Extracting prog: 40.960925991s
Minimizing prog: 23m21.66362961s
Simplifying prog options: 0s
Extracting C: 35.985941986s
Simplifying C: 9m4.35265481s


extracting reproducer from 30 programs
first checking the prog from the crash report
single: executing 1 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc-sendmsg$TIPC_CMD_ENABLE_BEARER-sendmsg$AUDIT_USER_TTY
detailed listing:
executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000040)=0x1c, 0x4)
sendmsg$netlink(r0, &(0x7f0000002b40)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)={0x20, 0x1e, 0x723, 0x0, 0x0, "", [@nested={0x10, 0xa9, 0x0, 0x1, [@typed={0x8, 0x126, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @typed={0x4, 0x7}]}]}, 0x20}], 0x1, 0x0, 0x0, 0x24008015}, 0x0) (async, rerun: 64)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r0) (rerun: 64)
sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r1, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x18, 0x17, {0x15, 0x664, @l2={'eth', 0x3a, 'ipvlan0\x00'}}}}, ["", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x81}, 0x0)
sendmsg$AUDIT_USER_TTY(r0, &(0x7f00000002c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8e46400}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x38, 0x464, 0x20, 0x70bd26, 0x25dfdbfb, "5e39ccc7aa68ea0500e6ae86aa817c8fd4389c34bd98033b6b017700"/39, [""]}, 0x38}, 0x1, 0x0, 0x0, 0x84}, 0x2004000)

program crashed: WARNING in netlink_ack_tlv_fill
single: successfully extracted reproducer
found reproducer with 6 syscalls
minimizing guilty program
testing program (duration=51.698836504s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc-sendmsg$TIPC_CMD_ENABLE_BEARER
detailed listing:
executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000040)=0x1c, 0x4)
sendmsg$netlink(r0, &(0x7f0000002b40)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)={0x20, 0x1e, 0x723, 0x0, 0x0, "", [@nested={0x10, 0xa9, 0x0, 0x1, [@typed={0x8, 0x126, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @typed={0x4, 0x7}]}]}, 0x20}], 0x1, 0x0, 0x0, 0x24008015}, 0x0) (async, rerun: 64)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r0) (rerun: 64)
sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r1, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x18, 0x17, {0x15, 0x664, @l2={'eth', 0x3a, 'ipvlan0\x00'}}}}, ["", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x81}, 0x0)

program crashed: WARNING in netlink_ack_tlv_fill
testing program (duration=51.698836504s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc
detailed listing:
executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000040)=0x1c, 0x4)
sendmsg$netlink(r0, &(0x7f0000002b40)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)={0x20, 0x1e, 0x723, 0x0, 0x0, "", [@nested={0x10, 0xa9, 0x0, 0x1, [@typed={0x8, 0x126, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @typed={0x4, 0x7}]}]}, 0x20}], 0x1, 0x0, 0x0, 0x24008015}, 0x0) (async, rerun: 64)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r0) (rerun: 64)

program crashed: WARNING in netlink_ack_tlv_fill
testing program (duration=51.698836504s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink
detailed listing:
executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000040)=0x1c, 0x4)
sendmsg$netlink(r0, &(0x7f0000002b40)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)={0x20, 0x1e, 0x723, 0x0, 0x0, "", [@nested={0x10, 0xa9, 0x0, 0x1, [@typed={0x8, 0x126, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @typed={0x4, 0x7}]}]}, 0x20}], 0x1, 0x0, 0x0, 0x24008015}, 0x0) (async, rerun: 64)

program did not crash
testing program (duration=51.698836504s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-syz_genetlink_get_family_id$tipc
detailed listing:
executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000040)=0x1c, 0x4)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r0) (rerun: 64)

program did not crash
testing program (duration=51.698836504s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-sendmsg$netlink-syz_genetlink_get_family_id$tipc
detailed listing:
executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000002b40)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)={0x20, 0x1e, 0x723, 0x0, 0x0, "", [@nested={0x10, 0xa9, 0x0, 0x1, [@typed={0x8, 0x126, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @typed={0x4, 0x7}]}]}, 0x20}], 0x1, 0x0, 0x0, 0x24008015}, 0x0) (async, rerun: 64)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r0) (rerun: 64)

