./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor357508507
<...>
Warning: Permanently added '10.128.0.183' (ED25519) to the list of known hosts.
execve("./syz-executor357508507", ["./syz-executor357508507"], 0x7ffcf6e8f2b0 /* 10 vars */) = 0
brk(NULL) = 0x55558e432000
brk(0x55558e432d00) = 0x55558e432d00
arch_prctl(ARCH_SET_FS, 0x55558e432380) = 0
set_tid_address(0x55558e432650) = 5839
set_robust_list(0x55558e432660, 24) = 0
rseq(0x55558e432ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor357508507", 4096) = 27
getrandom("\x33\x27\x9e\xe8\x26\x78\x4a\x06", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55558e432d00
brk(0x55558e453d00) = 0x55558e453d00
brk(0x55558e454000) = 0x55558e454000
mprotect(0x7f600199d000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
write(1, "executing program\n", 18executing program
) = 18
socket(AF_NETLINK, SOCK_RAW, NETLINK_NETFILTER) = 3
sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x14\x00\x00\x00\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0a\x28\x00\x00\x00\x00\x0a\x01\x01\x00\x00\x00\x00\x5e\x1a\xff\xd5\x02\x00\x00\x00\x09\x00\x01\x00\x73\x79\x7a\x30\x00\x00\x00\x00\x08\x00\x02\x40\x00\x00\x00\x03\x2c\x00\x00\x00\x03\x0a\x01\x03\x00\x00\xe6\xff\x00\x00\x00\x00\x02\x00\x00\x00\x09\x00\x01\x00\x73\x79\x7a\x30\x00\x00\x00\x00\x09\x00\x03\x00\x73\x79\x7a\x32"..., iov_len=124}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 124
[ 63.126558][ T5839] ==================================================================
[ 63.134651][ T5839] BUG: KASAN: slab-out-of-bounds in strlen+0x58/0x70
[ 63.141512][ T5839] Read of size 1 at addr ffff88801fea5548 by task syz-executor357/5839
[ 63.149750][ T5839]
[ 63.152085][ T5839] CPU: 1 UID: 0 PID: 5839 Comm: syz-executor357 Not tainted 6.12.0-rc7-syzkaller-01681-g38f83a57aa8e #0
[ 63.163171][ T5839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[ 63.173216][ T5839] Call Trace:
[ 63.176478][ T5839]
[ 63.179392][ T5839] dump_stack_lvl+0x241/0x360
[ 63.184058][ T5839] ? __pfx_dump_stack_lvl+0x10/0x10
[ 63.189236][ T5839] ? __pfx__printk+0x10/0x10
[ 63.193829][ T5839] ? _printk+0xd5/0x120
[ 63.197969][ T5839] ? __virt_addr_valid+0x183/0x530
[ 63.203063][ T5839] ? __virt_addr_valid+0x183/0x530
[ 63.208174][ T5839] print_report+0x169/0x550
[ 63.212660][ T5839] ? __virt_addr_valid+0x183/0x530
[ 63.217766][ T5839] ? __virt_addr_valid+0x183/0x530
[ 63.222861][ T5839] ? __virt_addr_valid+0x45f/0x530
[ 63.227949][ T5839] ? __phys_addr+0xba/0x170
[ 63.232449][ T5839] ? strlen+0x58/0x70
[ 63.236412][ T5839] kasan_report+0x143/0x180
[ 63.240895][ T5839] ? strlen+0x58/0x70
[ 63.244857][ T5839] strlen+0x58/0x70
[ 63.248648][ T5839] kstrdup+0x20/0x80
[ 63.252540][ T5839] led_tg_check+0x18b/0x3c0
[ 63.257030][ T5839] xt_check_target+0x3b9/0xa40
[ 63.261801][ T5839] ? __pfx_xt_check_target+0x10/0x10
[ 63.267105][ T5839] ? stack_depot_save_flags+0x6e4/0x830
[ 63.272659][ T5839] ? nft_target_init+0x174/0xc30
[ 63.277590][ T5839] nft_target_init+0x82d/0xc30
[ 63.282344][ T5839] ? __pfx_nft_target_init+0x10/0x10
[ 63.287627][ T5839] ? nf_tables_newrule+0x1609/0x2980
[ 63.292906][ T5839] ? nf_tables_newrule+0x1609/0x2980
[ 63.298182][ T5839] ? rcu_is_watching+0x15/0xb0
[ 63.302934][ T5839] ? nf_tables_newrule+0x1609/0x2980
[ 63.308210][ T5839] ? nf_tables_newrule+0x1609/0x2980
