./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1831202839

<...>
Warning: Permanently added '10.128.10.60' (ECDSA) to the list of known hosts.
execve("./syz-executor1831202839", ["./syz-executor1831202839"], 0x7ffdf475a170 /* 10 vars */) = 0
brk(NULL)                               = 0x5555571a4000
brk(0x5555571a4c40)                     = 0x5555571a4c40
arch_prctl(ARCH_SET_FS, 0x5555571a4300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor1831202839", 4096) = 28
brk(0x5555571c5c40)                     = 0x5555571c5c40
brk(0x5555571c6000)                     = 0x5555571c6000
mprotect(0x7f99f3e25000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x3c\x00\x00\x00\x10\x00\x01\x04\x00\xee\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\xff\xff\xff\xff\x01\x00\x00\x00\x01\x00\x00\x00\x1c\x00\x12\x00\x0c\x00\x01\x00\x62\x72\x69\x64\x67\x65\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", iov_len=60}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 60
socket(AF_NETLINK, SOCK_RAW, NETLINK_XFRM) = 4
syzkaller login: [   54.037528][ T5071] netlink: 12 bytes leftover after parsing attributes in process `syz-executor183'.
[   54.088250][    C0] ==================================================================
[   54.096373][    C0] BUG: KASAN: stack-out-of-bounds in xfrm_state_find+0x5f79/0x6d80
[   54.104311][    C0] Read of size 4 at addr ffffc90000007ad0 by task udevd/5074
[   54.111694][    C0] 
[   54.114014][    C0] CPU: 0 PID: 5074 Comm: udevd Not tainted 6.1.0-syzkaller-04343-gd039535850ee #0
[   54.123209][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   54.133269][    C0] Call Trace:
[   54.136543][    C0]  <IRQ>
[   54.139381][    C0]  dump_stack_lvl+0xd1/0x138
[   54.143984][    C0]  print_report+0x15e/0x45d
[   54.148495][    C0]  ? xfrm_state_find+0x5f79/0x6d80
[   54.153613][    C0]  kasan_report+0xbf/0x1f0
[   54.158032][    C0]  ? xfrm_state_find+0x5f79/0x6d80
[   54.163151][    C0]  xfrm_state_find+0x5f79/0x6d80
[   54.168101][    C0]  ? xfrm_state_add+0xe30/0xe30
[   54.172990][    C0]  ? find_held_lock+0x2d/0x110
[   54.177775][    C0]  ? xfrm_tmpl_resolve+0x653/0xd40
[   54.182888][    C0]  ? lock_downgrade+0x6e0/0x6e0
[   54.187745][    C0]  xfrm_tmpl_resolve+0x2f3/0xd40
[   54.192695][    C0]  ? __xfrm_dst_lookup+0x130/0x130
[   54.197810][    C0]  ? xfrm_policy_find_inexact_candidates+0x13f/0x1d0
[   54.204491][    C0]  ? find_held_lock+0x2d/0x110
[   54.209267][    C0]  xfrm_resolve_and_create_bundle+0x123/0x2580
[   54.215429][    C0]  ? lock_downgrade+0x6e0/0x6e0
[   54.220286][    C0]  ? xfrm_tmpl_resolve+0xd40/0xd40
[   54.225401][    C0]  ? xfrm_policy_match+0x2e0/0x2e0
[   54.230517][    C0]  ? xfrm_expand_policies+0x25b/0x680
[   54.235892][    C0]  xfrm_lookup_with_ifid+0x449/0x20f0
[   54.241272][    C0]  ? xfrm_expand_policies+0x680/0x680
[   54.246647][    C0]  ? ip_route_output_key_hash+0x1c9/0x300
[   54.252373][    C0]  ? ip_route_output_key_hash_rcu+0x2bc0/0x2bc0
[   54.258616][    C0]  xfrm_lookup_route+0x3a/0x1e0
[   54.263472][    C0]  ip_route_output_flow+0x118/0x150
[   54.268671][    C0]  igmpv3_newpack+0x29d/0x1110
[   54.273445][    C0]  ? ip_mc_join_group+0x30/0x30
[   54.278300][    C0]  ? lock_chain_count+0x20/0x20
[   54.283149][    C0]  add_grhead+0x266/0x300
[   54.287490][    C0]  add_grec+0xea5/0x1100
[   54.291739][    C0]  ? add_grhead+0x300/0x300
[   54.296244][    C0]  ? rwlock_bug.part.0+0x90/0x90
[   54.301187][    C0]  igmp_ifc_timer_expire+0x636/0xf70
[   54.306481][    C0]  call_timer_fn+0x1da/0x7c0
[   54.311073][    C0]  ? add_grec+0x1100/0x1100
[   54.315577][    C0]  ? timer_fixup_activate+0x3e0/0x3e0
