Warning: Permanently added '10.128.1.52' (ED25519) to the list of known hosts. 2024/11/13 06:52:00 ignoring optional flag "sandboxArg"="0" 2024/11/13 06:52:00 parsed 1 programs [ 30.140766][ T28] audit: type=1400 audit(1731480720.518:66): avc: denied { node_bind } for pid=296 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 31.032689][ T28] audit: type=1400 audit(1731480721.408:67): avc: denied { mounton } for pid=302 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1926 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 31.034008][ T302] cgroup: Unknown subsys name 'net' [ 31.055142][ T28] audit: type=1400 audit(1731480721.408:68): avc: denied { mount } for pid=302 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 31.082044][ T28] audit: type=1400 audit(1731480721.448:69): avc: denied { unmount } for pid=302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 31.082259][ T302] cgroup: Unknown subsys name 'devices' [ 31.229204][ T302] cgroup: Unknown subsys name 'hugetlb' [ 31.234732][ T302] cgroup: Unknown subsys name 'rlimit' [ 31.335493][ T28] audit: type=1400 audit(1731480721.708:70): avc: denied { setattr } for pid=302 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 31.358450][ T28] audit: type=1400 audit(1731480721.708:71): avc: denied { create } for pid=302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 31.377726][ T308] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 31.378864][ T28] audit: type=1400 audit(1731480721.708:72): avc: denied { write } for pid=302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 31.407101][ T28] audit: type=1400 audit(1731480721.708:73): avc: denied { read } for pid=302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 31.407954][ T302] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 31.427137][ T28] audit: type=1400 audit(1731480721.718:74): avc: denied { module_request } for pid=302 comm="syz-executor" kmod="netdev-wpan0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 31.457125][ T28] audit: type=1400 audit(1731480721.718:75): avc: denied { mounton } for pid=302 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 32.109175][ T321] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.116031][ T321] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.136170][ T321] device bridge_slave_0 entered promiscuous mode [ 32.144004][ T321] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.150906][ T321] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.158156][ T321] device bridge_slave_1 entered promiscuous mode [ 32.394602][ T321] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.401468][ T321] bridge0: port 2(bridge_slave_1) entered forwarding state [ 32.408602][ T321] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.415338][ T321] bridge0: port 1(bridge_slave_0) entered forwarding state [ 32.435831][ T337] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.443028][ T337] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.451134][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 32.458476][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 32.468117][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 32.476092][ T337] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.482942][ T337] bridge0: port 1(bridge_slave_0) entered forwarding state [ 32.491509][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 32.499555][ T337] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.506400][ T337] bridge0: port 2(bridge_slave_1) entered forwarding state [ 32.520081][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 32.529234][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 32.543872][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 32.555971][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 32.563953][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 32.571301][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 32.579656][ T321] device veth0_vlan entered promiscuous mode 2024/11/13 06:52:03 executed programs: 0 [ 32.591364][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 32.600640][ T321] device veth1_macvtap entered promiscuous mode [ 32.610006][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 32.619592][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 32.880703][ T372] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.887658][ T372] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.894784][ T372] device bridge_slave_0 entered promiscuous mode [ 32.915487][ T376] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.922380][ T376] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.929769][ T376] device bridge_slave_0 entered promiscuous mode [ 32.936274][ T372] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.943326][ T372] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.950801][ T372] device bridge_slave_1 entered promiscuous mode [ 32.957246][ T370] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.964077][ T370] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.971499][ T370] device bridge_slave_0 entered promiscuous mode [ 32.984900][ T376] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.991896][ T376] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.999144][ T376] device bridge_slave_1 entered promiscuous mode [ 33.012635][ T370] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.019505][ T370] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.026615][ T370] device bridge_slave_1 entered promiscuous mode [ 33.066662][ T377] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.073610][ T377] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.081001][ T377] device bridge_slave_0 entered promiscuous mode [ 33.098685][ T377] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.105529][ T377] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.113173][ T377] device bridge_slave_1 entered promiscuous mode [ 33.208098][ T374] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.214940][ T374] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.222450][ T374] device bridge_slave_0 entered promiscuous mode [ 33.249570][ T374] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.256407][ T374] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.263686][ T374] device bridge_slave_1 entered promiscuous mode [ 33.442830][ T374] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.449689][ T374] bridge0: port 2(bridge_slave_1) entered forwarding state [ 33.456772][ T374] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.463586][ T374] bridge0: port 1(bridge_slave_0) entered forwarding state [ 33.503591][ T337] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.510841][ T337] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.518602][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 33.525806][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 33.540531][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 33.547837][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 33.555001][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 33.563419][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 33.571401][ T337] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.578234][ T337] bridge0: port 1(bridge_slave_0) entered forwarding state [ 33.585523][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 33.593950][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 33.601961][ T337] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.608794][ T337] bridge0: port 2(bridge_slave_1) entered forwarding state [ 33.618248][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 33.625744][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 33.633057][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 33.641523][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 33.649229][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 33.668620][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 33.676915][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 33.684922][ T337] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.691766][ T337] bridge0: port 1(bridge_slave_0) entered forwarding state [ 33.699028][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 33.708075][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 33.716040][ T337] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.722890][ T337] bridge0: port 2(bridge_slave_1) entered forwarding state [ 33.730129][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 33.767203][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 33.775496][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 33.783223][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 33.791972][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 33.800138][ T337] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.806974][ T337] bridge0: port 1(bridge_slave_0) entered forwarding state [ 33.814519][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 33.822879][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 33.830960][ T337] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.837801][ T337] bridge0: port 2(bridge_slave_1) entered forwarding state [ 33.844952][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 33.853037][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 33.860929][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 33.868779][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 33.876875][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 33.884995][ T337] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.891842][ T337] bridge0: port 1(bridge_slave_0) entered forwarding state [ 33.899213][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 33.907469][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 33.915378][ T337] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.922235][ T337] bridge0: port 2(bridge_slave_1) entered forwarding state [ 33.929455][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 33.937462][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 