./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2782379455

<...>
Warning: Permanently added '10.128.0.100' (ED25519) to the list of known hosts.
execve("./syz-executor2782379455", ["./syz-executor2782379455"], 0x7ffcc7cf98e0 /* 10 vars */) = 0
brk(NULL)                               = 0x5555764cd000
brk(0x5555764cdd00)                     = 0x5555764cdd00
arch_prctl(ARCH_SET_FS, 0x5555764cd380) = 0
set_tid_address(0x5555764cd650)         = 5097
set_robust_list(0x5555764cd660, 24)     = 0
rseq(0x5555764cdca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2782379455", 4096) = 28
getrandom("\x12\xd1\xb1\xc3\x4d\x84\x79\x93", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x5555764cdd00
brk(0x5555764eed00)                     = 0x5555764eed00
brk(0x5555764ef000)                     = 0x5555764ef000
mprotect(0x7fc55f85f000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
[  224.935425][ T5097] ==================================================================
[  224.943633][ T5097] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x7b/0xe0
[  224.951472][ T5097] Write of size 24 at addr ffff888028569608 by task syz-executor278/5097
[  224.960138][ T5097] 
[  224.962451][ T5097] CPU: 1 PID: 5097 Comm: syz-executor278 Not tainted 6.9.0-rc2-next-20240403-syzkaller #0
[  224.972341][ T5097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[  224.982394][ T5097] Call Trace:
[  224.985736][ T5097]  <TASK>
[  224.988768][ T5097]  dump_stack_lvl+0x241/0x360
[  224.993605][ T5097]  ? __pfx_dump_stack_lvl+0x10/0x10
[  224.998817][ T5097]  ? __pfx__printk+0x10/0x10
[  225.003675][ T5097]  ? _printk+0xd5/0x120
[  225.008019][ T5097]  ? __virt_addr_valid+0x183/0x520
[  225.013288][ T5097]  ? __virt_addr_valid+0x183/0x520
[  225.018516][ T5097]  print_report+0x169/0x550
[  225.023065][ T5097]  ? __virt_addr_valid+0x183/0x520
[  225.028324][ T5097]  ? __virt_addr_valid+0x183/0x520
[  225.033569][ T5097]  ? __virt_addr_valid+0x44e/0x520
[  225.038781][ T5097]  ? __phys_addr+0xba/0x170
[  225.043400][ T5097]  ? _copy_from_user+0x7b/0xe0
[  225.048523][ T5097]  kasan_report+0x143/0x180
[  225.053206][ T5097]  ? _copy_from_user+0x7b/0xe0
[  225.057993][ T5097]  kasan_check_range+0x282/0x290
[  225.062923][ T5097]  _copy_from_user+0x7b/0xe0
[  225.067605][ T5097]  do_handle_open+0x204/0x660
[  225.072313][ T5097]  ? __pfx_do_handle_open+0x10/0x10
[  225.078676][ T5097]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  225.085051][ T5097]  ? exc_page_fault+0x585/0x8e0
[  225.090021][ T5097]  do_syscall_64+0xfb/0x240
[  225.094661][ T5097]  entry_SYSCALL_64_after_hwframe+0x72/0x7a
[  225.100903][ T5097] RIP: 0033:0x7fc55f7ec2a9
[  225.105340][ T5097] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  225.125364][ T5097] RSP: 002b:00007fffbed0af38 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  225.134597][ T5097] RAX: ffffffffffffffda RBX: 00007fffbed0b118 RCX: 00007fc55f7ec2a9
[  225.142954][ T5097] RDX: 0000000000002000 RSI: 00000000200019c0 RDI: 00000000ffffffff
[  225.151177][ T5097] RBP: 00007fc55f85f610 R08: 0000000000000000 R09: 0000000000000000
[  225.159308][ T5097] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000001
[  225.167547][ T5097] R13: 00007fffbed0b108 R14: 0000000000000001 R15: 0000000000000001
[  225.175564][ T5097]  </TASK>
[  225.178600][ T5097] 
[  225.180927][ T5097] Allocated by task 5097:
[  225.185601][ T5097]  kasan_save_track+0x3f/0x80
[  225.190313][ T5097]  __kasan_kmalloc+0x98/0xb0
[  225.195005][ T5097]  __kmalloc_noprof+0x200/0x410
[  225.200064][ T5097]  do_handle_open+0x162/0x660
[  225.205014][ T5097]  do_syscall_64+0xfb/0x240
[  225.209619][ T5097]  entry_SYSCALL_64_after_hwframe+0x72/0x7a
[  225.215605][ T5097] 
[  225.217915][ T5097] The buggy address belongs to the object at ffff888028569600
[  225.217915][ T5097]  which belongs to the cache kmalloc-32 of size 32
[  225.233130][ T5097] The buggy address is located 8 bytes inside of
[  225.233130][ T5097]  allocated 24-byte region [ffff888028569600, ffff888028569618)
[  225.247184][ T5097] 
[  225.249780][ T5097] The buggy address belongs to the physical page:
[  225.256281][ T5097] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x28569
[  225.265469][ T5097] flags: 0xfff80000000000(node=0|zone=1|lastcpupid=0xfff)
[  225.272712][ T5097] page_type: 0xffffefff(slab)
[  225.277497][ T5097] raw: 00fff80000000000 ffff888015041500 dead000000000100 dead000000000122
