Extracting prog: 9m55.705972243s
Minimizing prog: 2h21m9.320123435s
Simplifying prog options: 0s
Extracting C: 1m41.46182609s
Simplifying C: 35m48.76697303s


24 programs, timeouts [30s 1m40s 6m0s]
extracting reproducer from 24 programs
first checking the prog from the crash report
single: executing 1 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-socket$nl_generic-ioperm$auto-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioperm$auto(0x2, 0x3, 0x1) (async)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program did not crash
single: failed to extract reproducer
bisect: bisecting 24 programs with base timeout 30s
testing program (duration=36s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): [20, 30, 12, 6, 4, 8, 30, 30, 6, 16, 3, 11, 3, 14, 14, 7, 8, 9, 5, 9, 22, 15, 6, 10]
detailed listing:
executing program 3:
listmount$auto(0x4, 0x7, 0x40420f00, 0x1)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = getpid()
syz_open_procfs$namespace(r0, &(0x7f00000022c0)='ns/net\x00')
syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/net\x00')
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
execveat$auto(0x809fb1, 0xaad, 0x8, 0xe3a, 0x1000)
bpf$auto(0x8000000100000020, 0x3ab, 0x1)
r1 = syz_genetlink_get_family_id$auto_802_15_4_MAC(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_IEEE802154_LLSEC_DEL_KEY96(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x6}, @IEEE802154_ATTR_SF_ORD={0x5, 0x18, 0x4c}]}, 0x24}, 0x1, 0x0, 0x0, 0x8805}, 0x4000)
listmount$auto(0x4, 0x7, 0x40420f00, 0x1) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
getpid() (async)
syz_open_procfs$namespace(r0, &(0x7f00000022c0)='ns/net\x00') (async)
syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/net\x00') (async)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async)
execveat$auto(0x809fb1, 0xaad, 0x8, 0xe3a, 0x1000) (async)
bpf$auto(0x8000000100000020, 0x3ab, 0x1) (async)
syz_genetlink_get_family_id$auto_802_15_4_MAC(&(0x7f0000000080), 0xffffffffffffffff) (async)
sendmsg$auto_IEEE802154_LLSEC_DEL_KEY96(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x6}, @IEEE802154_ATTR_SF_ORD={0x5, 0x18, 0x4c}]}, 0x24}, 0x1, 0x0, 0x0, 0x8805}, 0x4000) (async)
executing program 3:
socket(0x29, 0x2, 0x0) (async)
mmap$auto(0xf000, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000)
semop$auto(0x3e, 0x137a, 0x40) (async, rerun: 64)
socket(0x23, 0x80805, 0x0) (rerun: 64)
personality$auto(0x40004010410ffc) (async)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
socket(0x1d, 0x3, 0x1) (async, rerun: 32)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 32)
ustat$auto(0x6, 0x3) (async, rerun: 32)
socket(0xa, 0x1, 0x21) (async, rerun: 32)
getsockopt$auto(0x6, 0x10d, 0x7, 0x401, 0xa)
socket(0x2, 0x1, 0x106) (async, rerun: 64)
syz_open_procfs$namespace(0x0, &(0x7f00000022c0)='ns/time_for_children\x00') (async, rerun: 64)
ioperm$auto(0x3, 0xe, 0x2000000000000149) (async)
r0 = getpid()
syz_open_procfs$namespace(r0, &(0x7f0000000040)='ns/pid\x00') (async)
mmap$auto(0x10, 0x10, 0x1, 0x12, 0x7, 0x0) (async)
mmap$auto(0x6, 0x2, 0x1, 0x26bf, 0x2, 0xfffffffffffffff7) (async, rerun: 32)
setpriority$auto(0x1, 0x0, 0xe55c) (async, rerun: 32)
socket(0x2, 0x5, 0xa706) (async, rerun: 64)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET41(0xffffffffffffffff, 0x0, 0x0) (rerun: 64)
madvise$auto(0x0, 0x2000040080000004, 0xe) (async)
clone$auto(0x0, 0x5, 0x7, 0x8, 0x9)
mlockall$auto(0x8000000000000001)
mprotect$auto(0x7, 0x1, 0x7879) (async)
r1 = socket(0x21, 0x2, 0x2)
sendmsg$auto_NL80211_CMD_PEER_MEASUREMENT_START260(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x21, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='\f\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="200226fd7000fddbdf2583000000080009000100000005000800000000000700260125c77800048b46010000740001000000"], 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x20008050) (async)
utimes$auto(0x6, 0x4b38)
executing program 2:
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x5411, 0x0)
mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000)
r1 = syz_genetlink_get_family_id$auto_TIPCv2(&(0x7f0000000040), r0)
sendmsg$auto_TIPC_NL_NET_SET451(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xd8, r1, 0x2, 0x70bd27, 0x25dfdbff, {}, [@TIPC_NLA_NET={0xc2, 0x7, "1ecf158dc86f8f75a9b935e5d2bdc8f5192ff2fba0838331c16e0a03a13d118d4d84858b6c8db195c84ceffb95316e5f36253908b1e4cadcd6bd1ea8ad63e25217192a8cf5f5fc5bfc0664272f5a5b87c78e0085b1e0aa253f39f47fa3fe331da8a57ce4542e2f3006ba3593cffa3b4b93b79f82003161bdccc5278892f7029feb84f29a465ee413a676bd3487605d9f7cb56c7d7ca7893dacfbb3064bfef7a8780c98490515c9d40d9322379f961b71316f37972769c284075e9e0ea6b6"}]}, 0xd8}, 0x1, 0x0, 0x0, 0x50}, 0x40eb01fc15abbd18)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x5, 0x0)
getsockopt$auto(0x6, 0x40000000029, 0x30, 0x9, 0x6)
mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000)
executing program 2:
mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(0x7ffffff8003, 0x7, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x2040, 0x0)
readv$auto(0x3, 0x2000077d, 0x9)
fchownat$auto(0xf, 0x91, 0x8000000000000016, 0x99, 0xffd)
executing program 3:
socket(0xf, 0x3, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0xd6d7, 0x15)
executing program 2:
socket(0x11, 0x80003, 0x300)
ioctl$auto(0x3, 0x8912, 0x91)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x8, 0x4, 0x9, 0xfffff80000000010, 0xffffffffffffcd16, 0x8)
socket(0x1d, 0x3, 0x6)
socket(0x2, 0x2, 0x0)
shutdown$auto(0x1, 0x0)
recvfrom$auto(0x5, 0x5634, 0x9, 0x2, 0x0, 0x0)
executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f00000000c0), r0)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x620001, 0x1)
syz_genetlink_get_family_id$auto_IPVS(&(0x7f00000004c0), r2)
sendmsg$auto_NL802154_CMD_GET_SEC_DEVKEY328(r0, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000680)={&(0x7f0000002640)={0x1020, 0x0, 0x200, 0x70bd26, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY_CAPS={0x1004, 0x18, "bc1a8e7a4ac32d4524f98ff1900bfea5e82ea7d430b92ea1dd39bb131c08f9a049809bafcca3a63cb8449c7b8a8c08f87652f203f8521a16f7e8a8dd074f918022f1a81ad4df088919c957931e05dadc6d53365b82935670eacdd8447488ba555ba445e71aa60f7eebffcd347ccd6e6b1af3df1f4693dce7d29562af78460d213cb45caaaa0b9ff418b24ae20e94959c794bbe5a6b6d08b7288109797b8d4e5eb927309bc2b085eb7d6ee147da464b9b33af7138216e93e754278ddbad3398fdbea32600bb34bcc6faa0ecf4a141d3b2d76239b59f80bdaabe87ec95393caf257e3c0f800605ed2a97feec422a80a227b047092306117241a2cee3bed0f788de5f26cc245ca7742db8039f35dd5bf97fa836cb931bf2cf88a9ba6094c7d2a1edb8264cea0b1c0b1a1712d9c61319558dc377e57639b85a014bb8732dd25c62a33aa13dae32b0cbdf7e6eed4c1316b8e586c10b8626c369ce2435865c27e6ed43fa5d459712ae775a50894d74870cd228ab96f2960a48a53985fb662d2d4594b87f97b9d7e1a6b39d565a2497289e1d9345a761094346844c45611333c5d10f45f7591aeb6eb3010910624a5be444457445aa542d6782f76257b970336b42f1d212c185e4b700e9abc1261cc6986b2499821f94317b4cfec1fc9184ff45dae6e6d46a408ebabbc324cc2f1d568063de21832ce7e8b01f3dfa29d41f365cca1dccd08f5aa005a32d3982126e71dfebe068319d28e636bd868487cb879a05e9b6f920499126b6168fb5efe258e420a4f13c955bdde51633122680577f4a532c49038b75620b2c7ab5dd86161798bd9fb833e9b1d6b184376c85e26acaeb196eb07500143b554954088ec7b3261767268bd671a1317551404f54930b9c697c80ad1ba94746bf39b1855e7e2177f1b9353e0a0a729ab229fcbdab85ff382ce6b91e3f85eec236e84bcf9e169df53138a0ae7c992db49c7fc524ebd6e8a6bfe49e99a1188b926fd37600e36225edec00daad0bc6f2e1cb7793e7bb4024d6950da68d604ddec93e3d1b41177446739393db76603193c5abfbc372eca5d6a898e4cec29848b3c7a998360bbb680a1bf97ca766507c42c87c0f998b82610fee1ba577e99e0b589ee31af383802473c028dcd99b8e5b59fe30a773c14d3cdb789120cfc97079a4dbe4eb035ea9256d99aacbf554f94b9598691d9fbc57ac6ad4e78f457d1759b5d53258f964248881a0a84713ed59abcba8564718dcb1482847ede9091344fcbe8c3d915c5b67676dd2b082d10e70928ebe7f7794b2d016f14f494d1bd978ab4821cd62f4db3b1a734b4b429f9fa4009074e8f9521af4d39df91c1726e4a9d9dec5c64bf61f7475245c2dcbb6c745370b219cb879af85dec9521a3195922da380c9c2722b303e1665bbfe332a39d308afe80d84c267867887793965a3206eb94b7e345ffdcc824eef318ddc2a4307429de12f2b90986274d83e873c6e7a781201267f7cf8444da97ed68787ca106cbda08a193019b58011a8730502c3bf70f99be7b9ec6b978e7d5932f8f5fff14d9c608d8c0328fd877e44a3f574e8c22589a6359e0d4ad83e6a1bdcb3d26faeafb5829c0cefde7debf00f1ca691fe0c0da23cf25e6dd7cdcb94a00d6792db46a89fdaa3a271a482dbbee7b725ddccd59ae5f59aeafa2c7239e62e8a0ce8054fc22a81f9a505ce79bea6e45e65b9f3149fb93ce5bd3c02e1e2a7fab46142a3fc564a0b5317079b4bb27f118dd9ae78d1708c7eca5b4d3dd82da755ba0b50709f9c9f3e32f2bf30d7b63d4e91a2b8526abfc2cbe5d15954607e246db8b2da131fb99c6ee8fef983e8a36bf4ae152c76cb5c92d50db5a62c73fb8761c53e61ea79416af3cd9e1364b385717f13e32d152b5e4b87dec834713029c6853b06e07923f003be47e37c5e573d6425f117c7b7973a00640a25c20ee366929a3e209ddb383f675122453798cd394e5937822bbb0eba085365b7ff735fa15fb038f87f2d8c6867a06d99d22f2509a70c322d375c4bbf4d7bbe8ea6d04ea7485791821b31c5202f7e5eb789b6841fa4ba151a51661da87800b4519f6af30240468ca578a74cc06a62932dd618b32a0befe79e6b56e7f914d648e4736202b21f52c210abbce964ff4afd42efff0def1ff69f07272ae84ae4c10c94e69b6bf129889ad34157f76b4f36b3df247348341b1d8ad0d8bebcf897623434f418f75dc7c8227acbf3bb0367b471c52e55b151c5da7cf7d3f4171dc134b640ca44a2caea2c7e460e67e9330e3395638a9cf8a9b040bfa1a901e7dd3c82f2a7e049e1a52d95b3cd410abfdad7e19336b65b71573ed0217a8f18534a408dd09f3d7be576b724e0bf4c3c28cc5a926c96d0b4f3704ad2b53abb3e9e85034e5959046abda263d905282d29a9e720da07c2b7a458ccecec4d066bdd564fc6651c6c0261f5ef3a816ee78aff16d22b140ca4301c56e3125ced1ea485b4eefd5cc00004a3e448ca18577a7ab1fe86d4b879ba89f63ec099d7779fdc8056ce5a9934f76f6139f31daa03870d76ec13ccde671163605912d688ee54c656f7b1a735f4f0e10555f02ecf7fcc73d5140704eb793ccf3fcb776f55a1d0f39d644881320fbe02078358a77fe5cc677390b75bf3267570a1fadf187cce36987827abfef305eeb8ea1a1c1769f299b4c9ba844b2481ec2bc9ec4d9adcabdf440d6652afe49639622957f9b8040f83640859be3e0e2ce404f10156f6cb080ed4779b7353385aa10801debaf685d996b4df2fa2444b32d6b85ba721c854f0cddfc463a94c2a00cad19a0aea662a0deae1a31cbea0e9aa5304cf9b434872039aa398b91e2590cb0c178fbeb5934a546c4c30ed1b8f6af6932f2aad8b55fd468fd6c5714c0193461f8ad79e87182a5a93d1a1a1864db951bdaef480ddae32c454ee2a1f65138030067c57629959632e66fb131661133b63ca09952f61e0166dea225bce29de4dd0ec9ed2f2ebc932654d8ddc0263937e75febe10f6a34f47870df650be757867880d10dc922468b250108e90e376e1b2d32961011f353aa13acb5871c152e6805875052227b415bc5677d2ff10ce0620aac58f147b1cd334fbe3777c261af2f44ff628a7bbeb8375111675bdaba9a6e89ce53d00ab8efbb52683979cbc6c2537f2121f9a01d5b77b2232d79f9e3b8bdf60b72542f149bb88a59c0235ee5d4b7189e7cfea465368293150d6cb6514b192279cc10a000888498510abeab6f06ae9c4fafeedcd11645a2573b87fad91270855fdc4e2a38a736531c57028f068eb6925531fa4e4bb5e1d1a4e5404fd4a7a20246022d23a74f54681d2ebb00113bed33c686eedddfa793790e89b21e1a3e1580759e3dc928bc341d241cee4ab5cfdc776e560f704134e52cf9483e3638a54df79eb6d6aee69ac5607176685418bacd5a2b42eb7f14d04ba6eaea06d79c63d5fbc28b5d09a960ab78d49153748910016dfadcc136d239bb90162560833810e1969bf972386d46852acaa8f9c68aa9dabd754d0571dc2f8ee4fdb4c51200790a6231ddb0ce79bb1635b663f3df14d202119c2e07d3caa4dca0b09a55cf32c6c78558dd9d0413d1e703705c8723eb94d0c332f9e9fc5f78e61df39efda8cfa3c9cbf7c56a60f9566552805371b29f9bb28d32698cecd0ab5815012698de6915295bd2a23bbe82c2d62b7bee70e2322db462c3cf0e088cebf4ab2cd02d8cc907eb4676b921b7832f8bfc667ad0d6ee336287791308163abb61ed4a3e36f6af8164e8525d9e1d4b24613a7bdbfa249760b84e5f543d00347ccdabd022a7ce754c60f9fac4a5e19d26472a491096f9658130d4c5bfaa8bb64c96f041b26189bdb1076159dbdc3b7bc6a23c6f8b2147eace996277a9b2a47ef87b8623b3a73134a5d70d43955ef8d586433b9a84d0ea30688e91c284002c1fd5807da2e664f0cf86ecae7a8d75b990fdf48ae8285cb77e620bb6e7d3494bcc4b33087adc3731be5a2e9f17130492ec0adb5e476d5ac46b1312faedf17577bc7118888ffa4d656b4d91cdff9698a1788925a1e534757eb3202db7d8d14690e50555eb28d894c22d4b502e2ed47f1e81017455b5db8b9c9367a42af65595f2ddd8d1d327fe75b9e96eb8b263b74d40cd710e7e445cbd4d856613ba1a5cabd9c33cf6062fbc2bcedc3972fe508c77d45f98d4eada9b22b90a62802780d9927599209f55a40b3eb1377b01a6630378d337fa59bb1d200d17599a3875b7594c1d6050f39b84adc159fd28c628295e48a93f3468ed0c8c07cfec01f002503f1473d9212d2e15a16c7d4e1664412d2f9db99cbb4e551f065afe10d0f4d77b4bc447e35c9e0ab058bb94d85008a7b06a1bb6925165fda17492b1eb991793ec1c94e0b26aefc9031c7f6b3d758554d8aebfef22c2a6cefc73d952476d6f2dfbf76a53465539e64c3af3b8458aa5869565d55a72dc18d647affc8056fe1e931818d0ce87772f67f4a3845b306d339bf050b68f59333b5226a9a10555abebfb2be0a41dfc25960fa4dd3b1652aeb1f65c460b2eaca95871e490ae5dfc809c36cd5e9504c05443f1baf817fbc0f5b8f6e0a29115a5151d05c084d21ce499f28ac97b19b38ea9d793e94426bc98be729ac355769741c18b6f777ed258caa567258c565e8d15fce0390fa45a8d0c5d0bfac70620a19a105b764ebcaac1fe7eeb39f0c7ab53f633bb9017708018af18324eb34777301e9588fd85d1a0966361c27051730e8abf0dd799a158a5d767b2a66b294b156a6705a68a5de3f6bfd3bc1747e8e8dacfb4a34059a5617498e9241be9bb61b0fb513ae0121ea8f2622a51419d69deb1a1a5a5d493a27ee1baea859d25a62cabbcc952c576c55f67ff7e5358218d65c872f061bbbb5c640f1c52e769eb81b4822ca711d77b342a5bfe3680569ac7a2e6f0240284815a8962dba95cbecb1b3c7d260634a9f9dd4694bb536520af5c76a56eee86e84504364ecb7bad5c564206cbe7349d281be0a681ac12bc689ce76f3f39d447d7ab2b934dae823da3b7a2043abe25fad7bac4326d64ef8c748cd4597bb9c239660f717d6dd24cf0155e3d79aae34e4feec8c01487d9a2e79de9a80f64e78112310d9b573b9dbf2999fbde9a1c4dcf17ead425b91891e957c5069a3dceee8b9433cc2bba5134c6380d34677692777b03085f50005f9569de0b87257fa9a457ef45907aca3dcac232f8f1f7759543f31ba376083530dd43f21979423b0d6e27b92bc88344baa574f3b820c03d54fb35a730b83f25c65689b21555e2ec17c881d10813b637e29178ec06ebf0ad0d69cc4cd8dc315719c9d9b7efd6d3ec0af49d35ac9ead6191c518970111001305fe9219e91efea53b947767988846e624b80cca9ccce92bcce45ad4a2c4e2f29ddbd32cb9bc4bd9f13a3f1e7461164708fb0269fc92b2ec2e3e5aa883653f756f20ceef4f3684539a527c4f8aded9572d298d15e3d81ce6c120881572514f1e96b6a91c71a88c7da00643264f26523d27224abf40fa88804614eee5528c0ccadf690ed70a7278c68c5fa3b1720e0c02ca98ab36931fdfe0190ebdac1cbedeacafc839e0ecdb721b50a13c84b35a6505f04451daa554debe1c989ffa5d32c457957463ce3379bc7a048e619c3b9119ab0d19ae75f0d619b3ceaf7a95abc0c793e7790361f316cca89a0cf2ba7970cab24ea30f90d07b5b1301f44f66ed85f38fa8c44752ac61fe1551102870b89e86d885f6605dd53582fdc19e7be1431a3cc912dbc9d445d0f7451a0364b"}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0x7}]}, 0x1020}, 0x1, 0x0, 0x0, 0x8010}, 0x800)
sendmsg$auto_IPVS_CMD_NEW_SERVICE127(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x14, 0x0, 0x220, 0x70bd2c, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4000000)
sendmsg$auto_IEEE802154_LIST_PHY89(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="56406954059f19dd0000", @ANYRES16=0x0, @ANYBLOB="080025000000fddbdf2520000000050029000000000005002e00100000000500180001000000050003000c0000000500280000000000050028000300000005001b0081000000"], 0x4c}, 0x1, 0x0, 0x0, 0x850}, 0x4890)
sendmsg$auto_ILA_CMD_FLUSH109(r2, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x38, 0x0, 0x20, 0x70bd2c, 0x25dfdbfc, {}, [@ILA_ATTR_IDENT_TYPE={0x5, 0x8, 0xf8}, @ILA_ATTR_CSUM_MODE={0x5, 0x7, 0x2}, @ILA_ATTR_LOCATOR={0xc, 0x1, 0x8000000000000001}, @ILA_ATTR_IFINDEX={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x40000000)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x5, 0x81, 0x613b)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
socket(0x2b, 0x1, 0x1)
fstatfs$auto(0x0, 0x4)
r3 = socket(0x11, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r3, 0x8954, 0x0)
getsockopt$auto(0x4, 0x3, 0x23, 0xc3bf, 0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_HSR_C_GET_NODE_STATUS75(r4, &(0x7f0000000340)={&(0x7f0000000280), 0xc, &(0x7f0000000300)={&(0x7f0000000700)=ANY=[@ANYBLOB="0b269c07e587afe80b7ad4bca1c2233f6ddf12a8ceb5d1d226a053cf5e525a1637236d58874a19274d68befe6a8c95fc91faf77b6e618e889ff433467b", @ANYRES16=0x0, @ANYBLOB="210629bd7000fddbdf25030000000600060003000000"], 0x1c}, 0x1, 0x0, 0x0, 0x804}, 0x20004804)
syz_genetlink_get_family_id$auto_nfc(&(0x7f00000003c0), r4)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000015c0), r4)
sendmsg$auto_NL80211_CMD_CHANGE_NAN_CONFIG211(r2, &(0x7f0000001a80)={&(0x7f0000001580)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001a40)={&(0x7f0000001600)=ANY=[@ANYBLOB="fa030000", @ANYRES16=r5, @ANYBLOB="000427bd7000ffdbdf25770000000400e20008003700080000000600270104000000f3030e0024c90ae59b787617492c6344400a3791464b1a21ec64c07724327d98a446f98edcaf9503537a27a3d245ea13cbebffdae15ce4c50e6bca23b45b700edca4adbd60c30897a09cd5c9654d0aa72d771aa258fb335d2a1718c42cdb0acc63dbf8b9b8eddbe040aa1f436cce7a590be6f1f601bbac4681611952f78598be8a9afa9b2178315a374181c1f522f2c7d851f9e1b45f4b502ab244127a3c614a3f99999ee3d571df367bbd7aa0df238b1f2bfaa939ad5e6315ed5c221d49b0e3bc80624011ce18ce28eaa8cb10d806a795bf3ef78c78a0f636fa71d831cd301c6b8c04eb717fd8897129b196d9a505baf5f4deba26a73a6ad350f9ccb4b4d31d5cd2d6ab2564e9299b3b8a518c9ea8a530d99a3552a0253d74e10e320602785c5a68f89b4eb122f73de4ee7e5968b97d0a949704a7892ca65273459e7ce646c6d6d000b3b042672273ac28539f1f2c9eb97e7fb75636f8d74accbc98b164602e2172741c492342bf02567ec46220fa0d8763008aeaf9cf0590f02bf68745ca6fe85848d026f427b8b4fde82461b33cff1a16b60ae53f7752bc9817b2011ef7c4dfd8687e0f9bb995b5c4c31464d3b3e1e51303251d461b91d687ddabb43c83ff16170d03014ea5bb379f6733ec127c8dbf5d376a16c416832d015ceb86261f4de60ac547febbf42c86107b39c67174ffbf1570cc38ed99298cb3aeb5ef26546748f1b82c2e3febd9529b9142ec7302f0f1db0847ff1b66ddb8fce8001c90bee6a35c7cbad75b31c6a77870d7b622edb91239581e957b91d4335c3a7951f56bd2263fce4f224a4beb22165d224680943a795201642ce285e0a9e6820647fd09926df911a480601c9350c1e405c415a9a1395803bb6763452e23c2cda3f7dfb89f5380f2dd3a80fc2280b794fe3c7159965be8322a2c0aba36247f219d80d1c118a4c8d417ceedd617ee91617cff0cc6243cf97bc07a42f9e4accd88f0ef6f9f16bddecdbc12f9265c3bf5ca4a792e968ee5070e0ebfae95271c50f15eb984d10728b9f859e3471f4dc4aec2520d78edf79ee0eb79a6490b1fdfcb22f57527bbb49959b354a1a9cccfa4492d4f9513b27392429bf2d98ca301c6aebeae8c9d57bf70531b1a1618ea8fc861c8f8d8223854a5e1540933785167c01951a1a4e63e59451724ca9e6d0403fee5f3131e57b061c605f9f4f65cb51f3c1ce311d7199ef10d4ffd27c8160b211c33380fa5f0a33a6b072e6344a69e90755ef4eb083d71030932f4526c8a5b82131241270bb15cc233ea849a6666264f96c65610e582382f665b9be36c942c2ee24cd2c1bcad6f7b9723802a4ec6c521e4ab2913e05f3ae796b016c4e4bd02fc3a2a92ea11ea7c277abd69b8b5e2feb74d67ec518f439e7fe62ed73403e6674a2505755312f684ec1edec400"], 0x41c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001b00), r4)
sendmsg$auto_NL80211_CMD_PEER_MEASUREMENT_START260(r2, &(0x7f0000002180)={&(0x7f0000001ac0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000002140)={&(0x7f0000001b40)={0x5f4, r6, 0x0, 0x70bd28, 0x25dfdbfd, {}, [@NL80211_ATTR_EMA_RNR_ELEMS={0xc, 0x145, "2b161da8be31de2c"}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x52, 0xcd, "1ff7701f5e6b2952c428a4d8773b52171219e5fe6fb6e35cb7379790b6ad9be23a73bef8537f322733e23508bacd5ecf85da098fcc1597fd432ff4c41e0433549f64d64797e7c206bf756d4609e5"}, @NL80211_ATTR_FILS_NONCES={0x88, 0xf3, "3d625089cdfe5f8fdf4d8b921d778483010139a7e5b2524965f4e89c9179bdb18268c0c8c5f274d61464531abec63fdd74a9c8008a6a5a16e2c9b1ee288a0174409a6c7d2829ec26be07cd8acac989d0a76d9aa338b2057f6ee16629c3e9d9f9671958043ebe1c8bc947a2f524d40e28b5f2f692cb6f72896c485760d0362979c64ac7d9"}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x3}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x1}, @NL80211_ATTR_IE={0x4e8, 0x2a, "a8f7d098ae054bd6a6642b928d9c2f931053d01501a179fe7a60c554765ac60cef0eff49e5cf9cd04784a39a31c83fcecd7f57230a850584073bdae4fd30f5ece6513bee720cb4d7e3fcb7797ceb6ddd997ae3e72fad152dbfbc25e6fd0c77d8b87c28ecf1f57e10dd2d5f5a87da904c503d9b612ceef7d2015d74d261aaeaced84a89fbf530039ad18f654806c0b52f6bca00808f89ded11490094c73f80a6201aae4a20c0ca729fbcf74d6b4b92b9a8e0aa634ecd90883acff38002fd93b278cbcba2c07000a5f019c45c5f24bacfb19405503fcc5986becfed89b085fa3944fa64c351c445890905634965b38c00b1ec02adc0fac973f0a7eb52057a4b8718fbb83e84d0f74c97867de85735cb2afa28f26a8ccb2ecb321cb69a0e59f92b3802e3294f49afc13d9603c2618e75f03d9bf155e43fa307b912b278220f9f2486f961cd6f4a44340265ebdcfc6894a08b571f1818bb38cfcb1842a99233df399f3b622a1190ed9b14450e172341c04e7f717e7513fb51e23e95569b2719af3764abff37fbee4258e62b80b0fb59c1ea9c72ccabc23291239a28c5cc4188b9abfbf37df977ed2b8d39533953da1135ce0a99892a7a9cc81146f04b5aa80c1b0231ecb6df6bebad867138b4dc4934d50bfaa8ebef4d4edb35da867902e6184c569ac9ba815cbc2b70d4101632bb5c625e271c44f1436a7afb3a77220e58484c3c17f5e5a965a37d68365c98683aa216e424237281e8b85c17948e74844ae37458ba809a97ead0b70083fea120c960a74a1dc35202826bf096e9d46a99487e81e887c9f0add38810975071f98bb511662320fee2b7568be655db7bf80893dd8acf300860aa087d78a3260dc17b83552d104ecc3cc2443920c54110aa458ccfb28f3f5f760cd21db8665a78cef9b7bb168c1f5a2e2fd05c4682dca3d9d0840aa8904fa021a3cc8d701f6355a05d9af8668333aa21e0f4593ff778fbb19924918eb155dd284839d27dc5f42cf5e3d85110d0060ba2d99e4b58cdac4875eae6f7d1b290a348ab325d78784ec0eaf96ee17b33033ad1c379eaa94cc9e4b4ed724bf29268d56675c20ddd0aa831b48d49fb01f51cc2693477062bb82829dcab65de548fbfefd64301f96e5c2158eac3b8f5a335eccfe0da54446765d0717851a6b399fc347296a3d6d7f5099c5d1dc05cc47f43d48a77c1989cfc014f3bd40f0600a88f2ee93d67984dc87dec59544f4e5ef874e82262ed752738aabfeca7dfd58c80651321f58c0be3fa6e5b44d31bc3f2bfe01b30b56a4c852571891ce0f10956dfad7571179d6a248058e8c870d63918bb33e76ec83a5ef55d3b27b60f32917a31f5cea5d44381d1f4544c8702d4eaf4effe32c4524c339bb4bc5b4ac81d0d7798758bf533aeb7d0a44ef92d097134b8d26e255d4f0addd37102a1148d2c82288d7736713459a0a577d29ff3388efea80a0d3bf20fe1028a2f240af38c6c9964fd33e1d391c510148c9ce0ed0625d03ada5f38abcf1381dd2f38d2aa6bd0dbf54c3e0fa7413d968fb53b85f6b433be1911c1188973da0e41c32f70be5b760899008749ba33ed651605226de7a40eb11cf4cca2916b162ff4656d0c50edaf22c2a7b30582ba5dbe2c37bc99511d71307cc69e28653487e80c7ae432c5ee2b8a55eb47ba1bde88e25d1c75f38298a6126f7a009c68387e19508a6bc4e0c114b3c3d7eb3c5808c0a7d7988348f9218297be8a80c20b78187ca2973574e6cc9f94ad742f4db8c1245"}]}, 0x5f4}, 0x1, 0x0, 0x0, 0x4}, 0x40008001)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000002380)={'wg2\x00', <r7=>0x0})
sendmsg$auto_NL80211_CMD_SET_POWER_SAVE288(r4, &(0x7f0000002600)={&(0x7f0000002340)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000025c0)={&(0x7f00000023c0)=ANY=[@ANYBLOB="9c010000", @ANYRES16=r6, @ANYBLOB="000126bd7000fbdbdf253d0000000800b7000500000008000a010300000008001400080000000800a4000400000008000300", @ANYRES32=r7, @ANYBLOB="0400dd0008000300", @ANYRES32=0x0, @ANYBLOB="9a0021003a9369627113080d6816010e5891a9a6784039266ee7a76e5abe3fa9734e977d1267752007bac243c907dd5683cb00e290df4dc562fd0f873336500c4b7db55eed80c95e00022d8418c14e4f20d068286ea25e34fce6ec0ad2b1b6080026c7258c9d2de79cde77c966ff1c0171f577eeda1e50a7e4e7ff0db680ecf703dbf0a52605344b764e5408b9c665a3eb7133121c7f08be103f0000b0003c01751180ee24560ed469b81849499275d230c86c59cd69ec3f070e37a061f428d2b00cc4355d642bb9b87813a54efefb5214eeac792c852c21b7f3e52c7ecf3aa2fad1ba98d621973c5b64c02e74f7f90775b53b868738ce67d9c57ab2e8c057ac5f5610dc4bc3dbd40a85de1615560efc2f71c2d0a785cfa7e125d8889973937b968d213cbea2bb21ce7b085ff0e189681cca9d03470cb24d62fc954f560fa79e77751d5b298d618e00dff8b20800350105000000"], 0x19c}}, 0x8000)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'veth1_to_hsr\x00', <r8=>0x0})
