Extracting prog: 1h12m55.905176798s
Minimizing prog: 2h52m14.929098758s
Simplifying prog options: 12m21.578453162s
Extracting C: 5m15.335329001s
Simplifying C: 0s


extracting reproducer from 70 programs
testing a last program of every proc
single: executing 20 programs separately with timeout 6m0s
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_kvm_setup_cpu$x86-ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER-prlimit64-sched_setscheduler-sendmsg$nl_route-prctl$PR_SCHED_CORE-accept4$packet-setsockopt$packet_rx_ring-socket$packet-setsockopt$packet_fanout-setsockopt$packet_fanout_data-syz_emit_ethernet-ioctl$DRM_IOCTL_GET_CLIENT-prlimit64-sched_setaffinity-syz_open_dev$MSR-read$msr-syz_create_resource$binfmt-setsockopt$IPT_SO_SET_REPLACE-socket$inet_udp-setsockopt$SO_TIMESTAMPING-bind$inet-connect$inet-add_key$keyring-sendmmsg
detailed listing:
executing program 0:
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x61, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x2)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x40000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = accept4$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14, 0x80000)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000100)=@req={0x1, 0xc00, 0xfffffffa, 0xfffffff9}, 0x10)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6, 0x0, 0x5, 0x12e}]}, 0x10)
syz_emit_ethernet(0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa86dd000000002300000000000002ff860090780000040018ec8b28000000000305bd3e6d4706598080a80300378927fc503b87aafaffffffffffffff23732472eefa45ad96579200"/95], 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000180)={0x3, 0x21, {<r2=>0x0}, {0xee00}, 0x5, 0xe46})
prlimit64(r2, 0x9, 0x0, &(0x7f0000000280))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019bc0)=""/102400, 0x19000)
syz_create_resource$binfmt(0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000040)=0x7bb3, 0x4)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x2000, @local}, 0x10)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10)
add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x2}, 0x0, 0x0, 0x0)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x60000000)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_init_net_socket$nl_generic-syz_genetlink_get_family_id$nl802154-syz_init_net_socket$nl_generic-ioctl$sock_SIOCGIFINDEX_802154-sendmsg$NL802154_CMD_NEW_SEC_LEVEL
detailed listing:
executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000d40)={'wpan0\x00', <r3=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r0, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd7200fbdbdf252000000008000300", @ANYRES32=r3, @ANYBLOB="2c002d8005000100020000000800020002000000050004"], 0x48}, 0x1, 0x1000000, 0x0, 0x20008044}, 0x4080)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): signalfd-mkdir-close-inotify_init1-fcntl$setstatus-gettid-fcntl$setown-fcntl$setsig-rt_sigprocmask-rt_sigtimedwait-inotify_add_watch-rmdir
detailed listing:
executing program 0:
r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
mkdir(&(0x7f0000000140)='./control\x00', 0x0)
close(r0)
r1 = inotify_init1(0x800)
fcntl$setstatus(r0, 0x4, 0x2c00)
r2 = gettid()
fcntl$setown(r0, 0x8, r2)
fcntl$setsig(r1, 0xa, 0xe)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8)
inotify_add_watch(r1, &(0x7f0000000180)='./control\x00', 0xa4000960)
rmdir(0x0)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-getpid-sched_setscheduler-socketpair$unix-connect$unix-sendmmsg$unix-recvmmsg-sched_setscheduler-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-syz_open_dev$dri-timer_create-openat$cgroup_root-write$cgroup_subtree-ioctl$sock_SIOCGIFCONF-sendmsg$NL802154_CMD_NEW_INTERFACE-mremap-ioctl$KVM_SET_USER_MEMORY_REGION-setrlimit-socket$netlink-bind$netlink-socket$nl_route-sendmsg$nl_route_sched-madvise-socket$nl_generic-syz_genetlink_get_family_id$ipvs-sendmsg$IPVS_CMD_ZERO
detailed listing:
executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
syz_open_dev$dri(0x0, 0x1, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x3, 0x800000000004}, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x27)
ioctl$sock_SIOCGIFCONF(r2, 0x8912, &(0x7f00000003c0)=@buf)
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48801}, 0x800)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
setrlimit(0x4, &(0x7f00000000c0)={0x6, 0x5})
r4 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001840)=@newtaction={0x13, 0x30, 0x25, 0x0, 0x0, {}, [{0xe94, 0x1, [@m_pedit={0xe90, 0x1, 0x0, 0x0, {{0xa}, {0xe64, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x3}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x40}, {}, {}, {}, {0x0, 0x2}, {}, {}, {0x80000000, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xf}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x1ff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xffffffff}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xcc1}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}]}}, @TCA_PEDIT_KEYS_EX={0x40, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xea8}}, 0x0)
madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x15)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_ZERO(r6, 0x0, 0x0)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): pipe-sendmsg$nl_route_sched-sendmsg$nl_route-socket$inet_udp-close-socket$inet6_sctp-ioctl$SNDRV_CTL_IOCTL_ELEM_READ-getsockopt$inet_sctp6_SCTP_MAX_BURST-socket$nl_route-write$binfmt_misc-splice
detailed listing:
executing program 0:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x0, 0x0, 0x0, {}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_INTERVAL={0x8, 0x3, 0x6}]}}]}, 0x3c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r1, 0xc4c85512, &(0x7f0000000240)={{0x9, 0x6, 0x4, 0x8001, 'syz1\x00', 0x8}, 0x1, [0xda0e, 0x40, 0xf00, 0xffff, 0x4, 0x800, 0x4, 0x8, 0xc00, 0xb, 0x6, 0x0, 0xffff, 0x7, 0x1c0000000, 0x2f84954f, 0x7ef87070, 0x3, 0xd, 0x9, 0x1000, 0x4, 0x8000, 0x6, 0x7, 0x4, 0x1000, 0x5, 0x8, 0x448f, 0x3, 0xffffffff, 0x0, 0x4248a6a1, 0x2, 0x401, 0xdb51, 0x3, 0x10000, 0x3, 0xffffffffffffffff, 0x401, 0x81, 0x4df64747, 0x4, 0x4, 0x6, 0x4, 0x80, 0x9, 0x2, 0x7, 0x1ec0, 0x79f8, 0x7f, 0x4, 0x4, 0xffffffff, 0xffffffff, 0x5, 0x8, 0xf, 0x1, 0x0, 0x0, 0x1, 0x8, 0xe4e3, 0x8, 0x363c6031, 0xfffffffffffffd2a, 0xfffffffffffffffe, 0x100000000, 0x6, 0x56, 0x80000001, 0x2, 0xd906, 0x0, 0x1, 0x0, 0x8, 0xffffffff, 0x4, 0x1, 0x3, 0x0, 0x8000000000000000, 0xdb, 0x1, 0x60, 0x3, 0x2, 0x800, 0x100000001, 0x7, 0x4, 0x8, 0xd8, 0x9, 0x1, 0x3, 0x8000, 0x101, 0x8, 0x4, 0x9, 0x9, 0x2, 0x1, 0x3fffffffc000, 0x8, 0x5f, 0x6, 0x6c8, 0x8, 0x6, 0x5, 0x0, 0x7, 0x6, 0x1, 0x3, 0x2d6, 0x7f, 0x35fb, 0x7b6, 0x4]})
getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x85, 0x0, &(0x7f0000000140))
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-sendmsg$nl_generic-openat$kvm-syz_io_uring_setup-syz_usb_connect$hid-syz_open_dev$hiddev-openat$mice-epoll_create1-mremap-openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-memfd_create-ioctl$KVM_RUN-mremap-ioctl$KVM_SET_CLOCK-epoll_ctl$EPOLL_CTL_ADD-write$tun-ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES-ioctl$KVM_CREATE_VM-bpf$PROG_LOAD-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-dup-ioctl$KVM_SET_VCPU_EVENTS-ioctl$KVM_SET_VAPIC_ADDR-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f00000004c0)={0x14, 0x25, 0x1, 0x70bd2b, 0x25dfdbfc, {0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x4814}, 0x14)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_io_uring_setup(0x31e7, &(0x7f0000000280)={0x0, 0xbd30, 0x2000, 0x0, 0x1f6}, 0x0, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES64], 0x0)
syz_open_dev$hiddev(0x0, 0x0, 0x0)
r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x801)
r3 = epoll_create1(0x0)
mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x4000, 0x4, &(0x7f0000ffb000/0x4000)=nil)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x4b, 0x71, 0x0, 0x0)
