./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor856662416

<...>
Warning: Permanently added '10.128.0.182' (ED25519) to the list of known hosts.
execve("./syz-executor856662416", ["./syz-executor856662416"], 0x7ffe83a7c1c0 /* 10 vars */) = 0
brk(NULL)                               = 0x555567da7000
brk(0x555567da7d00)                     = 0x555567da7d00
arch_prctl(ARCH_SET_FS, 0x555567da7380) = 0
set_tid_address(0x555567da7650)         = 5225
set_robust_list(0x555567da7660, 24)     = 0
rseq(0x555567da7ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor856662416", 4096) = 27
getrandom("\x24\x61\x55\xa9\x64\x78\x01\x73", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555567da7d00
brk(0x555567dc8d00)                     = 0x555567dc8d00
brk(0x555567dc9000)                     = 0x555567dc9000
mprotect(0x7f83b2874000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5226 attached
, child_tidptr=0x555567da7650) = 5226
[pid  5226] set_robust_list(0x555567da7660, 24) = 0
[pid  5226] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  5226] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5226] setsid()                    = 1
[pid  5226] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5226] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5226] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5226] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5226] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5226] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5226] unshare(CLONE_NEWNS)        = 0
[pid  5226] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5226] unshare(CLONE_NEWIPC)       = 0
[pid  5226] unshare(CLONE_NEWCGROUP)    = 0
[pid  5226] unshare(CLONE_NEWUTS)       = 0
[pid  5226] unshare(CLONE_SYSVSEM)      = 0
[pid  5226] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5226] write(3, "16777216", 8)     = 8
[pid  5226] close(3)                    = 0
[pid  5226] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5226] write(3, "536870912", 9)    = 9
[pid  5226] close(3)                    = 0
[pid  5226] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5226] write(3, "1024", 4)         = 4
[pid  5226] close(3)                    = 0
[pid  5226] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5226] write(3, "8192", 4)         = 4
[pid  5226] close(3)                    = 0
[pid  5226] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5226] write(3, "1024", 4)         = 4
[pid  5226] close(3)                    = 0
[pid  5226] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5226] write(3, "1024", 4)         = 4
[pid  5226] close(3)                    = 0
[pid  5226] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5226] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5226] close(3)                    = 0
[pid  5226] getpid()                    = 1
[pid  5226] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5226] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5226] unshare(CLONE_NEWNET)       = 0
[pid  5226] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5226] write(3, "0 65535", 7)      = 7
[pid  5226] close(3)                    = 0
[pid  5226] openat(AT_FDCWD, "/dev/net/tun", O_RDWR|O_NONBLOCK) = 3
[pid  5226] dup2(3, 200)                = 200
[pid  5226] close(3)                    = 0
[pid  5226] ioctl(200, TUNSETIFF, 0x7ffee515d5b0) = 0
[pid  5226] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/accept_dad", O_WRONLY|O_CLOEXEC) = 3
[pid  5226] write(3, "0", 1)            = 1
[pid  5226] close(3)                    = 0
[pid  5226] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/router_solicitations", O_WRONLY|O_CLOEXEC) = 3
[pid  5226] write(3, "0", 1)            = 1
[pid  5226] close(3)                    = 0
[pid  5226] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
[pid  5226] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5226] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5226] close(4)                    = 0
[pid  5226] sendto(3, [{nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x18\x00\x00\x0b\x00\x00\x00\x08\x00\x02\x00\xac\x14\x14\xaa\x08\x00\x01\x00\xac\x14\x14\xaa"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid  5226] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5226] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5226] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5226] close(4)                    = 0
[pid  5226] sendto(3, [{nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x78\x00\x00\x0b\x00\x00\x00\x14\x00\x02\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid  5226] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5226] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5226] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5226] close(4)                    = 0
[pid  5226] sendto(3, [{nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x08\x00\x01\x00\xac\x14\x14\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 48, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 48
[pid  5226] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5226] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5226] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5226] close(4)                    = 0
[pid  5226] sendto(3, [{nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 60, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 60
[pid  5226] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5226] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5226] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5226] close(4)                    = 0