[   54.320954][    C0]  ? add_grec+0x1100/0x1100
[   54.325460][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[   54.330662][    C0]  ? add_grec+0x1100/0x1100
[   54.335171][    C0]  ? add_grec+0x1100/0x1100
[   54.339689][    C0]  expire_timers+0x2c6/0x5c0
[   54.344295][    C0]  run_timer_softirq+0x326/0x910
[   54.349236][    C0]  ? expire_timers+0x5c0/0x5c0
[   54.354008][    C0]  __do_softirq+0x1fb/0xadc
[   54.358519][    C0]  __irq_exit_rcu+0x123/0x180
[   54.363197][    C0]  irq_exit_rcu+0x9/0x20
[   54.367439][    C0]  sysvec_apic_timer_interrupt+0x97/0xc0
[   54.373084][    C0]  </IRQ>
[   54.376007][    C0]  <TASK>
[   54.378943][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   54.384922][    C0] RIP: 0010:folio_memcg_lock+0x189/0x630
[   54.390558][    C0] Code: d0 d6 81 58 e8 38 1e 8d ff 4d 85 f6 0f 85 9e 02 00 00 9c 58 f6 c4 02 0f 85 53 03 00 00 4d 85 f6 74 01 fb 4c 8d b3 40 09 00 00 <be> 04 00 00 00 4c 89 f7 e8 0a 86 f8 ff 4c 89 f0 48 c1 e8 03 42 0f
[   54.410160][    C0] RSP: 0000:ffffc90003cefab8 EFLAGS: 00000206
[   54.416225][    C0] RAX: 0000000000000002 RBX: ffff888140140000 RCX: 1ffffffff22670ae
[   54.424194][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[   54.432157][    C0] RBP: ffffc90003cefb08 R08: 0000000000000001 R09: ffffffff91335ac7
[   54.440122][    C0] R10: 0000000000000001 R11: 0000000000000000 R12: dffffc0000000000
[   54.448086][    C0] R13: ffffea0002e655f8 R14: ffff888140140940 R15: ffffea0002e655c8
[   54.456067][    C0]  page_add_file_rmap+0x3d/0x970
[   54.461015][    C0]  ? rcu_read_lock_sched_held+0x3e/0x70
[   54.466570][    C0]  do_set_pte+0x431/0x7b0
[   54.470907][    C0]  filemap_map_pages+0xcd3/0x1a80
[   54.475938][    C0]  ? filemap_get_read_batch+0x8c0/0x8c0
[   54.481486][    C0]  ? lock_chain_count+0x20/0x20
[   54.486337][    C0]  __handle_mm_fault+0x22d0/0x3c90
[   54.491463][    C0]  ? vm_iomap_memory+0x190/0x190
[   54.496415][    C0]  handle_mm_fault+0x1b6/0x850
[   54.501190][    C0]  do_user_addr_fault+0x475/0x1210
[   54.506308][    C0]  ? rcu_read_lock_sched_held+0x3e/0x70
[   54.511866][    C0]  exc_page_fault+0x98/0x170
[   54.516466][    C0]  asm_exc_page_fault+0x26/0x30
[   54.521319][    C0] RIP: 0033:0x7f21962ae850
[   54.525741][    C0] Code: Unable to access opcode bytes at 0x7f21962ae826.
[   54.532748][    C0] RSP: 002b:00007ffe53c84dc8 EFLAGS: 00010206
[   54.538808][    C0] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 00007f219633432a
[   54.546775][    C0] RDX: 000000000000000c RSI: 000055c20721172e RDI: 000055c20720f185
[   54.554739][    C0] RBP: 000055c208618670 R08: 0000000000000007 R09: 000055c2085f4d10
[   54.562703][    C0] R10: 00007f219633476a R11: 0000000000000246 R12: 000055c2072155c5
[   54.570675][    C0] R13: 0000000000000004 R14: 00007ffe53c84e1c R15: 000055c2085f4910
[   54.578650][    C0]  </TASK>
[   54.581669][    C0] 
[   54.583987][    C0] The buggy address belongs to the virtual mapping at
[   54.583987][    C0]  [ffffc90000000000, ffffc90000009000) created by:
[   54.583987][    C0]  irq_init_percpu_irqstack+0x1d0/0x320
[   54.602568][    C0] 
[   54.604881][    C0] The buggy address belongs to the physical page:
[   54.611279][    C0] page:ffffea0002e60240 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xb9809
[   54.621422][    C0] flags: 0xfff00000001000(reserved|node=0|zone=1|lastcpupid=0x7ff)
[   54.629315][    C0] raw: 00fff00000001000 ffffea0002e60248 ffffea0002e60248 0000000000000000
[   54.637894][    C0] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   54.646468][    C0] page dumped because: kasan: bad access detected
[   54.652868][    C0] page_owner info is not present (never set?)