memfd_create(&(0x7f0000000380)='@&)#\n*)\\\x00\x9f\xfd\')\xca\xfd\xe0\x94\x88Yp`+i7jE\xd3\xba\xda\xeb\x9c\x9fr\x0e\xd0V<\x81\xe4H\xa0\x9aZ\x00\xad:j7\xe9\xcf\x83\xf8w1\xe0\b\x16y\x1e\xc9\x8d\xa5V\x96\xc8\x83\x89\xaeS \xe7B\xc5\x8aP\xeer\xc9y0f.!7\xb0\xe3xh\x99\x01\xf2\xa9\xba\x80\xb4Z\\Y\xd7\x1f$', 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4188aec6, &(0x7f0000000040)={0x3, 0x8, 0xfffffffd, 0x95d})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f00000000c0)={0x10000009})
write$tun(r2, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x90009427, &(0x7f0000000180))
r7 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x5f, '\x00', 0x0, @lirc_mode2=0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000200)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r9 = dup(r8)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4400ae8f, &(0x7f0000000040)=@x86={0x9, 0x40, 0x7, 0x0, 0x80000000, 0x7d, 0xf9, 0x8, 0x6, 0x3, 0x5, 0x40, 0x0, 0x3ff, 0x7, 0xba, 0x1e, 0xc, 0x0, '\x00', 0x5, 0x6})
ioctl$KVM_SET_VAPIC_ADDR(r9, 0x4008ae93, &(0x7f00000000c0)=0xffff)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_generic-sendmsg$nl_generic-openat$kvm-syz_io_uring_setup-syz_usb_connect$hid-syz_open_dev$hiddev-openat$mice-epoll_create1-mremap-openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-memfd_create-ioctl$KVM_RUN-mremap-ioctl$KVM_SET_CLOCK-epoll_ctl$EPOLL_CTL_ADD-write$tun-ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES-ioctl$KVM_CREATE_VM-bpf$PROG_LOAD-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-dup-ioctl$KVM_SET_VCPU_EVENTS-ioctl$KVM_SET_VAPIC_ADDR-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f00000004c0)={0x14, 0x25, 0x1, 0x70bd2b, 0x25dfdbfc, {0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x4814}, 0x14)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_io_uring_setup(0x31e7, &(0x7f0000000280)={0x0, 0xbd30, 0x2000, 0x0, 0x1f6}, 0x0, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES64], 0x0)
syz_open_dev$hiddev(0x0, 0x0, 0x0)
r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x801)
r3 = epoll_create1(0x0)
mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x4000, 0x4, &(0x7f0000ffb000/0x4000)=nil)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x4b, 0x71, 0x0, 0x0)
memfd_create(&(0x7f0000000380)='@&)#\n*)\\\x00\x9f\xfd\')\xca\xfd\xe0\x94\x88Yp`+i7jE\xd3\xba\xda\xeb\x9c\x9fr\x0e\xd0V<\x81\xe4H\xa0\x9aZ\x00\xad:j7\xe9\xcf\x83\xf8w1\xe0\b\x16y\x1e\xc9\x8d\xa5V\x96\xc8\x83\x89\xaeS \xe7B\xc5\x8aP\xeer\xc9y0f.!7\xb0\xe3xh\x99\x01\xf2\xa9\xba\x80\xb4Z\\Y\xd7\x1f$', 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4188aec6, &(0x7f0000000040)={0x3, 0x8, 0xfffffffd, 0x95d})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f00000000c0)={0x10000009})
write$tun(r2, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x90009427, &(0x7f0000000180))
r7 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x5f, '\x00', 0x0, @lirc_mode2=0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000200)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r9 = dup(r8)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4400ae8f, &(0x7f0000000040)=@x86={0x9, 0x40, 0x7, 0x0, 0x80000000, 0x7d, 0xf9, 0x8, 0x6, 0x3, 0x5, 0x40, 0x0, 0x3ff, 0x7, 0xba, 0x1e, 0xc, 0x0, '\x00', 0x5, 0x6})
ioctl$KVM_SET_VAPIC_ADDR(r9, 0x4008ae93, &(0x7f00000000c0)=0xffff)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect$hid-syz_usb_control_io$hid-ioctl$KVM_SET_MSRS-socket$kcm-getsockname$packet-bpf$BPF_BTF_GET_FD_BY_ID-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-prlimit64-sched_setscheduler-getpid-sched_setscheduler-mmap-socketpair$unix-connect$unix-sendmmsg$unix-recvmmsg-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_NEW-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_NEW-socket$nl_generic-preadv-prctl$PR_SET_SYSCALL_USER_DISPATCH_ON-openat$cgroup_ro-socket$key-bpf$BPF_PROG_DETACH-socket$nl_generic-sendmsg$nl_generic-socket
detailed listing:
executing program 0:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000000404112155000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x0, [{0x0, 0x0, 0x6}, {0x987, 0x0, 0x800}]})
socket$kcm(0x21, 0x2, 0x2)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f00000001c0)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x6c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
preadv(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000001640)=""/4108, 0x100c}], 0x1, 0x3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x35, 0x1, 0x8, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socket$key(0xf, 0x3, 0x2)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x25, 0x301, 0x270bd24, 0x25dfdbfd, {0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
socket(0x10, 0x803, 0x0)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect$hid-syz_usb_control_io$hid-ioctl$KVM_SET_MSRS-socket$kcm-getsockname$packet-bpf$BPF_BTF_GET_FD_BY_ID-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-prlimit64-sched_setscheduler-getpid-sched_setscheduler-mmap-socketpair$unix-connect$unix-sendmmsg$unix-recvmmsg-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_NEW-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_NEW-socket$nl_generic-preadv-prctl$PR_SET_SYSCALL_USER_DISPATCH_ON-openat$cgroup_ro-socket$key-bpf$BPF_PROG_DETACH-socket$nl_generic-sendmsg$nl_generic-socket
detailed listing:
executing program 0:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000000404112155000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x0, [{0x0, 0x0, 0x6}, {0x987, 0x0, 0x800}]})
socket$kcm(0x21, 0x2, 0x2)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f00000001c0)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x6c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
preadv(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000001640)=""/4108, 0x100c}], 0x1, 0x3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x35, 0x1, 0x8, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socket$key(0xf, 0x3, 0x2)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x25, 0x301, 0x270bd24, 0x25dfdbfd, {0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
socket(0x10, 0x803, 0x0)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$packet-socket$packet-socket$nl_route-socket$inet6_tcp-ioctl$sock_SIOCGIFINDEX-syz_init_net_socket$nl_rdma-syz_usb_control_io-syz_open_dev$vim2m-ioctl$vim2m_VIDIOC_ENUM_FMT-writev-rseq-sched_setscheduler-prctl$PR_SCHED_CORE-sched_setaffinity-syz_open_dev$MSR-read$msr-rseq-bind$netlink-socket-shmget$private-syz_usb_connect
detailed listing:
executing program 0:
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0xa, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000015c0)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0xb173, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000040)={0x48, 0x1, 0x0, "b49e1b0400000000000000de424f5ab23870ecd4000000000000000000000800", 0x30395056})
writev(0xffffffffffffffff, 0x0, 0x0)
rseq(&(0x7f0000000040), 0x20, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
rseq(&(0x7f0000000080)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
socket(0x2a, 0x2, 0x0)
shmget$private(0x0, 0x9000, 0x0, &(0x7f0000ff7000/0x9000)=nil)
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x5b, 0xb2, 0xdb, 0x20, 0x5ac, 0x20f, 0xf526, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x13, 0xf, 0x2, 0x3, 0x27, 0x2, 0x0, [], [{{0x9, 0x5, 0x7, 0x18, 0x40, 0x10, 0x6, 0x5}}, {{0x9, 0x5, 0xb, 0x3, 0x10, 0x4, 0x81, 0x5}}]}}]}}]}}, 0x0)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$packet-socket$packet-socket$nl_route-socket$inet6_tcp-ioctl$sock_SIOCGIFINDEX-syz_init_net_socket$nl_rdma-syz_usb_control_io-syz_open_dev$vim2m-ioctl$vim2m_VIDIOC_ENUM_FMT-writev-rseq-sched_setscheduler-prctl$PR_SCHED_CORE-sched_setaffinity-syz_open_dev$MSR-read$msr-rseq-bind$netlink-socket-shmget$private-syz_usb_connect
detailed listing:
executing program 0:
