [ 2237.167029][T11857] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2237.173269][T11857] ? __phys_addr_symbol+0x2c/0x70 [ 2237.178275][T11857] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2237.183988][T11857] ? __check_object_size+0x16e/0x3f0 [ 2237.189348][T11857] netlink_sendmsg+0x85b/0xda0 [ 2237.194100][T11857] ? netlink_unicast+0x7d0/0x7d0 [ 2237.199028][T11857] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2237.205271][T11857] ? netlink_unicast+0x7d0/0x7d0 [ 2237.210195][T11857] sock_sendmsg+0xcf/0x120 [ 2237.214622][T11857] ____sys_sendmsg+0x6e8/0x810 [ 2237.219372][T11857] ? kernel_sendmsg+0x50/0x50 [ 2237.224030][T11857] ? do_recvmmsg+0x6d0/0x6d0 [ 2237.228618][T11857] ? tomoyo_path_number_perm+0x204/0x590 [ 2237.234238][T11857] ? kfree+0xeb/0x670 [ 2237.238222][T11857] ? tomoyo_path_number_perm+0x441/0x590 [ 2237.243880][T11857] ___sys_sendmsg+0xf3/0x170 [ 2237.248453][T11857] ? sendmsg_copy_msghdr+0x160/0x160 [ 2237.253720][T11857] ? __fget_files+0x266/0x3d0 [ 2237.258384][T11857] ? lock_downgrade+0x6e0/0x6e0 [ 2237.263216][T11857] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2237.269108][T11857] ? do_vfs_ioctl+0x132/0x15d0 [ 2237.273876][T11857] ? __fget_files+0x288/0x3d0 [ 2237.278555][T11857] ? __fget_light+0xea/0x280 [ 2237.283144][T11857] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2237.289547][T11857] __sys_sendmsg+0xe5/0x1b0 [ 2237.294039][T11857] ? __sys_sendmsg_sock+0x30/0x30 [ 2237.299054][T11857] ? syscall_enter_from_user_mode+0x21/0x70 [ 2237.304929][T11857] ? trace_hardirqs_on+0x5b/0x1c0 [ 2237.309942][T11857] do_syscall_64+0x35/0xb0 [ 2237.314339][T11857] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2237.320216][T11857] RIP: 0033:0x4665d9 [ 2237.324106][T11857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2237.343696][T11857] RSP: 002b:00007f0cbc0c2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2237.352092][T11857] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2237.360134][T11857] RDX: 000000000000a712 RSI: 0000000020000000 RDI: 0000000000000004 [ 2237.368087][T11857] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2237.376038][T11857] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2237.383990][T11857] R13: 00007fffc9e5e04f R14: 00007f0cbc0c2300 R15: 0000000000022000 [ 2237.404129][T11874] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2237.426429][T11874] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2237.446190][T11874] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2237.446190][T11874] !' [ 2237.457693][T11874] CPU: 1 PID: 11874 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 2237.467535][T11874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2237.477597][T11874] Call Trace: [ 2237.480879][T11874] dump_stack_lvl+0xcd/0x134 [ 2237.485489][T11874] sysfs_warn_dup.cold+0x1c/0x29 [ 2237.490454][T11874] sysfs_do_create_link_sd+0x11e/0x140 [ 2237.495933][T11874] sysfs_create_link+0x5f/0xc0 03:46:20 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0xf000) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:20 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2237.947052][T11874] RSP: 002b:00007f2f41c71188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2237.955473][T11874] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2237.963438][T11874] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2237.971504][T11874] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2237.979466][T11874] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2237.987533][T11874] R13: 00007ffcab19058f R14: 00007f2f41c71300 R15: 0000000000022000 03:46:21 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x3f000000}, 0x0) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x2000) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) [ 2238.008155][T11892] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 2238.021168][T11892] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. 03:46:21 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0x5000000) 03:46:21 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0x6000000) 03:46:21 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2239.017258][T11905] RSP: 002b:00007f571d74c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2239.025667][T11905] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2239.033644][T11905] RDX: 0000000000000700 RSI: 0000000020000000 RDI: 0000000000000003 [ 2239.041611][T11905] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2239.049583][T11905] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2239.057550][T11905] R13: 00007ffe36affebf R14: 00007f571d74c300 R15: 0000000000022000 [ 2239.073034][T11907] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 2239.081214][T11907] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2239.097244][T11907] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2239.097244][T11907] !' [ 2239.116651][T11907] CPU: 1 PID: 11907 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 2239.126488][T11907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2239.136549][T11907] Call Trace: [ 2239.139828][T11907] dump_stack_lvl+0xcd/0x134 [ 2239.144426][T11907] sysfs_warn_dup.cold+0x1c/0x29 [ 2239.149384][T11907] sysfs_do_create_link_sd+0x11e/0x140 [ 2239.154845][T11907] sysfs_create_link+0x5f/0xc0 [ 2239.159695][T11907] device_add+0x789/0x2100 [ 2239.164103][T11907] ? mutex_lock_io_nested+0xf00/0xf00 [ 2239.169492][T11907] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2239.175034][T11907] ? asm_exc_int3+0x31/0x40 [ 2239.179532][T11907] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2239.185764][T11907] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2239.192008][T11907] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2239.198244][T11907] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2239.204225][T11907] wiphy_register+0x1e8a/0x29b0 [ 2239.209078][T11907] ? wiphy_unregister+0xbd0/0xbd0 [ 2239.214100][T11907] ? minstrel_ht_alloc+0x531/0xa00 [ 2239.219209][T11907] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2239.225273][T11907] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2239.230732][T11907] ? ieee80211_restart_hw+0x290/0x290 [ 2239.236102][T11907] ? debug_object_destroy+0x210/0x210 [ 2239.241473][T11907] ? lock_downgrade+0x6e0/0x6e0 [ 2239.246320][T11907] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2239.251771][T11907] ? memset+0x20/0x40 [ 2239.255750][T11907] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2239.261989][T11907] ? __hrtimer_init+0x136/0x280 [ 2239.266839][T11907] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2239.272565][T11907] ? hwsim_virtio_rx_work+0x350/0x350 [ 2239.277932][T11907] ? __kmalloc_track_caller+0x1a0/0x320 [ 2239.283563][T11907] ? memcpy+0x39/0x60 [ 2239.287553][T11907] hwsim_new_radio_nl+0x9bc/0x1080 [ 2239.292664][T11907] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2239.298558][T11907] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2239.304796][T11907] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2239.312165][T11907] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2239.319449][T11907] genl_family_rcv_msg_doit+0x228/0x320 [ 2239.325081][T11907] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2239.332451][T11907] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2239.338688][T11907] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2239.344922][T11907] ? ns_capable+0xde/0x100 [ 2239.349335][T11907] genl_rcv_msg+0x328/0x580 [ 2239.353837][T11907] ? genl_get_cmd+0x480/0x480 [ 2239.358512][T11907] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2239.364406][T11907] ? lock_release+0x720/0x720 [ 2239.369072][T11907] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2239.374354][T11907] ? trace_hardirqs_on+0x5b/0x1c0 [ 2239.379376][T11907] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2239.385093][T11907] netlink_rcv_skb+0x153/0x420 [ 2239.389851][T11907] ? genl_get_cmd+0x480/0x480 [ 2239.394796][T11907] ? netlink_ack+0xa60/0xa60 [ 2239.399384][T11907] ? netlink_deliver_tap+0x236/0xba0 [ 2239.404666][T11907] genl_rcv+0x24/0x40 [ 2239.408750][T11907] netlink_unicast+0x533/0x7d0 [ 2239.413518][T11907] ? netlink_attachskb+0x890/0x890 [ 2239.418638][T11907] ? __virt_addr_valid+0x5d/0x2d0 [ 2239.423672][T11907] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2239.429992][T11907] ? __phys_addr_symbol+0x2c/0x70 [ 2239.435010][T11907] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2239.440723][T11907] ? __check_object_size+0x16e/0x3f0 [ 2239.446000][T11907] netlink_sendmsg+0x85b/0xda0 [ 2239.450760][T11907] ? netlink_unicast+0x7d0/0x7d0 [ 2239.455693][T11907] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2239.461938][T11907] ? netlink_unicast+0x7d0/0x7d0 [ 2239.466888][T11907] sock_sendmsg+0xcf/0x120 [ 2239.471301][T11907] ____sys_sendmsg+0x6e8/0x810 [ 2239.476066][T11907] ? kernel_sendmsg+0x50/0x50 [ 2239.480739][T11907] ? do_recvmmsg+0x6d0/0x6d0 [ 2239.485330][T11907] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2239.491654][T11907] ? __kfence_alloc+0x37b/0xc20 [ 2239.496505][T11907] ___sys_sendmsg+0xf3/0x170 [ 2239.501096][T11907] ? sendmsg_copy_msghdr+0x160/0x160 [ 2239.506386][T11907] ? __fget_files+0x266/0x3d0 [ 2239.511068][T11907] ? lock_downgrade+0x6e0/0x6e0 [ 2239.515911][T11907] ? futex_exit_release+0x220/0x220 [ 2239.521112][T11907] ? alloc_empty_file+0xd7/0x170 [ 2239.526739][T11907] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2239.532980][T11907] ? __fget_files+0x288/0x3d0 [ 2239.537658][T11907] ? __fget_light+0xea/0x280 [ 2239.542245][T11907] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2239.548579][T11907] __sys_sendmsg+0xe5/0x1b0 [ 2239.553092][T11907] ? __sys_sendmsg_sock+0x30/0x30 [ 2239.558381][T11907] ? syscall_enter_from_user_mode+0x21/0x70 [ 2239.564285][T11907] ? trace_hardirqs_on+0x5b/0x1c0 [ 2239.569308][T11907] do_syscall_64+0x35/0xb0 [ 2239.573719][T11907] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2239.579797][T11907] RIP: 0033:0x4665d9 [ 2239.583683][T11907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2239.603393][T11907] RSP: 002b:00007f571d72b188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2239.611800][T11907] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 2239.619776][T11907] RDX: 0000000000000700 RSI: 0000000020000000 RDI: 0000000000000003 [ 2239.627743][T11907] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2239.635704][T11907] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038 [ 2239.643668][T11907] R13: 00007ffe36affebf R14: 00007f571d72b300 R15: 0000000000022000 [ 2239.671003][T11917] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 2239.687876][T11917] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. 03:46:22 executing program 2: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011180a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) gettid() r1 = socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000001180)=[{&(0x7f0000000dc0)=""/132, 0x84}, {&(0x7f0000000f00)=""/103, 0x67}, {&(0x7f0000001040)=""/177, 0xb1}, {0x0}], 0x4}, 0x2000) socket$kcm(0x29, 0x0, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:22 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0x7000000) 03:46:22 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2240.348193][T11939] RSP: 002b:00007f0cbc104188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2240.356614][T11939] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2240.364664][T11939] RDX: 000000000000f000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2240.372627][T11939] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2240.380593][T11939] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2240.388570][T11939] R13: 00007fffc9e5e04f R14: 00007f0cbc104300 R15: 0000000000022000 [ 2240.416286][T11949] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2240.430008][T11949] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. 03:46:23 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0x8000000) [ 2240.552810][T11949] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2240.552810][T11949] !' [ 2240.570805][T11949] CPU: 0 PID: 11949 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 2240.580651][T11949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2240.590712][T11949] Call Trace: [ 2240.594000][T11949] dump_stack_lvl+0xcd/0x134 [ 2240.598793][T11949] sysfs_warn_dup.cold+0x1c/0x29 [ 2240.603756][T11949] sysfs_do_create_link_sd+0x11e/0x140 [ 2240.609582][T11949] sysfs_create_link+0x5f/0xc0 [ 2240.614381][T11949] device_add+0x789/0x2100 [ 2240.618816][T11949] ? mutex_lock_io_nested+0xf00/0xf00 [ 2240.624207][T11949] ? __mutex_unlock_slowpath+0x2b6/0x610 [ 2240.629866][T11949] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2240.636395][T11949] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2240.643698][T11949] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2240.649961][T11949] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2240.656224][T11949] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2240.662300][T11949] wiphy_register+0x1e8a/0x29b0 [ 2240.667178][T11949] ? wiphy_unregister+0xbd0/0xbd0 [ 2240.672227][T11949] ? minstrel_ht_alloc+0x531/0xa00 [ 2240.677387][T11949] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2240.683484][T11949] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2240.688979][T11949] ? ieee80211_restart_hw+0x290/0x290 [ 2240.694378][T11949] ? debug_object_destroy+0x210/0x210 [ 2240.699772][T11949] ? lock_downgrade+0x6e0/0x6e0 [ 2240.704658][T11949] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2240.710141][T11949] ? memset+0x20/0x40 [ 2240.714150][T11949] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2240.720418][T11949] ? __hrtimer_init+0x136/0x280 [ 2240.725306][T11949] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2240.731057][T11949] ? hwsim_virtio_rx_work+0x350/0x350 [ 2240.736458][T11949] ? __kmalloc_track_caller+0x1a0/0x320 [ 2240.742027][T11949] ? memcpy+0x39/0x60 [ 2240.746119][T11949] hwsim_new_radio_nl+0x9bc/0x1080 [ 2240.751255][T11949] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2240.757171][T11949] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2240.763430][T11949] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2240.770830][T11949] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2240.778143][T11949] genl_family_rcv_msg_doit+0x228/0x320 [ 2240.783687][T11949] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2240.791195][T11949] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2240.797440][T11949] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2240.803772][T11949] ? ns_capable+0xde/0x100 [ 2240.808176][T11949] genl_rcv_msg+0x328/0x580 [ 2240.812693][T11949] ? genl_get_cmd+0x480/0x480 [ 2240.817366][T11949] ? lock_downgrade+0x6e0/0x6e0 [ 2240.822798][T11949] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2240.828693][T11949] ? lock_release+0x720/0x720 [ 2240.833469][T11949] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2240.838754][T11949] netlink_rcv_skb+0x153/0x420 [ 2240.843510][T11949] ? genl_get_cmd+0x480/0x480 [ 2240.848310][T11949] ? netlink_ack+0xa60/0xa60 [ 2240.852894][T11949] ? netlink_deliver_tap+0x236/0xba0 [ 2240.858171][T11949] genl_rcv+0x24/0x40 [ 2240.862145][T11949] netlink_unicast+0x533/0x7d0 [ 2240.866898][T11949] ? netlink_attachskb+0x890/0x890 [ 2240.871998][T11949] ? __virt_addr_valid+0x5d/0x2d0 [ 2240.877012][T11949] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2240.883241][T11949] ? __phys_addr_symbol+0x2c/0x70 [ 2240.888254][T11949] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2240.893981][T11949] ? __check_object_size+0x16e/0x3f0 [ 2240.899328][T11949] netlink_sendmsg+0x85b/0xda0 [ 2240.904102][T11949] ? netlink_unicast+0x7d0/0x7d0 [ 2240.909033][T11949] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2240.915263][T11949] ? netlink_unicast+0x7d0/0x7d0 [ 2240.920202][T11949] sock_sendmsg+0xcf/0x120 [ 2240.924630][T11949] ____sys_sendmsg+0x6e8/0x810 [ 2240.929388][T11949] ? kernel_sendmsg+0x50/0x50 [ 2240.934051][T11949] ? do_recvmmsg+0x6d0/0x6d0 [ 2240.938641][T11949] ? futex_wait_restart+0x200/0x200 [ 2240.943851][T11949] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2240.949994][T11949] ? trace_hardirqs_on+0x5b/0x1c0 [ 2240.955016][T11949] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2240.961172][T11949] ___sys_sendmsg+0xf3/0x170 [ 2240.965762][T11949] ? sendmsg_copy_msghdr+0x160/0x160 [ 2240.971043][T11949] ? __fget_files+0x266/0x3d0 [ 2240.975770][T11949] ? lock_downgrade+0x6e0/0x6e0 [ 2240.980618][T11949] ? futex_exit_release+0x220/0x220 [ 2240.985815][T11949] ? clockevents_program_event+0x141/0x370 [ 2240.991618][T11949] ? lock_downgrade+0x6e0/0x6e0 [ 2240.996483][T11949] ? __fget_files+0x288/0x3d0 [ 2241.001164][T11949] ? __fget_light+0xea/0x280 [ 2241.005750][T11949] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2241.011990][T11949] __sys_sendmsg+0xe5/0x1b0 [ 2241.016518][T11949] ? __sys_sendmsg_sock+0x30/0x30 [ 2241.021646][T11949] ? syscall_enter_from_user_mode+0x21/0x70 [ 2241.027545][T11949] ? trace_hardirqs_on+0x5b/0x1c0 [ 2241.032573][T11949] do_syscall_64+0x35/0xb0 [ 2241.036979][T11949] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2241.042896][T11949] RIP: 0033:0x4665d9 [ 2241.046778][T11949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2241.066374][T11949] RSP: 002b:00007f2f41cb3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2241.074783][T11949] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2241.082741][T11949] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2241.090805][T11949] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2241.098762][T11949] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2241.106839][T11949] R13: 00007ffcab19058f R14: 00007f2f41cb3300 R15: 0000000000022000 [ 2241.139667][T11963] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 2241.155159][T11963] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2241.175157][T11963] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2241.175157][T11963] !' [ 2241.188320][T11963] CPU: 0 PID: 11963 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2241.198170][T11963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2241.208231][T11963] Call Trace: [ 2241.211496][T11963] dump_stack_lvl+0xcd/0x134 [ 2241.216084][T11963] sysfs_warn_dup.cold+0x1c/0x29 [ 2241.221099][T11963] sysfs_do_create_link_sd+0x11e/0x140 [ 2241.226562][T11963] sysfs_create_link+0x5f/0xc0 [ 2241.231316][T11963] device_add+0x789/0x2100 [ 2241.235717][T11963] ? mutex_lock_io_nested+0xf00/0xf00 [ 2241.241073][T11963] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2241.246614][T11963] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2241.253108][T11963] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2241.259334][T11963] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2241.265578][T11963] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2241.271802][T11963] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2241.277773][T11963] wiphy_register+0x1e8a/0x29b0 [ 2241.282618][T11963] ? wiphy_unregister+0xbd0/0xbd0 [ 2241.287630][T11963] ? minstrel_ht_alloc+0x531/0xa00 [ 2241.292727][T11963] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2241.298785][T11963] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2241.304323][T11963] ? ieee80211_restart_hw+0x290/0x290 [ 2241.309695][T11963] ? debug_object_destroy+0x210/0x210 [ 2241.315062][T11963] ? lock_downgrade+0x6e0/0x6e0 [ 2241.319897][T11963] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2241.325351][T11963] ? memset+0x20/0x40 [ 2241.329323][T11963] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2241.335658][T11963] ? __hrtimer_init+0x136/0x280 [ 2241.340495][T11963] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2241.346207][T11963] ? hwsim_virtio_rx_work+0x350/0x350 [ 2241.351564][T11963] ? __kmalloc_track_caller+0x1a0/0x320 [ 2241.357137][T11963] ? memcpy+0x39/0x60 [ 2241.361104][T11963] hwsim_new_radio_nl+0x9bc/0x1080 [ 2241.366204][T11963] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2241.372087][T11963] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2241.378310][T11963] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2241.385668][T11963] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2241.392951][T11963] genl_family_rcv_msg_doit+0x228/0x320 [ 2241.398494][T11963] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2241.405851][T11963] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2241.412076][T11963] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2241.418300][T11963] ? ns_capable+0xde/0x100 [ 2241.422710][T11963] genl_rcv_msg+0x328/0x580 [ 2241.427201][T11963] ? genl_get_cmd+0x480/0x480 [ 2241.431862][T11963] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2241.437741][T11963] ? lock_release+0x720/0x720 [ 2241.442422][T11963] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2241.447691][T11963] ? trace_hardirqs_on+0x5b/0x1c0 [ 2241.452702][T11963] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2241.458418][T11963] netlink_rcv_skb+0x153/0x420 [ 2241.463181][T11963] ? genl_get_cmd+0x480/0x480 [ 2241.467860][T11963] ? netlink_ack+0xa60/0xa60 [ 2241.472442][T11963] ? netlink_deliver_tap+0x236/0xba0 [ 2241.477726][T11963] genl_rcv+0x24/0x40 [ 2241.481704][T11963] netlink_unicast+0x533/0x7d0 [ 2241.486458][T11963] ? netlink_attachskb+0x890/0x890 [ 2241.491565][T11963] ? __virt_addr_valid+0x5d/0x2d0 [ 2241.496595][T11963] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2241.502831][T11963] ? __phys_addr_symbol+0x2c/0x70 [ 2241.507839][T11963] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2241.513544][T11963] ? __check_object_size+0x16e/0x3f0 [ 2241.518811][T11963] netlink_sendmsg+0x85b/0xda0 [ 2241.523566][T11963] ? netlink_unicast+0x7d0/0x7d0 [ 2241.528507][T11963] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2241.534730][T11963] ? netlink_unicast+0x7d0/0x7d0 [ 2241.539650][T11963] sock_sendmsg+0xcf/0x120 [ 2241.544065][T11963] ____sys_sendmsg+0x6e8/0x810 [ 2241.548814][T11963] ? kernel_sendmsg+0x50/0x50 [ 2241.553473][T11963] ? do_recvmmsg+0x6d0/0x6d0 [ 2241.558051][T11963] ? tomoyo_path_number_perm+0x204/0x590 [ 2241.563668][T11963] ? kfree+0xeb/0x670 [ 2241.567644][T11963] ? tomoyo_path_number_perm+0x441/0x590 [ 2241.573262][T11963] ___sys_sendmsg+0xf3/0x170 [ 2241.577836][T11963] ? sendmsg_copy_msghdr+0x160/0x160 [ 2241.583105][T11963] ? __fget_files+0x266/0x3d0 [ 2241.587772][T11963] ? lock_downgrade+0x6e0/0x6e0 [ 2241.592618][T11963] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2241.598504][T11963] ? do_vfs_ioctl+0x132/0x15d0 [ 2241.603294][T11963] ? __fget_files+0x288/0x3d0 [ 2241.607962][T11963] ? __fget_light+0xea/0x280 [ 2241.612557][T11963] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2241.618817][T11963] __sys_sendmsg+0xe5/0x1b0 [ 2241.623311][T11963] ? __sys_sendmsg_sock+0x30/0x30 [ 2241.628338][T11963] ? syscall_enter_from_user_mode+0x21/0x70 [ 2241.634234][T11963] ? trace_hardirqs_on+0x5b/0x1c0 [ 2241.639255][T11963] do_syscall_64+0x35/0xb0 [ 2241.643745][T11963] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2241.649626][T11963] RIP: 0033:0x4665d9 [ 2241.653508][T11963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2241.673105][T11963] RSP: 002b:00007f0cbc0c2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2241.681510][T11963] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2241.689470][T11963] RDX: 000000000000f000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2241.697429][T11963] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2241.705388][T11963] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2241.713351][T11963] R13: 00007fffc9e5e04f R14: 00007f0cbc0c2300 R15: 0000000000022000 [ 2241.734725][T11980] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2241.747987][T11980] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. 03:46:24 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x36000) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:24 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0xd000000) 03:46:24 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2242.282013][T11980] RSP: 002b:00007f2f41c71188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2242.290427][T11980] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2242.298480][T11980] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2242.306455][T11980] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2242.314432][T11980] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2242.322482][T11980] R13: 00007ffcab19058f R14: 00007f2f41c71300 R15: 0000000000022000 [ 2242.343171][T12002] netlink: 'syz-executor.0': attribute type 11 has an invalid length. 03:46:25 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x40000000}, 0x0) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x2000) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:25 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0x10000000) [ 2242.375158][T12002] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.0'. 03:46:25 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0x1f000000) [ 2242.553257][T12002] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2242.553257][T12002] !' [ 2242.579102][T12002] CPU: 1 PID: 12002 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 2242.588951][T12002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2242.599107][T12002] Call Trace: [ 2242.602400][T12002] dump_stack_lvl+0xcd/0x134 [ 2242.607026][T12002] sysfs_warn_dup.cold+0x1c/0x29 [ 2242.611967][T12002] sysfs_do_create_link_sd+0x11e/0x140 [ 2242.617445][T12002] sysfs_create_link+0x5f/0xc0 [ 2242.622335][T12002] device_add+0x789/0x2100 [ 2242.626786][T12002] ? mutex_lock_io_nested+0xf00/0xf00 [ 2242.632166][T12002] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2242.637717][T12002] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2242.644229][T12002] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2242.650479][T12002] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2242.656721][T12002] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2242.662962][T12002] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2242.668952][T12002] wiphy_register+0x1e8a/0x29b0 [ 2242.673814][T12002] ? wiphy_unregister+0xbd0/0xbd0 [ 2242.678840][T12002] ? minstrel_ht_alloc+0x531/0xa00 [ 2242.683964][T12002] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2242.690047][T12002] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2242.695522][T12002] ? ieee80211_restart_hw+0x290/0x290 [ 2242.700923][T12002] ? debug_object_destroy+0x210/0x210 [ 2242.706300][T12002] ? lock_downgrade+0x6e0/0x6e0 [ 2242.711149][T12002] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2242.716613][T12002] ? memset+0x20/0x40 [ 2242.720606][T12002] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2242.726851][T12002] ? __hrtimer_init+0x136/0x280 [ 2242.731715][T12002] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2242.737451][T12002] ? hwsim_virtio_rx_work+0x350/0x350 [ 2242.742823][T12002] ? __kmalloc_track_caller+0x1a0/0x320 [ 2242.748468][T12002] ? memcpy+0x39/0x60 [ 2242.752460][T12002] hwsim_new_radio_nl+0x9bc/0x1080 [ 2242.757574][T12002] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2242.763472][T12002] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2242.769711][T12002] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2242.777085][T12002] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2242.784372][T12002] genl_family_rcv_msg_doit+0x228/0x320 [ 2242.790006][T12002] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2242.797383][T12002] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2242.803804][T12002] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2242.810180][T12002] ? ns_capable+0xde/0x100 [ 2242.814611][T12002] genl_rcv_msg+0x328/0x580 [ 2242.819147][T12002] ? genl_get_cmd+0x480/0x480 [ 2242.823826][T12002] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2242.829753][T12002] ? lock_release+0x720/0x720 [ 2242.834429][T12002] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2242.839724][T12002] ? trace_hardirqs_on+0x5b/0x1c0 [ 2242.844759][T12002] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2242.850502][T12002] netlink_rcv_skb+0x153/0x420 [ 2242.855268][T12002] ? genl_get_cmd+0x480/0x480 [ 2242.859973][T12002] ? netlink_ack+0xa60/0xa60 [ 2242.864561][T12002] ? netlink_deliver_tap+0x236/0xba0 [ 2242.869852][T12002] genl_rcv+0x24/0x40 [ 2242.873939][T12002] netlink_unicast+0x533/0x7d0 [ 2242.878713][T12002] ? netlink_attachskb+0x890/0x890 [ 2242.883818][T12002] ? __virt_addr_valid+0x5d/0x2d0 [ 2242.888842][T12002] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2242.895079][T12002] ? __phys_addr_symbol+0x2c/0x70 [ 2242.900095][T12002] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2242.905816][T12002] ? __check_object_size+0x16e/0x3f0 [ 2242.911096][T12002] netlink_sendmsg+0x85b/0xda0 [ 2242.915859][T12002] ? netlink_unicast+0x7d0/0x7d0 [ 2242.920796][T12002] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2242.927062][T12002] ? netlink_unicast+0x7d0/0x7d0 [ 2242.931996][T12002] sock_sendmsg+0xcf/0x120 [ 2242.936603][T12002] ____sys_sendmsg+0x6e8/0x810 [ 2242.942064][T12002] ? kernel_sendmsg+0x50/0x50 [ 2242.946749][T12002] ? do_recvmmsg+0x6d0/0x6d0 [ 2242.951339][T12002] ? fs_reclaim_release+0x9c/0xf0 [ 2242.956416][T12002] ? lock_downgrade+0x6e0/0x6e0 [ 2242.961273][T12002] ___sys_sendmsg+0xf3/0x170 [ 2242.965859][T12002] ? sendmsg_copy_msghdr+0x160/0x160 [ 2242.971143][T12002] ? __fget_files+0x266/0x3d0 [ 2242.975818][T12002] ? lock_downgrade+0x6e0/0x6e0 [ 2242.980749][T12002] ? futex_exit_release+0x220/0x220 [ 2242.985955][T12002] ? alloc_empty_file+0xd7/0x170 [ 2242.990905][T12002] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2242.997338][T12002] ? __fget_files+0x288/0x3d0 [ 2243.002023][T12002] ? __fget_light+0xea/0x280 [ 2243.006611][T12002] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2243.013026][T12002] __sys_sendmsg+0xe5/0x1b0 [ 2243.017537][T12002] ? __sys_sendmsg_sock+0x30/0x30 [ 2243.022574][T12002] ? syscall_enter_from_user_mode+0x21/0x70 [ 2243.028468][T12002] ? trace_hardirqs_on+0x5b/0x1c0 [ 2243.033765][T12002] do_syscall_64+0x35/0xb0 [ 2243.038186][T12002] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2243.044347][T12002] RIP: 0033:0x4665d9 [ 2243.048323][T12002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2243.068015][T12002] RSP: 002b:00007f571d74c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2243.076683][T12002] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2243.084653][T12002] RDX: 0000000000000e00 RSI: 0000000020000000 RDI: 0000000000000003 [ 2243.092709][T12002] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 03:46:26 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2243.936927][T12008] RSP: 002b:00007f571d72b188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2243.945408][T12008] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 2243.953399][T12008] RDX: 0000000000000e00 RSI: 0000000020000000 RDI: 0000000000000003 [ 2243.961369][T12008] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2243.969337][T12008] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038 [ 2243.977299][T12008] R13: 00007ffe36affebf R14: 00007f571d72b300 R15: 0000000000022000 [ 2244.001345][T12026] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 2244.026710][T12026] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. 03:46:27 executing program 2: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011190a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) gettid() r1 = socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000001180)=[{&(0x7f0000000dc0)=""/132, 0x84}, {&(0x7f0000000f00)=""/103, 0x67}, {&(0x7f0000001040)=""/177, 0xb1}, {0x0}], 0x4}, 0x2000) socket$kcm(0x29, 0x0, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:27 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0x36860600) 03:46:27 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2244.683755][T12051] RSP: 002b:00007f0cbc104188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2244.692185][T12051] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2244.700153][T12051] RDX: 0000000000036000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2244.708117][T12051] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2244.716089][T12051] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2244.724053][T12051] R13: 00007fffc9e5e04f R14: 00007f0cbc104300 R15: 0000000000022000 03:46:27 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0x3f000000) 03:46:27 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x600300) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:27 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2245.462811][T12057] RSP: 002b:00007f2f41cb3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e 03:46:28 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0xa1ffffff) [ 2245.471237][T12057] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2245.479196][T12057] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2245.487175][T12057] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2245.495251][T12057] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2245.503220][T12057] R13: 00007ffcab19058f R14: 00007f2f41cb3300 R15: 0000000000022000 [ 2245.761405][T12082] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2245.770755][T12082] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2245.786972][T12082] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2245.786972][T12082] !' [ 2245.806006][T12082] CPU: 0 PID: 12082 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 2245.815863][T12082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2245.825910][T12082] Call Trace: [ 2245.829184][T12082] dump_stack_lvl+0xcd/0x134 [ 2245.833777][T12082] sysfs_warn_dup.cold+0x1c/0x29 [ 2245.838715][T12082] sysfs_do_create_link_sd+0x11e/0x140 [ 2245.844184][T12082] sysfs_create_link+0x5f/0xc0 [ 2245.848973][T12082] device_add+0x789/0x2100 [ 2245.853378][T12082] ? mutex_lock_io_nested+0xf00/0xf00 [ 2245.858744][T12082] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2245.864301][T12082] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2245.870825][T12082] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2245.877164][T12082] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2245.883438][T12082] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2245.889671][T12082] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2245.895741][T12082] wiphy_register+0x1e8a/0x29b0 [ 2245.900589][T12082] ? wiphy_unregister+0xbd0/0xbd0 [ 2245.905599][T12082] ? minstrel_ht_alloc+0x531/0xa00 [ 2245.910727][T12082] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2245.916808][T12082] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2245.922263][T12082] ? ieee80211_restart_hw+0x290/0x290 [ 2245.927623][T12082] ? debug_object_destroy+0x210/0x210 [ 2245.933006][T12082] ? lock_downgrade+0x6e0/0x6e0 [ 2245.937846][T12082] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2245.943328][T12082] ? memset+0x20/0x40 [ 2245.947321][T12082] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2245.953547][T12082] ? __hrtimer_init+0x136/0x280 [ 2245.958396][T12082] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2245.964201][T12082] ? hwsim_virtio_rx_work+0x350/0x350 [ 2245.969571][T12082] ? __kmalloc_track_caller+0x1a0/0x320 [ 2245.975104][T12082] ? memcpy+0x39/0x60 [ 2245.979101][T12082] hwsim_new_radio_nl+0x9bc/0x1080 [ 2245.984211][T12082] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2245.990097][T12082] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2245.996338][T12082] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2246.003699][T12082] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2246.010995][T12082] genl_family_rcv_msg_doit+0x228/0x320 [ 2246.016532][T12082] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2246.024500][T12082] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2246.030840][T12082] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2246.037244][T12082] ? ns_capable+0xde/0x100 [ 2246.041665][T12082] genl_rcv_msg+0x328/0x580 [ 2246.046262][T12082] ? genl_get_cmd+0x480/0x480 [ 2246.050924][T12082] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2246.056812][T12082] ? lock_release+0x720/0x720 [ 2246.061491][T12082] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2246.066790][T12082] ? trace_hardirqs_on+0x5b/0x1c0 [ 2246.071802][T12082] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2246.077633][T12082] netlink_rcv_skb+0x153/0x420 [ 2246.082413][T12082] ? genl_get_cmd+0x480/0x480 [ 2246.087106][T12082] ? netlink_ack+0xa60/0xa60 [ 2246.091691][T12082] ? netlink_deliver_tap+0x236/0xba0 [ 2246.096970][T12082] genl_rcv+0x24/0x40 [ 2246.100941][T12082] netlink_unicast+0x533/0x7d0 [ 2246.105693][T12082] ? netlink_attachskb+0x890/0x890 [ 2246.110810][T12082] ? __virt_addr_valid+0x5d/0x2d0 [ 2246.115828][T12082] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2246.122059][T12082] ? __phys_addr_symbol+0x2c/0x70 [ 2246.127081][T12082] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2246.132786][T12082] ? __check_object_size+0x16e/0x3f0 [ 2246.138067][T12082] netlink_sendmsg+0x85b/0xda0 [ 2246.142831][T12082] ? netlink_unicast+0x7d0/0x7d0 [ 2246.147769][T12082] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2246.153998][T12082] ? netlink_unicast+0x7d0/0x7d0 [ 2246.158934][T12082] sock_sendmsg+0xcf/0x120 [ 2246.163353][T12082] ____sys_sendmsg+0x6e8/0x810 [ 2246.168114][T12082] ? kernel_sendmsg+0x50/0x50 [ 2246.172800][T12082] ? do_recvmmsg+0x6d0/0x6d0 [ 2246.177373][T12082] ? tomoyo_path_number_perm+0x204/0x590 [ 2246.183101][T12082] ? kfree+0xeb/0x670 [ 2246.187087][T12082] ? tomoyo_path_number_perm+0x441/0x590 [ 2246.192710][T12082] ___sys_sendmsg+0xf3/0x170 [ 2246.197312][T12082] ? sendmsg_copy_msghdr+0x160/0x160 [ 2246.202606][T12082] ? __fget_files+0x266/0x3d0 [ 2246.207298][T12082] ? lock_downgrade+0x6e0/0x6e0 [ 2246.212135][T12082] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2246.218104][T12082] ? do_vfs_ioctl+0x132/0x15d0 [ 2246.222855][T12082] ? __fget_files+0x288/0x3d0 [ 2246.227724][T12082] ? __fget_light+0xea/0x280 [ 2246.232314][T12082] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2246.238541][T12082] __sys_sendmsg+0xe5/0x1b0 [ 2246.243034][T12082] ? __sys_sendmsg_sock+0x30/0x30 [ 2246.248064][T12082] ? syscall_enter_from_user_mode+0x21/0x70 [ 2246.253942][T12082] ? trace_hardirqs_on+0x5b/0x1c0 [ 2246.258954][T12082] do_syscall_64+0x35/0xb0 [ 2246.263357][T12082] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2246.269238][T12082] RIP: 0033:0x4665d9 [ 2246.273115][T12082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2246.292726][T12082] RSP: 002b:00007f2f41c71188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2246.301141][T12082] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2246.309101][T12082] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2246.317069][T12082] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2246.325026][T12082] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2246.332996][T12082] R13: 00007ffcab19058f R14: 00007f2f41c71300 R15: 0000000000022000 03:46:29 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0xf5ffffff) 03:46:29 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x60000000}, 0x0) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x2000) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:29 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x0, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2246.936144][T12115] RSP: 002b:00007f571d74c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2246.944555][T12115] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2246.952526][T12115] RDX: 0000000000001280 RSI: 0000000020000000 RDI: 0000000000000003 [ 2246.960487][T12115] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2246.968473][T12115] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2246.976448][T12115] R13: 00007ffe36affebf R14: 00007f571d74c300 R15: 0000000000022000 03:46:30 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0xfdfdffff) [ 2247.050858][T12117] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 2247.101770][T12117] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. 03:46:30 executing program 2: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc601000111a0a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) gettid() r1 = socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000001180)=[{&(0x7f0000000dc0)=""/132, 0x84}, {&(0x7f0000000f00)=""/103, 0x67}, {&(0x7f0000001040)=""/177, 0xb1}, {0x0}], 0x4}, 0x2000) socket$kcm(0x29, 0x0, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:30 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0xff000000) 03:46:30 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x0, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2247.944056][T12140] RSP: 002b:00007f0cbc104188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2247.952465][T12140] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2247.960446][T12140] RDX: 0000000000600300 RSI: 0000000020000000 RDI: 0000000000000004 [ 2247.968495][T12140] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2247.976452][T12140] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2247.987378][T12140] R13: 00007fffc9e5e04f R14: 00007f0cbc104300 R15: 0000000000022000 [ 2248.004168][T12118] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 2248.016482][T12118] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2248.178148][T12118] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2248.178148][T12118] !' [ 2248.195187][T12118] CPU: 0 PID: 12118 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 2248.205036][T12118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2248.215121][T12118] Call Trace: [ 2248.218431][T12118] dump_stack_lvl+0xcd/0x134 [ 2248.223142][T12118] sysfs_warn_dup.cold+0x1c/0x29 [ 2248.228216][T12118] sysfs_do_create_link_sd+0x11e/0x140 [ 2248.233674][T12118] sysfs_create_link+0x5f/0xc0 [ 2248.238436][T12118] device_add+0x789/0x2100 [ 2248.242847][T12118] ? mutex_lock_io_nested+0xf00/0xf00 [ 2248.248219][T12118] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2248.253754][T12118] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2248.260262][T12118] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2248.266497][T12118] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2248.272728][T12118] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2248.278959][T12118] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2248.284935][T12118] wiphy_register+0x1e8a/0x29b0 [ 2248.289799][T12118] ? wiphy_unregister+0xbd0/0xbd0 [ 2248.294812][T12118] ? minstrel_ht_alloc+0x531/0xa00 [ 2248.299913][T12118] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2248.305979][T12118] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2248.311449][T12118] ? ieee80211_restart_hw+0x290/0x290 [ 2248.316847][T12118] ? debug_object_destroy+0x210/0x210 [ 2248.322358][T12118] ? lock_downgrade+0x6e0/0x6e0 [ 2248.327219][T12118] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2248.332673][T12118] ? memset+0x20/0x40 [ 2248.336678][T12118] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2248.342912][T12118] ? __hrtimer_init+0x136/0x280 [ 2248.347779][T12118] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2248.353508][T12118] ? hwsim_virtio_rx_work+0x350/0x350 [ 2248.358965][T12118] ? __kmalloc_track_caller+0x1a0/0x320 [ 2248.364606][T12118] ? memcpy+0x39/0x60 [ 2248.368595][T12118] hwsim_new_radio_nl+0x9bc/0x1080 [ 2248.373699][T12118] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2248.379585][T12118] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2248.385811][T12118] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2248.393177][T12118] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2248.400458][T12118] genl_family_rcv_msg_doit+0x228/0x320 [ 2248.406004][T12118] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2248.413375][T12118] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2248.419816][T12118] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2248.426055][T12118] ? ns_capable+0xde/0x100 [ 2248.430469][T12118] genl_rcv_msg+0x328/0x580 [ 2248.434968][T12118] ? genl_get_cmd+0x480/0x480 [ 2248.439637][T12118] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2248.445523][T12118] ? lock_release+0x720/0x720 [ 2248.450192][T12118] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2248.455469][T12118] ? trace_hardirqs_on+0x5b/0x1c0 [ 2248.460552][T12118] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2248.466264][T12118] netlink_rcv_skb+0x153/0x420 [ 2248.471174][T12118] ? genl_get_cmd+0x480/0x480 [ 2248.475840][T12118] ? netlink_ack+0xa60/0xa60 [ 2248.480464][T12118] ? netlink_deliver_tap+0x236/0xba0 [ 2248.485737][T12118] genl_rcv+0x24/0x40 [ 2248.489705][T12118] netlink_unicast+0x533/0x7d0 [ 2248.494508][T12118] ? netlink_attachskb+0x890/0x890 [ 2248.499618][T12118] ? __virt_addr_valid+0x5d/0x2d0 [ 2248.504636][T12118] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2248.510865][T12118] ? __phys_addr_symbol+0x2c/0x70 [ 2248.515898][T12118] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2248.521610][T12118] ? __check_object_size+0x16e/0x3f0 [ 2248.526886][T12118] netlink_sendmsg+0x85b/0xda0 [ 2248.531656][T12118] ? netlink_unicast+0x7d0/0x7d0 [ 2248.536595][T12118] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2248.542819][T12118] ? netlink_unicast+0x7d0/0x7d0 [ 2248.547740][T12118] sock_sendmsg+0xcf/0x120 [ 2248.552148][T12118] ____sys_sendmsg+0x6e8/0x810 [ 2248.556906][T12118] ? kernel_sendmsg+0x50/0x50 [ 2248.561573][T12118] ? do_recvmmsg+0x6d0/0x6d0 [ 2248.566176][T12118] ___sys_sendmsg+0xf3/0x170 [ 2248.570750][T12118] ? sendmsg_copy_msghdr+0x160/0x160 [ 2248.576021][T12118] ? __fget_files+0x266/0x3d0 [ 2248.580774][T12118] ? lock_downgrade+0x6e0/0x6e0 [ 2248.585609][T12118] ? futex_exit_release+0x220/0x220 [ 2248.590813][T12118] ? alloc_empty_file+0xd7/0x170 [ 2248.595741][T12118] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2248.601968][T12118] ? __fget_files+0x288/0x3d0 [ 2248.606636][T12118] ? __fget_light+0xea/0x280 [ 2248.611220][T12118] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2248.617448][T12118] __sys_sendmsg+0xe5/0x1b0 [ 2248.621950][T12118] ? __sys_sendmsg_sock+0x30/0x30 [ 2248.627057][T12118] ? syscall_enter_from_user_mode+0x21/0x70 [ 2248.633024][T12118] ? trace_hardirqs_on+0x5b/0x1c0 [ 2248.638048][T12118] do_syscall_64+0x35/0xb0 [ 2248.642455][T12118] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2248.648351][T12118] RIP: 0033:0x4665d9 [ 2248.652282][T12118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2248.671885][T12118] RSP: 002b:00007f571d72b188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2248.680291][T12118] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 2248.688270][T12118] RDX: 0000000000001280 RSI: 0000000020000000 RDI: 0000000000000003 [ 2248.696238][T12118] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2248.704207][T12118] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038 [ 2248.712181][T12118] R13: 00007ffe36affebf R14: 00007f571d72b300 R15: 0000000000022000 03:46:31 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x1419) socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) 03:46:31 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0xfffffdfd) [ 2248.734060][T12155] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 2248.753060][T12155] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2248.777929][T12155] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2248.777929][T12155] !' [ 2248.806353][T12155] CPU: 1 PID: 12155 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2248.816202][T12155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2248.826401][T12155] Call Trace: [ 2248.829687][T12155] dump_stack_lvl+0xcd/0x134 [ 2248.834297][T12155] sysfs_warn_dup.cold+0x1c/0x29 [ 2248.839244][T12155] sysfs_do_create_link_sd+0x11e/0x140 [ 2248.844712][T12155] sysfs_create_link+0x5f/0xc0 [ 2248.849484][T12155] device_add+0x789/0x2100 [ 2248.854506][T12155] ? mutex_lock_io_nested+0xf00/0xf00 [ 2248.859882][T12155] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2248.865455][T12155] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2248.871895][T12155] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2248.878399][T12155] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2248.884652][T12155] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2248.890742][T12155] wiphy_register+0x1e8a/0x29b0 [ 2248.895604][T12155] ? wiphy_unregister+0xbd0/0xbd0 [ 2248.900728][T12155] ? minstrel_ht_alloc+0x531/0xa00 [ 2248.905843][T12155] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2248.911931][T12155] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2248.917396][T12155] ? ieee80211_restart_hw+0x290/0x290 [ 2248.922786][T12155] ? debug_object_destroy+0x210/0x210 [ 2248.928159][T12155] ? lock_downgrade+0x6e0/0x6e0 [ 2248.933010][T12155] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2248.938650][T12155] ? memset+0x20/0x40 [ 2248.942636][T12155] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2248.948876][T12155] ? __hrtimer_init+0x136/0x280 [ 2248.953741][T12155] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2248.959486][T12155] ? hwsim_virtio_rx_work+0x350/0x350 [ 2248.964878][T12155] ? __kmalloc_track_caller+0x1a0/0x320 [ 2248.970544][T12155] ? memcpy+0x39/0x60 [ 2248.974531][T12155] hwsim_new_radio_nl+0x9bc/0x1080 [ 2248.979648][T12155] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2248.985552][T12155] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2248.991813][T12155] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2248.999192][T12155] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2249.006485][T12155] genl_family_rcv_msg_doit+0x228/0x320 [ 2249.012053][T12155] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2249.019425][T12155] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2249.025667][T12155] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2249.031993][T12155] ? ns_capable+0xde/0x100 [ 2249.036407][T12155] genl_rcv_msg+0x328/0x580 [ 2249.040910][T12155] ? genl_get_cmd+0x480/0x480 [ 2249.045583][T12155] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2249.051555][T12155] ? lock_release+0x720/0x720 [ 2249.056231][T12155] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2249.061516][T12155] ? trace_hardirqs_on+0x5b/0x1c0 [ 2249.066535][T12155] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2249.072268][T12155] netlink_rcv_skb+0x153/0x420 [ 2249.077032][T12155] ? genl_get_cmd+0x480/0x480 [ 2249.082748][T12155] ? netlink_ack+0xa60/0xa60 [ 2249.087338][T12155] ? netlink_deliver_tap+0x236/0xba0 [ 2249.092622][T12155] genl_rcv+0x24/0x40 [ 2249.096619][T12155] netlink_unicast+0x533/0x7d0 [ 2249.101383][T12155] ? netlink_attachskb+0x890/0x890 [ 2249.106490][T12155] ? __virt_addr_valid+0x5d/0x2d0 [ 2249.111601][T12155] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2249.117838][T12155] ? __phys_addr_symbol+0x2c/0x70 [ 2249.122876][T12155] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2249.128692][T12155] ? __check_object_size+0x16e/0x3f0 [ 2249.133975][T12155] netlink_sendmsg+0x85b/0xda0 [ 2249.138975][T12155] ? netlink_unicast+0x7d0/0x7d0 [ 2249.143913][T12155] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2249.150153][T12155] ? netlink_unicast+0x7d0/0x7d0 [ 2249.155180][T12155] sock_sendmsg+0xcf/0x120 [ 2249.159604][T12155] ____sys_sendmsg+0x6e8/0x810 [ 2249.164368][T12155] ? kernel_sendmsg+0x50/0x50 [ 2249.169043][T12155] ? do_recvmmsg+0x6d0/0x6d0 [ 2249.173628][T12155] ? tomoyo_path_number_perm+0x204/0x590 [ 2249.179263][T12155] ? kfree+0xeb/0x670 [ 2249.183239][T12155] ? tomoyo_path_number_perm+0x441/0x590 [ 2249.188871][T12155] ___sys_sendmsg+0xf3/0x170 [ 2249.193542][T12155] ? sendmsg_copy_msghdr+0x160/0x160 [ 2249.198820][T12155] ? __fget_files+0x266/0x3d0 [ 2249.203491][T12155] ? lock_downgrade+0x6e0/0x6e0 [ 2249.208349][T12155] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2249.214249][T12155] ? do_vfs_ioctl+0x132/0x15d0 [ 2249.219014][T12155] ? __fget_files+0x288/0x3d0 [ 2249.223864][T12155] ? __fget_light+0xea/0x280 [ 2249.228448][T12155] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2249.234699][T12155] __sys_sendmsg+0xe5/0x1b0 [ 2249.239204][T12155] ? __sys_sendmsg_sock+0x30/0x30 [ 2249.244225][T12155] ? syscall_enter_from_user_mode+0x21/0x70 [ 2249.250116][T12155] ? trace_hardirqs_on+0x5b/0x1c0 [ 2249.255138][T12155] do_syscall_64+0x35/0xb0 [ 2249.259547][T12155] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2249.265453][T12155] RIP: 0033:0x4665d9 [ 2249.269339][T12155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2249.288941][T12155] RSP: 002b:00007f0cbc0c2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2249.297347][T12155] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2249.305312][T12155] RDX: 0000000000600300 RSI: 0000000020000000 RDI: 0000000000000004 [ 2249.313279][T12155] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2249.321240][T12155] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2249.329200][T12155] R13: 00007fffc9e5e04f R14: 00007f0cbc0c2300 R15: 0000000000022000 03:46:32 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0xf0ffff) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:32 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x0, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2249.957296][T12167] RSP: 002b:00007f2f41cb3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2249.965724][T12167] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2249.973688][T12167] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2249.981657][T12167] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2249.989625][T12167] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2249.997591][T12167] R13: 00007ffcab19058f R14: 00007f2f41cb3300 R15: 0000000000022000 [ 2250.111742][T12185] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2250.119941][T12185] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2250.267749][T12185] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2250.267749][T12185] !' [ 2250.301296][T12185] CPU: 1 PID: 12185 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 2250.311143][T12185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2250.321211][T12185] Call Trace: [ 2250.324495][T12185] dump_stack_lvl+0xcd/0x134 [ 2250.329104][T12185] sysfs_warn_dup.cold+0x1c/0x29 [ 2250.334041][T12185] sysfs_do_create_link_sd+0x11e/0x140 [ 2250.339491][T12185] sysfs_create_link+0x5f/0xc0 [ 2250.344248][T12185] device_add+0x789/0x2100 [ 2250.348672][T12185] ? mutex_lock_io_nested+0xf00/0xf00 [ 2250.354045][T12185] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2250.359582][T12185] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2250.366097][T12185] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2250.372348][T12185] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2250.378582][T12185] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2250.384817][T12185] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2250.390811][T12185] wiphy_register+0x1e8a/0x29b0 [ 2250.395668][T12185] ? wiphy_unregister+0xbd0/0xbd0 [ 2250.400692][T12185] ? minstrel_ht_alloc+0x531/0xa00 [ 2250.405899][T12185] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2250.411980][T12185] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2250.417543][T12185] ? ieee80211_restart_hw+0x290/0x290 [ 2250.422907][T12185] ? debug_object_destroy+0x210/0x210 [ 2250.428278][T12185] ? lock_downgrade+0x6e0/0x6e0 [ 2250.433119][T12185] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2250.438570][T12185] ? memset+0x20/0x40 [ 2250.442546][T12185] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2250.448795][T12185] ? __hrtimer_init+0x136/0x280 [ 2250.453652][T12185] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2250.459379][T12185] ? hwsim_virtio_rx_work+0x350/0x350 [ 2250.464748][T12185] ? __kmalloc_track_caller+0x1a0/0x320 [ 2250.470307][T12185] ? memcpy+0x39/0x60 [ 2250.474294][T12185] hwsim_new_radio_nl+0x9bc/0x1080 [ 2250.479422][T12185] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2250.485333][T12185] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2250.491586][T12185] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2250.498971][T12185] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2250.506255][T12185] genl_family_rcv_msg_doit+0x228/0x320 [ 2250.511810][T12185] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2250.519357][T12185] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2250.525633][T12185] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2250.531873][T12185] ? ns_capable+0xde/0x100 [ 2250.536283][T12185] genl_rcv_msg+0x328/0x580 [ 2250.540786][T12185] ? genl_get_cmd+0x480/0x480 [ 2250.545459][T12185] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2250.551366][T12185] ? lock_release+0x720/0x720 [ 2250.556046][T12185] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2250.561328][T12185] ? trace_hardirqs_on+0x5b/0x1c0 [ 2250.566345][T12185] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2250.572072][T12185] netlink_rcv_skb+0x153/0x420 [ 2250.576846][T12185] ? genl_get_cmd+0x480/0x480 [ 2250.581535][T12185] ? netlink_ack+0xa60/0xa60 [ 2250.586127][T12185] ? netlink_deliver_tap+0x236/0xba0 [ 2250.591411][T12185] genl_rcv+0x24/0x40 [ 2250.595387][T12185] netlink_unicast+0x533/0x7d0 [ 2250.600157][T12185] ? netlink_attachskb+0x890/0x890 [ 2250.605268][T12185] ? __virt_addr_valid+0x5d/0x2d0 [ 2250.610302][T12185] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2250.616548][T12185] ? __phys_addr_symbol+0x2c/0x70 [ 2250.621764][T12185] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2250.627497][T12185] ? __check_object_size+0x16e/0x3f0 [ 2250.632801][T12185] netlink_sendmsg+0x85b/0xda0 [ 2250.637586][T12185] ? netlink_unicast+0x7d0/0x7d0 [ 2250.642524][T12185] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2250.648851][T12185] ? netlink_unicast+0x7d0/0x7d0 [ 2250.653798][T12185] sock_sendmsg+0xcf/0x120 [ 2250.658303][T12185] ____sys_sendmsg+0x6e8/0x810 [ 2250.663156][T12185] ? kernel_sendmsg+0x50/0x50 [ 2250.667832][T12185] ? do_recvmmsg+0x6d0/0x6d0 [ 2250.672414][T12185] ? tomoyo_path_number_perm+0x204/0x590 [ 2250.678046][T12185] ? kfree+0xeb/0x670 [ 2250.682017][T12185] ? tomoyo_path_number_perm+0x441/0x590 [ 2250.687659][T12185] ___sys_sendmsg+0xf3/0x170 [ 2250.692449][T12185] ? sendmsg_copy_msghdr+0x160/0x160 [ 2250.697748][T12185] ? __fget_files+0x266/0x3d0 [ 2250.702438][T12185] ? lock_downgrade+0x6e0/0x6e0 [ 2250.707291][T12185] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2250.713187][T12185] ? do_vfs_ioctl+0x132/0x15d0 [ 2250.717951][T12185] ? __fget_files+0x288/0x3d0 [ 2250.722627][T12185] ? __fget_light+0xea/0x280 [ 2250.727306][T12185] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2250.733543][T12185] __sys_sendmsg+0xe5/0x1b0 [ 2250.738043][T12185] ? __sys_sendmsg_sock+0x30/0x30 [ 2250.743068][T12185] ? syscall_enter_from_user_mode+0x21/0x70 [ 2250.748958][T12185] ? trace_hardirqs_on+0x5b/0x1c0 [ 2250.754006][T12185] do_syscall_64+0x35/0xb0 [ 2250.758413][T12185] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2250.764315][T12185] RIP: 0033:0x4665d9 [ 2250.768199][T12185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2250.787818][T12185] RSP: 002b:00007f2f41c71188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2250.796237][T12185] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2250.804203][T12185] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2250.812292][T12185] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2250.820272][T12185] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2250.828248][T12185] R13: 00007ffcab19058f R14: 00007f2f41c71300 R15: 0000000000022000 [ 2250.855998][T12202] netlink: 'syz-executor.2': attribute type 11 has an invalid length. 03:46:33 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x9effffff}, 0x0) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x2000) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:33 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x1000000) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:33 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0xfffffff5) [ 2250.874521][T12202] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2251.087429][T12215] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 2251.100369][T12215] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. 03:46:34 executing program 2: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc601000111b0a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) gettid() r1 = socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000001180)=[{&(0x7f0000000dc0)=""/132, 0x84}, {&(0x7f0000000f00)=""/103, 0x67}, {&(0x7f0000001040)=""/177, 0xb1}, {0x0}], 0x4}, 0x2000) socket$kcm(0x29, 0x0, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:34 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2251.792168][T12242] RSP: 002b:00007f571d74c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2251.800586][T12242] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2251.808547][T12242] RDX: 0000000000001914 RSI: 0000000020000000 RDI: 0000000000000003 [ 2251.816512][T12242] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2251.824473][T12242] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2251.832440][T12242] R13: 00007ffe36affebf R14: 00007f571d74c300 R15: 0000000000022000 03:46:34 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0xff070000000000) 03:46:35 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0x100000000000000) 03:46:35 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2252.643361][T12247] RSP: 002b:00007f571d72b188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2252.651777][T12247] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 2252.659741][T12247] RDX: 0000000000001914 RSI: 0000000020000000 RDI: 0000000000000003 [ 2252.667733][T12247] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2252.675709][T12247] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038 [ 2252.683678][T12247] R13: 00007ffe36affebf R14: 00007f571d72b300 R15: 0000000000022000 [ 2252.698749][T12272] netlink: 'syz-executor.1': attribute type 11 has an invalid length. 03:46:35 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x1f00) socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) [ 2252.710588][T12272] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2252.737935][T12272] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2252.737935][T12272] !' [ 2252.777640][T12272] CPU: 0 PID: 12272 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2252.787502][T12272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2252.797569][T12272] Call Trace: [ 2252.800854][T12272] dump_stack_lvl+0xcd/0x134 [ 2252.805466][T12272] sysfs_warn_dup.cold+0x1c/0x29 [ 2252.810422][T12272] sysfs_do_create_link_sd+0x11e/0x140 [ 2252.815901][T12272] sysfs_create_link+0x5f/0xc0 [ 2252.820683][T12272] device_add+0x789/0x2100 [ 2252.825113][T12272] ? mutex_lock_io_nested+0xf00/0xf00 [ 2252.830503][T12272] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2252.836079][T12272] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2252.842950][T12272] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2252.849203][T12272] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2252.855452][T12272] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2252.861790][T12272] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2252.867785][T12272] wiphy_register+0x1e8a/0x29b0 [ 2252.872655][T12272] ? wiphy_unregister+0xbd0/0xbd0 [ 2252.877689][T12272] ? minstrel_ht_alloc+0x531/0xa00 [ 2252.882811][T12272] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2252.888893][T12272] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2252.894371][T12272] ? ieee80211_restart_hw+0x290/0x290 [ 2252.899758][T12272] ? debug_object_destroy+0x210/0x210 [ 2252.905139][T12272] ? lock_downgrade+0x6e0/0x6e0 [ 2252.909994][T12272] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2252.915458][T12272] ? memset+0x20/0x40 [ 2252.919445][T12272] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2252.925694][T12272] ? __hrtimer_init+0x136/0x280 [ 2252.930572][T12272] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2252.936306][T12272] ? hwsim_virtio_rx_work+0x350/0x350 [ 2252.941685][T12272] ? __kmalloc_track_caller+0x1a0/0x320 [ 2252.947231][T12272] ? memcpy+0x39/0x60 [ 2252.951315][T12272] hwsim_new_radio_nl+0x9bc/0x1080 [ 2252.956431][T12272] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2252.962348][T12272] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2252.968585][T12272] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2252.975962][T12272] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2252.983251][T12272] genl_family_rcv_msg_doit+0x228/0x320 [ 2252.988806][T12272] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2252.996191][T12272] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2253.002447][T12272] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2253.008687][T12272] ? ns_capable+0xde/0x100 [ 2253.013103][T12272] genl_rcv_msg+0x328/0x580 [ 2253.017629][T12272] ? genl_get_cmd+0x480/0x480 [ 2253.022308][T12272] ? netlink_rcv_skb+0x131/0x420 [ 2253.027238][T12272] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2253.033132][T12272] ? genl_rcv_msg+0x10/0x580 [ 2253.037720][T12272] netlink_rcv_skb+0x153/0x420 [ 2253.042482][T12272] ? genl_get_cmd+0x480/0x480 [ 2253.047154][T12272] ? netlink_ack+0xa60/0xa60 [ 2253.051837][T12272] ? netlink_deliver_tap+0x236/0xba0 [ 2253.057116][T12272] genl_rcv+0x24/0x40 [ 2253.061095][T12272] netlink_unicast+0x533/0x7d0 [ 2253.065856][T12272] ? netlink_attachskb+0x890/0x890 [ 2253.070960][T12272] ? __sanitizer_cov_trace_pc+0x7/0x60 [ 2253.076417][T12272] netlink_sendmsg+0x85b/0xda0 [ 2253.081176][T12272] ? netlink_unicast+0x7d0/0x7d0 [ 2253.086121][T12272] ? sock_sendmsg+0x4b/0x120 [ 2253.090883][T12272] ? tomoyo_socket_sendmsg_permission+0x11d/0x3a0 [ 2253.097302][T12272] ? netlink_unicast+0x7d0/0x7d0 [ 2253.102236][T12272] sock_sendmsg+0xcf/0x120 [ 2253.106665][T12272] ____sys_sendmsg+0x6e8/0x810 [ 2253.111428][T12272] ? kernel_sendmsg+0x50/0x50 [ 2253.116118][T12272] ? do_recvmmsg+0x6d0/0x6d0 [ 2253.120699][T12272] ? futex_wait_restart+0x200/0x200 [ 2253.125897][T12272] ___sys_sendmsg+0xf3/0x170 [ 2253.130480][T12272] ? sendmsg_copy_msghdr+0x160/0x160 [ 2253.135758][T12272] ? __fget_files+0x266/0x3d0 [ 2253.140431][T12272] ? lock_downgrade+0x6e0/0x6e0 [ 2253.145275][T12272] ? futex_exit_release+0x220/0x220 [ 2253.150472][T12272] ? clockevents_program_event+0x141/0x370 [ 2253.156272][T12272] ? lock_downgrade+0x6e0/0x6e0 [ 2253.161115][T12272] ? __fget_files+0x288/0x3d0 [ 2253.165790][T12272] ? __fget_light+0xea/0x280 [ 2253.170375][T12272] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2253.176611][T12272] __sys_sendmsg+0xe5/0x1b0 [ 2253.181105][T12272] ? __sys_sendmsg_sock+0x30/0x30 [ 2253.186126][T12272] ? syscall_enter_from_user_mode+0x21/0x70 [ 2253.192019][T12272] ? trace_hardirqs_on+0x5b/0x1c0 [ 2253.197041][T12272] do_syscall_64+0x35/0xb0 [ 2253.201449][T12272] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2253.207346][T12272] RIP: 0033:0x4665d9 03:46:36 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2253.230831][T12272] RSP: 002b:00007f0cbc104188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2253.239239][T12272] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2253.247206][T12272] RDX: 0000000001000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2253.255171][T12272] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2253.263142][T12272] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2253.271104][T12272] R13: 00007fffc9e5e04f R14: 00007f0cbc104300 R15: 0000000000022000 03:46:36 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0x200000000000000) [ 2253.323915][T12277] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2253.335929][T12277] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2253.369056][T12277] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2253.369056][T12277] !' [ 2253.392196][T12277] CPU: 0 PID: 12277 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 2253.402054][T12277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2253.412206][T12277] Call Trace: [ 2253.415489][T12277] dump_stack_lvl+0xcd/0x134 [ 2253.420096][T12277] sysfs_warn_dup.cold+0x1c/0x29 [ 2253.425050][T12277] sysfs_do_create_link_sd+0x11e/0x140 [ 2253.430614][T12277] sysfs_create_link+0x5f/0xc0 [ 2253.435393][T12277] device_add+0x789/0x2100 [ 2253.439820][T12277] ? mutex_lock_io_nested+0xf00/0xf00 [ 2253.445292][T12277] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2253.450848][T12277] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2253.457437][T12277] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2253.463685][T12277] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2253.470027][T12277] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2253.476278][T12277] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2253.482276][T12277] wiphy_register+0x1e8a/0x29b0 [ 2253.487148][T12277] ? wiphy_unregister+0xbd0/0xbd0 [ 2253.492188][T12277] ? minstrel_ht_alloc+0x531/0xa00 [ 2253.497309][T12277] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2253.503396][T12277] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2253.508869][T12277] ? ieee80211_restart_hw+0x290/0x290 [ 2253.514252][T12277] ? debug_object_destroy+0x210/0x210 [ 2253.519638][T12277] ? lock_downgrade+0x6e0/0x6e0 [ 2253.524503][T12277] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2253.529972][T12277] ? memset+0x20/0x40 [ 2253.533973][T12277] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2253.540230][T12277] ? __hrtimer_init+0x136/0x280 [ 2253.545097][T12277] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2253.550838][T12277] ? hwsim_virtio_rx_work+0x350/0x350 [ 2253.556220][T12277] ? __kmalloc_track_caller+0x1a0/0x320 [ 2253.561784][T12277] ? memcpy+0x39/0x60 [ 2253.565777][T12277] hwsim_new_radio_nl+0x9bc/0x1080 [ 2253.570931][T12277] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2253.576841][T12277] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2253.583086][T12277] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2253.590497][T12277] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2253.597805][T12277] genl_family_rcv_msg_doit+0x228/0x320 [ 2253.603457][T12277] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2253.610845][T12277] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2253.617098][T12277] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2253.623342][T12277] ? ns_capable+0xde/0x100 [ 2253.627759][T12277] genl_rcv_msg+0x328/0x580 [ 2253.632445][T12277] ? genl_get_cmd+0x480/0x480 [ 2253.637142][T12277] ? lock_downgrade+0x6e0/0x6e0 [ 2253.641995][T12277] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2253.647913][T12277] ? lock_release+0x720/0x720 [ 2253.652597][T12277] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2253.657896][T12277] netlink_rcv_skb+0x153/0x420 [ 2253.662664][T12277] ? genl_get_cmd+0x480/0x480 [ 2253.667353][T12277] ? netlink_ack+0xa60/0xa60 [ 2253.671965][T12277] ? netlink_deliver_tap+0x236/0xba0 [ 2253.677249][T12277] genl_rcv+0x24/0x40 [ 2253.681227][T12277] netlink_unicast+0x533/0x7d0 [ 2253.685994][T12277] ? netlink_attachskb+0x890/0x890 [ 2253.691100][T12277] ? __check_object_size+0x16e/0x3f0 [ 2253.696385][T12277] netlink_sendmsg+0x85b/0xda0 [ 2253.701239][T12277] ? netlink_unicast+0x7d0/0x7d0 [ 2253.706172][T12277] ? __sanitizer_cov_trace_pc+0x59/0x60 [ 2253.711715][T12277] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2253.717959][T12277] ? netlink_unicast+0x7d0/0x7d0 [ 2253.722890][T12277] sock_sendmsg+0xcf/0x120 [ 2253.727395][T12277] ____sys_sendmsg+0x6e8/0x810 [ 2253.732165][T12277] ? kernel_sendmsg+0x50/0x50 [ 2253.736860][T12277] ? do_recvmmsg+0x6d0/0x6d0 [ 2253.741465][T12277] ___sys_sendmsg+0xf3/0x170 [ 2253.746077][T12277] ? sendmsg_copy_msghdr+0x160/0x160 [ 2253.751408][T12277] ? __fget_files+0x266/0x3d0 [ 2253.756086][T12277] ? lock_downgrade+0x6e0/0x6e0 [ 2253.760935][T12277] ? futex_exit_release+0x220/0x220 [ 2253.766133][T12277] ? clockevents_program_event+0x141/0x370 [ 2253.772023][T12277] ? lock_downgrade+0x6e0/0x6e0 [ 2253.776873][T12277] ? __fget_files+0x288/0x3d0 [ 2253.781572][T12277] ? __fget_light+0xea/0x280 [ 2253.786164][T12277] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2253.792406][T12277] __sys_sendmsg+0xe5/0x1b0 [ 2253.796913][T12277] ? __sys_sendmsg_sock+0x30/0x30 [ 2253.801943][T12277] ? syscall_enter_from_user_mode+0x21/0x70 [ 2253.807839][T12277] ? trace_hardirqs_on+0x5b/0x1c0 [ 2253.812875][T12277] do_syscall_64+0x35/0xb0 [ 2253.817422][T12277] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2253.823342][T12277] RIP: 0033:0x4665d9 [ 2253.827238][T12277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2253.847280][T12277] RSP: 002b:00007f2f41cb3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2253.855700][T12277] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2253.863664][T12277] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2253.871667][T12277] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2253.879654][T12277] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2253.887668][T12277] R13: 00007ffcab19058f R14: 00007f2f41cb3300 R15: 0000000000022000 [ 2253.932911][T12310] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2253.945549][T12310] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2253.958921][T12310] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2253.958921][T12310] !' [ 2253.970664][T12310] CPU: 0 PID: 12310 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 2253.980638][T12310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2253.990725][T12310] Call Trace: [ 2253.994117][T12310] dump_stack_lvl+0xcd/0x134 [ 2253.998731][T12310] sysfs_warn_dup.cold+0x1c/0x29 [ 2254.003690][T12310] sysfs_do_create_link_sd+0x11e/0x140 [ 2254.009209][T12310] sysfs_create_link+0x5f/0xc0 [ 2254.014002][T12310] device_add+0x789/0x2100 [ 2254.018696][T12310] ? mutex_lock_io_nested+0xf00/0xf00 [ 2254.024088][T12310] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2254.029654][T12310] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2254.036218][T12310] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2254.042504][T12310] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2254.048762][T12310] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2254.055023][T12310] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2254.061035][T12310] wiphy_register+0x1e8a/0x29b0 [ 2254.065909][T12310] ? wiphy_unregister+0xbd0/0xbd0 [ 2254.070999][T12310] ? minstrel_ht_alloc+0x531/0xa00 [ 2254.076223][T12310] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2254.082296][T12310] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2254.087771][T12310] ? ieee80211_restart_hw+0x290/0x290 [ 2254.093144][T12310] ? debug_object_destroy+0x210/0x210 [ 2254.098511][T12310] ? lock_downgrade+0x6e0/0x6e0 [ 2254.103370][T12310] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2254.108819][T12310] ? memset+0x20/0x40 [ 2254.112790][T12310] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2254.119042][T12310] ? __hrtimer_init+0x136/0x280 [ 2254.123885][T12310] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2254.129596][T12310] ? hwsim_virtio_rx_work+0x350/0x350 [ 2254.134952][T12310] ? __kmalloc_track_caller+0x1a0/0x320 [ 2254.140481][T12310] ? memcpy+0x39/0x60 [ 2254.144449][T12310] hwsim_new_radio_nl+0x9bc/0x1080 [ 2254.149563][T12310] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2254.155444][T12310] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2254.161667][T12310] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2254.169025][T12310] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2254.176297][T12310] genl_family_rcv_msg_doit+0x228/0x320 [ 2254.181827][T12310] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2254.189190][T12310] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2254.195620][T12310] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2254.201843][T12310] ? ns_capable+0xde/0x100 [ 2254.206249][T12310] genl_rcv_msg+0x328/0x580 [ 2254.210738][T12310] ? genl_get_cmd+0x480/0x480 [ 2254.215400][T12310] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2254.221298][T12310] ? lock_release+0x720/0x720 [ 2254.226059][T12310] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2254.231335][T12310] ? trace_hardirqs_on+0x5b/0x1c0 [ 2254.236351][T12310] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2254.242061][T12310] netlink_rcv_skb+0x153/0x420 [ 2254.246813][T12310] ? genl_get_cmd+0x480/0x480 [ 2254.251471][T12310] ? netlink_ack+0xa60/0xa60 [ 2254.256059][T12310] ? netlink_deliver_tap+0x236/0xba0 [ 2254.261330][T12310] genl_rcv+0x24/0x40 [ 2254.265301][T12310] netlink_unicast+0x533/0x7d0 [ 2254.270049][T12310] ? netlink_attachskb+0x890/0x890 [ 2254.275253][T12310] ? __virt_addr_valid+0x5d/0x2d0 [ 2254.280265][T12310] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2254.286609][T12310] ? __phys_addr_symbol+0x2c/0x70 [ 2254.291637][T12310] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2254.297364][T12310] ? __check_object_size+0x16e/0x3f0 [ 2254.302632][T12310] netlink_sendmsg+0x85b/0xda0 [ 2254.307384][T12310] ? netlink_unicast+0x7d0/0x7d0 [ 2254.312309][T12310] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2254.319148][T12310] ? netlink_unicast+0x7d0/0x7d0 [ 2254.324076][T12310] sock_sendmsg+0xcf/0x120 [ 2254.328495][T12310] ____sys_sendmsg+0x6e8/0x810 [ 2254.333380][T12310] ? kernel_sendmsg+0x50/0x50 [ 2254.338184][T12310] ? do_recvmmsg+0x6d0/0x6d0 [ 2254.342768][T12310] ? tomoyo_path_number_perm+0x204/0x590 [ 2254.348395][T12310] ? kfree+0xeb/0x670 [ 2254.352365][T12310] ? tomoyo_path_number_perm+0x441/0x590 [ 2254.357984][T12310] ___sys_sendmsg+0xf3/0x170 [ 2254.362588][T12310] ? sendmsg_copy_msghdr+0x160/0x160 [ 2254.367858][T12310] ? __fget_files+0x266/0x3d0 [ 2254.372521][T12310] ? lock_downgrade+0x6e0/0x6e0 [ 2254.377354][T12310] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2254.383319][T12310] ? do_vfs_ioctl+0x132/0x15d0 [ 2254.388075][T12310] ? __fget_files+0x288/0x3d0 [ 2254.392776][T12310] ? __fget_light+0xea/0x280 [ 2254.397349][T12310] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2254.403576][T12310] __sys_sendmsg+0xe5/0x1b0 [ 2254.408063][T12310] ? __sys_sendmsg_sock+0x30/0x30 [ 2254.413083][T12310] ? syscall_enter_from_user_mode+0x21/0x70 [ 2254.418961][T12310] ? trace_hardirqs_on+0x5b/0x1c0 [ 2254.423970][T12310] do_syscall_64+0x35/0xb0 [ 2254.428381][T12310] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2254.434261][T12310] RIP: 0033:0x4665d9 [ 2254.438137][T12310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2254.457819][T12310] RSP: 002b:00007f2f41c71188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2254.466214][T12310] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2254.474166][T12310] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2254.482207][T12310] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2254.490171][T12310] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2254.498159][T12310] R13: 00007ffcab19058f R14: 00007f2f41c71300 R15: 0000000000022000 [ 2254.524470][T12308] netlink: 'syz-executor.1': attribute type 11 has an invalid length. 03:46:37 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0xe4180000}, 0x0) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x2000) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) [ 2254.543080][T12308] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2254.560315][T12308] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2254.560315][T12308] !' [ 2254.572145][T12308] CPU: 0 PID: 12308 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2254.581983][T12308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2254.592046][T12308] Call Trace: [ 2254.595332][T12308] dump_stack_lvl+0xcd/0x134 [ 2254.599944][T12308] sysfs_warn_dup.cold+0x1c/0x29 [ 2254.604903][T12308] sysfs_do_create_link_sd+0x11e/0x140 [ 2254.610396][T12308] sysfs_create_link+0x5f/0xc0 [ 2254.615194][T12308] device_add+0x789/0x2100 [ 2254.619626][T12308] ? mutex_lock_io_nested+0xf00/0xf00 [ 2254.625004][T12308] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2254.630566][T12308] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2254.637077][T12308] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2254.643427][T12308] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2254.649680][T12308] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2254.655937][T12308] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2254.661946][T12308] wiphy_register+0x1e8a/0x29b0 [ 2254.666819][T12308] ? wiphy_unregister+0xbd0/0xbd0 [ 2254.671854][T12308] ? minstrel_ht_alloc+0x531/0xa00 [ 2254.677091][T12308] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2254.683160][T12308] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2254.688625][T12308] ? ieee80211_restart_hw+0x290/0x290 [ 2254.693994][T12308] ? debug_object_destroy+0x210/0x210 [ 2254.699372][T12308] ? lock_downgrade+0x6e0/0x6e0 [ 2254.704221][T12308] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2254.709778][T12308] ? memset+0x20/0x40 [ 2254.713758][T12308] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2254.719996][T12308] ? __hrtimer_init+0x136/0x280 [ 2254.724944][T12308] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2254.730683][T12308] ? hwsim_virtio_rx_work+0x350/0x350 [ 2254.736062][T12308] ? __kmalloc_track_caller+0x1a0/0x320 [ 2254.741625][T12308] ? memcpy+0x39/0x60 [ 2254.745632][T12308] hwsim_new_radio_nl+0x9bc/0x1080 [ 2254.750749][T12308] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2254.756655][T12308] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2254.762891][T12308] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2254.770262][T12308] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2254.777558][T12308] genl_family_rcv_msg_doit+0x228/0x320 [ 2254.783135][T12308] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2254.790523][T12308] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2254.796777][T12308] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2254.803018][T12308] ? ns_capable+0xde/0x100 [ 2254.807441][T12308] genl_rcv_msg+0x328/0x580 [ 2254.811948][T12308] ? genl_get_cmd+0x480/0x480 [ 2254.816626][T12308] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2254.822523][T12308] ? lock_release+0x720/0x720 [ 2254.827194][T12308] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2254.832486][T12308] ? trace_hardirqs_on+0x5b/0x1c0 [ 2254.837506][T12308] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2254.843222][T12308] netlink_rcv_skb+0x153/0x420 [ 2254.848127][T12308] ? genl_get_cmd+0x480/0x480 [ 2254.852830][T12308] ? netlink_ack+0xa60/0xa60 [ 2254.857450][T12308] ? netlink_deliver_tap+0x236/0xba0 [ 2254.862762][T12308] genl_rcv+0x24/0x40 [ 2254.867019][T12308] netlink_unicast+0x533/0x7d0 [ 2254.871874][T12308] ? netlink_attachskb+0x890/0x890 [ 2254.877006][T12308] ? __virt_addr_valid+0x5d/0x2d0 [ 2254.882058][T12308] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2254.888304][T12308] ? __phys_addr_symbol+0x2c/0x70 [ 2254.893357][T12308] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2254.899077][T12308] ? __check_object_size+0x16e/0x3f0 [ 2254.904372][T12308] netlink_sendmsg+0x85b/0xda0 [ 2254.909154][T12308] ? netlink_unicast+0x7d0/0x7d0 [ 2254.914106][T12308] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2254.920358][T12308] ? netlink_unicast+0x7d0/0x7d0 [ 2254.925304][T12308] sock_sendmsg+0xcf/0x120 [ 2254.929734][T12308] ____sys_sendmsg+0x6e8/0x810 [ 2254.934503][T12308] ? kernel_sendmsg+0x50/0x50 [ 2254.939184][T12308] ? do_recvmmsg+0x6d0/0x6d0 [ 2254.943767][T12308] ? tomoyo_path_number_perm+0x204/0x590 [ 2254.949406][T12308] ? kfree+0xeb/0x670 [ 2254.953381][T12308] ? tomoyo_path_number_perm+0x441/0x590 [ 2254.959036][T12308] ___sys_sendmsg+0xf3/0x170 [ 2254.963621][T12308] ? sendmsg_copy_msghdr+0x160/0x160 [ 2254.968905][T12308] ? __fget_files+0x266/0x3d0 [ 2254.973581][T12308] ? lock_downgrade+0x6e0/0x6e0 [ 2254.978435][T12308] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2254.984413][T12308] ? do_vfs_ioctl+0x132/0x15d0 [ 2254.989187][T12308] ? __fget_files+0x288/0x3d0 [ 2254.993863][T12308] ? __fget_light+0xea/0x280 [ 2254.998626][T12308] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2255.004866][T12308] __sys_sendmsg+0xe5/0x1b0 [ 2255.009365][T12308] ? __sys_sendmsg_sock+0x30/0x30 [ 2255.014564][T12308] ? syscall_enter_from_user_mode+0x21/0x70 [ 2255.020468][T12308] ? trace_hardirqs_on+0x5b/0x1c0 [ 2255.025491][T12308] do_syscall_64+0x35/0xb0 [ 2255.029904][T12308] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2255.035801][T12308] RIP: 0033:0x4665d9 [ 2255.039687][T12308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2255.059813][T12308] RSP: 002b:00007f0cbc0c2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2255.068394][T12308] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2255.076366][T12308] RDX: 0000000001000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2255.084415][T12308] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2255.092387][T12308] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2255.100348][T12308] R13: 00007fffc9e5e04f R14: 00007f0cbc0c2300 R15: 0000000000022000 [ 2255.119067][T12309] netlink: 'syz-executor.2': attribute type 11 has an invalid length. 03:46:38 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x2000000) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:38 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, 0x0, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc50xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2255.915873][T12339] RSP: 002b:00007f571d74c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2255.924283][T12339] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2255.932254][T12339] RDX: 0000000000001f00 RSI: 0000000020000000 RDI: 0000000000000003 [ 2255.940235][T12339] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2255.948205][T12339] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2255.956170][T12339] R13: 00007ffe36affebf R14: 00007f571d74c300 R15: 0000000000022000 [ 2256.014590][T12340] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 2256.037472][T12340] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.0'. 03:46:39 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0x400000000000000) [ 2256.072336][T12340] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2256.072336][T12340] !' [ 2256.092745][T12340] CPU: 1 PID: 12340 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 2256.102590][T12340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2256.112694][T12340] Call Trace: [ 2256.115978][T12340] dump_stack_lvl+0xcd/0x134 [ 2256.120586][T12340] sysfs_warn_dup.cold+0x1c/0x29 [ 2256.125539][T12340] sysfs_do_create_link_sd+0x11e/0x140 [ 2256.131016][T12340] sysfs_create_link+0x5f/0xc0 [ 2256.135793][T12340] device_add+0x789/0x2100 [ 2256.140221][T12340] ? mutex_lock_io_nested+0xf00/0xf00 [ 2256.145600][T12340] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2256.151163][T12340] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2256.157409][T12340] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2256.163685][T12340] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2256.170021][T12340] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2256.176016][T12340] wiphy_register+0x1e8a/0x29b0 [ 2256.180885][T12340] ? wiphy_unregister+0xbd0/0xbd0 [ 2256.185920][T12340] ? minstrel_ht_alloc+0x531/0xa00 [ 2256.191067][T12340] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2256.197172][T12340] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2256.202646][T12340] ? ieee80211_restart_hw+0x290/0x290 [ 2256.208034][T12340] ? debug_object_destroy+0x210/0x210 [ 2256.213431][T12340] ? lock_downgrade+0x6e0/0x6e0 [ 2256.218281][T12340] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2256.223745][T12340] ? memset+0x20/0x40 [ 2256.227724][T12340] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2256.233965][T12340] ? __hrtimer_init+0x136/0x280 [ 2256.238820][T12340] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2256.244545][T12340] ? hwsim_virtio_rx_work+0x350/0x350 [ 2256.250002][T12340] ? __kmalloc_track_caller+0x1a0/0x320 [ 2256.255573][T12340] ? memcpy+0x39/0x60 [ 2256.259553][T12340] hwsim_new_radio_nl+0x9bc/0x1080 [ 2256.264682][T12340] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2256.270575][T12340] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2256.277075][T12340] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2256.284446][T12340] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2256.291730][T12340] genl_family_rcv_msg_doit+0x228/0x320 [ 2256.297276][T12340] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2256.304658][T12340] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2256.311162][T12340] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2256.317398][T12340] ? ns_capable+0xde/0x100 [ 2256.321823][T12340] genl_rcv_msg+0x328/0x580 [ 2256.326325][T12340] ? genl_get_cmd+0x480/0x480 [ 2256.331002][T12340] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2256.336898][T12340] ? lock_release+0x720/0x720 [ 2256.341568][T12340] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2256.346853][T12340] ? trace_hardirqs_on+0x5b/0x1c0 [ 2256.351897][T12340] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2256.357615][T12340] netlink_rcv_skb+0x153/0x420 [ 2256.362377][T12340] ? genl_get_cmd+0x480/0x480 [ 2256.367050][T12340] ? netlink_ack+0xa60/0xa60 [ 2256.371642][T12340] ? netlink_deliver_tap+0x236/0xba0 [ 2256.376937][T12340] genl_rcv+0x24/0x40 [ 2256.380920][T12340] netlink_unicast+0x533/0x7d0 [ 2256.385679][T12340] ? netlink_attachskb+0x890/0x890 [ 2256.390782][T12340] ? __virt_addr_valid+0x5d/0x2d0 [ 2256.395804][T12340] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2256.402040][T12340] ? __phys_addr_symbol+0x2c/0x70 [ 2256.407058][T12340] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2256.412780][T12340] ? __check_object_size+0x16e/0x3f0 [ 2256.418059][T12340] netlink_sendmsg+0x85b/0xda0 [ 2256.422823][T12340] ? netlink_unicast+0x7d0/0x7d0 [ 2256.427760][T12340] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2256.434013][T12340] ? netlink_unicast+0x7d0/0x7d0 [ 2256.438948][T12340] sock_sendmsg+0xcf/0x120 [ 2256.443377][T12340] ____sys_sendmsg+0x6e8/0x810 [ 2256.448142][T12340] ? kernel_sendmsg+0x50/0x50 [ 2256.452815][T12340] ? do_recvmmsg+0x6d0/0x6d0 [ 2256.457530][T12340] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2256.463870][T12340] ? __kfence_alloc+0x37b/0xc20 [ 2256.468723][T12340] ___sys_sendmsg+0xf3/0x170 [ 2256.473308][T12340] ? sendmsg_copy_msghdr+0x160/0x160 [ 2256.478591][T12340] ? __fget_files+0x266/0x3d0 [ 2256.483262][T12340] ? lock_downgrade+0x6e0/0x6e0 [ 2256.488115][T12340] ? futex_exit_release+0x220/0x220 [ 2256.493325][T12340] ? alloc_empty_file+0xd7/0x170 [ 2256.498264][T12340] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2256.504510][T12340] ? __fget_files+0x288/0x3d0 [ 2256.509188][T12340] ? __fget_light+0xea/0x280 [ 2256.513785][T12340] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2256.520026][T12340] __sys_sendmsg+0xe5/0x1b0 [ 2256.524538][T12340] ? __sys_sendmsg_sock+0x30/0x30 [ 2256.529563][T12340] ? syscall_enter_from_user_mode+0x21/0x70 [ 2256.535454][T12340] ? trace_hardirqs_on+0x5b/0x1c0 [ 2256.540479][T12340] do_syscall_64+0x35/0xb0 [ 2256.544891][T12340] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2256.550787][T12340] RIP: 0033:0x4665d9 [ 2256.554673][T12340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 03:46:39 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, 0x0, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2257.337427][T12376] RSP: 002b:00007f2f41c92188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2257.345837][T12376] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 2257.353813][T12376] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2257.361777][T12376] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 03:46:40 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={0x0, 0x0, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2257.982274][T12383] RSP: 002b:00007f0cbc104188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2257.990810][T12383] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2257.998896][T12383] RDX: 0000000002000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2258.006934][T12383] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2258.014898][T12383] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2258.022983][T12383] R13: 00007fffc9e5e04f R14: 00007f0cbc104300 R15: 0000000000022000 [ 2258.053000][T12395] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2258.061181][T12395] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2258.078051][T12395] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2258.078051][T12395] !' [ 2258.088100][T12395] CPU: 1 PID: 12395 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 2258.098008][T12395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2258.108068][T12395] Call Trace: [ 2258.111346][T12395] dump_stack_lvl+0xcd/0x134 [ 2258.115931][T12395] sysfs_warn_dup.cold+0x1c/0x29 [ 2258.120863][T12395] sysfs_do_create_link_sd+0x11e/0x140 [ 2258.126317][T12395] sysfs_create_link+0x5f/0xc0 [ 2258.131074][T12395] device_add+0x789/0x2100 [ 2258.135496][T12395] ? mutex_lock_io_nested+0xf00/0xf00 [ 2258.140885][T12395] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2258.146426][T12395] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2258.152667][T12395] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2258.158921][T12395] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2258.165163][T12395] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2258.171161][T12395] wiphy_register+0x1e8a/0x29b0 [ 2258.176031][T12395] ? wiphy_unregister+0xbd0/0xbd0 [ 2258.181077][T12395] ? minstrel_ht_alloc+0x531/0xa00 [ 2258.186193][T12395] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2258.192278][T12395] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2258.197737][T12395] ? ieee80211_restart_hw+0x290/0x290 [ 2258.203164][T12395] ? debug_object_destroy+0x210/0x210 [ 2258.208536][T12395] ? lock_downgrade+0x6e0/0x6e0 [ 2258.213383][T12395] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2258.218839][T12395] ? memset+0x20/0x40 [ 2258.223079][T12395] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2258.229319][T12395] ? __hrtimer_init+0x136/0x280 [ 2258.234193][T12395] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2258.239925][T12395] ? hwsim_virtio_rx_work+0x350/0x350 [ 2258.246365][T12395] ? __kmalloc_track_caller+0x1a0/0x320 [ 2258.251937][T12395] ? memcpy+0x39/0x60 [ 2258.255918][T12395] hwsim_new_radio_nl+0x9bc/0x1080 [ 2258.261724][T12395] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2258.267621][T12395] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2258.273858][T12395] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2258.281231][T12395] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2258.288517][T12395] genl_family_rcv_msg_doit+0x228/0x320 [ 2258.294177][T12395] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2258.301548][T12395] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2258.307810][T12395] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2258.314070][T12395] ? ns_capable+0xde/0x100 [ 2258.318497][T12395] genl_rcv_msg+0x328/0x580 [ 2258.323015][T12395] ? genl_get_cmd+0x480/0x480 [ 2258.327706][T12395] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2258.333606][T12395] ? lock_release+0x720/0x720 [ 2258.338285][T12395] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2258.343583][T12395] ? trace_hardirqs_on+0x5b/0x1c0 [ 2258.348603][T12395] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2258.354338][T12395] netlink_rcv_skb+0x153/0x420 [ 2258.359116][T12395] ? genl_get_cmd+0x480/0x480 [ 2258.364149][T12395] ? netlink_ack+0xa60/0xa60 [ 2258.368749][T12395] ? netlink_deliver_tap+0x236/0xba0 [ 2258.374036][T12395] genl_rcv+0x24/0x40 [ 2258.378017][T12395] netlink_unicast+0x533/0x7d0 [ 2258.382781][T12395] ? netlink_attachskb+0x890/0x890 [ 2258.387889][T12395] ? __virt_addr_valid+0x5d/0x2d0 [ 2258.392912][T12395] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2258.399149][T12395] ? __phys_addr_symbol+0x2c/0x70 [ 2258.404191][T12395] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2258.409904][T12395] ? __check_object_size+0x16e/0x3f0 [ 2258.415189][T12395] netlink_sendmsg+0x85b/0xda0 [ 2258.419970][T12395] ? netlink_unicast+0x7d0/0x7d0 [ 2258.425008][T12395] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2258.431276][T12395] ? netlink_unicast+0x7d0/0x7d0 [ 2258.436224][T12395] sock_sendmsg+0xcf/0x120 [ 2258.440819][T12395] ____sys_sendmsg+0x6e8/0x810 [ 2258.445584][T12395] ? kernel_sendmsg+0x50/0x50 [ 2258.450278][T12395] ? do_recvmmsg+0x6d0/0x6d0 [ 2258.454870][T12395] ? tomoyo_path_number_perm+0x204/0x590 [ 2258.460511][T12395] ? kfree+0xeb/0x670 [ 2258.464497][T12395] ? tomoyo_path_number_perm+0x441/0x590 [ 2258.470136][T12395] ___sys_sendmsg+0xf3/0x170 [ 2258.474723][T12395] ? sendmsg_copy_msghdr+0x160/0x160 [ 2258.480092][T12395] ? __fget_files+0x266/0x3d0 [ 2258.484766][T12395] ? lock_downgrade+0x6e0/0x6e0 [ 2258.489612][T12395] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2258.495501][T12395] ? do_vfs_ioctl+0x132/0x15d0 [ 2258.501048][T12395] ? __fget_files+0x288/0x3d0 [ 2258.505812][T12395] ? __fget_light+0xea/0x280 [ 2258.510398][T12395] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2258.516739][T12395] __sys_sendmsg+0xe5/0x1b0 [ 2258.521258][T12395] ? __sys_sendmsg_sock+0x30/0x30 [ 2258.526306][T12395] ? syscall_enter_from_user_mode+0x21/0x70 [ 2258.532198][T12395] ? trace_hardirqs_on+0x5b/0x1c0 [ 2258.537224][T12395] do_syscall_64+0x35/0xb0 [ 2258.541633][T12395] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2258.547526][T12395] RIP: 0033:0x4665d9 [ 2258.551422][T12395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2258.571024][T12395] RSP: 002b:00007f2f41c71188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2258.579431][T12395] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2258.587394][T12395] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2258.595359][T12395] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2258.603320][T12395] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2258.611282][T12395] R13: 00007ffcab19058f R14: 00007f2f41c71300 R15: 0000000000022000 [ 2258.632252][T12399] netlink: 'syz-executor.2': attribute type 11 has an invalid length. 