Warning: Permanently added '10.128.0.51' (ED25519) to the list of known hosts.
executing program
[ 86.017242][ T5834] ==================================================================
[ 86.025620][ T5834] BUG: KASAN: slab-out-of-bounds in afs_proc_addr_prefs_write+0x123b/0x14e0
[ 86.034358][ T5834] Read of size 1 at addr ffff888076ea53dd by task syz-executor402/5834
[ 86.042697][ T5834]
[ 86.045042][ T5834] CPU: 1 UID: 0 PID: 5834 Comm: syz-executor402 Not tainted 6.13.0-rc2-syzkaller-00192-g243f750a2df0 #0
[ 86.056171][ T5834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 86.066244][ T5834] Call Trace:
[ 86.069551][ T5834]
[ 86.072500][ T5834] dump_stack_lvl+0x116/0x1f0
[ 86.077357][ T5834] print_report+0xc3/0x620
[ 86.081965][ T5834] ? __virt_addr_valid+0x5e/0x590
[ 86.087026][ T5834] ? __phys_addr+0xc6/0x150
[ 86.091730][ T5834] kasan_report+0xd9/0x110
[ 86.096182][ T5834] ? afs_proc_addr_prefs_write+0x123b/0x14e0
[ 86.102202][ T5834] ? afs_proc_addr_prefs_write+0x123b/0x14e0
[ 86.108219][ T5834] afs_proc_addr_prefs_write+0x123b/0x14e0
[ 86.114062][ T5834] ? find_held_lock+0x2d/0x110
[ 86.118873][ T5834] ? __pfx_afs_proc_addr_prefs_write+0x10/0x10
[ 86.125069][ T5834] ? __might_fault+0x13b/0x190
[ 86.129862][ T5834] ? __pfx_lock_release+0x10/0x10
[ 86.134914][ T5834] ? trace_lock_acquire+0x14e/0x1f0
[ 86.140347][ T5834] ? lock_acquire+0x2f/0xb0
[ 86.144909][ T5834] ? proc_simple_write+0x114/0x1b0
[ 86.150101][ T5834] proc_simple_write+0x114/0x1b0
[ 86.155438][ T5834] ? __pfx_proc_simple_write+0x10/0x10
[ 86.161035][ T5834] proc_reg_write+0x23d/0x330
[ 86.165842][ T5834] ? __pfx_proc_reg_write+0x10/0x10
[ 86.171102][ T5834] vfs_write+0x24c/0x1150
[ 86.175510][ T5834] ? reacquire_held_locks+0x20b/0x4c0
[ 86.181006][ T5834] ? do_user_addr_fault+0xdc7/0x13f0
[ 86.186330][ T5834] ? __pfx_vfs_write+0x10/0x10
[ 86.191199][ T5834] ? find_held_lock+0x59/0x110
[ 86.196091][ T5834] ? find_held_lock+0x2d/0x110
[ 86.201164][ T5834] ? do_user_addr_fault+0xe50/0x13f0
[ 86.206476][ T5834] ? __pfx_lock_release+0x10/0x10
[ 86.211557][ T5834] ksys_write+0x12b/0x250
[ 86.216101][ T5834] ? __pfx_ksys_write+0x10/0x10
[ 86.220979][ T5834] ? do_user_addr_fault+0x83d/0x13f0
[ 86.226360][ T5834] do_syscall_64+0xcd/0x250
[ 86.230898][ T5834] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.236814][ T5834] RIP: 0033:0x7fe5403c4a39
[ 86.241424][ T5834] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 86.261323][ T5834] RSP: 002b:00007ffc2605a0b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 86.269775][ T5834] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe5403c4a39
[ 86.278035][ T5834] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003
[ 86.286030][ T5834] RBP: 00007fe5404375f0 R08: 0000000000000006 R09: 0000000000000006
[ 86.294134][ T5834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 86.302135][ T5834] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001
[ 86.310148][ T5834]
[ 86.313196][ T5834]
[ 86.315620][ T5834] Allocated by task 5834:
[ 86.319961][ T5834] kasan_save_stack+0x33/0x60
[ 86.324668][ T5834] kasan_save_track+0x14/0x30
[ 86.329368][ T5834] __kasan_kmalloc+0xaa/0xb0
[ 86.334083][ T5834] __kmalloc_node_track_caller_noprof+0x21d/0x520