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0xa, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000015c0)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0xb173, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000040)={0x48, 0x1, 0x0, "b49e1b0400000000000000de424f5ab23870ecd4000000000000000000000800", 0x30395056})
writev(0xffffffffffffffff, 0x0, 0x0)
rseq(&(0x7f0000000040), 0x20, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
rseq(&(0x7f0000000080)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
socket(0x2a, 0x2, 0x0)
shmget$private(0x0, 0x9000, 0x0, &(0x7f0000ff7000/0x9000)=nil)
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x5b, 0xb2, 0xdb, 0x20, 0x5ac, 0x20f, 0xf526, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x13, 0xf, 0x2, 0x3, 0x27, 0x2, 0x0, [], [{{0x9, 0x5, 0x7, 0x18, 0x40, 0x10, 0x6, 0x5}}, {{0x9, 0x5, 0xb, 0x3, 0x10, 0x4, 0x81, 0x5}}]}}]}}]}}, 0x0)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-prlimit64-sched_setscheduler-getpid-sched_setscheduler-mmap-fspick-fsconfig$FSCONFIG_CMD_CREATE-socketpair$unix-connect$unix-sendmmsg$unix-recvmmsg-socket$inet_tcp-setsockopt$EBT_SO_SET_ENTRIES-syz_open_procfs-pread64-ioctl$sock_SIOCGIFINDEX-sendmsg$nl_route-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0x1b, 0x20000038, r3)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r6 = fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r9, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0xfffffffffffffffd, 0x3, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000f8ffffff000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000f00c0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0400000000000182c20000000000000000000000b8000000b8000000e80000006970000000000000000000000000000000000000000000a823c565625b8d720020000000000000007f00004dab14140000000000000000000084200400000000000000000000000041554449540000bcb92dfff07fca0000004600f58f5dc8438b000000000000000800"/376]}, 0x1f0)
r10 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
pread64(r10, &(0x7f0000000080)=""/237, 0xed, 0x5)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r11=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r11}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_STP_STATE={0x8, 0x15}]}}}]}, 0x3c}}, 0x0)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r12, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program crashed: INFO: task hung in nfsd_nl_listener_set_doit
single: successfully extracted reproducer
found reproducer with 27 syscalls
minimizing guilty program
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-prlimit64-sched_setscheduler-getpid-sched_setscheduler-mmap-fspick-fsconfig$FSCONFIG_CMD_CREATE-socketpair$unix-connect$unix-sendmmsg$unix-recvmmsg-socket$inet_tcp-setsockopt$EBT_SO_SET_ENTRIES-syz_open_procfs-pread64-ioctl$sock_SIOCGIFINDEX-sendmsg$nl_route-socket$nl_generic
detailed listing:
executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0x1b, 0x20000038, r3)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r6 = fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r9, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0xfffffffffffffffd, 0x3, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000f8ffffff000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000f00c0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0400000000000182c20000000000000000000000b8000000b8000000e80000006970000000000000000000000000000000000000000000a823c565625b8d720020000000000000007f00004dab14140000000000000000000084200400000000000000000000000041554449540000bcb92dfff07fca0000004600f58f5dc8438b000000000000000800"/376]}, 0x1f0)
r10 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
pread64(r10, &(0x7f0000000080)=""/237, 0xed, 0x5)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r11=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r11}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_STP_STATE={0x8, 0x15}]}}}]}, 0x3c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-prlimit64-sched_setscheduler-getpid-sched_setscheduler-mmap-fspick-fsconfig$FSCONFIG_CMD_CREATE-socketpair$unix-connect$unix-sendmmsg$unix-recvmmsg-socket$inet_tcp-setsockopt$EBT_SO_SET_ENTRIES-syz_open_procfs-pread64-ioctl$sock_SIOCGIFINDEX-sendmsg$nl_route-sendmsg$nl_generic
detailed listing:
executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0x1b, 0x20000038, r3)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r6 = fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r9, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0xfffffffffffffffd, 0x3, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000f8ffffff000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000f00c0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0400000000000182c20000000000000000000000b8000000b8000000e80000006970000000000000000000000000000000000000000000a823c565625b8d720020000000000000007f00004dab14140000000000000000000084200400000000000000000000000041554449540000bcb92dfff07fca0000004600f58f5dc8438b000000000000000800"/376]}, 0x1f0)
r10 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
pread64(r10, &(0x7f0000000080)=""/237, 0xed, 0x5)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r11=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r11}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_STP_STATE={0x8, 0x15}]}}}]}, 0x3c}}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-prlimit64-sched_setscheduler-getpid-sched_setscheduler-mmap-fspick-fsconfig$FSCONFIG_CMD_CREATE-socketpair$unix-connect$unix-sendmmsg$unix-recvmmsg-socket$inet_tcp-setsockopt$EBT_SO_SET_ENTRIES-syz_open_procfs-pread64-ioctl$sock_SIOCGIFINDEX-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0x1b, 0x20000038, r2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r8, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0xfffffffffffffffd, 0x3, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000f8ffffff000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000f00c0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0400000000000182c20000000000000000000000b8000000b8000000e80000006970000000000000000000000000000000000000000000a823c565625b8d720020000000000000007f00004dab14140000000000000000000084200400000000000000000000000041554449540000bcb92dfff07fca0000004600f58f5dc8438b000000000000000800"/376]}, 0x1f0)
r9 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
pread64(r9, &(0x7f0000000080)=""/237, 0xed, 0x5)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00'})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r10, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program crashed: INFO: task hung in nfsd_nl_listener_set_doit
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-prlimit64-sched_setscheduler-getpid-sched_setscheduler-mmap-fspick-fsconfig$FSCONFIG_CMD_CREATE-socketpair$unix-connect$unix-sendmmsg$unix-recvmmsg-socket$inet_tcp-setsockopt$EBT_SO_SET_ENTRIES-syz_open_procfs-pread64-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1b, 0x20000038, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r7, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0xfffffffffffffffd, 0x3, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000f8ffffff000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000f00c0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0400000000000182c20000000000000000000000b8000000b8000000e80000006970000000000000000000000000000000000000000000a823c565625b8d720020000000000000007f00004dab14140000000000000000000084200400000000000000000000000041554449540000bcb92dfff07fca0000004600f58f5dc8438b000000000000000800"/376]}, 0x1f0)
r8 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
pread64(r8, &(0x7f0000000080)=""/237, 0xed, 0x5)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program crashed: INFO: task hung in nfsd_nl_listener_set_doit