03:46:41 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0xf0ffffff}, 0x0) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x2000) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) [ 2258.647329][T12399] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2258.781748][T12413] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 2258.796944][T12413] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2258.810220][T12413] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2258.810220][T12413] !' [ 2258.821990][T12413] CPU: 1 PID: 12413 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2258.832044][T12413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2258.842534][T12413] Call Trace: [ 2258.845805][T12413] dump_stack_lvl+0xcd/0x134 [ 2258.850402][T12413] sysfs_warn_dup.cold+0x1c/0x29 [ 2258.855333][T12413] sysfs_do_create_link_sd+0x11e/0x140 [ 2258.860798][T12413] sysfs_create_link+0x5f/0xc0 [ 2258.865557][T12413] device_add+0x789/0x2100 [ 2258.869965][T12413] ? mutex_lock_io_nested+0xf00/0xf00 [ 2258.875418][T12413] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2258.880969][T12413] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2258.887499][T12413] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2258.893749][T12413] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2258.900003][T12413] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2258.906339][T12413] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2258.912324][T12413] wiphy_register+0x1e8a/0x29b0 [ 2258.917278][T12413] ? wiphy_unregister+0xbd0/0xbd0 [ 2258.922309][T12413] ? minstrel_ht_alloc+0x531/0xa00 [ 2258.927426][T12413] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2258.933496][T12413] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2258.939135][T12413] ? ieee80211_restart_hw+0x290/0x290 [ 2258.944592][T12413] ? debug_object_destroy+0x210/0x210 [ 2258.949964][T12413] ? lock_downgrade+0x6e0/0x6e0 [ 2258.954826][T12413] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2258.960285][T12413] ? memset+0x20/0x40 [ 2258.964268][T12413] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2258.970503][T12413] ? __hrtimer_init+0x136/0x280 [ 2258.975623][T12413] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2258.981367][T12413] ? hwsim_virtio_rx_work+0x350/0x350 [ 2258.986738][T12413] ? __kmalloc_track_caller+0x1a0/0x320 [ 2258.992282][T12413] ? memcpy+0x39/0x60 [ 2258.996299][T12413] hwsim_new_radio_nl+0x9bc/0x1080 [ 2259.001414][T12413] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2259.007313][T12413] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2259.013548][T12413] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2259.020933][T12413] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2259.028951][T12413] genl_family_rcv_msg_doit+0x228/0x320 [ 2259.034507][T12413] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2259.041906][T12413] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2259.048155][T12413] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2259.054394][T12413] ? ns_capable+0xde/0x100 [ 2259.058804][T12413] genl_rcv_msg+0x328/0x580 [ 2259.063311][T12413] ? genl_get_cmd+0x480/0x480 [ 2259.067986][T12413] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2259.074662][T12413] ? lock_release+0x720/0x720 [ 2259.079334][T12413] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2259.084622][T12413] ? trace_hardirqs_on+0x5b/0x1c0 [ 2259.089654][T12413] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2259.095385][T12413] netlink_rcv_skb+0x153/0x420 [ 2259.100149][T12413] ? genl_get_cmd+0x480/0x480 [ 2259.104822][T12413] ? netlink_ack+0xa60/0xa60 [ 2259.109417][T12413] ? netlink_deliver_tap+0x236/0xba0 [ 2259.114698][T12413] genl_rcv+0x24/0x40 [ 2259.118676][T12413] netlink_unicast+0x533/0x7d0 [ 2259.123463][T12413] ? netlink_attachskb+0x890/0x890 [ 2259.128570][T12413] ? __virt_addr_valid+0x5d/0x2d0 [ 2259.133589][T12413] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2259.139840][T12413] ? __phys_addr_symbol+0x2c/0x70 [ 2259.144858][T12413] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2259.150583][T12413] ? __check_object_size+0x16e/0x3f0 [ 2259.155866][T12413] netlink_sendmsg+0x85b/0xda0 [ 2259.160628][T12413] ? netlink_unicast+0x7d0/0x7d0 [ 2259.165563][T12413] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2259.171811][T12413] ? netlink_unicast+0x7d0/0x7d0 [ 2259.176745][T12413] sock_sendmsg+0xcf/0x120 [ 2259.181160][T12413] ____sys_sendmsg+0x6e8/0x810 [ 2259.185924][T12413] ? kernel_sendmsg+0x50/0x50 [ 2259.190609][T12413] ? do_recvmmsg+0x6d0/0x6d0 [ 2259.195199][T12413] ? tomoyo_path_number_perm+0x204/0x590 [ 2259.200830][T12413] ? kfree+0xeb/0x670 [ 2259.204803][T12413] ? tomoyo_path_number_perm+0x441/0x590 [ 2259.210452][T12413] ___sys_sendmsg+0xf3/0x170 [ 2259.215128][T12413] ? sendmsg_copy_msghdr+0x160/0x160 [ 2259.220407][T12413] ? __fget_files+0x266/0x3d0 [ 2259.225076][T12413] ? lock_downgrade+0x6e0/0x6e0 [ 2259.229922][T12413] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2259.235810][T12413] ? do_vfs_ioctl+0x132/0x15d0 [ 2259.240577][T12413] ? __fget_files+0x288/0x3d0 [ 2259.245253][T12413] ? __fget_light+0xea/0x280 [ 2259.249860][T12413] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2259.256099][T12413] __sys_sendmsg+0xe5/0x1b0 [ 2259.260618][T12413] ? __sys_sendmsg_sock+0x30/0x30 [ 2259.265643][T12413] ? syscall_enter_from_user_mode+0x21/0x70 [ 2259.271544][T12413] ? trace_hardirqs_on+0x5b/0x1c0 [ 2259.276567][T12413] do_syscall_64+0x35/0xb0 [ 2259.280976][T12413] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2259.286870][T12413] RIP: 0033:0x4665d9 [ 2259.290753][T12413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2259.310362][T12413] RSP: 002b:00007f0cbc0c2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2259.318854][T12413] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2259.326817][T12413] RDX: 0000000002000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2259.334789][T12413] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2259.343011][T12413] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2259.351060][T12413] R13: 00007fffc9e5e04f R14: 00007f0cbc0c2300 R15: 0000000000022000 [ 2259.372630][T12415] netlink: 'syz-executor.2': attribute type 11 has an invalid length. 03:46:42 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x4000000) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:42 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0x700000000000000) [ 2259.380815][T12415] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. 03:46:42 executing program 2: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc601000111d0a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) gettid() r1 = socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000001180)=[{&(0x7f0000000dc0)=""/132, 0x84}, {&(0x7f0000000f00)=""/103, 0x67}, {&(0x7f0000001040)=""/177, 0xb1}, {0x0}], 0x4}, 0x2000) socket$kcm(0x29, 0x0, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:42 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={0x0, 0x0, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2260.153770][T12431] RSP: 002b:00007f571d74c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2260.162182][T12431] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2260.170144][T12431] RDX: 0000000000003f00 RSI: 0000000020000000 RDI: 0000000000000003 [ 2260.178104][T12431] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2260.186065][T12431] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2260.194025][T12431] R13: 00007ffe36affebf R14: 00007f571d74c300 R15: 0000000000022000 [ 2260.207051][ T226] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) 03:46:43 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0xd00000000000000) 03:46:43 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0x1000000000000000) [ 2260.427891][T12438] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 2260.441204][T12438] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2260.465226][T12438] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2260.465226][T12438] !' [ 2260.504943][T12438] CPU: 1 PID: 12438 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 2260.514791][T12438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2260.524852][T12438] Call Trace: [ 2260.528150][T12438] dump_stack_lvl+0xcd/0x134 [ 2260.532745][T12438] sysfs_warn_dup.cold+0x1c/0x29 [ 2260.537684][T12438] sysfs_do_create_link_sd+0x11e/0x140 [ 2260.543401][T12438] sysfs_create_link+0x5f/0xc0 [ 2260.548163][T12438] device_add+0x789/0x2100 [ 2260.552574][T12438] ? mutex_lock_io_nested+0xf00/0xf00 [ 2260.557957][T12438] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2260.563506][T12438] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2260.569838][T12438] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2260.576072][T12438] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2260.582322][T12438] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2260.588315][T12438] wiphy_register+0x1e8a/0x29b0 [ 2260.593253][T12438] ? wiphy_unregister+0xbd0/0xbd0 [ 2260.598283][T12438] ? minstrel_ht_alloc+0x531/0xa00 [ 2260.603393][T12438] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2260.609474][T12438] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2260.614966][T12438] ? ieee80211_restart_hw+0x290/0x290 [ 2260.620345][T12438] ? debug_object_destroy+0x210/0x210 [ 2260.625721][T12438] ? lock_downgrade+0x6e0/0x6e0 [ 2260.630657][T12438] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2260.636114][T12438] ? memset+0x20/0x40 [ 2260.640097][T12438] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2260.646337][T12438] ? __hrtimer_init+0x136/0x280 [ 2260.651187][T12438] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2260.656914][T12438] ? hwsim_virtio_rx_work+0x350/0x350 [ 2260.662284][T12438] ? __kmalloc_track_caller+0x1a0/0x320 [ 2260.667841][T12438] ? memcpy+0x39/0x60 [ 2260.671823][T12438] hwsim_new_radio_nl+0x9bc/0x1080 [ 2260.676940][T12438] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2260.682852][T12438] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2260.689095][T12438] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2260.696469][T12438] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2260.703758][T12438] genl_family_rcv_msg_doit+0x228/0x320 [ 2260.709308][T12438] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2260.716681][T12438] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2260.722922][T12438] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2260.729159][T12438] ? ns_capable+0xde/0x100 [ 2260.733592][T12438] genl_rcv_msg+0x328/0x580 [ 2260.738888][T12438] ? genl_get_cmd+0x480/0x480 [ 2260.743562][T12438] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2260.749553][T12438] ? lock_release+0x720/0x720 [ 2260.754225][T12438] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2260.759603][T12438] ? trace_hardirqs_on+0x5b/0x1c0 [ 2260.764986][T12438] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2260.770704][T12438] netlink_rcv_skb+0x153/0x420 [ 2260.775470][T12438] ? genl_get_cmd+0x480/0x480 [ 2260.780325][T12438] ? netlink_ack+0xa60/0xa60 [ 2260.785005][T12438] ? netlink_deliver_tap+0x236/0xba0 [ 2260.790291][T12438] genl_rcv+0x24/0x40 [ 2260.794272][T12438] netlink_unicast+0x533/0x7d0 [ 2260.799065][T12438] ? netlink_attachskb+0x890/0x890 [ 2260.804177][T12438] ? __virt_addr_valid+0x5d/0x2d0 [ 2260.809201][T12438] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2260.815448][T12438] ? __phys_addr_symbol+0x2c/0x70 [ 2260.820583][T12438] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2260.826315][T12438] ? __check_object_size+0x16e/0x3f0 [ 2260.831599][T12438] netlink_sendmsg+0x85b/0xda0 [ 2260.836386][T12438] ? netlink_unicast+0x7d0/0x7d0 [ 2260.841324][T12438] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2260.847566][T12438] ? netlink_unicast+0x7d0/0x7d0 [ 2260.852500][T12438] sock_sendmsg+0xcf/0x120 [ 2260.856930][T12438] ____sys_sendmsg+0x6e8/0x810 [ 2260.861816][T12438] ? kernel_sendmsg+0x50/0x50 [ 2260.866500][T12438] ? do_recvmmsg+0x6d0/0x6d0 [ 2260.871535][T12438] ? fs_reclaim_release+0x9c/0xf0 [ 2260.876579][T12438] ? lock_downgrade+0x6e0/0x6e0 [ 2260.881456][T12438] ___sys_sendmsg+0xf3/0x170 [ 2260.886134][T12438] ? sendmsg_copy_msghdr+0x160/0x160 [ 2260.891416][T12438] ? __fget_files+0x266/0x3d0 [ 2260.896105][T12438] ? lock_downgrade+0x6e0/0x6e0 [ 2260.900976][T12438] ? futex_exit_release+0x220/0x220 [ 2260.906205][T12438] ? alloc_empty_file+0xd7/0x170 [ 2260.911150][T12438] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2260.918173][T12438] ? __fget_files+0x288/0x3d0 [ 2260.922886][T12438] ? __fget_light+0xea/0x280 [ 2260.927486][T12438] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2260.933733][T12438] __sys_sendmsg+0xe5/0x1b0 [ 2260.939198][T12438] ? __sys_sendmsg_sock+0x30/0x30 [ 2260.944228][T12438] ? syscall_enter_from_user_mode+0x21/0x70 [ 2260.950141][T12438] ? trace_hardirqs_on+0x5b/0x1c0 [ 2260.955168][T12438] do_syscall_64+0x35/0xb0 [ 2260.959664][T12438] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2260.965565][T12438] RIP: 0033:0x4665d9 [ 2260.969456][T12438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2260.989092][T12438] RSP: 002b:00007f571d72b188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2260.997499][T12438] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 2261.005481][T12438] RDX: 0000000000003f00 RSI: 0000000020000000 RDI: 0000000000000003 [ 2261.013455][T12438] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2261.021450][T12438] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038 [ 2261.029413][T12438] R13: 00007ffe36affebf R14: 00007f571d72b300 R15: 0000000000022000 03:46:44 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0x1f00000000000000) [ 2261.123012][T12464] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2261.136265][T12464] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. 03:46:44 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x4000) socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) 03:46:44 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={0x0, 0x0, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2261.690954][T12464] RSP: 002b:00007f2f41cb3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2261.699359][T12464] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2261.707330][T12464] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2261.715302][T12464] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2261.723279][T12464] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2261.731239][T12464] R13: 00007ffcab19058f R14: 00007f2f41cb3300 R15: 0000000000022000 03:46:44 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0x3686060000000000) [ 2261.827665][T12485] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 2261.840920][T12485] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2261.857630][T12485] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2261.857630][T12485] !' [ 2261.873542][T12485] CPU: 1 PID: 12485 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2261.883426][T12485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2261.893490][T12485] Call Trace: [ 2261.896769][T12485] dump_stack_lvl+0xcd/0x134 [ 2261.901375][T12485] sysfs_warn_dup.cold+0x1c/0x29 [ 2261.906325][T12485] sysfs_do_create_link_sd+0x11e/0x140 [ 2261.911801][T12485] sysfs_create_link+0x5f/0xc0 [ 2261.916578][T12485] device_add+0x789/0x2100 [ 2261.921004][T12485] ? mutex_lock_io_nested+0xf00/0xf00 [ 2261.926385][T12485] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2261.931950][T12485] ? asm_exc_int3+0x31/0x40 [ 2261.936462][T12485] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2261.942797][T12485] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2261.949251][T12485] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2261.955594][T12485] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2261.961592][T12485] wiphy_register+0x1e8a/0x29b0 [ 2261.966463][T12485] ? wiphy_unregister+0xbd0/0xbd0 [ 2261.971508][T12485] ? minstrel_ht_alloc+0x531/0xa00 [ 2261.976669][T12485] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2261.982754][T12485] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2261.988235][T12485] ? ieee80211_restart_hw+0x290/0x290 [ 2261.993621][T12485] ? debug_object_destroy+0x210/0x210 [ 2261.999008][T12485] ? lock_downgrade+0x6e0/0x6e0 [ 2262.003867][T12485] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2262.009354][T12485] ? memset+0x20/0x40 [ 2262.013350][T12485] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2262.019688][T12485] ? __hrtimer_init+0x136/0x280 [ 2262.024557][T12485] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2262.030310][T12485] ? hwsim_virtio_rx_work+0x350/0x350 [ 2262.035691][T12485] ? __kmalloc_track_caller+0x1a0/0x320 [ 2262.041249][T12485] ? memcpy+0x39/0x60 [ 2262.045252][T12485] hwsim_new_radio_nl+0x9bc/0x1080 [ 2262.050385][T12485] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2262.056282][T12485] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2262.062522][T12485] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2262.069898][T12485] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2262.077189][T12485] genl_family_rcv_msg_doit+0x228/0x320 [ 2262.082743][T12485] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2262.090296][T12485] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2262.096547][T12485] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2262.102779][T12485] ? ns_capable+0xde/0x100 [ 2262.107189][T12485] genl_rcv_msg+0x328/0x580 [ 2262.111695][T12485] ? genl_get_cmd+0x480/0x480 [ 2262.116367][T12485] ? lock_downgrade+0x6e0/0x6e0 [ 2262.121208][T12485] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2262.127110][T12485] ? lock_release+0x720/0x720 [ 2262.131775][T12485] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2262.137070][T12485] netlink_rcv_skb+0x153/0x420 [ 2262.141849][T12485] ? genl_get_cmd+0x480/0x480 [ 2262.146535][T12485] ? netlink_ack+0xa60/0xa60 [ 2262.151126][T12485] ? netlink_deliver_tap+0x236/0xba0 [ 2262.156420][T12485] genl_rcv+0x24/0x40 [ 2262.160408][T12485] netlink_unicast+0x533/0x7d0 [ 2262.165187][T12485] ? netlink_attachskb+0x890/0x890 [ 2262.170293][T12485] ? __virt_addr_valid+0x5d/0x2d0 [ 2262.175583][T12485] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2262.181826][T12485] ? __phys_addr_symbol+0x2c/0x70 [ 2262.186855][T12485] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2262.192568][T12485] ? __check_object_size+0x16e/0x3f0 [ 2262.197844][T12485] netlink_sendmsg+0x85b/0xda0 [ 2262.202608][T12485] ? netlink_unicast+0x7d0/0x7d0 [ 2262.207541][T12485] ? sock_sendmsg+0x4b/0x120 [ 2262.212125][T12485] ? tomoyo_socket_sendmsg_permission+0x11d/0x3a0 [ 2262.218548][T12485] ? sock_sendmsg+0x65/0x120 [ 2262.223138][T12485] ? netlink_unicast+0x7d0/0x7d0 [ 2262.228078][T12485] sock_sendmsg+0xcf/0x120 [ 2262.232503][T12485] ____sys_sendmsg+0x6e8/0x810 [ 2262.237263][T12485] ? kernel_sendmsg+0x50/0x50 [ 2262.241947][T12485] ? do_recvmmsg+0x6d0/0x6d0 [ 2262.246549][T12485] ___sys_sendmsg+0xf3/0x170 [ 2262.251133][T12485] ? sendmsg_copy_msghdr+0x160/0x160 [ 2262.256498][T12485] ? __fget_files+0x266/0x3d0 [ 2262.261174][T12485] ? lock_downgrade+0x6e0/0x6e0 [ 2262.266017][T12485] ? futex_exit_release+0x220/0x220 [ 2262.271213][T12485] ? clockevents_program_event+0x141/0x370 [ 2262.277016][T12485] ? lock_downgrade+0x6e0/0x6e0 [ 2262.281873][T12485] ? __fget_files+0x288/0x3d0 [ 2262.286545][T12485] ? __fget_light+0xea/0x280 [ 2262.291130][T12485] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2262.297365][T12485] __sys_sendmsg+0xe5/0x1b0 [ 2262.301862][T12485] ? __sys_sendmsg_sock+0x30/0x30 [ 2262.306882][T12485] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2262.313043][T12485] ? trace_hardirqs_on+0x39/0x1c0 [ 2262.318063][T12485] ? trace_hardirqs_on+0x51/0x1c0 [ 2262.323167][T12485] ? syscall_enter_from_user_mode+0x21/0x70 [ 2262.329067][T12485] ? syscall_enter_from_user_mode+0x2b/0x70 [ 2262.334975][T12485] do_syscall_64+0x35/0xb0 [ 2262.339401][T12485] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2262.345304][T12485] RIP: 0033:0x4665d9 [ 2262.349197][T12485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2262.368802][T12485] RSP: 002b:00007f0cbc104188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2262.377214][T12485] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2262.385281][T12485] RDX: 0000000004000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2262.393244][T12485] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2262.401376][T12485] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2262.409348][T12485] R13: 00007fffc9e5e04f R14: 00007f0cbc104300 R15: 0000000000022000 [ 2262.436175][T12491] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2262.447852][T12491] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2262.469937][T12491] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2262.469937][T12491] !' [ 2262.483567][T12491] CPU: 0 PID: 12491 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 2262.493484][T12491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2262.503624][T12491] Call Trace: [ 2262.506898][T12491] dump_stack_lvl+0xcd/0x134 [ 2262.511491][T12491] sysfs_warn_dup.cold+0x1c/0x29 [ 2262.516425][T12491] sysfs_do_create_link_sd+0x11e/0x140 [ 2262.521881][T12491] sysfs_create_link+0x5f/0xc0 [ 2262.526639][T12491] device_add+0x789/0x2100 [ 2262.531208][T12491] ? mutex_lock_io_nested+0xf00/0xf00 [ 2262.536610][T12491] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2262.542151][T12491] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2262.548384][T12491] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2262.554637][T12491] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2262.560880][T12491] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2262.566863][T12491] wiphy_register+0x1e8a/0x29b0 [ 2262.571713][T12491] ? wiphy_unregister+0xbd0/0xbd0 [ 2262.576735][T12491] ? minstrel_ht_alloc+0x531/0xa00 [ 2262.581845][T12491] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2262.587919][T12491] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2262.593375][T12491] ? ieee80211_restart_hw+0x290/0x290 [ 2262.598745][T12491] ? debug_object_destroy+0x210/0x210 [ 2262.604116][T12491] ? lock_downgrade+0x6e0/0x6e0 [ 2262.609047][T12491] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2262.614696][T12491] ? memset+0x20/0x40 [ 2262.618679][T12491] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2262.624923][T12491] ? __hrtimer_init+0x136/0x280 [ 2262.629773][T12491] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2262.635497][T12491] ? hwsim_virtio_rx_work+0x350/0x350 [ 2262.640867][T12491] ? __kmalloc_track_caller+0x1a0/0x320 [ 2262.646411][T12491] ? memcpy+0x39/0x60 [ 2262.650398][T12491] hwsim_new_radio_nl+0x9bc/0x1080 [ 2262.655531][T12491] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2262.661456][T12491] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2262.667786][T12491] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2262.675161][T12491] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2262.682445][T12491] genl_family_rcv_msg_doit+0x228/0x320 [ 2262.687993][T12491] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2262.695364][T12491] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2262.701604][T12491] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2262.707839][T12491] ? ns_capable+0xde/0x100 [ 2262.712254][T12491] genl_rcv_msg+0x328/0x580 [ 2262.716755][T12491] ? genl_get_cmd+0x480/0x480 [ 2262.721457][T12491] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2262.727354][T12491] ? lock_release+0x720/0x720 [ 2262.732023][T12491] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2262.737392][T12491] ? trace_hardirqs_on+0x5b/0x1c0 [ 2262.742413][T12491] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2262.748127][T12491] netlink_rcv_skb+0x153/0x420 [ 2262.752888][T12491] ? genl_get_cmd+0x480/0x480 [ 2262.757559][T12491] ? netlink_ack+0xa60/0xa60 [ 2262.762146][T12491] ? netlink_deliver_tap+0x236/0xba0 [ 2262.767427][T12491] genl_rcv+0x24/0x40 [ 2262.771404][T12491] netlink_unicast+0x533/0x7d0 [ 2262.776169][T12491] ? netlink_attachskb+0x890/0x890 [ 2262.781297][T12491] ? __virt_addr_valid+0x5d/0x2d0 [ 2262.786318][T12491] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2262.792551][T12491] ? __phys_addr_symbol+0x2c/0x70 [ 2262.797582][T12491] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2262.803296][T12491] ? __check_object_size+0x16e/0x3f0 [ 2262.808574][T12491] netlink_sendmsg+0x85b/0xda0 [ 2262.813351][T12491] ? netlink_unicast+0x7d0/0x7d0 [ 2262.818296][T12491] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2262.824532][T12491] ? netlink_unicast+0x7d0/0x7d0 [ 2262.829464][T12491] sock_sendmsg+0xcf/0x120 [ 2262.833879][T12491] ____sys_sendmsg+0x6e8/0x810 [ 2262.838640][T12491] ? kernel_sendmsg+0x50/0x50 [ 2262.843414][T12491] ? do_recvmmsg+0x6d0/0x6d0 [ 2262.848017][T12491] ? tomoyo_path_number_perm+0x204/0x590 [ 2262.853663][T12491] ? kfree+0xeb/0x670 [ 2262.857641][T12491] ? tomoyo_path_number_perm+0x441/0x590 [ 2262.863279][T12491] ___sys_sendmsg+0xf3/0x170 [ 2262.867954][T12491] ? sendmsg_copy_msghdr+0x160/0x160 [ 2262.873237][T12491] ? __fget_files+0x266/0x3d0 [ 2262.877909][T12491] ? lock_downgrade+0x6e0/0x6e0 [ 2262.882753][T12491] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2262.888644][T12491] ? do_vfs_ioctl+0x132/0x15d0 [ 2262.893404][T12491] ? __fget_files+0x288/0x3d0 [ 2262.898082][T12491] ? __fget_light+0xea/0x280 [ 2262.902669][T12491] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2262.908904][T12491] __sys_sendmsg+0xe5/0x1b0 [ 2262.913409][T12491] ? __sys_sendmsg_sock+0x30/0x30 [ 2262.918440][T12491] ? syscall_enter_from_user_mode+0x21/0x70 [ 2262.924332][T12491] ? trace_hardirqs_on+0x5b/0x1c0 [ 2262.929364][T12491] do_syscall_64+0x35/0xb0 [ 2262.933776][T12491] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2262.939674][T12491] RIP: 0033:0x4665d9 [ 2262.943585][T12491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2262.963273][T12491] RSP: 002b:00007f2f41c71188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2262.971764][T12491] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2262.979737][T12491] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2262.987874][T12491] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2262.995835][T12491] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2263.003793][T12491] R13: 00007ffcab19058f R14: 00007f2f41c71300 R15: 0000000000022000 03:46:46 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0xfffff000}, 0x0) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x2000) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) [ 2263.095765][T12509] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 2263.114077][T12509] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2263.242323][T12510] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 2263.250495][T12510] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2263.268337][T12510] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2263.268337][T12510] !' [ 2263.280323][T12510] CPU: 1 PID: 12510 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2263.290148][T12510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2263.300195][T12510] Call Trace: [ 2263.303558][T12510] dump_stack_lvl+0xcd/0x134 [ 2263.308143][T12510] sysfs_warn_dup.cold+0x1c/0x29 [ 2263.313082][T12510] sysfs_do_create_link_sd+0x11e/0x140 [ 2263.318567][T12510] sysfs_create_link+0x5f/0xc0 [ 2263.323408][T12510] device_add+0x789/0x2100 [ 2263.327813][T12510] ? mutex_lock_io_nested+0xf00/0xf00 [ 2263.333175][T12510] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2263.339385][T12510] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2263.345676][T12510] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2263.351949][T12510] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2263.358201][T12510] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2263.364208][T12510] wiphy_register+0x1e8a/0x29b0 [ 2263.369166][T12510] ? wiphy_unregister+0xbd0/0xbd0 [ 2263.374203][T12510] ? minstrel_ht_alloc+0x531/0xa00 [ 2263.379316][T12510] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2263.385493][T12510] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2263.390956][T12510] ? ieee80211_restart_hw+0x290/0x290 [ 2263.396343][T12510] ? debug_object_destroy+0x210/0x210 [ 2263.401715][T12510] ? lock_downgrade+0x6e0/0x6e0 [ 2263.406577][T12510] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2263.412034][T12510] ? memset+0x20/0x40 [ 2263.416012][T12510] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2263.422264][T12510] ? __hrtimer_init+0x136/0x280 [ 2263.427136][T12510] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2263.432860][T12510] ? hwsim_virtio_rx_work+0x350/0x350 [ 2263.438237][T12510] ? __kmalloc_track_caller+0x1a0/0x320 [ 2263.443796][T12510] ? memcpy+0x39/0x60 [ 2263.447781][T12510] hwsim_new_radio_nl+0x9bc/0x1080 [ 2263.452902][T12510] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2263.458799][T12510] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2263.465043][T12510] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2263.472420][T12510] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2263.479718][T12510] genl_family_rcv_msg_doit+0x228/0x320 [ 2263.485438][T12510] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2263.492808][T12510] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2263.499046][T12510] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2263.505294][T12510] ? ns_capable+0xde/0x100 [ 2263.509805][T12510] genl_rcv_msg+0x328/0x580 [ 2263.514303][T12510] ? genl_get_cmd+0x480/0x480 [ 2263.518979][T12510] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2263.524887][T12510] ? lock_release+0x720/0x720 [ 2263.529565][T12510] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2263.534847][T12510] ? trace_hardirqs_on+0x5b/0x1c0 [ 2263.539883][T12510] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2263.545598][T12510] netlink_rcv_skb+0x153/0x420 [ 2263.550461][T12510] ? genl_get_cmd+0x480/0x480 [ 2263.555133][T12510] ? netlink_ack+0xa60/0xa60 [ 2263.559732][T12510] ? netlink_deliver_tap+0x236/0xba0 [ 2263.565016][T12510] genl_rcv+0x24/0x40 [ 2263.568995][T12510] netlink_unicast+0x533/0x7d0 [ 2263.573758][T12510] ? netlink_attachskb+0x890/0x890 [ 2263.578869][T12510] ? __virt_addr_valid+0x5d/0x2d0 [ 2263.583914][T12510] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2263.590151][T12510] ? __phys_addr_symbol+0x2c/0x70 [ 2263.595169][T12510] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2263.600879][T12510] ? __check_object_size+0x16e/0x3f0 [ 2263.606158][T12510] netlink_sendmsg+0x85b/0xda0 [ 2263.610921][T12510] ? netlink_unicast+0x7d0/0x7d0 [ 2263.615857][T12510] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2263.622117][T12510] ? netlink_unicast+0x7d0/0x7d0 [ 2263.627063][T12510] sock_sendmsg+0xcf/0x120 [ 2263.631478][T12510] ____sys_sendmsg+0x6e8/0x810 [ 2263.636250][T12510] ? kernel_sendmsg+0x50/0x50 [ 2263.640934][T12510] ? do_recvmmsg+0x6d0/0x6d0 [ 2263.645519][T12510] ? tomoyo_path_number_perm+0x204/0x590 [ 2263.651157][T12510] ? kfree+0xeb/0x670 [ 2263.655132][T12510] ? tomoyo_path_number_perm+0x441/0x590 [ 2263.660764][T12510] ___sys_sendmsg+0xf3/0x170 [ 2263.665352][T12510] ? sendmsg_copy_msghdr+0x160/0x160 [ 2263.670642][T12510] ? __fget_files+0x266/0x3d0 [ 2263.675324][T12510] ? lock_downgrade+0x6e0/0x6e0 [ 2263.680181][T12510] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2263.686086][T12510] ? do_vfs_ioctl+0x132/0x15d0 [ 2263.690868][T12510] ? __fget_files+0x288/0x3d0 [ 2263.695553][T12510] ? __fget_light+0xea/0x280 [ 2263.700138][T12510] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2263.706375][T12510] __sys_sendmsg+0xe5/0x1b0 [ 2263.710886][T12510] ? __sys_sendmsg_sock+0x30/0x30 [ 2263.715910][T12510] ? syscall_enter_from_user_mode+0x21/0x70 [ 2263.721798][T12510] ? trace_hardirqs_on+0x5b/0x1c0 [ 2263.726820][T12510] do_syscall_64+0x35/0xb0 [ 2263.731237][T12510] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2263.737127][T12510] RIP: 0033:0x4665d9 [ 2263.741012][T12510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2263.760814][T12510] RSP: 002b:00007f0cbc0c2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2263.769236][T12510] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2263.777380][T12510] RDX: 0000000004000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2263.785343][T12510] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 03:46:46 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x7000000) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:46 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc50xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2264.692263][T12542] RSP: 002b:00007f571d74c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2264.700669][T12542] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2264.708627][T12542] RDX: 0000000000004000 RSI: 0000000020000000 RDI: 0000000000000003 [ 2264.716599][T12542] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2264.724578][T12542] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2264.732983][T12542] R13: 00007ffe36affebf R14: 00007f571d74c300 R15: 0000000000022000 03:46:47 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0xa1ffffff00000000) [ 2264.857227][T12547] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 2264.869774][T12547] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.0'. 03:46:48 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0xf5ffffff00000000) 03:46:48 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0xfdfdffff00000000) [ 2265.368693][T12547] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2265.368693][T12547] !' [ 2265.386963][T12547] CPU: 0 PID: 12547 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 2265.396810][T12547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2265.406876][T12547] Call Trace: [ 2265.410249][T12547] dump_stack_lvl+0xcd/0x134 [ 2265.414848][T12547] sysfs_warn_dup.cold+0x1c/0x29 [ 2265.419776][T12547] sysfs_do_create_link_sd+0x11e/0x140 [ 2265.425240][T12547] sysfs_create_link+0x5f/0xc0 [ 2265.429992][T12547] device_add+0x789/0x2100 [ 2265.434409][T12547] ? mutex_lock_io_nested+0xf00/0xf00 [ 2265.439769][T12547] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2265.445316][T12547] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2265.451813][T12547] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2265.458133][T12547] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2265.464364][T12547] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2265.470593][T12547] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2265.476563][T12547] wiphy_register+0x1e8a/0x29b0 [ 2265.481415][T12547] ? wiphy_unregister+0xbd0/0xbd0 [ 2265.486429][T12547] ? minstrel_ht_alloc+0x531/0xa00 [ 2265.491525][T12547] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2265.497582][T12547] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2265.503032][T12547] ? ieee80211_restart_hw+0x290/0x290 [ 2265.508390][T12547] ? debug_object_destroy+0x210/0x210 [ 2265.513749][T12547] ? lock_downgrade+0x6e0/0x6e0 [ 2265.518583][T12547] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2265.524054][T12547] ? memset+0x20/0x40 [ 2265.528044][T12547] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2265.534275][T12547] ? __hrtimer_init+0x136/0x280 [ 2265.539211][T12547] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2265.544931][T12547] ? hwsim_virtio_rx_work+0x350/0x350 [ 2265.550307][T12547] ? __kmalloc_track_caller+0x1a0/0x320 [ 2265.555841][T12547] ? memcpy+0x39/0x60 [ 2265.559815][T12547] hwsim_new_radio_nl+0x9bc/0x1080 [ 2265.564915][T12547] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2265.570884][T12547] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2265.577111][T12547] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2265.584474][T12547] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2265.591747][T12547] genl_family_rcv_msg_doit+0x228/0x320 [ 2265.597280][T12547] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2265.604642][T12547] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2265.610894][T12547] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2265.617121][T12547] ? ns_capable+0xde/0x100 [ 2265.621529][T12547] genl_rcv_msg+0x328/0x580 [ 2265.626019][T12547] ? genl_get_cmd+0x480/0x480 [ 2265.630688][T12547] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2265.636603][T12547] ? lock_release+0x720/0x720 [ 2265.641297][T12547] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2265.646587][T12547] ? trace_hardirqs_on+0x5b/0x1c0 [ 2265.651603][T12547] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2265.657323][T12547] netlink_rcv_skb+0x153/0x420 [ 2265.662163][T12547] ? genl_get_cmd+0x480/0x480 [ 2265.666835][T12547] ? netlink_ack+0xa60/0xa60 [ 2265.671423][T12547] ? netlink_deliver_tap+0x236/0xba0 [ 2265.676706][T12547] genl_rcv+0x24/0x40 [ 2265.680777][T12547] netlink_unicast+0x533/0x7d0 [ 2265.685559][T12547] ? netlink_attachskb+0x890/0x890 [ 2265.690671][T12547] ? __virt_addr_valid+0x5d/0x2d0 [ 2265.695685][T12547] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2265.701917][T12547] ? __phys_addr_symbol+0x2c/0x70 [ 2265.706956][T12547] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2265.712672][T12547] ? __check_object_size+0x16e/0x3f0 [ 2265.717953][T12547] netlink_sendmsg+0x85b/0xda0 [ 2265.722716][T12547] ? netlink_unicast+0x7d0/0x7d0 [ 2265.727657][T12547] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2265.733901][T12547] ? netlink_unicast+0x7d0/0x7d0 [ 2265.739103][T12547] sock_sendmsg+0xcf/0x120 [ 2265.743610][T12547] ____sys_sendmsg+0x6e8/0x810 [ 2265.748393][T12547] ? kernel_sendmsg+0x50/0x50 [ 2265.753146][T12547] ? do_recvmmsg+0x6d0/0x6d0 [ 2265.757823][T12547] ? fs_reclaim_release+0x9c/0xf0 [ 2265.762862][T12547] ? lock_downgrade+0x6e0/0x6e0 [ 2265.767710][T12547] ___sys_sendmsg+0xf3/0x170 [ 2265.772304][T12547] ? sendmsg_copy_msghdr+0x160/0x160 [ 2265.777585][T12547] ? __fget_files+0x266/0x3d0 [ 2265.782276][T12547] ? lock_downgrade+0x6e0/0x6e0 [ 2265.787118][T12547] ? futex_exit_release+0x220/0x220 [ 2265.792318][T12547] ? alloc_empty_file+0xd7/0x170 [ 2265.797534][T12547] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2265.803805][T12547] ? __fget_files+0x288/0x3d0 [ 2265.808479][T12547] ? __fget_light+0xea/0x280 [ 2265.813062][T12547] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2265.819299][T12547] __sys_sendmsg+0xe5/0x1b0 [ 2265.823815][T12547] ? __sys_sendmsg_sock+0x30/0x30 [ 2265.828842][T12547] ? syscall_enter_from_user_mode+0x21/0x70 [ 2265.834732][T12547] ? trace_hardirqs_on+0x5b/0x1c0 [ 2265.839847][T12547] do_syscall_64+0x35/0xb0 [ 2265.844290][T12547] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2265.850188][T12547] RIP: 0033:0x4665d9 [ 2265.854074][T12547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2265.873770][T12547] RSP: 002b:00007f571d72b188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2265.882176][T12547] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 2265.890286][T12547] RDX: 0000000000004000 RSI: 0000000020000000 RDI: 0000000000000003 [ 2265.898404][T12547] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2265.906377][T12547] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038 03:46:48 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x6000) socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) 03:46:48 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)=0xff00000000000000) 03:46:48 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2266.505756][T12567] RSP: 002b:00007f2f41cb3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2266.514276][T12567] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2266.522419][T12567] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2266.530556][T12567] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2266.538573][T12567] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2266.546563][T12567] R13: 00007ffcab19058f R14: 00007f2f41cb3300 R15: 0000000000022000 [ 2266.835218][T12588] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 2266.846853][T12588] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2266.858722][T12588] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2266.858722][T12588] !' [ 2266.869224][T12588] CPU: 1 PID: 12588 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2266.879667][T12588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2266.890026][T12588] Call Trace: [ 2266.893328][T12588] dump_stack_lvl+0xcd/0x134 [ 2266.897912][T12588] sysfs_warn_dup.cold+0x1c/0x29 [ 2266.902860][T12588] sysfs_do_create_link_sd+0x11e/0x140 [ 2266.908329][T12588] sysfs_create_link+0x5f/0xc0 [ 2266.913178][T12588] device_add+0x789/0x2100 [ 2266.917592][T12588] ? mutex_lock_io_nested+0xf00/0xf00 [ 2266.922961][T12588] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2266.928506][T12588] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2266.935619][T12588] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2266.941980][T12588] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2266.949190][T12588] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2266.955523][T12588] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2266.961505][T12588] wiphy_register+0x1e8a/0x29b0 [ 2266.966374][T12588] ? wiphy_unregister+0xbd0/0xbd0 [ 2266.971401][T12588] ? minstrel_ht_alloc+0x531/0xa00 [ 2266.976517][T12588] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2266.982673][T12588] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2266.988138][T12588] ? ieee80211_restart_hw+0x290/0x290 [ 2266.993526][T12588] ? debug_object_destroy+0x210/0x210 [ 2266.998910][T12588] ? lock_downgrade+0x6e0/0x6e0 [ 2267.003762][T12588] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2267.009249][T12588] ? memset+0x20/0x40 [ 2267.013293][T12588] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2267.019532][T12588] ? __hrtimer_init+0x136/0x280 [ 2267.024487][T12588] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2267.030217][T12588] ? hwsim_virtio_rx_work+0x350/0x350 [ 2267.035588][T12588] ? __kmalloc_track_caller+0x1a0/0x320 [ 2267.041215][T12588] ? memcpy+0x39/0x60 [ 2267.045284][T12588] hwsim_new_radio_nl+0x9bc/0x1080 [ 2267.050483][T12588] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2267.056383][T12588] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2267.063318][T12588] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2267.070779][T12588] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2267.078169][T12588] genl_family_rcv_msg_doit+0x228/0x320 [ 2267.083717][T12588] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2267.091178][T12588] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2267.097435][T12588] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2267.103671][T12588] ? ns_capable+0xde/0x100 [ 2267.108082][T12588] genl_rcv_msg+0x328/0x580 [ 2267.112584][T12588] ? genl_get_cmd+0x480/0x480 [ 2267.117260][T12588] ? lock_downgrade+0x6e0/0x6e0 [ 2267.122162][T12588] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2267.128232][T12588] ? lock_release+0x720/0x720 [ 2267.132927][T12588] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2267.138350][T12588] netlink_rcv_skb+0x153/0x420 [ 2267.143133][T12588] ? genl_get_cmd+0x480/0x480 [ 2267.147811][T12588] ? netlink_ack+0xa60/0xa60 [ 2267.152402][T12588] ? netlink_deliver_tap+0x236/0xba0 [ 2267.157878][T12588] genl_rcv+0x24/0x40 [ 2267.161874][T12588] netlink_unicast+0x533/0x7d0 [ 2267.166822][T12588] ? netlink_attachskb+0x890/0x890 [ 2267.171946][T12588] ? __virt_addr_valid+0x5d/0x2d0 [ 2267.176970][T12588] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2267.183208][T12588] ? __phys_addr_symbol+0x2c/0x70 [ 2267.188519][T12588] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2267.194231][T12588] ? __check_object_size+0x16e/0x3f0 [ 2267.199530][T12588] netlink_sendmsg+0x85b/0xda0 [ 2267.204294][T12588] ? netlink_unicast+0x7d0/0x7d0 [ 2267.209228][T12588] ? bpf_lsm_socket_accept+0x10/0x10 [ 2267.214510][T12588] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2267.220769][T12588] ? netlink_unicast+0x7d0/0x7d0 [ 2267.225707][T12588] sock_sendmsg+0xcf/0x120 [ 2267.230122][T12588] ____sys_sendmsg+0x6e8/0x810 [ 2267.234887][T12588] ? kernel_sendmsg+0x50/0x50 [ 2267.239578][T12588] ? do_recvmmsg+0x6d0/0x6d0 [ 2267.244162][T12588] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2267.250322][T12588] ___sys_sendmsg+0xf3/0x170 [ 2267.254909][T12588] ? sendmsg_copy_msghdr+0x160/0x160 [ 2267.260192][T12588] ? __fget_files+0x266/0x3d0 [ 2267.264871][T12588] ? lock_downgrade+0x6e0/0x6e0 [ 2267.269727][T12588] ? futex_exit_release+0x220/0x220 [ 2267.274926][T12588] ? clockevents_program_event+0x141/0x370 [ 2267.280733][T12588] ? lock_downgrade+0x6e0/0x6e0 [ 2267.285589][T12588] ? __fget_files+0x288/0x3d0 [ 2267.290263][T12588] ? __fget_light+0xea/0x280 [ 2267.294854][T12588] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2267.301099][T12588] __sys_sendmsg+0xe5/0x1b0 [ 2267.305603][T12588] ? __sys_sendmsg_sock+0x30/0x30 [ 2267.310626][T12588] ? syscall_enter_from_user_mode+0x21/0x70 [ 2267.316520][T12588] ? trace_hardirqs_on+0x5b/0x1c0 [ 2267.321543][T12588] do_syscall_64+0x35/0xb0 [ 2267.325955][T12588] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2267.331935][T12588] RIP: 0033:0x4665d9 [ 2267.335832][T12588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2267.355446][T12588] RSP: 002b:00007f0cbc104188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2267.363856][T12588] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2267.371820][T12588] RDX: 0000000007000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2267.379879][T12588] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2267.387856][T12588] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2267.395815][T12588] R13: 00007fffc9e5e04f R14: 00007f0cbc104300 R15: 0000000000022000 [ 2267.415914][T12593] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2267.424315][T12593] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2267.448764][T12593] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2267.448764][T12593] !' [ 2267.460370][T12593] CPU: 1 PID: 12593 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 2267.470200][T12593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2267.480791][T12593] Call Trace: [ 2267.484060][T12593] dump_stack_lvl+0xcd/0x134 [ 2267.488645][T12593] sysfs_warn_dup.cold+0x1c/0x29 [ 2267.493593][T12593] sysfs_do_create_link_sd+0x11e/0x140 [ 2267.499066][T12593] sysfs_create_link+0x5f/0xc0 [ 2267.503831][T12593] device_add+0x789/0x2100 [ 2267.508308][T12593] ? mutex_lock_io_nested+0xf00/0xf00 [ 2267.513681][T12593] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2267.519449][T12593] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2267.525959][T12593] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2267.532204][T12593] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2267.538488][T12593] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2267.544727][T12593] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2267.550709][T12593] wiphy_register+0x1e8a/0x29b0 [ 2267.555755][T12593] ? wiphy_unregister+0xbd0/0xbd0 [ 2267.560795][T12593] ? minstrel_ht_alloc+0x531/0xa00 [ 2267.565930][T12593] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2267.572004][T12593] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2267.577479][T12593] ? ieee80211_restart_hw+0x290/0x290 [ 2267.582864][T12593] ? debug_object_destroy+0x210/0x210 [ 2267.588245][T12593] ? lock_downgrade+0x6e0/0x6e0 [ 2267.593105][T12593] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2267.598565][T12593] ? memset+0x20/0x40 [ 2267.602550][T12593] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2267.608787][T12593] ? __hrtimer_init+0x136/0x280 [ 2267.613636][T12593] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2267.619365][T12593] ? hwsim_virtio_rx_work+0x350/0x350 [ 2267.624737][T12593] ? __kmalloc_track_caller+0x1a0/0x320 [ 2267.630281][T12593] ? memcpy+0x39/0x60 [ 2267.634270][T12593] hwsim_new_radio_nl+0x9bc/0x1080 [ 2267.639403][T12593] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2267.645579][T12593] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2267.651835][T12593] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2267.659213][T12593] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2267.666534][T12593] genl_family_rcv_msg_doit+0x228/0x320 [ 2267.672084][T12593] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2267.679464][T12593] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2267.685707][T12593] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2267.691952][T12593] ? ns_capable+0xde/0x100 [ 2267.696369][T12593] genl_rcv_msg+0x328/0x580 [ 2267.700878][T12593] ? genl_get_cmd+0x480/0x480 [ 2267.705560][T12593] ? lock_downgrade+0x6e0/0x6e0 [ 2267.710414][T12593] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2267.716311][T12593] ? lock_release+0x720/0x720 [ 2267.720997][T12593] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2267.726286][T12593] netlink_rcv_skb+0x153/0x420 [ 2267.731050][T12593] ? genl_get_cmd+0x480/0x480 [ 2267.735727][T12593] ? netlink_ack+0xa60/0xa60 [ 2267.740406][T12593] ? netlink_deliver_tap+0x236/0xba0 [ 2267.745692][T12593] genl_rcv+0x24/0x40 [ 2267.749686][T12593] netlink_unicast+0x533/0x7d0 [ 2267.754454][T12593] ? netlink_attachskb+0x890/0x890 [ 2267.759566][T12593] ? __virt_addr_valid+0x5d/0x2d0 [ 2267.764787][T12593] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2267.771058][T12593] ? __phys_addr_symbol+0x2c/0x70 [ 2267.776094][T12593] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2267.781814][T12593] ? __check_object_size+0x16e/0x3f0 [ 2267.787270][T12593] netlink_sendmsg+0x85b/0xda0 [ 2267.792041][T12593] ? netlink_unicast+0x7d0/0x7d0 [ 2267.796977][T12593] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2267.803329][T12593] ? netlink_unicast+0x7d0/0x7d0 [ 2267.808279][T12593] sock_sendmsg+0xcf/0x120 [ 2267.812803][T12593] ____sys_sendmsg+0x6e8/0x810 [ 2267.817587][T12593] ? kernel_sendmsg+0x50/0x50 [ 2267.822263][T12593] ? do_recvmmsg+0x6d0/0x6d0 [ 2267.826853][T12593] ? tomoyo_path_number_perm+0x204/0x590 [ 2267.833018][T12593] ? kfree+0xeb/0x670 [ 2267.836994][T12593] ? tomoyo_path_number_perm+0x441/0x590 [ 2267.842651][T12593] ___sys_sendmsg+0xf3/0x170 [ 2267.847264][T12593] ? sendmsg_copy_msghdr+0x160/0x160 [ 2267.852553][T12593] ? kasan_save_stack+0x1b/0x40 [ 2267.857426][T12593] ? __fget_files+0x266/0x3d0 [ 2267.862103][T12593] ? lock_downgrade+0x6e0/0x6e0 [ 2267.866957][T12593] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2267.873040][T12593] ? do_vfs_ioctl+0x132/0x15d0 [ 2267.877806][T12593] ? __fget_files+0x288/0x3d0 [ 2267.882488][T12593] ? __fget_light+0xea/0x280 [ 2267.887076][T12593] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2267.893333][T12593] __sys_sendmsg+0xe5/0x1b0 [ 2267.897844][T12593] ? __sys_sendmsg_sock+0x30/0x30 [ 2267.902872][T12593] ? syscall_enter_from_user_mode+0x21/0x70 [ 2267.908868][T12593] ? trace_hardirqs_on+0x5b/0x1c0 [ 2267.913902][T12593] do_syscall_64+0x35/0xb0 [ 2267.918311][T12593] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2267.924292][T12593] RIP: 0033:0x4665d9 [ 2267.928177][T12593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2267.947783][T12593] RSP: 002b:00007f2f41c71188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2267.956378][T12593] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2267.964864][T12593] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2267.972828][T12593] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2267.980789][T12593] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2267.988753][T12593] R13: 00007ffcab19058f R14: 00007f2f41c71300 R15: 0000000000022000 [ 2268.007668][T12590] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 2268.032509][T12590] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. 