33.945151][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 33.953185][ T337] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.960032][ T337] bridge0: port 1(bridge_slave_0) entered forwarding state [ 33.967265][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 33.975188][ T337] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.982032][ T337] bridge0: port 2(bridge_slave_1) entered forwarding state [ 33.990974][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 33.998511][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 34.015371][ T372] device veth0_vlan entered promiscuous mode [ 34.025535][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 34.033862][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 34.042049][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 34.049752][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 34.056951][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 34.065013][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 34.076477][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 34.095378][ T377] device veth0_vlan entered promiscuous mode [ 34.102354][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 34.110315][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 34.118247][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 34.126070][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 34.144223][ T372] device veth1_macvtap entered promiscuous mode [ 34.153220][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 34.161139][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 34.169183][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 34.177529][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 34.185316][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 34.193483][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 34.201582][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 34.212076][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 34.223006][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 34.248224][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 34.255509][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 34.262872][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 34.271451][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 34.279744][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 34.287976][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 34.296060][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 34.304282][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 34.318134][ T376] device veth0_vlan entered promiscuous mode [ 34.343663][ T370] device veth0_vlan entered promiscuous mode [ 34.352250][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 34.361392][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 34.369460][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 34.377532][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 34.385390][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 34.393615][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 34.401833][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 34.409200][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 34.418633][ T374] device veth0_vlan entered promiscuous mode [ 34.429587][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 34.437424][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 34.445562][ T377] device veth1_macvtap entered promiscuous mode [ 34.460186][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 34.467763][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 34.474990][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 34.489502][ T374] device veth1_macvtap entered promiscuous mode [ 34.508900][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 34.516919][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 34.525038][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 34.533370][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 34.541836][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 34.549583][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 34.558225][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 34.566935][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 34.575075][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 34.585584][ T376] device veth1_macvtap entered promiscuous mode [ 34.592250][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 34.600084][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 34.608256][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 34.623265][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 34.631311][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 34.639994][ T370] device veth1_macvtap entered promiscuous mode [ 34.647724][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 34.655368][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 34.663693][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 34.695018][ T405] ================================================================== [ 34.702913][ T405] BUG: KASAN: use-after-free in dev_map_generic_redirect+0x9f/0x7d0 [ 34.710806][ T405] Read of size 8 at addr ffff888111b59780 by task syz.1.22/405 [ 34.718183][ T405] [ 34.720358][ T405] CPU: 0 PID: 405 Comm: syz.1.22 Not tainted 6.1.112-syzkaller-00008-g38859a233e31 #0 [ 34.729727][ T405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 34.739627][ T405] Call Trace: [ 34.742749][ T405] [ 34.745528][ T405] dump_stack_lvl+0x151/0x1b7 [ 34.750038][ T405] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 34.755330][ T405] ? _printk+0xd1/0x111 [ 34.759330][ T405] ? __virt_addr_valid+0x242/0x2f0 [ 34.764271][ T405] print_report+0x158/0x4e0 [ 34.768613][ T405] ? __virt_addr_valid+0x242/0x2f0 [ 34.773557][ T405] ? kasan_complete_mode_report_info+0x90/0x1b0 [ 34.779638][ T405] ? dev_map_generic_redirect+0x9f/0x7d0 [ 34.785099][ T405] kasan_report+0x13c/0x170 [ 34.789441][ T405] ? dev_map_generic_redirect+0x9f/0x7d0 [ 34.794912][ T405] __asan_report_load8_noabort+0x14/0x20 [ 34.800377][ T405] dev_map_generic_redirect+0x9f/0x7d0 [ 34.805684][ T405] ? bq_enqueue+0x3e0/0x3e0 [ 34.810021][ T405] ? bpf_prog_run_generic_xdp+0xa35/0x1200 [ 34.815654][ T405] xdp_do_generic_redirect+0x42e/0xb40 [ 34.820949][ T405] do_xdp_generic+0x53e/0x800 [ 34.825461][ T405] ? generic_xdp_tx+0x560/0x560 [ 34.830149][ T405] ? migrate_disable+0xd9/0x190 [ 34.834834][ T405] __netif_receive_skb_core+0x19ae/0x43d0 [ 34.840394][ T405] ? qdisc_run+0x260/0x260 [ 34.844642][ T405] ? bpf_flow_dissect+0x3e0/0x3e0 [ 34.849501][ T405] ? stack_trace_snprint+0xf0/0xf0 [ 34.854450][ T405] ? __stack_depot_save+0x36/0x480 [ 34.859400][ T405] __netif_receive_skb+0x11c/0x530 [ 34.864345][ T405] ? kmem_cache_alloc+0x175/0x2c0 [ 34.869204][ T405] ? build_skb+0x2c/0x220 [ 34.873369][ T405] ? tun_get_user+0x1c0e/0x3a90 [ 34.878057][ T405] ? vfs_write+0xaf6/0xed0 [ 34.882309][ T405] ? ksys_write+0x199/0x2c0 [ 34.886646][ T405] ? __x64_sys_write+0x7b/0x90 [ 34.891250][ T405] ? x64_sys_call+0x2f/0x9a0 [ 34.895695][ T405] ? __netif_receive_skb_list_core+0x890/0x890 [ 34.901670][ T405] netif_receive_skb+0xb0/0x480 [ 34.906353][ T405] ? enqueue_to_backlog+0x9d0/0x9d0 [ 34.911390][ T405] ? tun_rx_batched+0x169/0x8f0 [ 34.916073][ T405] tun_rx_batched+0x1c0/0x8f0 [ 34.920588][ T405] ? eth_type_trans+0x43b/0x710 [ 34.925272][ T405] ? pskb_may_pull+0x100/0x100 [ 34.929874][ T405] ? tun_get_user+0x2340/0x3a90 [ 34.934574][ T405] tun_get_user+0x287e/0x3a90 [ 34.939080][ T405] ? release_firmware_map_entry+0xaa/0x192 [ 34.944722][ T405] ? tun_do_read+0x2000/0x2000 [ 34.949420][ T405] ? ref_tracker_alloc+0x31d/0x450 [ 34.954368][ T405] ? ref_tracker_dir_print+0x160/0x160 [ 34.959665][ T405] ? futex_wait_setup+0x330/0x330 [ 34.964525][ T405] ? avc_policy_seqno+0x1b/0x70 [ 34.969213][ T405] ? tun_get+0xe9/0x120 [ 34.973202][ T405] tun_chr_write_iter+0x129/0x210 [ 34.978061][ T405] vfs_write+0xaf6/0xed0 [ 34.982144][ T405] ? file_end_write+0x1c0/0x1c0 [ 34.987007][ T405] ? do_futex+0x55a/0x9a0 [ 34.991174][ T405] ? __fget_files+0x2cb/0x330 [ 34.995680][ T405] ? __fdget_pos+0x204/0x390 [ 35.000104][ T405] ? ksys_write+0x77/0x2c0 [ 35.004384][ T405] ksys_write+0x199/0x2c0 [ 35.008521][ T405] ? __this_cpu_preempt_check+0x13/0x20 [ 35.013905][ T405] ? xfd_validate_state+0x6f/0x170 [ 35.018852][ T405] ? __ia32_sys_read+0x90/0x90 [ 35.023451][ T405] ? fpregs_restore_userregs+0x130/0x290 [ 35.028922][ T405] __x64_sys_write+0x7b/0x90 [ 35.033346][ T405] x64_sys_call+0x2f/0x9a0 [ 35.037601][ T405] do_syscall_64+0x3b/0xb0 [ 35.041851][ T405] ? clear_bhb_loop+0x55/0xb0 [ 35.046365][ T405] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 35.052094][ T405] RIP: 0033:0x7f57bb77d1ff [ 35.056345][ T405] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48 [ 35.075786][ T405] RSP: 002b:00007f57bc501000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 35.084030][ T405] RAX: ffffffffffffffda RBX: 00007f57bb935f80 RCX: 00007f57bb77d1ff [ 35.091843][ T405] RDX: 000000000000006a RSI: 0000000020000180 RDI: 00000000000000c8 [ 35.099653][ T405] RBP: 00007f57bb7f1616 R08: 0000000000000000 R09: 0000000000000000 [ 35.107465][ T405] R10: 000000000000006a R11: 0000000000000293 R12: 0000000000000000 [ 35.115277][ T405] R13: 0000000000000000 R14: 00007f57bb935f80 R15: 00007ffc90d8cc68 [ 35.123094][ T405] [ 35.125987][ T405] [ 35.128120][ T405] Allocated by task 398: [ 35.132232][ T405] kasan_set_track+0x4b/0x70 [ 35.136627][ T405] kasan_save_alloc_info+0x1f/0x30 [ 35.141611][ T405] __kasan_kmalloc+0x9c/0xb0 [ 35.146001][ T405] __kmalloc_node+0xb4/0x1e0 [ 35.150431][ T405] bpf_map_kmalloc_node+0xd0/0x2c0 [ 35.155395][ T405] __dev_map_alloc_node+0x5c/0x4e0 [ 35.160321][ T405] dev_map_update_elem+0x20e/0x3f0 [ 35.165271][ T405] bpf_map_update_value+0x23a/0x410 [ 35.170302][ T405] map_update_elem+0x500/0x680 [ 35.174903][ T405] __sys_bpf+0x460/0x7f0 [ 35.179070][ T405] __x64_sys_bpf+0x7c/0x90 [ 35.183321][ T405] x64_sys_call+0x87f/0x9a0 [ 35.187661][ T405] do_syscall_64+0x3b/0xb0 [ 35.191915][ T405] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 35.197646][ T405] [ 35.199813][ T405] Freed by task 357: [ 35.203560][ T405] kasan_set_track+0x4b/0x70 [ 35.207984][ T405] kasan_save_free_info+0x2b/0x40 [ 35.212833][ T405] ____kasan_slab_free+0x131/0x180 [ 35.217777][ T405] __kasan_slab_free+0x11/0x20 [ 35.222380][ T405] __kmem_cache_free+0x218/0x3b0 [ 35.227155][ T405] kfree+0x7a/0xf0 [ 35.230712][ T405] dev_map_free+0x596/0x6c0 [ 35.235050][ T405] bpf_map_free_deferred+0xf7/0x1b0 [ 35.240084][ T405] process_one_work+0x73d/0xcb0 [ 35.244771][ T405] worker_thread+0xa60/0x1260 [ 35.249284][ T405] kthread+0x26d/0x300 [ 35.253199][ T405] ret_from_fork+0x1f/0x30 [ 35.257444][ T405] [ 35.259627][ T405] The buggy address belongs to the object at ffff888111b59780 [ 35.259627][ T405] which belongs to the cache kmalloc-96 of size 96 [ 35.273412][ T405] The buggy address is located 0 bytes inside of [ 35.273412][ T405] 96-byte region [ffff888111b59780, ffff888111b597e0) [ 35.286264][ T405] [ 35.288431][ T405] The buggy address belongs to the physical page: [ 35.294693][ T405] page:ffffea000446d640 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x111b59 [ 35.304748][ T405] flags: 0x4000000000000200(slab|zone=1) [ 35.310224][ T405] raw: 4000000000000200 0000000000000000 dead000000000122 ffff888100042900 [ 35.318642][ T405] raw: 0000000000000000 0000000000200020 00000001ffffffff 0000000000000000 [ 35.327060][ T405] page dumped because: kasan: bad access detected [ 35.333306][ T405] page_owner tracks the page as allocated [ 35.338957][ T405] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL), pid 393, tgid 393 (kworker/0:3), ts 34338720822, free_ts 32745095065 [ 35.358210][ T405] post_alloc_hook+0x213/0x220 [ 35.362812][ T405] prep_new_page+0x1b/0x110 [ 35.367149][ T405] get_page_from_freelist+0x2980/0x2a10 [ 35.372532][ T405] __alloc_pages+0x234/0x610 [ 35.376957][ T405] alloc_slab_page+0x6c/0xf0 [ 35.381382][ T405] new_slab+0x90/0x3e0 [ 35.385287][ T405] ___slab_alloc+0x6f9/0xb80 [ 35.389714][ T405] __slab_alloc+0x5d/0xa0 [ 35.393883][ T405] __kmem_cache_alloc_node+0x1af/0x250 [ 35.399175][ T405] kmalloc_trace+0x2a/0xa0 [ 35.403427][ T405] dst_cow_metrics_generic+0x55/0x1c0 [ 35.408639][ T405] icmp6_dst_alloc+0x363/0x510 [ 35.413241][ T405] mld_sendpack+0x614/0xe40 [ 35.417577][ T405] ipv6_mc_dad_complete+0x283/0x5e0 [ 35.422609][ T405] addrconf_dad_completed+0x6d5/0xdb0 [ 35.427904][ T405] addrconf_dad_work+0xd95/0x16b0 [ 35.432764][ T405] page last free stack trace: [ 35.437279][ T405] free_unref_page_prepare+0x83d/0x850 [ 35.442571][ T405] free_unref_page+0xb2/0x5c0 [ 35.447088][ T405] __free_pages+0x61/0xf0 [ 35.451248][ T405] __vunmap+0x9f3/0xb60 [ 35.455244][ T405] vfree+0x5c/0x80 [ 35.458802][ T405] kcov_close+0x2b/0x50 [ 35.462815][ T405] __fput+0x1e5/0x870 [ 35.466614][ T405] ____fput+0x15/0x20 [ 35.470430][ T405] task_work_run+0x24d/0x2e0 [ 35.474943][ T405] do_exit+0xbd5/0x2b80 [ 35.478938][ T405] do_group_exit+0x21a/0x2d0 [ 35.483364][ T405] get_signal+0x169d/0x1820 [ 35.487705][ T405] arch_do_signal_or_restart+0xb0/0x16f0 [ 35.493194][ T405] exit_to_user_mode_loop+0x74/0xa0 [ 35.498207][ T405] exit_to_user_mode_prepare+0x5a/0xa0 [ 35.503504][ T405] syscall_exit_to_user_mode+0x26/0x130 [ 35.508883][ T405] [ 35.511049][ T405] Memory state around the buggy address: [ 35.516539][ T405] ffff888111b59680: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 35.524420][ T405] ffff888111b59700: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 35.532324][ T405] >ffff888111b59780: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 35.540218][ T405] ^ [ 35.544125][ T405] ffff888111b59800: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 35.552025][ T405] ffff888111b59880: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 35.559917][ T405] ================================================================== [ 35.567872][ T405] Disabling lock debugging due to kernel taint [ 35.580291][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 35.588650][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 35.596848][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 35.604913][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 35.613033][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 35.621265][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 35.629545][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 35.637834][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 35.945802][ T43] device bridge_slave_1 left promiscuous mode [ 35.955126][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.963788][ T43] device bridge_slave_0 left promiscuous mode [ 35.970230][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.992769][ T43] device veth1_macvtap left promiscuous mode [ 35.998679][ T43] device veth0_vlan left promiscuous mode 2024/11/13 06:52:08 executed programs: 343 2024/11/13 06:52:13 executed programs: 1263