sendmsg$auto_NETDEV_CMD_QUEUE_GET174(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x2c, r1, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r7}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r8}, @NETDEV_A_QUEUE_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x4040000)
get_mempolicy$auto(0x0, 0x2a0, 0x400000000005, 0x0, 0x0)
r9 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000000), r0)
sendmsg$auto_OVS_FLOW_CMD_DEL386(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="01002abd7000fedbdf250200000004"], 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000)
executing program 0:
close_range$auto(0x0, 0xfffffffffffff002, 0x0)
socket(0xa, 0x801, 0x106)
setsockopt$auto(0x3, 0x0, 0x18, 0xe33, 0x0)
socket(0x2, 0x1, 0x0)
socket(0x11, 0x3, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x4000, 0x5c)
fcntl$auto(0xff80000000000000, 0x406, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000100), r1)
sendmsg$auto_NBD_CMD_DISCONNECT159(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)={0x1c, r2, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x695e}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4008000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/pid_for_children\x00')
syz_genetlink_get_family_id$auto_802_15_4_MAC(&(0x7f0000002780), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x801, 0x100)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
recvfrom$auto(0x5, 0x5634, 0xffffffff, 0x2, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000580), r3)
sendmsg$auto_ETHTOOL_MSG_PAUSE_GET49(r4, &(0x7f0000000640)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x1c, r5, 0x2, 0x70bd29, 0x25dfdbff, {}, [@ETHTOOL_A_PAUSE_STATS_SRC={0x8, 0x6, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x50)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001c00), 0xffffffffffffffff)
userfaultfd$auto(0x7)
r6 = socket(0x2, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000280)={'veth0_to_bond\x00'})
prlimit64$auto(0x7, 0x5f66, 0x0, 0xd)
socket(0x2, 0x3, 0x1)
timerfd_create$auto(0xffffffffffff934e, 0x7fbffffffffffffd)
r7 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$auto_OVS_METER_CMD_FEATURES391(r3, &(0x7f0000000500)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000480)={0x5c, r7, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@OVS_METER_ATTR_CLEAR={0x4}, @OVS_METER_ATTR_STATS={0x14, 0x3, "d7ea08d136dfae33c44b0f70845ffb2c"}, @OVS_METER_ATTR_BANDS={0x1d, 0x4, "91853bc23151e625da887ae2afb7e6fb4b0b0dd9d4900543f2"}, @OVS_METER_ATTR_MAX_METERS={0x8, 0x7, 0xffffffff}, @OVS_METER_ATTR_MAX_BANDS={0x8, 0x8, 0x853}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4800}, 0x40000)
executing program 1:
socket(0x2b, 0xa, 0x40001)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000)
semop$auto(0x8001, 0xd568, 0xe7)
clone$auto(0x3b46, 0x0, 0x2, 0x20000000000000, 0x1)
exit$auto(0x2)
socket$nl_generic(0x10, 0x3, 0x10)
executing program 3:
r0 = socket(0x26, 0x80805, 0x0)
syz_genetlink_get_family_id$auto_SMC_GEN_NETLINK(&(0x7f0000000040), r0)
socket(0x1e, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
clone3$auto(0x4, 0x101)
madvise$auto(0x0, 0x3, 0x15)
getsockname$auto(0x3, 0x6, 0xe)
socket(0x26, 0x80805, 0x0) (async)
syz_genetlink_get_family_id$auto_SMC_GEN_NETLINK(&(0x7f0000000040), r0) (async)
socket(0x1e, 0x2, 0x0) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async)
clone3$auto(0x4, 0x101) (async)
madvise$auto(0x0, 0x3, 0x15) (async)
getsockname$auto(0x3, 0x6, 0xe) (async)
executing program 2:
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0x0) (async)
getsockopt$auto(0x6, 0x8, 0x2, 0x1, 0x1f3)
executing program 2:
semop$auto(0x808801, 0x2000d568, 0x1)
setresuid$auto(0x80000000080, 0x201, 0x3)
futex_wake$auto(0x6, 0x6, 0x3, 0x1)
init_module$auto(0x0, 0xffffc, 0x4000000000000000)
mprotect$auto(0x20000000, 0x1, 0x6)
mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
mprotect$auto(0x1ffff000, 0x8007, 0x6)
waitid$auto(0x6, 0x5067, 0x3, 0x4, 0x0)
waitid$auto(0x0, 0xcc31, 0x7, 0x93, 0x3)
keyctl$auto(0x2000000000000012, 0x7fff, 0x5069, 0x1, 0x65c)
executing program 0:
socket(0xf, 0x3, 0x2)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0xd6d7, 0x15)
executing program 2:
mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
mmap$auto(0xf000, 0x8, 0x1000000003, 0x9b72, 0x2, 0x8000) (async)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
sendmsg$auto_NETDEV_CMD_NAPI_GET169(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x20084814) (async)
futex$auto(0x20000200, 0x7, 0x7, 0x4d79, 0x6d, 0x0) (async)
mmap$auto(0xf000, 0x8, 0x80001000000003, 0x1000000009b72, 0x8000000000000, 0x100008000) (async)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
msgctl$auto(0x81, 0x3, 0x3) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ppoll$auto(0x7fff, 0x9, 0x0, 0x0, 0x2) (async)
clone$auto(0x1000, 0x9, 0x10000200001, 0x3, 0x5) (async)
semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0)
close_range$auto(0x5, 0xf9, 0x10000000000008) (async)
lsetxattr$auto(0x0, 0x1, 0x8, 0x80000000fff, 0x1)
executing program 1:
socket(0x1d, 0x3, 0x1)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
fstatfs$auto(0x0, 0x57fdfff0)
clone$auto(0x1002, 0x9, 0x10000200001, 0x3, 0x9)
madvise$auto(0xfffffffffffffffd, 0x8000000000000003, 0x100000001)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
fstatfs$auto(0x8, 0x82f1)
socket(0x2, 0x5, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x3, 0x9)
shmat$auto(0x100000000, 0x100000000, 0xfffffffffffffffe)
sendmsg$auto_NL80211_CMD_ADD_LINK_STA205(0xffffffffffffffff, &(0x7f0000001100)={0x0, 0x0, 0x0}, 0x4001)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
open(&(0x7f0000004080)='./file0\x00', 0x40, 0x23)
madvise$auto(0x0, 0x80000001, 0x8)
executing program 0:
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x5, 0x2)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x3ff, 0x3)
ioperm$auto(0x2, 0x3, 0x1)
poll$auto(0xfbd, 0x0, 0x5)
io_uring_register$auto(0x100000001, 0x7, 0x5944, 0x1)
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0x2000000003, 0x0)
bpf$auto(0x9, 0x6, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_HANDSHAKE_CMD_ACCEPT72(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r2, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@HANDSHAKE_A_ACCEPT_HANDLER_CLASS={0x8, 0x2, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000004}, 0x40000d0)
sendmsg$auto_HANDSHAKE_CMD_DONE73(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x92952f3895c48d7}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x20, 0x70bd2b, 0x25dfdbfe, {}, [@HANDSHAKE_A_DONE_SOCKFD={0x8, 0x2, r0}, @HANDSHAKE_A_DONE_SOCKFD={0x8, 0x2, r0}, @HANDSHAKE_A_DONE_SOCKFD={0x8}, @HANDSHAKE_A_DONE_STATUS={0x8, 0x1, 0x2}, @HANDSHAKE_A_DONE_SOCKFD={0x8, 0x2, r0}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x89b1, &(0x7f0000000040)={'nicvf0\x00'})
executing program 1:
close_range$auto(0x375, 0xfffffffffffff000, 0x4d)
socket(0x10, 0x2, 0x0)
socket(0x2, 0x1, 0x0)
socket(0x1, 0x5, 0x0)
mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0xd806, 0x8000000000008000)
munmap$auto(0x1000000, 0x2000000c)
io_uring_setup$auto(0x6, 0x10)
faccessat2$auto(0x8e, 0x401, 0x4, 0x1000)
mmap$auto(0x0, 0xc, 0x1000000008, 0x13, 0x3, 0x8000)
executing program 3:
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
move_pages$auto(0x1, 0x2000000000003, 0xff, 0x0, 0x1, 0x8000000000000000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x0)
setsockopt$auto(0x4, 0x6, 0x12, 0x4807, 0x7ffffb)
executing program 0:
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0xa09b, 0x2, 0x0, 0x11, 0x3, 0x1)
clone$auto(0x81000005, 0x6, 0x8000, 0x40000000000006, 0x80000001)
mmap$auto(0xf000, 0x8, 0x1000000003, 0x9b72, 0x2, 0x8000)
utime$auto(0x9, 0x56f3)
futex$auto(0x88, 0x1, 0x7, 0x5000000000000000, 0xc, 0x1041)
mmap$auto(0xf000, 0x8, 0x1000000003, 0x9b72, 0x2, 0x8000)
prctl$auto(0x10000000017, 0x28, 0x4, 0x8000000156, 0x0)
getresuid$auto(0x9, 0x5, 0x1004)
executing program 1:
mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
pselect6$auto(0x7, 0x200, 0xfffffffffffffff7, 0x6, 0x8001, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x5, 0x2000000000002)
fanotify_mark$auto(0x400000000000, 0x101, 0x8040, 0x4, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/time_for_children\x00')
socket(0x2b, 0x1, 0x1)
socket(0x29, 0x2, 0x0)
getsockopt$auto(0x6, 0x8, 0x7, 0x401, 0xa)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x2, 0x5, 0x0)
sendmsg$auto_TIPC_NL_MEDIA_GET444(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x814}, 0x44000)
socket(0x18, 0x4, 0x1)
getsockopt$auto(0x6, 0x111, 0x7, 0x401, 0xa)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$auto(0x3, 0x10e, 0x2, 0xe33, 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
fallocate$auto(0x3, 0x12, 0x9, 0x3)
close_range$auto(0x2, 0x8000, 0x0)
executing program 1:
close_range$auto(0x0, 0xfffffffffffff002, 0x0)
socket(0x1, 0x5, 0x0)
mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000)
setsockopt$auto(0x3, 0x1, 0x3c, 0xe33, 0x300)
socket(0x2, 0x1, 0x0)
socket(0xa, 0x3, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f0000000800)='./file0\x00', 0x2040, 0x0)
fcntl$auto(0xff80000000000000, 0x406, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/pid_for_children\x00')
open(&(0x7f0000000080)='./file0\x00', 0x103402, 0xd7)
mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
pwrite64$auto(0x8, 0x7f, 0x3ff, 0x80000000)
executing program 0:
socket(0x2b, 0xa, 0x40001)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000)
semop$auto(0x8001, 0xd568, 0xe7)
clone$auto(0x3b46, 0x0, 0x2, 0x20000000000000, 0x1)
exit$auto(0x2)
socket$nl_generic(0x10, 0x3, 0x10)
executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioperm$auto(0x2, 0x3, 0x1) (async)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program did not crash
replaying the whole log did not cause a kernel crash
single: executing 1 programs separately with timeout 1m40s
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-socket$nl_generic-ioperm$auto-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioperm$auto(0x2, 0x3, 0x1) (async)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program did not crash
single: failed to extract reproducer
bisect: bisecting 24 programs with base timeout 1m40s
testing program (duration=1m46s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): [20, 30, 12, 6, 4, 8, 30, 30, 6, 16, 3, 11, 3, 14, 14, 7, 8, 9, 5, 9, 22, 15, 6, 10]
detailed listing:
executing program 3:
listmount$auto(0x4, 0x7, 0x40420f00, 0x1)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = getpid()
syz_open_procfs$namespace(r0, &(0x7f00000022c0)='ns/net\x00')
syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/net\x00')
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
execveat$auto(0x809fb1, 0xaad, 0x8, 0xe3a, 0x1000)
bpf$auto(0x8000000100000020, 0x3ab, 0x1)
r1 = syz_genetlink_get_family_id$auto_802_15_4_MAC(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_IEEE802154_LLSEC_DEL_KEY96(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x6}, @IEEE802154_ATTR_SF_ORD={0x5, 0x18, 0x4c}]}, 0x24}, 0x1, 0x0, 0x0, 0x8805}, 0x4000)
listmount$auto(0x4, 0x7, 0x40420f00, 0x1) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
getpid() (async)
syz_open_procfs$namespace(r0, &(0x7f00000022c0)='ns/net\x00') (async)
syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/net\x00') (async)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async)
execveat$auto(0x809fb1, 0xaad, 0x8, 0xe3a, 0x1000) (async)
bpf$auto(0x8000000100000020, 0x3ab, 0x1) (async)
syz_genetlink_get_family_id$auto_802_15_4_MAC(&(0x7f0000000080), 0xffffffffffffffff) (async)
sendmsg$auto_IEEE802154_LLSEC_DEL_KEY96(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x6}, @IEEE802154_ATTR_SF_ORD={0x5, 0x18, 0x4c}]}, 0x24}, 0x1, 0x0, 0x0, 0x8805}, 0x4000) (async)
executing program 3:
socket(0x29, 0x2, 0x0) (async)
mmap$auto(0xf000, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000)
semop$auto(0x3e, 0x137a, 0x40) (async, rerun: 64)
socket(0x23, 0x80805, 0x0) (rerun: 64)
personality$auto(0x40004010410ffc) (async)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
socket(0x1d, 0x3, 0x1) (async, rerun: 32)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 32)
ustat$auto(0x6, 0x3) (async, rerun: 32)
socket(0xa, 0x1, 0x21) (async, rerun: 32)
getsockopt$auto(0x6, 0x10d, 0x7, 0x401, 0xa)
socket(0x2, 0x1, 0x106) (async, rerun: 64)
syz_open_procfs$namespace(0x0, &(0x7f00000022c0)='ns/time_for_children\x00') (async, rerun: 64)
ioperm$auto(0x3, 0xe, 0x2000000000000149) (async)
r0 = getpid()
syz_open_procfs$namespace(r0, &(0x7f0000000040)='ns/pid\x00') (async)
mmap$auto(0x10, 0x10, 0x1, 0x12, 0x7, 0x0) (async)
mmap$auto(0x6, 0x2, 0x1, 0x26bf, 0x2, 0xfffffffffffffff7) (async, rerun: 32)
setpriority$auto(0x1, 0x0, 0xe55c) (async, rerun: 32)
socket(0x2, 0x5, 0xa706) (async, rerun: 64)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET41(0xffffffffffffffff, 0x0, 0x0) (rerun: 64)
madvise$auto(0x0, 0x2000040080000004, 0xe) (async)
clone$auto(0x0, 0x5, 0x7, 0x8, 0x9)
mlockall$auto(0x8000000000000001)
mprotect$auto(0x7, 0x1, 0x7879) (async)
r1 = socket(0x21, 0x2, 0x2)
sendmsg$auto_NL80211_CMD_PEER_MEASUREMENT_START260(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x21, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='\f\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="200226fd7000fddbdf2583000000080009000100000005000800000000000700260125c77800048b46010000740001000000"], 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x20008050) (async)
utimes$auto(0x6, 0x4b38)
executing program 2:
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x5411, 0x0)
mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000)
r1 = syz_genetlink_get_family_id$auto_TIPCv2(&(0x7f0000000040), r0)
sendmsg$auto_TIPC_NL_NET_SET451(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xd8, r1, 0x2, 0x70bd27, 0x25dfdbff, {}, [@TIPC_NLA_NET={0xc2, 0x7, "1ecf158dc86f8f75a9b935e5d2bdc8f5192ff2fba0838331c16e0a03a13d118d4d84858b6c8db195c84ceffb95316e5f36253908b1e4cadcd6bd1ea8ad63e25217192a8cf5f5fc5bfc0664272f5a5b87c78e0085b1e0aa253f39f47fa3fe331da8a57ce4542e2f3006ba3593cffa3b4b93b79f82003161bdccc5278892f7029feb84f29a465ee413a676bd3487605d9f7cb56c7d7ca7893dacfbb3064bfef7a8780c98490515c9d40d9322379f961b71316f37972769c284075e9e0ea6b6"}]}, 0xd8}, 0x1, 0x0, 0x0, 0x50}, 0x40eb01fc15abbd18)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x5, 0x0)
getsockopt$auto(0x6, 0x40000000029, 0x30, 0x9, 0x6)
mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000)
executing program 2:
mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(0x7ffffff8003, 0x7, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x2040, 0x0)
readv$auto(0x3, 0x2000077d, 0x9)
fchownat$auto(0xf, 0x91, 0x8000000000000016, 0x99, 0xffd)
executing program 3:
socket(0xf, 0x3, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0xd6d7, 0x15)
executing program 2:
socket(0x11, 0x80003, 0x300)
ioctl$auto(0x3, 0x8912, 0x91)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x8, 0x4, 0x9, 0xfffff80000000010, 0xffffffffffffcd16, 0x8)
socket(0x1d, 0x3, 0x6)
socket(0x2, 0x2, 0x0)
shutdown$auto(0x1, 0x0)
recvfrom$auto(0x5, 0x5634, 0x9, 0x2, 0x0, 0x0)
executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f00000000c0), r0)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x620001, 0x1)
syz_genetlink_get_family_id$auto_IPVS(&(0x7f00000004c0), r2)
sendmsg$auto_NL802154_CMD_GET_SEC_DEVKEY328(r0, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000680)={&(0x7f0000002640)={0x1020, 0x0, 0x200, 0x70bd26, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY_CAPS={0x1004, 0x18, "bc1a8e7a4ac32d4524f98ff1900bfea5e82ea7d430b92ea1dd39bb131c08f9a049809bafcca3a63cb8449c7b8a8c08f87652f203f8521a16f7e8a8dd074f918022f1a81ad4df088919c957931e05dadc6d53365b82935670eacdd8447488ba555ba445e71aa60f7eebffcd347ccd6e6b1af3df1f4693dce7d29562af78460d213cb45caaaa0b9ff418b24ae20e94959c794bbe5a6b6d08b7288109797b8d4e5eb927309bc2b085eb7d6ee147da464b9b33af7138216e93e754278ddbad3398fdbea32600bb34bcc6faa0ecf4a141d3b2d76239b59f80bdaabe87ec95393caf257e3c0f800605ed2a97feec422a80a227b047092306117241a2cee3bed0f788de5f26cc245ca7742db8039f35dd5bf97fa836cb931bf2cf88a9ba6094c7d2a1edb8264cea0b1c0b1a1712d9c61319558dc377e57639b85a014bb8732dd25c62a33aa13dae32b0cbdf7e6eed4c1316b8e586c10b8626c369ce2435865c27e6ed43fa5d459712ae775a50894d74870cd228ab96f2960a48a53985fb662d2d4594b87f97b9d7e1a6b39d565a2497289e1d9345a761094346844c45611333c5d10f45f7591aeb6eb3010910624a5be444457445aa542d6782f76257b970336b42f1d212c185e4b700e9abc1261cc6986b2499821f94317b4cfec1fc9184ff45dae6e6d46a408ebabbc324cc2f1d568063de21832ce7e8b01f3dfa29d41f365cca1dccd08f5aa005a32d3982126e71dfebe068319d28e636bd868487cb879a05e9b6f920499126b6168fb5efe258e420a4f13c955bdde51633122680577f4a532c49038b75620b2c7ab5dd86161798bd9fb833e9b1d6b184376c85e26acaeb196eb07500143b554954088ec7b3261767268bd671a1317551404f54930b9c697c80ad1ba94746bf39b1855e7e2177f1b9353e0a0a729ab229fcbdab85ff382ce6b91e3f85eec236e84bcf9e169df53138a0ae7c992db49c7fc524ebd6e8a6bfe49e99a1188b926fd37600e36225edec00daad0bc6f2e1cb7793e7bb4024d6950da68d604ddec93e3d1b41177446739393db76603193c5abfbc372eca5d6a898e4cec29848b3c7a998360bbb680a1bf97ca766507c42c87c0f998b82610fee1ba577e99e0b589ee31af383802473c028dcd99b8e5b59fe30a773c14d3cdb789120cfc97079a4dbe4eb035ea9256d99aacbf554f94b9598691d9fbc57ac6ad4e78f457d1759b5d53258f964248881a0a84713ed59abcba8564718dcb1482847ede9091344fcbe8c3d915c5b67676dd2b082d10e70928ebe7f7794b2d016f14f494d1bd978ab4821cd62f4db3b1a734b4b429f9fa4009074e8f9521af4d39df91c1726e4a9d9dec5c64bf61f7475245c2dcbb6c745370b219cb879af85dec9521a3195922da380c9c2722b303e1665bbfe332a39d308afe80d84c267867887793965a3206eb94b7e345ffdcc824eef318ddc2a4307429de12f2b90986274d83e873c6e7a781201267f7cf8444da97ed68787ca106cbda08a193019b58011a8730502c3bf70f99be7b9ec6b978e7d5932f8f5fff14d9c608d8c0328fd877e44a3f574e8c22589a6359e0d4ad83e6a1bdcb3d26faeafb5829c0cefde7debf00f1ca691fe0c0da23cf25e6dd7cdcb94a00d6792db46a89fdaa3a271a482dbbee7b725ddccd59ae5f59aeafa2c7239e62e8a0ce8054fc22a81f9a505ce79bea6e45e65b9f3149fb93ce5bd3c02e1e2a7fab46142a3fc564a0b5317079b4bb27f118dd9ae78d1708c7eca5b4d3dd82da755ba0b50709f9c9f3e32f2bf30d7b63d4e91a2b8526abfc2cbe5d15954607e246db8b2da131fb99c6ee8fef983e8a36bf4ae152c76cb5c92d50db5a62c73fb8761c53e61ea79416af3cd9e1364b385717f13e32d152b5e4b87dec834713029c6853b06e07923f003be47e37c5e573d6425f117c7b7973a00640a25c20ee366929a3e209ddb383f675122453798cd394e5937822bbb0eba085365b7ff735fa15fb038f87f2d8c6867a06d99d22f2509a70c322d375c4bbf4d7bbe8ea6d04ea7485791821b31c5202f7e5eb789b6841fa4ba151a51661da87800b4519f6af30240468ca578a74cc06a62932dd618b32a0befe79e6b56e7f914d648e4736202b21f52c210abbce964ff4afd42efff0def1ff69f07272ae84ae4c10c94e69b6bf129889ad34157f76b4f36b3df247348341b1d8ad0d8bebcf897623434f418f75dc7c8227acbf3bb0367b471c52e55b151c5da7cf7d3f4171dc134b640ca44a2caea2c7e460e67e9330e3395638a9cf8a9b040bfa1a901e7dd3c82f2a7e049e1a52d95b3cd410abfdad7e19336b65b71573ed0217a8f18534a408dd09f3d7be576b724e0bf4c3c28cc5a926c96d0b4f3704ad2b53abb3e9e85034e5959046abda263d905282d29a9e720da07c2b7a458ccecec4d066bdd564fc6651c6c0261f5ef3a816ee78aff16d22b140ca4301c56e3125ced1ea485b4eefd5cc00004a3e448ca18577a7ab1fe86d4b879ba89f63ec099d7779fdc8056ce5a9934f76f6139f31daa03870d76ec13ccde671163605912d688ee54c656f7b1a735f4f0e10555f02ecf7fcc73d5140704eb793ccf3fcb776f55a1d0f39d644881320fbe02078358a77fe5cc677390b75bf3267570a1fadf187cce36987827abfef305eeb8ea1a1c1769f299b4c9ba844b2481ec2bc9ec4d9adcabdf440d6652afe49639622957f9b8040f83640859be3e0e2ce404f10156f6cb080ed4779b7353385aa10801debaf685d996b4df2fa2444b32d6b85ba721c854f0cddfc463a94c2a00cad19a0aea662a0deae1a31cbea0e9aa5304cf9b434872039aa398b91e2590cb0c178fbeb5934a546c4c30ed1b8f6af6932f2aad8b55fd468fd6c5714c0193461f8ad79e87182a5a93d1a1a1864db951bdaef480ddae32c454ee2a1f65138030067c57629959632e66fb131661133b63ca09952f61e0166dea225bce29de4dd0ec9ed2f2ebc932654d8ddc0263937e75febe10f6a34f47870df650be757867880d10dc922468b250108e90e376e1b2d32961011f353aa13acb5871c152e6805875052227b415bc5677d2ff10ce0620aac58f147b1cd334fbe3777c261af2f44ff628a7bbeb8375111675bdaba9a6e89ce53d00ab8efbb52683979cbc6c2537f2121f9a01d5b77b2232d79f9e3b8bdf60b72542f149bb88a59c0235ee5d4b7189e7cfea465368293150d6cb6514b192279cc10a000888498510abeab6f06ae9c4fafeedcd11645a2573b87fad91270855fdc4e2a38a736531c57028f068eb6925531fa4e4bb5e1d1a4e5404fd4a7a20246022d23a74f54681d2ebb00113bed33c686eedddfa793790e89b21e1a3e1580759e3dc928bc341d241cee4ab5cfdc776e560f704134e52cf9483e3638a54df79eb6d6aee69ac5607176685418bacd5a2b42eb7f14d04ba6eaea06d79c63d5fbc28b5d09a960ab78d49153748910016dfadcc136d239bb90162560833810e1969bf972386d46852acaa8f9c68aa9dabd754d0571dc2f8ee4fdb4c51200790a6231ddb0ce79bb1635b663f3df14d202119c2e07d3caa4dca0b09a55cf32c6c78558dd9d0413d1e703705c8723eb94d0c332f9e9fc5f78e61df39efda8cfa3c9cbf7c56a60f9566552805371b29f9bb28d32698cecd0ab5815012698de6915295bd2a23bbe82c2d62b7bee70e2322db462c3cf0e088cebf4ab2cd02d8cc907eb4676b921b7832f8bfc667ad0d6ee336287791308163abb61ed4a3e36f6af8164e8525d9e1d4b24613a7bdbfa249760b84e5f543d00347ccdabd022a7ce754c60f9fac4a5e19d26472a491096f9658130d4c5bfaa8bb64c96f041b26189bdb1076159dbdc3b7bc6a23c6f8b2147eace996277a9b2a47ef87b8623b3a73134a5d70d43955ef8d586433b9a84d0ea30688e91c284002c1fd5807da2e664f0cf86ecae7a8d75b990fdf48ae8285cb77e620bb6e7d3494bcc4b33087adc3731be5a2e9f17130492ec0adb5e476d5ac46b1312faedf17577bc7118888ffa4d656b4d91cdff9698a1788925a1e534757eb3202db7d8d14690e50555eb28d894c22d4b502e2ed47f1e81017455b5db8b9c9367a42af65595f2ddd8d1d327fe75b9e96eb8b263b74d40cd710e7e445cbd4d856613ba1a5cabd9c33cf6062fbc2bcedc3972fe508c77d45f98d4eada9b22b90a62802780d9927599209f55a40b3eb1377b01a6630378d337fa59bb1d200d17599a3875b7594c1d6050f39b84adc159fd28c628295e48a93f3468ed0c8c07cfec01f002503f1473d9212d2e15a16c7d4e1664412d2f9db99cbb4e551f065afe10d0f4d77b4bc447e35c9e0ab058bb94d85008a7b06a1bb6925165fda17492b1eb991793ec1c94e0b26aefc9031c7f6b3d758554d8aebfef22c2a6cefc73d952476d6f2dfbf76a53465539e64c3af3b8458aa5869565d55a72dc18d647affc8056fe1e931818d0ce87772f67f4a3845b306d339bf050b68f59333b5226a9a10555abebfb2be0a41dfc25960fa4dd3b1652aeb1f65c460b2eaca95871e490ae5dfc809c36cd5e9504c05443f1baf817fbc0f5b8f6e0a29115a5151d05c084d21ce499f28ac97b19b38ea9d793e94426bc98be729ac355769741c18b6f777ed258caa567258c565e8d15fce0390fa45a8d0c5d0bfac70620a19a105b764ebcaac1fe7eeb39f0c7ab53f633bb9017708018af18324eb34777301e9588fd85d1a0966361c27051730e8abf0dd799a158a5d767b2a66b294b156a6705a68a5de3f6bfd3bc1747e8e8dacfb4a34059a5617498e9241be9bb61b0fb513ae0121ea8f2622a51419d69deb1a1a5a5d493a27ee1baea859d25a62cabbcc952c576c55f67ff7e5358218d65c872f061bbbb5c640f1c52e769eb81b4822ca711d77b342a5bfe3680569ac7a2e6f0240284815a8962dba95cbecb1b3c7d260634a9f9dd4694bb536520af5c76a56eee86e84504364ecb7bad5c564206cbe7349d281be0a681ac12bc689ce76f3f39d447d7ab2b934dae823da3b7a2043abe25fad7bac4326d64ef8c748cd4597bb9c239660f717d6dd24cf0155e3d79aae34e4feec8c01487d9a2e79de9a80f64e78112310d9b573b9dbf2999fbde9a1c4dcf17ead425b91891e957c5069a3dceee8b9433cc2bba5134c6380d34677692777b03085f50005f9569de0b87257fa9a457ef45907aca3dcac232f8f1f7759543f31ba376083530dd43f21979423b0d6e27b92bc88344baa574f3b820c03d54fb35a730b83f25c65689b21555e2ec17c881d10813b637e29178ec06ebf0ad0d69cc4cd8dc315719c9d9b7efd6d3ec0af49d35ac9ead6191c518970111001305fe9219e91efea53b947767988846e624b80cca9ccce92bcce45ad4a2c4e2f29ddbd32cb9bc4bd9f13a3f1e7461164708fb0269fc92b2ec2e3e5aa883653f756f20ceef4f3684539a527c4f8aded9572d298d15e3d81ce6c120881572514f1e96b6a91c71a88c7da00643264f26523d27224abf40fa88804614eee5528c0ccadf690ed70a7278c68c5fa3b1720e0c02ca98ab36931fdfe0190ebdac1cbedeacafc839e0ecdb721b50a13c84b35a6505f04451daa554debe1c989ffa5d32c457957463ce3379bc7a048e619c3b9119ab0d19ae75f0d619b3ceaf7a95abc0c793e7790361f316cca89a0cf2ba7970cab24ea30f90d07b5b1301f44f66ed85f38fa8c44752ac61fe1551102870b89e86d885f6605dd53582fdc19e7be1431a3cc912dbc9d445d0f7451a0364b"}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0x7}]}, 0x1020}, 0x1, 0x0, 0x0, 0x8010}, 0x800)