program did not crash
testing program (duration=51.698836504s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc
detailed listing:
executing program 0:
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xb, &(0x7f0000000040)=0x1c, 0x4)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000002b40)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)={0x20, 0x1e, 0x723, 0x0, 0x0, "", [@nested={0x10, 0xa9, 0x0, 0x1, [@typed={0x8, 0x126, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @typed={0x4, 0x7}]}]}, 0x20}], 0x1, 0x0, 0x0, 0x24008015}, 0x0) (async, rerun: 64)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) (rerun: 64)

program did not crash
testing program (duration=51.698836504s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc
detailed listing:
executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000040)=0x1c, 0x4)
sendmsg$netlink(r0, &(0x7f0000002b40)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)={0x20, 0x1e, 0x723, 0x0, 0x0, "", [@nested={0x10, 0xa9, 0x0, 0x1, [@typed={0x8, 0x126, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @typed={0x4, 0x7}]}]}, 0x20}], 0x1, 0x0, 0x0, 0x24008015}, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r0)

program did not crash
testing program (duration=51.698836504s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc
detailed listing:
executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, 0x0, 0x0)
sendmsg$netlink(r0, &(0x7f0000002b40)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)={0x20, 0x1e, 0x723, 0x0, 0x0, "", [@nested={0x10, 0xa9, 0x0, 0x1, [@typed={0x8, 0x126, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @typed={0x4, 0x7}]}]}, 0x20}], 0x1, 0x0, 0x0, 0x24008015}, 0x0) (async, rerun: 64)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r0) (rerun: 64)

program did not crash
testing program (duration=51.698836504s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc
detailed listing:
executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000040)=0x1c, 0x4)
sendmsg$netlink(r0, 0x0, 0x0) (async, rerun: 64)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r0) (rerun: 64)

program did not crash
testing program (duration=51.698836504s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc
detailed listing:
executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000040)=0x1c, 0x4)
sendmsg$netlink(r0, &(0x7f0000002b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24008015}, 0x0) (async, rerun: 64)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r0) (rerun: 64)

program did not crash
testing program (duration=51.698836504s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc
detailed listing:
executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000040)=0x1c, 0x4)
sendmsg$netlink(r0, &(0x7f0000002b40)={0x0, 0x0, &(0x7f0000000180)=[{0x0}], 0x1, 0x0, 0x0, 0x24008015}, 0x0) (async, rerun: 64)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r0) (rerun: 64)

program did not crash
testing program (duration=51.698836504s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc
detailed listing:
executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000040)=0x1c, 0x4)
sendmsg$netlink(r0, &(0x7f0000002b40)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)={0x20, 0x1e, 0x723, 0x0, 0x0, "", [@nested={0x10, 0xa9, 0x0, 0x1, [@typed={0x8, 0x126, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @typed={0x4, 0x7}]}]}, 0x20}], 0x1, 0x0, 0x0, 0x24008015}, 0x0) (rerun: 64)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r0) (rerun: 64)

program crashed: WARNING in netlink_ack_tlv_fill
testing program (duration=51.698836504s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc
detailed listing:
executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000040)=0x1c, 0x4)
sendmsg$netlink(r0, &(0x7f0000002b40)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)={0x20, 0x1e, 0x723, 0x0, 0x0, "", [@nested={0x10, 0xa9, 0x0, 0x1, [@typed={0x8, 0x126, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @typed={0x4, 0x7}]}]}, 0x20}], 0x1, 0x0, 0x0, 0x24008015}, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r0) (rerun: 64)

program did not crash
testing program (duration=51.698836504s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc
detailed listing:
executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000040)=0x1c, 0x4)
sendmsg$netlink(r0, &(0x7f0000002b40)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)={0x20, 0x1e, 0x723, 0x0, 0x0, "", [@nested={0x10, 0xa9, 0x0, 0x1, [@typed={0x8, 0x126, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @typed={0x4, 0x7}]}]}, 0x20}], 0x1, 0x0, 0x0, 0x24008015}, 0x0) (rerun: 64)
syz_genetlink_get_family_id$tipc(0x0, r0) (rerun: 64)