[ 63.313487][ T5839] ? __kmalloc_noprof+0x21a/0x400
[ 63.318507][ T5839] nf_tables_newrule+0x185e/0x2980
[ 63.323618][ T5839] ? __pfx_nf_tables_newrule+0x10/0x10
[ 63.329098][ T5839] ? __nla_parse+0x40/0x60
[ 63.333509][ T5839] nfnetlink_rcv+0x14e3/0x2ab0
[ 63.338269][ T5839] ? __pfx_validate_chain+0x10/0x10
[ 63.343467][ T5839] ? __pfx_nfnetlink_rcv+0x10/0x10
[ 63.348576][ T5839] ? __lock_acquire+0x1384/0x2050
[ 63.353607][ T5839] ? netlink_deliver_tap+0x2e/0x1b0
[ 63.358799][ T5839] ? __pfx_lock_release+0x10/0x10
[ 63.363823][ T5839] ? netlink_deliver_tap+0x2e/0x1b0
[ 63.369016][ T5839] netlink_unicast+0x7f6/0x990
[ 63.373777][ T5839] ? __pfx_netlink_unicast+0x10/0x10
[ 63.379050][ T5839] ? __virt_addr_valid+0x183/0x530
[ 63.384156][ T5839] ? __check_object_size+0x48e/0x900
[ 63.389433][ T5839] netlink_sendmsg+0x8e4/0xcb0
[ 63.394196][ T5839] ? __pfx_netlink_sendmsg+0x10/0x10
[ 63.399476][ T5839] ? aa_sock_msg_perm+0x91/0x160
[ 63.404412][ T5839] ? __pfx_netlink_sendmsg+0x10/0x10
[ 63.409690][ T5839] __sock_sendmsg+0x221/0x270
[ 63.414364][ T5839] ____sys_sendmsg+0x52a/0x7e0
[ 63.419126][ T5839] ? __pfx_____sys_sendmsg+0x10/0x10
[ 63.424408][ T5839] ? do_raw_spin_lock+0x14f/0x370
[ 63.429446][ T5839] __sys_sendmsg+0x292/0x380
[ 63.434031][ T5839] ? __pfx___sys_sendmsg+0x10/0x10
[ 63.439141][ T5839] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 63.445465][ T5839] ? _raw_spin_unlock_irq+0x2e/0x50
[ 63.450651][ T5839] ? ptrace_notify+0x279/0x380
[ 63.455416][ T5839] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 63.461741][ T5839] ? exc_page_fault+0x590/0x8c0
[ 63.466588][ T5839] do_syscall_64+0xf3/0x230
[ 63.471091][ T5839] ? clear_bhb_loop+0x35/0x90
[ 63.475760][ T5839] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 63.481641][ T5839] RIP: 0033:0x7f600192a729
[ 63.486084][ T5839] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 63.505678][ T5839] RSP: 002b:00007fff274924a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 63.514087][ T5839] RAX: ffffffffffffffda RBX: 00007fff27492678 RCX: 00007f600192a729
[ 63.522048][ T5839] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 63.530012][ T5839] RBP: 00007f600199d610 R08: 0000000000000011 R09: 00007fff27492678
[ 63.537994][ T5839] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[ 63.545953][ T5839] R13: 00007fff27492668 R14: 0000000000000001 R15: 0000000000000001
[ 63.553918][ T5839]
[ 63.556927][ T5839]
[ 63.559237][ T5839] Allocated by task 5839:
[ 63.563549][ T5839] kasan_save_track+0x3f/0x80
[ 63.568217][ T5839] __kasan_kmalloc+0x98/0xb0
[ 63.572796][ T5839] __kmalloc_noprof+0x1fc/0x400
[ 63.577664][ T5839] nf_tables_newrule+0x1609/0x2980
[ 63.582768][ T5839] nfnetlink_rcv+0x14e3/0x2ab0
[ 63.587529][ T5839] netlink_unicast+0x7f6/0x990
[ 63.592285][ T5839] netlink_sendmsg+0x8e4/0xcb0
[ 63.597042][ T5839] __sock_sendmsg+0x221/0x270
[ 63.601713][ T5839] ____sys_sendmsg+0x52a/0x7e0
[ 63.606468][ T5839] __sys_sendmsg+0x292/0x380
[ 63.611072][ T5839] do_syscall_64+0xf3/0x230
[ 63.615564][ T5839] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 63.621447][ T5839]
[ 63.623756][ T5839] The buggy address belongs to the object at ffff88801fea5500
[ 63.623756][ T5839] which belongs to the cache kmalloc-cg-96 of size 96