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-prlimit64-sched_setscheduler-getpid-sched_setscheduler-mmap-fspick-fsconfig$FSCONFIG_CMD_CREATE-socketpair$unix-connect$unix-sendmmsg$unix-recvmmsg-socket$inet_tcp-setsockopt$EBT_SO_SET_ENTRIES-syz_open_procfs-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1b, 0x20000038, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r7, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0xfffffffffffffffd, 0x3, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000f8ffffff000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000f00c0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0400000000000182c20000000000000000000000b8000000b8000000e80000006970000000000000000000000000000000000000000000a823c565625b8d720020000000000000007f00004dab14140000000000000000000084200400000000000000000000000041554449540000bcb92dfff07fca0000004600f58f5dc8438b000000000000000800"/376]}, 0x1f0)
syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program crashed: INFO: task hung in nfsd_nl_listener_set_doit
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-prlimit64-sched_setscheduler-getpid-sched_setscheduler-mmap-fspick-fsconfig$FSCONFIG_CMD_CREATE-socketpair$unix-connect$unix-sendmmsg$unix-recvmmsg-socket$inet_tcp-setsockopt$EBT_SO_SET_ENTRIES-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1b, 0x20000038, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r7, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0xfffffffffffffffd, 0x3, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000f8ffffff000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000f00c0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0400000000000182c20000000000000000000000b8000000b8000000e80000006970000000000000000000000000000000000000000000a823c565625b8d720020000000000000007f00004dab14140000000000000000000084200400000000000000000000000041554449540000bcb92dfff07fca0000004600f58f5dc8438b000000000000000800"/376]}, 0x1f0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program crashed: INFO: task hung in nfsd_nl_listener_set_doit
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-prlimit64-sched_setscheduler-getpid-sched_setscheduler-mmap-fspick-fsconfig$FSCONFIG_CMD_CREATE-socketpair$unix-connect$unix-sendmmsg$unix-recvmmsg-socket$inet_tcp-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1b, 0x20000038, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program crashed: INFO: task hung in nfsd_nl_listener_set_doit
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-prlimit64-sched_setscheduler-getpid-sched_setscheduler-mmap-fspick-fsconfig$FSCONFIG_CMD_CREATE-socketpair$unix-connect$unix-sendmmsg$unix-recvmmsg-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1b, 0x20000038, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program crashed: INFO: task hung in nfsd_nl_listener_set_doit
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-prlimit64-sched_setscheduler-getpid-sched_setscheduler-mmap-fspick-fsconfig$FSCONFIG_CMD_CREATE-socketpair$unix-connect$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1b, 0x20000038, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program crashed: INFO: task hung in nfsd_nl_listener_set_doit
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-prlimit64-sched_setscheduler-getpid-sched_setscheduler-mmap-fspick-fsconfig$FSCONFIG_CMD_CREATE-socketpair$unix-connect$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1b, 0x20000038, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-prlimit64-sched_setscheduler-getpid-sched_setscheduler-mmap-fspick-fsconfig$FSCONFIG_CMD_CREATE-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1b, 0x20000038, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program crashed: INFO: task hung in nfsd_nl_listener_set_doit
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-prlimit64-sched_setscheduler-getpid-sched_setscheduler-mmap-fspick-fsconfig$FSCONFIG_CMD_CREATE-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1b, 0x20000038, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-prlimit64-sched_setscheduler-getpid-sched_setscheduler-mmap-fspick-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1b, 0x20000038, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program crashed: INFO: task hung in nfsd_nl_listener_set_doit
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-prlimit64-sched_setscheduler-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1b, 0x20000038, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program crashed: INFO: task hung in nfsd_nl_listener_set_doit
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-prlimit64-sched_setscheduler-getpid-sched_setscheduler-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1b, 0x20000038, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-prlimit64-sched_setscheduler-getpid-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1b, 0x20000038, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-prlimit64-sched_setscheduler-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1b, 0x20000038, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-prlimit64-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1b, 0x20000038, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program crashed: INFO: task hung in nfsd_nl_listener_set_doit
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1b, 0x20000038, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-sendmsg$IPSET_CMD_CREATE-prlimit64-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1b, 0x20000038, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program crashed: INFO: task hung in nfsd_nl_listener_set_doit
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-socket$nl_netfilter-prlimit64-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1b, 0x20000038, r1)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program crashed: INFO: task hung in nfsd_nl_listener_set_doit
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-io_uring_register$IORING_UNREGISTER_PERSONALITY-prlimit64-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1b, 0x20000038, r1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program crashed: INFO: task hung in nfsd_nl_listener_set_doit
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-io_uring_register$IORING_REGISTER_PERSONALITY-prlimit64-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program crashed: INFO: task hung in nfsd_nl_listener_set_doit
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-io_uring_setup-prlimit64-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
io_uring_setup(0x68f7, &(0x7f0000000180)={0x0, 0x0, 0x400, 0xfffffffc, 0x13b})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program crashed: INFO: task hung in nfsd_nl_listener_set_doit
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-socket$netlink-prlimit64-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program crashed: INFO: task hung in nfsd_nl_listener_set_doit
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-prlimit64-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program crashed: INFO: task hung in nfsd_nl_listener_set_doit
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program crashed: INFO: task hung in nfsd_nl_listener_set_doit
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, 0x0, 0x24008100)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000001740)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={0x0}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program did not crash
extracting C reproducer
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
program crashed: no output from test machine
a never seen crash title: no output from test machine, ignore
simplifying guilty program options
testing program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-getpid-sched_setscheduler-mmap-socketpair$unix-sendmmsg$unix-socket$nl_generic-sendmsg$nl_generic
detailed listing:
executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001580)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x24008100)

program did not crash
reproducing took 4h22m47.748094114s
repro crashed as (corrupted=false):
INFO: task syz.4.83:6311 blocked for more than 143 seconds.