[pid  5226] sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0a\x00\x01\x00\xaa\xaa\xaa\xaa\xaa\xaa\x00\x00"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
[pid  5226] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5226] close(3)                    = 0
[pid  5226] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3
[pid  5226] write(3, "100000", 6)       = 6
[pid  5226] close(3)                    = 0
[pid  5226] mkdir("./syz-tmp", 0777)    = 0
[pid  5226] mount("", "./syz-tmp", "tmpfs", 0, NULL) = 0
[pid  5226] mkdir("./syz-tmp/newroot", 0777) = 0
[pid  5226] mkdir("./syz-tmp/newroot/dev", 0700) = 0
[pid  5226] mount("/dev", "./syz-tmp/newroot/dev", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5226] mkdir("./syz-tmp/newroot/proc", 0700) = 0
[pid  5226] mount("syz-proc", "./syz-tmp/newroot/proc", "proc", 0, NULL) = 0
[pid  5226] mkdir("./syz-tmp/newroot/selinux", 0700) = 0
[pid  5226] mount("/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid  5226] mount("/sys/fs/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid  5226] mkdir("./syz-tmp/newroot/sys", 0700) = 0
[pid  5226] mount("/sys", "./syz-tmp/newroot/sys", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5226] mkdir("./syz-tmp/pivot", 0777) = 0
[pid  5226] pivot_root("./syz-tmp", "./syz-tmp/pivot") = 0
[pid  5226] chdir("/")                  = 0
[pid  5226] umount2("./pivot", MNT_DETACH) = 0
[pid  5226] chroot("./newroot")         = 0
[pid  5226] chdir("/")                  = 0
[pid  5226] mkdir("/dev/binderfs", 0777) = 0
[pid  5226] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  5226] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5226] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5229 attached
 <unfinished ...>
[pid  5229] set_robust_list(0x555567da7660, 24 <unfinished ...>
[pid  5226] <... clone resumed>, child_tidptr=0x555567da7650) = 2
[pid  5229] <... set_robust_list resumed>) = 0
[pid  5229] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5229] setpgid(0, 0)               = 0
[pid  5229] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5229] write(3, "1000", 4)         = 4
[pid  5229] close(3)                    = 0
[pid  5229] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid  5229] read(200, 0x7ffee515d150, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  5229] write(1, "executing program\n", 18executing program
) = 18
[pid  5229] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  5229] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
[pid  5229] sendto(4, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x65\x74\x68\x74\x6f\x6f\x6c\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5229] recvfrom(4, [{nlmsg_len=996, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=2}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x65\x74\x68\x74\x6f\x6f\x6c\x00\x06\x00\x01\x00\x16\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x00\x00\x00\x00\x88\x03\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 996
[pid  5229] recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=2}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5229] close(4)                    = 0
[pid  5229] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x2c\x00\x00\x00\x16\x00\x0d\x00\x00\x00\x00\x10\x00\x00\x00\x00\x1a\x00\x00\x00\x18\x00\x01\x80\x14\x00\x02\x00\x73\x79\x7a\x5f\x74\x75\x6e\x00\x00\x00\x00\x00\x00\x00\x00\x00", iov_len=44}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 44
[   59.500628][ T5229] 
[   59.502980][ T5229] ================================================
[   59.509451][ T5229] WARNING: lock held when returning to user space!
[   59.515928][ T5229] 6.11.0-rc4-syzkaller-00565-gf9db28bb09f4 #0 Not tainted
[   59.523031][ T5229] ------------------------------------------------
[   59.529518][ T5229] syz-executor856/5229 is leaving the kernel with locks still held!
[   59.537483][ T5229] 1 lock held by syz-executor856/5229:
[pid  5229] close(3)                    = 0
[pid  5229] close(4)                    = -1 EBADF (Bad file descriptor)
[pid  5229] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  5229] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5229] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5229] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5229] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5229] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5229] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5229] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5229] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5229] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5229] close(15)                   = -1 EBADF (Bad file descriptor)
[   59.542921][ T5229]  #0: ffffffff8fc84b88 (rtnl_mutex){+.+.}-{3:3}, at: ethnl_act_cable_test+0x187/0x3f0
[pid  5229] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5229] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5229] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5229] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5229] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5229] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5229] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5229] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5229] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5229] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5229] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5229] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5229] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5229] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5229] exit_group(0)               = ?