sendmsg$auto_IPVS_CMD_NEW_SERVICE127(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x14, 0x0, 0x220, 0x70bd2c, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4000000)
sendmsg$auto_IEEE802154_LIST_PHY89(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="56406954059f19dd0000", @ANYRES16=0x0, @ANYBLOB="080025000000fddbdf2520000000050029000000000005002e00100000000500180001000000050003000c0000000500280000000000050028000300000005001b0081000000"], 0x4c}, 0x1, 0x0, 0x0, 0x850}, 0x4890)
sendmsg$auto_ILA_CMD_FLUSH109(r2, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x38, 0x0, 0x20, 0x70bd2c, 0x25dfdbfc, {}, [@ILA_ATTR_IDENT_TYPE={0x5, 0x8, 0xf8}, @ILA_ATTR_CSUM_MODE={0x5, 0x7, 0x2}, @ILA_ATTR_LOCATOR={0xc, 0x1, 0x8000000000000001}, @ILA_ATTR_IFINDEX={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x40000000)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x5, 0x81, 0x613b)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
socket(0x2b, 0x1, 0x1)
fstatfs$auto(0x0, 0x4)
r3 = socket(0x11, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r3, 0x8954, 0x0)
getsockopt$auto(0x4, 0x3, 0x23, 0xc3bf, 0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_HSR_C_GET_NODE_STATUS75(r4, &(0x7f0000000340)={&(0x7f0000000280), 0xc, &(0x7f0000000300)={&(0x7f0000000700)=ANY=[@ANYBLOB="0b269c07e587afe80b7ad4bca1c2233f6ddf12a8ceb5d1d226a053cf5e525a1637236d58874a19274d68befe6a8c95fc91faf77b6e618e889ff433467b", @ANYRES16=0x0, @ANYBLOB="210629bd7000fddbdf25030000000600060003000000"], 0x1c}, 0x1, 0x0, 0x0, 0x804}, 0x20004804)
syz_genetlink_get_family_id$auto_nfc(&(0x7f00000003c0), r4)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000015c0), r4)
sendmsg$auto_NL80211_CMD_CHANGE_NAN_CONFIG211(r2, &(0x7f0000001a80)={&(0x7f0000001580)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001a40)={&(0x7f0000001600)=ANY=[@ANYBLOB="fa030000", @ANYRES16=r5, @ANYBLOB="000427bd7000ffdbdf25770000000400e20008003700080000000600270104000000f3030e0024c90ae59b787617492c6344400a3791464b1a21ec64c07724327d98a446f98edcaf9503537a27a3d245ea13cbebffdae15ce4c50e6bca23b45b700edca4adbd60c30897a09cd5c9654d0aa72d771aa258fb335d2a1718c42cdb0acc63dbf8b9b8eddbe040aa1f436cce7a590be6f1f601bbac4681611952f78598be8a9afa9b2178315a374181c1f522f2c7d851f9e1b45f4b502ab244127a3c614a3f99999ee3d571df367bbd7aa0df238b1f2bfaa939ad5e6315ed5c221d49b0e3bc80624011ce18ce28eaa8cb10d806a795bf3ef78c78a0f636fa71d831cd301c6b8c04eb717fd8897129b196d9a505baf5f4deba26a73a6ad350f9ccb4b4d31d5cd2d6ab2564e9299b3b8a518c9ea8a530d99a3552a0253d74e10e320602785c5a68f89b4eb122f73de4ee7e5968b97d0a949704a7892ca65273459e7ce646c6d6d000b3b042672273ac28539f1f2c9eb97e7fb75636f8d74accbc98b164602e2172741c492342bf02567ec46220fa0d8763008aeaf9cf0590f02bf68745ca6fe85848d026f427b8b4fde82461b33cff1a16b60ae53f7752bc9817b2011ef7c4dfd8687e0f9bb995b5c4c31464d3b3e1e51303251d461b91d687ddabb43c83ff16170d03014ea5bb379f6733ec127c8dbf5d376a16c416832d015ceb86261f4de60ac547febbf42c86107b39c67174ffbf1570cc38ed99298cb3aeb5ef26546748f1b82c2e3febd9529b9142ec7302f0f1db0847ff1b66ddb8fce8001c90bee6a35c7cbad75b31c6a77870d7b622edb91239581e957b91d4335c3a7951f56bd2263fce4f224a4beb22165d224680943a795201642ce285e0a9e6820647fd09926df911a480601c9350c1e405c415a9a1395803bb6763452e23c2cda3f7dfb89f5380f2dd3a80fc2280b794fe3c7159965be8322a2c0aba36247f219d80d1c118a4c8d417ceedd617ee91617cff0cc6243cf97bc07a42f9e4accd88f0ef6f9f16bddecdbc12f9265c3bf5ca4a792e968ee5070e0ebfae95271c50f15eb984d10728b9f859e3471f4dc4aec2520d78edf79ee0eb79a6490b1fdfcb22f57527bbb49959b354a1a9cccfa4492d4f9513b27392429bf2d98ca301c6aebeae8c9d57bf70531b1a1618ea8fc861c8f8d8223854a5e1540933785167c01951a1a4e63e59451724ca9e6d0403fee5f3131e57b061c605f9f4f65cb51f3c1ce311d7199ef10d4ffd27c8160b211c33380fa5f0a33a6b072e6344a69e90755ef4eb083d71030932f4526c8a5b82131241270bb15cc233ea849a6666264f96c65610e582382f665b9be36c942c2ee24cd2c1bcad6f7b9723802a4ec6c521e4ab2913e05f3ae796b016c4e4bd02fc3a2a92ea11ea7c277abd69b8b5e2feb74d67ec518f439e7fe62ed73403e6674a2505755312f684ec1edec400"], 0x41c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001b00), r4)
sendmsg$auto_NL80211_CMD_PEER_MEASUREMENT_START260(r2, &(0x7f0000002180)={&(0x7f0000001ac0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000002140)={&(0x7f0000001b40)={0x5f4, r6, 0x0, 0x70bd28, 0x25dfdbfd, {}, [@NL80211_ATTR_EMA_RNR_ELEMS={0xc, 0x145, "2b161da8be31de2c"}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x52, 0xcd, "1ff7701f5e6b2952c428a4d8773b52171219e5fe6fb6e35cb7379790b6ad9be23a73bef8537f322733e23508bacd5ecf85da098fcc1597fd432ff4c41e0433549f64d64797e7c206bf756d4609e5"}, @NL80211_ATTR_FILS_NONCES={0x88, 0xf3, "3d625089cdfe5f8fdf4d8b921d778483010139a7e5b2524965f4e89c9179bdb18268c0c8c5f274d61464531abec63fdd74a9c8008a6a5a16e2c9b1ee288a0174409a6c7d2829ec26be07cd8acac989d0a76d9aa338b2057f6ee16629c3e9d9f9671958043ebe1c8bc947a2f524d40e28b5f2f692cb6f72896c485760d0362979c64ac7d9"}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x3}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x1}, @NL80211_ATTR_IE={0x4e8, 0x2a, "a8f7d098ae054bd6a6642b928d9c2f931053d01501a179fe7a60c554765ac60cef0eff49e5cf9cd04784a39a31c83fcecd7f57230a850584073bdae4fd30f5ece6513bee720cb4d7e3fcb7797ceb6ddd997ae3e72fad152dbfbc25e6fd0c77d8b87c28ecf1f57e10dd2d5f5a87da904c503d9b612ceef7d2015d74d261aaeaced84a89fbf530039ad18f654806c0b52f6bca00808f89ded11490094c73f80a6201aae4a20c0ca729fbcf74d6b4b92b9a8e0aa634ecd90883acff38002fd93b278cbcba2c07000a5f019c45c5f24bacfb19405503fcc5986becfed89b085fa3944fa64c351c445890905634965b38c00b1ec02adc0fac973f0a7eb52057a4b8718fbb83e84d0f74c97867de85735cb2afa28f26a8ccb2ecb321cb69a0e59f92b3802e3294f49afc13d9603c2618e75f03d9bf155e43fa307b912b278220f9f2486f961cd6f4a44340265ebdcfc6894a08b571f1818bb38cfcb1842a99233df399f3b622a1190ed9b14450e172341c04e7f717e7513fb51e23e95569b2719af3764abff37fbee4258e62b80b0fb59c1ea9c72ccabc23291239a28c5cc4188b9abfbf37df977ed2b8d39533953da1135ce0a99892a7a9cc81146f04b5aa80c1b0231ecb6df6bebad867138b4dc4934d50bfaa8ebef4d4edb35da867902e6184c569ac9ba815cbc2b70d4101632bb5c625e271c44f1436a7afb3a77220e58484c3c17f5e5a965a37d68365c98683aa216e424237281e8b85c17948e74844ae37458ba809a97ead0b70083fea120c960a74a1dc35202826bf096e9d46a99487e81e887c9f0add38810975071f98bb511662320fee2b7568be655db7bf80893dd8acf300860aa087d78a3260dc17b83552d104ecc3cc2443920c54110aa458ccfb28f3f5f760cd21db8665a78cef9b7bb168c1f5a2e2fd05c4682dca3d9d0840aa8904fa021a3cc8d701f6355a05d9af8668333aa21e0f4593ff778fbb19924918eb155dd284839d27dc5f42cf5e3d85110d0060ba2d99e4b58cdac4875eae6f7d1b290a348ab325d78784ec0eaf96ee17b33033ad1c379eaa94cc9e4b4ed724bf29268d56675c20ddd0aa831b48d49fb01f51cc2693477062bb82829dcab65de548fbfefd64301f96e5c2158eac3b8f5a335eccfe0da54446765d0717851a6b399fc347296a3d6d7f5099c5d1dc05cc47f43d48a77c1989cfc014f3bd40f0600a88f2ee93d67984dc87dec59544f4e5ef874e82262ed752738aabfeca7dfd58c80651321f58c0be3fa6e5b44d31bc3f2bfe01b30b56a4c852571891ce0f10956dfad7571179d6a248058e8c870d63918bb33e76ec83a5ef55d3b27b60f32917a31f5cea5d44381d1f4544c8702d4eaf4effe32c4524c339bb4bc5b4ac81d0d7798758bf533aeb7d0a44ef92d097134b8d26e255d4f0addd37102a1148d2c82288d7736713459a0a577d29ff3388efea80a0d3bf20fe1028a2f240af38c6c9964fd33e1d391c510148c9ce0ed0625d03ada5f38abcf1381dd2f38d2aa6bd0dbf54c3e0fa7413d968fb53b85f6b433be1911c1188973da0e41c32f70be5b760899008749ba33ed651605226de7a40eb11cf4cca2916b162ff4656d0c50edaf22c2a7b30582ba5dbe2c37bc99511d71307cc69e28653487e80c7ae432c5ee2b8a55eb47ba1bde88e25d1c75f38298a6126f7a009c68387e19508a6bc4e0c114b3c3d7eb3c5808c0a7d7988348f9218297be8a80c20b78187ca2973574e6cc9f94ad742f4db8c1245"}]}, 0x5f4}, 0x1, 0x0, 0x0, 0x4}, 0x40008001)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000002380)={'wg2\x00', <r7=>0x0})
sendmsg$auto_NL80211_CMD_SET_POWER_SAVE288(r4, &(0x7f0000002600)={&(0x7f0000002340)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000025c0)={&(0x7f00000023c0)=ANY=[@ANYBLOB="9c010000", @ANYRES16=r6, @ANYBLOB="000126bd7000fbdbdf253d0000000800b7000500000008000a010300000008001400080000000800a4000400000008000300", @ANYRES32=r7, @ANYBLOB="0400dd0008000300", @ANYRES32=0x0, @ANYBLOB="9a0021003a9369627113080d6816010e5891a9a6784039266ee7a76e5abe3fa9734e977d1267752007bac243c907dd5683cb00e290df4dc562fd0f873336500c4b7db55eed80c95e00022d8418c14e4f20d068286ea25e34fce6ec0ad2b1b6080026c7258c9d2de79cde77c966ff1c0171f577eeda1e50a7e4e7ff0db680ecf703dbf0a52605344b764e5408b9c665a3eb7133121c7f08be103f0000b0003c01751180ee24560ed469b81849499275d230c86c59cd69ec3f070e37a061f428d2b00cc4355d642bb9b87813a54efefb5214eeac792c852c21b7f3e52c7ecf3aa2fad1ba98d621973c5b64c02e74f7f90775b53b868738ce67d9c57ab2e8c057ac5f5610dc4bc3dbd40a85de1615560efc2f71c2d0a785cfa7e125d8889973937b968d213cbea2bb21ce7b085ff0e189681cca9d03470cb24d62fc954f560fa79e77751d5b298d618e00dff8b20800350105000000"], 0x19c}}, 0x8000)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'veth1_to_hsr\x00', <r8=>0x0})
sendmsg$auto_NETDEV_CMD_QUEUE_GET174(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x2c, r1, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r7}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r8}, @NETDEV_A_QUEUE_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x4040000)
get_mempolicy$auto(0x0, 0x2a0, 0x400000000005, 0x0, 0x0)
r9 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000000), r0)
sendmsg$auto_OVS_FLOW_CMD_DEL386(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="01002abd7000fedbdf250200000004"], 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000)
executing program 0:
close_range$auto(0x0, 0xfffffffffffff002, 0x0)
socket(0xa, 0x801, 0x106)
setsockopt$auto(0x3, 0x0, 0x18, 0xe33, 0x0)
socket(0x2, 0x1, 0x0)
socket(0x11, 0x3, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x4000, 0x5c)
fcntl$auto(0xff80000000000000, 0x406, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000100), r1)
sendmsg$auto_NBD_CMD_DISCONNECT159(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)={0x1c, r2, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x695e}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4008000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/pid_for_children\x00')
syz_genetlink_get_family_id$auto_802_15_4_MAC(&(0x7f0000002780), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x801, 0x100)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
recvfrom$auto(0x5, 0x5634, 0xffffffff, 0x2, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000580), r3)
sendmsg$auto_ETHTOOL_MSG_PAUSE_GET49(r4, &(0x7f0000000640)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x1c, r5, 0x2, 0x70bd29, 0x25dfdbff, {}, [@ETHTOOL_A_PAUSE_STATS_SRC={0x8, 0x6, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x50)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001c00), 0xffffffffffffffff)
userfaultfd$auto(0x7)
r6 = socket(0x2, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000280)={'veth0_to_bond\x00'})
prlimit64$auto(0x7, 0x5f66, 0x0, 0xd)
socket(0x2, 0x3, 0x1)
timerfd_create$auto(0xffffffffffff934e, 0x7fbffffffffffffd)
r7 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$auto_OVS_METER_CMD_FEATURES391(r3, &(0x7f0000000500)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000480)={0x5c, r7, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@OVS_METER_ATTR_CLEAR={0x4}, @OVS_METER_ATTR_STATS={0x14, 0x3, "d7ea08d136dfae33c44b0f70845ffb2c"}, @OVS_METER_ATTR_BANDS={0x1d, 0x4, "91853bc23151e625da887ae2afb7e6fb4b0b0dd9d4900543f2"}, @OVS_METER_ATTR_MAX_METERS={0x8, 0x7, 0xffffffff}, @OVS_METER_ATTR_MAX_BANDS={0x8, 0x8, 0x853}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4800}, 0x40000)
executing program 1:
socket(0x2b, 0xa, 0x40001)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000)
semop$auto(0x8001, 0xd568, 0xe7)
clone$auto(0x3b46, 0x0, 0x2, 0x20000000000000, 0x1)
exit$auto(0x2)
socket$nl_generic(0x10, 0x3, 0x10)
executing program 3:
r0 = socket(0x26, 0x80805, 0x0)
syz_genetlink_get_family_id$auto_SMC_GEN_NETLINK(&(0x7f0000000040), r0)
socket(0x1e, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
clone3$auto(0x4, 0x101)
madvise$auto(0x0, 0x3, 0x15)
getsockname$auto(0x3, 0x6, 0xe)
socket(0x26, 0x80805, 0x0) (async)
syz_genetlink_get_family_id$auto_SMC_GEN_NETLINK(&(0x7f0000000040), r0) (async)
socket(0x1e, 0x2, 0x0) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async)
clone3$auto(0x4, 0x101) (async)
madvise$auto(0x0, 0x3, 0x15) (async)
getsockname$auto(0x3, 0x6, 0xe) (async)
executing program 2:
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0x0) (async)
getsockopt$auto(0x6, 0x8, 0x2, 0x1, 0x1f3)
executing program 2:
semop$auto(0x808801, 0x2000d568, 0x1)
setresuid$auto(0x80000000080, 0x201, 0x3)
futex_wake$auto(0x6, 0x6, 0x3, 0x1)
init_module$auto(0x0, 0xffffc, 0x4000000000000000)
mprotect$auto(0x20000000, 0x1, 0x6)
mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
mprotect$auto(0x1ffff000, 0x8007, 0x6)
waitid$auto(0x6, 0x5067, 0x3, 0x4, 0x0)
waitid$auto(0x0, 0xcc31, 0x7, 0x93, 0x3)
keyctl$auto(0x2000000000000012, 0x7fff, 0x5069, 0x1, 0x65c)
executing program 0:
socket(0xf, 0x3, 0x2)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0xd6d7, 0x15)
executing program 2:
mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
mmap$auto(0xf000, 0x8, 0x1000000003, 0x9b72, 0x2, 0x8000) (async)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
sendmsg$auto_NETDEV_CMD_NAPI_GET169(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x20084814) (async)
futex$auto(0x20000200, 0x7, 0x7, 0x4d79, 0x6d, 0x0) (async)
mmap$auto(0xf000, 0x8, 0x80001000000003, 0x1000000009b72, 0x8000000000000, 0x100008000) (async)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
msgctl$auto(0x81, 0x3, 0x3) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ppoll$auto(0x7fff, 0x9, 0x0, 0x0, 0x2) (async)
clone$auto(0x1000, 0x9, 0x10000200001, 0x3, 0x5) (async)
semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0)
close_range$auto(0x5, 0xf9, 0x10000000000008) (async)
lsetxattr$auto(0x0, 0x1, 0x8, 0x80000000fff, 0x1)
executing program 1:
socket(0x1d, 0x3, 0x1)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
fstatfs$auto(0x0, 0x57fdfff0)
clone$auto(0x1002, 0x9, 0x10000200001, 0x3, 0x9)
madvise$auto(0xfffffffffffffffd, 0x8000000000000003, 0x100000001)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
fstatfs$auto(0x8, 0x82f1)
socket(0x2, 0x5, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x3, 0x9)
shmat$auto(0x100000000, 0x100000000, 0xfffffffffffffffe)
sendmsg$auto_NL80211_CMD_ADD_LINK_STA205(0xffffffffffffffff, &(0x7f0000001100)={0x0, 0x0, 0x0}, 0x4001)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
open(&(0x7f0000004080)='./file0\x00', 0x40, 0x23)
madvise$auto(0x0, 0x80000001, 0x8)
executing program 0:
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x5, 0x2)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x3ff, 0x3)
ioperm$auto(0x2, 0x3, 0x1)
poll$auto(0xfbd, 0x0, 0x5)
io_uring_register$auto(0x100000001, 0x7, 0x5944, 0x1)
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0x2000000003, 0x0)
bpf$auto(0x9, 0x6, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_HANDSHAKE_CMD_ACCEPT72(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r2, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@HANDSHAKE_A_ACCEPT_HANDLER_CLASS={0x8, 0x2, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000004}, 0x40000d0)
sendmsg$auto_HANDSHAKE_CMD_DONE73(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x92952f3895c48d7}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x20, 0x70bd2b, 0x25dfdbfe, {}, [@HANDSHAKE_A_DONE_SOCKFD={0x8, 0x2, r0}, @HANDSHAKE_A_DONE_SOCKFD={0x8, 0x2, r0}, @HANDSHAKE_A_DONE_SOCKFD={0x8}, @HANDSHAKE_A_DONE_STATUS={0x8, 0x1, 0x2}, @HANDSHAKE_A_DONE_SOCKFD={0x8, 0x2, r0}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x89b1, &(0x7f0000000040)={'nicvf0\x00'})
executing program 1:
close_range$auto(0x375, 0xfffffffffffff000, 0x4d)
socket(0x10, 0x2, 0x0)
socket(0x2, 0x1, 0x0)
socket(0x1, 0x5, 0x0)
mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0xd806, 0x8000000000008000)
munmap$auto(0x1000000, 0x2000000c)
io_uring_setup$auto(0x6, 0x10)
faccessat2$auto(0x8e, 0x401, 0x4, 0x1000)
mmap$auto(0x0, 0xc, 0x1000000008, 0x13, 0x3, 0x8000)
executing program 3:
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
move_pages$auto(0x1, 0x2000000000003, 0xff, 0x0, 0x1, 0x8000000000000000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x0)
setsockopt$auto(0x4, 0x6, 0x12, 0x4807, 0x7ffffb)
executing program 0:
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0xa09b, 0x2, 0x0, 0x11, 0x3, 0x1)
clone$auto(0x81000005, 0x6, 0x8000, 0x40000000000006, 0x80000001)
mmap$auto(0xf000, 0x8, 0x1000000003, 0x9b72, 0x2, 0x8000)
utime$auto(0x9, 0x56f3)
futex$auto(0x88, 0x1, 0x7, 0x5000000000000000, 0xc, 0x1041)
mmap$auto(0xf000, 0x8, 0x1000000003, 0x9b72, 0x2, 0x8000)
prctl$auto(0x10000000017, 0x28, 0x4, 0x8000000156, 0x0)
getresuid$auto(0x9, 0x5, 0x1004)
executing program 1:
mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
pselect6$auto(0x7, 0x200, 0xfffffffffffffff7, 0x6, 0x8001, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x5, 0x2000000000002)
fanotify_mark$auto(0x400000000000, 0x101, 0x8040, 0x4, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/time_for_children\x00')
socket(0x2b, 0x1, 0x1)
socket(0x29, 0x2, 0x0)
getsockopt$auto(0x6, 0x8, 0x7, 0x401, 0xa)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x2, 0x5, 0x0)
sendmsg$auto_TIPC_NL_MEDIA_GET444(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x814}, 0x44000)
socket(0x18, 0x4, 0x1)
getsockopt$auto(0x6, 0x111, 0x7, 0x401, 0xa)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$auto(0x3, 0x10e, 0x2, 0xe33, 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
fallocate$auto(0x3, 0x12, 0x9, 0x3)
close_range$auto(0x2, 0x8000, 0x0)
executing program 1:
close_range$auto(0x0, 0xfffffffffffff002, 0x0)
socket(0x1, 0x5, 0x0)
mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000)
setsockopt$auto(0x3, 0x1, 0x3c, 0xe33, 0x300)
socket(0x2, 0x1, 0x0)
socket(0xa, 0x3, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f0000000800)='./file0\x00', 0x2040, 0x0)
fcntl$auto(0xff80000000000000, 0x406, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/pid_for_children\x00')
open(&(0x7f0000000080)='./file0\x00', 0x103402, 0xd7)
mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
pwrite64$auto(0x8, 0x7f, 0x3ff, 0x80000000)
executing program 0:
socket(0x2b, 0xa, 0x40001)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000)
semop$auto(0x8001, 0xd568, 0xe7)
clone$auto(0x3b46, 0x0, 0x2, 0x20000000000000, 0x1)
exit$auto(0x2)
socket$nl_generic(0x10, 0x3, 0x10)
executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioperm$auto(0x2, 0x3, 0x1) (async)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program did not crash
replaying the whole log did not cause a kernel crash
single: executing 1 programs separately with timeout 6m0s
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-socket$nl_generic-ioperm$auto-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioperm$auto(0x2, 0x3, 0x1) (async)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program crashed: KASAN: slab-use-after-free Read in shrinker_free
single: successfully extracted reproducer
found reproducer with 10 syscalls
minimizing guilty program
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-socket$nl_generic-ioperm$auto-clone$auto-syz_genetlink_get_family_id$auto_nfsd
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioperm$auto(0x2, 0x3, 0x1) (async)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-socket$nl_generic-ioperm$auto-clone$auto-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioperm$auto(0x2, 0x3, 0x1) (async)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioperm$auto(0x2, 0x3, 0x1) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-socket$nl_generic-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
socket$nl_generic(0x10, 0x3, 0x10) (async)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program crashed: KASAN: slab-use-after-free Read in shrinker_free
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program crashed: KASAN: slab-use-after-free Read in shrinker_free
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-clone$auto-syz_genetlink_get_family_id$auto_nfsd-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-clone$auto-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, 0x0, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, 0x0, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program crashed: KASAN: slab-use-after-free Read in shrinker_free
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
ioperm$auto(0x2, 0x3, 0x1)
r0 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r0, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r0, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
r1 = syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, 0x0, 0x4)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x4)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x4)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x14, r1, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}}, 0x4)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4) (async)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, 0x0, 0x4) (async)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x4) (async)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x4) (async)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x14, r1, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}}, 0x4) (async)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x2, 0x3, 0x1)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)
clone$auto(0xffff, 0x7, 0xfffffffffffffeff, 0x401, 0xffff) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET201(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x711}, @NFSD_A_SERVER_SCOPE={0xa, 0x4, 'veth0\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10001}]}, 0x30}}, 0x4)

