Warning: Permanently added '10.128.0.106' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 49.389561][ T3595] ==================================================================
[ 49.397632][ T3595] BUG: KASAN: slab-out-of-bounds in watch_queue_set_filter+0x78d/0x810
[ 49.405876][ T3595] Write of size 4 at addr ffff888024c6221c by task syz-executor171/3595
[ 49.414180][ T3595]
[ 49.416485][ T3595] CPU: 1 PID: 3595 Comm: syz-executor171 Not tainted 5.17.0-rc6-next-20220303-syzkaller #0
[ 49.426438][ T3595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 49.436472][ T3595] Call Trace:
[ 49.439733][ T3595]
[ 49.442646][ T3595] dump_stack_lvl+0xcd/0x134
[ 49.447232][ T3595] print_address_description.constprop.0.cold+0xeb/0x495
[ 49.454243][ T3595] ? watch_queue_set_filter+0x78d/0x810
[ 49.459776][ T3595] kasan_report.cold+0xf4/0x1c6
[ 49.464614][ T3595] ? watch_queue_set_filter+0x78d/0x810
[ 49.470149][ T3595] watch_queue_set_filter+0x78d/0x810
[ 49.475520][ T3595] ? watch_queue_set_size+0x5f0/0x5f0
[ 49.480891][ T3595] ? lock_downgrade+0x6e0/0x6e0
[ 49.485745][ T3595] pipe_ioctl+0x25b/0x2b0
[ 49.490074][ T3595] ? pipe_fasync+0x230/0x230
[ 49.494667][ T3595] __x64_sys_ioctl+0x193/0x200
[ 49.499434][ T3595] do_syscall_64+0x35/0xb0
[ 49.503857][ T3595] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 49.509751][ T3595] RIP: 0033:0x7f2a91a94049
[ 49.514154][ T3595] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 49.533751][ T3595] RSP: 002b:00007ffd823e2278 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 49.542158][ T3595] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2a91a94049
[ 49.550119][ T3595] RDX: 0000000020000300 RSI: 0000000000005761 RDI: 0000000000000004
[ 49.558174][ T3595] RBP: 00007f2a91a58030 R08: 0000000000000000 R09: 0000000000000000
[ 49.566134][ T3595] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2a91a580c0
[ 49.574196][ T3595] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 49.582163][ T3595]
[ 49.585170][ T3595]
[ 49.587479][ T3595] Allocated by task 3595:
[ 49.591798][ T3595] kasan_save_stack+0x1e/0x40
[ 49.596728][ T3595] __kasan_kmalloc+0xa9/0xd0
[ 49.601305][ T3595] watch_queue_set_filter+0x2f2/0x810
[ 49.606670][ T3595] pipe_ioctl+0x25b/0x2b0
[ 49.611012][ T3595] __x64_sys_ioctl+0x193/0x200
[ 49.615773][ T3595] do_syscall_64+0x35/0xb0
[ 49.620193][ T3595] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 49.626084][ T3595]
[ 49.628394][ T3595] The buggy address belongs to the object at ffff888024c62200
[ 49.628394][ T3595] which belongs to the cache kmalloc-32 of size 32
[ 49.642259][ T3595] The buggy address is located 28 bytes inside of
[ 49.642259][ T3595] 32-byte region [ffff888024c62200, ffff888024c62220)
[ 49.655345][ T3595]
[ 49.657654][ T3595] The buggy address belongs to the physical page:
[ 49.664047][ T3595] page:ffffea0000931880 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x24c62
[ 49.674180][ T3595] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 49.681721][ T3595] raw: 00fff00000000200 ffffea00006a9b80 dead000000000003 ffff888010c41500
[ 49.690398][ T3595] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000
[ 49.698984][ T3595] page dumped because: kasan: bad access detected
[ 49.705377][ T3595] page_owner tracks the page as allocated
[ 49.711072][ T3595] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY), pid 2964, tgid 2964 (udevadm), ts 14549069631, free_ts 12873352607
[ 49.728772][ T3595] get_page_from_freelist+0xa7f/0x3ec0
[ 49.734232][ T3595] __alloc_pages+0x1b2/0x500
[ 49.738819][ T3595] alloc_pages+0x1aa/0x310
[ 49.743227][ T3595] allocate_slab+0x26c/0x3c0
[ 49.747829][ T3595] ___slab_alloc+0x8d0/0xf30
[ 49.752416][ T3595] __slab_alloc.constprop.0+0x4d/0xa0
[ 49.757789][ T3595] __kmalloc+0x318/0x350
[ 49.762030][ T3595] tomoyo_encode2.part.0+0xe9/0x3a0