[ 63.637882][ T5839] The buggy address is located 0 bytes to the right of
[ 63.637882][ T5839] allocated 72-byte region [ffff88801fea5500, ffff88801fea5548)
[ 63.652272][ T5839]
[ 63.654584][ T5839] The buggy address belongs to the physical page:
[ 63.661160][ T5839] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1fea5
[ 63.669910][ T5839] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 63.677009][ T5839] page_type: f5(slab)
[ 63.680982][ T5839] raw: 00fff00000000000 ffff88801ac4d640 dead000000000122 0000000000000000
[ 63.689555][ T5839] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000
[ 63.698119][ T5839] page dumped because: kasan: bad access detected
[ 63.704519][ T5839] page_owner tracks the page as allocated
[ 63.710217][ T5839] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 2651041388, free_ts 0
[ 63.727740][ T5839] post_alloc_hook+0x1f3/0x230
[ 63.732504][ T5839] get_page_from_freelist+0x3649/0x3790
[ 63.738039][ T5839] __alloc_pages_noprof+0x292/0x710
[ 63.743324][ T5839] alloc_pages_mpol_noprof+0x3e8/0x680
[ 63.748773][ T5839] alloc_slab_page+0x6a/0x140
[ 63.753439][ T5839] allocate_slab+0x5a/0x2f0
[ 63.757943][ T5839] ___slab_alloc+0xcd1/0x14b0
[ 63.762613][ T5839] __slab_alloc+0x58/0xa0
[ 63.766932][ T5839] __kmalloc_noprof+0x25a/0x400
[ 63.771769][ T5839] __register_sysctl_table+0x65/0x1550
[ 63.777216][ T5839] user_namespace_sysctl_init+0x25/0x140
[ 63.782848][ T5839] do_one_initcall+0x248/0x880
[ 63.787605][ T5839] do_initcall_level+0x157/0x210
[ 63.792530][ T5839] do_initcalls+0x3f/0x80
[ 63.796847][ T5839] kernel_init_freeable+0x435/0x5d0
[ 63.802034][ T5839] kernel_init+0x1d/0x2b0
[ 63.806364][ T5839] page_owner free stack trace missing
[ 63.811714][ T5839]
[ 63.814026][ T5839] Memory state around the buggy address:
[ 63.819663][ T5839] ffff88801fea5400: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc
[ 63.827711][ T5839] ffff88801fea5480: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc
[ 63.835759][ T5839] >ffff88801fea5500: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[ 63.843809][ T5839] ^
[ 63.850206][ T5839] ffff88801fea5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 63.858252][ T5839] ffff88801fea5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 63.866297][ T5839] ==================================================================
[ 63.874680][ T5839] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 63.881878][ T5839] CPU: 1 UID: 0 PID: 5839 Comm: syz-executor357 Not tainted 6.12.0-rc7-syzkaller-01681-g38f83a57aa8e #0
[ 63.892972][ T5839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[ 63.903018][ T5839] Call Trace:
[ 63.906293][ T5839]
[ 63.909216][ T5839] dump_stack_lvl+0x241/0x360
[ 63.913897][ T5839] ? __pfx_dump_stack_lvl+0x10/0x10
[ 63.919088][ T5839] ? __pfx__printk+0x10/0x10
[ 63.923669][ T5839] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 63.929654][ T5839] ? vscnprintf+0x5d/0x90
[ 63.933995][ T5839] panic+0x349/0x880
[ 63.937921][ T5839] ? check_panic_on_warn+0x21/0xb0
[ 63.943037][ T5839] ? __pfx_panic+0x10/0x10
[ 63.947468][ T5839] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 63.953444][ T5839] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 63.959776][ T5839] check_panic_on_warn+0x86/0xb0
[ 63.964706][ T5839] ? strlen+0x58/0x70
[ 63.968679][ T5839] end_report+0x77/0x160