program did not crash
extracting C reproducer
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
program crashed: KASAN: slab-use-after-free Read in shrinker_free
simplifying C reproducer
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
program crashed: no output from test machine
a never seen crash title: no output from test machine, ignore
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
program crashed: no output from test machine
a never seen crash title: no output from test machine, ignore
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
program crashed: KASAN: slab-use-after-free Read in shrinker_free
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
program crashed: no output from test machine
a never seen crash title: no output from test machine, ignore
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
program crashed: no output from test machine
a never seen crash title: no output from test machine, ignore
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
program crashed: no output from test machine
a never seen crash title: no output from test machine, ignore
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:false Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-ioperm$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201-clone$auto-syz_genetlink_get_family_id$auto_nfsd-sendmsg$auto_NFSD_CMD_THREADS_SET201
program crashed: no output from test machine
a never seen crash title: no output from test machine, ignore
reproducing took 3h8m35.254918095s
repro crashed as (corrupted=false):
svc: failed to register nfsdv3 RPC service (errno 512).
svc: failed to register nfsaclv3 RPC service (errno 512).
==================================================================
BUG: KASAN: slab-use-after-free in shrinker_free+0x3b7/0x430 mm/shrinker.c:775
Read of size 4 at addr ffff888022ab1e1c by task syz-executor209/5378