      Not tainted 6.13.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.4.83        state:D stack:27504 pid:6311  tgid:6309  ppid:5942   flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0xe58/0x5ad0 kernel/sched/core.c:6756
 __schedule_loop kernel/sched/core.c:6833 [inline]
 schedule+0xe7/0x350 kernel/sched/core.c:6848
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905
 __mutex_lock_common kernel/locking/mutex.c:665 [inline]
 __mutex_lock+0x62b/0xa60 kernel/locking/mutex.c:735
 nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
 genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115
 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
 genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210
 netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2542
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
 netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]
 netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1347
 netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1891
 sock_sendmsg_nosec net/socket.c:711 [inline]
 __sock_sendmsg net/socket.c:726 [inline]
 ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2583
 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2637
 __sys_sendmsg+0x16e/0x220 net/socket.c:2669
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff167585d29
RSP: 002b:00007ff168412038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007ff167776080 RCX: 00007ff167585d29
RDX: 0000000024008100 RSI: 0000000020001740 RDI: 0000000000000005
RBP: 00007ff167601b08 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007ff167776080 R15: 00007ffdf5f6bd68
 </TASK>
INFO: task syz.0.84:6319 blocked for more than 144 seconds.
      Not tainted 6.13.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.0.84        state:D stack:27504 pid:6319  tgid:6317  ppid:5932   flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0xe58/0x5ad0 kernel/sched/core.c:6756
 __schedule_loop kernel/sched/core.c:6833 [inline]
 schedule+0xe7/0x350 kernel/sched/core.c:6848
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905
 __mutex_lock_common kernel/locking/mutex.c:665 [inline]
 __mutex_lock+0x62b/0xa60 kernel/locking/mutex.c:735
 nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
 genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115
 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
 genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210
 netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2542
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
 netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]
 netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1347
 netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1891
 sock_sendmsg_nosec net/socket.c:711 [inline]
 __sock_sendmsg net/socket.c:726 [inline]
 ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2583
 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2637
 __sys_sendmsg+0x16e/0x220 net/socket.c:2669
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fa672185d29
RSP: 002b:00007fa672ff5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007fa672376080 RCX: 00007fa672185d29
RDX: 0000000024008100 RSI: 0000000020001740 RDI: 0000000000000005
RBP: 00007fa672201b08 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007fa672376080 R15: 00007ffcc88b7898
 </TASK>
INFO: task syz.5.85:6342 blocked for more than 145 seconds.
      Not tainted 6.13.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.5.85        state:D stack:27504 pid:6342  tgid:6340  ppid:6321   flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0xe58/0x5ad0 kernel/sched/core.c:6756
 __schedule_loop kernel/sched/core.c:6833 [inline]
 schedule+0xe7/0x350 kernel/sched/core.c:6848
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905
 __mutex_lock_common kernel/locking/mutex.c:665 [inline]
 __mutex_lock+0x62b/0xa60 kernel/locking/mutex.c:735
 nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
 genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115
 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
 genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210
 netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2542
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
 netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]
 netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1347
 netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1891
 sock_sendmsg_nosec net/socket.c:711 [inline]
 __sock_sendmsg net/socket.c:726 [inline]
 ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2583
 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2637
 __sys_sendmsg+0x16e/0x220 net/socket.c:2669
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f5f2f985d29
RSP: 002b:00007f5f3079d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f5f2fb76080 RCX: 00007f5f2f985d29
RDX: 0000000024008100 RSI: 0000000020001740 RDI: 0000000000000005
RBP: 00007f5f2fa01b08 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007f5f2fb76080 R15: 00007fffb87b2e98
 </TASK>
INFO: task syz.7.87:6397 blocked for more than 147 seconds.
      Not tainted 6.13.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.7.87        state:D stack:27696 pid:6397  tgid:6390  ppid:6352   flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0xe58/0x5ad0 kernel/sched/core.c:6756
 __schedule_loop kernel/sched/core.c:6833 [inline]
 schedule+0xe7/0x350 kernel/sched/core.c:6848
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905
 __mutex_lock_common kernel/locking/mutex.c:665 [inline]
 __mutex_lock+0x62b/0xa60 kernel/locking/mutex.c:735
 nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
 genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115
 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
 genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210
 netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2542
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
 netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]
 netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1347
 netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1891
 sock_sendmsg_nosec net/socket.c:711 [inline]
 __sock_sendmsg net/socket.c:726 [inline]
 ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2583
 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2637
 __sys_sendmsg+0x16e/0x220 net/socket.c:2669
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f7a58185d29
RSP: 002b:00007f7a5905f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f7a58376080 RCX: 00007f7a58185d29
RDX: 0000000024008100 RSI: 0000000020001740 RDI: 0000000000000005
RBP: 00007f7a58201b08 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007f7a58376080 R15: 00007fffe2755e88
 </TASK>
INFO: task syz.6.86:6400 blocked for more than 147 seconds.
      Not tainted 6.13.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.6.86        state:D stack:27696 pid:6400  tgid:6394  ppid:6350   flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0xe58/0x5ad0 kernel/sched/core.c:6756
 __schedule_loop kernel/sched/core.c:6833 [inline]
 schedule+0xe7/0x350 kernel/sched/core.c:6848
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905
 __mutex_lock_common kernel/locking/mutex.c:665 [inline]
 __mutex_lock+0x62b/0xa60 kernel/locking/mutex.c:735
 nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
 genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115
 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
 genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210
 netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2542
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
 netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]
 netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1347
 netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1891
 sock_sendmsg_nosec net/socket.c:711 [inline]
 __sock_sendmsg net/socket.c:726 [inline]
 ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2583
 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2637
 __sys_sendmsg+0x16e/0x220 net/socket.c:2669
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f4e20985d29
RSP: 002b:00007f4e21762038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f4e20b76080 RCX: 00007f4e20985d29
RDX: 0000000024008100 RSI: 0000000020001740 RDI: 0000000000000005
RBP: 00007f4e20a01b08 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007f4e20b76080 R15: 00007ffdc1fe3958
 </TASK>
INFO: task syz.8.88:6416 blocked for more than 148 seconds.