03:46:51 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0xffffff7f}, 0x0) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x2000) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) [ 2268.051283][T12590] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2268.051283][T12590] !' [ 2268.065562][T12590] CPU: 0 PID: 12590 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2268.075931][T12590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2268.086087][T12590] Call Trace: [ 2268.089372][T12590] dump_stack_lvl+0xcd/0x134 [ 2268.093989][T12590] sysfs_warn_dup.cold+0x1c/0x29 [ 2268.099028][T12590] sysfs_do_create_link_sd+0x11e/0x140 [ 2268.104504][T12590] sysfs_create_link+0x5f/0xc0 [ 2268.109298][T12590] device_add+0x789/0x2100 [ 2268.113721][T12590] ? mutex_lock_io_nested+0xf00/0xf00 [ 2268.119098][T12590] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2268.124639][T12590] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2268.131325][T12590] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2268.137584][T12590] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2268.143842][T12590] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2268.150090][T12590] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2268.156093][T12590] wiphy_register+0x1e8a/0x29b0 [ 2268.161043][T12590] ? wiphy_unregister+0xbd0/0xbd0 [ 2268.166065][T12590] ? minstrel_ht_alloc+0x531/0xa00 [ 2268.171186][T12590] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2268.177256][T12590] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2268.182718][T12590] ? ieee80211_restart_hw+0x290/0x290 [ 2268.188087][T12590] ? debug_object_destroy+0x210/0x210 [ 2268.193459][T12590] ? lock_downgrade+0x6e0/0x6e0 [ 2268.198311][T12590] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2268.203767][T12590] ? memset+0x20/0x40 [ 2268.207750][T12590] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2268.213986][T12590] ? __hrtimer_init+0x136/0x280 [ 2268.218838][T12590] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2268.224566][T12590] ? hwsim_virtio_rx_work+0x350/0x350 [ 2268.229937][T12590] ? __kmalloc_track_caller+0x1a0/0x320 [ 2268.235479][T12590] ? memcpy+0x39/0x60 [ 2268.239461][T12590] hwsim_new_radio_nl+0x9bc/0x1080 [ 2268.244583][T12590] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2268.250486][T12590] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2268.256738][T12590] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2268.264112][T12590] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2268.271399][T12590] genl_family_rcv_msg_doit+0x228/0x320 [ 2268.276945][T12590] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2268.284320][T12590] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2268.290567][T12590] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2268.296806][T12590] ? ns_capable+0xde/0x100 [ 2268.301306][T12590] genl_rcv_msg+0x328/0x580 [ 2268.305825][T12590] ? genl_get_cmd+0x480/0x480 [ 2268.310605][T12590] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2268.316502][T12590] ? lock_release+0x720/0x720 [ 2268.321187][T12590] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2268.326475][T12590] netlink_rcv_skb+0x153/0x420 [ 2268.331239][T12590] ? genl_get_cmd+0x480/0x480 [ 2268.335912][T12590] ? netlink_ack+0xa60/0xa60 [ 2268.340516][T12590] ? netlink_deliver_tap+0x236/0xba0 [ 2268.345801][T12590] genl_rcv+0x24/0x40 [ 2268.349780][T12590] netlink_unicast+0x533/0x7d0 [ 2268.354646][T12590] ? netlink_attachskb+0x890/0x890 [ 2268.359760][T12590] ? __check_object_size+0x16e/0x3f0 [ 2268.365046][T12590] netlink_sendmsg+0x85b/0xda0 [ 2268.369809][T12590] ? netlink_unicast+0x7d0/0x7d0 [ 2268.374755][T12590] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2268.380994][T12590] ? netlink_unicast+0x7d0/0x7d0 [ 2268.385927][T12590] sock_sendmsg+0xcf/0x120 [ 2268.390349][T12590] ____sys_sendmsg+0x6e8/0x810 [ 2268.395203][T12590] ? kernel_sendmsg+0x50/0x50 [ 2268.399965][T12590] ? do_recvmmsg+0x6d0/0x6d0 [ 2268.404554][T12590] ___sys_sendmsg+0xf3/0x170 [ 2268.409162][T12590] ? sendmsg_copy_msghdr+0x160/0x160 [ 2268.414442][T12590] ? __fget_files+0x266/0x3d0 [ 2268.419132][T12590] ? lock_downgrade+0x6e0/0x6e0 [ 2268.423977][T12590] ? futex_exit_release+0x220/0x220 [ 2268.429190][T12590] ? clockevents_program_event+0x141/0x370 [ 2268.436001][T12590] ? lock_downgrade+0x6e0/0x6e0 [ 2268.440853][T12590] ? __fget_files+0x288/0x3d0 [ 2268.445529][T12590] ? __fget_light+0xea/0x280 [ 2268.450114][T12590] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2268.456352][T12590] __sys_sendmsg+0xe5/0x1b0 [ 2268.460851][T12590] ? __sys_sendmsg_sock+0x30/0x30 [ 2268.465892][T12590] ? syscall_enter_from_user_mode+0x21/0x70 [ 2268.471959][T12590] ? trace_hardirqs_on+0x5b/0x1c0 [ 2268.476980][T12590] do_syscall_64+0x35/0xb0 [ 2268.481395][T12590] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2268.487289][T12590] RIP: 0033:0x4665d9 [ 2268.491192][T12590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2268.511846][T12590] RSP: 002b:00007f0cbc0e3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2268.520277][T12590] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 2268.528243][T12590] RDX: 0000000007000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2268.536213][T12590] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2268.544187][T12590] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038 [ 2268.552177][T12590] R13: 00007fffc9e5e04f R14: 00007f0cbc0e3300 R15: 0000000000022000 03:46:51 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x8000000) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:51 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) [ 2268.575436][T12608] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 2268.594339][T12608] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2268.798273][T12636] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 2268.806586][T12636] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. 03:46:51 executing program 2: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011210a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) gettid() r1 = socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000001180)=[{&(0x7f0000000dc0)=""/132, 0x84}, {&(0x7f0000000f00)=""/103, 0x67}, {&(0x7f0000001040)=""/177, 0xb1}, {0x0}], 0x4}, 0x2000) socket$kcm(0x29, 0x0, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:51 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc50xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2269.501303][T12649] RSP: 002b:00007f571d74c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2269.509710][T12649] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2269.517847][T12649] RDX: 0000000000006000 RSI: 0000000020000000 RDI: 0000000000000003 [ 2269.525809][T12649] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2269.533775][T12649] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2269.541735][T12649] R13: 00007ffe36affebf R14: 00007f571d74c300 R15: 0000000000022000 [ 2269.600961][T12651] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 2269.614770][T12651] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.0'. 03:46:52 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xa, 0x4, &(0x7f0000000380)=@raw=[@generic={0x3f, 0x6, 0x0, 0x8, 0x5}, @initr0={0x18, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0xb625}, @ldst={0x1, 0x1, 0x3, 0x4, 0xb, 0x4, 0xfffffffffffffff0}], &(0x7f0000000000)='syzkaller\x00', 0x5, 0x66, &(0x7f0000000180)=""/102, 0x41100, 0x18, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x9, 0x3}, 0x8, 0x10, &(0x7f00000002c0)={0x4, 0xc, 0x6, 0x4}, 0x10, 0xffffffffffffffff}, 0x78) [ 2269.650618][T12651] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2269.650618][T12651] !' [ 2269.710278][T12651] CPU: 1 PID: 12651 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 2269.720119][T12651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2269.730180][T12651] Call Trace: [ 2269.733464][T12651] dump_stack_lvl+0xcd/0x134 [ 2269.738066][T12651] sysfs_warn_dup.cold+0x1c/0x29 [ 2269.743036][T12651] sysfs_do_create_link_sd+0x11e/0x140 [ 2269.748509][T12651] sysfs_create_link+0x5f/0xc0 [ 2269.753284][T12651] device_add+0x789/0x2100 [ 2269.757707][T12651] ? mutex_lock_io_nested+0xf00/0xf00 [ 2269.763119][T12651] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2269.768676][T12651] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2269.775195][T12651] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2269.781436][T12651] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2269.787675][T12651] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2269.793913][T12651] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2269.799900][T12651] wiphy_register+0x1e8a/0x29b0 [ 2269.804753][T12651] ? wiphy_unregister+0xbd0/0xbd0 [ 2269.809776][T12651] ? minstrel_ht_alloc+0x531/0xa00 [ 2269.814886][T12651] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2269.820966][T12651] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2269.826439][T12651] ? ieee80211_restart_hw+0x290/0x290 [ 2269.831821][T12651] ? debug_object_destroy+0x210/0x210 [ 2269.837197][T12651] ? lock_downgrade+0x6e0/0x6e0 [ 2269.842046][T12651] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2269.847499][T12651] ? memset+0x20/0x40 [ 2269.851483][T12651] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2269.857720][T12651] ? __hrtimer_init+0x136/0x280 [ 2269.862569][T12651] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2269.868297][T12651] ? hwsim_virtio_rx_work+0x350/0x350 [ 2269.873671][T12651] ? __kmalloc_track_caller+0x1a0/0x320 [ 2269.879213][T12651] ? memcpy+0x39/0x60 [ 2269.883201][T12651] hwsim_new_radio_nl+0x9bc/0x1080 [ 2269.888323][T12651] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2269.894220][T12651] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2269.900457][T12651] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2269.907837][T12651] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2269.915122][T12651] genl_family_rcv_msg_doit+0x228/0x320 [ 2269.920667][T12651] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2269.928047][T12651] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2269.934286][T12651] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2269.940520][T12651] ? ns_capable+0xde/0x100 [ 2269.945015][T12651] genl_rcv_msg+0x328/0x580 [ 2269.949516][T12651] ? genl_get_cmd+0x480/0x480 [ 2269.954191][T12651] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2269.960085][T12651] ? lock_release+0x720/0x720 [ 2269.964755][T12651] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2269.970039][T12651] ? trace_hardirqs_on+0x5b/0x1c0 [ 2269.975055][T12651] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2269.980774][T12651] netlink_rcv_skb+0x153/0x420 [ 2269.985532][T12651] ? genl_get_cmd+0x480/0x480 [ 2269.990215][T12651] ? netlink_ack+0xa60/0xa60 [ 2269.995415][T12651] ? netlink_deliver_tap+0x236/0xba0 [ 2270.000698][T12651] genl_rcv+0x24/0x40 [ 2270.004686][T12651] netlink_unicast+0x533/0x7d0 [ 2270.009449][T12651] ? netlink_attachskb+0x890/0x890 [ 2270.014556][T12651] ? __virt_addr_valid+0x5d/0x2d0 [ 2270.019577][T12651] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2270.025814][T12651] ? __phys_addr_symbol+0x2c/0x70 [ 2270.030853][T12651] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2270.036564][T12651] ? __check_object_size+0x16e/0x3f0 [ 2270.041874][T12651] netlink_sendmsg+0x85b/0xda0 [ 2270.046635][T12651] ? netlink_unicast+0x7d0/0x7d0 [ 2270.051571][T12651] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2270.057813][T12651] ? netlink_unicast+0x7d0/0x7d0 [ 2270.062746][T12651] sock_sendmsg+0xcf/0x120 [ 2270.067162][T12651] ____sys_sendmsg+0x6e8/0x810 [ 2270.071932][T12651] ? kernel_sendmsg+0x50/0x50 [ 2270.076639][T12651] ? do_recvmmsg+0x6d0/0x6d0 [ 2270.081241][T12651] ___sys_sendmsg+0xf3/0x170 [ 2270.085836][T12651] ? sendmsg_copy_msghdr+0x160/0x160 [ 2270.091127][T12651] ? __fget_files+0x266/0x3d0 [ 2270.095825][T12651] ? lock_downgrade+0x6e0/0x6e0 [ 2270.100672][T12651] ? futex_exit_release+0x220/0x220 [ 2270.105879][T12651] ? alloc_empty_file+0xd7/0x170 [ 2270.110809][T12651] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2270.117058][T12651] ? __fget_files+0x288/0x3d0 [ 2270.121731][T12651] ? __fget_light+0xea/0x280 [ 2270.126314][T12651] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2270.132564][T12651] __sys_sendmsg+0xe5/0x1b0 [ 2270.137086][T12651] ? __sys_sendmsg_sock+0x30/0x30 [ 2270.142114][T12651] ? syscall_enter_from_user_mode+0x21/0x70 [ 2270.148013][T12651] ? trace_hardirqs_on+0x5b/0x1c0 [ 2270.153048][T12651] do_syscall_64+0x35/0xb0 [ 2270.157465][T12651] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2270.163361][T12651] RIP: 0033:0x4665d9 [ 2270.167247][T12651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2270.186858][T12651] RSP: 002b:00007f571d72b188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2270.195277][T12651] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 2270.203254][T12651] RDX: 0000000000006000 RSI: 0000000020000000 RDI: 0000000000000003 [ 2270.211242][T12651] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2270.219201][T12651] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038 [ 2270.227169][T12651] R13: 00007ffe36affebf R14: 00007f571d72b300 R15: 0000000000022000 03:46:53 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x0) socket$kcm(0x29, 0x0, 0x0) sendmsg(r0, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2270.846448][T12676] RSP: 002b:00007f2f41cb3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2270.854859][T12676] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2270.862827][T12676] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2270.870959][T12676] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2270.878919][T12676] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2270.888878][T12676] R13: 00007ffcab19058f R14: 00007f2f41cb3300 R15: 0000000000022000 03:46:53 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000095000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) r2 = getpid() r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000000)='percpu_free_percpu\x00', r1}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r2, r3, 0x0, 0x4, &(0x7f0000000180)='GPL\x00'}, 0x30) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) [ 2271.017305][T12688] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 2271.028932][T12688] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2271.053528][T12688] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2271.053528][T12688] !' [ 2271.066405][T12688] CPU: 0 PID: 12688 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2271.076245][T12688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2271.086314][T12688] Call Trace: [ 2271.089604][T12688] dump_stack_lvl+0xcd/0x134 [ 2271.094265][T12688] sysfs_warn_dup.cold+0x1c/0x29 [ 2271.099229][T12688] sysfs_do_create_link_sd+0x11e/0x140 [ 2271.104713][T12688] sysfs_create_link+0x5f/0xc0 [ 2271.109682][T12688] device_add+0x789/0x2100 [ 2271.114116][T12688] ? mutex_lock_io_nested+0xf00/0xf00 [ 2271.119509][T12688] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2271.125070][T12688] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2271.131592][T12688] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2271.137855][T12688] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2271.144122][T12688] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2271.150388][T12688] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2271.156395][T12688] wiphy_register+0x1e8a/0x29b0 [ 2271.161388][T12688] ? wiphy_unregister+0xbd0/0xbd0 [ 2271.166439][T12688] ? minstrel_ht_alloc+0x531/0xa00 [ 2271.171577][T12688] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2271.177667][T12688] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2271.183180][T12688] ? ieee80211_restart_hw+0x290/0x290 [ 2271.188570][T12688] ? debug_object_destroy+0x210/0x210 [ 2271.194050][T12688] ? lock_downgrade+0x6e0/0x6e0 [ 2271.198923][T12688] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2271.204403][T12688] ? memset+0x20/0x40 [ 2271.208409][T12688] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2271.214669][T12688] ? __hrtimer_init+0x136/0x280 [ 2271.219546][T12688] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2271.225298][T12688] ? hwsim_virtio_rx_work+0x350/0x350 [ 2271.230695][T12688] ? __kmalloc_track_caller+0x1a0/0x320 [ 2271.236263][T12688] ? memcpy+0x39/0x60 [ 2271.240265][T12688] hwsim_new_radio_nl+0x9bc/0x1080 [ 2271.245394][T12688] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2271.251312][T12688] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2271.257578][T12688] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2271.264968][T12688] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2271.272276][T12688] genl_family_rcv_msg_doit+0x228/0x320 [ 2271.277841][T12688] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2271.285238][T12688] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2271.291602][T12688] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2271.297910][T12688] ? ns_capable+0xde/0x100 [ 2271.302343][T12688] genl_rcv_msg+0x328/0x580 [ 2271.307072][T12688] ? genl_get_cmd+0x480/0x480 [ 2271.311739][T12688] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2271.317898][T12688] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2271.323784][T12688] ? lock_release+0x720/0x720 [ 2271.330661][T12688] ? trace_hardirqs_on+0x51/0x1c0 [ 2271.335685][T12688] netlink_rcv_skb+0x153/0x420 [ 2271.340447][T12688] ? genl_get_cmd+0x480/0x480 [ 2271.345118][T12688] ? netlink_ack+0xa60/0xa60 [ 2271.349833][T12688] ? netlink_deliver_tap+0x236/0xba0 [ 2271.355321][T12688] genl_rcv+0x24/0x40 [ 2271.359292][T12688] netlink_unicast+0x533/0x7d0 [ 2271.364046][T12688] ? netlink_attachskb+0x890/0x890 [ 2271.369155][T12688] ? __virt_addr_valid+0x5d/0x2d0 [ 2271.374287][T12688] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2271.380530][T12688] ? __phys_addr_symbol+0x2c/0x70 [ 2271.385680][T12688] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2271.391403][T12688] ? __check_object_size+0x16e/0x3f0 [ 2271.396783][T12688] netlink_sendmsg+0x85b/0xda0 [ 2271.401656][T12688] ? netlink_unicast+0x7d0/0x7d0 [ 2271.406583][T12688] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2271.412812][T12688] ? netlink_unicast+0x7d0/0x7d0 [ 2271.417739][T12688] sock_sendmsg+0xcf/0x120 [ 2271.422147][T12688] ____sys_sendmsg+0x6e8/0x810 [ 2271.426899][T12688] ? kernel_sendmsg+0x50/0x50 [ 2271.431577][T12688] ? do_recvmmsg+0x6d0/0x6d0 [ 2271.436184][T12688] ? futex_wait_restart+0x200/0x200 [ 2271.441381][T12688] ___sys_sendmsg+0xf3/0x170 [ 2271.445981][T12688] ? sendmsg_copy_msghdr+0x160/0x160 [ 2271.451277][T12688] ? __fget_files+0x266/0x3d0 [ 2271.455952][T12688] ? lock_downgrade+0x6e0/0x6e0 [ 2271.460797][T12688] ? futex_exit_release+0x220/0x220 [ 2271.465985][T12688] ? clockevents_program_event+0x141/0x370 [ 2271.471776][T12688] ? lock_downgrade+0x6e0/0x6e0 [ 2271.476612][T12688] ? __fget_files+0x288/0x3d0 [ 2271.481278][T12688] ? __fget_light+0xea/0x280 [ 2271.485854][T12688] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2271.492086][T12688] __sys_sendmsg+0xe5/0x1b0 [ 2271.496604][T12688] ? __sys_sendmsg_sock+0x30/0x30 [ 2271.501721][T12688] ? syscall_enter_from_user_mode+0x21/0x70 [ 2271.507603][T12688] ? trace_hardirqs_on+0x5b/0x1c0 [ 2271.512615][T12688] do_syscall_64+0x35/0xb0 [ 2271.517022][T12688] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2271.523000][T12688] RIP: 0033:0x4665d9 [ 2271.526891][T12688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2271.546485][T12688] RSP: 002b:00007f0cbc104188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2271.554893][T12688] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2271.562910][T12688] RDX: 0000000008000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2271.570866][T12688] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2271.578819][T12688] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2271.586777][T12688] R13: 00007fffc9e5e04f R14: 00007f0cbc104300 R15: 0000000000022000 [ 2271.603473][T12708] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2271.623381][T12708] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2271.641456][T12708] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2271.641456][T12708] !' [ 2271.653046][T12708] CPU: 0 PID: 12708 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 2271.662983][T12708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2271.673223][T12708] Call Trace: [ 2271.676502][T12708] dump_stack_lvl+0xcd/0x134 [ 2271.681094][T12708] sysfs_warn_dup.cold+0x1c/0x29 [ 2271.686025][T12708] sysfs_do_create_link_sd+0x11e/0x140 [ 2271.691475][T12708] sysfs_create_link+0x5f/0xc0 [ 2271.696239][T12708] device_add+0x789/0x2100 [ 2271.700647][T12708] ? mutex_lock_io_nested+0xf00/0xf00 [ 2271.706004][T12708] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2271.711535][T12708] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2271.718030][T12708] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2271.724259][T12708] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2271.730519][T12708] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2271.736751][T12708] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2271.742727][T12708] wiphy_register+0x1e8a/0x29b0 [ 2271.747582][T12708] ? wiphy_unregister+0xbd0/0xbd0 [ 2271.752622][T12708] ? minstrel_ht_alloc+0x531/0xa00 [ 2271.757723][T12708] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2271.763784][T12708] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2271.769934][T12708] ? ieee80211_restart_hw+0x290/0x290 [ 2271.775309][T12708] ? debug_object_destroy+0x210/0x210 [ 2271.780676][T12708] ? lock_downgrade+0x6e0/0x6e0 [ 2271.785532][T12708] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2271.790979][T12708] ? memset+0x20/0x40 [ 2271.794965][T12708] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2271.801202][T12708] ? __hrtimer_init+0x136/0x280 [ 2271.806075][T12708] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2271.811796][T12708] ? hwsim_virtio_rx_work+0x350/0x350 [ 2271.817177][T12708] ? __kmalloc_track_caller+0x1a0/0x320 [ 2271.822715][T12708] ? memcpy+0x39/0x60 [ 2271.826911][T12708] hwsim_new_radio_nl+0x9bc/0x1080 [ 2271.832039][T12708] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2271.837946][T12708] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2271.844187][T12708] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2271.851562][T12708] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2271.858856][T12708] genl_family_rcv_msg_doit+0x228/0x320 [ 2271.864426][T12708] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2271.871924][T12708] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2271.878184][T12708] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2271.884441][T12708] ? ns_capable+0xde/0x100 [ 2271.889043][T12708] genl_rcv_msg+0x328/0x580 [ 2271.893622][T12708] ? genl_get_cmd+0x480/0x480 [ 2271.898295][T12708] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2271.904202][T12708] ? lock_release+0x720/0x720 [ 2271.908894][T12708] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2271.914168][T12708] ? trace_hardirqs_on+0x5b/0x1c0 [ 2271.919180][T12708] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2271.924895][T12708] netlink_rcv_skb+0x153/0x420 [ 2271.930269][T12708] ? genl_get_cmd+0x480/0x480 [ 2271.934944][T12708] ? netlink_ack+0xa60/0xa60 [ 2271.939526][T12708] ? netlink_deliver_tap+0x236/0xba0 [ 2271.944803][T12708] genl_rcv+0x24/0x40 [ 2271.948798][T12708] netlink_unicast+0x533/0x7d0 [ 2271.953571][T12708] ? netlink_attachskb+0x890/0x890 [ 2271.959193][T12708] ? __virt_addr_valid+0x5d/0x2d0 [ 2271.964296][T12708] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2271.970527][T12708] ? __phys_addr_symbol+0x2c/0x70 [ 2271.975648][T12708] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2271.981442][T12708] ? __check_object_size+0x16e/0x3f0 [ 2271.986727][T12708] netlink_sendmsg+0x85b/0xda0 [ 2271.991481][T12708] ? netlink_unicast+0x7d0/0x7d0 [ 2271.996414][T12708] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2272.002646][T12708] ? netlink_unicast+0x7d0/0x7d0 [ 2272.007596][T12708] sock_sendmsg+0xcf/0x120 [ 2272.012011][T12708] ____sys_sendmsg+0x6e8/0x810 [ 2272.016777][T12708] ? kernel_sendmsg+0x50/0x50 [ 2272.022210][T12708] ? do_recvmmsg+0x6d0/0x6d0 [ 2272.026804][T12708] ? tomoyo_path_number_perm+0x204/0x590 [ 2272.032523][T12708] ? kfree+0xeb/0x670 [ 2272.036493][T12708] ? tomoyo_path_number_perm+0x441/0x590 [ 2272.042229][T12708] ___sys_sendmsg+0xf3/0x170 [ 2272.046809][T12708] ? sendmsg_copy_msghdr+0x160/0x160 [ 2272.052092][T12708] ? __fget_files+0x266/0x3d0 [ 2272.056757][T12708] ? lock_downgrade+0x6e0/0x6e0 [ 2272.061607][T12708] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2272.067615][T12708] ? do_vfs_ioctl+0x132/0x15d0 [ 2272.072376][T12708] ? __fget_files+0x288/0x3d0 [ 2272.077289][T12708] ? __fget_light+0xea/0x280 [ 2272.082510][T12708] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2272.088746][T12708] __sys_sendmsg+0xe5/0x1b0 [ 2272.093242][T12708] ? __sys_sendmsg_sock+0x30/0x30 [ 2272.098264][T12708] ? syscall_enter_from_user_mode+0x21/0x70 [ 2272.105632][T12708] ? trace_hardirqs_on+0x5b/0x1c0 [ 2272.110654][T12708] do_syscall_64+0x35/0xb0 [ 2272.115057][T12708] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2272.120938][T12708] RIP: 0033:0x4665d9 [ 2272.124821][T12708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2272.144607][T12708] RSP: 002b:00007f2f41c71188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2272.153201][T12708] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2272.161185][T12708] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 03:46:55 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0xffffff9e}, 0x0) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x2000) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) [ 2272.169457][T12708] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2272.177422][T12708] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2272.185490][T12708] R13: 00007ffcab19058f R14: 00007f2f41c71300 R15: 0000000000022000 [ 2272.207649][T12718] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 2272.226487][T12718] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2272.362378][T12724] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 2272.376163][T12724] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2272.389694][T12724] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2272.389694][T12724] !' [ 2272.401953][T12724] CPU: 1 PID: 12724 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2272.411905][T12724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2272.422061][T12724] Call Trace: [ 2272.425339][T12724] dump_stack_lvl+0xcd/0x134 [ 2272.429936][T12724] sysfs_warn_dup.cold+0x1c/0x29 [ 2272.434875][T12724] sysfs_do_create_link_sd+0x11e/0x140 [ 2272.440599][T12724] sysfs_create_link+0x5f/0xc0 [ 2272.445365][T12724] device_add+0x789/0x2100 [ 2272.449777][T12724] ? mutex_lock_io_nested+0xf00/0xf00 [ 2272.455148][T12724] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2272.460691][T12724] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2272.466930][T12724] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2272.473190][T12724] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2272.479429][T12724] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2272.485501][T12724] wiphy_register+0x1e8a/0x29b0 [ 2272.490360][T12724] ? wiphy_unregister+0xbd0/0xbd0 [ 2272.495387][T12724] ? minstrel_ht_alloc+0x531/0xa00 [ 2272.500501][T12724] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2272.506569][T12724] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2272.512033][T12724] ? ieee80211_restart_hw+0x290/0x290 [ 2272.517504][T12724] ? debug_object_destroy+0x210/0x210 [ 2272.522970][T12724] ? lock_downgrade+0x6e0/0x6e0 [ 2272.527817][T12724] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2272.533537][T12724] ? memset+0x20/0x40 [ 2272.537519][T12724] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2272.543801][T12724] ? __hrtimer_init+0x136/0x280 [ 2272.548663][T12724] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2272.554398][T12724] ? hwsim_virtio_rx_work+0x350/0x350 [ 2272.559787][T12724] ? __kmalloc_track_caller+0x1a0/0x320 [ 2272.565331][T12724] ? memcpy+0x39/0x60 [ 2272.569421][T12724] hwsim_new_radio_nl+0x9bc/0x1080 [ 2272.574652][T12724] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2272.580550][T12724] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2272.587077][T12724] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2272.595433][T12724] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2272.602884][T12724] genl_family_rcv_msg_doit+0x228/0x320 [ 2272.608443][T12724] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2272.615908][T12724] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2272.622211][T12724] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2272.628446][T12724] ? ns_capable+0xde/0x100 [ 2272.632861][T12724] genl_rcv_msg+0x328/0x580 [ 2272.637366][T12724] ? genl_get_cmd+0x480/0x480 [ 2272.642061][T12724] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2272.647962][T12724] ? lock_release+0x720/0x720 [ 2272.652635][T12724] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2272.657930][T12724] ? trace_hardirqs_on+0x5b/0x1c0 [ 2272.662950][T12724] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2272.668666][T12724] netlink_rcv_skb+0x153/0x420 [ 2272.673430][T12724] ? genl_get_cmd+0x480/0x480 [ 2272.678106][T12724] ? netlink_ack+0xa60/0xa60 [ 2272.682708][T12724] ? netlink_deliver_tap+0x236/0xba0 [ 2272.688012][T12724] genl_rcv+0x24/0x40 [ 2272.691989][T12724] netlink_unicast+0x533/0x7d0 [ 2272.696764][T12724] ? netlink_attachskb+0x890/0x890 [ 2272.701871][T12724] ? __virt_addr_valid+0x5d/0x2d0 [ 2272.706890][T12724] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2272.713139][T12724] ? __phys_addr_symbol+0x2c/0x70 [ 2272.718156][T12724] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2272.723956][T12724] ? __check_object_size+0x16e/0x3f0 [ 2272.729260][T12724] netlink_sendmsg+0x85b/0xda0 [ 2272.734031][T12724] ? netlink_unicast+0x7d0/0x7d0 [ 2272.738966][T12724] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2272.745203][T12724] ? netlink_unicast+0x7d0/0x7d0 [ 2272.750159][T12724] sock_sendmsg+0xcf/0x120 [ 2272.754587][T12724] ____sys_sendmsg+0x6e8/0x810 [ 2272.759359][T12724] ? kernel_sendmsg+0x50/0x50 [ 2272.764045][T12724] ? do_recvmmsg+0x6d0/0x6d0 [ 2272.768630][T12724] ? tomoyo_path_number_perm+0x204/0x590 [ 2272.774267][T12724] ? kfree+0xeb/0x670 [ 2272.778242][T12724] ? tomoyo_path_number_perm+0x441/0x590 [ 2272.783878][T12724] ___sys_sendmsg+0xf3/0x170 [ 2272.788464][T12724] ? sendmsg_copy_msghdr+0x160/0x160 [ 2272.793744][T12724] ? __fget_files+0x266/0x3d0 [ 2272.798417][T12724] ? lock_downgrade+0x6e0/0x6e0 [ 2272.803275][T12724] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2272.809166][T12724] ? do_vfs_ioctl+0x132/0x15d0 [ 2272.813927][T12724] ? __fget_files+0x288/0x3d0 [ 2272.818611][T12724] ? __fget_light+0xea/0x280 [ 2272.823324][T12724] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2272.829582][T12724] __sys_sendmsg+0xe5/0x1b0 [ 2272.834121][T12724] ? __sys_sendmsg_sock+0x30/0x30 [ 2272.839154][T12724] ? syscall_enter_from_user_mode+0x21/0x70 [ 2272.845051][T12724] ? trace_hardirqs_on+0x5b/0x1c0 [ 2272.850075][T12724] do_syscall_64+0x35/0xb0 [ 2272.854486][T12724] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2272.860387][T12724] RIP: 0033:0x4665d9 [ 2272.864287][T12724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2272.883902][T12724] RSP: 002b:00007f0cbc0c2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2272.892310][T12724] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2272.900640][T12724] RDX: 0000000008000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2272.908712][T12724] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2272.916703][T12724] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2272.924660][T12724] R13: 00007fffc9e5e04f R14: 00007f0cbc0c2300 R15: 0000000000022000 [ 2272.946035][T12744] netlink: 'syz-executor.0': attribute type 11 has an invalid length. 03:46:56 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0xe000000) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:56 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2273.488662][T12744] RSP: 002b:00007f571d74c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2273.497073][T12744] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2273.505126][T12744] RDX: 0000000000008012 RSI: 0000000020000000 RDI: 0000000000000003 [ 2273.513183][T12744] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2273.521167][T12744] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2273.529147][T12744] R13: 00007ffe36affebf R14: 00007f571d74c300 R15: 0000000000022000 [ 2273.549695][T12749] netlink: 'syz-executor.0': attribute type 11 has an invalid length. 03:46:56 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000007fa797fda1"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f0000000000)='cpuset.memory_pressure\x00', 0x0, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000100)={'macvlan1\x00', @local}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000740)='ext4_es_lookup_extent_exit\x00', r1}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1c, 0x9, &(0x7f0000000180)=@raw=[@ldst={0x3, 0x0, 0x1, 0x5, 0x0, 0x18, 0xffffffffffffffff}, @exit, @call={0x85, 0x0, 0x0, 0x3d}, @jmp={0x5, 0x0, 0x4, 0x9, 0x9, 0xec4b3a47b561ea98, 0x4}, @ldst={0x0, 0x3, 0x3, 0x2, 0x0, 0x10}, @alu={0x4, 0x1, 0xb, 0x8, 0xb, 0xc, 0x1}, @map={0x18, 0x1, 0x1, 0x0, r2}, @exit], &(0x7f0000000280)='GPL\x00', 0xfffffff7, 0x9d, &(0x7f00000002c0)=""/157, 0x40f00, 0x0, '\x00', 0x0, 0x20, r1, 0x8, &(0x7f0000000380)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x0, 0x5, 0x401, 0x7}, 0x10, 0xffffffffffffffff, r1}, 0x78) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000700)={@map=r2, r2, 0x6}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000680)={r3, 0x0, 0x29, 0x28, &(0x7f0000000400)="1f87c10f58869cf4364f577af34f7888cca78615702f20c228b1c051869a8a51465a039f64c44c4560", &(0x7f0000000500)=""/40, 0x6, 0x0, 0xf, 0xcc, &(0x7f0000000540)="060e2ea3bb8bdebbd5fed69ff9bf0b", &(0x7f0000000580)="439f100fb35d6335dbee9cff6bd364ba267dcc740d9229ea65c5c1c63cb8550bea68edaca452fdedb8090a10901369bd86ceb3d254fde8a777f8f366a1e799c84fbfefc3c8a718723ac73d7bc2ed8aa91da20afaee9b06c71f7c60134bb4abd0b39adeb4331458b099eaa07c7060e66307603e520868623864cf104ea04cd618974c9804936b5bfdfd20d6794da3e1e4fd3a86a50e67d75363f46419e03d3a0c9e02b76c20013adf6a5aeb285e85cfb68dbb065241d459429e008638c1e82299db94b182c4e8cb097234d515", 0x0, 0x7}, 0x48) [ 2273.569555][T12749] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.0'. 03:46:56 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) 03:46:56 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x3, &(0x7f0000000100)=ANY=[], &(0x7f0000000180)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)={[{0x2d, 'cpu'}]}, 0x5) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000007c0)={r0, 0xc0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=0x7, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x7, 0x1}, 0x0, 0x0, &(0x7f0000000640)={0x2, 0xe, 0xdc6, 0x1}, &(0x7f0000000680)=0x2, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=0xb2a}}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000b00)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8fffdff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000002c3f2cc2b06d3585a09a87507ebf4e43bc06607401000000e214b6b12e60ac1786a50b495ecb68db5f282675ef467d7fbde500c1e108abfb7491a203f669f83e2b3b28e12fd4659c5a4be272ae419c62cbcc6338b91fb402803fdbd809d0e4785b3de88865d3d7ff7377ab383df91c8fda915d9d5f435905ce28c4014cce4fc1050c9656a41504a8797242f7d2cadcc26313bd5c1c143688e845235f0538e811f14d377f4c38bed86cf343d045e9911fc3eface8bcb4de79dd6468072c5b68d8b76b4cf15c18298247fe815b581d3930d5795ca9d0cc42654b70f35ef3b91fa78d47479b9d05711763e8b485b9eba3c0d6314fd67b5fc53d3366051872947696bdf0c59faeff2da275279507f6576fbe621d27c7a211c1566d6dc977cadd9cec87ed64e3e534d2f70ae40f44c95a3db946bfd3dce2546afffd46637c488397ac6b1c3d69f69a8e41c2878e449ba39ce49cea3dc5e10520c637d23255cedaf8750144422a4100f767a7d03d4299668ebe2c370d6e6bcc01886b19455a29aa155e02bf29ff5c78ecd6f74dc75ed0c16a655db6c321432d8fe20168c9b7e25345971423be8489ce81f099af90b2feb37bbe7b33f8047671af32373ab73c26a83713315130cf23d2dfe773f77910614e4e123bad9cf970cced8fe413488bdc0000000000010001679ae3eafb6b03e18c45f6fa000089057995dce1a30d961934d74cb694a83dae55bb3b48dd8ebbfbbcd9e32b96567bbe19fd3254c8a1d3775fc89ae30978fec5d98d417ec51ea291b764bff1ddf9e2c36cc962e2ed3a4245aa0bb0fe6d7fa437aca251a9ec01443ea55bb8c5d9a7cafa12c40fb7a400d92a13cb1e06e720b45a0500ea6d0d9ac38c80f8cfa2bb6a316a53c2282ec819b546c763c564f85c7fededbc399ec01eab4bac37a8ce8a5f000000000068e764d02cfcabb2ce4f9f4c3c23cf5106b6f681d85efbdb5c46a0d9c24ee256b86232ab79cd8489c0beffa092854e8cde72b513a4963aa3ef8222318a9a6200000000000000000000000000000000d6ea0c0bcd0000000000000000000000003899509eb453f37638d3f739ec6dd51ab691eeade7226561417d5932d01b648a9eda5ce5da797339b13147d9f20063ec4bf3b028247a97dfbe9a17018ebb747e093b4ddcea677ac7c581808169a184285c1a044f9edf6532d27fea643e666cdd3c618f1eb75c1d05f01f2b3ca621dafc11b66de5f64286046ae5c7068cd2571085c6f3ae55f4095f9cd1aa5e34e8534d4923205f28a450f93fae647c9ef53016eef06552fd58bbe8659eeadbf41ca308104922e2c42f825d4675c145fe5ad6271be84085f2022946d33754e0c1701fd58abdbca564c4efe4cae8e892b9d36ceef15a8aa5b96b8db09e0eb6bc4a99eeee386df4b38fe35e0b56b181a76ef3a2d3d3eb3a58c43741b52dce4d3827c9ce9417c50838af06c67c467b3a9915e81eb99742470ed343abbd17a69108810f7a02e44c6221b09c675c06b45d1bb80e24b6c64bb85766acecd962a95c2ca30b61c7bb44383613f9662afb3085b700650b8a881567969b0ee76cbeb41f6aabf5158a5dd8972062aa4705958c5c0429397d4450cdc09c"], &(0x7f0000000340)='GPL\x00'}, 0x35) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x18000000000002e0, 0x28, 0x10000f0, &(0x7f00000004c0)="b95b03b703080000009e40f005001fff060000000000008477fbac141423e0000001c699da153f08e0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0x17, 0x6000000000000000, 0xfffffffffffffe7e, 0x1d4, &(0x7f0000000000), &(0x7f0000000080)}, 0x28) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x16, 0x6, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x800}, [@generic={0x56, 0x3, 0x8, 0xfff, 0xcd}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}]}, &(0x7f0000000400)='syzkaller\x00', 0x8, 0x7a, &(0x7f0000000500)=""/122, 0x41000, 0x4, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, &(0x7f0000000480)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000000580)={0x2, 0x5, 0x6, 0x6}, 0x10, r1, r2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0xc0185879, &(0x7f0000000080)) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)={0x5, 0x4, 0x4, 0x1}, 0x40) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000017c0)={r4, &(0x7f0000001740), 0x539000, 0x4000}, 0x20) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001b80)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001bc0)={0x1a, 0x5, 0x2, 0x3f, 0xd22e5c4ab18621f4, r4, 0x3, '\x00', 0x0, r5, 0x5, 0x0, 0x3}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000840)=ANY=[@ANYRES16], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r6 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={0xffffffffffffffff}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x13, 0x0, &(0x7f00000000c0), &(0x7f0000000100)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x14, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x4, 0x3}, 0x8, 0x10, &(0x7f00000002c0)={0x5, 0x1, 0x20, 0x6}, 0x10, 0x0, r6}, 0x78) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xe, 0xb, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xd2, 0x0, 0x0, 0x0, 0x5}, [@call={0x85, 0x0, 0x0, 0x77}, @map_val={0x18, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x2}, @generic={0x8, 0x7, 0x8, 0x80, 0x1}, @map={0x18, 0x8}]}, &(0x7f0000000040)='syzkaller\x00', 0x1ff, 0x75, &(0x7f0000000180)=""/117, 0x0, 0x0, '\x00', 0x0, 0x1, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x1, 0xb, 0xfffffffc, 0x1}, 0x10}, 0x78) bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x10, 0x5, &(0x7f0000000880)=@raw=[@ldst={0x0, 0x0, 0x2, 0x2, 0xb, 0x6dc5cdc119cbd469, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x1}], &(0x7f00000008c0)='syzkaller\x00', 0x5, 0x17, &(0x7f0000000900)=""/23, 0x41100, 0x8, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x8, 0x3}, 0x8, 0x10, &(0x7f00000009c0)={0x0, 0xb, 0x1, 0x3}, 0x10}, 0x78) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7}, [@map_val={0x18, 0x4, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x3f}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, @exit, @alu={0x7, 0x1, 0x2, 0x4, 0x4, 0x80, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0x57}, @jmp={0x5, 0x1, 0x1, 0x8, 0x8, 0xffffffffffffffe0, 0x4}]}, &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000240)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000300)={0x0, 0x2, 0x4, 0x19a2}, 0x10}, 0x78) [ 2273.969322][T12749] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2273.969322][T12749] !' [ 2274.002601][T12749] CPU: 1 PID: 12749 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 2274.012457][T12749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2274.023292][T12749] Call Trace: [ 2274.026594][T12749] dump_stack_lvl+0xcd/0x134 [ 2274.031212][T12749] sysfs_warn_dup.cold+0x1c/0x29 [ 2274.036175][T12749] sysfs_do_create_link_sd+0x11e/0x140 [ 2274.041704][T12749] sysfs_create_link+0x5f/0xc0 [ 2274.046577][T12749] device_add+0x789/0x2100 [ 2274.051008][T12749] ? mutex_lock_io_nested+0xf00/0xf00 [ 2274.056398][T12749] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2274.061970][T12749] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2274.068525][T12749] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2274.074886][T12749] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2274.081367][T12749] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2274.087723][T12749] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2274.093730][T12749] wiphy_register+0x1e8a/0x29b0 [ 2274.098628][T12749] ? wiphy_unregister+0xbd0/0xbd0 [ 2274.103704][T12749] ? minstrel_ht_alloc+0x531/0xa00 [ 2274.108824][T12749] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2274.114911][T12749] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2274.120376][T12749] ? ieee80211_restart_hw+0x290/0x290 [ 2274.125748][T12749] ? debug_object_destroy+0x210/0x210 [ 2274.131120][T12749] ? lock_downgrade+0x6e0/0x6e0 [ 2274.135969][T12749] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2274.141420][T12749] ? memset+0x20/0x40 [ 2274.145405][T12749] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2274.151648][T12749] ? __hrtimer_init+0x136/0x280 [ 2274.156504][T12749] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2274.162251][T12749] ? hwsim_virtio_rx_work+0x350/0x350 [ 2274.167638][T12749] ? __kmalloc_track_caller+0x1a0/0x320 [ 2274.173182][T12749] ? memcpy+0x39/0x60 [ 2274.177170][T12749] hwsim_new_radio_nl+0x9bc/0x1080 [ 2274.182283][T12749] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2274.188180][T12749] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2274.194418][T12749] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2274.201787][T12749] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2274.209080][T12749] genl_family_rcv_msg_doit+0x228/0x320 [ 2274.214626][T12749] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2274.221994][T12749] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2274.228237][T12749] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2274.234516][T12749] ? ns_capable+0xde/0x100 [ 2274.239042][T12749] genl_rcv_msg+0x328/0x580 [ 2274.243560][T12749] ? genl_get_cmd+0x480/0x480 [ 2274.248249][T12749] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2274.254151][T12749] ? lock_release+0x720/0x720 [ 2274.258839][T12749] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2274.264123][T12749] netlink_rcv_skb+0x153/0x420 [ 2274.268898][T12749] ? genl_get_cmd+0x480/0x480 [ 2274.273571][T12749] ? netlink_ack+0xa60/0xa60 [ 2274.278181][T12749] ? netlink_deliver_tap+0x236/0xba0 [ 2274.283464][T12749] genl_rcv+0x24/0x40 [ 2274.287449][T12749] netlink_unicast+0x533/0x7d0 [ 2274.292474][T12749] ? netlink_attachskb+0x890/0x890 [ 2274.297754][T12749] ? __virt_addr_valid+0x5d/0x2d0 [ 2274.302774][T12749] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2274.309024][T12749] ? __phys_addr_symbol+0x2c/0x70 [ 2274.314078][T12749] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2274.319810][T12749] ? __check_object_size+0x16e/0x3f0 [ 2274.325103][T12749] netlink_sendmsg+0x85b/0xda0 [ 2274.329879][T12749] ? netlink_unicast+0x7d0/0x7d0 [ 2274.334813][T12749] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2274.341047][T12749] ? netlink_unicast+0x7d0/0x7d0 [ 2274.345981][T12749] sock_sendmsg+0xcf/0x120 [ 2274.350399][T12749] ____sys_sendmsg+0x6e8/0x810 [ 2274.355175][T12749] ? kernel_sendmsg+0x50/0x50 [ 2274.359849][T12749] ? do_recvmmsg+0x6d0/0x6d0 [ 2274.364523][T12749] ? fs_reclaim_release+0x9c/0xf0 [ 2274.369546][T12749] ? lock_downgrade+0x6e0/0x6e0 [ 2274.374390][T12749] ___sys_sendmsg+0xf3/0x170 [ 2274.378978][T12749] ? sendmsg_copy_msghdr+0x160/0x160 [ 2274.384256][T12749] ? __fget_files+0x266/0x3d0 [ 2274.389018][T12749] ? lock_downgrade+0x6e0/0x6e0 [ 2274.394211][T12749] ? futex_exit_release+0x220/0x220 [ 2274.399409][T12749] ? alloc_empty_file+0xd7/0x170 [ 2274.404350][T12749] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2274.410679][T12749] ? __fget_files+0x288/0x3d0 [ 2274.415366][T12749] ? __fget_light+0xea/0x280 [ 2274.419965][T12749] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2274.426216][T12749] __sys_sendmsg+0xe5/0x1b0 [ 2274.430831][T12749] ? __sys_sendmsg_sock+0x30/0x30 [ 2274.435859][T12749] ? syscall_enter_from_user_mode+0x21/0x70 [ 2274.441852][T12749] ? trace_hardirqs_on+0x5b/0x1c0 [ 2274.446877][T12749] do_syscall_64+0x35/0xb0 [ 2274.451301][T12749] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2274.457192][T12749] RIP: 0033:0x4665d9 [ 2274.461078][T12749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2274.480701][T12749] RSP: 002b:00007f571d72b188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2274.489131][T12749] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 2274.497104][T12749] RDX: 0000000000008012 RSI: 0000000020000000 RDI: 0000000000000003 [ 2274.505066][T12749] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2274.513032][T12749] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038 03:46:57 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0xf000) socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) 03:46:57 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x13000003, &(0x7f00000000c0)=[{&(0x7f0000000080)='f', 0xffffff1f}], 0x8, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2275.091079][T12778] RSP: 002b:00007f2f41cb3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2275.099502][T12778] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2275.107482][T12778] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2275.115450][T12778] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2275.123414][T12778] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2275.131377][T12778] R13: 00007ffcab19058f R14: 00007f2f41cb3300 R15: 0000000000022000 03:46:58 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0xfffffff0}, 0x0) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x2000) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) [ 2275.411896][T12804] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 2275.420107][T12804] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2275.580681][T12805] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 2275.593817][T12805] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2275.607930][T12805] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2275.607930][T12805] !' [ 2275.633482][T12805] CPU: 0 PID: 12805 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2275.643336][T12805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2275.653404][T12805] Call Trace: [ 2275.656693][T12805] dump_stack_lvl+0xcd/0x134 [ 2275.661307][T12805] sysfs_warn_dup.cold+0x1c/0x29 [ 2275.666264][T12805] sysfs_do_create_link_sd+0x11e/0x140 [ 2275.671753][T12805] sysfs_create_link+0x5f/0xc0 [ 2275.676549][T12805] device_add+0x789/0x2100 [ 2275.680996][T12805] ? mutex_lock_io_nested+0xf00/0xf00 [ 2275.686388][T12805] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2275.691956][T12805] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2275.698216][T12805] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2275.704480][T12805] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2275.710750][T12805] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2275.717121][T12805] wiphy_register+0x1e8a/0x29b0 [ 2275.721976][T12805] ? wiphy_unregister+0xbd0/0xbd0 [ 2275.727185][T12805] ? minstrel_ht_alloc+0x531/0xa00 [ 2275.732503][T12805] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2275.738585][T12805] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2275.744047][T12805] ? ieee80211_restart_hw+0x290/0x290 [ 2275.749426][T12805] ? debug_object_destroy+0x210/0x210 [ 2275.755143][T12805] ? lock_downgrade+0x6e0/0x6e0 [ 2275.760121][T12805] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2275.765578][T12805] ? memset+0x20/0x40 [ 2275.769683][T12805] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2275.776051][T12805] ? __hrtimer_init+0x136/0x280 [ 2275.781020][T12805] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2275.786748][T12805] ? hwsim_virtio_rx_work+0x350/0x350 [ 2275.792256][T12805] ? __kmalloc_track_caller+0x1a0/0x320 [ 2275.797889][T12805] ? memcpy+0x39/0x60 [ 2275.801871][T12805] hwsim_new_radio_nl+0x9bc/0x1080 [ 2275.806993][T12805] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2275.812930][T12805] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2275.819162][T12805] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2275.826526][T12805] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2275.833903][T12805] genl_family_rcv_msg_doit+0x228/0x320 [ 2275.839472][T12805] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2275.846845][T12805] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2275.853082][T12805] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2275.859415][T12805] ? ns_capable+0xde/0x100 [ 2275.863831][T12805] genl_rcv_msg+0x328/0x580 [ 2275.869392][T12805] ? genl_get_cmd+0x480/0x480 [ 2275.874119][T12805] ? lock_downgrade+0x6e0/0x6e0 [ 2275.878955][T12805] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2275.885014][T12805] ? lock_release+0x720/0x720 [ 2275.889683][T12805] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2275.895081][T12805] netlink_rcv_skb+0x153/0x420 [ 2275.899855][T12805] ? genl_get_cmd+0x480/0x480 [ 2275.904639][T12805] ? netlink_ack+0xa60/0xa60 [ 2275.909255][T12805] ? netlink_deliver_tap+0x236/0xba0 [ 2275.914554][T12805] genl_rcv+0x24/0x40 [ 2275.918536][T12805] netlink_unicast+0x533/0x7d0 [ 2275.923318][T12805] ? netlink_attachskb+0x890/0x890 [ 2275.928428][T12805] ? __virt_addr_valid+0x5d/0x2d0 [ 2275.933456][T12805] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2275.939707][T12805] ? __phys_addr_symbol+0x2c/0x70 [ 2275.944741][T12805] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2275.950459][T12805] ? __check_object_size+0x16e/0x3f0 [ 2275.955732][T12805] netlink_sendmsg+0x85b/0xda0 [ 2275.960495][T12805] ? netlink_unicast+0x7d0/0x7d0 [ 2275.965421][T12805] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2275.971650][T12805] ? netlink_unicast+0x7d0/0x7d0 [ 2275.976577][T12805] sock_sendmsg+0xcf/0x120 [ 2275.980988][T12805] ____sys_sendmsg+0x6e8/0x810 [ 2275.985743][T12805] ? kernel_sendmsg+0x50/0x50 [ 2275.990420][T12805] ? do_recvmmsg+0x6d0/0x6d0 [ 2275.994999][T12805] ? futex_wait_restart+0x200/0x200 [ 2276.000207][T12805] ___sys_sendmsg+0xf3/0x170 [ 2276.004805][T12805] ? sendmsg_copy_msghdr+0x160/0x160 [ 2276.010257][T12805] ? __fget_files+0x266/0x3d0 [ 2276.014928][T12805] ? lock_downgrade+0x6e0/0x6e0 [ 2276.019886][T12805] ? futex_exit_release+0x220/0x220 [ 2276.025104][T12805] ? clockevents_program_event+0x141/0x370 [ 2276.030987][T12805] ? lock_downgrade+0x6e0/0x6e0 [ 2276.035829][T12805] ? __fget_files+0x288/0x3d0 [ 2276.040690][T12805] ? __fget_light+0xea/0x280 [ 2276.045361][T12805] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2276.051598][T12805] __sys_sendmsg+0xe5/0x1b0 [ 2276.056100][T12805] ? __sys_sendmsg_sock+0x30/0x30 [ 2276.061114][T12805] ? syscall_enter_from_user_mode+0x21/0x70 [ 2276.066995][T12805] ? trace_hardirqs_on+0x5b/0x1c0 [ 2276.072015][T12805] do_syscall_64+0x35/0xb0 [ 2276.077833][T12805] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2276.083723][T12805] RIP: 0033:0x4665d9 [ 2276.087634][T12805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2276.107235][T12805] RSP: 002b:00007f0cbc104188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2276.115644][T12805] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2276.123636][T12805] RDX: 000000000e000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2276.131598][T12805] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2276.139652][T12805] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2276.147636][T12805] R13: 00007fffc9e5e04f R14: 00007f0cbc104300 R15: 0000000000022000 [ 2276.170267][T12813] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 2276.184460][T12813] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2276.196952][T12813] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2276.196952][T12813] !' [ 2276.210733][T12813] CPU: 1 PID: 12813 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2276.220567][T12813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2276.230966][T12813] Call Trace: [ 2276.234352][T12813] dump_stack_lvl+0xcd/0x134 [ 2276.238964][T12813] sysfs_warn_dup.cold+0x1c/0x29 [ 2276.243897][T12813] sysfs_do_create_link_sd+0x11e/0x140 [ 2276.249349][T12813] sysfs_create_link+0x5f/0xc0 [ 2276.254117][T12813] device_add+0x789/0x2100 [ 2276.258523][T12813] ? mutex_lock_io_nested+0xf00/0xf00 [ 2276.263889][T12813] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2276.269544][T12813] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2276.276051][T12813] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2276.282299][T12813] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2276.288826][T12813] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2276.295064][T12813] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2276.301047][T12813] wiphy_register+0x1e8a/0x29b0 [ 2276.305904][T12813] ? wiphy_unregister+0xbd0/0xbd0 [ 2276.310931][T12813] ? minstrel_ht_alloc+0x531/0xa00 [ 2276.316044][T12813] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2276.322113][T12813] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2276.327574][T12813] ? ieee80211_restart_hw+0x290/0x290 [ 2276.332942][T12813] ? debug_object_destroy+0x210/0x210 [ 2276.338314][T12813] ? lock_downgrade+0x6e0/0x6e0 [ 2276.343158][T12813] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2276.348613][T12813] ? memset+0x20/0x40 [ 2276.352620][T12813] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2276.358864][T12813] ? __hrtimer_init+0x136/0x280 [ 2276.363803][T12813] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2276.369535][T12813] ? hwsim_virtio_rx_work+0x350/0x350 [ 2276.374910][T12813] ? __kmalloc_track_caller+0x1a0/0x320 [ 2276.380461][T12813] ? memcpy+0x39/0x60 [ 2276.384445][T12813] hwsim_new_radio_nl+0x9bc/0x1080 [ 2276.389558][T12813] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2276.395470][T12813] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2276.402652][T12813] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2276.410034][T12813] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2276.417322][T12813] genl_family_rcv_msg_doit+0x228/0x320 [ 2276.422875][T12813] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2276.430246][T12813] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2276.436505][T12813] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2276.442755][T12813] ? ns_capable+0xde/0x100 [ 2276.447165][T12813] genl_rcv_msg+0x328/0x580 [ 2276.451668][T12813] ? genl_get_cmd+0x480/0x480 [ 2276.456339][T12813] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2276.462238][T12813] ? lock_release+0x720/0x720 [ 2276.466909][T12813] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2276.472192][T12813] ? trace_hardirqs_on+0x5b/0x1c0 [ 2276.477213][T12813] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2276.482933][T12813] netlink_rcv_skb+0x153/0x420 [ 2276.487696][T12813] ? genl_get_cmd+0x480/0x480 [ 2276.492370][T12813] ? netlink_ack+0xa60/0xa60 [ 2276.496979][T12813] ? netlink_deliver_tap+0x236/0xba0 [ 2276.502271][T12813] genl_rcv+0x24/0x40 [ 2276.506249][T12813] netlink_unicast+0x533/0x7d0 [ 2276.511018][T12813] ? netlink_attachskb+0x890/0x890 [ 2276.516499][T12813] ? __virt_addr_valid+0x5d/0x2d0 [ 2276.521538][T12813] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2276.528003][T12813] ? __phys_addr_symbol+0x2c/0x70 [ 2276.533601][T12813] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2276.539348][T12813] ? __check_object_size+0x16e/0x3f0 [ 2276.544731][T12813] netlink_sendmsg+0x85b/0xda0 [ 2276.549670][T12813] ? netlink_unicast+0x7d0/0x7d0 [ 2276.554610][T12813] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2276.561628][T12813] ? netlink_unicast+0x7d0/0x7d0 [ 2276.566586][T12813] sock_sendmsg+0xcf/0x120 [ 2276.571199][T12813] ____sys_sendmsg+0x6e8/0x810 [ 2276.576004][T12813] ? kernel_sendmsg+0x50/0x50 [ 2276.580676][T12813] ? do_recvmmsg+0x6d0/0x6d0 [ 2276.585562][T12813] ? fs_reclaim_release+0x9c/0xf0 [ 2276.590589][T12813] ? lock_downgrade+0x6e0/0x6e0 [ 2276.595455][T12813] ___sys_sendmsg+0xf3/0x170 [ 2276.600040][T12813] ? sendmsg_copy_msghdr+0x160/0x160 [ 2276.605321][T12813] ? __fget_files+0x266/0x3d0 [ 2276.609997][T12813] ? lock_downgrade+0x6e0/0x6e0 [ 2276.614846][T12813] ? futex_exit_release+0x220/0x220 [ 2276.620041][T12813] ? alloc_empty_file+0xd7/0x170 [ 2276.624973][T12813] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2276.631303][T12813] ? __fget_files+0x288/0x3d0 [ 2276.636065][T12813] ? __fget_light+0xea/0x280 [ 2276.640658][T12813] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2276.646896][T12813] __sys_sendmsg+0xe5/0x1b0 [ 2276.651396][T12813] ? __sys_sendmsg_sock+0x30/0x30 [ 2276.656433][T12813] ? syscall_enter_from_user_mode+0x21/0x70 [ 2276.662333][T12813] ? trace_hardirqs_on+0x5b/0x1c0 [ 2276.667368][T12813] do_syscall_64+0x35/0xb0 [ 2276.671806][T12813] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2276.677704][T12813] RIP: 0033:0x4665d9 [ 2276.681599][T12813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2276.701224][T12813] RSP: 002b:00007f0cbc0c2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2276.709638][T12813] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2276.717618][T12813] RDX: 000000000e000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2276.725579][T12813] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2276.733638][T12813] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2276.741701][T12813] R13: 00007fffc9e5e04f R14: 00007f0cbc0c2300 R15: 0000000000022000 [ 2276.770442][T12853] netlink: 'syz-executor.0': attribute type 11 has an invalid length. 