./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2930619950
<...>
Warning: Permanently added '10.128.0.238' (ED25519) to the list of known hosts.
execve("./syz-executor2930619950", ["./syz-executor2930619950"], 0x7ffdf7e17e70 /* 10 vars */) = 0
brk(NULL) = 0x55556e9a8000
brk(0x55556e9a8e00) = 0x55556e9a8e00
arch_prctl(ARCH_SET_FS, 0x55556e9a8480) = 0
set_tid_address(0x55556e9a8750) = 5072
set_robust_list(0x55556e9a8760, 24) = 0
rseq(0x55556e9a8da0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2930619950", 4096) = 28
getrandom("\xbf\xc8\xd2\x4d\x08\x25\x7b\x74", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55556e9a8e00
brk(0x55556e9c9e00) = 0x55556e9c9e00
brk(0x55556e9ca000) = 0x55556e9ca000
mprotect(0x7f0728b08000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
sendto(4, [{nlmsg_len=36, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0d\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x35\x34\x00\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
recvfrom(4, [{nlmsg_len=864, nlmsg_type=nlctrl, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=5072}, "\x01\x02\x00\x00\x0d\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x35\x34\x00\x00\x00\x00\x06\x00\x01\x00\x1d\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x30\x00\x00\x00\xe8\x02\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x05\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x03\x00"...], 4096, 0, NULL, NULL) = 864
recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5072}, {error=0, msg={nlmsg_len=36, nlmsg_type=nlctrl, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan0", ifr_ifindex=11}) = 0
close(5) = 0
sendto(4, [{nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x0b\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x06\x00\x0a\x00\xa0\xaa\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5072}, {error=0, msg={nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan0", ifr_ifindex=11}) = 0
close(5) = 0
sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0c\x00\x01\x00\x02\x00\xaa\xaa\xaa\xaa\xaa\xaa"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5072}, {error=0, msg={nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
sendto(3, [{nlmsg_len=68, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=0, nlmsg_pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=0, ifi_flags=0, ifi_change=0}, [[{nla_len=11, nla_type=IFLA_IFNAME}, "lowpan0"...], [{nla_len=16, nla_type=IFLA_LINKINFO}, [{nla_len=10, nla_type=IFLA_INFO_KIND}, "lowpan"...]], [{nla_len=8, nla_type=IFLA_LINK}, 11]]], 68, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 68
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5072}, {error=0, msg={nlmsg_len=68, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan1", ifr_ifindex=12}) = 0
close(5) = 0
sendto(4, [{nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x0b\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x06\x00\x0a\x00\xa1\xaa\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5072}, {error=0, msg={nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan1", ifr_ifindex=12}) = 0
close(5) = 0
sendto(3, [{nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=if_nametoindex("wpan1"), ifi_flags=IFF_UP, ifi_change=0x1}, [{nla_len=12, nla_type=IFLA_ADDRESS}, 02:01:aa:aa:aa:aa:aa]], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5072}, {error=0, msg={nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
close(3) = 0
close(4) = 0
rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGSEGV, {sa_handler=0x7f0728a60c90, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f0728a67fe0}, NULL, 8) = 0
rt_sigaction(SIGBUS, {sa_handler=0x7f0728a60c90, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f0728a67fe0}, NULL, 8) = 0
openat(AT_FDCWD, "/sys/kernel/profiling", O_RDWR|O_CREAT|O_NOFOLLOW|FASYNC, 000) = 3
[ 81.198752][ T5072] kernel profiling enabled (shift: 7)
[ 81.230695][ C1] ==================================================================
[ 81.238925][ C1] BUG: KASAN: stack-out-of-bounds in profile_pc+0xd2/0x170
[ 81.246440][ C1] Read of size 8 at addr ffffc900039273a0 by task syz-executor293/5072
[ 81.254712][ C1]
[ 81.257073][ C1] CPU: 1 PID: 5072 Comm: syz-executor293 Not tainted 6.8.0-syzkaller-08073-g480e035fc4c7 #0
[ 81.267583][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[ 81.277691][ C1] Call Trace:
[ 81.281005][ C1]
[ 81.283887][ C1] dump_stack_lvl+0x241/0x360
[ 81.288697][ C1] ? __pfx_dump_stack_lvl+0x10/0x10
[ 81.293946][ C1] ? __pfx__printk+0x10/0x10