      Not tainted 6.13.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.8.88        state:D stack:27696 pid:6416  tgid:6414  ppid:6392   flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0xe58/0x5ad0 kernel/sched/core.c:6756
 __schedule_loop kernel/sched/core.c:6833 [inline]
 schedule+0xe7/0x350 kernel/sched/core.c:6848
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905
 __mutex_lock_common kernel/locking/mutex.c:665 [inline]
 __mutex_lock+0x62b/0xa60 kernel/locking/mutex.c:735
 nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
 genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115
 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
 genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210
 netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2542
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
 netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]
 netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1347
 netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1891
 sock_sendmsg_nosec net/socket.c:711 [inline]
 __sock_sendmsg net/socket.c:726 [inline]
 ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2583
 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2637
 __sys_sendmsg+0x16e/0x220 net/socket.c:2669
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f9ee5d85d29
RSP: 002b:00007f9ee6b7c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f9ee5f76080 RCX: 00007f9ee5d85d29
RDX: 0000000024008100 RSI: 0000000020001740 RDI: 0000000000000005
RBP: 00007f9ee5e01b08 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007f9ee5f76080 R15: 00007fff60a507b8
 </TASK>

Showing all locks held in the system:
1 lock held by khungtaskd/30:
 #0: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
 #0: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
 #0: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x7f/0x390 kernel/locking/lockdep.c:6744
3 locks held by kworker/u8:3/57:
3 locks held by kworker/u8:9/3485:
3 locks held by kworker/u8:10/3508:
 #0: ffff88801b081148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0 kernel/workqueue.c:3204
 #1: ffff8880b8628a88 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x2c1/0x8e0 kernel/sched/psi.c:987
 #2: ffffffff9aa24868 (&obj_hash[i].lock){-.-.}-{2:2}, at: __debug_check_no_obj_freed lib/debugobjects.c:1088 [inline]
 #2: ffffffff9aa24868 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_check_no_obj_freed+0x1cf/0x600 lib/debugobjects.c:1129
2 locks held by getty/5577:
 #0: ffff8880325a90a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243
 #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xfba/0x1480 drivers/tty/n_tty.c:2211
2 locks held by kworker/1:5/6027:
 #0: ffff88801b078948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0 kernel/workqueue.c:3204
 #1: ffffc90002ed7d80 ((work_completion)(&clnt->cl_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 kernel/workqueue.c:3205
3 locks held by kworker/1:6/6028:
 #0: ffff88801b078948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0 kernel/workqueue.c:3204
 #1: ffffc90003c17d80 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 kernel/workqueue.c:3205
 #2: ffff88808fe13240 (&data->fib_lock){+.+.}-{4:4}, at: nsim_fib_event_work+0x1bb/0x26d0 drivers/net/netdevsim/fib.c:1490
2 locks held by syz.3.82/6308:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.4.83/6311:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.0.84/6319:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.5.85/6342:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.7.87/6397:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.6.86/6400:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.8.88/6416:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.9.89/6438:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.2.90/6573:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.1.91/6649:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.3.92/6666:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.4.93/6684:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: 
ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.0.94/6691:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.5.95/6715:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.7.96/6746:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.6.97/6776:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.8.98/6800:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.9.99/6802:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.2.100/6820:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.1.101/6836:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.3.102/6857:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.4.103/6888:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.0.104/6891:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.5.105/6914:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.7.106/6935:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.6.107/6959:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.8.108/6991:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.9.109/7012:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.2.110/7019:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.1.111/7038:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.3.112/7051:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.4.113/7082:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.0.114/7098:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.5.115/7122:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.7.116/7144:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.6.117/7157:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.8.118/7188:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.9.119/7214:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.2.120/7232:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.1.121/7248:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.3.122/7264:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.4.123/7286:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz-executor/7292:
 #0: ffffffff8fedc988 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock net/core/rtnetlink.c:79 [inline]
 #0: ffffffff8fedc988 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x372/0xea0 net/core/rtnetlink.c:6928
 #1: ffffffff8e1c7238 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x282/0x3b0 kernel/rcu/tree_exp.h:297
2 locks held by syz.0.124/7302:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz-executor/7314:
 #0: ffffffff905f78c0 (&ops->srcu#2){.+.+}-{0:0}, at: srcu_lock_acquire include/linux/srcu.h:158 [inline]
 #0: ffffffff905f78c0 (&ops->srcu#2){.+.+}-{0:0}, at: srcu_read_lock include/linux/srcu.h:249 [inline]
 #0: ffffffff905f78c0 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x10f/0x2c0 net/core/rtnetlink.c:559
 #1: ffffffff8fedc988 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock net/core/rtnetlink.c:79 [inline]
 #1: ffffffff8fedc988 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_nets_lock net/core/rtnetlink.c:326 [inline]
 #1: ffffffff8fedc988 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x5d9/0x1d60 net/core/rtnetlink.c:4011
1 lock held by syz-executor/7319:
 #0: ffffffff8fedc988 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:128 [inline]
 #0: ffffffff8fedc988 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x316/0x1560 net/ipv4/devinet.c:987

=============================================

NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
 nmi_cpu_backtrace+0x27b/0x390 lib/nmi_backtrace.c:113
 nmi_trigger_cpumask_backtrace+0x29c/0x300 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:234 [inline]
 watchdog+0xf14/0x1240 kernel/hung_task.c:397
 kthread+0x2c1/0x3a0 kernel/kthread.c:389
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 2965 Comm: kworker/u8:7 Not tainted 6.13.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Workqueue: events_unbound cfg80211_wiphy_work
RIP: 0010:debug_check_no_obj_freed+0x8a/0x600 lib/debugobjects.c:1127
Code: c7 40 08 00 00 00 f3 c7 40 0c f3 f3 f3 f3 65 48 8b 04 25 28 00 00 00 48 89 84 24 08 01 00 00 31 c0 80 3d d8 db b9 0b 00 75 46 <48> b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 00 00 00 48 c7
RSP: 0018:ffffc9000cb67040 EFLAGS: 00000202
RAX: 0000000000000001 RBX: 1ffff9200196ce16 RCX: 0000000000000000
RDX: 0000000000000202 RSI: ffff888081553000 RDI: 0000000000000001
RBP: ffffc9000cb67180 R08: 0000000000000001 R09: fffffbfff2dca3b2
R10: ffffffff96e51d97 R11: 0000000000000004 R12: ffff888081552000
R13: 0000000000000003 R14: 0000000000000003 R15: ffff888081552000
FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fa8906a7d60 CR3: 000000002533e000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <NMI>
 </NMI>
 <TASK>
 slab_free_hook mm/slub.c:2284 [inline]
 slab_free mm/slub.c:4613 [inline]
 kfree+0x2b3/0x4b0 mm/slub.c:4761
 ieee80211_inform_bss+0x76e/0x1100 net/mac80211/scan.c:160
 rdev_inform_bss net/wireless/rdev-ops.h:418 [inline]
 cfg80211_inform_single_bss_data+0x8f9/0x1df0 net/wireless/scan.c:2334
 cfg80211_inform_bss_data+0x205/0x3ba0 net/wireless/scan.c:3189
 cfg80211_inform_bss_frame_data+0x272/0x7a0 net/wireless/scan.c:3284
 ieee80211_bss_info_update+0x311/0xab0 net/mac80211/scan.c:226
 ieee80211_rx_bss_info net/mac80211/ibss.c:1101 [inline]
 ieee80211_rx_mgmt_probe_beacon net/mac80211/ibss.c:1580 [inline]
 ieee80211_ibss_rx_queued_mgmt+0x189c/0x2f50 net/mac80211/ibss.c:1607
 ieee80211_iface_process_skb net/mac80211/iface.c:1613 [inline]
 ieee80211_iface_work+0xc0b/0xf00 net/mac80211/iface.c:1667
 cfg80211_wiphy_work+0x3de/0x560 net/wireless/core.c:440
 process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229
 process_scheduled_works kernel/workqueue.c:3310 [inline]
 worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391
 kthread+0x2c1/0x3a0 kernel/kthread.c:389
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>

final repro crashed as (corrupted=false):
INFO: task syz.4.83:6311 blocked for more than 143 seconds.