[pid  5229] +++ exited with 0 +++
[pid  5226] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid  5226] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5226] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5230 attached
, child_tidptr=0x555567da7650) = 3
[pid  5230] set_robust_list(0x555567da7660, 24) = 0
[pid  5230] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5230] setpgid(0, 0)               = 0
[pid  5230] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5230] write(3, "1000", 4)         = 4
[pid  5230] close(3)                    = 0
[pid  5230] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid  5230] read(200, 0x7ffee515d150, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  5230] write(1, "executing program\n", 18executing program
) = 18
[pid  5230] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  5230] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
[pid  5230] sendto(4, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x65\x74\x68\x74\x6f\x6f\x6c\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5230] recvfrom(4, [{nlmsg_len=996, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=3}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x65\x74\x68\x74\x6f\x6f\x6c\x00\x06\x00\x01\x00\x16\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x00\x00\x00\x00\x88\x03\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 996
[pid  5230] recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5230] close(4)                    = 0
[   59.719325][ T5230] ==================================================================
[   59.727595][ T5230] BUG: KASAN: slab-use-after-free in __mutex_lock+0xcf5/0xd70
[   59.735041][ T5230] Read of size 4 at addr ffff888023a55a34 by task syz-executor856/5230
[   59.743258][ T5230] 
[   59.745574][ T5230] CPU: 0 UID: 0 PID: 5230 Comm: syz-executor856 Not tainted 6.11.0-rc4-syzkaller-00565-gf9db28bb09f4 #0
[   59.756662][ T5230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   59.766717][ T5230] Call Trace:
[   59.769981][ T5230]  <TASK>
[   59.772896][ T5230]  dump_stack_lvl+0x241/0x360
[   59.777572][ T5230]  ? __pfx_dump_stack_lvl+0x10/0x10
[   59.782752][ T5230]  ? __pfx__printk+0x10/0x10
[   59.787324][ T5230]  ? _printk+0xd5/0x120
[   59.791461][ T5230]  ? __virt_addr_valid+0x183/0x530
[   59.796558][ T5230]  ? __virt_addr_valid+0x183/0x530
[   59.801650][ T5230]  print_report+0x169/0x550
[   59.806157][ T5230]  ? __virt_addr_valid+0x183/0x530
[   59.811250][ T5230]  ? __virt_addr_valid+0x183/0x530
[   59.816349][ T5230]  ? __virt_addr_valid+0x45f/0x530
[   59.821445][ T5230]  ? __phys_addr+0xba/0x170
[   59.825944][ T5230]  ? __mutex_lock+0xcf5/0xd70
[   59.830600][ T5230]  kasan_report+0x143/0x180
[   59.835089][ T5230]  ? __mutex_lock+0xcf5/0xd70
[   59.839744][ T5230]  __mutex_lock+0xcf5/0xd70
[   59.844233][ T5230]  ? netdev_get_by_name+0x7c/0xb0
[   59.849240][ T5230]  ? ethnl_parse_header_dev_get+0x690/0x990
[   59.855125][ T5230]  ? ethnl_act_cable_test+0x187/0x3f0
[   59.860582][ T5230]  ? __pfx___mutex_lock+0x10/0x10
[   59.865609][ T5230]  ethnl_act_cable_test+0x187/0x3f0
[   59.870796][ T5230]  ? __pfx_ethnl_act_cable_test+0x10/0x10
[   59.876513][ T5230]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[   59.882876][ T5230]  genl_rcv_msg+0xb14/0xec0
[   59.887368][ T5230]  ? __pfx_genl_rcv_msg+0x10/0x10
[   59.892379][ T5230]  ? __pfx_stack_trace_save+0x10/0x10
[   59.897735][ T5230]  ? stack_trace_save+0x118/0x1d0
[   59.902741][ T5230]  ? stack_depot_save_flags+0x29/0x830
[   59.908191][ T5230]  ? rcu_is_watching+0x15/0xb0
[   59.912939][ T5230]  ? __pfx_lock_acquire+0x10/0x10