[ 86.340542][ T5834] memdup_user_nul+0x2b/0x110
[ 86.345252][ T5834] proc_simple_write+0xc7/0x1b0
[ 86.350143][ T5834] proc_reg_write+0x23d/0x330
[ 86.354851][ T5834] vfs_write+0x24c/0x1150
[ 86.359290][ T5834] ksys_write+0x12b/0x250
[ 86.363648][ T5834] do_syscall_64+0xcd/0x250
[ 86.368178][ T5834] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.374103][ T5834]
[ 86.376441][ T5834] The buggy address belongs to the object at ffff888076ea53c0
[ 86.376441][ T5834] which belongs to the cache kmalloc-32 of size 32
[ 86.390332][ T5834] The buggy address is located 0 bytes to the right of
[ 86.390332][ T5834] allocated 29-byte region [ffff888076ea53c0, ffff888076ea53dd)
[ 86.404844][ T5834]
[ 86.407181][ T5834] The buggy address belongs to the physical page:
[ 86.413882][ T5834] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x76ea5
[ 86.422680][ T5834] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 86.429802][ T5834] page_type: f5(slab)
[ 86.433804][ T5834] raw: 00fff00000000000 ffff88801ac41780 dead000000000122 0000000000000000
[ 86.442660][ T5834] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000
[ 86.451263][ T5834] page dumped because: kasan: bad access detected
[ 86.457794][ T5834] page_owner tracks the page as allocated
[ 86.463535][ T5834] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5831, tgid 5831 (sshd), ts 85902168535, free_ts 79970460650
[ 86.482158][ T5834] post_alloc_hook+0x2d1/0x350
[ 86.487173][ T5834] get_page_from_freelist+0xfce/0x2f80
[ 86.492723][ T5834] __alloc_pages_noprof+0x223/0x25b0
[ 86.498222][ T5834] alloc_pages_mpol_noprof+0x2c9/0x610
[ 86.503716][ T5834] new_slab+0x2c9/0x410
[ 86.507887][ T5834] ___slab_alloc+0xce2/0x1650
[ 86.512588][ T5834] __slab_alloc.constprop.0+0x56/0xb0
[ 86.518076][ T5834] __kmalloc_noprof+0x2de/0x4f0
[ 86.522964][ T5834] tomoyo_encode2+0x100/0x3e0
[ 86.527679][ T5834] tomoyo_realpath_from_path+0x1a7/0x710
[ 86.533331][ T5834] tomoyo_path_perm+0x276/0x480
[ 86.538230][ T5834] security_inode_getattr+0x116/0x290
[ 86.543640][ T5834] vfs_fstat+0x4b/0xd0
[ 86.547724][ T5834] vfs_fstatat+0xbc/0xf0
[ 86.552075][ T5834] __do_sys_newfstatat+0xa2/0x130
[ 86.557317][ T5834] do_syscall_64+0xcd/0x250
[ 86.561842][ T5834] page last free pid 5830 tgid 5830 stack trace:
[ 86.568173][ T5834] free_unref_page+0x661/0x1080
[ 86.573056][ T5834] __folio_put+0x32a/0x450
[ 86.577520][ T5834] put_page+0x21e/0x280
[ 86.581692][ T5834] anon_pipe_buf_release+0x11a/0x240
[ 86.587057][ T5834] pipe_read+0x641/0x13f0
[ 86.591498][ T5834] vfs_read+0xa4c/0xbe0
[ 86.595697][ T5834] ksys_read+0x207/0x250
[ 86.599961][ T5834] do_syscall_64+0xcd/0x250
[ 86.604486][ T5834] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.610395][ T5834]
[ 86.612742][ T5834] Memory state around the buggy address:
[ 86.618471][ T5834] ffff888076ea5280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[ 86.626646][ T5834] ffff888076ea5300: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc
[ 86.634735][ T5834] >ffff888076ea5380: 00 00 00 fc fc fc fc fc 00 00 00 05 fc fc fc fc
[ 86.642917][ T5834] ^