CPU: 1 UID: 0 PID: 5378 Comm: syz-executor209 Not tainted 6.11.0-rc7-syzkaller-00145-g57719771a244 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:93 [inline]
 dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:119
 print_address_description mm/kasan/report.c:377 [inline]
 print_report+0xc3/0x620 mm/kasan/report.c:488
 kasan_report+0xd9/0x110 mm/kasan/report.c:601
 shrinker_free+0x3b7/0x430 mm/shrinker.c:775
 nfsd_file_cache_shutdown+0xbc/0x480 fs/nfsd/filecache.c:891
 nfsd_shutdown_generic fs/nfsd/nfssvc.c:329 [inline]
 nfsd_shutdown_generic fs/nfsd/nfssvc.c:323 [inline]
 nfsd_startup_net fs/nfsd/nfssvc.c:444 [inline]
 nfsd_svc+0x6d4/0x970 fs/nfsd/nfssvc.c:817
 nfsd_nl_threads_set_doit+0x52c/0xbc0 fs/nfsd/nfsctl.c:1714
 genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115
 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
 genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210
 netlink_rcv_skb+0x165/0x410 net/netlink/af_netlink.c:2550
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
 netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1357
 netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1901
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg net/socket.c:745 [inline]
 ____sys_sendmsg+0x9b4/0xb50 net/socket.c:2597
 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2651
 __sys_sendmsg+0x117/0x1f0 net/socket.c:2680
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f8e7a41daf9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 1d 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f8e7a36c158 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f8e7a4a0438 RCX: 00007f8e7a41daf9
RDX: 0000000000000004 RSI: 0000000020000280 RDI: 0000000000000003
RBP: 00007f8e7a4a0430 R08: 0000000000000008 R09: 0000000000000000
R10: 0000000000000003 R11: 0000000000000246 R12: 00007f8e7a4a043c
R13: 000000000000006e R14: 00007fffcd164cf0 R15: 00007fffcd164dd8
 </TASK>