[   59.917947][ T5230]  ? __pfx_ethnl_act_cable_test+0x10/0x10
[   59.923659][ T5230]  ? __pfx___might_resched+0x10/0x10
[   59.928952][ T5230]  ? rcu_is_watching+0x15/0xb0
[   59.933705][ T5230]  ? lock_acquire+0xe3/0x550
[   59.938289][ T5230]  netlink_rcv_skb+0x1e3/0x430
[   59.943027][ T5230]  ? __pfx_genl_rcv_msg+0x10/0x10
[   59.948062][ T5230]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   59.953328][ T5230]  ? lock_release+0xbf/0xa30
[   59.957991][ T5230]  ? __pfx___netlink_lookup+0x10/0x10
[   59.963344][ T5230]  ? net_generic+0x1f/0x240
[   59.967918][ T5230]  genl_rcv+0x28/0x40
[   59.971879][ T5230]  netlink_unicast+0x7f6/0x990
[   59.976631][ T5230]  ? __pfx_netlink_unicast+0x10/0x10
[   59.981896][ T5230]  ? __virt_addr_valid+0x183/0x530
[   59.986987][ T5230]  ? __check_object_size+0x49c/0x900
[   59.992249][ T5230]  ? bpf_lsm_netlink_send+0x9/0x10
[   59.997343][ T5230]  netlink_sendmsg+0x8e4/0xcb0
[   60.002092][ T5230]  ? __pfx_netlink_sendmsg+0x10/0x10
[   60.007357][ T5230]  ? __import_iovec+0x536/0x820
[   60.012189][ T5230]  ? aa_sock_msg_perm+0x91/0x160
[   60.017106][ T5230]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[   60.022384][ T5230]  ? security_socket_sendmsg+0x87/0xb0
[   60.027831][ T5230]  ? __pfx_netlink_sendmsg+0x10/0x10
[   60.033168][ T5230]  __sock_sendmsg+0x221/0x270
[   60.037861][ T5230]  ____sys_sendmsg+0x525/0x7d0
[   60.042632][ T5230]  ? __pfx_____sys_sendmsg+0x10/0x10
[   60.047899][ T5230]  ? do_raw_spin_lock+0x14f/0x370
[   60.052905][ T5230]  __sys_sendmsg+0x2b0/0x3a0
[   60.057483][ T5230]  ? __pfx___sys_sendmsg+0x10/0x10
[   60.062663][ T5230]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   60.068997][ T5230]  ? _raw_spin_unlock_irq+0x2e/0x50
[   60.074181][ T5230]  ? ptrace_notify+0x279/0x380
[   60.078942][ T5230]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   60.085253][ T5230]  ? rcu_is_watching+0x15/0xb0
[   60.090008][ T5230]  do_syscall_64+0xf3/0x230
[   60.094515][ T5230]  ? clear_bhb_loop+0x35/0x90
[   60.099176][ T5230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.105059][ T5230] RIP: 0033:0x7f83b27fc839
[   60.109461][ T5230] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 01 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   60.129068][ T5230] RSP: 002b:00007ffee515d548 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   60.137475][ T5230] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f83b27fc839
[   60.145442][ T5230] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[   60.153391][ T5230] RBP: 00000000000f4240 R08: 0000000000000000 R09: 00007ffee515d678
[   60.161345][ T5230] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000e7f7
[   60.169303][ T5230] R13: 00007ffee515d564 R14: 00007ffee515d580 R15: 00007ffee515d570
[   60.177363][ T5230]  </TASK>
[   60.180374][ T5230] 
[   60.182675][ T5230] Allocated by task 5226:
[   60.186979][ T5230]  kasan_save_track+0x3f/0x80
[   60.191642][ T5230]  __kasan_slab_alloc+0x66/0x80
[   60.196478][ T5230]  kmem_cache_alloc_node_noprof+0x16b/0x320
[   60.202376][ T5230]  dup_task_struct+0x57/0x8c0
[   60.207036][ T5230]  copy_process+0x5d1/0x3e10
[   60.211623][ T5230]  kernel_clone+0x226/0x8f0
[   60.216121][ T5230]  __x64_sys_clone+0x258/0x2a0
[   60.220866][ T5230]  do_syscall_64+0xf3/0x230
[   60.225364][ T5230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.231238][ T5230] 
[   60.233539][ T5230] Freed by task 0:
[   60.237231][ T5230]  kasan_save_track+0x3f/0x80
[   60.241890][ T5230]  kasan_save_free_info+0x40/0x50
[   60.246909][ T5230]  poison_slab_object+0xe0/0x150
[   60.251825][ T5230]  __kasan_slab_free+0x37/0x60