[ 86.649870][ T5834] ffff888076ea5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 86.658062][ T5834] ffff888076ea5480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 86.666124][ T5834] ==================================================================
[ 86.675272][ T5834] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 86.682626][ T5834] CPU: 1 UID: 0 PID: 5834 Comm: syz-executor402 Not tainted 6.13.0-rc2-syzkaller-00192-g243f750a2df0 #0
[ 86.693786][ T5834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 86.703892][ T5834] Call Trace:
[ 86.707194][ T5834]
[ 86.710149][ T5834] dump_stack_lvl+0x3d/0x1f0
[ 86.714964][ T5834] panic+0x71d/0x800
[ 86.718914][ T5834] ? __pfx_panic+0x10/0x10
[ 86.723367][ T5834] ? irqentry_exit+0x3b/0x90
[ 86.727985][ T5834] ? lockdep_hardirqs_on+0x7c/0x110
[ 86.733230][ T5834] ? preempt_schedule_thunk+0x1a/0x30
[ 86.738635][ T5834] ? preempt_schedule_common+0x44/0xc0
[ 86.744123][ T5834] ? check_panic_on_warn+0x1f/0xb0
[ 86.749261][ T5834] check_panic_on_warn+0xab/0xb0
[ 86.754311][ T5834] end_report+0x117/0x180
[ 86.758666][ T5834] kasan_report+0xe9/0x110
[ 86.763193][ T5834] ? afs_proc_addr_prefs_write+0x123b/0x14e0
[ 86.769290][ T5834] ? afs_proc_addr_prefs_write+0x123b/0x14e0
[ 86.775309][ T5834] afs_proc_addr_prefs_write+0x123b/0x14e0
[ 86.781180][ T5834] ? find_held_lock+0x2d/0x110
[ 86.785966][ T5834] ? __pfx_afs_proc_addr_prefs_write+0x10/0x10
[ 86.792219][ T5834] ? __might_fault+0x13b/0x190
[ 86.797035][ T5834] ? __pfx_lock_release+0x10/0x10
[ 86.802278][ T5834] ? trace_lock_acquire+0x14e/0x1f0
[ 86.807851][ T5834] ? lock_acquire+0x2f/0xb0
[ 86.812404][ T5834] ? proc_simple_write+0x114/0x1b0
[ 86.817574][ T5834] proc_simple_write+0x114/0x1b0
[ 86.822609][ T5834] ? __pfx_proc_simple_write+0x10/0x10
[ 86.828098][ T5834] proc_reg_write+0x23d/0x330
[ 86.832799][ T5834] ? __pfx_proc_reg_write+0x10/0x10
[ 86.838110][ T5834] vfs_write+0x24c/0x1150
[ 86.842476][ T5834] ? reacquire_held_locks+0x20b/0x4c0
[ 86.847875][ T5834] ? do_user_addr_fault+0xdc7/0x13f0
[ 86.853173][ T5834] ? __pfx_vfs_write+0x10/0x10
[ 86.857956][ T5834] ? find_held_lock+0x59/0x110
[ 86.862825][ T5834] ? find_held_lock+0x2d/0x110
[ 86.867630][ T5834] ? do_user_addr_fault+0xe50/0x13f0
[ 86.872928][ T5834] ? __pfx_lock_release+0x10/0x10
[ 86.878011][ T5834] ksys_write+0x12b/0x250
[ 86.882386][ T5834] ? __pfx_ksys_write+0x10/0x10
[ 86.887617][ T5834] ? do_user_addr_fault+0x83d/0x13f0
[ 86.892944][ T5834] do_syscall_64+0xcd/0x250
[ 86.897497][ T5834] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.903518][ T5834] RIP: 0033:0x7fe5403c4a39
[ 86.907956][ T5834] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 86.928146][ T5834] RSP: 002b:00007ffc2605a0b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 86.936594][ T5834] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe5403c4a39
[ 86.944592][ T5834] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003
[ 86.952584][ T5834] RBP: 00007fe5404375f0 R08: 0000000000000006 R09: 0000000000000006
[ 86.960848][ T5834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 86.969201][ T5834] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001
[ 86.977509][ T5834]
[ 86.981072][ T5834] Kernel Offset: disabled
[ 86.985510][ T5834] Rebooting in 86400 seconds..