Allocated by task 5370:
 kasan_save_stack+0x33/0x60 mm/kasan/common.c:47
 kasan_save_track+0x14/0x30 mm/kasan/common.c:68
 poison_kmalloc_redzone mm/kasan/common.c:370 [inline]
 __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:387
 kmalloc_noprof include/linux/slab.h:681 [inline]
 kzalloc_noprof include/linux/slab.h:807 [inline]
 shrinker_alloc+0xf8/0xb00 mm/shrinker.c:683
 nfsd_file_cache_init+0x152/0x450 fs/nfsd/filecache.c:743
 nfsd_startup_generic fs/nfsd/nfssvc.c:307 [inline]
 nfsd_startup_net fs/nfsd/nfssvc.c:402 [inline]
 nfsd_svc+0x542/0x970 fs/nfsd/nfssvc.c:817
 nfsd_nl_threads_set_doit+0x52c/0xbc0 fs/nfsd/nfsctl.c:1714
 genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115
 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
 genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210
 netlink_rcv_skb+0x165/0x410 net/netlink/af_netlink.c:2550
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
 netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1357
 netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1901
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg net/socket.c:745 [inline]
 ____sys_sendmsg+0x9b4/0xb50 net/socket.c:2597
 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2651
 __sys_sendmsg+0x117/0x1f0 net/socket.c:2680
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Freed by task 0:
 kasan_save_stack+0x33/0x60 mm/kasan/common.c:47
 kasan_save_track+0x14/0x30 mm/kasan/common.c:68
 kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:579
 poison_slab_object+0xf7/0x160 mm/kasan/common.c:240
 __kasan_slab_free+0x32/0x50 mm/kasan/common.c:256
 kasan_slab_free include/linux/kasan.h:184 [inline]
 slab_free_hook mm/slub.c:2256 [inline]
 slab_free mm/slub.c:4477 [inline]
 kfree+0x12a/0x3b0 mm/slub.c:4598
 rcu_do_batch kernel/rcu/tree.c:2569 [inline]
 rcu_core+0x828/0x16b0 kernel/rcu/tree.c:2843
 handle_softirqs+0x216/0x8f0 kernel/softirq.c:554
 __do_softirq kernel/softirq.c:588 [inline]
 invoke_softirq kernel/softirq.c:428 [inline]
 __irq_exit_rcu kernel/softirq.c:637 [inline]
 irq_exit_rcu+0xbb/0x120 kernel/softirq.c:649
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]
 sysvec_apic_timer_interrupt+0x95/0xb0 arch/x86/kernel/apic/apic.c:1043
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702