[ 63.972914][ T5839] kasan_report+0x154/0x180
[ 63.977411][ T5839] ? strlen+0x58/0x70
[ 63.981386][ T5839] strlen+0x58/0x70
[ 63.985190][ T5839] kstrdup+0x20/0x80
[ 63.989081][ T5839] led_tg_check+0x18b/0x3c0
[ 63.993676][ T5839] xt_check_target+0x3b9/0xa40
[ 63.998436][ T5839] ? __pfx_xt_check_target+0x10/0x10
[ 64.003717][ T5839] ? stack_depot_save_flags+0x6e4/0x830
[ 64.009259][ T5839] ? nft_target_init+0x174/0xc30
[ 64.014197][ T5839] nft_target_init+0x82d/0xc30
[ 64.018953][ T5839] ? __pfx_nft_target_init+0x10/0x10
[ 64.024238][ T5839] ? nf_tables_newrule+0x1609/0x2980
[ 64.029519][ T5839] ? nf_tables_newrule+0x1609/0x2980
[ 64.034812][ T5839] ? rcu_is_watching+0x15/0xb0
[ 64.039564][ T5839] ? nf_tables_newrule+0x1609/0x2980
[ 64.044853][ T5839] ? nf_tables_newrule+0x1609/0x2980
[ 64.050130][ T5839] ? __kmalloc_noprof+0x21a/0x400
[ 64.055147][ T5839] nf_tables_newrule+0x185e/0x2980
[ 64.060258][ T5839] ? __pfx_nf_tables_newrule+0x10/0x10
[ 64.065715][ T5839] ? __nla_parse+0x40/0x60
[ 64.070122][ T5839] nfnetlink_rcv+0x14e3/0x2ab0
[ 64.074882][ T5839] ? __pfx_validate_chain+0x10/0x10
[ 64.080089][ T5839] ? __pfx_nfnetlink_rcv+0x10/0x10
[ 64.085201][ T5839] ? __lock_acquire+0x1384/0x2050
[ 64.090227][ T5839] ? netlink_deliver_tap+0x2e/0x1b0
[ 64.095426][ T5839] ? __pfx_lock_release+0x10/0x10
[ 64.100446][ T5839] ? netlink_deliver_tap+0x2e/0x1b0
[ 64.105637][ T5839] netlink_unicast+0x7f6/0x990
[ 64.110393][ T5839] ? __pfx_netlink_unicast+0x10/0x10
[ 64.115667][ T5839] ? __virt_addr_valid+0x183/0x530
[ 64.120768][ T5839] ? __check_object_size+0x48e/0x900
[ 64.126065][ T5839] netlink_sendmsg+0x8e4/0xcb0
[ 64.130841][ T5839] ? __pfx_netlink_sendmsg+0x10/0x10
[ 64.136125][ T5839] ? aa_sock_msg_perm+0x91/0x160
[ 64.141062][ T5839] ? __pfx_netlink_sendmsg+0x10/0x10
[ 64.146348][ T5839] __sock_sendmsg+0x221/0x270
[ 64.151022][ T5839] ____sys_sendmsg+0x52a/0x7e0
[ 64.155787][ T5839] ? __pfx_____sys_sendmsg+0x10/0x10
[ 64.161084][ T5839] ? do_raw_spin_lock+0x14f/0x370
[ 64.166129][ T5839] __sys_sendmsg+0x292/0x380
[ 64.170727][ T5839] ? __pfx___sys_sendmsg+0x10/0x10
[ 64.175850][ T5839] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 64.182197][ T5839] ? _raw_spin_unlock_irq+0x2e/0x50
[ 64.187499][ T5839] ? ptrace_notify+0x279/0x380
[ 64.192277][ T5839] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 64.198612][ T5839] ? exc_page_fault+0x590/0x8c0
[ 64.203460][ T5839] do_syscall_64+0xf3/0x230
[ 64.207965][ T5839] ? clear_bhb_loop+0x35/0x90
[ 64.212644][ T5839] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 64.218553][ T5839] RIP: 0033:0x7f600192a729
[ 64.222967][ T5839] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 64.242567][ T5839] RSP: 002b:00007fff274924a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 64.250978][ T5839] RAX: ffffffffffffffda RBX: 00007fff27492678 RCX: 00007f600192a729
[ 64.258945][ T5839] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 64.266910][ T5839] RBP: 00007f600199d610 R08: 0000000000000011 R09: 00007fff27492678
[ 64.274869][ T5839] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[ 64.282835][ T5839] R13: 00007fff27492668 R14: 0000000000000001 R15: 0000000000000001
[ 64.290801][ T5839]
[ 64.294085][ T5839] Kernel Offset: disabled
[ 64.298403][ T5839] Rebooting in 86400 seconds..