[   54.658916][    C0] 
[   54.661234][    C0] Memory state around the buggy address:
[   54.666851][    C0]  ffffc90000007980: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 00
[   54.674906][    C0]  ffffc90000007a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1
[   54.682959][    C0] >ffffc90000007a80: f1 f1 00 00 00 00 00 00 00 00 f3 f3 f3 f3 00 00
[   54.691009][    C0]                                                  ^
[   54.697684][    C0]  ffffc90000007b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   54.705740][    C0]  ffffc90000007b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1
[   54.713790][    C0] ==================================================================
[   54.721886][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   54.729081][    C0] CPU: 0 PID: 5074 Comm: udevd Not tainted 6.1.0-syzkaller-04343-gd039535850ee #0
[   54.738288][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   54.748353][    C0] Call Trace:
[   54.751635][    C0]  <IRQ>
[   54.754496][    C0]  dump_stack_lvl+0xd1/0x138
[   54.759111][    C0]  panic+0x2cc/0x626
[   54.763029][    C0]  ? panic_print_sys_info.part.0+0x110/0x110
[   54.769036][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   54.775218][    C0]  check_panic_on_warn.cold+0x19/0x35
[   54.780615][    C0]  end_report.part.0+0x36/0x73
[   54.785403][    C0]  ? xfrm_state_find+0x5f79/0x6d80
[   54.790522][    C0]  kasan_report.cold+0xa/0xf
[   54.795121][    C0]  ? xfrm_state_find+0x5f79/0x6d80
[   54.800239][    C0]  xfrm_state_find+0x5f79/0x6d80
[   54.805191][    C0]  ? xfrm_state_add+0xe30/0xe30
[   54.810052][    C0]  ? find_held_lock+0x2d/0x110
[   54.814834][    C0]  ? xfrm_tmpl_resolve+0x653/0xd40
[   54.819956][    C0]  ? lock_downgrade+0x6e0/0x6e0
[   54.824827][    C0]  xfrm_tmpl_resolve+0x2f3/0xd40
[   54.829779][    C0]  ? __xfrm_dst_lookup+0x130/0x130
[   54.834912][    C0]  ? xfrm_policy_find_inexact_candidates+0x13f/0x1d0
[   54.841591][    C0]  ? find_held_lock+0x2d/0x110
[   54.846374][    C0]  xfrm_resolve_and_create_bundle+0x123/0x2580
[   54.852532][    C0]  ? lock_downgrade+0x6e0/0x6e0
[   54.857391][    C0]  ? xfrm_tmpl_resolve+0xd40/0xd40
[   54.862509][    C0]  ? xfrm_policy_match+0x2e0/0x2e0
[   54.867640][    C0]  ? xfrm_expand_policies+0x25b/0x680
[   54.873034][    C0]  xfrm_lookup_with_ifid+0x449/0x20f0
[   54.878423][    C0]  ? xfrm_expand_policies+0x680/0x680
[   54.883799][    C0]  ? ip_route_output_key_hash+0x1c9/0x300
[   54.889521][    C0]  ? ip_route_output_key_hash_rcu+0x2bc0/0x2bc0
[   54.895766][    C0]  xfrm_lookup_route+0x3a/0x1e0
[   54.900619][    C0]  ip_route_output_flow+0x118/0x150
[   54.905823][    C0]  igmpv3_newpack+0x29d/0x1110
[   54.910596][    C0]  ? ip_mc_join_group+0x30/0x30
[   54.915459][    C0]  ? lock_chain_count+0x20/0x20
[   54.920310][    C0]  add_grhead+0x266/0x300
[   54.924645][    C0]  add_grec+0xea5/0x1100
[   54.928891][    C0]  ? add_grhead+0x300/0x300
[   54.933393][    C0]  ? rwlock_bug.part.0+0x90/0x90
[   54.938333][    C0]  igmp_ifc_timer_expire+0x636/0xf70