03:46:59 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x1f000000) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:46:59 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)={0x5, 0x4, 0x4, 0x1}, 0x40) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000017c0)={r2, &(0x7f0000001740), 0x539000, 0x4000}, 0x20) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001b80)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001bc0)={0x1a, 0x5, 0x2, 0x3f, 0xd22e5c4ab18621f4, r2, 0x3, '\x00', 0x0, r3, 0x5, 0x0, 0x3}, 0x40) openat$cgroup_ro(r3, &(0x7f0000000000)='freezer.self_freezing\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) 03:46:59 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2277.353951][T12853] RSP: 002b:00007f571d74c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2277.362455][T12853] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2277.370416][T12853] RDX: 000000000000f000 RSI: 0000000020000000 RDI: 0000000000000003 [ 2277.378396][T12853] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2277.386357][T12853] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2277.394404][T12853] R13: 00007ffe36affebf R14: 00007f571d74c300 R15: 0000000000022000 [ 2277.402896][ T226] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) 03:47:00 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)={0x3, 0x1, 0x8, 0x2, 0x201, 0x1, 0x0, '\x00', 0x0, r1, 0x5, 0x2, 0x3}, 0x40) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)={0x5, 0x40008, 0x4, 0x0, 0x0, r2, 0x0, '\x00', 0x0, r1, 0xfffffffd, 0x0, 0xfffffffe}, 0xb) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000480)={0x0, r1}, 0x10) perf_event_open(&(0x7f0000000500)={0x0, 0x80, 0x81, 0x1f, 0x0, 0x80, 0x0, 0x9, 0x4000, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_config_ext={0x6, 0x100}, 0x180, 0x2, 0x80000001, 0x6, 0x7506fbbe, 0xcb5, 0x7, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x0, r4, 0x1) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000017c0)={r3, &(0x7f0000001740), 0x539000, 0x4000}, 0x20) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001b80)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001bc0)={0x1a, 0x5, 0x2, 0x3f, 0xd22e5c4ab18621f4, r3, 0x3, '\x00', 0x0, r5, 0x5, 0x0, 0x3}, 0x40) sendmsg$kcm(r5, &(0x7f0000000400)={&(0x7f0000000180)=@nfc={0x27, 0x1, 0x0, 0x7}, 0x80, &(0x7f0000000100)=[{&(0x7f0000000000)="8a211cfbfcded5d77b78543c795a2a23ce732cf609c42e7aceda20d3fccd376afa8077", 0x23}, {&(0x7f0000000280)="465a1cd2ab2cb1b9456038f89252bf7c23dd7608a07a50e9ea6df39d92918855b70d598ecbb36dc2f7d5f9456eaf3cfb0c4eaf01271e2da291a7c6c83aad85fc186cc12d09b6dc0af2bf0363ad54562739ca3022304f45e653b3045e1a9ad41dd4adf2c43973e5f3b7ae89817145252dd8eeae1e5d436f7cae5f30", 0x7b}, {&(0x7f0000000300)="f4ea977932774eaecb45c063e39f5df9b76a43510650d8bcc796d799ddc14640be002111087e22acc2e36bf61408cb71b070d1b46966a73df3a02a684869a0c8fd57321190564074c05b76b93086cb239971427ef7a86f2d69094e6dd7acfb3323", 0x61}], 0x3, &(0x7f0000000380)=[{0x50, 0x1, 0x37d399e0, "52d91672ecee8bb4d43f74613f3bb0b37fe21a95f6e2e36faa4dbf3f1ac3c9ca7b1ad9855fcb8409018c701f47bc4fe692719956f381de974ced647a2344"}], 0x50}, 0x4004090) r6 = bpf$ITER_CREATE(0x21, &(0x7f00000005c0)={r5}, 0x8) openat$cgroup(r6, &(0x7f0000000600)='syz1\x00', 0x200002, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000600)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8fffdff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000002c3f2cc2b7954244cef7499cde2bbaf4b06d3585a09a87507ebf4e43bc06607401000000e214b6b12e60ac1786a50b595ecb68db5f282675ef467d7fbde500c1e108abfb7491a203f669f83e2b3b28e12fd4659c5a4be272ae419c62cbcc6338b91fb402803fdbd809d0e4785b3de88865d3d7ff7377ab383df9148fda915d9d5f435905ce28c4014cce4fc1050c9656a41504a8797242f7d2cadcc26313bd5c1c143688e845235f0538e811f14d377f4c38bed86cf343d045e9911fc3eface8bcb4de79dd6468072c5b68d8b76b4cf15c18298247fe815b581d3930d5795ca9d0cc42654b70f35ef3b91fa78d47479b9d05711763e8b485b9eba3c0d6314fd67b5fc53d3366051872947696bdf0c59faeff2da275279507f6576fbe621d27c7a211c1566d6dc977cadd9cec87ed64e3e534d2f70ae40f44c95a3db946bfd3dce2546afffd46637c488397ac6b1c3d69f69a8e41c2878e449ba39ce49cea3dc5e10520c637d23255cedaf8750144422a4100f767a7d03d4299668ebe2c370d6e6bcc01886b19455a29aa155e02bf29ff5c78ecd6f74dc75ed0c16a655db6c321432d8fe20168c9b7e25345971423be8489ce81f099af90b2feb37bbe7b33f8047671af32373ab73c26a83713315130cf23d2dfe773f77910614e4e123bad9cf970cced8fe413488bdc503d67c453c85559679ae3eafb6b03e18c45f6fa583589057995dce1a30d961934d74cb694a83dae55bb3b48dd8ebbfbbcd9e32b96567bbe19fd3254c8a1d3775fc89ae30978fec5d98d417ec51ea291b764bff1ddf9e2c36cc962e2ed3a4245aa0bb0fe6d7fa437aca251a9ec01443ea55bb8c5d9a7cafa12c40fb7a400d92a13cb1e06e720b45aa61cea6d0d9ac38c80f8cfa2bb6a316a53c2282ec819b546c763c564f85c7fededbc399ec01eab4bac37a8ce8a5f000000000068e764d02cfcabb2ce4f9f4c3c23cf5106b6f681d85efbdb5c46a0d9ba4ee256b86232ab79cd8489c0beffa092854e8cde72b513a4963aa3ef8222318a9a6200000000000000000000000000000000d6ea0c0bcd"], &(0x7f0000000340)='GPL\x00'}, 0x35) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r7, 0x18000000000002e0, 0x28, 0x10000f0, &(0x7f00000004c0)="b95b03b703080000009e40f005001fff060000000000008477fbac141423e0000001c699da153f08e0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0x17, 0x6000000000000000, 0xfffffffffffffe7e, 0x1d4, &(0x7f0000000000), &(0x7f0000000080)}, 0x28) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r7, 0xc0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=0x8, 0x0, 0x0, 0x0, &(0x7f0000000680)={0x3, 0x4}, 0x0, 0x0, &(0x7f00000006c0)={0x1, 0xd, 0x9, 0x2}, &(0x7f0000000700)=0x7, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)}}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) [ 2277.455521][T12864] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2277.464568][T12864] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. 03:47:00 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000000)=0x709) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) 03:47:00 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000700000000000000c11470c9e19fa44f2f9a72aeef2492ea776d36d2d5b623f10addbddc3d86dc9f6f1986fb396939afa7c9297a8d0bb8e26018f083c0651105eecaf03e4326cf59588536116d03e1397b1a565f484e721d2fc807ca48c0ddfdc9e481e1cb7d5c1050c997854c711175b0235943c94de05263283dc915bc46068bfe6a5557edb017bf41d79f800967f4add239c9bf8a496b2a08ceedd8733ee2ae63c6ef74825ee9a3d3826eac9849832f545023cf7594f0724d87320c8e094cfdd4a6e9"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x16, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) write$cgroup_int(r1, &(0x7f0000000000)=0x8, 0x12) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/syz1\x00', 0x200002, 0x0) openat$cgroup_ro(r2, &(0x7f00000001c0)='pids.current\x00', 0x0, 0x0) [ 2277.744733][T12864] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2277.744733][T12864] !' [ 2277.758891][T12864] CPU: 1 PID: 12864 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 2277.768742][T12864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2277.778838][T12864] Call Trace: [ 2277.782123][T12864] dump_stack_lvl+0xcd/0x134 [ 2277.787258][T12864] sysfs_warn_dup.cold+0x1c/0x29 [ 2277.792222][T12864] sysfs_do_create_link_sd+0x11e/0x140 [ 2277.797713][T12864] sysfs_create_link+0x5f/0xc0 [ 2277.802584][T12864] device_add+0x789/0x2100 [ 2277.807029][T12864] ? mutex_lock_io_nested+0xf00/0xf00 [ 2277.812419][T12864] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2277.818039][T12864] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2277.824287][T12864] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2277.830534][T12864] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2277.836941][T12864] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2277.843023][T12864] wiphy_register+0x1e8a/0x29b0 [ 2277.847887][T12864] ? wiphy_unregister+0xbd0/0xbd0 [ 2277.852910][T12864] ? minstrel_ht_alloc+0x531/0xa00 [ 2277.858022][T12864] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2277.864095][T12864] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2277.869555][T12864] ? ieee80211_restart_hw+0x290/0x290 [ 2277.874932][T12864] ? debug_object_destroy+0x210/0x210 [ 2277.880315][T12864] ? lock_downgrade+0x6e0/0x6e0 [ 2277.885167][T12864] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2277.890633][T12864] ? memset+0x20/0x40 [ 2277.894613][T12864] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2277.900847][T12864] ? __hrtimer_init+0x136/0x280 [ 2277.905694][T12864] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2277.911418][T12864] ? hwsim_virtio_rx_work+0x350/0x350 [ 2277.916784][T12864] ? __kmalloc_track_caller+0x1a0/0x320 [ 2277.922322][T12864] ? memcpy+0x39/0x60 [ 2277.926312][T12864] hwsim_new_radio_nl+0x9bc/0x1080 [ 2277.931432][T12864] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2277.937328][T12864] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2277.943573][T12864] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2277.950964][T12864] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2277.958268][T12864] genl_family_rcv_msg_doit+0x228/0x320 [ 2277.963822][T12864] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2277.971198][T12864] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2277.977448][T12864] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2277.983694][T12864] ? ns_capable+0xde/0x100 [ 2277.988157][T12864] genl_rcv_msg+0x328/0x580 [ 2277.992668][T12864] ? genl_get_cmd+0x480/0x480 [ 2277.997339][T12864] ? lock_downgrade+0x6e0/0x6e0 [ 2278.002184][T12864] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2278.008270][T12864] ? lock_release+0x720/0x720 [ 2278.012963][T12864] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2278.018259][T12864] netlink_rcv_skb+0x153/0x420 [ 2278.023022][T12864] ? genl_get_cmd+0x480/0x480 [ 2278.027703][T12864] ? netlink_ack+0xa60/0xa60 [ 2278.032293][T12864] ? netlink_deliver_tap+0x236/0xba0 [ 2278.037575][T12864] genl_rcv+0x24/0x40 [ 2278.041598][T12864] netlink_unicast+0x533/0x7d0 [ 2278.046533][T12864] ? netlink_attachskb+0x890/0x890 [ 2278.051638][T12864] ? __virt_addr_valid+0x5d/0x2d0 [ 2278.056662][T12864] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2278.062900][T12864] ? __phys_addr_symbol+0x2c/0x70 [ 2278.067947][T12864] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2278.073659][T12864] ? __check_object_size+0x16e/0x3f0 [ 2278.078940][T12864] netlink_sendmsg+0x85b/0xda0 [ 2278.083701][T12864] ? netlink_unicast+0x7d0/0x7d0 [ 2278.088640][T12864] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2278.094877][T12864] ? netlink_unicast+0x7d0/0x7d0 [ 2278.099808][T12864] sock_sendmsg+0xcf/0x120 [ 2278.104225][T12864] ____sys_sendmsg+0x6e8/0x810 [ 2278.108986][T12864] ? kernel_sendmsg+0x50/0x50 [ 2278.113660][T12864] ? do_recvmmsg+0x6d0/0x6d0 [ 2278.118242][T12864] ? futex_wait_restart+0x200/0x200 [ 2278.123447][T12864] ? do_futex+0x1ee/0x1770 [ 2278.127862][T12864] ? audit_kill_trees+0x240/0x240 [ 2278.132969][T12864] ___sys_sendmsg+0xf3/0x170 [ 2278.137562][T12864] ? sendmsg_copy_msghdr+0x160/0x160 [ 2278.142842][T12864] ? __fget_files+0x266/0x3d0 [ 2278.147521][T12864] ? lock_downgrade+0x6e0/0x6e0 [ 2278.152367][T12864] ? futex_exit_release+0x220/0x220 [ 2278.157560][T12864] ? clockevents_program_event+0x141/0x370 [ 2278.163453][T12864] ? lock_downgrade+0x6e0/0x6e0 [ 2278.168472][T12864] ? __fget_files+0x288/0x3d0 [ 2278.173146][T12864] ? __fget_light+0xea/0x280 [ 2278.177735][T12864] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2278.183987][T12864] __sys_sendmsg+0xe5/0x1b0 [ 2278.188495][T12864] ? __sys_sendmsg_sock+0x30/0x30 [ 2278.193519][T12864] ? syscall_enter_from_user_mode+0x21/0x70 [ 2278.199407][T12864] ? trace_hardirqs_on+0x5b/0x1c0 [ 2278.204433][T12864] do_syscall_64+0x35/0xb0 [ 2278.208853][T12864] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2278.214746][T12864] RIP: 0033:0x4665d9 [ 2278.218630][T12864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2278.238234][T12864] RSP: 002b:00007f2f41cb3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2278.246644][T12864] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2278.254612][T12864] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2278.262664][T12864] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2278.270638][T12864] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2278.278604][T12864] R13: 00007ffcab19058f R14: 00007f2f41cb3300 R15: 0000000000022000 03:47:01 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2278.903473][T12854] RSP: 002b:00007f571d72b188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2278.911991][T12854] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 2278.919948][T12854] RDX: 000000000000f000 RSI: 0000000020000000 RDI: 0000000000000003 [ 2278.927923][T12854] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2278.935875][T12854] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038 [ 2278.943827][T12854] R13: 00007ffe36affebf R14: 00007f571d72b300 R15: 0000000000022000 [ 2278.969202][T12886] netlink: 'syz-executor.4': attribute type 11 has an invalid length. 03:47:02 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x36000) socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) 03:47:02 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) r2 = getpid() perf_event_open(&(0x7f0000001980)={0x1, 0x80, 0x4a, 0x3, 0x4, 0xe0, 0x0, 0x1000, 0x40, 0x4, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0x4ff0, 0x8}, 0x40082, 0x1, 0x4f10, 0x4, 0x6, 0x2, 0x63, 0x0, 0x0, 0x0, 0x7c25}, r2, 0x9, 0xffffffffffffffff, 0x2) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={r2, r1, 0x0, 0x15, &(0x7f0000000000)='cpuacct.usage_percpu\x00'}, 0x30) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) [ 2278.982491][T12886] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. 03:47:02 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000095", @ANYRESDEC], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000017c0)={0xffffffffffffffff, &(0x7f0000001740), 0x539000, 0x4000}, 0x20) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001b80)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001bc0)={0x1a, 0x5, 0x2, 0x3f, 0xd22e5c4ab18621f4, 0xffffffffffffffff, 0x3, '\x00', 0x0, r1, 0x5, 0x0, 0x3}, 0x40) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)={0x2, 0x1, 0x7, 0x3, 0x810, 0xffffffffffffffff, 0xfffffffe, '\x00', 0x0, r0, 0x0, 0x5, 0x4}, 0x40) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)={0x5, 0x4, 0x4, 0x1}, 0x40) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000017c0)={r3, &(0x7f0000001740), 0x539000, 0x4000}, 0x20) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001b80)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001bc0)={0x1a, 0x5, 0x2, 0x3f, 0xd22e5c4ab18621f4, r3, 0x3, '\x00', 0x0, r4, 0x5, 0x0, 0x3}, 0x40) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000600)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8fffdff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000002c3f2cc2b7954244cef7499cde2bbaf4b06d3585a09a87507ebf4e43bc06607401000000e214b6b12e60ac1786a50b595ecb68db5f282675ef467d7fbde500c1e108abfb7491a203f669f83e2b3b28e12fd4659c5a4be272ae419c62cbcc6338b91fb402803fdbd809d0e4785b3de88865d3d7ff7377ab383df9148fda915d9d5f435905ce28c4014cce4fc1050c9656a41504a8797242f7d2cadcc26313bd5c1c143688e845235f0538e811f14d377f4c38bed86cf343d045e9911fc3eface8bcb4de79dd6468072c5b68d8b76b4cf15c18298247fe815b581d3930d5795ca9d0cc42654b70f35ef3b91fa78d47479b9d05711763e8b485b9eba3c0d6314fd67b5fc53d3366051872947696bdf0c59faeff2da275279507f6576fbe621d27c7a211c1566d6dc977cadd9cec87ed64e3e534d2f70ae40f44c95a3db946bfd3dce2546afffd46637c488397ac6b1c3d69f69a8e41c2878e449ba39ce49cea3dc5e10520c637d23255cedaf8750144422a4100f767a7d03d4299668ebe2c370d6e6bcc01886b19455a29aa155e02bf29ff5c78ecd6f74dc75ed0c16a655db6c321432d8fe20168c9b7e25345971423be8489ce81f099af90b2feb37bbe7b33f8047671af32373ab73c26a83713315130cf23d2dfe773f77910614e4e123bad9cf970cced8fe413488bdc503d67c453c85559679ae3eafb6b03e18c45f6fa583589057995dce1a30d961934d74cb694a83dae55bb3b48dd8ebbfbbcd9e32b96567bbe19fd3254c8a1d3775fc89ae30978fec5d98d417ec51ea291b764bff1ddf9e2c36cc962e2ed3a4245aa0bb0fe6d7fa437aca251a9ec01443ea55bb8c5d9a7cafa12c40fb7a400d92a13cb1e06e720b45aa61cea6d0d9ac38c80f8cfa2bb6a316a53c2282ec819b546c763c564f85c7fededbc399ec01eab4bac37a8ce8a5f000000000068e764d02cfcabb2ce4f9f4c3c23cf5106b6f681d85efbdb5c46a0d9ba4ee256b86232ab79cd8489c0beffa092854e8cde72b513a4963aa3ef8222318a9a6200000000000000000000000000000000d6ea0c0bcd"], &(0x7f0000000340)='GPL\x00'}, 0x35) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r5, 0x18000000000002e0, 0x28, 0x10000f0, &(0x7f00000004c0)="b95b03b703080000009e40f005001fff060000000000008477fbac141423e0000001c699da153f08e0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0x17, 0x6000000000000000, 0xfffffffffffffe7e, 0x1d4, &(0x7f0000000000), &(0x7f0000000080)}, 0x28) bpf$PROG_LOAD(0x5, &(0x7f0000001500)={0x1c, 0x8, &(0x7f0000000380)=@raw=[@map_val={0x18, 0x3, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x1}, @map={0x18, 0x8, 0x1, 0x0, r2}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x1}, @jmp={0x5, 0x1, 0x6, 0x2, 0x7, 0xc, 0x1}, @alu={0x4, 0x0, 0x2, 0x8, 0xc70f5da430a6513b, 0xfffffffffffffff0}], &(0x7f00000003c0)='syzkaller\x00', 0x9, 0x1000, &(0x7f0000000500)=""/4096, 0x40f00, 0x9, '\x00', 0x0, 0x1b, r4, 0x8, &(0x7f0000000400)={0x6, 0x7}, 0x8, 0x10, &(0x7f0000000480)={0x5, 0x8, 0x8, 0x1}, 0x10, 0xffffffffffffffff, r5}, 0x78) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0xc0185879, &(0x7f0000000080)=0x5) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)={0x5, 0x4, 0x4, 0x1}, 0x40) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000017c0)={r6, &(0x7f0000001740), 0x539000, 0x4000}, 0x20) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001b80)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001bc0)={0x1a, 0x5, 0x2, 0x3f, 0xd22e5c4ab18621f4, r6, 0x3, '\x00', 0x0, r7, 0x5, 0x0, 0x3}, 0x40) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000002c0)=@bpf_tracing={0x1a, 0x6, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x42c}, [@initr0={0x18, 0x0, 0x0, 0x0, 0xdd, 0x0, 0x0, 0x0, 0x100}, @alu={0x4, 0x1, 0x1, 0xa, 0xb, 0x4, 0xffffffffffffffff}]}, &(0x7f0000000100)='GPL\x00', 0x86, 0x56, &(0x7f0000000140)=""/86, 0x41000, 0x14, '\x00', 0x0, 0x18, r7, 0x8, &(0x7f00000001c0)={0x207, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x0, 0x7, 0x25}, 0x10, 0xea00, r0}, 0x78) [ 2279.255271][T12886] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2279.255271][T12886] !' [ 2279.283257][T12886] CPU: 1 PID: 12886 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 2279.293108][T12886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2279.303181][T12886] Call Trace: [ 2279.306474][T12886] dump_stack_lvl+0xcd/0x134 [ 2279.311091][T12886] sysfs_warn_dup.cold+0x1c/0x29 [ 2279.316142][T12886] sysfs_do_create_link_sd+0x11e/0x140 [ 2279.321610][T12886] sysfs_create_link+0x5f/0xc0 [ 2279.326381][T12886] device_add+0x789/0x2100 [ 2279.330794][T12886] ? mutex_lock_io_nested+0xf00/0xf00 [ 2279.336255][T12886] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2279.341801][T12886] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2279.348310][T12886] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2279.354548][T12886] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2279.360789][T12886] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2279.367028][T12886] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2279.373013][T12886] wiphy_register+0x1e8a/0x29b0 [ 2279.377886][T12886] ? wiphy_unregister+0xbd0/0xbd0 [ 2279.382928][T12886] ? minstrel_ht_alloc+0x531/0xa00 [ 2279.388043][T12886] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2279.394121][T12886] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2279.399584][T12886] ? ieee80211_restart_hw+0x290/0x290 [ 2279.405041][T12886] ? debug_object_destroy+0x210/0x210 [ 2279.410422][T12886] ? lock_downgrade+0x6e0/0x6e0 [ 2279.415271][T12886] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2279.420742][T12886] ? memset+0x20/0x40 [ 2279.424731][T12886] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2279.430966][T12886] ? __hrtimer_init+0x136/0x280 [ 2279.435817][T12886] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2279.441545][T12886] ? hwsim_virtio_rx_work+0x350/0x350 [ 2279.446914][T12886] ? __kmalloc_track_caller+0x1a0/0x320 [ 2279.452456][T12886] ? memcpy+0x39/0x60 [ 2279.456439][T12886] hwsim_new_radio_nl+0x9bc/0x1080 [ 2279.461983][T12886] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2279.467882][T12886] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2279.474121][T12886] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2279.481490][T12886] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2279.488776][T12886] genl_family_rcv_msg_doit+0x228/0x320 [ 2279.494322][T12886] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2279.501691][T12886] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2279.507928][T12886] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2279.514165][T12886] ? ns_capable+0xde/0x100 [ 2279.518660][T12886] genl_rcv_msg+0x328/0x580 [ 2279.523162][T12886] ? genl_get_cmd+0x480/0x480 [ 2279.527840][T12886] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2279.533732][T12886] ? lock_release+0x720/0x720 [ 2279.538403][T12886] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2279.543686][T12886] ? trace_hardirqs_on+0x5b/0x1c0 [ 2279.548706][T12886] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2279.554435][T12886] netlink_rcv_skb+0x153/0x420 [ 2279.559199][T12886] ? genl_get_cmd+0x480/0x480 [ 2279.563890][T12886] ? netlink_ack+0xa60/0xa60 [ 2279.568504][T12886] ? netlink_deliver_tap+0x236/0xba0 [ 2279.573874][T12886] genl_rcv+0x24/0x40 [ 2279.577851][T12886] netlink_unicast+0x533/0x7d0 [ 2279.582613][T12886] ? netlink_attachskb+0x890/0x890 [ 2279.587986][T12886] ? __virt_addr_valid+0x5d/0x2d0 [ 2279.593011][T12886] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2279.599248][T12886] ? __phys_addr_symbol+0x2c/0x70 [ 2279.604267][T12886] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2279.609992][T12886] ? __check_object_size+0x16e/0x3f0 [ 2279.615293][T12886] netlink_sendmsg+0x85b/0xda0 [ 2279.620107][T12886] ? netlink_unicast+0x7d0/0x7d0 [ 2279.625073][T12886] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2279.631327][T12886] ? netlink_unicast+0x7d0/0x7d0 [ 2279.636361][T12886] sock_sendmsg+0xcf/0x120 [ 2279.640781][T12886] ____sys_sendmsg+0x6e8/0x810 [ 2279.645634][T12886] ? kernel_sendmsg+0x50/0x50 [ 2279.650306][T12886] ? do_recvmmsg+0x6d0/0x6d0 [ 2279.654890][T12886] ? tomoyo_path_number_perm+0x204/0x590 [ 2279.660520][T12886] ? kfree+0xeb/0x670 [ 2279.664495][T12886] ? tomoyo_path_number_perm+0x441/0x590 [ 2279.670142][T12886] ___sys_sendmsg+0xf3/0x170 [ 2279.674749][T12886] ? sendmsg_copy_msghdr+0x160/0x160 [ 2279.680039][T12886] ? __fget_files+0x266/0x3d0 [ 2279.684724][T12886] ? lock_downgrade+0x6e0/0x6e0 [ 2279.689570][T12886] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2279.695459][T12886] ? do_vfs_ioctl+0x132/0x15d0 [ 2279.700221][T12886] ? __fget_files+0x288/0x3d0 [ 2279.704895][T12886] ? __fget_light+0xea/0x280 [ 2279.709479][T12886] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2279.715716][T12886] __sys_sendmsg+0xe5/0x1b0 [ 2279.720235][T12886] ? __sys_sendmsg_sock+0x30/0x30 [ 2279.725272][T12886] ? syscall_enter_from_user_mode+0x21/0x70 [ 2279.731161][T12886] ? trace_hardirqs_on+0x5b/0x1c0 [ 2279.736304][T12886] do_syscall_64+0x35/0xb0 [ 2279.742557][T12886] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2279.748465][T12886] RIP: 0033:0x4665d9 [ 2279.752359][T12886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2279.772063][T12886] RSP: 002b:00007f2f41c71188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2279.780490][T12886] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2279.788456][T12886] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2279.796419][T12886] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2279.804385][T12886] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2279.812435][T12886] R13: 00007ffcab19058f R14: 00007f2f41c71300 R15: 0000000000022000 [ 2279.836285][T12902] netlink: 'syz-executor.2': attribute type 11 has an invalid length. 03:47:02 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0xffffffff}, 0x0) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x2000) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) [ 2279.851427][T12902] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2280.043425][T12904] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 2280.056256][T12904] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2280.071046][T12904] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2280.071046][T12904] !' [ 2280.083243][T12904] CPU: 0 PID: 12904 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2280.093437][T12904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2280.103512][T12904] Call Trace: [ 2280.106800][T12904] dump_stack_lvl+0xcd/0x134 [ 2280.111424][T12904] sysfs_warn_dup.cold+0x1c/0x29 [ 2280.116387][T12904] sysfs_do_create_link_sd+0x11e/0x140 [ 2280.121868][T12904] sysfs_create_link+0x5f/0xc0 [ 2280.127430][T12904] device_add+0x789/0x2100 [ 2280.132035][T12904] ? mutex_lock_io_nested+0xf00/0xf00 [ 2280.137431][T12904] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2280.143254][T12904] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2280.149510][T12904] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2280.155771][T12904] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2280.162040][T12904] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2280.168042][T12904] wiphy_register+0x1e8a/0x29b0 [ 2280.172895][T12904] ? wiphy_unregister+0xbd0/0xbd0 [ 2280.177913][T12904] ? minstrel_ht_alloc+0x531/0xa00 [ 2280.183032][T12904] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2280.189092][T12904] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2280.194541][T12904] ? ieee80211_restart_hw+0x290/0x290 [ 2280.199904][T12904] ? debug_object_destroy+0x210/0x210 [ 2280.205266][T12904] ? lock_downgrade+0x6e0/0x6e0 [ 2280.210105][T12904] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2280.215565][T12904] ? memset+0x20/0x40 [ 2280.219538][T12904] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2280.225764][T12904] ? __hrtimer_init+0x136/0x280 [ 2280.230603][T12904] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2280.236581][T12904] ? hwsim_virtio_rx_work+0x350/0x350 [ 2280.241941][T12904] ? __kmalloc_track_caller+0x1a0/0x320 [ 2280.247473][T12904] ? memcpy+0x39/0x60 [ 2280.251444][T12904] hwsim_new_radio_nl+0x9bc/0x1080 [ 2280.256563][T12904] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2280.262466][T12904] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2280.268715][T12904] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2280.276073][T12904] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2280.283349][T12904] genl_family_rcv_msg_doit+0x228/0x320 [ 2280.288972][T12904] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2280.296422][T12904] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2280.303105][T12904] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2280.309332][T12904] ? ns_capable+0xde/0x100 [ 2280.313735][T12904] genl_rcv_msg+0x328/0x580 [ 2280.318228][T12904] ? genl_get_cmd+0x480/0x480 [ 2280.322903][T12904] ? lock_downgrade+0x6e0/0x6e0 [ 2280.327742][T12904] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2280.333630][T12904] ? lock_release+0x720/0x720 [ 2280.340095][T12904] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2280.345516][T12904] netlink_rcv_skb+0x153/0x420 [ 2280.350536][T12904] ? genl_get_cmd+0x480/0x480 [ 2280.355225][T12904] ? netlink_ack+0xa60/0xa60 [ 2280.359806][T12904] ? netlink_deliver_tap+0x236/0xba0 [ 2280.365077][T12904] genl_rcv+0x24/0x40 [ 2280.369146][T12904] netlink_unicast+0x533/0x7d0 [ 2280.373948][T12904] ? netlink_attachskb+0x890/0x890 [ 2280.379067][T12904] ? __virt_addr_valid+0x5d/0x2d0 [ 2280.384099][T12904] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2280.390356][T12904] ? __phys_addr_symbol+0x2c/0x70 [ 2280.396239][T12904] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2280.402137][T12904] ? __check_object_size+0x16e/0x3f0 [ 2280.407417][T12904] netlink_sendmsg+0x85b/0xda0 [ 2280.412264][T12904] ? netlink_unicast+0x7d0/0x7d0 [ 2280.417191][T12904] ? tomoyo_socket_sendmsg_permission+0x11d/0x3a0 [ 2280.423602][T12904] ? security_socket_sendmsg+0x66/0xb0 [ 2280.429050][T12904] ? security_socket_sendmsg+0x7b/0xb0 [ 2280.434499][T12904] ? netlink_unicast+0x7d0/0x7d0 [ 2280.439435][T12904] sock_sendmsg+0xcf/0x120 [ 2280.443858][T12904] ____sys_sendmsg+0x6e8/0x810 [ 2280.448618][T12904] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2280.454781][T12904] ? kernel_sendmsg+0x50/0x50 [ 2280.459475][T12904] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2280.465626][T12904] ? ___sys_sendmsg+0xd2/0x170 [ 2280.470400][T12904] ___sys_sendmsg+0xf3/0x170 [ 2280.474982][T12904] ? sendmsg_copy_msghdr+0x160/0x160 [ 2280.480346][T12904] ? __fget_files+0x266/0x3d0 [ 2280.485026][T12904] ? lock_downgrade+0x6e0/0x6e0 [ 2280.489864][T12904] ? futex_exit_release+0x220/0x220 [ 2280.495062][T12904] ? clockevents_program_event+0x141/0x370 [ 2280.500859][T12904] ? lock_downgrade+0x6e0/0x6e0 [ 2280.505709][T12904] ? __fget_files+0x288/0x3d0 [ 2280.510376][T12904] ? __fget_light+0xea/0x280 [ 2280.514973][T12904] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2280.521200][T12904] __sys_sendmsg+0xe5/0x1b0 [ 2280.525690][T12904] ? __sys_sendmsg_sock+0x30/0x30 [ 2280.530712][T12904] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2280.536965][T12904] ? trace_hardirqs_on+0x39/0x1c0 [ 2280.541993][T12904] ? trace_hardirqs_on+0x51/0x1c0 [ 2280.546999][T12904] ? syscall_enter_from_user_mode+0x21/0x70 [ 2280.552889][T12904] ? syscall_enter_from_user_mode+0x2b/0x70 [ 2280.558774][T12904] do_syscall_64+0x35/0xb0 [ 2280.563325][T12904] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2280.569226][T12904] RIP: 0033:0x4665d9 [ 2280.573127][T12904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2280.593049][T12904] RSP: 002b:00007f0cbc104188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2280.601511][T12904] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2280.609478][T12904] RDX: 000000001f000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2280.617438][T12904] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2280.625406][T12904] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2280.633370][T12904] R13: 00007fffc9e5e04f R14: 00007f0cbc104300 R15: 0000000000022000 [ 2280.653963][T12927] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 2280.667140][T12927] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2280.680883][T12927] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2280.680883][T12927] !' [ 2280.693926][T12927] CPU: 1 PID: 12927 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2280.703764][T12927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2280.713826][T12927] Call Trace: [ 2280.717096][T12927] dump_stack_lvl+0xcd/0x134 [ 2280.721793][T12927] sysfs_warn_dup.cold+0x1c/0x29 [ 2280.726853][T12927] sysfs_do_create_link_sd+0x11e/0x140 [ 2280.732326][T12927] sysfs_create_link+0x5f/0xc0 [ 2280.737105][T12927] device_add+0x789/0x2100 [ 2280.741522][T12927] ? mutex_lock_io_nested+0xf00/0xf00 [ 2280.746911][T12927] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2280.752465][T12927] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2280.759068][T12927] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2280.765351][T12927] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2280.771594][T12927] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2280.777875][T12927] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2280.783886][T12927] wiphy_register+0x1e8a/0x29b0 [ 2280.788746][T12927] ? wiphy_unregister+0xbd0/0xbd0 [ 2280.793791][T12927] ? minstrel_ht_alloc+0x531/0xa00 [ 2280.798927][T12927] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2280.805078][T12927] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2280.810563][T12927] ? ieee80211_restart_hw+0x290/0x290 [ 2280.816022][T12927] ? debug_object_destroy+0x210/0x210 [ 2280.821479][T12927] ? lock_downgrade+0x6e0/0x6e0 [ 2280.826325][T12927] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2280.831778][T12927] ? memset+0x20/0x40 [ 2280.835761][T12927] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2280.842005][T12927] ? __hrtimer_init+0x136/0x280 [ 2280.846856][T12927] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2280.852585][T12927] ? hwsim_virtio_rx_work+0x350/0x350 [ 2280.857954][T12927] ? __kmalloc_track_caller+0x1a0/0x320 [ 2280.863512][T12927] ? memcpy+0x39/0x60 [ 2280.867509][T12927] hwsim_new_radio_nl+0x9bc/0x1080 [ 2280.873231][T12927] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2280.879137][T12927] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2280.885374][T12927] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2280.892752][T12927] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2280.900057][T12927] genl_family_rcv_msg_doit+0x228/0x320 [ 2280.905706][T12927] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2280.913104][T12927] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2280.919363][T12927] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2280.925602][T12927] ? ns_capable+0xde/0x100 [ 2280.930023][T12927] genl_rcv_msg+0x328/0x580 [ 2280.934594][T12927] ? genl_get_cmd+0x480/0x480 [ 2280.939271][T12927] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2280.945252][T12927] ? lock_release+0x720/0x720 [ 2280.949924][T12927] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2280.955241][T12927] ? trace_hardirqs_on+0x5b/0x1c0 [ 2280.960277][T12927] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2280.966012][T12927] netlink_rcv_skb+0x153/0x420 [ 2280.970783][T12927] ? genl_get_cmd+0x480/0x480 [ 2280.975473][T12927] ? netlink_ack+0xa60/0xa60 [ 2280.980062][T12927] ? netlink_deliver_tap+0x236/0xba0 [ 2280.985444][T12927] genl_rcv+0x24/0x40 [ 2280.989424][T12927] netlink_unicast+0x533/0x7d0 [ 2280.994275][T12927] ? netlink_attachskb+0x890/0x890 [ 2280.999384][T12927] ? __virt_addr_valid+0x5d/0x2d0 [ 2281.004430][T12927] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2281.010668][T12927] ? __phys_addr_symbol+0x2c/0x70 [ 2281.015689][T12927] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2281.021515][T12927] ? __check_object_size+0x16e/0x3f0 [ 2281.026806][T12927] netlink_sendmsg+0x85b/0xda0 [ 2281.031744][T12927] ? netlink_unicast+0x7d0/0x7d0 [ 2281.036692][T12927] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2281.042931][T12927] ? netlink_unicast+0x7d0/0x7d0 [ 2281.047880][T12927] sock_sendmsg+0xcf/0x120 [ 2281.052312][T12927] ____sys_sendmsg+0x6e8/0x810 [ 2281.057095][T12927] ? kernel_sendmsg+0x50/0x50 [ 2281.061780][T12927] ? do_recvmmsg+0x6d0/0x6d0 [ 2281.066373][T12927] ? tomoyo_path_number_perm+0x204/0x590 [ 2281.072012][T12927] ? kfree+0xeb/0x670 [ 2281.076153][T12927] ? tomoyo_path_number_perm+0x441/0x590 [ 2281.081877][T12927] ___sys_sendmsg+0xf3/0x170 [ 2281.086464][T12927] ? sendmsg_copy_msghdr+0x160/0x160 [ 2281.091836][T12927] ? kasan_save_stack+0x1b/0x40 [ 2281.096688][T12927] ? __fget_files+0x266/0x3d0 [ 2281.101361][T12927] ? lock_downgrade+0x6e0/0x6e0 [ 2281.106213][T12927] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2281.112106][T12927] ? do_vfs_ioctl+0x132/0x15d0 [ 2281.116877][T12927] ? __fget_files+0x288/0x3d0 [ 2281.121570][T12927] ? __fget_light+0xea/0x280 [ 2281.126244][T12927] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2281.132486][T12927] __sys_sendmsg+0xe5/0x1b0 [ 2281.137000][T12927] ? __sys_sendmsg_sock+0x30/0x30 [ 2281.142210][T12927] ? syscall_enter_from_user_mode+0x21/0x70 [ 2281.148109][T12927] ? trace_hardirqs_on+0x5b/0x1c0 [ 2281.153157][T12927] do_syscall_64+0x35/0xb0 [ 2281.157591][T12927] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2281.163500][T12927] RIP: 0033:0x4665d9 [ 2281.167399][T12927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2281.187263][T12927] RSP: 002b:00007f0cbc0c2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2281.195674][T12927] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2281.204438][T12927] RDX: 000000001f000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2281.212402][T12927] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2281.220628][T12927] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2281.228594][T12927] R13: 00007fffc9e5e04f R14: 00007f0cbc0c2300 R15: 0000000000022000 03:47:04 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x3f000000) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:47:04 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f0000000100)='memory.stat\x00', 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='svcrdma_sq_post_err\x00', r2}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) openat$cgroup_ro(r2, &(0x7f00000002c0)='devices.list\x00', 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)={0x5, 0x4, 0x4, 0x1}, 0x40) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000017c0)={r3, &(0x7f0000001740), 0x539000, 0x4000}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000001c0)='credit_entropy_bits\x00', r0}, 0x10) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001b80)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001bc0)={0x1a, 0x5, 0x2, 0x3f, 0xd22e5c4ab18621f4, r3, 0x3, '\x00', 0x0, r4, 0x5, 0x0, 0x3}, 0x40) ioctl$PERF_EVENT_IOC_PERIOD(r4, 0xc0185879, &(0x7f0000000080)=0xf32) 03:47:04 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2281.835308][T12944] RSP: 002b:00007f571d74c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2281.843720][T12944] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2281.851689][T12944] RDX: 0000000000036000 RSI: 0000000020000000 RDI: 0000000000000003 [ 2281.859669][T12944] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2281.867631][T12944] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2281.875596][T12944] R13: 00007ffe36affebf R14: 00007f571d74c300 R15: 0000000000022000 03:47:04 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='io.stat\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='afs_io_error\x00', r0}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000000)='ext4_sync_file_exit\x00', r1}, 0x10) 03:47:05 executing program 3: openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.stat\x00', 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="180000afae8af4b2db0500000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x8}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) 03:47:05 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000008003333000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) [ 2282.261897][T12946] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 2282.270087][T12946] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2282.285696][T12946] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2282.285696][T12946] !' 