      Not tainted 6.13.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.4.83        state:D stack:27504 pid:6311  tgid:6309  ppid:5942   flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0xe58/0x5ad0 kernel/sched/core.c:6756
 __schedule_loop kernel/sched/core.c:6833 [inline]
 schedule+0xe7/0x350 kernel/sched/core.c:6848
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905
 __mutex_lock_common kernel/locking/mutex.c:665 [inline]
 __mutex_lock+0x62b/0xa60 kernel/locking/mutex.c:735
 nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
 genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115
 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
 genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210
 netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2542
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
 netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]
 netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1347
 netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1891
 sock_sendmsg_nosec net/socket.c:711 [inline]
 __sock_sendmsg net/socket.c:726 [inline]
 ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2583
 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2637
 __sys_sendmsg+0x16e/0x220 net/socket.c:2669
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff167585d29
RSP: 002b:00007ff168412038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007ff167776080 RCX: 00007ff167585d29
RDX: 0000000024008100 RSI: 0000000020001740 RDI: 0000000000000005
RBP: 00007ff167601b08 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007ff167776080 R15: 00007ffdf5f6bd68
 </TASK>
INFO: task syz.0.84:6319 blocked for more than 144 seconds.
      Not tainted 6.13.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.0.84        state:D stack:27504 pid:6319  tgid:6317  ppid:5932   flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0xe58/0x5ad0 kernel/sched/core.c:6756
 __schedule_loop kernel/sched/core.c:6833 [inline]
 schedule+0xe7/0x350 kernel/sched/core.c:6848
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905
 __mutex_lock_common kernel/locking/mutex.c:665 [inline]
 __mutex_lock+0x62b/0xa60 kernel/locking/mutex.c:735
 nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
 genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115
 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
 genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210
 netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2542
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
 netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]
 netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1347
 netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1891
 sock_sendmsg_nosec net/socket.c:711 [inline]
 __sock_sendmsg net/socket.c:726 [inline]
 ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2583
 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2637
 __sys_sendmsg+0x16e/0x220 net/socket.c:2669
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fa672185d29
RSP: 002b:00007fa672ff5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007fa672376080 RCX: 00007fa672185d29
RDX: 0000000024008100 RSI: 0000000020001740 RDI: 0000000000000005
RBP: 00007fa672201b08 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007fa672376080 R15: 00007ffcc88b7898
 </TASK>
INFO: task syz.5.85:6342 blocked for more than 145 seconds.
      Not tainted 6.13.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.5.85        state:D stack:27504 pid:6342  tgid:6340  ppid:6321   flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0xe58/0x5ad0 kernel/sched/core.c:6756
 __schedule_loop kernel/sched/core.c:6833 [inline]
 schedule+0xe7/0x350 kernel/sched/core.c:6848
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905
 __mutex_lock_common kernel/locking/mutex.c:665 [inline]
 __mutex_lock+0x62b/0xa60 kernel/locking/mutex.c:735
 nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
 genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115
 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
 genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210
 netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2542
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
 netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]
 netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1347
 netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1891
 sock_sendmsg_nosec net/socket.c:711 [inline]
 __sock_sendmsg net/socket.c:726 [inline]
 ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2583
 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2637
 __sys_sendmsg+0x16e/0x220 net/socket.c:2669
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f5f2f985d29
RSP: 002b:00007f5f3079d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f5f2fb76080 RCX: 00007f5f2f985d29
RDX: 0000000024008100 RSI: 0000000020001740 RDI: 0000000000000005
RBP: 00007f5f2fa01b08 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007f5f2fb76080 R15: 00007fffb87b2e98
 </TASK>
INFO: task syz.7.87:6397 blocked for more than 147 seconds.
      Not tainted 6.13.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.7.87        state:D stack:27696 pid:6397  tgid:6390  ppid:6352   flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0xe58/0x5ad0 kernel/sched/core.c:6756
 __schedule_loop kernel/sched/core.c:6833 [inline]
 schedule+0xe7/0x350 kernel/sched/core.c:6848
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905
 __mutex_lock_common kernel/locking/mutex.c:665 [inline]
 __mutex_lock+0x62b/0xa60 kernel/locking/mutex.c:735
 nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
 genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115
 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
 genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210
 netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2542
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
 netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]
 netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1347
 netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1891
 sock_sendmsg_nosec net/socket.c:711 [inline]
 __sock_sendmsg net/socket.c:726 [inline]
 ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2583
 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2637
 __sys_sendmsg+0x16e/0x220 net/socket.c:2669
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f7a58185d29
RSP: 002b:00007f7a5905f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f7a58376080 RCX: 00007f7a58185d29
RDX: 0000000024008100 RSI: 0000000020001740 RDI: 0000000000000005
RBP: 00007f7a58201b08 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007f7a58376080 R15: 00007fffe2755e88
 </TASK>
INFO: task syz.6.86:6400 blocked for more than 147 seconds.
      Not tainted 6.13.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.6.86        state:D stack:27696 pid:6400  tgid:6394  ppid:6350   flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0xe58/0x5ad0 kernel/sched/core.c:6756
 __schedule_loop kernel/sched/core.c:6833 [inline]
 schedule+0xe7/0x350 kernel/sched/core.c:6848
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905
 __mutex_lock_common kernel/locking/mutex.c:665 [inline]
 __mutex_lock+0x62b/0xa60 kernel/locking/mutex.c:735
 nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
 genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115
 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
 genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210
 netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2542
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
 netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]
 netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1347
 netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1891
 sock_sendmsg_nosec net/socket.c:711 [inline]
 __sock_sendmsg net/socket.c:726 [inline]
 ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2583
 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2637
 __sys_sendmsg+0x16e/0x220 net/socket.c:2669
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f4e20985d29
RSP: 002b:00007f4e21762038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f4e20b76080 RCX: 00007f4e20985d29
RDX: 0000000024008100 RSI: 0000000020001740 RDI: 0000000000000005
RBP: 00007f4e20a01b08 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007f4e20b76080 R15: 00007ffdc1fe3958
 </TASK>
INFO: task syz.8.88:6416 blocked for more than 148 seconds.