Last potentially related work creation:
 kasan_save_stack+0x33/0x60 mm/kasan/common.c:47
 __kasan_record_aux_stack+0xba/0xd0 mm/kasan/generic.c:541
 __call_rcu_common.constprop.0+0x9a/0x790 kernel/rcu/tree.c:3106
 shrinker_free+0xfe/0x430 mm/shrinker.c:807
 nfsd_file_cache_shutdown+0xbc/0x480 fs/nfsd/filecache.c:891
 nfsd_shutdown_generic fs/nfsd/nfssvc.c:329 [inline]
 nfsd_shutdown_generic fs/nfsd/nfssvc.c:323 [inline]
 nfsd_startup_net fs/nfsd/nfssvc.c:444 [inline]
 nfsd_svc+0x6d4/0x970 fs/nfsd/nfssvc.c:817
 nfsd_nl_threads_set_doit+0x52c/0xbc0 fs/nfsd/nfsctl.c:1714
 genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115
 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
 genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210
 netlink_rcv_skb+0x165/0x410 net/netlink/af_netlink.c:2550
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
 netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1357
 netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1901
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg net/socket.c:745 [inline]
 ____sys_sendmsg+0x9b4/0xb50 net/socket.c:2597
 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2651
 __sys_sendmsg+0x117/0x1f0 net/socket.c:2680
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