[   54.943633][    C0]  call_timer_fn+0x1da/0x7c0
[   54.948234][    C0]  ? add_grec+0x1100/0x1100
[   54.952739][    C0]  ? timer_fixup_activate+0x3e0/0x3e0
[   54.958114][    C0]  ? add_grec+0x1100/0x1100
[   54.962617][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[   54.967831][    C0]  ? add_grec+0x1100/0x1100
[   54.972334][    C0]  ? add_grec+0x1100/0x1100
[   54.976840][    C0]  expire_timers+0x2c6/0x5c0
[   54.981436][    C0]  run_timer_softirq+0x326/0x910
[   54.986380][    C0]  ? expire_timers+0x5c0/0x5c0
[   54.991151][    C0]  __do_softirq+0x1fb/0xadc
[   54.995660][    C0]  __irq_exit_rcu+0x123/0x180
[   55.000349][    C0]  irq_exit_rcu+0x9/0x20
[   55.004597][    C0]  sysvec_apic_timer_interrupt+0x97/0xc0
[   55.010240][    C0]  </IRQ>
[   55.013169][    C0]  <TASK>
[   55.016094][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   55.022077][    C0] RIP: 0010:folio_memcg_lock+0x189/0x630
[   55.027715][    C0] Code: d0 d6 81 58 e8 38 1e 8d ff 4d 85 f6 0f 85 9e 02 00 00 9c 58 f6 c4 02 0f 85 53 03 00 00 4d 85 f6 74 01 fb 4c 8d b3 40 09 00 00 <be> 04 00 00 00 4c 89 f7 e8 0a 86 f8 ff 4c 89 f0 48 c1 e8 03 42 0f
[   55.047326][    C0] RSP: 0000:ffffc90003cefab8 EFLAGS: 00000206
[   55.053392][    C0] RAX: 0000000000000002 RBX: ffff888140140000 RCX: 1ffffffff22670ae
[   55.061362][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[   55.069329][    C0] RBP: ffffc90003cefb08 R08: 0000000000000001 R09: ffffffff91335ac7
[   55.077297][    C0] R10: 0000000000000001 R11: 0000000000000000 R12: dffffc0000000000
[   55.085263][    C0] R13: ffffea0002e655f8 R14: ffff888140140940 R15: ffffea0002e655c8
[   55.093246][    C0]  page_add_file_rmap+0x3d/0x970
[   55.098193][    C0]  ? rcu_read_lock_sched_held+0x3e/0x70
[   55.103750][    C0]  do_set_pte+0x431/0x7b0
[   55.108085][    C0]  filemap_map_pages+0xcd3/0x1a80
[   55.113118][    C0]  ? filemap_get_read_batch+0x8c0/0x8c0
[   55.118668][    C0]  ? lock_chain_count+0x20/0x20
[   55.123521][    C0]  __handle_mm_fault+0x22d0/0x3c90
[   55.128639][    C0]  ? vm_iomap_memory+0x190/0x190
[   55.133597][    C0]  handle_mm_fault+0x1b6/0x850
[   55.138369][    C0]  do_user_addr_fault+0x475/0x1210
[   55.143485][    C0]  ? rcu_read_lock_sched_held+0x3e/0x70
[   55.149647][    C0]  exc_page_fault+0x98/0x170
[   55.154256][    C0]  asm_exc_page_fault+0x26/0x30
[   55.159104][    C0] RIP: 0033:0x7f21962ae850
[   55.163529][    C0] Code: Unable to access opcode bytes at 0x7f21962ae826.
[   55.170545][    C0] RSP: 002b:00007ffe53c84dc8 EFLAGS: 00010206
[   55.176607][    C0] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 00007f219633432a
[   55.184570][    C0] RDX: 000000000000000c RSI: 000055c20721172e RDI: 000055c20720f185
[   55.192536][    C0] RBP: 000055c208618670 R08: 0000000000000007 R09: 000055c2085f4d10
[   55.200500][    C0] R10: 00007f219633476a R11: 0000000000000246 R12: 000055c2072155c5
[   55.208465][    C0] R13: 0000000000000004 R14: 00007ffe53c84e1c R15: 000055c2085f4910
[   55.216612][    C0]  </TASK>
[   55.219779][    C0] Kernel Offset: disabled
[   55.224097][    C0] Rebooting in 86400 seconds..