[   60.256572][ T5230]  kmem_cache_free+0x145/0x350
[   60.261319][ T5230]  delayed_put_task_struct+0x125/0x300
[   60.266788][ T5230]  rcu_core+0xafd/0x1830
[   60.271022][ T5230]  handle_softirqs+0x2c4/0x970
[   60.275772][ T5230]  __irq_exit_rcu+0xf4/0x1c0
[   60.280342][ T5230]  irq_exit_rcu+0x9/0x30
[   60.284566][ T5230]  sysvec_apic_timer_interrupt+0xa6/0xc0
[   60.290215][ T5230]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   60.296197][ T5230] 
[   60.298497][ T5230] Last potentially related work creation:
[   60.304196][ T5230]  kasan_save_stack+0x3f/0x60
[   60.308854][ T5230]  __kasan_record_aux_stack+0xac/0xc0
[   60.314205][ T5230]  call_rcu+0x167/0xa70
[   60.318343][ T5230]  release_task+0x16ec/0x1830
[   60.323022][ T5230]  wait_consider_task+0x1a14/0x2e60
[   60.328226][ T5230]  __do_wait+0x1b0/0x850
[   60.332453][ T5230]  do_wait+0x1e9/0x560
[   60.336498][ T5230]  kernel_wait4+0x2a7/0x3e0
[   60.340978][ T5230]  __x64_sys_wait4+0x134/0x1e0
[   60.345717][ T5230]  do_syscall_64+0xf3/0x230
[   60.350197][ T5230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.356089][ T5230] 
[   60.358414][ T5230] Second to last potentially related work creation:
[   60.364971][ T5230]  kasan_save_stack+0x3f/0x60
[   60.369626][ T5230]  __kasan_record_aux_stack+0xac/0xc0
[   60.374974][ T5230]  task_work_add+0xb8/0x450
[   60.379452][ T5230]  sched_tick+0x322/0x610
[   60.383766][ T5230]  update_process_times+0x202/0x230
[   60.388963][ T5230]  tick_nohz_handler+0x37c/0x500
[   60.393880][ T5230]  __hrtimer_run_queues+0x551/0xd50
[   60.399055][ T5230]  hrtimer_interrupt+0x396/0x990
[   60.403968][ T5230]  __sysvec_apic_timer_interrupt+0x110/0x3f0
[   60.409925][ T5230]  sysvec_apic_timer_interrupt+0x52/0xc0
[   60.415538][ T5230]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   60.421496][ T5230] 
[   60.423797][ T5230] The buggy address belongs to the object at ffff888023a55a00
[   60.423797][ T5230]  which belongs to the cache task_struct of size 7424
[   60.437912][ T5230] The buggy address is located 52 bytes inside of
[   60.437912][ T5230]  freed 7424-byte region [ffff888023a55a00, ffff888023a57700)
[   60.451684][ T5230] 
[   60.453990][ T5230] The buggy address belongs to the physical page:
[   60.460382][ T5230] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x23a50
[   60.469127][ T5230] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   60.477602][ T5230] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[   60.485134][ T5230] page_type: 0xfdffffff(slab)
[   60.489790][ T5230] raw: 00fff00000000040 ffff8880166fd500 dead000000000122 0000000000000000
[   60.498350][ T5230] raw: 0000000000000000 0000000000040004 00000001fdffffff 0000000000000000
[   60.506926][ T5230] head: 00fff00000000040 ffff8880166fd500 dead000000000122 0000000000000000
[   60.515571][ T5230] head: 0000000000000000 0000000000040004 00000001fdffffff 0000000000000000
[   60.524227][ T5230] head: 00fff00000000003 ffffea00008e9401 ffffffffffffffff 0000000000000000
[   60.532884][ T5230] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[   60.541525][ T5230] page dumped because: kasan: bad access detected
[   60.547922][ T5230] page_owner tracks the page as allocated
[   60.553615][ T5230] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5222, tgid 5222 (strace-static-x), ts 58937506404, free_ts 58899244263
[   60.575387][ T5230]  post_alloc_hook+0x1f3/0x230
[   60.580134][ T5230]  get_page_from_freelist+0x2e4c/0x2f10
[   60.585658][ T5230]  __alloc_pages_noprof+0x256/0x6c0
[   60.590853][ T5230]  alloc_slab_page+0x5f/0x120
[   60.595522][ T5230]  allocate_slab+0x5a/0x2f0