program did not crash
testing program (duration=51.698836504s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc
detailed listing:
executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000040)=0x1c, 0x4)
sendmsg$netlink(r0, &(0x7f0000002b40)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)={0x20, 0x1e, 0x723, 0x0, 0x0, "", [@nested={0x10, 0xa9, 0x0, 0x1, [@typed={0x8, 0x126, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @typed={0x4, 0x7}]}]}, 0x20}], 0x1, 0x0, 0x0, 0x24008015}, 0x0) (rerun: 64)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r0)

program did not crash
extracting C reproducer
testing compiled C program (duration=51.698836504s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc
program crashed: WARNING in netlink_ack_tlv_fill
simplifying C reproducer
testing compiled C program (duration=51.698836504s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc
program crashed: WARNING in netlink_ack_tlv_fill
testing compiled C program (duration=51.698836504s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc
program crashed: WARNING in netlink_ack_tlv_fill
testing compiled C program (duration=51.698836504s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc
program crashed: WARNING in netlink_ack_tlv_fill
testing compiled C program (duration=51.698836504s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc
program crashed: WARNING in netlink_ack_tlv_fill
testing compiled C program (duration=51.698836504s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc
program crashed: WARNING in netlink_ack_tlv_fill
testing compiled C program (duration=51.698836504s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc
program crashed: WARNING in netlink_ack_tlv_fill
testing compiled C program (duration=51.698836504s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$netlink-setsockopt$netlink_NETLINK_ADD_MEMBERSHIP-sendmsg$netlink-syz_genetlink_get_family_id$tipc
program crashed: WARNING in netlink_ack_tlv_fill
reproducing took 33m42.963177033s
repro crashed as (corrupted=false):
netlink: 'syz-executor116': attribute type 7 has an invalid length.
netlink: 'syz-executor116': attribute type 7 has an invalid length.
netlink: 'syz-executor116': attribute type 7 has an invalid length.
------------[ cut here ]------------
WARNING: CPU: 0 PID: 5837 at net/netlink/af_netlink.c:2210 netlink_ack_tlv_fill+0x1a8/0x560 net/netlink/af_netlink.c:2209
Modules linked in:
CPU: 0 UID: 0 PID: 5837 Comm: syz-executor116 Not tainted 6.12.0-rc6-syzkaller-01230-g4861333b4217 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
RIP: 0010:netlink_ack_tlv_fill+0x1a8/0x560 net/netlink/af_netlink.c:2209
Code: 00 48 89 d8 48 c1 e8 03 42 80 3c 38 00 74 0d 48 89 df e8 db b3 2a f8 48 8b 4c 24 10 4c 8b 3b 4d 39 fd 73 2c e8 c9 ed c0 f7 90 <0f> 0b 90 49 bf 00 00 00 00 00 fc ff df e9 9f 00 00 00 e8 b1 ed c0
RSP: 0018:ffffc90003ce7780 EFLAGS: 00010293
RAX: ffffffff89d3ec97 RBX: ffff888034f76498 RCX: ffff88802fcb0000
RDX: 0000000000000000 RSI: 00000000ffffffde RDI: 0000000000000000
RBP: ffffc90003ce7850 R08: ffffffff89d3ec3c R09: 0000000000000074
R10: 6f702064656c6961 R11: 6620657475626972 R12: 1ffff9200079cef4
R13: ffff88807924b61c R14: ffffc90003ce79c0 R15: ffff88807924b620
FS:  0000555566489380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020002b40 CR3: 0000000011906000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 netlink_dump_done+0x513/0x970 net/netlink/af_netlink.c:2250
 netlink_dump+0x91f/0xe10 net/netlink/af_netlink.c:2351
 netlink_recvmsg+0x6bb/0x11d0 net/netlink/af_netlink.c:1983
 sock_recvmsg_nosec net/socket.c:1051 [inline]
 sock_recvmsg+0x22f/0x280 net/socket.c:1073
 __sys_recvfrom+0x246/0x3d0 net/socket.c:2267
 __do_sys_recvfrom net/socket.c:2285 [inline]
 __se_sys_recvfrom net/socket.c:2281 [inline]
 __x64_sys_recvfrom+0xde/0x100 net/socket.c:2281
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f88f2913a79
Code: ff e8 cb 01 00 00 66 2e 0f 1f 84 00 00 00 00 00 90 80 3d 11 66 07 00 00 41 89 ca 74 1c 45 31 c9 45 31 c0 b8 2d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 67 c3 66 0f 1f 44 00 00 55 48 83 ec 20 48 89
RSP: 002b:00007ffeda290368 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
RAX: ffffffffffffffda RBX: 00007ffeda2903f4 RCX: 00007f88f2913a79
RDX: 0000000000001000 RSI: 00007ffeda2903e0 RDI: 0000000000000003
RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffeda2903e0
R13: 00007ffeda2915c8 R14: 0000000000000001 R15: 0000000000000001
 </TASK>