[ 49.767226][ T3595] tomoyo_encode+0x28/0x50
[ 49.771640][ T3595] tomoyo_realpath_from_path+0x186/0x620
[ 49.777271][ T3595] tomoyo_check_open_permission+0x272/0x380
[ 49.783163][ T3595] tomoyo_file_open+0xa3/0xd0
[ 49.787855][ T3595] security_file_open+0x45/0xb0
[ 49.792703][ T3595] do_dentry_open+0x358/0x1250
[ 49.797460][ T3595] path_openat+0x1c9e/0x2940
[ 49.802215][ T3595] do_filp_open+0x1aa/0x400
[ 49.806711][ T3595] page last free stack trace:
[ 49.811366][ T3595] free_pcp_prepare+0x549/0xd20
[ 49.816225][ T3595] free_unref_page+0x19/0x690
[ 49.820891][ T3595] kasan_depopulate_vmalloc_pte+0x5c/0x70
[ 49.826612][ T3595] __apply_to_page_range+0x686/0x1030
[ 49.831983][ T3595] kasan_release_vmalloc+0xa7/0xc0
[ 49.837089][ T3595] __purge_vmap_area_lazy+0x8f9/0x1c50
[ 49.842546][ T3595] _vm_unmap_aliases.part.0+0x3f0/0x500
[ 49.848088][ T3595] vm_unmap_aliases+0x45/0x50
[ 49.852752][ T3595] change_page_attr_set_clr+0x241/0x500
[ 49.858292][ T3595] set_memory_nx+0xb2/0x110
[ 49.862793][ T3595] free_init_pages+0x73/0xc0
[ 49.867371][ T3595] kernel_init+0x2e/0x1d0
[ 49.871694][ T3595] ret_from_fork+0x1f/0x30
[ 49.876105][ T3595]
[ 49.878411][ T3595] Memory state around the buggy address:
[ 49.884024][ T3595] ffff888024c62100: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[ 49.892104][ T3595] ffff888024c62180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[ 49.900150][ T3595] >ffff888024c62200: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc
[ 49.908282][ T3595] ^
[ 49.913143][ T3595] ffff888024c62280: 00 00 00 05 fc fc fc fc fa fb fb fb fc fc fc fc
[ 49.921191][ T3595] ffff888024c62300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[ 49.929237][ T3595] ==================================================================
[ 49.937600][ T3595] Kernel panic - not syncing: panic_on_warn set ...
[ 49.944191][ T3595] CPU: 0 PID: 3595 Comm: syz-executor171 Not tainted 5.17.0-rc6-next-20220303-syzkaller #0
[ 49.954260][ T3595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 49.964411][ T3595] Call Trace:
[ 49.967677][ T3595]
[ 49.970597][ T3595] dump_stack_lvl+0xcd/0x134
[ 49.975182][ T3595] panic+0x2d7/0x636
[ 49.979087][ T3595] ? panic_print_sys_info.part.0+0x10b/0x10b
[ 49.985151][ T3595] ? preempt_schedule_common+0x59/0xc0
[ 49.990614][ T3595] ? watch_queue_set_filter+0x78d/0x810
[ 49.996159][ T3595] ? preempt_schedule_thunk+0x16/0x18
[ 50.001528][ T3595] ? trace_hardirqs_on+0x38/0x1c0
[ 50.006547][ T3595] ? watch_queue_set_filter+0x78d/0x810
[ 50.012085][ T3595] end_report.part.0+0x3f/0x7c
[ 50.016846][ T3595] kasan_report.cold+0x93/0x1c6
[ 50.021704][ T3595] ? watch_queue_set_filter+0x78d/0x810
[ 50.027258][ T3595] watch_queue_set_filter+0x78d/0x810
[ 50.032633][ T3595] ? watch_queue_set_size+0x5f0/0x5f0
[ 50.038012][ T3595] ? lock_downgrade+0x6e0/0x6e0
[ 50.042871][ T3595] pipe_ioctl+0x25b/0x2b0
[ 50.047204][ T3595] ? pipe_fasync+0x230/0x230
[ 50.051796][ T3595] __x64_sys_ioctl+0x193/0x200
[ 50.056559][ T3595] do_syscall_64+0x35/0xb0
[ 50.060975][ T3595] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 50.066868][ T3595] RIP: 0033:0x7f2a91a94049
[ 50.071270][ T3595] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 50.090960][ T3595] RSP: 002b:00007ffd823e2278 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 50.099377][ T3595] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2a91a94049
[ 50.107449][ T3595] RDX: 0000000020000300 RSI: 0000000000005761 RDI: 0000000000000004
[ 50.115506][ T3595] RBP: 00007f2a91a58030 R08: 0000000000000000 R09: 0000000000000000
[ 50.123593][ T3595] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2a91a580c0
[ 50.131561][ T3595] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 50.139558][ T3595]
[ 50.142782][ T3595] Kernel Offset: disabled
[ 50.147127][ T3595] Rebooting in 86400 seconds..