[   60.600002][ T5230]  ___slab_alloc+0xcd1/0x14b0
[   60.604739][ T5230]  __slab_alloc+0x58/0xa0
[   60.609064][ T5230]  kmem_cache_alloc_node_noprof+0x1fe/0x320
[   60.614939][ T5230]  dup_task_struct+0x57/0x8c0
[   60.619596][ T5230]  copy_process+0x5d1/0x3e10
[   60.624166][ T5230]  kernel_clone+0x226/0x8f0
[   60.628648][ T5230]  __x64_sys_clone+0x258/0x2a0
[   60.633395][ T5230]  do_syscall_64+0xf3/0x230
[   60.637877][ T5230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.643748][ T5230] page last free pid 5222 tgid 5222 stack trace:
[   60.650076][ T5230]  free_unref_page+0xd22/0xea0
[   60.654821][ T5230]  __slab_free+0x31b/0x3d0
[   60.659218][ T5230]  qlist_free_all+0x9e/0x140
[   60.663873][ T5230]  kasan_quarantine_reduce+0x14f/0x170
[   60.669400][ T5230]  __kasan_slab_alloc+0x23/0x80
[   60.674230][ T5230]  __kmalloc_noprof+0x1a6/0x400
[   60.679057][ T5230]  tomoyo_supervisor+0xe0d/0x11f0
[   60.684072][ T5230]  tomoyo_env_perm+0x178/0x210
[   60.688816][ T5230]  tomoyo_find_next_domain+0x1384/0x1cf0
[   60.694429][ T5230]  tomoyo_bprm_check_security+0x115/0x180
[   60.700156][ T5230]  security_bprm_check+0x65/0x90
[   60.705085][ T5230]  bprm_execve+0xa56/0x1770
[   60.709574][ T5230]  do_execveat_common+0x55f/0x6f0
[   60.714582][ T5230]  __x64_sys_execve+0x92/0xb0
[   60.719248][ T5230]  do_syscall_64+0xf3/0x230
[   60.723735][ T5230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.729615][ T5230] 
[   60.731915][ T5230] Memory state around the buggy address:
[   60.737515][ T5230]  ffff888023a55900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   60.745554][ T5230]  ffff888023a55980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   60.753599][ T5230] >ffff888023a55a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   60.761643][ T5230]                                      ^
[   60.767259][ T5230]  ffff888023a55a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   60.775295][ T5230]  ffff888023a55b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   60.783330][ T5230] ==================================================================
[   60.791613][ T5230] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   60.798811][ T5230] CPU: 0 UID: 0 PID: 5230 Comm: syz-executor856 Not tainted 6.11.0-rc4-syzkaller-00565-gf9db28bb09f4 #0
[   60.809916][ T5230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   60.819958][ T5230] Call Trace:
[   60.823223][ T5230]  <TASK>
[   60.826150][ T5230]  dump_stack_lvl+0x241/0x360
[   60.830817][ T5230]  ? __pfx_dump_stack_lvl+0x10/0x10
[   60.836000][ T5230]  ? __pfx__printk+0x10/0x10
[   60.840576][ T5230]  ? rcu_is_watching+0x15/0xb0
[   60.845330][ T5230]  ? lock_release+0xbf/0xa30
[   60.849908][ T5230]  ? vscnprintf+0x5d/0x90
[   60.854225][ T5230]  panic+0x349/0x860
[   60.858626][ T5230]  ? check_panic_on_warn+0x21/0xb0
[   60.863719][ T5230]  ? __pfx_panic+0x10/0x10
[   60.868138][ T5230]  ? trace_irq_enable+0x2c/0x120
[   60.873087][ T5230]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[   60.878986][ T5230]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   60.884874][ T5230]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   60.891195][ T5230]  ? print_report+0x502/0x550
[   60.895872][ T5230]  check_panic_on_warn+0x86/0xb0
[   60.900799][ T5230]  ? __mutex_lock+0xcf5/0xd70
[   60.905482][ T5230]  end_report+0x77/0x160
[   60.909734][ T5230]  kasan_report+0x154/0x180
[   60.914245][ T5230]  ? __mutex_lock+0xcf5/0xd70
[   60.918917][ T5230]  __mutex_lock+0xcf5/0xd70
[   60.923495][ T5230]  ? netdev_get_by_name+0x7c/0xb0
[   60.928511][ T5230]  ? ethnl_parse_header_dev_get+0x690/0x990