03:47:05 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) openat$cgroup_ro(r1, &(0x7f0000000f40)='cpuacct.usage_all\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x0, 0x3, 0x4a, 0x7, 0x1945, r1, 0x200, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x5}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x4, 0xe, &(0x7f0000000cc0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@ldst={0x3, 0x0, 0x6, 0xa, 0x0, 0x50, 0x10}, @initr0={0x18, 0x0, 0x0, 0x0, 0xe3e, 0x0, 0x0, 0x0, 0xffffffff}, @map={0x18, 0x9, 0x1, 0x0, r2}, @alu={0x4, 0x1, 0x5, 0x4, 0x4, 0x0, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6c5, 0x0, 0x0, 0x0, 0x2}, @map={0x18, 0x0, 0x1, 0x0, r1}, @jmp={0x5, 0x1, 0x2, 0x8, 0x6, 0x30, 0xfffffffffffffff0}]}, &(0x7f0000000d40)='syzkaller\x00', 0x5, 0x78, &(0x7f0000000d80)=""/120, 0x41100, 0x8, '\x00', 0x0, 0x14, r1, 0x8, &(0x7f0000000e00)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000000e40)={0x8, 0x2, 0x9, 0x200}, 0x10, 0xffffffffffffffff, r0}, 0x78) bpf$MAP_CREATE(0x0, &(0x7f0000000f00)={0x10, 0x3, 0x3, 0x1, 0xc4, 0xffffffffffffffff, 0x100, '\x00', 0x0, r1, 0x1, 0x5, 0x5}, 0x40) sendmsg(r1, &(0x7f0000000000)={&(0x7f0000000180)=@hci={0x1f, 0x3, 0xc3d68e99666392bc}, 0x80, &(0x7f0000000900)=[{&(0x7f0000000280)="181bd374c1c552e3704ddfaa92749e90e5d985131c743ebedc756fed698ea1b374b0d5af3d7d8f6f12537e598c902865b03b495d26d349689d86e9f14eec99c66a4b05952b2fc6bc6198d7737c9ea02dafee691d47c5ac22ae14b40ff1a9e6498318580f38c15c77feac4cdcd6e16b1b5d67731014d1fc20ec6852f6135910baa28ce1300760d1d9ab9c2cda0decffe16f6b938bdb842f8f2b70bf3daca290d8b09b559047871803e2f02bcac932cfebed44d89dc59a857406", 0xb9}, {&(0x7f0000000340)="3c1c591ed05d013f41f7e8a1bd479aa03b8bb69b712b9ecc5dbf6840c2677f3ad3ab5124b898734ed2770a1e9dc63b17e0af84413c11515353317afa9602b02e92b1ee33a56b2f3b23e675383ad4a361face9a3ee07de186871dcabb3fa662499e8c6a933826e2c984949128f167980e5147aeb59dc8e8", 0x77}, {&(0x7f0000000480)="3fd10f80c7a2fe5d1bf840a4f5308c1ef7456c3ba3f8c0bac327b1158f2dde380e214a9e579aa615521906fc8a40e4098908342712ab08513a293e71528a648ed01defec369a0ad496ce2631810879d1a948eef5675ce2c83d619c307a1556cebfaa44c09198595a117c48b2564e51944dd1c8820b1179d2daedc01de514cc51b7c9b44ccac46e85f9a5fd99c610e17b7df4503719eb6842f1c7677ad22aa1556564f85657dccdd980e9afb18a248b883e2d390d261047cb47d63fb81775816101ccfb14961651daa065", 0xca}, {&(0x7f0000000580)="5fd78aed069626ae802fff35af8c12aef3bd5eb3bdafe5fe61f8b4e7fdefa3ed9bf424c9a76e2004fde99bc6285ae81b01b6a62976ae1d2312001eabccf71bb1f9b600203f144e2be7e9e9430e948b8ef1dcc88c0fdf49ac7c370173db43848951f2311c7e6e2948ea0e44a638f38b0fa7b422c8657ea4157c39a904afda14209008f4fee3716e45c22b33394709708ea8dcc33946cfd8e7b5487c8ea8aca1c5a6441d8b21421b330d36fa87c16ab2d09d13feb7fce57c91fdba5f1b5d06182d1ed528c9b6760029a1a5d9a1560d71aadbe1dd9b695ca22d2d4579fd945349abda8b722e1001253165c8cc", 0xeb}, {&(0x7f00000003c0)="433c65a9ba17699ef84bd2b3d8a4f77295495efc9965e4bc27de5f4921c68da9538cb0fa5dfef403cc9eea9c891d050c8d52efeba600710449863aecaf4f59298d704a5a5c648b0fee5ad7a83bbf7fc0cd36ee78", 0x54}, {&(0x7f0000000680)="3ce93503c1845fe7de486f042a31fab642c47cbe99d71de87ac3c7b2d75100c6e483aaa74bd23f5458240b116ebdec5c25d173e77678d8df5ed555943c464bbacd16b267c3e85fa178c27a785a47c60d6338104320462b79ebffa01bc6d309a68272d0a76f0ba33fbd3ccea4df533ed5c09ab5d92389138ebef4f3b5a69d06ec23f828994ff5895ace58a392ada646b9a3ac9b33763ba8c8888f7a24ac8b26895fc4fe10f583da9ac4ce5f02a94a1d72d093bd8abfda4803a2aa928df9f78ce0eba90ac4a58dc6", 0xc7}, {&(0x7f00000007c0)="a915b0b463193087eb4ce543c6c3276f636e2b77514f2b1cb8072d8e508580dfb8f344500bf8c75c2553146d98ff0ab4b2fbd398899d9835fea2a3f011ff37d842b84f7a8dc0dbd30086de61e9dad6c9a8468f183790ddf0", 0x58}, {&(0x7f0000000840)="ce87a9fb28b685118b0fb0ace2e4a35b32d02ff846bfff3537645b7c2acf5d823da032c779d60c3a65bcf9d7f029b3856eb556bd2abb31797b87da5c8e20fa2c6355bf057af17ce352e3e8ef2fee08a9e3e7e7c4478dc0d5fcd1adfe0984c41ec9c10719ce9ca8d86f0385903974624353a5636fefe9ab86ab89b727e86fc666af82b138173756e7e6d1f561467a478c842b873b8a75a41f346c608e04a0f485479cb2b67248a58bb1f3715c7da7c524c1eacd7d42767f3e796bd9195a", 0xbd}], 0x8, &(0x7f0000000980)=[{0xf8, 0x6, 0x6, "aef1594afd802b22a4cf2cb9436673600c1ef8c1ee1fcf5cec4346195cb6eb012796e308b27a47e7849481363f51b45e4ae7b9334aa7a4ef922d6379a2a38e0c3a5d7bdbe235dbd493374d18a12c11fd13f9331dd052ab8bf9bd68911a5c99c37349d701789842bc6100fe674fceff2cf9e30cf4ea37e456939f2c2fe6627331c99fd84db9d2494bcf82cd2cc9cee419c76b9ad639dae8383f0bd058fc7dc258f77f72f0fa3df7a820dc6f62d8ee2329d09c43a0374ba2f51e26ea6843f34db9edf0382c8f0d91296eb1d932fd2af18d546732eeea5330c4e8c30a2e54f75e092c"}, {0xc0, 0x10c, 0x8, "27ee43929d176a8517f6bbad1bb92621d4232584330e86b48e9fccce4f2262aff5f8d072504072f06a40805bc5e6722e2e638e83e6319fdc8381c968d3ff97d5d4135442cbedd1a1a8ad3f41acfddc3e96e6f4b5ce8fd2d306188d6e68160291d1a419f4dd38571582097085605573ef405cf1370ac46f1f86313debab96ae706364b3e6375ca94879a568aa41f43a42b6b7ca5bbf08cde493d34c20bf2c5c4772bfff9a040fb9e584"}, {0xa8, 0x11, 0x81, "c6aa503d326caa183086cbd08d34e21ed5214ecf7237de296f99b27c9d3dab1c00c1c5f625a600f9b248e21be1be7a28157c113258f262512ee8a35616500dda7c83563a97cd3a17893051cb0450c90c08357e09fc8d3f9fef284351ff5d46172e51dee75a4a61118ba80fcc5bcfaf3c5af7f57bf54f4f80883a9a06dddea267b287ed37f7c5ace20171e8d24e97fae3743540d1"}, {0xd8, 0x104, 0x1, "48b4286b7966cc6e2a0e2a4052bdd460608ee7eafb642c9f28419de74dd71d6bfaa3cf92a2130334922a30812d33a7d0524328bd310ea6009ad8eedcc7cd194fb50ecd40b1fbf4ed4f2ed6757082086c29a6a7c1002f3a783bb3ed8fd6e9164d0cd5618a95c7b9e55ced2a9410db7e4e51f08ef9c72090ddf7a4d59817e62c27f75667ac23c667b5f4402a6d01024a9d6aa4000db5af2e0afd9498df78c87e54f043c8eec9cb04a23e32d3fb156c24fa69d54616598f157f057a2359884d49c6a9c08b7a"}], 0x338}, 0x20004845) [ 2282.311722][T12946] CPU: 1 PID: 12946 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 2282.321575][T12946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2282.331730][T12946] Call Trace: [ 2282.335026][T12946] dump_stack_lvl+0xcd/0x134 [ 2282.339644][T12946] sysfs_warn_dup.cold+0x1c/0x29 [ 2282.344632][T12946] sysfs_do_create_link_sd+0x11e/0x140 [ 2282.350113][T12946] sysfs_create_link+0x5f/0xc0 [ 2282.354887][T12946] device_add+0x789/0x2100 [ 2282.359305][T12946] ? mutex_lock_io_nested+0xf00/0xf00 [ 2282.364677][T12946] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2282.370315][T12946] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2282.376819][T12946] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2282.383145][T12946] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2282.389383][T12946] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2282.395790][T12946] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2282.401771][T12946] wiphy_register+0x1e8a/0x29b0 [ 2282.406628][T12946] ? wiphy_unregister+0xbd0/0xbd0 [ 2282.411658][T12946] ? minstrel_ht_alloc+0x531/0xa00 [ 2282.416780][T12946] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2282.423464][T12946] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2282.429708][T12946] ? ieee80211_restart_hw+0x290/0x290 [ 2282.435077][T12946] ? debug_object_destroy+0x210/0x210 [ 2282.440454][T12946] ? lock_downgrade+0x6e0/0x6e0 [ 2282.445314][T12946] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2282.450769][T12946] ? memset+0x20/0x40 [ 2282.454751][T12946] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2282.460995][T12946] ? __hrtimer_init+0x136/0x280 [ 2282.465851][T12946] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2282.471584][T12946] ? hwsim_virtio_rx_work+0x350/0x350 [ 2282.476962][T12946] ? __kmalloc_track_caller+0x1a0/0x320 [ 2282.482508][T12946] ? memcpy+0x39/0x60 [ 2282.486488][T12946] hwsim_new_radio_nl+0x9bc/0x1080 [ 2282.491612][T12946] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2282.497782][T12946] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2282.504021][T12946] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2282.511418][T12946] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2282.518895][T12946] genl_family_rcv_msg_doit+0x228/0x320 [ 2282.525045][T12946] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2282.532425][T12946] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2282.538668][T12946] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2282.544901][T12946] ? ns_capable+0xde/0x100 [ 2282.549310][T12946] genl_rcv_msg+0x328/0x580 [ 2282.553809][T12946] ? genl_get_cmd+0x480/0x480 [ 2282.558481][T12946] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2282.564404][T12946] ? lock_release+0x720/0x720 [ 2282.569072][T12946] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2282.574354][T12946] ? trace_hardirqs_on+0x5b/0x1c0 [ 2282.579376][T12946] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2282.585094][T12946] netlink_rcv_skb+0x153/0x420 [ 2282.589855][T12946] ? genl_get_cmd+0x480/0x480 [ 2282.594526][T12946] ? netlink_ack+0xa60/0xa60 [ 2282.599116][T12946] ? netlink_deliver_tap+0x236/0xba0 [ 2282.604399][T12946] genl_rcv+0x24/0x40 [ 2282.608389][T12946] netlink_unicast+0x533/0x7d0 [ 2282.613162][T12946] ? netlink_attachskb+0x890/0x890 [ 2282.618282][T12946] ? __virt_addr_valid+0x5d/0x2d0 [ 2282.623348][T12946] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2282.629595][T12946] ? __phys_addr_symbol+0x2c/0x70 [ 2282.634718][T12946] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2282.640433][T12946] ? __check_object_size+0x16e/0x3f0 [ 2282.645736][T12946] netlink_sendmsg+0x85b/0xda0 [ 2282.650501][T12946] ? netlink_unicast+0x7d0/0x7d0 [ 2282.655443][T12946] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2282.661682][T12946] ? netlink_unicast+0x7d0/0x7d0 [ 2282.666617][T12946] sock_sendmsg+0xcf/0x120 [ 2282.671034][T12946] ____sys_sendmsg+0x6e8/0x810 [ 2282.675805][T12946] ? kernel_sendmsg+0x50/0x50 [ 2282.680576][T12946] ? do_recvmmsg+0x6d0/0x6d0 [ 2282.685179][T12946] ___sys_sendmsg+0xf3/0x170 [ 2282.689773][T12946] ? sendmsg_copy_msghdr+0x160/0x160 [ 2282.695068][T12946] ? __fget_files+0x266/0x3d0 [ 2282.699751][T12946] ? lock_downgrade+0x6e0/0x6e0 [ 2282.704595][T12946] ? futex_exit_release+0x220/0x220 [ 2282.709791][T12946] ? alloc_empty_file+0xd7/0x170 [ 2282.714739][T12946] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2282.720999][T12946] ? __fget_files+0x288/0x3d0 [ 2282.725690][T12946] ? __fget_light+0xea/0x280 [ 2282.730312][T12946] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2282.736569][T12946] __sys_sendmsg+0xe5/0x1b0 [ 2282.741071][T12946] ? __sys_sendmsg_sock+0x30/0x30 [ 2282.746095][T12946] ? syscall_enter_from_user_mode+0x21/0x70 [ 2282.751986][T12946] ? trace_hardirqs_on+0x5b/0x1c0 [ 2282.757010][T12946] do_syscall_64+0x35/0xb0 [ 2282.761423][T12946] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2282.767316][T12946] RIP: 0033:0x4665d9 [ 2282.771200][T12946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2282.792976][T12946] RSP: 002b:00007f571d72b188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2282.801389][T12946] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 2282.809370][T12946] RDX: 0000000000036000 RSI: 0000000020000000 RDI: 0000000000000003 [ 2282.817347][T12946] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2282.825313][T12946] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038 [ 2282.833279][T12946] R13: 00007ffe36affebf R14: 00007f571d72b300 R15: 0000000000022000 [ 2282.849624][T12964] netlink: 'syz-executor.4': attribute type 11 has an invalid length. 03:47:05 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x600300) socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) 03:47:05 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2283.479552][T12964] RSP: 002b:00007f2f41cb3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2283.487977][T12964] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 03:47:06 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c00)={0x18, 0x7, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x6}, [@btf_id={0x18, 0x6, 0x3, 0x0, 0x3}, @initr0={0x18, 0x0, 0x0, 0x0, 0xb2f, 0x0, 0x0, 0x0, 0x9}]}, &(0x7f0000000480)='GPL\x00', 0x8, 0xf1, &(0x7f0000000a80)=""/241, 0x41100, 0x18, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000b80)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000bc0)={0x2, 0x4, 0x9d, 0x30563e66}, 0x10}, 0x78) bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x10, 0x3, &(0x7f00000002c0)=@raw=[@map_val={0x18, 0x8, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3f}, @generic={0x3f, 0xf, 0x9, 0x3, 0x3}], &(0x7f0000000300)='GPL\x00', 0x4, 0xe5, &(0x7f0000000980)=""/229, 0x41100, 0x1, '\x00', 0x0, 0x6, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x5, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0x1, 0x699, 0x9}, 0x10, 0xffffffffffffffff, r0}, 0x78) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="07005ced038f4040e20f46017d"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)={0x5, 0x4, 0x4, 0x1}, 0x40) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000017c0)={r2, &(0x7f0000001740), 0x539000, 0x4000}, 0x20) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001b80)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000600)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8fffdff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000002c3f2cc2b7954244cef7499cde2bbaf4b06d3585a09a87507ebf4e43bc06607401000000e214b6b12e60ac1786a50b595ecb68db5f282675ef467d7fbde500c1e108abfb7491a203f669f83e2b3b28e12fd4659c5a4be272ae419c62cbcc6338b91fb402803fdbd809d0e4785b3de88865d3d7ff7377ab383df9148fda915d9d5f435905ce28c4014cce4fc1050c9656a41504a8797242f7d2cadcc26313bd5c1c143688e845235f0538e811f14d377f4c38bed86cf343d045e9911fc3eface8bcb4de79dd6468072c5b68d8b76b4cf15c18298247fe815b581d3930d5795ca9d0cc42654b70f35ef3b91fa78d47479b9d05711763e8b485b9eba3c0d6314fd67b5fc53d3366051872947696bdf0c59faeff2da275279507f6576fbe621d27c7a211c1566d6dc977cadd9cec87ed64e3e534d2f70ae40f44c95a3db946bfd3dce2546afffd46637c488397ac6b1c3d69f69a8e41c2878e449ba39ce49cea3dc5e10520c637d23255cedaf8750144422a4100f767a7d03d4299668ebe2c370d6e6bcc01886b19455a29aa155e02bf29ff5c78ecd6f74dc75ed0c16a655db6c321432d8fe20168c9b7e25345971423be8489ce81f099af90b2feb37bbe7b33f8047671af32373ab73c26a83713315130cf23d2dfe773f77910614e4e123bad9cf970cced8fe413488bdc503d67c453c85559679ae3eafb6b03e18c45f6fa583589057995dce1a30d961934d74cb694a83dae55bb3b48dd8ebbfbbcd9e32b96567bbe19fd3254c8a1d3775fc89ae30978fec5d98d417ec51ea291b764bff1ddf9e2c36cc962e2ed3a4245aa0bb0fe6d7fa437aca251a9ec01443ea55bb8c5d9a7cafa12c40fb7a400d92a13cb1e06e720b45aa61cea6d0d9ac38c80f8cfa2bb6a316a53c2282ec819b546c763c564f85c7fededbc399ec01eab4bac37a8ce8a5f000000000068e764d02cfcabb2ce4f9f4c3c23cf5106b6f681d85efbdb5c46a0d9ba4ee256b86232ab79cd8489c0beffa092854e8cde72b513a4963aa3ef8222318a9a6200000000000000000000000000000000d6ea0c0bcd"], &(0x7f0000000340)='GPL\x00'}, 0x35) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r4, 0x18000000000002e0, 0x28, 0x10000f0, &(0x7f00000004c0)="b95b03b703080000009e40f005001fff060000000000008477fbac141423e0000001c699da153f08e0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0x17, 0x6000000000000000, 0xfffffffffffffe7e, 0x1d4, &(0x7f0000000000), &(0x7f0000000080)}, 0x28) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000280)={r3, r1, 0x4, r4}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000001bc0)={0x1a, 0x5, 0x2, 0x3f, 0xd22e5c4ab18621f4, r2, 0x3, '\x00', 0x0, r3, 0x5, 0x0, 0x3}, 0x40) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='rxrpc_rx_abort\x00', r3}, 0x10) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r5, 0xc0185879, &(0x7f0000000080)) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0) openat$cgroup_ro(r6, &(0x7f0000000100)='hugetlb.2MB.limit_in_bytes\x00', 0x0, 0x0) [ 2283.495941][T12964] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2283.503909][T12964] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2283.511885][T12964] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2283.519858][T12964] R13: 00007ffcab19058f R14: 00007f2f41cb3300 R15: 0000000000022000 [ 2283.693414][T12988] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2283.719955][T12988] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2283.748778][T12988] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2283.748778][T12988] !' [ 2283.760620][T12988] CPU: 0 PID: 12988 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 2283.771436][T12988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2283.781502][T12988] Call Trace: [ 2283.784800][T12988] dump_stack_lvl+0xcd/0x134 [ 2283.789413][T12988] sysfs_warn_dup.cold+0x1c/0x29 [ 2283.794381][T12988] sysfs_do_create_link_sd+0x11e/0x140 [ 2283.799873][T12988] sysfs_create_link+0x5f/0xc0 [ 2283.804639][T12988] device_add+0x789/0x2100 [ 2283.809056][T12988] ? mutex_lock_io_nested+0xf00/0xf00 [ 2283.814426][T12988] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2283.819977][T12988] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2283.826477][T12988] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2283.832773][T12988] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2283.839011][T12988] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2283.845250][T12988] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2283.851408][T12988] wiphy_register+0x1e8a/0x29b0 [ 2283.856251][T12988] ? wiphy_unregister+0xbd0/0xbd0 [ 2283.861448][T12988] ? minstrel_ht_alloc+0x531/0xa00 [ 2283.866545][T12988] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2283.872604][T12988] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2283.878061][T12988] ? ieee80211_restart_hw+0x290/0x290 [ 2283.883442][T12988] ? debug_object_destroy+0x210/0x210 [ 2283.888813][T12988] ? lock_downgrade+0x6e0/0x6e0 [ 2283.893663][T12988] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2283.899115][T12988] ? memset+0x20/0x40 [ 2283.903099][T12988] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2283.909342][T12988] ? __hrtimer_init+0x136/0x280 [ 2283.914392][T12988] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2283.920130][T12988] ? hwsim_virtio_rx_work+0x350/0x350 [ 2283.925491][T12988] ? __kmalloc_track_caller+0x1a0/0x320 [ 2283.931022][T12988] ? memcpy+0x39/0x60 [ 2283.935015][T12988] hwsim_new_radio_nl+0x9bc/0x1080 [ 2283.940126][T12988] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2283.946013][T12988] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2283.952251][T12988] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2283.959610][T12988] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2283.966885][T12988] genl_family_rcv_msg_doit+0x228/0x320 [ 2283.972440][T12988] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2283.979820][T12988] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2283.986060][T12988] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2283.992300][T12988] ? ns_capable+0xde/0x100 [ 2283.996709][T12988] genl_rcv_msg+0x328/0x580 [ 2284.001201][T12988] ? genl_get_cmd+0x480/0x480 [ 2284.005863][T12988] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2284.011753][T12988] ? lock_release+0x720/0x720 [ 2284.016413][T12988] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2284.021690][T12988] ? trace_hardirqs_on+0x5b/0x1c0 [ 2284.026712][T12988] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2284.032428][T12988] netlink_rcv_skb+0x153/0x420 [ 2284.037186][T12988] ? genl_get_cmd+0x480/0x480 [ 2284.041852][T12988] ? netlink_ack+0xa60/0xa60 [ 2284.046447][T12988] ? netlink_deliver_tap+0x236/0xba0 [ 2284.051717][T12988] genl_rcv+0x24/0x40 [ 2284.055687][T12988] netlink_unicast+0x533/0x7d0 [ 2284.060449][T12988] ? netlink_attachskb+0x890/0x890 [ 2284.065551][T12988] ? __virt_addr_valid+0x5d/0x2d0 [ 2284.070587][T12988] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2284.076815][T12988] ? __phys_addr_symbol+0x2c/0x70 [ 2284.081822][T12988] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2284.087526][T12988] ? __check_object_size+0x16e/0x3f0 [ 2284.092807][T12988] netlink_sendmsg+0x85b/0xda0 [ 2284.097563][T12988] ? netlink_unicast+0x7d0/0x7d0 [ 2284.102491][T12988] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2284.108724][T12988] ? netlink_unicast+0x7d0/0x7d0 [ 2284.113793][T12988] sock_sendmsg+0xcf/0x120 [ 2284.118212][T12988] ____sys_sendmsg+0x6e8/0x810 [ 2284.122965][T12988] ? kernel_sendmsg+0x50/0x50 [ 2284.127681][T12988] ? do_recvmmsg+0x6d0/0x6d0 [ 2284.132261][T12988] ? tomoyo_path_number_perm+0x204/0x590 [ 2284.138018][T12988] ? kfree+0xeb/0x670 [ 2284.142082][T12988] ? tomoyo_path_number_perm+0x441/0x590 [ 2284.147833][T12988] ___sys_sendmsg+0xf3/0x170 [ 2284.152419][T12988] ? sendmsg_copy_msghdr+0x160/0x160 [ 2284.157694][T12988] ? __fget_files+0x266/0x3d0 [ 2284.162363][T12988] ? lock_downgrade+0x6e0/0x6e0 [ 2284.167207][T12988] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2284.173175][T12988] ? do_vfs_ioctl+0x132/0x15d0 [ 2284.177929][T12988] ? __fget_files+0x288/0x3d0 [ 2284.182591][T12988] ? __fget_light+0xea/0x280 [ 2284.187196][T12988] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2284.193425][T12988] __sys_sendmsg+0xe5/0x1b0 [ 2284.197924][T12988] ? __sys_sendmsg_sock+0x30/0x30 [ 2284.202946][T12988] ? syscall_enter_from_user_mode+0x21/0x70 [ 2284.208822][T12988] ? trace_hardirqs_on+0x5b/0x1c0 [ 2284.213832][T12988] do_syscall_64+0x35/0xb0 [ 2284.218249][T12988] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2284.224413][T12988] RIP: 0033:0x4665d9 [ 2284.228389][T12988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2284.247999][T12988] RSP: 002b:00007f2f41c71188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2284.256403][T12988] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2284.264378][T12988] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2284.272401][T12988] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2284.280357][T12988] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2284.288332][T12988] R13: 00007ffcab19058f R14: 00007f2f41c71300 R15: 0000000000022000 03:47:07 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x2) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x2000) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) [ 2284.309222][T13001] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 2284.333880][T13001] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2284.353662][T13001] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2284.353662][T13001] !' [ 2284.371659][T13001] CPU: 0 PID: 13001 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2284.381526][T13001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2284.391593][T13001] Call Trace: [ 2284.394925][T13001] dump_stack_lvl+0xcd/0x134 [ 2284.399512][T13001] sysfs_warn_dup.cold+0x1c/0x29 [ 2284.404452][T13001] sysfs_do_create_link_sd+0x11e/0x140 [ 2284.409928][T13001] sysfs_create_link+0x5f/0xc0 [ 2284.414706][T13001] device_add+0x789/0x2100 [ 2284.419114][T13001] ? mutex_lock_io_nested+0xf00/0xf00 [ 2284.424476][T13001] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2284.430115][T13001] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2284.436611][T13001] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2284.443116][T13001] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2284.449350][T13001] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2284.455604][T13001] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2284.461581][T13001] wiphy_register+0x1e8a/0x29b0 [ 2284.466432][T13001] ? wiphy_unregister+0xbd0/0xbd0 [ 2284.471445][T13001] ? minstrel_ht_alloc+0x531/0xa00 [ 2284.476549][T13001] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2284.482693][T13001] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2284.488159][T13001] ? ieee80211_restart_hw+0x290/0x290 [ 2284.493609][T13001] ? debug_object_destroy+0x210/0x210 [ 2284.499007][T13001] ? lock_downgrade+0x6e0/0x6e0 [ 2284.503843][T13001] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2284.509382][T13001] ? memset+0x20/0x40 [ 2284.513517][T13001] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2284.519759][T13001] ? __hrtimer_init+0x136/0x280 [ 2284.524621][T13001] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2284.530471][T13001] ? hwsim_virtio_rx_work+0x350/0x350 [ 2284.535870][T13001] ? __kmalloc_track_caller+0x1a0/0x320 [ 2284.541409][T13001] ? memcpy+0x39/0x60 [ 2284.545391][T13001] hwsim_new_radio_nl+0x9bc/0x1080 [ 2284.550581][T13001] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2284.556465][T13001] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2284.562954][T13001] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2284.570577][T13001] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2284.580517][T13001] genl_family_rcv_msg_doit+0x228/0x320 [ 2284.586063][T13001] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2284.593437][T13001] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2284.599682][T13001] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2284.605920][T13001] ? ns_capable+0xde/0x100 [ 2284.610329][T13001] genl_rcv_msg+0x328/0x580 [ 2284.614832][T13001] ? genl_get_cmd+0x480/0x480 [ 2284.619605][T13001] ? lock_downgrade+0x6e0/0x6e0 [ 2284.624464][T13001] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2284.630356][T13001] ? lock_release+0x720/0x720 [ 2284.635037][T13001] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2284.640359][T13001] netlink_rcv_skb+0x153/0x420 [ 2284.645129][T13001] ? genl_get_cmd+0x480/0x480 [ 2284.649812][T13001] ? netlink_ack+0xa60/0xa60 [ 2284.654392][T13001] ? netlink_deliver_tap+0x236/0xba0 [ 2284.659853][T13001] genl_rcv+0x24/0x40 [ 2284.663932][T13001] netlink_unicast+0x533/0x7d0 [ 2284.668683][T13001] ? netlink_attachskb+0x890/0x890 [ 2284.673780][T13001] ? bpf_lsm_sem_semop+0x10/0x10 [ 2284.678718][T13001] netlink_sendmsg+0x85b/0xda0 [ 2284.683476][T13001] ? netlink_unicast+0x7d0/0x7d0 [ 2284.688429][T13001] ? tomoyo_socket_sendmsg_permission+0x11d/0x3a0 [ 2284.694849][T13001] ? aa_sk_perm+0x31b/0xab0 [ 2284.699380][T13001] ? security_socket_sendmsg+0x52/0xb0 [ 2284.704921][T13001] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2284.711247][T13001] ? netlink_unicast+0x7d0/0x7d0 [ 2284.716174][T13001] sock_sendmsg+0xcf/0x120 [ 2284.720582][T13001] ____sys_sendmsg+0x6e8/0x810 [ 2284.725357][T13001] ? kernel_sendmsg+0x50/0x50 [ 2284.730019][T13001] ? do_recvmmsg+0x6d0/0x6d0 [ 2284.734593][T13001] ? futex_wait_restart+0x200/0x200 [ 2284.739787][T13001] ___sys_sendmsg+0xf3/0x170 [ 2284.744368][T13001] ? sendmsg_copy_msghdr+0x160/0x160 [ 2284.749672][T13001] ? __fget_files+0x266/0x3d0 [ 2284.754362][T13001] ? lock_downgrade+0x6e0/0x6e0 [ 2284.759309][T13001] ? futex_exit_release+0x220/0x220 [ 2284.764507][T13001] ? clockevents_program_event+0x141/0x370 [ 2284.770312][T13001] ? lock_downgrade+0x6e0/0x6e0 [ 2284.775169][T13001] ? __fget_files+0x288/0x3d0 [ 2284.779843][T13001] ? __fget_light+0xea/0x280 [ 2284.784442][T13001] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2284.790682][T13001] __sys_sendmsg+0xe5/0x1b0 [ 2284.795184][T13001] ? __sys_sendmsg_sock+0x30/0x30 [ 2284.800234][T13001] ? syscall_enter_from_user_mode+0x21/0x70 [ 2284.806136][T13001] ? trace_hardirqs_on+0x5b/0x1c0 [ 2284.811249][T13001] do_syscall_64+0x35/0xb0 [ 2284.815651][T13001] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2284.821544][T13001] RIP: 0033:0x4665d9 [ 2284.825429][T13001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2284.845072][T13001] RSP: 002b:00007f0cbc104188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2284.853647][T13001] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2284.861610][T13001] RDX: 000000003f000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2284.869568][T13001] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2284.877531][T13001] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2284.885491][T13001] R13: 00007fffc9e5e04f R14: 00007f0cbc104300 R15: 0000000000022000 [ 2284.915291][T13002] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 2284.926178][T13002] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2285.045084][T13016] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 2285.060128][T13016] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2285.244952][T13019] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 2285.254594][T13019] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2285.269922][T13019] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2285.269922][T13019] !' [ 2285.284884][T13019] CPU: 0 PID: 13019 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2285.294735][T13019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2285.305613][T13019] Call Trace: [ 2285.308943][T13019] dump_stack_lvl+0xcd/0x134 [ 2285.313557][T13019] sysfs_warn_dup.cold+0x1c/0x29 [ 2285.318516][T13019] sysfs_do_create_link_sd+0x11e/0x140 [ 2285.323999][T13019] sysfs_create_link+0x5f/0xc0 [ 2285.328789][T13019] device_add+0x789/0x2100 [ 2285.333325][T13019] ? mutex_lock_io_nested+0xf00/0xf00 [ 2285.338717][T13019] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2285.344284][T13019] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2285.350810][T13019] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2285.357165][T13019] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2285.363517][T13019] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2285.369791][T13019] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2285.375822][T13019] wiphy_register+0x1e8a/0x29b0 [ 2285.380687][T13019] ? wiphy_unregister+0xbd0/0xbd0 [ 2285.385824][T13019] ? minstrel_ht_alloc+0x531/0xa00 [ 2285.390936][T13019] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2285.397003][T13019] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2285.402463][T13019] ? ieee80211_restart_hw+0x290/0x290 [ 2285.407830][T13019] ? debug_object_destroy+0x210/0x210 [ 2285.413194][T13019] ? lock_downgrade+0x6e0/0x6e0 [ 2285.418036][T13019] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2285.423504][T13019] ? memset+0x20/0x40 [ 2285.427491][T13019] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2285.433724][T13019] ? __hrtimer_init+0x136/0x280 [ 2285.438590][T13019] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2285.444308][T13019] ? hwsim_virtio_rx_work+0x350/0x350 [ 2285.449689][T13019] ? __kmalloc_track_caller+0x1a0/0x320 [ 2285.455237][T13019] ? memcpy+0x39/0x60 [ 2285.459294][T13019] hwsim_new_radio_nl+0x9bc/0x1080 [ 2285.464411][T13019] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2285.470310][T13019] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2285.476559][T13019] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2285.483960][T13019] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2285.491251][T13019] genl_family_rcv_msg_doit+0x228/0x320 [ 2285.496805][T13019] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2285.504186][T13019] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2285.510433][T13019] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2285.516673][T13019] ? ns_capable+0xde/0x100 [ 2285.521089][T13019] genl_rcv_msg+0x328/0x580 [ 2285.526026][T13019] ? genl_get_cmd+0x480/0x480 [ 2285.530693][T13019] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2285.536580][T13019] ? lock_release+0x720/0x720 [ 2285.541244][T13019] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2285.546520][T13019] ? trace_hardirqs_on+0x5b/0x1c0 [ 2285.551542][T13019] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2285.557264][T13019] netlink_rcv_skb+0x153/0x420 [ 2285.562022][T13019] ? genl_get_cmd+0x480/0x480 [ 2285.566708][T13019] ? netlink_ack+0xa60/0xa60 [ 2285.571308][T13019] ? netlink_deliver_tap+0x236/0xba0 [ 2285.576589][T13019] genl_rcv+0x24/0x40 [ 2285.580655][T13019] netlink_unicast+0x533/0x7d0 [ 2285.585454][T13019] ? netlink_attachskb+0x890/0x890 [ 2285.590571][T13019] ? __virt_addr_valid+0x5d/0x2d0 [ 2285.595763][T13019] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2285.602009][T13019] ? __phys_addr_symbol+0x2c/0x70 [ 2285.607027][T13019] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2285.612757][T13019] ? __check_object_size+0x16e/0x3f0 [ 2285.618045][T13019] netlink_sendmsg+0x85b/0xda0 [ 2285.622803][T13019] ? netlink_unicast+0x7d0/0x7d0 [ 2285.627768][T13019] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2285.633997][T13019] ? netlink_unicast+0x7d0/0x7d0 [ 2285.638939][T13019] sock_sendmsg+0xcf/0x120 [ 2285.643346][T13019] ____sys_sendmsg+0x6e8/0x810 [ 2285.648098][T13019] ? kernel_sendmsg+0x50/0x50 [ 2285.652762][T13019] ? do_recvmmsg+0x6d0/0x6d0 [ 2285.657339][T13019] ? tomoyo_path_number_perm+0x204/0x590 [ 2285.663235][T13019] ? kfree+0xeb/0x670 [ 2285.667223][T13019] ? tomoyo_path_number_perm+0x441/0x590 [ 2285.672852][T13019] ___sys_sendmsg+0xf3/0x170 [ 2285.677433][T13019] ? sendmsg_copy_msghdr+0x160/0x160 [ 2285.682829][T13019] ? __fget_files+0x266/0x3d0 [ 2285.687495][T13019] ? lock_downgrade+0x6e0/0x6e0 [ 2285.692332][T13019] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2285.698221][T13019] ? do_vfs_ioctl+0x132/0x15d0 [ 2285.702978][T13019] ? __fget_files+0x288/0x3d0 [ 2285.707644][T13019] ? __fget_light+0xea/0x280 [ 2285.712247][T13019] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2285.718478][T13019] __sys_sendmsg+0xe5/0x1b0 [ 2285.722972][T13019] ? __sys_sendmsg_sock+0x30/0x30 [ 2285.728015][T13019] ? syscall_enter_from_user_mode+0x21/0x70 [ 2285.733895][T13019] ? trace_hardirqs_on+0x5b/0x1c0 [ 2285.738903][T13019] do_syscall_64+0x35/0xb0 [ 2285.743570][T13019] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2285.749465][T13019] RIP: 0033:0x4665d9 [ 2285.753346][T13019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2285.772991][T13019] RSP: 002b:00007f0cbc0c2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2285.781402][T13019] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2285.789361][T13019] RDX: 000000003f000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2285.797356][T13019] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2285.805420][T13019] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2285.813376][T13019] R13: 00007fffc9e5e04f R14: 00007f0cbc0c2300 R15: 0000000000022000 [ 2285.837494][T13047] netlink: 'syz-executor.0': attribute type 11 has an invalid length. 03:47:08 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x40000000) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:47:08 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000006000000000000000000000000989518b355f0f40100008000000000029b14b6ea775f9c3356a2563b4a2081ff995da6044f104695d23e8f6593c220a93d532a5e6ddf288a7d5befdbbabcb499134b36d7"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) r3 = openat$cgroup(r2, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) openat$cgroup_ro(r3, &(0x7f0000000100)='memory.current\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0xc0185879, &(0x7f0000000080)) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x40042409, 0x1) 03:47:08 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2286.397324][T13047] RSP: 002b:00007f571d74c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e 03:47:09 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) [ 2286.405732][T13047] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2286.413689][T13047] RDX: 0000000000600300 RSI: 0000000020000000 RDI: 0000000000000003 [ 2286.421920][T13047] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2286.429902][T13047] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2286.437858][T13047] R13: 00007ffe36affebf R14: 00007f571d74c300 R15: 0000000000022000 [ 2286.477336][T13066] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2286.516655][T13066] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. 03:47:09 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)={0x5, 0x4, 0x4, 0x1}, 0x40) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000017c0)={r2, &(0x7f0000001740), 0x539000, 0x4000}, 0x20) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001b80)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001bc0)={0x1a, 0x5, 0x2, 0x3f, 0xd22e5c4ab18621f4, r2, 0x3, '\x00', 0x0, r3, 0x5, 0x0, 0x3}, 0x40) close(r3) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) 03:47:09 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800510000000200000000e3ff00633433a279c712002915b6e4f66355f32768fa"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)={0x5, 0x4, 0x4, 0x1}, 0x40) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000017c0)={r2, &(0x7f0000001740), 0x539000, 0x4000}, 0x20) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001b80)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001bc0)={0x1a, 0x5, 0x2, 0x3f, 0xd22e5c4ab18621f4, r2, 0x3, '\x00', 0x0, r3, 0x5, 0x0, 0x3}, 0x40) openat$cgroup_ro(r3, &(0x7f0000000100)='cpuset.memory_pressure\x00', 0x0, 0x0) 03:47:09 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000280)=ANY=[@ANYRESDEC, @ANYRES64], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0xc0185879, &(0x7f0000000080)) r3 = getpid() r4 = getpid() perf_event_open(&(0x7f0000001980)={0x1, 0x80, 0x4a, 0x3, 0x4, 0xe0, 0x0, 0x1000, 0x40, 0x4, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0x4ff0, 0x8}, 0x40082, 0x1, 0x4f10, 0x4, 0x6, 0x2, 0x63, 0x0, 0x0, 0x0, 0x7c25}, r4, 0x9, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f00000002c0)={0x0, 0x80, 0x6, 0x85, 0x6, 0x4, 0x0, 0x2, 0x22990, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5, 0x1, @perf_config_ext={0x23a6, 0x3}, 0x5000b, 0x2, 0xb3, 0x7, 0x3, 0x7, 0x7, 0x0, 0x7fffffff, 0x0, 0x5d}, r4, 0xb, r1, 0x0) perf_event_open(&(0x7f0000000180)={0x3, 0x80, 0x1, 0x98, 0x3f, 0x7f, 0x0, 0xffffffffffffffca, 0x814d0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x466, 0x4, @perf_bp={&(0x7f0000000000), 0x1}, 0x44018, 0x7, 0x8, 0x5, 0x899a, 0x25e23ede, 0x5, 0x0, 0x0, 0x0, 0xffffffff}, r3, 0x3, r2, 0xb) [ 2286.840537][T13066] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2286.840537][T13066] !' [ 2286.870266][T13066] CPU: 1 PID: 13066 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 2286.880125][T13066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2286.890193][T13066] Call Trace: [ 2286.893486][T13066] dump_stack_lvl+0xcd/0x134 [ 2286.898113][T13066] sysfs_warn_dup.cold+0x1c/0x29 [ 2286.903084][T13066] sysfs_do_create_link_sd+0x11e/0x140 [ 2286.908571][T13066] sysfs_create_link+0x5f/0xc0 [ 2286.913345][T13066] device_add+0x789/0x2100 [ 2286.917766][T13066] ? mutex_lock_io_nested+0xf00/0xf00 [ 2286.923138][T13066] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2286.928712][T13066] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2286.935234][T13066] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2286.941475][T13066] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2286.947725][T13066] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2286.953966][T13066] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2286.959949][T13066] wiphy_register+0x1e8a/0x29b0 [ 2286.964810][T13066] ? wiphy_unregister+0xbd0/0xbd0 [ 2286.969854][T13066] ? minstrel_ht_alloc+0x531/0xa00 [ 2286.974964][T13066] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2286.981043][T13066] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2286.986505][T13066] ? ieee80211_restart_hw+0x290/0x290 [ 2286.991875][T13066] ? debug_object_destroy+0x210/0x210 [ 2286.997262][T13066] ? lock_downgrade+0x6e0/0x6e0 [ 2287.002104][T13066] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2287.007558][T13066] ? memset+0x20/0x40 [ 2287.011541][T13066] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2287.017777][T13066] ? __hrtimer_init+0x136/0x280 [ 2287.022626][T13066] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2287.028350][T13066] ? hwsim_virtio_rx_work+0x350/0x350 [ 2287.033721][T13066] ? __kmalloc_track_caller+0x1a0/0x320 [ 2287.039272][T13066] ? memcpy+0x39/0x60 [ 2287.043255][T13066] hwsim_new_radio_nl+0x9bc/0x1080 [ 2287.048365][T13066] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2287.054263][T13066] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2287.060498][T13066] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2287.067893][T13066] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2287.075283][T13066] genl_family_rcv_msg_doit+0x228/0x320 [ 2287.080842][T13066] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2287.088384][T13066] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2287.094628][T13066] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2287.100950][T13066] ? ns_capable+0xde/0x100 [ 2287.105364][T13066] genl_rcv_msg+0x328/0x580 [ 2287.109866][T13066] ? genl_get_cmd+0x480/0x480 [ 2287.114634][T13066] ? preempt_schedule_thunk+0x16/0x18 [ 2287.120177][T13066] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2287.126074][T13066] ? lock_release+0x720/0x720 [ 2287.130745][T13066] netlink_rcv_skb+0x153/0x420 [ 2287.135509][T13066] ? genl_get_cmd+0x480/0x480 [ 2287.140180][T13066] ? netlink_ack+0xa60/0xa60 [ 2287.144765][T13066] ? netlink_deliver_tap+0x236/0xba0 [ 2287.150052][T13066] genl_rcv+0x24/0x40 [ 2287.154027][T13066] netlink_unicast+0x533/0x7d0 [ 2287.158790][T13066] ? netlink_attachskb+0x890/0x890 [ 2287.163900][T13066] ? bpf_lsm_sem_semop+0x10/0x10 [ 2287.168839][T13066] netlink_sendmsg+0x85b/0xda0 [ 2287.173605][T13066] ? netlink_unicast+0x7d0/0x7d0 [ 2287.178546][T13066] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2287.184784][T13066] ? netlink_unicast+0x7d0/0x7d0 [ 2287.189719][T13066] sock_sendmsg+0xcf/0x120 [ 2287.194144][T13066] ____sys_sendmsg+0x6e8/0x810 [ 2287.199010][T13066] ? kernel_sendmsg+0x50/0x50 [ 2287.203684][T13066] ? do_recvmmsg+0x6d0/0x6d0 [ 2287.208265][T13066] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2287.214457][T13066] ? sockfd_lookup_light+0x6d/0x180 [ 2287.219783][T13066] ___sys_sendmsg+0xf3/0x170 [ 2287.224381][T13066] ? sendmsg_copy_msghdr+0x160/0x160 [ 2287.229674][T13066] ? __fget_files+0x266/0x3d0 [ 2287.234356][T13066] ? lock_downgrade+0x6e0/0x6e0 [ 2287.239205][T13066] ? futex_exit_release+0x220/0x220 [ 2287.244404][T13066] ? clockevents_program_event+0x141/0x370 [ 2287.250210][T13066] ? lock_downgrade+0x6e0/0x6e0 [ 2287.255071][T13066] ? __fget_files+0x288/0x3d0 [ 2287.259749][T13066] ? __fget_light+0xea/0x280 [ 2287.264513][T13066] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2287.270840][T13066] __sys_sendmsg+0xe5/0x1b0 [ 2287.275347][T13066] ? __sys_sendmsg_sock+0x30/0x30 [ 2287.280380][T13066] ? syscall_enter_from_user_mode+0x21/0x70 [ 2287.286272][T13066] ? trace_hardirqs_on+0x5b/0x1c0 [ 2287.291293][T13066] do_syscall_64+0x35/0xb0 [ 2287.295707][T13066] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2287.301604][T13066] RIP: 0033:0x4665d9 [ 2287.305497][T13066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2287.325101][T13066] RSP: 002b:00007f2f41cb3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2287.333509][T13066] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2287.341477][T13066] RDX: 0000000000000002 RSI: 0000000020000000 RDI: 0000000000000004 [ 2287.349445][T13066] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2287.357435][T13066] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2287.365399][T13066] R13: 00007ffcab19058f R14: 00007f2f41cb3300 R15: 0000000000022000 [ 2287.453720][T13049] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 2287.465474][T13049] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2287.480077][T13049] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2287.480077][T13049] !' [ 2287.494115][T13049] CPU: 0 PID: 13049 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 2287.503961][T13049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2287.514024][T13049] Call Trace: [ 2287.517410][T13049] dump_stack_lvl+0xcd/0x134 [ 2287.522002][T13049] sysfs_warn_dup.cold+0x1c/0x29 [ 2287.526974][T13049] sysfs_do_create_link_sd+0x11e/0x140 [ 2287.532448][T13049] sysfs_create_link+0x5f/0xc0 [ 2287.537223][T13049] device_add+0x789/0x2100 [ 2287.541768][T13049] ? mutex_lock_io_nested+0xf00/0xf00 [ 2287.547167][T13049] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2287.552714][T13049] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2287.559224][T13049] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2287.565473][T13049] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2287.571714][T13049] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2287.577978][T13049] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2287.583955][T13049] wiphy_register+0x1e8a/0x29b0 [ 2287.588808][T13049] ? wiphy_unregister+0xbd0/0xbd0 [ 2287.593822][T13049] ? minstrel_ht_alloc+0x531/0xa00 [ 2287.598925][T13049] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2287.604990][T13049] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2287.610478][T13049] ? ieee80211_restart_hw+0x290/0x290 [ 2287.615859][T13049] ? debug_object_destroy+0x210/0x210 [ 2287.621306][T13049] ? lock_downgrade+0x6e0/0x6e0 [ 2287.626144][T13049] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2287.631598][T13049] ? memset+0x20/0x40 [ 2287.635566][T13049] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2287.641790][T13049] ? __hrtimer_init+0x136/0x280 [ 2287.646645][T13049] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2287.652359][T13049] ? hwsim_virtio_rx_work+0x350/0x350 [ 2287.657719][T13049] ? __kmalloc_track_caller+0x1a0/0x320 [ 2287.663253][T13049] ? memcpy+0x39/0x60 [ 2287.667253][T13049] hwsim_new_radio_nl+0x9bc/0x1080 [ 2287.672373][T13049] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2287.678279][T13049] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2287.684511][T13049] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2287.691873][T13049] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2287.699156][T13049] genl_family_rcv_msg_doit+0x228/0x320 [ 2287.704704][T13049] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2287.712067][T13049] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2287.718316][T13049] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2287.724543][T13049] ? ns_capable+0xde/0x100 [ 2287.728951][T13049] genl_rcv_msg+0x328/0x580 [ 2287.733451][T13049] ? genl_get_cmd+0x480/0x480 [ 2287.738119][T13049] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2287.744202][T13049] ? lock_release+0x720/0x720 [ 2287.748887][T13049] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2287.754166][T13049] ? trace_hardirqs_on+0x5b/0x1c0 [ 2287.759180][T13049] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2287.764893][T13049] netlink_rcv_skb+0x153/0x420 [ 2287.769652][T13049] ? genl_get_cmd+0x480/0x480 [ 2287.774332][T13049] ? netlink_ack+0xa60/0xa60 [ 2287.778944][T13049] ? netlink_deliver_tap+0x236/0xba0 [ 2287.784224][T13049] genl_rcv+0x24/0x40 [ 2287.788209][T13049] netlink_unicast+0x533/0x7d0 [ 2287.792962][T13049] ? netlink_attachskb+0x890/0x890 [ 2287.798071][T13049] ? __virt_addr_valid+0x5d/0x2d0 [ 2287.803090][T13049] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2287.809324][T13049] ? __phys_addr_symbol+0x2c/0x70 [ 2287.814343][T13049] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2287.820055][T13049] ? __check_object_size+0x16e/0x3f0 [ 2287.825344][T13049] netlink_sendmsg+0x85b/0xda0 [ 2287.830104][T13049] ? netlink_unicast+0x7d0/0x7d0 [ 2287.835037][T13049] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2287.841289][T13049] ? netlink_unicast+0x7d0/0x7d0 [ 2287.846218][T13049] sock_sendmsg+0xcf/0x120 [ 2287.850642][T13049] ____sys_sendmsg+0x6e8/0x810 [ 2287.855420][T13049] ? kernel_sendmsg+0x50/0x50 [ 2287.860085][T13049] ? do_recvmmsg+0x6d0/0x6d0 [ 2287.864663][T13049] ? fs_reclaim_release+0x9c/0xf0 [ 2287.869778][T13049] ? lock_downgrade+0x6e0/0x6e0 [ 2287.874625][T13049] ___sys_sendmsg+0xf3/0x170 [ 2287.879646][T13049] ? sendmsg_copy_msghdr+0x160/0x160 [ 2287.884922][T13049] ? __fget_files+0x266/0x3d0 [ 2287.889592][T13049] ? lock_downgrade+0x6e0/0x6e0 [ 2287.895126][T13049] ? futex_exit_release+0x220/0x220 [ 2287.900330][T13049] ? alloc_empty_file+0xd7/0x170 [ 2287.905254][T13049] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2287.911485][T13049] ? __fget_files+0x288/0x3d0 [ 2287.916168][T13049] ? __fget_light+0xea/0x280 [ 2287.920756][T13049] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2287.927203][T13049] __sys_sendmsg+0xe5/0x1b0 [ 2287.931723][T13049] ? __sys_sendmsg_sock+0x30/0x30 [ 2287.936753][T13049] ? syscall_enter_from_user_mode+0x21/0x70 [ 2287.942641][T13049] ? trace_hardirqs_on+0x5b/0x1c0 [ 2287.947659][T13049] do_syscall_64+0x35/0xb0 [ 2287.952067][T13049] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2287.957956][T13049] RIP: 0033:0x4665d9 [ 2287.961835][T13049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2287.981519][T13049] RSP: 002b:00007f571d72b188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2287.989935][T13049] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 2287.997897][T13049] RDX: 0000000000600300 RSI: 0000000020000000 RDI: 0000000000000003 [ 2288.006286][T13049] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2288.014244][T13049] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038 [ 2288.022378][T13049] R13: 00007ffe36affebf R14: 00007f571d72b300 R15: 0000000000022000 03:47:11 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0xf0ffff) socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) 03:47:11 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc50x0}, 0x80, &(0x7f00000076c0), 0x0, &(0x7f0000007700)=""/47, 0x2f}, 0x62) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)={0x5, 0x4, 0x4, 0x1}, 0x40) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000017c0)={r4, &(0x7f0000001740), 0x539000, 0x4000}, 0x20) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001b80)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001bc0)={0x1a, 0x5, 0x2, 0x3f, 0xd22e5c4ab18621f4, r4, 0x3, '\x00', 0x0, r5, 0x5, 0x0, 0x3}, 0x40) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000f40)=ANY=[@ANYBLOB="850000006d00000025000000000000009500000000000000afda48d6494d6170cc6fabec470db2c61612ba392076dd2963228e1d69ba7ea94c500dc4ef2fad96ec40a7a4a6ea9b126f6fd0428bf88f6f21caf593836d9ea2cfb0e60436e054258c4686b06670fde94a0f4d5fc79c987d669ffa4aaca0f9d9924be41a9169bdfaf16d1c0b1539f8caf3ba1476570bb8dd7fcd4389c691de61ee84309e7a23c19a39484809539fca4e0b6ec015a7d55545a34effa077faa55c59e88254f54077f799bf1683537a8ea0244d35b213bda80cc172afd80e361bedd8b8cc57255a5e3d77ac463920e231b7ae0dd56e4edc8d4a981fc29998f11e0da8616d2b7958f91f5d822175ed60ab3853c155656d94af98af1dd709c1058d6e64bba2b59525f8fe3b28d7e53c78fbfe5ab0255f347160ec8343e1494da48403ad0407d9440b69ad9f19ab8b20509f71d77c1ad596949c47975730672039ab3762271cf555c14d56b51c2298237bebfc08e0d5971a56e09a0001cfd98b9d41a902e5111f2cc5e46ac1c60a9b10c074bfbcd4b09012175484135f0e519f0b1c4aaa026d570ecb5e8cddbed65ff76ff61c55524180d703f7f14d8b78a602ca3cdf6a665ba4008f9c912007f95d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad943e392957b4f979ea17117a13201bafe4f0f6ea5a6c957ada0c548552b571bed564c0a2fcb6da006b5d0fe4886a9edee77f6986319f85dd06a24c37e588959f34d2c5f609baad49da96002d613dc88670f3478182136c74d163716ba8219392d65582b33e7dfd27e69d71a190016f2c3e683176d47c2599d03008c05c8ce9edd1ef4cc236934b81466d4f5bbdf917fac483b8bf80794ecb7ac00ce453c14d29dab6dcf1855a1ab3d7c2ee8d43e479f3a17a4ac213bfa477f3da41564aac25192cb10e4e4dfc5cfbdef1d4cea17286ec8f6db16dc62b8ca086734223cf718c6bb21eae7eca3cb1ba23105a33cfc2cd90adf3720d13cd114695fea0cd01735a16d3c4e101ac6713c630445402b02e358210911835e48f049b44631062d465506ceec6947c78fd2e044c288d7198a712d529d9d0ba7b0db4cca204c6fae33f60c01559eafbed82203bf45781e3681c0ec2a041e18dde1ae9033946a7acf61d1c3bd1c988aabea18a402a93e156bcf4a4043bfe7575a977b0e0a76647f949edd8e86b58702e5edc98405db78242b542ab94182db71a0d5a0354ceb4399aa35ecfed552652f93f621bfeb4d355a92403fed000000000084d407a0642dfca09af26af1036961a897ef54e8b48c12dfbf5e5718fa7a741afb964bf21718cb34a468baa0bf0481c68d5479f7652c3edb825c60873e1cb90c18a6f025996488e4d702d1fffbd8b6c242abdf998479d802009ac35ef853a78b26bd728073a54bef7c5d3e7ec0301756835de3f05db39df66ff2cab1aa9f271a0997bba34de3a5ae6108cf9a7ee43aa849e9891fcf9c26b1e6ea43f721221e11358b68a89eff9f434d853e788878c510c408efe6548f290a79f9dc244e3154113b68e4904e000000956b921601dba803700681afef539b17a8ec3017a8ef744c5308781071760dde1a54ac1096f76685c3a7d0b2743e517b714dfc27ddfe86c5ae286ef3e8ce04ac4d1ea0230e3dcd8d734151ee93740a90be415d75d05e8a9c3ac608ae56b0377702"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xc0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000007500)={&(0x7f0000006f80)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x80, 0x0, 0x0, 0xffffffffffffffff}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000840)=ANY=[@ANYRES16=r8], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', r8, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r9 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={0xffffffffffffffff}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x13, 0x0, &(0x7f00000000c0), &(0x7f0000000100)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x14, '\x00', r8, 0x19, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x4, 0x3}, 0x8, 0x10, &(0x7f00000002c0)={0x5, 0x1, 0x20, 0x6}, 0x10, 0x0, r9}, 0x78) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xe, 0xb, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xd2, 0x0, 0x0, 0x0, 0x5}, [@call={0x85, 0x0, 0x0, 0x77}, @map_val={0x18, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x2}, @generic={0x8, 0x7, 0x8, 0x80, 0x1}, @map={0x18, 0x8}]}, &(0x7f0000000040)='syzkaller\x00', 0x1ff, 0x75, &(0x7f0000000180)=""/117, 0x0, 0x0, '\x00', r8, 0x1, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x1, 0xb, 0xfffffffc, 0x1}, 0x10, r7, r6}, 0x78) bpf$PROG_LOAD(0x5, &(0x7f0000007800)={0x1a, 0x9, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1}, [@map={0x18, 0x6}, @exit, @map_val={0x18, 0x6, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x1000e}]}, &(0x7f0000000180)='syzkaller\x00', 0xfffffff9, 0x8d, &(0x7f0000000280)=""/141, 0x41100, 0x9, '\x00', r3, 0xc, r5, 0x8, &(0x7f0000007780)={0x7, 0x3}, 0x8, 0x10, &(0x7f00000077c0)={0x0, 0x5, 0x4000, 0xfff}, 0x10, r7, r1}, 0x78) [ 2288.051339][T13088] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2288.064138][T13088] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2288.106139][T13088] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2288.106139][T13088] !' [ 2288.145022][T13088] CPU: 0 PID: 13088 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 2288.154893][T13088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2288.164954][T13088] Call Trace: [ 2288.168234][T13088] dump_stack_lvl+0xcd/0x134 [ 2288.172862][T13088] sysfs_warn_dup.cold+0x1c/0x29 [ 2288.177796][T13088] sysfs_do_create_link_sd+0x11e/0x140 [ 2288.183446][T13088] sysfs_create_link+0x5f/0xc0 [ 2288.188213][T13088] device_add+0x789/0x2100 [ 2288.192624][T13088] ? mutex_lock_io_nested+0xf00/0xf00 [ 2288.198011][T13088] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2288.203562][T13088] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2288.209814][T13088] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2288.216055][T13088] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2288.222292][T13088] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2288.228288][T13088] wiphy_register+0x1e8a/0x29b0 [ 2288.233148][T13088] ? wiphy_unregister+0xbd0/0xbd0 [ 2288.238202][T13088] ? minstrel_ht_alloc+0x531/0xa00 [ 2288.243315][T13088] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2288.249409][T13088] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2288.254961][T13088] ? ieee80211_restart_hw+0x290/0x290 [ 2288.260339][T13088] ? debug_object_destroy+0x210/0x210 [ 2288.265800][T13088] ? lock_downgrade+0x6e0/0x6e0 [ 2288.270648][T13088] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2288.276102][T13088] ? memset+0x20/0x40 [ 2288.280083][T13088] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2288.286322][T13088] ? __hrtimer_init+0x136/0x280 [ 2288.291178][T13088] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2288.296910][T13088] ? hwsim_virtio_rx_work+0x350/0x350 [ 2288.302288][T13088] ? __kmalloc_track_caller+0x1a0/0x320 [ 2288.307841][T13088] ? memcpy+0x39/0x60 [ 2288.311825][T13088] hwsim_new_radio_nl+0x9bc/0x1080 [ 2288.316946][T13088] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2288.322860][T13088] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2288.329109][T13088] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2288.336495][T13088] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2288.343798][T13088] genl_family_rcv_msg_doit+0x228/0x320 [ 2288.349353][T13088] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2288.356726][T13088] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2288.362968][T13088] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2288.369227][T13088] ? ns_capable+0xde/0x100 [ 2288.373638][T13088] genl_rcv_msg+0x328/0x580 [ 2288.378142][T13088] ? genl_get_cmd+0x480/0x480 [ 2288.382818][T13088] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2288.389241][T13088] ? lock_release+0x720/0x720 [ 2288.393910][T13088] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2288.399194][T13088] ? trace_hardirqs_on+0x5b/0x1c0 [ 2288.404217][T13088] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2288.410114][T13088] netlink_rcv_skb+0x153/0x420 [ 2288.414878][T13088] ? genl_get_cmd+0x480/0x480 [ 2288.419553][T13088] ? netlink_ack+0xa60/0xa60 [ 2288.424139][T13088] ? netlink_deliver_tap+0x236/0xba0 [ 2288.429424][T13088] genl_rcv+0x24/0x40 [ 2288.433407][T13088] netlink_unicast+0x533/0x7d0 [ 2288.438170][T13088] ? netlink_attachskb+0x890/0x890 [ 2288.443279][T13088] ? __virt_addr_valid+0x5d/0x2d0 [ 2288.448317][T13088] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2288.454558][T13088] ? __phys_addr_symbol+0x2c/0x70 [ 2288.459671][T13088] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2288.465385][T13088] ? __check_object_size+0x16e/0x3f0 [ 2288.470671][T13088] netlink_sendmsg+0x85b/0xda0 [ 2288.475450][T13088] ? netlink_unicast+0x7d0/0x7d0 [ 2288.480387][T13088] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2288.486639][T13088] ? netlink_unicast+0x7d0/0x7d0 [ 2288.491590][T13088] sock_sendmsg+0xcf/0x120 [ 2288.496029][T13088] ____sys_sendmsg+0x6e8/0x810 [ 2288.500806][T13088] ? kernel_sendmsg+0x50/0x50 [ 2288.505487][T13088] ? do_recvmmsg+0x6d0/0x6d0 [ 2288.510075][T13088] ? tomoyo_path_number_perm+0x204/0x590 [ 2288.515709][T13088] ? kfree+0xeb/0x670 [ 2288.519702][T13088] ? tomoyo_path_number_perm+0x441/0x590 [ 2288.525335][T13088] ___sys_sendmsg+0xf3/0x170 [ 2288.530316][T13088] ? sendmsg_copy_msghdr+0x160/0x160 [ 2288.535597][T13088] ? __fget_files+0x266/0x3d0 [ 2288.540276][T13088] ? lock_downgrade+0x6e0/0x6e0 [ 2288.545902][T13088] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2288.551792][T13088] ? do_vfs_ioctl+0x132/0x15d0 [ 2288.556556][T13088] ? __fget_files+0x288/0x3d0 [ 2288.561238][T13088] ? __fget_light+0xea/0x280 [ 2288.565825][T13088] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2288.572065][T13088] __sys_sendmsg+0xe5/0x1b0 [ 2288.576653][T13088] ? __sys_sendmsg_sock+0x30/0x30 [ 2288.581678][T13088] ? syscall_enter_from_user_mode+0x21/0x70 [ 2288.587570][T13088] ? trace_hardirqs_on+0x5b/0x1c0 [ 2288.592596][T13088] do_syscall_64+0x35/0xb0 [ 2288.597011][T13088] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2288.602904][T13088] RIP: 0033:0x4665d9 [ 2288.606789][T13088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2288.626491][T13088] RSP: 002b:00007f2f41c71188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2288.634912][T13088] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2288.642887][T13088] RDX: 0000000000000002 RSI: 0000000020000000 RDI: 0000000000000004 [ 2288.650862][T13088] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2288.658830][T13088] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2288.666800][T13088] R13: 00007ffcab19058f R14: 00007f2f41c71300 R15: 0000000000022000 03:47:11 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x4) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x2000) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) [ 2288.702408][T13115] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 2288.718476][T13115] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2288.944580][T13115] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2288.944580][T13115] !' [ 2288.955569][T13115] CPU: 1 PID: 13115 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2288.965840][T13115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2288.975906][T13115] Call Trace: [ 2288.979190][T13115] dump_stack_lvl+0xcd/0x134 [ 2288.983812][T13115] sysfs_warn_dup.cold+0x1c/0x29 [ 2288.988780][T13115] sysfs_do_create_link_sd+0x11e/0x140 [ 2288.994264][T13115] sysfs_create_link+0x5f/0xc0 [ 2288.999049][T13115] device_add+0x789/0x2100 [ 2289.003477][T13115] ? mutex_lock_io_nested+0xf00/0xf00 [ 2289.008890][T13115] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2289.014436][T13115] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2289.020946][T13115] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2289.027183][T13115] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2289.033429][T13115] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2289.039664][T13115] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2289.045643][T13115] wiphy_register+0x1e8a/0x29b0 [ 2289.050508][T13115] ? wiphy_unregister+0xbd0/0xbd0 [ 2289.056486][T13115] ? minstrel_ht_alloc+0x531/0xa00 [ 2289.061597][T13115] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2289.067665][T13115] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2289.073128][T13115] ? ieee80211_restart_hw+0x290/0x290 [ 2289.078503][T13115] ? debug_object_destroy+0x210/0x210 [ 2289.083883][T13115] ? lock_downgrade+0x6e0/0x6e0 [ 2289.088758][T13115] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2289.094213][T13115] ? memset+0x20/0x40 [ 2289.098453][T13115] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2289.104966][T13115] ? __hrtimer_init+0x136/0x280 [ 2289.109822][T13115] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2289.115554][T13115] ? hwsim_virtio_rx_work+0x350/0x350 [ 2289.120942][T13115] ? __kmalloc_track_caller+0x1a0/0x320 [ 2289.126499][T13115] ? memcpy+0x39/0x60 [ 2289.130496][T13115] hwsim_new_radio_nl+0x9bc/0x1080 [ 2289.135620][T13115] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2289.141520][T13115] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2289.147847][T13115] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2289.155232][T13115] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2289.162514][T13115] genl_family_rcv_msg_doit+0x228/0x320 [ 2289.168069][T13115] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2289.175465][T13115] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2289.181718][T13115] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2289.187950][T13115] ? ns_capable+0xde/0x100 [ 2289.192373][T13115] genl_rcv_msg+0x328/0x580 [ 2289.196876][T13115] ? genl_get_cmd+0x480/0x480 [ 2289.201548][T13115] ? lock_downgrade+0x6e0/0x6e0 [ 2289.206394][T13115] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2289.212288][T13115] ? lock_release+0x720/0x720 [ 2289.216959][T13115] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2289.222242][T13115] netlink_rcv_skb+0x153/0x420 [ 2289.227002][T13115] ? genl_get_cmd+0x480/0x480 [ 2289.231679][T13115] ? netlink_ack+0xa60/0xa60 [ 2289.236266][T13115] ? netlink_deliver_tap+0x236/0xba0 [ 2289.241551][T13115] genl_rcv+0x24/0x40 [ 2289.245530][T13115] netlink_unicast+0x533/0x7d0 [ 2289.250303][T13115] ? netlink_attachskb+0x890/0x890 [ 2289.255423][T13115] ? __check_object_size+0x16e/0x3f0 [ 2289.260750][T13115] netlink_sendmsg+0x85b/0xda0 [ 2289.265524][T13115] ? netlink_unicast+0x7d0/0x7d0 [ 2289.270460][T13115] ? bpf_lsm_socket_accept+0x10/0x10 [ 2289.275762][T13115] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2289.282001][T13115] ? netlink_unicast+0x7d0/0x7d0 [ 2289.286937][T13115] sock_sendmsg+0xcf/0x120 [ 2289.291374][T13115] ____sys_sendmsg+0x6e8/0x810 [ 2289.296139][T13115] ? kernel_sendmsg+0x50/0x50 [ 2289.300826][T13115] ? do_recvmmsg+0x6d0/0x6d0 [ 2289.305408][T13115] ? futex_wait_restart+0x200/0x200 [ 2289.310607][T13115] ___sys_sendmsg+0xf3/0x170 [ 2289.315194][T13115] ? sendmsg_copy_msghdr+0x160/0x160 [ 2289.320476][T13115] ? __fget_files+0x266/0x3d0 [ 2289.325160][T13115] ? lock_downgrade+0x6e0/0x6e0 [ 2289.330014][T13115] ? futex_exit_release+0x220/0x220 [ 2289.335474][T13115] ? clockevents_program_event+0x141/0x370 [ 2289.341275][T13115] ? lock_downgrade+0x6e0/0x6e0 [ 2289.346121][T13115] ? __fget_files+0x288/0x3d0 [ 2289.350795][T13115] ? __fget_light+0xea/0x280 [ 2289.355379][T13115] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2289.361626][T13115] __sys_sendmsg+0xe5/0x1b0 [ 2289.366129][T13115] ? __sys_sendmsg_sock+0x30/0x30 [ 2289.371157][T13115] ? syscall_enter_from_user_mode+0x21/0x70 [ 2289.377074][T13115] ? trace_hardirqs_on+0x5b/0x1c0 [ 2289.382095][T13115] do_syscall_64+0x35/0xb0 [ 2289.386521][T13115] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2289.392432][T13115] RIP: 0033:0x4665d9 [ 2289.396322][T13115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2289.416010][T13115] RSP: 002b:00007f0cbc104188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2289.424421][T13115] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2289.432393][T13115] RDX: 0000000040000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2289.440358][T13115] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2289.448581][T13115] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2289.456545][T13115] R13: 00007fffc9e5e04f R14: 00007f0cbc104300 R15: 0000000000022000 [ 2289.482807][T13114] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 2289.490991][T13114] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2289.621943][T13132] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 2289.630291][T13132] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2289.739407][T13137] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 2289.753280][T13137] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2289.765092][T13137] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2289.765092][T13137] !' [ 2289.795131][T13137] CPU: 0 PID: 13137 Comm: syz-executor.1 Tainted: G W 5.13.0-syzkaller #0 [ 2289.805078][T13137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2289.815148][T13137] Call Trace: [ 2289.818444][T13137] dump_stack_lvl+0xcd/0x134 [ 2289.823056][T13137] sysfs_warn_dup.cold+0x1c/0x29 [ 2289.828107][T13137] sysfs_do_create_link_sd+0x11e/0x140 [ 2289.833583][T13137] sysfs_create_link+0x5f/0xc0 [ 2289.838369][T13137] device_add+0x789/0x2100 [ 2289.842806][T13137] ? mutex_lock_io_nested+0xf00/0xf00 [ 2289.848200][T13137] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2289.853767][T13137] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2289.860029][T13137] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2289.866289][T13137] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2289.872549][T13137] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2289.878746][T13137] wiphy_register+0x1e8a/0x29b0 [ 2289.883597][T13137] ? wiphy_unregister+0xbd0/0xbd0 [ 2289.888622][T13137] ? minstrel_ht_alloc+0x531/0xa00 [ 2289.893730][T13137] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2289.899799][T13137] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2289.905260][T13137] ? ieee80211_restart_hw+0x290/0x290 [ 2289.910924][T13137] ? debug_object_destroy+0x210/0x210 [ 2289.916298][T13137] ? lock_downgrade+0x6e0/0x6e0 [ 2289.921147][T13137] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2289.926600][T13137] ? memset+0x20/0x40 [ 2289.930680][T13137] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2289.936927][T13137] ? __hrtimer_init+0x136/0x280 [ 2289.941781][T13137] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2289.947496][T13137] ? hwsim_virtio_rx_work+0x350/0x350 [ 2289.952869][T13137] ? __kmalloc_track_caller+0x1a0/0x320 [ 2289.958411][T13137] ? memcpy+0x39/0x60 [ 2289.962381][T13137] hwsim_new_radio_nl+0x9bc/0x1080 [ 2289.967480][T13137] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2289.973369][T13137] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2289.979613][T13137] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2289.986983][T13137] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2289.994279][T13137] genl_family_rcv_msg_doit+0x228/0x320 [ 2289.999826][T13137] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2290.007727][T13137] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2290.014116][T13137] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2290.020430][T13137] ? ns_capable+0xde/0x100 [ 2290.024855][T13137] genl_rcv_msg+0x328/0x580 [ 2290.029348][T13137] ? genl_get_cmd+0x480/0x480 [ 2290.034018][T13137] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2290.040119][T13137] ? lock_release+0x720/0x720 [ 2290.044802][T13137] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2290.050083][T13137] ? trace_hardirqs_on+0x5b/0x1c0 [ 2290.055097][T13137] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2290.060812][T13137] netlink_rcv_skb+0x153/0x420 [ 2290.065567][T13137] ? genl_get_cmd+0x480/0x480 [ 2290.070242][T13137] ? netlink_ack+0xa60/0xa60 [ 2290.074818][T13137] ? netlink_deliver_tap+0x236/0xba0 [ 2290.080098][T13137] genl_rcv+0x24/0x40 [ 2290.084428][T13137] netlink_unicast+0x533/0x7d0 [ 2290.089191][T13137] ? netlink_attachskb+0x890/0x890 [ 2290.094299][T13137] ? __virt_addr_valid+0x5d/0x2d0 [ 2290.099325][T13137] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2290.105649][T13137] ? __phys_addr_symbol+0x2c/0x70 [ 2290.110668][T13137] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2290.116382][T13137] ? __check_object_size+0x16e/0x3f0 [ 2290.121668][T13137] netlink_sendmsg+0x85b/0xda0 [ 2290.126419][T13137] ? netlink_unicast+0x7d0/0x7d0 [ 2290.131351][T13137] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2290.137591][T13137] ? netlink_unicast+0x7d0/0x7d0 [ 2290.142655][T13137] sock_sendmsg+0xcf/0x120 [ 2290.147329][T13137] ____sys_sendmsg+0x6e8/0x810 [ 2290.152190][T13137] ? kernel_sendmsg+0x50/0x50 [ 2290.156860][T13137] ? do_recvmmsg+0x6d0/0x6d0 [ 2290.161529][T13137] ? tomoyo_path_number_perm+0x204/0x590 [ 2290.167264][T13137] ? kfree+0xeb/0x670 [ 2290.171405][T13137] ? tomoyo_path_number_perm+0x441/0x590 [ 2290.177050][T13137] ___sys_sendmsg+0xf3/0x170 [ 2290.182392][T13137] ? sendmsg_copy_msghdr+0x160/0x160 [ 2290.187990][T13137] ? __fget_files+0x266/0x3d0 [ 2290.192684][T13137] ? lock_downgrade+0x6e0/0x6e0 [ 2290.197620][T13137] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2290.203520][T13137] ? do_vfs_ioctl+0x132/0x15d0 [ 2290.208286][T13137] ? __fget_files+0x288/0x3d0 [ 2290.212980][T13137] ? __fget_light+0xea/0x280 [ 2290.217650][T13137] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2290.223994][T13137] __sys_sendmsg+0xe5/0x1b0 [ 2290.228500][T13137] ? __sys_sendmsg_sock+0x30/0x30 [ 2290.233785][T13137] ? syscall_enter_from_user_mode+0x21/0x70 [ 2290.239676][T13137] ? trace_hardirqs_on+0x5b/0x1c0 [ 2290.244698][T13137] do_syscall_64+0x35/0xb0 [ 2290.249157][T13137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2290.255062][T13137] RIP: 0033:0x4665d9 [ 2290.258938][T13137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2290.278552][T13137] RSP: 002b:00007f0cbc0c2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2290.286962][T13137] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2290.294932][T13137] RDX: 0000000040000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2290.302903][T13137] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2290.310855][T13137] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2290.318985][T13137] R13: 00007fffc9e5e04f R14: 00007f0cbc0c2300 R15: 0000000000022000 [ 2290.335440][T13173] netlink: 'syz-executor.4': attribute type 11 has an invalid length. 03:47:13 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x60000000) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:47:13 executing program 3: r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup(r0, &(0x7f00000002c0)='syz0\x00', 0x200002, 0x0) perf_event_open$cgroup(&(0x7f0000000240)={0x2, 0x80, 0x7, 0x0, 0x20, 0x0, 0x0, 0xfff, 0x800, 0xa, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_bp={&(0x7f0000000200), 0x1}, 0x2104, 0x1000, 0x7, 0x3, 0x4, 0x0, 0x5, 0x0, 0x8, 0x0, 0xfffffffffffffff7}, r1, 0x0, r0, 0x9) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000000)=ANY=[@ANYRES32=r1], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0xc0185879, &(0x7f0000000080)) 03:47:13 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x1000000) socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) 03:47:13 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2290.899197][T13173] RSP: 002b:00007f2f41cb3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2290.907612][T13173] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2290.915647][T13173] RDX: 0000000000000004 RSI: 0000000020000000 RDI: 0000000000000004 [ 2290.923964][T13173] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2290.931940][T13173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2290.939996][T13173] R13: 00007ffcab19058f R14: 00007f2f41cb3300 R15: 0000000000022000 03:47:14 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x7) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x2000) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) [ 2291.016953][T13221] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 2291.037929][T13221] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.0'. 03:47:14 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x8) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x2000) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:47:14 executing program 3: sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000280)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes192\x00'}, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000300)="b04b2649ad2c955672bc5e71d42fdb7efde79063115e694fe89d5433aad85a021901a4cb7382d1214c7a29765bb381d6793ae4a4a4", 0x35}, {&(0x7f0000000340)="2ad2f4a06cece0808e8959e28a8e1bb5441b7d67f54ff6177b9e2ab466f7a49bde809a109a0487b9fa2b844d5793203e9488e1131dda9b872eb8ecf4a91e7aea34790dfefb385256c676b6b51d", 0x4d}, {&(0x7f0000000480)="96f3c5b010e3a57c6c265042b89157a63f3688adb0c15a756b019cc3aee8d9d9968aadceac3ffe88173798ec670ab476a1667292a8bcbfe95a203d7197afea0855c6802a329eb91203ced6b32ab541fe29d3676441f00360425e2ea0bf5b723a98692bbef6394bdf8e50d1e59b18fc1aa2cde8b5fd5aea1ab5e7ce6c890a7e441b4e3b3607b56c1c71fea3bdd9633f4e49ecd7793df521d5c8a6a84c8e2785110725583f8ece2aacc04abc1fcbe92f348063987a8584a920ed7fad8484739da8987c24e980a82580eba562403c832fa565c1ae22e9c7987d3a", 0xd9}, {&(0x7f0000000580)="6b8dbc0871dde43b912c85472f0de53fdca6faabd439cb81fbf9e42e8988836e348f563c90d639c48ac5f417e74831cdb4edccaaa1b68cfca40ac1dc1aebb5680fecf906f75e2dc2c6b6e186175419e2aae05f9b7237ae5bd8c896300a6f15453da483c06bc90052deddb37e37b697444ed794b4bfa312fb9c98537fecb7a0c84384b8824cd21194367c5fdad2956af200b76a1aa285638b917df892ba348bae32db7927362cb9f6a6a21cd7825c0b15f997bce9deeb054a76740c6a9004baf78e55e7643d8a44d66f10f7cfbd2caa", 0xcf}, {&(0x7f00000003c0)="7e6c1b40375b7494544bc05d6968f1c44c99a1bb25f1d0474fc7cc20d7e712275d307c3fbfa056baddd6cc12ee0f6dd1daa262c3338351c5469565cac7482dd4dca5a6c5108e13ec2e9e48d4d859c1aec84626feaf26357dcf5e696d2d2729f3dc810f8576a6b06a4682a1402bbc5b", 0x6f}, {&(0x7f0000000680)="c51f1d824c9a213d7b44a01c5fb488d7", 0x10}, {&(0x7f00000006c0)="c8c74d70dbb19ba17176cb1ef424534bcb367450c5e8f664be63b78eb83979c8fb8b303379f4ed6bb5980bb02aa7845422df4114bfa63df9585a9a2bf7b9d47fc15690f2cbdb6e5818dad99101a4505410ca8f060fca5221f3b9e6511a8ea8bf62b3668c76f7c0cea3c4e3a012af5e", 0x6f}], 0x7, &(0x7f0000000a00)=ANY=[@ANYBLOB="480000000000000004010000ffffff7fa5ee85c673713a2eebcc6a9a2ca917d546ff2d94c074e29b91420480eddfee668a70224bbb6204ae9a8c60f1906c797eb776c756c3d7000000003a000000f3f5ffff0e3c0d17566fb3e5e3cafe059e5c3e99efe904f3a442f0e349aabe7835abde9dbddd16f1b19bc69b75fe336ef74ed5eb31270481673f8a7608d274410749e4185ca2b1130ba91cbcf9b56bcd00f44c94a0e997da7e7700000000000000c51ba2d94d6c65984ebaf41f8e723e52c07f481bc226ba20a364b552e13481f82ca01e2faa5ca5094454a02256e69746783717091ff53307f83a74043900000000000050000000000000000801000006000000a6bde48efb9d3f67e4c32d8f041d7a59985fb6c15ab2d03caf73c8d930fb6a65529fe3493a2402264e43cf98decc2104474b9d39d190ab8c532e9727400000000000000000002e67548e665e1d5a115dadd20fac817042573be74cd1c5ee20002401597933b189594c526de4698f898404d0b0497dfaa669ddb5fe04d9f9f717b5bed4c5b12cabb7431613ef39"], 0x148}, 0x825) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, r2, 0x0, 0x4, &(0x7f0000000180)='GPL\x00'}, 0x30) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000100)={r1, 0x3, 0x1, 0x9, &(0x7f0000000000)=[0x0], 0x1}, 0x20) [ 2291.339620][T13221] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2291.339620][T13221] !' [ 2291.362056][T13221] CPU: 0 PID: 13221 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 2291.371921][T13221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2291.382165][T13221] Call Trace: [ 2291.385453][T13221] dump_stack_lvl+0xcd/0x134 [ 2291.390065][T13221] sysfs_warn_dup.cold+0x1c/0x29 [ 2291.395047][T13221] sysfs_do_create_link_sd+0x11e/0x140 [ 2291.400512][T13221] sysfs_create_link+0x5f/0xc0 [ 2291.405284][T13221] device_add+0x789/0x2100 [ 2291.409695][T13221] ? mutex_lock_io_nested+0xf00/0xf00 [ 2291.415083][T13221] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2291.420625][T13221] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2291.426862][T13221] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2291.433103][T13221] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2291.439343][T13221] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2291.445412][T13221] wiphy_register+0x1e8a/0x29b0 [ 2291.451251][T13221] ? wiphy_unregister+0xbd0/0xbd0 [ 2291.456293][T13221] ? minstrel_ht_alloc+0x531/0xa00 [ 2291.461415][T13221] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2291.467485][T13221] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2291.472948][T13221] ? ieee80211_restart_hw+0x290/0x290 [ 2291.478320][T13221] ? debug_object_destroy+0x210/0x210 [ 2291.483710][T13221] ? lock_downgrade+0x6e0/0x6e0 [ 2291.488559][T13221] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2291.494014][T13221] ? memset+0x20/0x40 [ 2291.498000][T13221] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2291.504239][T13221] ? __hrtimer_init+0x136/0x280 [ 2291.509097][T13221] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2291.514841][T13221] ? hwsim_virtio_rx_work+0x350/0x350 [ 2291.520214][T13221] ? __kmalloc_track_caller+0x1a0/0x320 [ 2291.525757][T13221] ? memcpy+0x39/0x60 [ 2291.529738][T13221] hwsim_new_radio_nl+0x9bc/0x1080 [ 2291.534858][T13221] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2291.540755][T13221] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2291.546990][T13221] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2291.554365][T13221] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2291.561740][T13221] genl_family_rcv_msg_doit+0x228/0x320 [ 2291.567293][T13221] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2291.574678][T13221] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2291.582218][T13221] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2291.588458][T13221] ? ns_capable+0xde/0x100 [ 2291.592874][T13221] genl_rcv_msg+0x328/0x580 [ 2291.597376][T13221] ? genl_get_cmd+0x480/0x480 [ 2291.602064][T13221] ? lock_downgrade+0x6e0/0x6e0 [ 2291.606911][T13221] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2291.612820][T13221] ? lock_release+0x720/0x720 [ 2291.617506][T13221] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2291.622795][T13221] netlink_rcv_skb+0x153/0x420 [ 2291.627562][T13221] ? genl_get_cmd+0x480/0x480 [ 2291.632237][T13221] ? netlink_ack+0xa60/0xa60 [ 2291.636825][T13221] ? netlink_deliver_tap+0x236/0xba0 [ 2291.642143][T13221] genl_rcv+0x24/0x40 [ 2291.646158][T13221] netlink_unicast+0x533/0x7d0 [ 2291.650946][T13221] ? netlink_attachskb+0x890/0x890 [ 2291.656068][T13221] ? __virt_addr_valid+0x5d/0x2d0 [ 2291.661099][T13221] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2291.667351][T13221] ? __phys_addr_symbol+0x2c/0x70 [ 2291.672380][T13221] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2291.678094][T13221] ? __check_object_size+0x16e/0x3f0 [ 2291.683380][T13221] netlink_sendmsg+0x85b/0xda0 [ 2291.688277][T13221] ? netlink_unicast+0x7d0/0x7d0 [ 2291.693227][T13221] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2291.699489][T13221] ? netlink_unicast+0x7d0/0x7d0 [ 2291.704439][T13221] sock_sendmsg+0xcf/0x120 [ 2291.708885][T13221] ____sys_sendmsg+0x6e8/0x810 [ 2291.713747][T13221] ? kernel_sendmsg+0x50/0x50 [ 2291.718423][T13221] ? do_recvmmsg+0x6d0/0x6d0 [ 2291.723007][T13221] ? futex_wait_restart+0x200/0x200 [ 2291.728204][T13221] ? fs_reclaim_release+0x9c/0xf0 [ 2291.733230][T13221] ? lock_release+0x522/0x720 [ 2291.737903][T13221] ? fs_reclaim_release+0x9c/0xf0 [ 2291.742927][T13221] ? lock_downgrade+0x6e0/0x6e0 [ 2291.747776][T13221] ___sys_sendmsg+0xf3/0x170 [ 2291.752366][T13221] ? sendmsg_copy_msghdr+0x160/0x160 [ 2291.757649][T13221] ? __fget_files+0x266/0x3d0 [ 2291.762848][T13221] ? lock_downgrade+0x6e0/0x6e0 [ 2291.767695][T13221] ? futex_exit_release+0x220/0x220 [ 2291.772896][T13221] ? alloc_empty_file+0xd7/0x170 [ 2291.777825][T13221] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2291.784157][T13221] ? __fget_files+0x288/0x3d0 [ 2291.788837][T13221] ? __fget_light+0xea/0x280 [ 2291.793424][T13221] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2291.799666][T13221] __sys_sendmsg+0xe5/0x1b0 [ 2291.804173][T13221] ? __sys_sendmsg_sock+0x30/0x30 [ 2291.809201][T13221] ? syscall_enter_from_user_mode+0x21/0x70 [ 2291.815177][T13221] ? trace_hardirqs_on+0x5b/0x1c0 [ 2291.820200][T13221] do_syscall_64+0x35/0xb0 [ 2291.824787][T13221] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2291.830706][T13221] RIP: 0033:0x4665d9 [ 2291.834593][T13221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2291.854756][T13221] RSP: 002b:00007f571d74c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2291.863165][T13221] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2291.871150][T13221] RDX: 0000000001000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 2291.879120][T13221] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 03:47:14 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2292.508982][T13225] RSP: 002b:00007f0cbc104188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2292.517403][T13225] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2292.525371][T13225] RDX: 0000000060000000 RSI: 0000000020000000 RDI: 0000000000000004 03:47:15 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000010000000000000015000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)={0x5, 0x4, 0x4, 0x1}, 0x40) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000017c0)={r2, &(0x7f0000001740), 0x539000, 0x4000}, 0x20) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001b80)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001bc0)={0x1a, 0x5, 0x2, 0x3f, 0xd22e5c4ab18621f4, r2, 0x3, '\x00', 0x0, r3, 0x5, 0x0, 0x3}, 0x40) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000e00)={0x3, 0x0}, 0x8) r5 = bpf$ITER_CREATE(0x21, &(0x7f0000000e40), 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x11, 0x4, &(0x7f0000000cc0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x3ff}, [@alu={0x7, 0x0, 0x0, 0x9, 0x1, 0x80, 0x8}]}, &(0x7f0000000d00)='GPL\x00', 0x8, 0x7, &(0x7f0000000d40)=""/7, 0x40f00, 0x10, '\x00', 0x0, 0xb, r3, 0x8, &(0x7f0000000d80)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000dc0)={0x2, 0x5, 0x400, 0x9}, 0x10, r4, r5}, 0x78) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000017c0)={0xffffffffffffffff, &(0x7f0000001740), 0x539000, 0x4000}, 0x20) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000c80)={&(0x7f0000000500)=@nfc_llcp={0x27, 0x0, 0x2, 0x4, 0x80, 0x3, "275e3da33c1931500f2ad4a306ec0613d33ac05f7cec11fdccaffd04120d0058de273a520cd92445709878fb607c09556953eb8600eb6f44dfbb5a7b9b72dc", 0x25}, 0x80, &(0x7f0000000bc0)=[{&(0x7f00000001c0)="784055f7f6ddf003c6c171deb8ae1fd6ae8c7353", 0x14}, {&(0x7f0000000600)="055c77bd5259d66019a0ca97010415a3b3967a3ee9bbe8bfc1c3010db597df14759cf0f419d7936ac2d97a5b3f227e67ae938e2dcaf5743a5b6adfda897af491aa25fb4588768d4b8ab9e6c337c099d4ee4aa01c4ebdae42dc354240c6", 0x5d}, {&(0x7f0000000680)="023363a426a88768aedb6ed3dce87b97fe73c3a77f4eb6a9cf050e29ee920e1722c43451eb27f2a08874ab146623a1b2d22d506c358caf59e3af0a4b88d6bd925ce8be1efe79fc4cfea2683aa56fd543d9ea", 0x52}, {&(0x7f0000000800)="8b1ba712d0d25d83251001c9549b103d2bbf2a571eca1aa61dce3f284bbc226c8aab99fb91078ced481b23cf0fa33f776bb7e745ec0a562ec331acc1157b95bfa78dca4498022c9091170c6b0612922c204b8f170cc9f7d560296505c31c74bd854fc5deacd36f044c277c32938ff0ec59e61a661f7cfe438ad51f3258db3fac11700ec6913d6204d61d33199addb9a53a7a0a8248adc655c08ac67b9d40ca8a9055aae7791664ed41d246cda5f2ae3f5c352bbb3f409150c1f479e5f8297b7631217f72a657de0cba70b95ed595cd14753e80db9a956cd6492caa552d8f0e42962ae7b1e437ebf5a7d093e7d09513", 0xef}, {&(0x7f0000000700)="cdfbfa686786411b3e02252f43ced206a39c0c51fc2d342e94f108735baa34c988e255cb9c834a18cf1b48150ac09b7523dc12046b730b4fc5b6643cb406b33d04272702908abd0c1b456efaafe8c89091b0b7cb5fb42cea90e9645294c60fb6b79fe79eef33a46451cdca83fea42aedfa8c1c1ed7f82e3f", 0x78}, {&(0x7f0000000a00)="d0f59902f5e83dd90c4f7859b57b68b8937b5f3039a175e1baefdbee6da487069acdd409de848606e73459e1c621fadb0bbb71545951b80ebc00c8ee1d8f22f35a932361f06e4ab211186902e585dc48e4db6a281bf7efbc", 0x58}, {&(0x7f0000000480)="2fd66a16d5ec4352099ce359ec0197008a221f4ced025fc388b099eaba741fe6cbdad7d050731884", 0x28}, {&(0x7f0000000a80)="a197a86fab8f7cbedd87ece3d0495555023d3b2f6a86941d7166c956eb553ab47f0ae02de4a8cb2c07b4aff2a960dd998df07eba2e91623a93509a0032b23cfd9887276a8e14be21f306d07141b50c21b331738a6748506903048cf829e5148e3319f270ce896fc37b73884220e2b7c9877244221543a52ea568dbc02a635544195736c5f5c76d679c5b7a3c80459bf0794565f998947c858a0bf80ae717187f8e7f38e9b20d9b2eba039c5a7461d4221d883377c5", 0xb5}, {&(0x7f0000000580)="270c6d38dbbde4715d82069161f15323533f6718187327cf1b1e211564917f17196c38d035504381166cbb9080fe4e09c2f1", 0x32}, {&(0x7f0000000b40)="c2186274964f066e1ebe3cba29a6a89a3e9332e29780c9df70915674111bfda8da7ac92eb7fc95b17dd54a64cf352c3f0574109443ce8bf15f007a159be13f870cd4ad5bd7e8ece855622a019d82c467e8e1b833", 0x54}], 0xa, &(0x7f0000002d80)=[{0xf8, 0x112, 0x33e, "d0721c125fa7a5f289196b83b983071b1c98facc8286528e33475acb2f89b09b84151fa4fc1d60cceecf3276e96a991f530ec76d2d12c177ba729b5c9f8731571dc2aad1448d24cbd81081efbd49c3187cd5f0b6a5afc2f385bbe1d377a8c83659deec159d9d85920d98626a2b18740abc78661c2ac1bbfcaa0b1263c8b7718d7b59fec0a042f37b2334011a0e5b64a9276d996f1a0ce7d0ade898016ff2b863d15b967eeda3d6105dbfe9a233479e695ccba8e8343fb817c5e518fcf48f4b409e9848b8fd00b449cfa43e5f9949c57c40d066989603b29248ab9f555bfc64cde039"}, {0x100, 0x10c, 0xffffffff, "2d995d6ee9770b75ae1803fd454c1881cb72a7434321df320c09da3be3ac79123a858a401eac8e1d842cdf6de9b4d80e8545564b038161a0f7b8588932b006e408bb7bb2f9c8702925157be079935382f78a9e0e3d59d068a61111bba44e989d1fb87e8851be8f66802a9b495136fcdefdf48c073d38060eb3c6807ee4c6e706dce128c9ad76856118f81b4fb84421f5a0e64fde8da9c1596723d86b3575b80dd1c8c4414ec62d07de4ff65fb447b6ffd4aa0e20062dec9f97f3c9b8cfb019ef80389cba0ea31a1b5ed9acb7344a765665279cd39118d66666c585fdc1d5e065ecce4730f93a0c2053f3b1e7bcb286"}, {0x10, 0x119, 0x3}, {0x98, 0x111, 0x8, "71b9f609d18c09659a33f6628664c4e963dc0735472fd8bfab9784e04a6463f37123b3b335a71d24d8e3bd274341f28220f19c81d88154610cadef29e9a2c814e23c6381dbb5939a97103e84b33fdfa4689a4f2a9b2ac2973f4861740cb61be7f412999688d0c970ee5101e8867ff02b9b9ab0663558094406cd0bb904fa198d86d3c0bf599ce60e"}, {0x1010, 0x168, 0x10000, "f4f5164bbabc82d1229574c7d5fcea64ee8a6f12925351d3b760774f729079185080ffd7abdcaf931caeaa8b4758e126d91789d0ab419fae6b710f225f63ea6021a002f0bbda916311d09760898d51f3682745f09a7cff9c7628b302cb0deb118b5136c54f04007dca08641a51e25140e42b1ef0a799e0e2e9c84e3c663e01efc08f924c1147ee5ef4bed7a88b132c8b02fc3b2920b4687f76c263387d06ecbf81c3e8b887a0346bca00016108ec8db683020b9d042d992cb771cee1342eb24c9c4e8ee0a6c5d9b32ec0dd8c60e3407f5e5e2a15f1cca391ab04539acb14230b0a304a4728cdeb6138772ebba6193f49516491073560b612f46f408b4ff858531d12f010dfd3b9fba8e842e01925a646b30232701b236294e2dd3ac260721ca2e377db2ea2f8d37c6f01b2ae4b508d6ea458bd37ddb98f76139a9371724d35c34fa3c4ff550c5a98c9ba2a53445504d1af002dacb11542b53c7d060d19975e19b8a9760b1ea15b4f92d6ddfab9cae29520ab5764b1ef9bf34682d81433406289dc9f39c20ac3f8ba8ea1fc98b3bca3288c9420aa2378adb3e4f27fad88f1fffad233f6753541085c305e7e15bee56bd05cd7f8e0d134bd5436e3e2f1f9e5ff5d3ef4bc02a7d5b9a29151a4c543bb927736002b9516edf5b172da57616cab47a472cf82dec92673c1b684e811c20e55168e2a21e6c9014f40c344241de58fbc085e33a0f58911164aac8c807f10023838f886ad403a7afd7b92e831a35426dbc22da715cb06a4f32b04d12f3cabe6f10cce7e118c94d751ddc076cfbd68504ba7fc2a2c7ef637567584eee4a7c10bef95b997116f923b3a61601680cc02ff6af8c6c64ce86834e6644ab044dc0903fc4da328bb085f707513af0a25508b33e233151f8203416182b8a2f10d1f6d15663ca0656fe503a972632c9dc35cfc9e1dc5c98f84dc85b4dcbf847b53093bd9e56721182390f235dd7e84e3614a23aaf7f621939d47e4d1b2875c9afd33d44a25e4895de4639b87b7a36adf8e0b0344ab5306c84c3ddc044cea704a82e37498364aa0aef9a29232a6ea8319bc6518aeced7d977e3a886fe6c1a40c5a52c0a7245400a69d0a522223dcdbb7a6eb4adc24fd58686665305132e2c3c6f74918795a5392158bd0698a9369e30586cfb50cef2fb3d18c63a5980388955ee3175d7a79a9c0b8e3261dead494be5c47a34a0195f0da8aaa7f0424b37e349a2f799f1a9461dfaf936680bcbc8c9428573a44e26a6dfc47f565e0133ede41462b871a019a2868bd35760bdd0d796533562806da2d8b5df6564c5f25d413b1d56f107b2006fcdc5f63b36f2c769183c8b886ca09af39d10972442324e85705562de1a14064017a279f84e3780c4f90a34af317436d30183c31fee2794424645677842c7a76d37e7267370b58ab830dceff80ad47492087d96242fe49a8ed649022f7b4b837f2baed157b4dd4452a3fd22b69f1109d08434c76c777adbc5cf1f6040b170403986d5b21c7c41fac5a10693d1e13dce391809a336862d0b6aec2218692e09a6e480265eff8f3ba9c0fccd790c170494aff8cfac83bb73f5f8f6d765438a37d851579356eae16b40c7c9cb7a464cbfcd6b73c40fc43d0cfef6cd9a72c11e8b4033745ed60beb355311ad5be31f20c2ecc09eb1b7514e9813465b8537dc248b5c37924cf0d4f7012cbfa2529e22f4071cf8369312dea46ad82cb4c9816792709de797c5cca083b2a761347b7bb2694df73a5537257c39afba3866ea18531c46da727466f3a9229899f76ee408c474e1e46c36c66c03f824914a3cac30f833e4b9dbb421a1271664c21913baaa4c53254279a0be4b193c858fcbae3dfa568ae936ee5ae1192a07ff327f30aeae6b43f61b93404e22eff9818de435ec887645797319d9c70246c8b8d3f6ed06de7e81ddd77dbdf80907868da8c301c173a6168a4ad4ba62a051a5deb1c3b371451af14d87add8def9aaf0f59a6d0339400ccde165068ccb82165de6429c2725066d11ed7d3c708d2510656b6edd669c8d59f7c85c88cb2de31930fce15f2b20ff6b7c3eeb6ae03cf4e11742380f08454a37149d4d39f32fca7aea6f33a26f393d26b5b9167dac161c2aa2b69f8c759634ed5382f07ec5298f85390a87508b9c4d98c0be1f9051d9cab99b7fd9d415c4d610767551b1322d01a2f5c08eaa87c7359c99cdd857ec4c45e35965e9336e7599c56159655a1b19b79a50bd4a89d6e2ec2bcac1bd38711d0008529c4179c49726f132ea64527a67c192a48439bec124e4934bba0c7c9670eb312a6347aa3ff0355ac9045c032b8f50bee4cae04bc1247812b7205acf0981ce18cc81a380e314b1f78a31870d838bfa76ebebba3b73970a21499c1a7e0f3002094368512fbf3f8f3577b8d2fe62cf8db54c0f2c6aabdfa9a45d8b77545878b09e8c25f4d736916489a2549042fd3627d64c580a02db838b96f7e109c1fe03f40786e866013de1fb5cb1f5ed8bdc82220760f6c74de759b655af3f438f2f7d7ade1d4d50e2d5c37872241df6b2dd42aec2bac83f7c27b3e7ca18926d8745440ca50dceed4374092ec80d36b56f1db9edc99601c61eaee92802135893bb924196f04a0af5b173ee360972a533319e64c723a0eb93af5dcd5b9bd217579a19e76abab736ce756bf11d17780495c09d37980296ed7c5a65ea3c887f0c7efdc177a98c4474968e89bc7a02fcee0eb5b022acd617ff00d32e917ff4eea5c4c75ba57af3f779cff027fc0e509bbdb5f4451276cbc1175f3f359ebe11124f3590f66cd71343f4d32e2b1e85bf2ea86031b6f8ca567d3de8a8487cab55d729026820f6e017cbe6c50e3b1b9059775ce7968d811a51eec9858d26444f0d492f315d1801938873ced32dea74b2ae1d0bc70fbc1397aadaffac7c03d52ff4b00f87d6eed123c505f2d847c171ebfb6765cc61b610bef61540705d7cb12fe48123b4628639e48f7f358d3cb5e3d67b8503d659e421c6d0fad15b814dc186f7c79135850b691e62a37ac0a97433ddd11023c989c71b89607b46e1563da08eb7e5505c820ce31bf1678020ebd0feaf9de2e5679a167912f94a8efd6c7176e845c4b92780d3b12bfe725978c46a5583b2df52f83f2f1d381f77303891150c8f590aa7394c653144a12e09c19e2f6bf888166f52611f472abbde233f9452a3313de0897769b3851097d720bdccbcfa7435875e3785f41b6dcc02862238a6463dd9f692daf7c68f8a5eba40f945cdb679c6c51b2e942da5b6df97a0387e0d9318103995601f876db224d0cfd7e30d675fd2494052850d16a86f1e0ff5b3cb4d07e2dc7126cb65aa1745df7b41ad3f780de1d96eae90e5a9404485478374956c3886bbc89206d75fffe41e4bb43144c634ab15bd4413c7ba2bd82be2f6e75c5bfdf5647eab0fcdd3c0962e6889555f6c689bee9ac0793bf9acb1f22e9ecfd5f801c2f576a1f9dbad695c044040715ba77f5aeaf8ebc5e59ad5cbe90509d692c6f056ca37ed112699d8f05646a6a3823323085ea068d783fd34da8eab6327896cf47795946c14d8c8d46e3075b1c850cda62d2cef3e288c5f5b2896d8f3ec5e3bef62db4c26932b6e0e6445d2774a34b497d897ab87200a3c5a4c75197f2fe38bc78c15faab250004b9f9d46ace649c925346b89ac7171852c32f61b9771f60b9bd36fb4ba9737bed2e7456e31e30cf5ba67f3fc407b44c7ffc060f640968f18e8556110bccc7917831b41258756de9481a569183d74e1a6e09dae4cbc8b70674bae4bb9d9432e5ea7f31cb032ab8594756655b30df611f8ccad6d79ec606068e50eabea2fd46b220892ce6806a54b2ab7487c6ccd0861ba27e642e60c18e33e29f46ec207df72f03fd7846a9ae7d096f98017993c0b52cb0f95336379ce34411ea0959ba2375ba9fef9c5aaf9634253809d75dfc2f838debc21efd2de2233f38136be6536f11d9b75dcd810f9d5e41e1eecfb5d38b55b0648e86957e638c56c40da280d0f8ec514ede885537b8af9adb14ddfb675bcb6c2bc0981c14ff2008cdd033cf30037a9c28e99b4f1f85341ad5ee449433d19d8ee8ba31fa791cc4770c359d1219bbcd43d6ddb64608aad61f6b544a723fa0fa6c4858c9544bd78200025854ebf1a35fbbcc93daaabbaed61e654604240e22a1498d5a9d41c0b7f505612a32d782fc440c37d1a952194c057e14702a596d32e2eff3640f7469f500c0eb322f4f58d3a7e51b879cb0e2910654678db404303445b15bdb285b3d910bd80765fc7f24a28e89ed4627bcc08dfb50adacd8a419335f6f6750e2caf97e6b2c26fbff4dfef60a30f647c75e3d9f3dcabe93fd63d21954abaf8347d38ae52f243237b806a2e4b2ee8854e5cc3b21e6c07acd6b42e8a87cea86296c33b95e411b8f53a972677b34944099f00dcedd50eeaffbfc230e5890d9f7518073430ce3700938c990bac6fd0c9d4d000472c451780ee5cc48993ac60a9d2252cfc6378d62e6f76a441e64a0ff26412c3322b07315534911eeb308bbb17ffcf59322db0f8fdc9c4250cd819e8f7801b1815ff18651ace169f6de3648c4083de00e5b813e93036b81352634c45a21a77768e9d7de48da41c3b327a7ed16eff56b67789a987a0e4b495198631930318ca72c85f5eb532e6dc02d5f86c21a53c31ec682c6948aa0976b7aa160e67ff8943662344e3117a1adc1cc1d8411adae5b76271fcbd21f6a04801ee1c94958a827c9f18207ee9fbd33b14bc6581062e8dc8b1c691f65f7aa842626655e621bd922831ccaed83792466b1a5a1eb081f565e961eeff11c89011ae14f921f324737c4d28f11a14ec55ed8ed9d1c0f76619a24e27e68fe1b1586b0669d41868c14e826778a8775d26876c3f2d19fe9d1ccbfbe5e403343b841e5871841f12da5e49b1a4b141856f5e47e203175216b108649a9fc2a9d2368938649f383b2ac791ea1bf84e9b831a0a9e84eddc0d621a10cb3eafcc33f6bd7e0a12e2db5568763baa9c9a026164fb9fec0137057733aada78acfcd67e37bfb4c7d61444229a493f9ecfc1537138745a8facaf1d8ad8350d9e40808a058340e1c49d1fd199fc56a2c344b0b58b9262039ac1e09b152267ba433d18306838ddff604b9b3d6ee55e1fea910984baa656f12a482283f59c5cdca6bbcec7d9a351aaa7524b3af9bac1bff671ebdd4bd2cbcda1cff7db469e7cbe1ca7f975d7540c680fc16de9081cefeffb67ff11e9f4ebe96e3f2f24f45bd70123d555a30e8c89061bc1f365a4dd47d1165b0cb2c1e8332673ce2ab279982079c351b8e8f21fcc6fe1c48b1eb3b1e77add449ad6eefee9c767953928cbd78b61741f48e4b20459487a15292fc257720c74ee01e1e73b3812b29b31ce0be1238e2b69e5cc20125df959a02633ed811ca25a93b502d586acca82de658237971689c37cc0a70b9521a49137c00180d71de71815b70f177377de95d0d8425c18ddb59229fb284f351a12f85f570a2146c56ac31dbfd08fc6ee00e63c5e6125db06f34c1c7d71a123ef010aa10fdc9a04044c65ea21f21cbcc4dbb5836f0d134ad59ca5bdd45dda08f4b26df9d1e5e7eb23f730993701a6463e083b4ae61a5e89231e7db419c5a3e0546691a091858ada8d84a35c171241e6c42b5c86dc5d74556f3d470fccebb1e3a0c33811e323d46cbc93f6108aaa0306fc124d60ae5cdfbb28012d2b6c8156d0a042326dff0d313498d9e3eb97e16c0f2ae0a4b942432e5f643e086ac2151622bf466b342f50e0e63f7d3"}, {0x98, 0x0, 0x1f, "a9e99813cea666ee51c1fe53f221690acff2900a5bbcb5c2a259fc0397f13cd639ae7d925b7d1fb05d4f181f178bc3dbac24478523c2c5c8d3ac4f6142f54de3dcc113e07bff42e184f7bb5e6fa80810b6f0aa5b31d7feeaa157e7ebda9ce8aa4df01928ce66427756dae8968c56508f969fda8d156636fe03c0c9f845e84e7184f95773"}, {0x78, 0x100, 0x4, "8450fac990dbf7738c47c0ad18ebec4249721d7a724306213f0c5a3817b7d97c1d618361565af22dd08be7da142933ffd29b2511ad94bef86520e0f7f0bd3bb59a679cfab13692c3d568642ca0e715192e3690835ccaf498ea67de50546a2a81ee71066308a890"}], 0x13c0}, 0x4) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001b80)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001bc0)={0x1a, 0x5, 0x2, 0x3f, 0xd22e5c4ab18621f4, 0xffffffffffffffff, 0x3, '\x00', 0x0, r6, 0x5, 0x0, 0x3}, 0x40) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000340)=@bpf_lsm={0x1d, 0xa, &(0x7f0000000f00)=ANY=[@ANYBLOB="18008510000006000000a4944959fcffffff95000000000000001831000002000000000000000000000077b5f7f9030000d38da7500d009500000000000000950000000000000000000000000000000000000000008e5c5ab1ce0d0dd8bebe9184096445ebe1860cd13c7811cef7fbec49d3202c16fc7a3aee4bbfecebefdf411d2b30514b71e165adb75f01d6122b97cb4980652fcdfa1306b852e6d91160a6da713949ace6ddb7d5e66aea0c01b057a63deb478c9a5c8dbf24d96303e10b569c220cab2518513d6ab015661cdc9142c4186b746a75a807312b222f0fa8057f01297fc2e1b233190ec5227de822192496255cd094e4cc6778a5510235269d"], &(0x7f0000000000)='syzkaller\x00', 0x6, 0x5d, &(0x7f0000000280)=""/93, 0x41000, 0x17, '\x00', r1, 0x1b, r6, 0x8, &(0x7f0000000100)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000300)={0x3, 0xa, 0x72, 0x800}, 0x10, 0xffffffffffffffff}, 0x78) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r7, 0xc0185879, &(0x7f0000000080)) [ 2292.533355][T13225] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2292.541374][T13225] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2292.549439][T13225] R13: 00007fffc9e5e04f R14: 00007f0cbc104300 R15: 0000000000022000 03:47:15 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x9effffff) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) [ 2292.613326][T13226] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 2292.629895][T13226] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. 03:47:15 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)={0x5, 0x4, 0x4, 0x1}, 0x40) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000017c0)={r0, &(0x7f0000001740), 0x539000, 0x4000}, 0x20) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001b80)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001bc0)={0x1a, 0x5, 0x2, 0x3f, 0xd22e5c4ab18621f4, r0, 0x3, '\x00', 0x0, r1, 0x5, 0x0, 0x3}, 0x40) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='block_rq_requeue\x00', r1}, 0x6) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x47, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r2, 0x40042409, 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0xc0185879, &(0x7f0000000080)) [ 2293.077176][T13223] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 2293.090853][T13223] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2293.121453][T13223] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2293.121453][T13223] !' [ 2293.136217][T13223] CPU: 1 PID: 13223 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 2293.146366][T13223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2293.156711][T13223] Call Trace: [ 2293.160019][T13223] dump_stack_lvl+0xcd/0x134 [ 2293.164838][T13223] sysfs_warn_dup.cold+0x1c/0x29 [ 2293.169984][T13223] sysfs_do_create_link_sd+0x11e/0x140 [ 2293.175489][T13223] sysfs_create_link+0x5f/0xc0 [ 2293.180299][T13223] device_add+0x789/0x2100 [ 2293.184824][T13223] ? mutex_lock_io_nested+0xf00/0xf00 [ 2293.190662][T13223] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2293.196251][T13223] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2293.202785][T13223] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2293.209155][T13223] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2293.215729][T13223] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2293.221999][T13223] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2293.228110][T13223] wiphy_register+0x1e8a/0x29b0 [ 2293.233038][T13223] ? wiphy_unregister+0xbd0/0xbd0 [ 2293.238087][T13223] ? minstrel_ht_alloc+0x531/0xa00 [ 2293.243319][T13223] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2293.249424][T13223] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2293.255013][T13223] ? ieee80211_restart_hw+0x290/0x290 [ 2293.260600][T13223] ? debug_object_destroy+0x210/0x210 [ 2293.266040][T13223] ? lock_downgrade+0x6e0/0x6e0 [ 2293.270896][T13223] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2293.276357][T13223] ? memset+0x20/0x40 [ 2293.280341][T13223] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2293.286589][T13223] ? __hrtimer_init+0x136/0x280 [ 2293.291443][T13223] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2293.297186][T13223] ? hwsim_virtio_rx_work+0x350/0x350 [ 2293.302574][T13223] ? __kmalloc_track_caller+0x1a0/0x320 [ 2293.308150][T13223] ? memcpy+0x39/0x60 [ 2293.312133][T13223] hwsim_new_radio_nl+0x9bc/0x1080 [ 2293.317264][T13223] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2293.323194][T13223] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2293.329443][T13223] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2293.336817][T13223] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2293.344125][T13223] genl_family_rcv_msg_doit+0x228/0x320 [ 2293.349676][T13223] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2293.357918][T13223] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2293.364462][T13223] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2293.370701][T13223] ? ns_capable+0xde/0x100 [ 2293.376502][T13223] genl_rcv_msg+0x328/0x580 [ 2293.381012][T13223] ? genl_get_cmd+0x480/0x480 [ 2293.385691][T13223] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2293.391672][T13223] ? lock_release+0x720/0x720 [ 2293.396342][T13223] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2293.401628][T13223] ? trace_hardirqs_on+0x5b/0x1c0 [ 2293.406651][T13223] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2293.412369][T13223] netlink_rcv_skb+0x153/0x420 [ 2293.417134][T13223] ? genl_get_cmd+0x480/0x480 [ 2293.421810][T13223] ? netlink_ack+0xa60/0xa60 [ 2293.426404][T13223] ? netlink_deliver_tap+0x236/0xba0 [ 2293.431690][T13223] genl_rcv+0x24/0x40 [ 2293.435669][T13223] netlink_unicast+0x533/0x7d0 [ 2293.440474][T13223] ? netlink_attachskb+0x890/0x890 [ 2293.445583][T13223] ? __virt_addr_valid+0x5d/0x2d0 [ 2293.450603][T13223] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2293.456838][T13223] ? __phys_addr_symbol+0x2c/0x70 [ 2293.461943][T13223] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2293.467663][T13223] ? __check_object_size+0x16e/0x3f0 [ 2293.472944][T13223] netlink_sendmsg+0x85b/0xda0 [ 2293.477721][T13223] ? netlink_unicast+0x7d0/0x7d0 [ 2293.482662][T13223] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2293.488902][T13223] ? netlink_unicast+0x7d0/0x7d0 [ 2293.493836][T13223] sock_sendmsg+0xcf/0x120 [ 2293.498255][T13223] ____sys_sendmsg+0x6e8/0x810 [ 2293.503112][T13223] ? kernel_sendmsg+0x50/0x50 [ 2293.507793][T13223] ? do_recvmmsg+0x6d0/0x6d0 [ 2293.512383][T13223] ? fs_reclaim_release+0x9c/0xf0 [ 2293.517409][T13223] ? lock_downgrade+0x6e0/0x6e0 [ 2293.522263][T13223] ___sys_sendmsg+0xf3/0x170 [ 2293.526869][T13223] ? sendmsg_copy_msghdr+0x160/0x160 [ 2293.532151][T13223] ? __fget_files+0x266/0x3d0 [ 2293.536826][T13223] ? lock_downgrade+0x6e0/0x6e0 [ 2293.541757][T13223] ? futex_exit_release+0x220/0x220 [ 2293.546955][T13223] ? alloc_empty_file+0xd7/0x170 [ 2293.551897][T13223] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2293.558153][T13223] ? __fget_files+0x288/0x3d0 [ 2293.562836][T13223] ? __fget_light+0xea/0x280 [ 2293.567522][T13223] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2293.573788][T13223] __sys_sendmsg+0xe5/0x1b0 [ 2293.578294][T13223] ? __sys_sendmsg_sock+0x30/0x30 [ 2293.583328][T13223] ? syscall_enter_from_user_mode+0x21/0x70 [ 2293.589308][T13223] ? trace_hardirqs_on+0x5b/0x1c0 [ 2293.594329][T13223] do_syscall_64+0x35/0xb0 [ 2293.598749][T13223] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2293.604653][T13223] RIP: 0033:0x4665d9 [ 2293.608543][T13223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2293.628346][T13223] RSP: 002b:00007f571d72b188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2293.636764][T13223] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 2293.644758][T13223] RDX: 0000000001000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 2293.652730][T13223] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2293.660691][T13223] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038 03:47:16 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x2000000) socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) 03:47:16 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0xa7120000) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:47:16 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpu.stat\x00', 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r0, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_tracing={0x1a, 0xa, &(0x7f0000000180)=@raw=[@alu={0x7, 0x1, 0x8, 0xb, 0x9, 0x20, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0xb3, 0x0, 0x0, 0x0, 0x7f}, @ldst={0x2, 0x3, 0x0, 0x8, 0x3, 0xc, 0xfffffffffffffffc}, @alu={0x4, 0x0, 0xd, 0x5, 0x3, 0x2, 0xffffffffffffffff}, @ldst={0x0, 0x0, 0x1, 0x1, 0x6, 0xfffffffffffffffc, 0x1}, @generic={0xa6, 0x2, 0x3, 0x34, 0x36d7}, @exit, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2}], &(0x7f0000000100)='syzkaller\x00', 0x1000, 0x95, &(0x7f0000000280)=""/149, 0x40f00, 0x13, '\x00', r2, 0x1a, r0, 0x8, &(0x7f0000000340)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000380)={0x5, 0xf, 0x0, 0x29}, 0x10, 0x13234, r0}, 0x78) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) r4 = bpf$ITER_CREATE(0x21, &(0x7f0000000480)={r3}, 0x8) sendmsg$kcm(r4, &(0x7f0000000780)={&(0x7f00000004c0)=@phonet={0x23, 0x8, 0x5, 0x9}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000540)="181fb4d0", 0x4}, {&(0x7f0000000580)="e5c025e3c70294c5e3b1c9e1fcd0", 0xe}, {&(0x7f0000000600)="6bee9384ffa9b89ca5a796cdaf62e6a2fcba935c3c48646556b99440fe9d43aa2325c011bb2df445e694b9ce75fdd699cf4eab2533cfa15d3aea80aaac333272248b1807b3d60996086931eda54721d466739a3483253187dda7ea3350da35bd441cf63d6c11c7e195d5fa519b777edf36d6d6dbdaa3781ab80ddfbe664c74f37112e9894e77a434ccb12eff2a4782cb76692647d896dff1fec2b7bbab439dbaeff0ebb07c1b2225b110516f47110e06e1b47d7cf9e6df2201ee652f63cbe22886415be0c3a27650d565263c8b7c41218739ae561966a0475a9cad804e4bfe76cd4dc17659424383d0844146c5f74b2bf0b870a0787030", 