      Not tainted 6.13.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.8.88        state:D stack:27696 pid:6416  tgid:6414  ppid:6392   flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0xe58/0x5ad0 kernel/sched/core.c:6756
 __schedule_loop kernel/sched/core.c:6833 [inline]
 schedule+0xe7/0x350 kernel/sched/core.c:6848
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905
 __mutex_lock_common kernel/locking/mutex.c:665 [inline]
 __mutex_lock+0x62b/0xa60 kernel/locking/mutex.c:735
 nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
 genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115
 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
 genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210
 netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2542
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
 netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]
 netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1347
 netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1891
 sock_sendmsg_nosec net/socket.c:711 [inline]
 __sock_sendmsg net/socket.c:726 [inline]
 ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2583
 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2637
 __sys_sendmsg+0x16e/0x220 net/socket.c:2669
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f9ee5d85d29
RSP: 002b:00007f9ee6b7c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f9ee5f76080 RCX: 00007f9ee5d85d29
RDX: 0000000024008100 RSI: 0000000020001740 RDI: 0000000000000005
RBP: 00007f9ee5e01b08 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007f9ee5f76080 R15: 00007fff60a507b8
 </TASK>

Showing all locks held in the system:
1 lock held by khungtaskd/30:
 #0: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
 #0: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
 #0: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x7f/0x390 kernel/locking/lockdep.c:6744
3 locks held by kworker/u8:3/57:
3 locks held by kworker/u8:9/3485:
3 locks held by kworker/u8:10/3508:
 #0: ffff88801b081148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0 kernel/workqueue.c:3204
 #1: ffff8880b8628a88 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x2c1/0x8e0 kernel/sched/psi.c:987
 #2: ffffffff9aa24868 (&obj_hash[i].lock){-.-.}-{2:2}, at: __debug_check_no_obj_freed lib/debugobjects.c:1088 [inline]
 #2: ffffffff9aa24868 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_check_no_obj_freed+0x1cf/0x600 lib/debugobjects.c:1129
2 locks held by getty/5577:
 #0: ffff8880325a90a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243
 #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xfba/0x1480 drivers/tty/n_tty.c:2211
2 locks held by kworker/1:5/6027:
 #0: ffff88801b078948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0 kernel/workqueue.c:3204
 #1: ffffc90002ed7d80 ((work_completion)(&clnt->cl_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 kernel/workqueue.c:3205
3 locks held by kworker/1:6/6028:
 #0: ffff88801b078948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0 kernel/workqueue.c:3204
 #1: ffffc90003c17d80 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 kernel/workqueue.c:3205
 #2: ffff88808fe13240 (&data->fib_lock){+.+.}-{4:4}, at: nsim_fib_event_work+0x1bb/0x26d0 drivers/net/netdevsim/fib.c:1490
2 locks held by syz.3.82/6308:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.4.83/6311:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.0.84/6319:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.5.85/6342:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.7.87/6397:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.6.86/6400:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.8.88/6416:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.9.89/6438:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.2.90/6573:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.1.91/6649:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.3.92/6666:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.4.93/6684:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: 
ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.0.94/6691:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.5.95/6715:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.7.96/6746:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.6.97/6776:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.8.98/6800:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.9.99/6802:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.2.100/6820:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.1.101/6836:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.3.102/6857:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.4.103/6888:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.0.104/6891:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.5.105/6914:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.7.106/6935:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.6.107/6959:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.8.108/6991:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.9.109/7012:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.2.110/7019:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.1.111/7038:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.3.112/7051:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.4.113/7082:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.0.114/7098:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.5.115/7122:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.7.116/7144:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.6.117/7157:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.8.118/7188:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.9.119/7214:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.2.120/7232:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.1.121/7248:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.3.122/7264:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz.4.123/7286:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz-executor/7292:
 #0: ffffffff8fedc988 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock net/core/rtnetlink.c:79 [inline]
 #0: ffffffff8fedc988 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x372/0xea0 net/core/rtnetlink.c:6928
 #1: ffffffff8e1c7238 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x282/0x3b0 kernel/rcu/tree_exp.h:297
2 locks held by syz.0.124/7302:
 #0: ffffffff8ff7b990 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 net/netlink/genetlink.c:1218
 #1: ffffffff8e5be0e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 fs/nfsd/nfsctl.c:1964
2 locks held by syz-executor/7314:
 #0: ffffffff905f78c0 (&ops->srcu#2){.+.+}-{0:0}, at: srcu_lock_acquire include/linux/srcu.h:158 [inline]
 #0: ffffffff905f78c0 (&ops->srcu#2){.+.+}-{0:0}, at: srcu_read_lock include/linux/srcu.h:249 [inline]
 #0: ffffffff905f78c0 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x10f/0x2c0 net/core/rtnetlink.c:559
 #1: ffffffff8fedc988 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock net/core/rtnetlink.c:79 [inline]
 #1: ffffffff8fedc988 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_nets_lock net/core/rtnetlink.c:326 [inline]
 #1: ffffffff8fedc988 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x5d9/0x1d60 net/core/rtnetlink.c:4011
1 lock held by syz-executor/7319:
 #0: ffffffff8fedc988 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:128 [inline]
 #0: ffffffff8fedc988 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x316/0x1560 net/ipv4/devinet.c:987

=============================================

NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
 nmi_cpu_backtrace+0x27b/0x390 lib/nmi_backtrace.c:113
 nmi_trigger_cpumask_backtrace+0x29c/0x300 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:234 [inline]
 watchdog+0xf14/0x1240 kernel/hung_task.c:397
 kthread+0x2c1/0x3a0 kernel/kthread.c:389
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 2965 Comm: kworker/u8:7 Not tainted 6.13.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Workqueue: events_unbound cfg80211_wiphy_work
RIP: 0010:debug_check_no_obj_freed+0x8a/0x600 lib/debugobjects.c:1127
Code: c7 40 08 00 00 00 f3 c7 40 0c f3 f3 f3 f3 65 48 8b 04 25 28 00 00 00 48 89 84 24 08 01 00 00 31 c0 80 3d d8 db b9 0b 00 75 46 <48> b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 00 00 00 48 c7
RSP: 0018:ffffc9000cb67040 EFLAGS: 00000202
RAX: 0000000000000001 RBX: 1ffff9200196ce16 RCX: 0000000000000000
RDX: 0000000000000202 RSI: ffff888081553000 RDI: 0000000000000001
RBP: ffffc9000cb67180 R08: 0000000000000001 R09: fffffbfff2dca3b2
R10: ffffffff96e51d97 R11: 0000000000000004 R12: ffff888081552000
R13: 0000000000000003 R14: 0000000000000003 R15: ffff888081552000
FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fa8906a7d60 CR3: 000000002533e000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <NMI>
 </NMI>
 <TASK>
 slab_free_hook mm/slub.c:2284 [inline]
 slab_free mm/slub.c:4613 [inline]
 kfree+0x2b3/0x4b0 mm/slub.c:4761
 ieee80211_inform_bss+0x76e/0x1100 net/mac80211/scan.c:160
 rdev_inform_bss net/wireless/rdev-ops.h:418 [inline]
 cfg80211_inform_single_bss_data+0x8f9/0x1df0 net/wireless/scan.c:2334
 cfg80211_inform_bss_data+0x205/0x3ba0 net/wireless/scan.c:3189
 cfg80211_inform_bss_frame_data+0x272/0x7a0 net/wireless/scan.c:3284
 ieee80211_bss_info_update+0x311/0xab0 net/mac80211/scan.c:226
 ieee80211_rx_bss_info net/mac80211/ibss.c:1101 [inline]
 ieee80211_rx_mgmt_probe_beacon net/mac80211/ibss.c:1580 [inline]
 ieee80211_ibss_rx_queued_mgmt+0x189c/0x2f50 net/mac80211/ibss.c:1607
 ieee80211_iface_process_skb net/mac80211/iface.c:1613 [inline]
 ieee80211_iface_work+0xc0b/0xf00 net/mac80211/iface.c:1667
 cfg80211_wiphy_work+0x3de/0x560 net/wireless/core.c:440
 process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229
 process_scheduled_works kernel/workqueue.c:3310 [inline]
 worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391
 kthread+0x2c1/0x3a0 kernel/kthread.c:389
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>