[   60.934389][ T5230]  ? ethnl_act_cable_test+0x187/0x3f0
[   60.939752][ T5230]  ? __pfx___mutex_lock+0x10/0x10
[   60.944769][ T5230]  ethnl_act_cable_test+0x187/0x3f0
[   60.949960][ T5230]  ? __pfx_ethnl_act_cable_test+0x10/0x10
[   60.955673][ T5230]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[   60.961990][ T5230]  genl_rcv_msg+0xb14/0xec0
[   60.966483][ T5230]  ? __pfx_genl_rcv_msg+0x10/0x10
[   60.971496][ T5230]  ? __pfx_stack_trace_save+0x10/0x10
[   60.976851][ T5230]  ? stack_trace_save+0x118/0x1d0
[   60.981863][ T5230]  ? stack_depot_save_flags+0x29/0x830
[   60.987306][ T5230]  ? rcu_is_watching+0x15/0xb0
[   60.992058][ T5230]  ? __pfx_lock_acquire+0x10/0x10
[   60.997076][ T5230]  ? __pfx_ethnl_act_cable_test+0x10/0x10
[   61.002786][ T5230]  ? __pfx___might_resched+0x10/0x10
[   61.008057][ T5230]  ? rcu_is_watching+0x15/0xb0
[   61.012807][ T5230]  ? lock_acquire+0xe3/0x550
[   61.017391][ T5230]  netlink_rcv_skb+0x1e3/0x430
[   61.022145][ T5230]  ? __pfx_genl_rcv_msg+0x10/0x10
[   61.027156][ T5230]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   61.032619][ T5230]  ? lock_release+0xbf/0xa30
[   61.037289][ T5230]  ? __pfx___netlink_lookup+0x10/0x10
[   61.042645][ T5230]  ? net_generic+0x1f/0x240
[   61.047137][ T5230]  genl_rcv+0x28/0x40
[   61.051118][ T5230]  netlink_unicast+0x7f6/0x990
[   61.055872][ T5230]  ? __pfx_netlink_unicast+0x10/0x10
[   61.061165][ T5230]  ? __virt_addr_valid+0x183/0x530
[   61.066270][ T5230]  ? __check_object_size+0x49c/0x900
[   61.071555][ T5230]  ? bpf_lsm_netlink_send+0x9/0x10
[   61.076661][ T5230]  netlink_sendmsg+0x8e4/0xcb0
[   61.081418][ T5230]  ? __pfx_netlink_sendmsg+0x10/0x10
[   61.086692][ T5230]  ? __import_iovec+0x536/0x820
[   61.091533][ T5230]  ? aa_sock_msg_perm+0x91/0x160
[   61.096461][ T5230]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[   61.101738][ T5230]  ? security_socket_sendmsg+0x87/0xb0
[   61.107217][ T5230]  ? __pfx_netlink_sendmsg+0x10/0x10
[   61.112488][ T5230]  __sock_sendmsg+0x221/0x270
[   61.117152][ T5230]  ____sys_sendmsg+0x525/0x7d0
[   61.121994][ T5230]  ? __pfx_____sys_sendmsg+0x10/0x10
[   61.127282][ T5230]  ? do_raw_spin_lock+0x14f/0x370
[   61.132311][ T5230]  __sys_sendmsg+0x2b0/0x3a0
[   61.136902][ T5230]  ? __pfx___sys_sendmsg+0x10/0x10
[   61.142046][ T5230]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   61.148373][ T5230]  ? _raw_spin_unlock_irq+0x2e/0x50
[   61.153562][ T5230]  ? ptrace_notify+0x279/0x380
[   61.158319][ T5230]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   61.164634][ T5230]  ? rcu_is_watching+0x15/0xb0
[   61.169385][ T5230]  do_syscall_64+0xf3/0x230
[   61.173872][ T5230]  ? clear_bhb_loop+0x35/0x90
[   61.178539][ T5230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.184416][ T5230] RIP: 0033:0x7f83b27fc839
[   61.188830][ T5230] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 01 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   61.208419][ T5230] RSP: 002b:00007ffee515d548 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   61.216818][ T5230] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f83b27fc839
[   61.224781][ T5230] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[   61.232734][ T5230] RBP: 00000000000f4240 R08: 0000000000000000 R09: 00007ffee515d678
[   61.240687][ T5230] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000e7f7
[   61.248663][ T5230] R13: 00007ffee515d564 R14: 00007ffee515d580 R15: 00007ffee515d570
[   61.256624][ T5230]  </TASK>
[   61.259842][ T5230] Kernel Offset: disabled
[   61.264148][ T5230] Rebooting in 86400 seconds..