final repro crashed as (corrupted=false):
netlink: 'syz-executor116': attribute type 7 has an invalid length.
netlink: 'syz-executor116': attribute type 7 has an invalid length.
netlink: 'syz-executor116': attribute type 7 has an invalid length.
------------[ cut here ]------------
WARNING: CPU: 0 PID: 5837 at net/netlink/af_netlink.c:2210 netlink_ack_tlv_fill+0x1a8/0x560 net/netlink/af_netlink.c:2209
Modules linked in:
CPU: 0 UID: 0 PID: 5837 Comm: syz-executor116 Not tainted 6.12.0-rc6-syzkaller-01230-g4861333b4217 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
RIP: 0010:netlink_ack_tlv_fill+0x1a8/0x560 net/netlink/af_netlink.c:2209
Code: 00 48 89 d8 48 c1 e8 03 42 80 3c 38 00 74 0d 48 89 df e8 db b3 2a f8 48 8b 4c 24 10 4c 8b 3b 4d 39 fd 73 2c e8 c9 ed c0 f7 90 <0f> 0b 90 49 bf 00 00 00 00 00 fc ff df e9 9f 00 00 00 e8 b1 ed c0
RSP: 0018:ffffc90003ce7780 EFLAGS: 00010293
RAX: ffffffff89d3ec97 RBX: ffff888034f76498 RCX: ffff88802fcb0000
RDX: 0000000000000000 RSI: 00000000ffffffde RDI: 0000000000000000
RBP: ffffc90003ce7850 R08: ffffffff89d3ec3c R09: 0000000000000074
R10: 6f702064656c6961 R11: 6620657475626972 R12: 1ffff9200079cef4
R13: ffff88807924b61c R14: ffffc90003ce79c0 R15: ffff88807924b620
FS:  0000555566489380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020002b40 CR3: 0000000011906000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 netlink_dump_done+0x513/0x970 net/netlink/af_netlink.c:2250
 netlink_dump+0x91f/0xe10 net/netlink/af_netlink.c:2351
 netlink_recvmsg+0x6bb/0x11d0 net/netlink/af_netlink.c:1983
 sock_recvmsg_nosec net/socket.c:1051 [inline]
 sock_recvmsg+0x22f/0x280 net/socket.c:1073
 __sys_recvfrom+0x246/0x3d0 net/socket.c:2267
 __do_sys_recvfrom net/socket.c:2285 [inline]
 __se_sys_recvfrom net/socket.c:2281 [inline]
 __x64_sys_recvfrom+0xde/0x100 net/socket.c:2281
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f88f2913a79
Code: ff e8 cb 01 00 00 66 2e 0f 1f 84 00 00 00 00 00 90 80 3d 11 66 07 00 00 41 89 ca 74 1c 45 31 c9 45 31 c0 b8 2d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 67 c3 66 0f 1f 44 00 00 55 48 83 ec 20 48 89
RSP: 002b:00007ffeda290368 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
RAX: ffffffffffffffda RBX: 00007ffeda2903f4 RCX: 00007f88f2913a79
RDX: 0000000000001000 RSI: 00007ffeda2903e0 RDI: 0000000000000003
RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffeda2903e0
R13: 00007ffeda2915c8 R14: 0000000000000001 R15: 0000000000000001
 </TASK>