[  225.286066][ T5097] raw: 0000000000000000 0000000080400040 00000001ffffefff 0000000000000000
[  225.294866][ T5097] page dumped because: kasan: bad access detected
[  225.301429][ T5097] page_owner tracks the page as allocated
[  225.307119][ T5097] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 1, tgid -1535921372 (swapper/0), ts 1, free_ts 0
[  225.323873][ T5097]  post_alloc_hook+0x1f3/0x230
[  225.328728][ T5097]  get_page_from_freelist+0x2e7e/0x2f40
[  225.334367][ T5097]  __alloc_pages_noprof+0x256/0x6c0
[  225.339778][ T5097]  alloc_slab_page+0x5f/0x120
[  225.344541][ T5097]  allocate_slab+0x5a/0x2e0
[  225.349564][ T5097]  ___slab_alloc+0xcd1/0x14b0
[  225.354397][ T5097]  __slab_alloc+0x58/0xa0
[  225.358767][ T5097]  __kmalloc_noprof+0x25e/0x410
[  225.363613][ T5097]  kobject_get_path+0xb8/0x230
[  225.368467][ T5097]  kobject_uevent_env+0x2a5/0x8e0
[  225.373494][ T5097]  kernel_add_sysfs_param+0x10a/0x130
[  225.379170][ T5097]  param_sysfs_builtin+0x16e/0x1f0
[  225.384270][ T5097]  param_sysfs_builtin_init+0x31/0x40
[  225.389648][ T5097]  do_one_initcall+0x248/0x880
[  225.394421][ T5097]  do_initcall_level+0x157/0x210
[  225.399618][ T5097]  do_initcalls+0x3f/0x80
[  225.404629][ T5097] page_owner free stack trace missing
[  225.410419][ T5097] 
[  225.412746][ T5097] Memory state around the buggy address:
[  225.418557][ T5097]  ffff888028569500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  225.426816][ T5097]  ffff888028569580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  225.435241][ T5097] >ffff888028569600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc
[  225.443481][ T5097]                             ^
[  225.448440][ T5097]  ffff888028569680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  225.456612][ T5097]  ffff888028569700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[  225.464685][ T5097] ==================================================================
[  225.473101][ T5097] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  225.480490][ T5097] CPU: 1 PID: 5097 Comm: syz-executor278 Not tainted 6.9.0-rc2-next-20240403-syzkaller #0
[  225.490771][ T5097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[  225.501452][ T5097] Call Trace:
[  225.504838][ T5097]  <TASK>
[  225.507878][ T5097]  dump_stack_lvl+0x241/0x360
[  225.512576][ T5097]  ? __pfx_dump_stack_lvl+0x10/0x10
[  225.517776][ T5097]  ? __pfx__printk+0x10/0x10
[  225.522374][ T5097]  ? lock_release+0xbf/0x9f0
[  225.527478][ T5097]  ? vscnprintf+0x5d/0x90
[  225.531927][ T5097]  panic+0x349/0x860
[  225.535869][ T5097]  ? check_panic_on_warn+0x21/0xb0
[  225.541212][ T5097]  ? __pfx_panic+0x10/0x10
[  225.545833][ T5097]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[  225.552016][ T5097]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  225.557959][ T5097]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  225.564496][ T5097]  ? print_report+0x502/0x550
[  225.569174][ T5097]  check_panic_on_warn+0x86/0xb0
[  225.574133][ T5097]  ? _copy_from_user+0x7b/0xe0
[  225.578980][ T5097]  end_report+0x77/0x160
[  225.583225][ T5097]  kasan_report+0x154/0x180
[  225.587751][ T5097]  ? _copy_from_user+0x7b/0xe0
[  225.592680][ T5097]  kasan_check_range+0x282/0x290
[  225.597609][ T5097]  _copy_from_user+0x7b/0xe0
[  225.602365][ T5097]  do_handle_open+0x204/0x660
[  225.607166][ T5097]  ? __pfx_do_handle_open+0x10/0x10
[  225.612445][ T5097]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  225.618903][ T5097]  ? exc_page_fault+0x585/0x8e0
[  225.623973][ T5097]  do_syscall_64+0xfb/0x240
[  225.628756][ T5097]  entry_SYSCALL_64_after_hwframe+0x72/0x7a
[  225.634674][ T5097] RIP: 0033:0x7fc55f7ec2a9
[  225.639083][ T5097] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  225.659285][ T5097] RSP: 002b:00007fffbed0af38 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  225.667714][ T5097] RAX: ffffffffffffffda RBX: 00007fffbed0b118 RCX: 00007fc55f7ec2a9
[  225.675781][ T5097] RDX: 0000000000002000 RSI: 00000000200019c0 RDI: 00000000ffffffff
[  225.683772][ T5097] RBP: 00007fc55f85f610 R08: 0000000000000000 R09: 0000000000000000
[  225.691835][ T5097] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000001
[  225.700410][ T5097] R13: 00007fffbed0b108 R14: 0000000000000001 R15: 0000000000000001
[  225.708397][ T5097]  </TASK>
[  225.711502][ T5097] Kernel Offset: disabled
[  225.715831][ T5097] Rebooting in 86400 seconds..