0xf7}, {&(0x7f0000000700)="8493a40db452c04ba6b20aa9c5727c38decd7a0462082203fc9d1f0a5edbcb42fb27ede1c131839d6ea2091e", 0x2c}], 0x4, &(0x7f0000000a00)=[{0x78, 0x10a, 0xfff, "b07b6ccb7a7dfbcada168965d52f0252eb3871c33c4c94500bbd5f45fc18e31e387c4d398d43e2726c72a78961ce389445dc05411bdbcea25207420e61975aee86c1068965b2886d8176f97b20e5c2f3326fe6197678760c6aa10db190a25a4d534b058bec"}, {0x68, 0x10d, 0x38dcff78, "820ee9ee19aa26248cee28a645835c90d367688b682e3bb020500eb14a137b885e1bb20e11638be7365fa4caed328a06bd34b3a4e6daa1067365ba388de174ea77caf367eee0726a7260ad04bbc7f37f04"}, {0xc0, 0x10e, 0x80000000, "ba2203db3d2bb236b83ca21da02fd0043c1f2ef98bbc698b80d6bc3b175fd8295dd7ddbb4fb9d715051f6a82c6c54025b0105212eb46d5645a9dfc0ef90cf610c4b5938b7f4bebb3d9c0d7ae499d329717ceea3aa4381ca6e303294ed881178dd7d422f5d05bf345580e6f621cbd0b80f9aa33bed55bd96ce6fd2a68ce725387e3cca79b43342786431a4648274618929490a9d0992025aa3fddc698c997553056e9546fbcd987e9622db98661045c9e"}, {0x50, 0x10c, 0x80, "822b94b80d64f166cdb90402e60e7186f62ce955c32e34963dd9195a8556fdfa1fe8f342916657b8ec34deec68a5176f99ac92ce6dd373ac2f869faa8b9a615a"}, {0x38, 0x6, 0x2, "3fd2ef4bbde94a43d2d28fdc23f1406d8f7e19e0c2e47881f3727a8df59420c748e6cda25ef6"}], 0x228}, 0x4000800) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0xc0185879, &(0x7f0000000080)) 03:47:16 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2294.248057][T13247] RSP: 002b:00007f2f41cb3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2294.256458][T13247] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2294.264424][T13247] RDX: 0000000000000008 RSI: 0000000020000000 RDI: 0000000000000004 [ 2294.272393][T13247] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2294.280375][T13247] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2294.288338][T13247] R13: 00007ffcab19058f R14: 00007f2f41cb3300 R15: 0000000000022000 [ 2294.333459][T13271] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2294.351197][T13271] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2294.569879][T13271] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2294.569879][T13271] !' [ 2294.591637][T13271] CPU: 1 PID: 13271 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 2294.601488][T13271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2294.611558][T13271] Call Trace: [ 2294.614848][T13271] dump_stack_lvl+0xcd/0x134 [ 2294.619465][T13271] sysfs_warn_dup.cold+0x1c/0x29 [ 2294.624411][T13271] sysfs_do_create_link_sd+0x11e/0x140 [ 2294.629889][T13271] sysfs_create_link+0x5f/0xc0 [ 2294.634657][T13271] device_add+0x789/0x2100 [ 2294.639189][T13271] ? mutex_lock_io_nested+0xf00/0xf00 [ 2294.644558][T13271] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2294.650101][T13271] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2294.656614][T13271] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2294.662868][T13271] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2294.669112][T13271] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2294.675351][T13271] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2294.681331][T13271] wiphy_register+0x1e8a/0x29b0 [ 2294.686193][T13271] ? wiphy_unregister+0xbd0/0xbd0 [ 2294.691223][T13271] ? minstrel_ht_alloc+0x531/0xa00 [ 2294.696462][T13271] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2294.702540][T13271] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2294.708000][T13271] ? ieee80211_restart_hw+0x290/0x290 [ 2294.713367][T13271] ? debug_object_destroy+0x210/0x210 [ 2294.718739][T13271] ? lock_downgrade+0x6e0/0x6e0 [ 2294.723602][T13271] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2294.729063][T13271] ? memset+0x20/0x40 [ 2294.733060][T13271] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2294.739295][T13271] ? __hrtimer_init+0x136/0x280 [ 2294.744148][T13271] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2294.749874][T13271] ? hwsim_virtio_rx_work+0x350/0x350 [ 2294.755240][T13271] ? __kmalloc_track_caller+0x1a0/0x320 [ 2294.760779][T13271] ? memcpy+0x39/0x60 [ 2294.764762][T13271] hwsim_new_radio_nl+0x9bc/0x1080 [ 2294.769881][T13271] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2294.775773][T13271] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2294.782020][T13271] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2294.789394][T13271] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2294.796678][T13271] genl_family_rcv_msg_doit+0x228/0x320 [ 2294.802221][T13271] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2294.809598][T13271] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2294.815836][T13271] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2294.822070][T13271] ? ns_capable+0xde/0x100 [ 2294.826479][T13271] genl_rcv_msg+0x328/0x580 [ 2294.830979][T13271] ? genl_get_cmd+0x480/0x480 [ 2294.835662][T13271] ? lock_downgrade+0x6e0/0x6e0 [ 2294.840605][T13271] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2294.846521][T13271] ? lock_release+0x720/0x720 [ 2294.851321][T13271] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2294.856619][T13271] netlink_rcv_skb+0x153/0x420 [ 2294.861397][T13271] ? genl_get_cmd+0x480/0x480 [ 2294.866088][T13271] ? netlink_ack+0xa60/0xa60 [ 2294.870676][T13271] ? netlink_deliver_tap+0x236/0xba0 [ 2294.875963][T13271] genl_rcv+0x24/0x40 [ 2294.879940][T13271] netlink_unicast+0x533/0x7d0 [ 2294.884699][T13271] ? netlink_attachskb+0x890/0x890 [ 2294.889804][T13271] ? __virt_addr_valid+0x5d/0x2d0 [ 2294.894835][T13271] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2294.901159][T13271] ? __phys_addr_symbol+0x2c/0x70 [ 2294.906213][T13271] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2294.911964][T13271] ? __check_object_size+0x16e/0x3f0 [ 2294.917294][T13271] netlink_sendmsg+0x85b/0xda0 [ 2294.922079][T13271] ? netlink_unicast+0x7d0/0x7d0 [ 2294.927015][T13271] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2294.933252][T13271] ? netlink_unicast+0x7d0/0x7d0 [ 2294.938186][T13271] sock_sendmsg+0xcf/0x120 [ 2294.942609][T13271] ____sys_sendmsg+0x6e8/0x810 [ 2294.947371][T13271] ? kernel_sendmsg+0x50/0x50 [ 2294.952055][T13271] ? do_recvmmsg+0x6d0/0x6d0 [ 2294.956638][T13271] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2294.962795][T13271] ? lock_release+0xa1/0x720 [ 2294.967379][T13271] ___sys_sendmsg+0xf3/0x170 [ 2294.971963][T13271] ? sendmsg_copy_msghdr+0x160/0x160 [ 2294.977247][T13271] ? __fget_files+0x266/0x3d0 [ 2294.981923][T13271] ? lock_downgrade+0x6e0/0x6e0 [ 2294.986783][T13271] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2294.992682][T13271] ? do_vfs_ioctl+0x132/0x15d0 [ 2294.997464][T13271] ? __fget_files+0x288/0x3d0 [ 2295.002141][T13271] ? __fget_light+0xea/0x280 [ 2295.006742][T13271] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2295.012981][T13271] __sys_sendmsg+0xe5/0x1b0 [ 2295.017495][T13271] ? __sys_sendmsg_sock+0x30/0x30 [ 2295.022519][T13271] ? syscall_enter_from_user_mode+0x21/0x70 [ 2295.028410][T13271] ? trace_hardirqs_on+0x5b/0x1c0 [ 2295.033432][T13271] do_syscall_64+0x35/0xb0 [ 2295.037841][T13271] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2295.043735][T13271] RIP: 0033:0x4665d9 [ 2295.047634][T13271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2295.067238][T13271] RSP: 002b:00007f2f41c71188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2295.075659][T13271] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2295.083623][T13271] RDX: 0000000000000008 RSI: 0000000020000000 RDI: 0000000000000004 [ 2295.091670][T13271] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2295.099643][T13271] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2295.107606][T13271] R13: 00007ffcab19058f R14: 00007f2f41c71300 R15: 0000000000022000 03:47:18 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0xe) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x2000) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:47:18 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0xf0ffffff) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:47:18 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)={0x5, 0x4, 0x4, 0x1}, 0x40) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000017c0)={r1, &(0x7f0000001740), 0x539000, 0x4000}, 0x20) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='cgroup.stat\x00', 0x0, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup(r2, &(0x7f00000002c0)='syz0\x00', 0x200002, 0x0) perf_event_open$cgroup(&(0x7f0000000240)={0x2, 0x80, 0x7, 0x0, 0x20, 0x0, 0x0, 0xfff, 0x800, 0xa, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_bp={&(0x7f0000000200), 0x1}, 0x2104, 0x1000, 0x7, 0x3, 0x4, 0x0, 0x5, 0x0, 0x8, 0x0, 0xfffffffffffffff7}, r3, 0x0, r2, 0x9) close(r3) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001b80)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001bc0)={0x1a, 0x5, 0x2, 0x3f, 0xd22e5c4ab18621f4, r1, 0x3, '\x00', 0x0, r4, 0x5, 0x0, 0x3}, 0x40) openat$cgroup_ro(r4, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r5, 0xc0185879, &(0x7f0000000080)) 03:47:18 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2295.705936][T13320] RSP: 002b:00007f571d74c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2295.714340][T13320] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2295.722302][T13320] RDX: 0000000002000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 2295.732782][T13320] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2295.740742][T13320] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2295.748704][T13320] R13: 00007ffe36affebf R14: 00007f571d74c300 R15: 0000000000022000 03:47:18 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0xfffff000) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:47:18 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) openat$cgroup_ro(r2, &(0x7f0000000280)='io.stat\x00', 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0xc0185879, &(0x7f0000000080)) r3 = perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x40, 0x80, 0x5, 0x40, 0x0, 0x40, 0x84cc4, 0xf, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1, @perf_bp={&(0x7f0000000000), 0x6}, 0x830, 0xf7b4, 0x3, 0x4, 0x6a, 0x95, 0x1, 0x0, 0xf9b, 0x0, 0x5}, 0x0, 0x8, r1, 0x9) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f0000000100)='sched_switch\x00') [ 2295.825227][T13316] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 2295.846517][T13316] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. 03:47:18 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0xffffff7f) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) [ 2296.324706][T13335] netlink: 'syz-executor.2': attribute type 11 has an invalid length. [ 2296.337242][T13335] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2296.458055][T13322] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 2296.467353][T13322] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2296.483418][T13322] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2296.483418][T13322] !' [ 2296.500073][T13322] CPU: 0 PID: 13322 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 2296.509922][T13322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2296.519988][T13322] Call Trace: [ 2296.523278][T13322] dump_stack_lvl+0xcd/0x134 [ 2296.527903][T13322] sysfs_warn_dup.cold+0x1c/0x29 [ 2296.532868][T13322] sysfs_do_create_link_sd+0x11e/0x140 [ 2296.538352][T13322] sysfs_create_link+0x5f/0xc0 [ 2296.543135][T13322] device_add+0x789/0x2100 [ 2296.547683][T13322] ? mutex_lock_io_nested+0xf00/0xf00 [ 2296.553075][T13322] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2296.558815][T13322] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2296.565350][T13322] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2296.571623][T13322] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2296.578085][T13322] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2296.584560][T13322] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2296.591548][T13322] wiphy_register+0x1e8a/0x29b0 [ 2296.596425][T13322] ? wiphy_unregister+0xbd0/0xbd0 [ 2296.601629][T13322] ? minstrel_ht_alloc+0x531/0xa00 [ 2296.607036][T13322] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2296.613108][T13322] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2296.618562][T13322] ? ieee80211_restart_hw+0x290/0x290 [ 2296.623937][T13322] ? debug_object_destroy+0x210/0x210 [ 2296.629313][T13322] ? lock_downgrade+0x6e0/0x6e0 [ 2296.634159][T13322] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2296.639632][T13322] ? memset+0x20/0x40 [ 2296.643786][T13322] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2296.650013][T13322] ? __hrtimer_init+0x136/0x280 [ 2296.655473][T13322] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2296.661187][T13322] ? hwsim_virtio_rx_work+0x350/0x350 [ 2296.666553][T13322] ? __kmalloc_track_caller+0x1a0/0x320 [ 2296.672210][T13322] ? memcpy+0x39/0x60 [ 2296.676295][T13322] hwsim_new_radio_nl+0x9bc/0x1080 [ 2296.681499][T13322] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2296.687530][T13322] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2296.693857][T13322] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2296.701220][T13322] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2296.708500][T13322] genl_family_rcv_msg_doit+0x228/0x320 [ 2296.714045][T13322] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2296.721414][T13322] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2296.727640][T13322] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2296.733864][T13322] ? ns_capable+0xde/0x100 [ 2296.738272][T13322] genl_rcv_msg+0x328/0x580 [ 2296.742761][T13322] ? genl_get_cmd+0x480/0x480 [ 2296.747429][T13322] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2296.753315][T13322] ? lock_release+0x720/0x720 [ 2296.757978][T13322] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2296.763271][T13322] ? trace_hardirqs_on+0x5b/0x1c0 [ 2296.768288][T13322] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2296.774007][T13322] netlink_rcv_skb+0x153/0x420 [ 2296.778763][T13322] ? genl_get_cmd+0x480/0x480 [ 2296.783427][T13322] ? netlink_ack+0xa60/0xa60 [ 2296.788006][T13322] ? netlink_deliver_tap+0x236/0xba0 [ 2296.793272][T13322] genl_rcv+0x24/0x40 [ 2296.797280][T13322] netlink_unicast+0x533/0x7d0 [ 2296.802032][T13322] ? netlink_attachskb+0x890/0x890 [ 2296.807136][T13322] ? __virt_addr_valid+0x5d/0x2d0 [ 2296.812166][T13322] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2296.818520][T13322] ? __phys_addr_symbol+0x2c/0x70 [ 2296.823573][T13322] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2296.829274][T13322] ? __check_object_size+0x16e/0x3f0 [ 2296.834668][T13322] netlink_sendmsg+0x85b/0xda0 [ 2296.839428][T13322] ? netlink_unicast+0x7d0/0x7d0 [ 2296.844363][T13322] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2296.850986][T13322] ? netlink_unicast+0x7d0/0x7d0 [ 2296.856031][T13322] sock_sendmsg+0xcf/0x120 [ 2296.860447][T13322] ____sys_sendmsg+0x6e8/0x810 [ 2296.865204][T13322] ? kernel_sendmsg+0x50/0x50 [ 2296.869877][T13322] ? do_recvmmsg+0x6d0/0x6d0 [ 2296.874483][T13322] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2296.881584][T13322] ? __kfence_alloc+0x37b/0xc20 [ 2296.886447][T13322] ___sys_sendmsg+0xf3/0x170 [ 2296.891025][T13322] ? sendmsg_copy_msghdr+0x160/0x160 [ 2296.896289][T13322] ? __fget_files+0x266/0x3d0 [ 2296.900954][T13322] ? lock_downgrade+0x6e0/0x6e0 [ 2296.905785][T13322] ? futex_exit_release+0x220/0x220 [ 2296.910977][T13322] ? alloc_empty_file+0xd7/0x170 [ 2296.915912][T13322] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2296.922140][T13322] ? __fget_files+0x288/0x3d0 [ 2296.926804][T13322] ? __fget_light+0xea/0x280 [ 2296.931379][T13322] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2296.937691][T13322] __sys_sendmsg+0xe5/0x1b0 [ 2296.942190][T13322] ? __sys_sendmsg_sock+0x30/0x30 [ 2296.947208][T13322] ? syscall_enter_from_user_mode+0x21/0x70 [ 2296.953108][T13322] ? trace_hardirqs_on+0x5b/0x1c0 [ 2296.958136][T13322] do_syscall_64+0x35/0xb0 [ 2296.962556][T13322] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2296.968449][T13322] RIP: 0033:0x4665d9 [ 2296.972364][T13322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2296.992177][T13322] RSP: 002b:00007f571d72b188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2297.000593][T13322] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 2297.008560][T13322] RDX: 0000000002000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 2297.016516][T13322] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2297.024559][T13322] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038 [ 2297.032519][T13322] R13: 00007ffe36affebf R14: 00007f571d72b300 R15: 0000000000022000 03:47:20 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x4000000) socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) 03:47:20 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0xffffff9e) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:47:20 executing program 3: bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000000), 0x10) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0xc0185879, &(0x7f0000000080)) r3 = getpid() perf_event_open(&(0x7f0000001980)={0x1, 0x80, 0x4a, 0x3, 0x4, 0xe0, 0x0, 0x1000, 0x40, 0x4, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0x4ff0, 0x8}, 0x40082, 0x1, 0x4f10, 0x4, 0x6, 0x2, 0x63, 0x0, 0x0, 0x0, 0x7c25}, r3, 0x9, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x1, 0x1, 0x1, 0x7f, 0x0, 0x7, 0x14, 0x5, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0xff, 0x9}, 0x800, 0x2, 0x6593561d, 0x3, 0x1, 0x7, 0x0, 0x0, 0x6}, r3, 0x5, r1, 0x0) 03:47:20 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x0, 0xf00}, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2297.617778][T13356] RSP: 002b:00007f2f41cb3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2297.626282][T13356] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2297.634302][T13356] RDX: 000000000000000e RSI: 0000000020000000 RDI: 0000000000000004 [ 2297.642354][T13356] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2297.650515][T13356] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2297.658505][T13356] R13: 00007ffcab19058f R14: 00007f2f41cb3300 R15: 0000000000022000 [ 2297.716508][T13398] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2297.747095][T13398] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2297.979896][T13398] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2297.979896][T13398] !' [ 2297.990163][T13398] CPU: 0 PID: 13398 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 2297.999992][T13398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2298.010061][T13398] Call Trace: [ 2298.013343][T13398] dump_stack_lvl+0xcd/0x134 [ 2298.018016][T13398] sysfs_warn_dup.cold+0x1c/0x29 [ 2298.022951][T13398] sysfs_do_create_link_sd+0x11e/0x140 [ 2298.028409][T13398] sysfs_create_link+0x5f/0xc0 [ 2298.033244][T13398] device_add+0x789/0x2100 [ 2298.037652][T13398] ? mutex_lock_io_nested+0xf00/0xf00 [ 2298.043200][T13398] ? __mutex_unlock_slowpath+0x2b6/0x610 [ 2298.048816][T13398] ? ieee80211_try_rate_control_ops_get+0xca/0x100 [ 2298.055305][T13398] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2298.061531][T13398] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2298.067764][T13398] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2298.073987][T13398] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2298.079956][T13398] wiphy_register+0x1e8a/0x29b0 [ 2298.084808][T13398] ? wiphy_unregister+0xbd0/0xbd0 [ 2298.089817][T13398] ? minstrel_ht_alloc+0x531/0xa00 [ 2298.094910][T13398] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2298.100977][T13398] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2298.106433][T13398] ? ieee80211_restart_hw+0x290/0x290 [ 2298.111787][T13398] ? debug_object_destroy+0x210/0x210 [ 2298.117208][T13398] ? lock_downgrade+0x6e0/0x6e0 [ 2298.122058][T13398] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2298.127616][T13398] ? memset+0x20/0x40 [ 2298.131603][T13398] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2298.137864][T13398] ? __hrtimer_init+0x136/0x280 [ 2298.142710][T13398] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2298.148437][T13398] ? hwsim_virtio_rx_work+0x350/0x350 [ 2298.153800][T13398] ? __kmalloc_track_caller+0x1a0/0x320 [ 2298.159513][T13398] ? memcpy+0x39/0x60 [ 2298.163494][T13398] hwsim_new_radio_nl+0x9bc/0x1080 [ 2298.168603][T13398] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2298.174586][T13398] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2298.180826][T13398] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2298.188208][T13398] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2298.195489][T13398] genl_family_rcv_msg_doit+0x228/0x320 [ 2298.201061][T13398] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2298.208417][T13398] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2298.214650][T13398] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2298.220886][T13398] ? ns_capable+0xde/0x100 [ 2298.225742][T13398] genl_rcv_msg+0x328/0x580 [ 2298.230232][T13398] ? genl_get_cmd+0x480/0x480 [ 2298.234908][T13398] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2298.240833][T13398] ? lock_release+0x720/0x720 [ 2298.245504][T13398] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2298.250805][T13398] ? trace_hardirqs_on+0x5b/0x1c0 [ 2298.255843][T13398] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2298.261557][T13398] netlink_rcv_skb+0x153/0x420 [ 2298.266639][T13398] ? genl_get_cmd+0x480/0x480 [ 2298.271327][T13398] ? netlink_ack+0xa60/0xa60 [ 2298.275967][T13398] ? netlink_deliver_tap+0x236/0xba0 [ 2298.281275][T13398] genl_rcv+0x24/0x40 [ 2298.285249][T13398] netlink_unicast+0x533/0x7d0 [ 2298.290003][T13398] ? netlink_attachskb+0x890/0x890 [ 2298.295100][T13398] ? __virt_addr_valid+0x5d/0x2d0 [ 2298.300109][T13398] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2298.306336][T13398] ? __phys_addr_symbol+0x2c/0x70 [ 2298.311362][T13398] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2298.317072][T13398] ? __check_object_size+0x16e/0x3f0 [ 2298.322363][T13398] netlink_sendmsg+0x85b/0xda0 [ 2298.327116][T13398] ? netlink_unicast+0x7d0/0x7d0 [ 2298.332035][T13398] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2298.338258][T13398] ? netlink_unicast+0x7d0/0x7d0 [ 2298.343190][T13398] sock_sendmsg+0xcf/0x120 [ 2298.347593][T13398] ____sys_sendmsg+0x6e8/0x810 [ 2298.352346][T13398] ? kernel_sendmsg+0x50/0x50 [ 2298.357021][T13398] ? do_recvmmsg+0x6d0/0x6d0 [ 2298.361596][T13398] ? tomoyo_path_number_perm+0x204/0x590 [ 2298.367217][T13398] ? kfree+0xeb/0x670 [ 2298.371184][T13398] ? tomoyo_path_number_perm+0x441/0x590 [ 2298.376811][T13398] ___sys_sendmsg+0xf3/0x170 [ 2298.381382][T13398] ? sendmsg_copy_msghdr+0x160/0x160 [ 2298.386656][T13398] ? __fget_files+0x266/0x3d0 [ 2298.391327][T13398] ? lock_downgrade+0x6e0/0x6e0 [ 2298.396161][T13398] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2298.402051][T13398] ? do_vfs_ioctl+0x132/0x15d0 [ 2298.406802][T13398] ? __fget_files+0x288/0x3d0 [ 2298.411536][T13398] ? __fget_light+0xea/0x280 [ 2298.416202][T13398] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2298.422446][T13398] __sys_sendmsg+0xe5/0x1b0 [ 2298.427033][T13398] ? __sys_sendmsg_sock+0x30/0x30 [ 2298.432110][T13398] ? syscall_enter_from_user_mode+0x21/0x70 [ 2298.437999][T13398] ? trace_hardirqs_on+0x5b/0x1c0 [ 2298.443023][T13398] do_syscall_64+0x35/0xb0 [ 2298.447419][T13398] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2298.453300][T13398] RIP: 0033:0x4665d9 [ 2298.457187][T13398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2298.476776][T13398] RSP: 002b:00007f2f41c71188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2298.485182][T13398] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2298.493133][T13398] RDX: 000000000000000e RSI: 0000000020000000 RDI: 0000000000000004 [ 2298.501087][T13398] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2298.509038][T13398] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2298.517348][T13398] R13: 00007ffcab19058f R14: 00007f2f41c71300 R15: 0000000000022000 03:47:21 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x1d) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x2000) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:47:21 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xb, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x1}, [@exit, @exit, @btf_id={0x18, 0x7, 0x3, 0x0, 0x5}, @jmp={0x5, 0x1, 0xa, 0x1f52d328d0ce2801, 0x8, 0xffffffffffffffc0, 0xfffffffffffffff8}, @generic={0x81, 0x1, 0x5, 0x1, 0x8000}, @ldst={0x1, 0x1, 0x2, 0x7, 0x9, 0x2, 0xfffffffffffffff0}, @jmp={0x5, 0x1, 0x5, 0x4, 0x6, 0x10, 0xfffffffffffffffc}]}, &(0x7f0000000000)='syzkaller\x00', 0x9e12, 0xdc, &(0x7f0000000280)=""/220, 0x40f00, 0x2, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x2, 0x3}, 0x8, 0x10, &(0x7f0000000380)={0x1, 0x1, 0x4, 0x7}, 0x10}, 0x78) 03:47:21 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff, 0xff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0xfffffff0) gettid() r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x188}, 0x4) 03:47:21 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x0, 0xf00}, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2299.677247][T13417] RSP: 002b:00007f571d74c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2299.685667][T13417] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2299.693642][T13417] RDX: 0000000004000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 2299.701629][T13417] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2299.709601][T13417] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2299.717562][T13417] R13: 00007ffe36affebf R14: 00007f571d74c300 R15: 0000000000022000 [ 2299.746653][T13422] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 2299.767110][T13422] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2299.779386][T13422] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2299.779386][T13422] !' [ 2299.791884][T13422] CPU: 1 PID: 13422 Comm: syz-executor.0 Tainted: G W 5.13.0-syzkaller #0 [ 2299.801721][T13422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2299.811856][T13422] Call Trace: [ 2299.815138][T13422] dump_stack_lvl+0xcd/0x134 [ 2299.819734][T13422] sysfs_warn_dup.cold+0x1c/0x29 [ 2299.824929][T13422] sysfs_do_create_link_sd+0x11e/0x140 [ 2299.830425][T13422] sysfs_create_link+0x5f/0xc0 [ 2299.835269][T13422] device_add+0x789/0x2100 [ 2299.839691][T13422] ? mutex_lock_io_nested+0xf00/0xf00 [ 2299.845070][T13422] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2299.850786][T13422] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2299.857113][T13422] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2299.863538][T13422] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2299.869861][T13422] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2299.875842][T13422] wiphy_register+0x1e8a/0x29b0 [ 2299.880705][T13422] ? wiphy_unregister+0xbd0/0xbd0 [ 2299.885803][T13422] ? minstrel_ht_alloc+0x531/0xa00 [ 2299.890916][T13422] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2299.896984][T13422] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2299.902676][T13422] ? ieee80211_restart_hw+0x290/0x290 [ 2299.908049][T13422] ? debug_object_destroy+0x210/0x210 [ 2299.913540][T13422] ? lock_downgrade+0x6e0/0x6e0 [ 2299.918380][T13422] ? lockdep_init_map_type+0x2c3/0x7b0 [ 2299.924526][T13422] ? memset+0x20/0x40 [ 2299.928506][T13422] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2299.934826][T13422] ? __hrtimer_init+0x136/0x280 [ 2299.939776][T13422] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2299.945503][T13422] ? hwsim_virtio_rx_work+0x350/0x350 [ 2299.950865][T13422] ? __kmalloc_track_caller+0x1a0/0x320 [ 2299.956404][T13422] ? memcpy+0x39/0x60 [ 2299.960397][T13422] hwsim_new_radio_nl+0x9bc/0x1080 [ 2299.965499][T13422] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2299.971402][T13422] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2299.977634][T13422] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2299.985098][T13422] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2299.992375][T13422] genl_family_rcv_msg_doit+0x228/0x320 [ 2299.997909][T13422] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2300.005268][T13422] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2300.011502][T13422] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2300.017732][T13422] ? ns_capable+0xde/0x100 [ 2300.022256][T13422] genl_rcv_msg+0x328/0x580 [ 2300.026781][T13422] ? genl_get_cmd+0x480/0x480 [ 2300.031475][T13422] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2300.037364][T13422] ? lock_release+0x720/0x720 [ 2300.042034][T13422] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2300.047316][T13422] ? trace_hardirqs_on+0x5b/0x1c0 [ 2300.052331][T13422] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2300.058048][T13422] netlink_rcv_skb+0x153/0x420 [ 2300.062817][T13422] ? genl_get_cmd+0x480/0x480 [ 2300.067673][T13422] ? netlink_ack+0xa60/0xa60 [ 2300.072272][T13422] ? netlink_deliver_tap+0x236/0xba0 [ 2300.077668][T13422] genl_rcv+0x24/0x40 [ 2300.081675][T13422] netlink_unicast+0x533/0x7d0 [ 2300.086442][T13422] ? netlink_attachskb+0x890/0x890 [ 2300.091659][T13422] ? __virt_addr_valid+0x5d/0x2d0 [ 2300.096785][T13422] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2300.103092][T13422] ? __phys_addr_symbol+0x2c/0x70 [ 2300.108124][T13422] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2300.113853][T13422] ? __check_object_size+0x16e/0x3f0 [ 2300.119139][T13422] netlink_sendmsg+0x85b/0xda0 [ 2300.123911][T13422] ? netlink_unicast+0x7d0/0x7d0 [ 2300.128845][T13422] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2300.135092][T13422] ? netlink_unicast+0x7d0/0x7d0 [ 2300.140030][T13422] sock_sendmsg+0xcf/0x120 [ 2300.144441][T13422] ____sys_sendmsg+0x6e8/0x810 [ 2300.149210][T13422] ? kernel_sendmsg+0x50/0x50 [ 2300.153892][T13422] ? do_recvmmsg+0x6d0/0x6d0 [ 2300.158480][T13422] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2300.164796][T13422] ? __kfence_alloc+0x37b/0xc20 [ 2300.169658][T13422] ___sys_sendmsg+0xf3/0x170 [ 2300.174346][T13422] ? sendmsg_copy_msghdr+0x160/0x160 [ 2300.179623][T13422] ? __fget_files+0x266/0x3d0 [ 2300.184302][T13422] ? lock_downgrade+0x6e0/0x6e0 [ 2300.189173][T13422] ? futex_exit_release+0x220/0x220 [ 2300.194365][T13422] ? alloc_empty_file+0xd7/0x170 [ 2300.199288][T13422] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2300.205630][T13422] ? __fget_files+0x288/0x3d0 [ 2300.210322][T13422] ? __fget_light+0xea/0x280 [ 2300.214906][T13422] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2300.221143][T13422] __sys_sendmsg+0xe5/0x1b0 [ 2300.225837][T13422] ? __sys_sendmsg_sock+0x30/0x30 [ 2300.230980][T13422] ? syscall_enter_from_user_mode+0x21/0x70 [ 2300.236978][T13422] ? trace_hardirqs_on+0x5b/0x1c0 [ 2300.241998][T13422] do_syscall_64+0x35/0xb0 [ 2300.246404][T13422] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2300.252307][T13422] RIP: 0033:0x4665d9 [ 2300.256311][T13422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2300.276365][T13422] RSP: 002b:00007f571d72b188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2300.284771][T13422] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 2300.292742][T13422] RDX: 0000000004000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 2300.300706][T13422] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2300.308668][T13422] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038 [ 2300.316668][T13422] R13: 00007ffe36affebf R14: 00007f571d72b300 R15: 0000000000022000 [ 2300.329257][T13452] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2300.342333][T13452] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. 03:47:23 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="e004030029000505d25a80648c63940d0424fc60100011400a2f0000013582c137153e370848018000f01700d1bd", 0x33fe0}], 0x1}, 0x7000000) socket$kcm(0x10, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) 03:47:23 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000095bbf1b794d5e36997cb16bbfd4f5e2fe136aa0989686eaa173a0f17029991fc7192"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) 03:47:23 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x0, 0xf00}, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x84) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2300.868471][T13452] RSP: 002b:00007f2f41cb3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2300.876975][T13452] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2300.884952][T13452] RDX: 0000000000000060 RSI: 0000000020000000 RDI: 0000000000000004 [ 2300.892919][T13452] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2300.900887][T13452] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2300.908850][T13452] R13: 00007ffcab19058f R14: 00007f2f41cb3300 R15: 0000000000022000 03:47:23 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080)) [ 2301.055687][T13505] ------------[ cut here ]------------ [ 2301.067953][T13505] WARNING: CPU: 0 PID: 13505 at kernel/tracepoint.c:291 tracepoint_add_func+0x1f9/0xb10 [ 2301.093439][T13505] Modules linked in: [ 2301.109563][T13505] CPU: 0 PID: 13505 Comm: syz-executor.3 Tainted: G W 5.13.0-syzkaller #0 [ 2301.132151][T13505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2301.142577][T13505] RIP: 0010:tracepoint_add_func+0x1f9/0xb10 [ 2301.148610][T13505] Code: 44 24 18 48 8b 5d 08 80 38 00 0f 85 ee 07 00 00 48 8b 44 24 10 48 3b 58 08 0f 85 72 ff ff ff 41 bc ef ff ff ff e8 07 5b fe ff <0f> 0b e8 00 5b fe ff 44 89 e0 48 83 c4 38 5b 5d 41 5c 41 5d 41 5e [ 2301.168535][T13505] RSP: 0018:ffffc9000278fa88 EFLAGS: 00010206 [ 2301.175011][T13505] RAX: 0000000000000370 RBX: ffffc90001016000 RCX: ffffc9001018d000 [ 2301.183580][T13505] RDX: 0000000000040000 RSI: ffffffff817726e9 RDI: ffff88807bd8fd30 [ 2301.192758][T13505] RBP: ffff88807bd8fd28 R08: 0000000000000000 R09: ffffffff8b9dc9e7 [ 2301.200856][T13505] R10: ffffffff81772577 R11: 0000000000086087 R12: 00000000ffffffef [ 2301.209007][T13505] R13: 0000000000000001 R14: dffffc0000000000 R15: ffff88807bd8fd10 [ 2301.219266][T13505] FS: 00007f4b4cb4a700(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 [ 2301.228467][T13505] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2301.237644][T13505] CR2: 0000564901d5c6e0 CR3: 0000000081eca000 CR4: 00000000001506f0 [ 2301.249682][T13505] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2301.263589][T13505] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 2301.274192][T13505] Call Trace: [ 2301.277657][T13505] ? __bpf_trace_sched_overutilized_tp+0xf0/0xf0 [ 2301.285078][T13505] ? __bpf_trace_sched_overutilized_tp+0xf0/0xf0 [ 2301.292923][T13505] tracepoint_probe_register+0x9c/0xe0 [ 2301.298587][T13505] ? tracepoint_probe_register_prio+0xe0/0xe0 03:47:24 executing program 5: bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000004380)={0x1b, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000030000000000000000d2100018130000f5c8393579fa803ccb17ee792018bfd918e7b210515f789cc3d7c024b6e22b2343aef882de555b76f49be02548c936b2598f69a65e5c25caf7b4ff2bd7e926b05e4609cd2ca7c2deed7b49f11f55533f9b86549b677bf1632674", @ANYBLOB="00000e21d1ed0000200040000000000085000000720000007060100000000000950000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x100000, 0x1008, &(0x7f0000002480)=""/4104, 0x40f00, 0xa, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000004240), 0x8, 0x10, &(0x7f0000004280)={0x0, 0xe, 0x6, 0x9}, 0x10}, 0x78) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240440d0) socket$kcm(0x29, 0x0, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x0, 0xf00}, 0x780f8) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x1, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000700000000000000000100008500e78c7137410800f220430fb70a3e467c0000000000003625339dfd22203899d27f00004df0da2c4abd7a99cce306713f24061ae16d504dab1b4e63cf43c442e51115b79900ddf769bf08a8b0229d16b034f8229a65b2a0bae80500f7bb4d25d6aff8dff5dc4adf998a8838c4a436c9f9b0a0267f46b56be2bfa8d9a86ca0c44d5163449ba35c36bc47520611d307a23c923486"], &(0x7f0000000640)='syzkaller\x00', 0x5, 0xcd, &(0x7f0000002200)=""/205, 0x41000, 0x13, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002340)={0x0, 0xc, 0xffff}, 0x10}, 0x78) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000004e00)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, 0x0, 0x4f, 0x0, 0xfffffffffffffff9}, 0x40000020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d00)={0x11, 0x0, 0x0, 0x0, 0x7, 0xd6, &(0x7f0000000900)=""/214, 0x100, 0x8, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x4008, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x10000000, 0x82, 0x2}, 0x10}, 0x78) sendmsg$inet(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000500)="461140753f1812c304bcbdaf85d366cc6e05464e8519062128160a5fb214c6fcd391ced9a5365ccea29532560eab09dc0b465e2e2cb182f6f08636743fbbec6ac24c55274c67928a16f9a67c3dd6423cba4cfa8a4bc23d1c5c66e40f48159c2e469d9085eae64d11d0271a9400c50d77ec4fe1f310", 0x75}, {&(0x7f0000000580)="554d197af6019163e2fac11ef39781524f3ab072fb8264a20df003fdf6d8d64902c2abe037610534290a66d5a7003635686301f6a489f21fdf9217fa52734ab7d5d2630a9def5d354ad65d9fef40a0068c771e8ff1490490573125a610e10da73111cd4afc1c7eba767b9ac9736ef4421fd566cb6b127ac13c81fc3d58380e1f", 0x80}], 0x2, &(0x7f00000006c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @empty}}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0xf, [{@broadcast, 0x2}, {@remote, 0x7}, {@private=0xa010101, 0x3}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@empty, 0x6}, {@multicast2, 0x9c}]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0xc8}, 0x20000000) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000140)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000400)=""/121, 0x79}, 0x41) socketpair(0xb, 0x0, 0x2, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000980)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00y.\xfc*_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7f\r\xb2\xcf\x8a\xc9(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0-\x96\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2301.611409][T13457] ? netlink_sendmsg+0x810/0xda0 [ 2301.611443][T13457] netlink_sendmsg+0x85b/0xda0 [ 2301.611471][T13457] ? netlink_unicast+0x7d0/0x7d0 [ 2301.617145][T13505] RSP: 002b:00007f4b4cb4a188 EFLAGS: 00000246 [ 2301.621601][T13457] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2301.621638][T13457] ? netlink_unicast+0x7d0/0x7d0 [ 2301.621664][T13457] sock_sendmsg+0xcf/0x120 [ 2301.621694][T13457] ____sys_sendmsg+0x6e8/0x810 [ 2301.629896][T13505] ORIG_RAX: 0000000000000141 [ 2301.635301][T13457] ? kernel_sendmsg+0x50/0x50 [ 2301.635336][T13457] ? do_recvmmsg+0x6d0/0x6d0 [ 2301.635358][T13457] ? lock_downgrade+0x6e0/0x6e0 [ 2301.641616][T13505] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2301.647376][T13457] ? rwlock_bug.part.0+0x90/0x90 [ 2301.647412][T13457] ___sys_sendmsg+0xf3/0x170 [ 2301.653954][T13505] RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000011 [ 2301.657593][T13457] ? sendmsg_copy_msghdr+0x160/0x160 [ 2301.657625][T13457] ? __fget_files+0x266/0x3d0 [ 2301.666064][T13505] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2301.671208][T13457] ? lock_downgrade+0x6e0/0x6e0 [ 2301.671237][T13457] ? lock_release+0x522/0x720 [ 2301.671258][T13457] ? lock_release+0x720/0x720 [ 2301.677409][T13505] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2301.682220][T13457] ? clockevents_program_event+0x141/0x370 [ 2301.682253][T13457] ? lock_downgrade+0x6e0/0x6e0 [ 2301.682276][T13457] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2301.688445][T13505] R13: 00007ffc86567cbf R14: 00007f4b4cb4a300 R15: 0000000000022000 [ 2301.691166][T13457] ? trace_hardirqs_on+0x5b/0x1c0 [ 2301.691199][T13457] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2301.698347][T13505] Kernel panic - not syncing: panic_on_warn set ... [ 2301.701059][T13457] ? sockfd_lookup_light+0x6d/0x180 [ 2301.981839][T13457] ? __sys_sendmsg+0xcc/0x1b0 [ 2301.986611][T13457] __sys_sendmsg+0xe5/0x1b0 [ 2301.991120][T13457] ? __sys_sendmsg_sock+0x30/0x30 [ 2301.996152][T13457] ? lock_release+0x522/0x720 [ 2302.000827][T13457] ? syscall_enter_from_user_mode+0x21/0x70 [ 2302.006716][T13457] ? trace_hardirqs_on+0x5b/0x1c0 [ 2302.011842][T13457] do_syscall_64+0x35/0xb0 [ 2302.016271][T13457] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2302.022181][T13457] RIP: 0033:0x4665d9 [ 2302.026073][T13457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2302.045678][T13457] RSP: 002b:00007f0cbc104188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2302.054083][T13457] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2302.062574][T13457] RDX: 0060030000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2302.070536][T13457] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2302.078500][T13457] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2302.086464][T13457] R13: 00007fffc9e5e04f R14: 00007f0cbc104300 R15: 0000000000022000 [ 2302.094707][T13505] CPU: 0 PID: 13505 Comm: syz-executor.3 Tainted: G W 5.13.0-syzkaller #0 [ 2302.104522][T13505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2302.114587][T13505] Call Trace: [ 2302.117883][T13505] dump_stack_lvl+0xcd/0x134 [ 2302.122497][T13505] panic+0x306/0x73d [ 2302.126449][T13505] ? __warn_printk+0xf3/0xf3 [ 2302.131084][T13505] ? __warn.cold+0x1a/0x44 [ 2302.135535][T13505] ? tracepoint_add_func+0x1f9/0xb10 [ 2302.140936][T13505] __warn.cold+0x35/0x44 [ 2302.142945][T13476] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 2302.145195][T13505] ? tracepoint_add_func+0x1f9/0xb10 [ 2302.155715][T13476] netlink: 179380 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2302.158613][T13505] report_bug+0x1bd/0x210 [ 2302.158648][T13505] handle_bug+0x3c/0x60 [ 2302.176822][T13476] ieee80211 [ 2302.176822][T13476] !: Selected rate control algorithm 'minstrel_ht' [ 2302.176863][T13505] exc_invalid_op+0x14/0x40 [ 2302.190873][T13505] asm_exc_invalid_op+0x12/0x20 [ 2302.195823][T13505] RIP: 0010:tracepoint_add_func+0x1f9/0xb10 [ 2302.201735][T13505] Code: 44 24 18 48 8b 5d 08 80 38 00 0f 85 ee 07 00 00 48 8b 44 24 10 48 3b 58 08 0f 85 72 ff ff ff 41 bc ef ff ff ff e8 07 5b fe ff <0f> 0b e8 00 5b fe ff 44 89 e0 48 83 c4 38 5b 5d 41 5c 41 5d 41 5e [ 2302.220991][T13476] sysfs: cannot create duplicate filename '/class/ieee80211/ [ 2302.220991][T13476] !' [ 2302.221611][T13505] RSP: 0018:ffffc9000278fa88 EFLAGS: 00010206 [ 2302.221634][T13505] RAX: 0000000000000370 RBX: ffffc90001016000 RCX: ffffc9001018d000 [ 2302.221649][T13505] RDX: 0000000000040000 RSI: ffffffff817726e9 RDI: ffff88807bd8fd30 [ 2302.221664][T13505] RBP: ffff88807bd8fd28 R08: 0000000000000000 R09: ffffffff8b9dc9e7 [ 2302.221679][T13505] R10: ffffffff81772577 R11: 0000000000086087 R12: 00000000ffffffef [ 2302.221695][T13505] R13: 0000000000000001 R14: dffffc0000000000 R15: ffff88807bd8fd10 [ 2302.221715][T13505] ? tracepoint_add_func+0x87/0xb10 [ 2302.221750][T13505] ? tracepoint_add_func+0x1f9/0xb10 [ 2302.221778][T13505] ? tracepoint_add_func+0x1f9/0xb10 [ 2302.293213][T13505] ? __bpf_trace_sched_overutilized_tp+0xf0/0xf0 [ 2302.299560][T13505] ? __bpf_trace_sched_overutilized_tp+0xf0/0xf0 [ 2302.305899][T13505] tracepoint_probe_register+0x9c/0xe0 [ 2302.311361][T13505] ? tracepoint_probe_register_prio+0xe0/0xe0 [ 2302.317438][T13505] ? idr_alloc+0x130/0x130 [ 2302.321859][T13505] ? __bpf_trace_sched_overutilized_tp+0xf0/0xf0 [ 2302.328194][T13505] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2302.334548][T13505] ? anon_inode_getfile+0x14e/0x1e0 [ 2302.339760][T13505] bpf_probe_register+0x15a/0x1c0 [ 2302.344796][T13505] bpf_raw_tracepoint_open+0x34a/0x720 [ 2302.350251][T13505] ? bpf_tracing_prog_attach+0xf80/0xf80 [ 2302.355907][T13505] ? lock_release+0x522/0x720 [ 2302.360772][T13505] ? __might_fault+0xd3/0x180 [ 2302.365633][T13505] ? do_futex+0x153/0x1770 [ 2302.370065][T13505] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2302.375785][T13505] ? bpf_check_uarg_tail_zero+0x142/0x1c0 [ 2302.381508][T13505] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2302.387773][T13505] __sys_bpf+0x2734/0x5390 [ 2302.392201][T13505] ? bpf_link_get_from_fd+0x110/0x110 [ 2302.397578][T13505] ? putname+0xe1/0x120 [ 2302.401738][T13505] ? do_sys_openat2+0xa1/0x420 [ 2302.406616][T13505] ? lock_acquire+0x442/0x510 [ 2302.411287][T13505] ? lock_release+0x522/0x720 [ 2302.416066][T13505] ? trace_hardirqs_on+0x38/0x1c0 [ 2302.421100][T13505] __x64_sys_bpf+0x75/0xb0 [ 2302.425523][T13505] ? syscall_enter_from_user_mode+0x21/0x70 [ 2302.431515][T13505] do_syscall_64+0x35/0xb0 [ 2302.435941][T13505] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2302.441850][T13505] RIP: 0033:0x4665d9 [ 2302.445749][T13505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2302.465372][T13505] RSP: 002b:00007f4b4cb4a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 2302.473791][T13505] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2302.481852][T13505] RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000011 [ 2302.489821][T13505] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2302.497789][T13505] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 [ 2302.505760][T13505] R13: 00007ffc86567cbf R14: 00007f4b4cb4a300 R15: 0000000000022000 [ 2302.513759][T13476] CPU: 1 PID: 13476 Comm: syz-executor.4 Tainted: G W 5.13.0-syzkaller #0 [ 2302.524199][T13476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2302.534253][T13476] Call Trace: [ 2302.537542][T13476] dump_stack_lvl+0xcd/0x134 [ 2302.542143][T13476] sysfs_warn_dup.cold+0x1c/0x29 [ 2302.547166][T13476] sysfs_do_create_link_sd+0x11e/0x140 [ 2302.552636][T13476] sysfs_create_link+0x5f/0xc0 [ 2302.557396][T13476] device_add+0x789/0x2100 [ 2302.561813][T13476] ? mutex_lock_io_nested+0xf00/0xf00 [ 2302.567179][T13476] ? __mutex_unlock_slowpath+0xe2/0x610 [ 2302.572719][T13476] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 2302.578957][T13476] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2302.585196][T13476] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2302.591517][T13476] ? ieee80211_set_bitrate_flags+0x3e8/0x650 [ 2302.597504][T13476] wiphy_register+0x1e8a/0x29b0 [ 2302.602362][T13476] ? wiphy_unregister+0xbd0/0xbd0 [ 2302.607562][T13476] ? minstrel_ht_alloc+0x531/0xa00 [ 2302.612684][T13476] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 2302.618750][T13476] ieee80211_register_hw+0x1f3c/0x3ef0 [ 2302.624209][T13476] ? ieee80211_restart_hw+0x290/0x290 [ 2302.629665][T13476] ? debug_object_destroy+0x210/0x210 [ 2302.635122][T13476] ? lock_downgrade+0x6e0/0x6e0 [ 2302.639973][T13476] ? memset+0x20/0x40 [ 2302.643955][T13476] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2302.650192][T13476] ? __hrtimer_init+0x136/0x280 [ 2302.655058][T13476] mac80211_hwsim_new_radio+0x2106/0x4940 [ 2302.660783][T13476] ? hwsim_virtio_rx_work+0x350/0x350 [ 2302.666172][T13476] ? __kmalloc_track_caller+0x1a0/0x320 [ 2302.671718][T13476] ? memcpy+0x39/0x60 [ 2302.675694][T13476] hwsim_new_radio_nl+0x9bc/0x1080 [ 2302.680816][T13476] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2302.686721][T13476] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2302.692956][T13476] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 2302.700326][T13476] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 2302.707614][T13476] genl_family_rcv_msg_doit+0x228/0x320 [ 2302.713174][T13476] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 2302.720541][T13476] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2302.726782][T13476] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2302.733201][T13476] ? ns_capable+0xde/0x100 [ 2302.737612][T13476] genl_rcv_msg+0x328/0x580 [ 2302.742115][T13476] ? genl_get_cmd+0x480/0x480 [ 2302.746786][T13476] ? mac80211_hwsim_new_radio+0x4940/0x4940 [ 2302.752805][T13476] ? lock_release+0x720/0x720 [ 2302.757496][T13476] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 2302.762818][T13476] ? trace_hardirqs_on+0x5b/0x1c0 [ 2302.767841][T13476] ? __sanitizer_cov_trace_cmp8+0x40/0x70 [ 2302.773658][T13476] netlink_rcv_skb+0x153/0x420 [ 2302.778466][T13476] ? genl_get_cmd+0x480/0x480 [ 2302.783151][T13476] ? netlink_ack+0xa60/0xa60 [ 2302.787748][T13476] ? netlink_deliver_tap+0x236/0xba0 [ 2302.793035][T13476] genl_rcv+0x24/0x40 [ 2302.797447][T13476] netlink_unicast+0x533/0x7d0 [ 2302.802209][T13476] ? netlink_attachskb+0x890/0x890 [ 2302.807326][T13476] ? __virt_addr_valid+0x5d/0x2d0 [ 2302.812345][T13476] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2302.818581][T13476] ? __phys_addr_symbol+0x2c/0x70 [ 2302.824136][T13476] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2302.829938][T13476] ? __check_object_size+0x16e/0x3f0 [ 2302.835223][T13476] netlink_sendmsg+0x85b/0xda0 [ 2302.839985][T13476] ? netlink_unicast+0x7d0/0x7d0 [ 2302.844921][T13476] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2302.851166][T13476] ? netlink_unicast+0x7d0/0x7d0 [ 2302.856108][T13476] sock_sendmsg+0xcf/0x120 [ 2302.860524][T13476] ____sys_sendmsg+0x6e8/0x810 [ 2302.865287][T13476] ? kernel_sendmsg+0x50/0x50 [ 2302.870578][T13476] ? do_recvmmsg+0x6d0/0x6d0 [ 2302.875206][T13476] ? tomoyo_path_number_perm+0x204/0x590 [ 2302.880843][T13476] ? kfree+0xeb/0x670 [ 2302.884842][T13476] ? tomoyo_path_number_perm+0x441/0x590 [ 2302.890492][T13476] ___sys_sendmsg+0xf3/0x170 [ 2302.895255][T13476] ? sendmsg_copy_msghdr+0x160/0x160 [ 2302.900551][T13476] ? __fget_files+0x266/0x3d0 [ 2302.905326][T13476] ? lock_downgrade+0x6e0/0x6e0 [ 2302.910179][T13476] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 2302.916071][T13476] ? do_vfs_ioctl+0x132/0x15d0 [ 2302.921095][T13476] ? __fget_files+0x288/0x3d0 [ 2302.925773][T13476] ? __fget_light+0xea/0x280 [ 2302.930374][T13476] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2302.936615][T13476] __sys_sendmsg+0xe5/0x1b0 [ 2302.941118][T13476] ? __sys_sendmsg_sock+0x30/0x30 [ 2302.946230][T13476] ? syscall_enter_from_user_mode+0x21/0x70 [ 2302.952121][T13476] ? trace_hardirqs_on+0x5b/0x1c0 [ 2302.957145][T13476] do_syscall_64+0x35/0xb0 [ 2302.961564][T13476] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2302.967458][T13476] RIP: 0033:0x4665d9 [ 2302.971346][T13476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2302.990963][T13476] RSP: 002b:00007f2f41c71188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2302.999374][T13476] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 [ 2303.007340][T13476] RDX: 0000000000000060 RSI: 0000000020000000 RDI: 0000000000000004 [ 2303.015405][T13476] RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 [ 2303.023369][T13476] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 [ 2303.031357][T13476] R13: 00007ffcab19058f R14: 00007f2f41c71300 R15: 0000000000022000 [ 2303.040718][T13505] Kernel Offset: disabled [ 2303.045039][T13505] Rebooting in 86400 seconds..