The buggy address belongs to the object at ffff888022ab1e00
 which belongs to the cache kmalloc-192 of size 192
The buggy address is located 28 bytes inside of
 freed 192-byte region [ffff888022ab1e00, ffff888022ab1ec0)

The buggy address belongs to the physical page:
page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x22ab1
flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
page_type: 0xfdffffff(slab)
raw: 00fff00000000000 ffff88801ac413c0 ffffea000076d740 dead000000000004
raw: 0000000000000000 0000000000100010 00000001fdffffff 0000000000000000
page dumped because: kasan: bad access detected
page_owner tracks the page as allocated
page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 4363825191, free_ts 0
 set_page_owner include/linux/page_owner.h:32 [inline]
 post_alloc_hook+0x2d1/0x350 mm/page_alloc.c:1500
 prep_new_page mm/page_alloc.c:1508 [inline]
 get_page_from_freelist+0x1351/0x2e50 mm/page_alloc.c:3446
 __alloc_pages_noprof+0x22b/0x2460 mm/page_alloc.c:4702
 __alloc_pages_node_noprof include/linux/gfp.h:269 [inline]
 alloc_pages_node_noprof include/linux/gfp.h:296 [inline]
 alloc_slab_page+0x4e/0xf0 mm/slub.c:2325
 allocate_slab mm/slub.c:2488 [inline]
 new_slab+0x84/0x260 mm/slub.c:2541
 ___slab_alloc+0xdac/0x1870 mm/slub.c:3727
 __slab_alloc.constprop.0+0x56/0xb0 mm/slub.c:3817
 __slab_alloc_node mm/slub.c:3870 [inline]
 slab_alloc_node mm/slub.c:4029 [inline]
 __kmalloc_cache_noprof+0x2c5/0x310 mm/slub.c:4188
 kmalloc_noprof include/linux/slab.h:681 [inline]
 kzalloc_noprof include/linux/slab.h:807 [inline]
 call_usermodehelper_setup+0x9a/0x340 kernel/umh.c:363
 kobject_uevent_env+0xde3/0x1670 lib/kobject_uevent.c:628
 device_add+0x10e0/0x1a70 drivers/base/core.c:3663
 wakeup_source_device_create+0x214/0x2a0 drivers/base/power/wakeup_stats.c:161
 wakeup_source_sysfs_add+0x1c/0x90 drivers/base/power/wakeup_stats.c:181
 wakeup_source_register+0xaa/0x140 drivers/base/power/wakeup.c:223
 acpi_add_pm_notifier+0x12e/0x270 drivers/acpi/device_pm.c:589
 acpi_pci_root_add+0x45f/0xa90 drivers/acpi/pci_root.c:741
page_owner free stack trace missing

Memory state around the buggy address:
 ffff888022ab1d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 ffff888022ab1d80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
>ffff888022ab1e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
                            ^
 ffff888022ab1e80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
 ffff888022ab1f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
==================================================================

final repro crashed as (corrupted=false):
svc: failed to register nfsdv3 RPC service (errno 512).
svc: failed to register nfsaclv3 RPC service (errno 512).
==================================================================
BUG: KASAN: slab-use-after-free in shrinker_free+0x3b7/0x430 mm/shrinker.c:775
Read of size 4 at addr ffff888022ab1e1c by task syz-executor209/5378

CPU: 1 UID: 0 PID: 5378 Comm: syz-executor209 Not tainted 6.11.0-rc7-syzkaller-00145-g57719771a244 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:93 [inline]
 dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:119
 print_address_description mm/kasan/report.c:377 [inline]
 print_report+0xc3/0x620 mm/kasan/report.c:488
 kasan_report+0xd9/0x110 mm/kasan/report.c:601
 shrinker_free+0x3b7/0x430 mm/shrinker.c:775
 nfsd_file_cache_shutdown+0xbc/0x480 fs/nfsd/filecache.c:891
 nfsd_shutdown_generic fs/nfsd/nfssvc.c:329 [inline]
 nfsd_shutdown_generic fs/nfsd/nfssvc.c:323 [inline]
 nfsd_startup_net fs/nfsd/nfssvc.c:444 [inline]
 nfsd_svc+0x6d4/0x970 fs/nfsd/nfssvc.c:817
 nfsd_nl_threads_set_doit+0x52c/0xbc0 fs/nfsd/nfsctl.c:1714
 genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115
 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
 genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210
 netlink_rcv_skb+0x165/0x410 net/netlink/af_netlink.c:2550
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
 netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1357
 netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1901
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg net/socket.c:745 [inline]
 ____sys_sendmsg+0x9b4/0xb50 net/socket.c:2597
 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2651
 __sys_sendmsg+0x117/0x1f0 net/socket.c:2680
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f8e7a41daf9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 1d 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f8e7a36c158 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f8e7a4a0438 RCX: 00007f8e7a41daf9
RDX: 0000000000000004 RSI: 0000000020000280 RDI: 0000000000000003
RBP: 00007f8e7a4a0430 R08: 0000000000000008 R09: 0000000000000000
R10: 0000000000000003 R11: 0000000000000246 R12: 00007f8e7a4a043c
R13: 000000000000006e R14: 00007fffcd164cf0 R15: 00007fffcd164dd8
 </TASK>

Allocated by task 5370:
 kasan_save_stack+0x33/0x60 mm/kasan/common.c:47
 kasan_save_track+0x14/0x30 mm/kasan/common.c:68
 poison_kmalloc_redzone mm/kasan/common.c:370 [inline]
 __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:387
 kmalloc_noprof include/linux/slab.h:681 [inline]
 kzalloc_noprof include/linux/slab.h:807 [inline]
 shrinker_alloc+0xf8/0xb00 mm/shrinker.c:683
 nfsd_file_cache_init+0x152/0x450 fs/nfsd/filecache.c:743
 nfsd_startup_generic fs/nfsd/nfssvc.c:307 [inline]
 nfsd_startup_net fs/nfsd/nfssvc.c:402 [inline]
 nfsd_svc+0x542/0x970 fs/nfsd/nfssvc.c:817
 nfsd_nl_threads_set_doit+0x52c/0xbc0 fs/nfsd/nfsctl.c:1714
 genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115
 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
 genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210
 netlink_rcv_skb+0x165/0x410 net/netlink/af_netlink.c:2550
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
 netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1357
 netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1901
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg net/socket.c:745 [inline]
 ____sys_sendmsg+0x9b4/0xb50 net/socket.c:2597
 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2651
 __sys_sendmsg+0x117/0x1f0 net/socket.c:2680
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Freed by task 0:
 kasan_save_stack+0x33/0x60 mm/kasan/common.c:47
 kasan_save_track+0x14/0x30 mm/kasan/common.c:68
 kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:579
 poison_slab_object+0xf7/0x160 mm/kasan/common.c:240
 __kasan_slab_free+0x32/0x50 mm/kasan/common.c:256
 kasan_slab_free include/linux/kasan.h:184 [inline]
 slab_free_hook mm/slub.c:2256 [inline]
 slab_free mm/slub.c:4477 [inline]
 kfree+0x12a/0x3b0 mm/slub.c:4598
 rcu_do_batch kernel/rcu/tree.c:2569 [inline]
 rcu_core+0x828/0x16b0 kernel/rcu/tree.c:2843
 handle_softirqs+0x216/0x8f0 kernel/softirq.c:554
 __do_softirq kernel/softirq.c:588 [inline]
 invoke_softirq kernel/softirq.c:428 [inline]
 __irq_exit_rcu kernel/softirq.c:637 [inline]
 irq_exit_rcu+0xbb/0x120 kernel/softirq.c:649
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]
 sysvec_apic_timer_interrupt+0x95/0xb0 arch/x86/kernel/apic/apic.c:1043
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702

Last potentially related work creation:
 kasan_save_stack+0x33/0x60 mm/kasan/common.c:47
 __kasan_record_aux_stack+0xba/0xd0 mm/kasan/generic.c:541
 __call_rcu_common.constprop.0+0x9a/0x790 kernel/rcu/tree.c:3106
 shrinker_free+0xfe/0x430 mm/shrinker.c:807
 nfsd_file_cache_shutdown+0xbc/0x480 fs/nfsd/filecache.c:891
 nfsd_shutdown_generic fs/nfsd/nfssvc.c:329 [inline]
 nfsd_shutdown_generic fs/nfsd/nfssvc.c:323 [inline]
 nfsd_startup_net fs/nfsd/nfssvc.c:444 [inline]
 nfsd_svc+0x6d4/0x970 fs/nfsd/nfssvc.c:817
 nfsd_nl_threads_set_doit+0x52c/0xbc0 fs/nfsd/nfsctl.c:1714
 genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115
 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
 genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210
 netlink_rcv_skb+0x165/0x410 net/netlink/af_netlink.c:2550
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
 netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1357
 netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1901
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg net/socket.c:745 [inline]
 ____sys_sendmsg+0x9b4/0xb50 net/socket.c:2597
 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2651
 __sys_sendmsg+0x117/0x1f0 net/socket.c:2680
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

The buggy address belongs to the object at ffff888022ab1e00
 which belongs to the cache kmalloc-192 of size 192
The buggy address is located 28 bytes inside of
 freed 192-byte region [ffff888022ab1e00, ffff888022ab1ec0)

The buggy address belongs to the physical page:
page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x22ab1
flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
page_type: 0xfdffffff(slab)
raw: 00fff00000000000 ffff88801ac413c0 ffffea000076d740 dead000000000004
raw: 0000000000000000 0000000000100010 00000001fdffffff 0000000000000000
page dumped because: kasan: bad access detected
page_owner tracks the page as allocated
page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 4363825191, free_ts 0
 set_page_owner include/linux/page_owner.h:32 [inline]
 post_alloc_hook+0x2d1/0x350 mm/page_alloc.c:1500
 prep_new_page mm/page_alloc.c:1508 [inline]
 get_page_from_freelist+0x1351/0x2e50 mm/page_alloc.c:3446
 __alloc_pages_noprof+0x22b/0x2460 mm/page_alloc.c:4702
 __alloc_pages_node_noprof include/linux/gfp.h:269 [inline]
 alloc_pages_node_noprof include/linux/gfp.h:296 [inline]
 alloc_slab_page+0x4e/0xf0 mm/slub.c:2325
 allocate_slab mm/slub.c:2488 [inline]
 new_slab+0x84/0x260 mm/slub.c:2541
 ___slab_alloc+0xdac/0x1870 mm/slub.c:3727
 __slab_alloc.constprop.0+0x56/0xb0 mm/slub.c:3817
 __slab_alloc_node mm/slub.c:3870 [inline]
 slab_alloc_node mm/slub.c:4029 [inline]
 __kmalloc_cache_noprof+0x2c5/0x310 mm/slub.c:4188
 kmalloc_noprof include/linux/slab.h:681 [inline]
 kzalloc_noprof include/linux/slab.h:807 [inline]
 call_usermodehelper_setup+0x9a/0x340 kernel/umh.c:363
 kobject_uevent_env+0xde3/0x1670 lib/kobject_uevent.c:628
 device_add+0x10e0/0x1a70 drivers/base/core.c:3663
 wakeup_source_device_create+0x214/0x2a0 drivers/base/power/wakeup_stats.c:161
 wakeup_source_sysfs_add+0x1c/0x90 drivers/base/power/wakeup_stats.c:181
 wakeup_source_register+0xaa/0x140 drivers/base/power/wakeup.c:223
 acpi_add_pm_notifier+0x12e/0x270 drivers/acpi/device_pm.c:589
 acpi_pci_root_add+0x45f/0xa90 drivers/acpi/pci_root.c:741
page_owner free stack trace missing

Memory state around the buggy address:
 ffff888022ab1d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 ffff888022ab1d80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
>ffff888022ab1e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
                            ^
 ffff888022ab1e80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
 ffff888022ab1f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
==================================================================