[ 81.299100][ C1] ? _printk+0xd5/0x120
[ 81.303428][ C1] print_report+0x169/0x550
[ 81.308138][ C1] ? rcu_read_lock_sched_held+0x8d/0x130
[ 81.313964][ C1] ? __virt_addr_valid+0xbd/0x520
[ 81.319036][ C1] ? profile_pc+0xd2/0x170
[ 81.323487][ C1] kasan_report+0x143/0x180
[ 81.328580][ C1] ? profile_pc+0xd2/0x170
[ 81.333231][ C1] ? _raw_spin_unlock_irqrestore+0xd8/0x140
[ 81.339782][ C1] profile_pc+0xd2/0x170
[ 81.344868][ C1] profile_tick+0xd7/0x150
[ 81.349514][ C1] tick_nohz_handler+0x3a8/0x540
[ 81.354918][ C1] ? __pfx_tick_nohz_handler+0x10/0x10
[ 81.360835][ C1] __hrtimer_run_queues+0x54b/0xd00
[ 81.366168][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10
[ 81.372194][ C1] ? ktime_get_update_offsets_now+0x411/0x430
[ 81.378380][ C1] hrtimer_interrupt+0x396/0x990
[ 81.383374][ C1] __sysvec_apic_timer_interrupt+0x107/0x3a0
[ 81.389410][ C1] sysvec_apic_timer_interrupt+0xa1/0xc0
[ 81.395068][ C1]
[ 81.398271][ C1]
[ 81.401231][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 81.407223][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140
[ 81.414201][ C1] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 fe 49 79 f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 a3 f1 e5 f5 65 8b 05 f4 d5 84 74 85 c0 74 43 48 c7 04 24 0e 36
[ 81.434938][ C1] RSP: 0018:ffffc900039273a0 EFLAGS: 00000206
[ 81.441114][ C1] RAX: 699ba57281667000 RBX: 1ffff92000724e78 RCX: ffffffff81720c2a
[ 81.449289][ C1] RDX: dffffc0000000000 RSI: ffffffff8baac1e0 RDI: 0000000000000001
[ 81.457730][ C1] RBP: ffffc90003927430 R08: ffffffff92ce15cf R09: 1ffffffff259c2b9
[ 81.466170][ C1] R10: dffffc0000000000 R11: fffffbfff259c2ba R12: dffffc0000000000
[ 81.474239][ C1] R13: 1ffff92000724e74 R14: ffffc900039273c0 R15: 0000000000000246
[ 81.482575][ C1] ? mark_lock+0x9a/0x350
[ 81.486931][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 81.493267][ C1] ? stack_trace_save+0x118/0x1d0
[ 81.498322][ C1] stack_depot_save_flags+0x37d/0x860
[ 81.504134][ C1] save_stack+0x109/0x1f0
[ 81.508623][ C1] ? __pfx_save_stack+0x10/0x10
[ 81.513631][ C1] ? free_unref_page_prepare+0x968/0xa90
[ 81.519468][ C1] ? free_unref_page+0x37/0x3f0
[ 81.524344][ C1] ? stack_depot_save_flags+0x38f/0x860
[ 81.529992][ C1] ? kasan_save_track+0x51/0x80
[ 81.534869][ C1] ? __kasan_slab_alloc+0x66/0x80
[ 81.539922][ C1] ? kmem_cache_alloc+0x174/0x340
[ 81.545010][ C1] ? __proc_create+0x44f/0xa50
[ 81.549858][ C1] ? proc_create+0x124/0x2c0
[ 81.554565][ C1] ? create_proc_profile+0xba/0x120
[ 81.560049][ C1] ? profiling_store+0x81/0xc0
[ 81.564840][ C1] ? kernfs_fop_write_iter+0x3a4/0x500
[ 81.570394][ C1] ? vfs_write+0xa84/0xcb0
[ 81.574841][ C1] ? ksys_write+0x1a0/0x2c0
[ 81.579455][ C1] ? do_syscall_64+0xfb/0x240
[ 81.584419][ C1] ? entry_SYSCALL_64_after_hwframe+0x6d/0x75
[ 81.590498][ C1] ? page_ext_get+0x20/0x2a0
[ 81.595204][ C1] __reset_page_owner+0x44/0x2d0
[ 81.600217][ C1] free_unref_page_prepare+0x968/0xa90
[ 81.605933][ C1] free_unref_page+0x37/0x3f0
[ 81.610726][ C1] ? __virt_addr_valid+0x183/0x520
[ 81.616115][ C1] stack_depot_save_flags+0x38f/0x860
[ 81.621620][ C1] kasan_save_track+0x51/0x80
[ 81.626346][ C1] ? kasan_save_track+0x3f/0x80
[ 81.631331][ C1] ? __kasan_slab_alloc+0x66/0x80
[ 81.636386][ C1] ? kmem_cache_alloc+0x174/0x340
[ 81.641538][ C1] ? __proc_create+0x44f/0xa50
[ 81.646354][ C1] ? proc_create+0x124/0x2c0
[ 81.651060][ C1] ? create_proc_profile+0xba/0x120
[ 81.656385][ C1] ? profiling_store+0x81/0xc0
[ 81.661350][ C1] ? kernfs_fop_write_iter+0x3a4/0x500
[ 81.667377][ C1] ? vfs_write+0xa84/0xcb0
[ 81.671926][ C1] ? ksys_write+0x1a0/0x2c0
[ 81.676646][ C1] ? do_syscall_64+0xfb/0x240
[ 81.681931][ C1] ? entry_SYSCALL_64_after_hwframe+0x6d/0x75
[ 81.688939][ C1] __kasan_slab_alloc+0x66/0x80
[ 81.694099][ C1] ? __proc_create+0x431/0xa50
[ 81.699372][ C1] kmem_cache_alloc+0x174/0x340
[ 81.704986][ C1] ? __proc_create+0x44f/0xa50
[ 81.709989][ C1] __proc_create+0x44f/0xa50
[ 81.715006][ C1] ? __pfx___proc_create+0x10/0x10
[ 81.720305][ C1] ? __pfx_profile_online_cpu+0x10/0x10
[ 81.726053][ C1] proc_create+0x124/0x2c0
[ 81.730634][ C1] ? __pfx_proc_create+0x10/0x10
[ 81.736160][ C1] ? __pfx_profile_online_cpu+0x10/0x10
[ 81.742019][ C1] ? cpus_read_unlock+0xa6/0x140
[ 81.747339][ C1] ? __cpuhp_setup_state+0x46/0x60
[ 81.752911][ C1] ? __pfx_sysfs_kf_write+0x10/0x10
[ 81.758330][ C1] create_proc_profile+0xba/0x120
[ 81.763667][ C1] profiling_store+0x81/0xc0
[ 81.768399][ C1] kernfs_fop_write_iter+0x3a4/0x500
[ 81.773830][ C1] vfs_write+0xa84/0xcb0
[ 81.778217][ C1] ? __pfx_vfs_write+0x10/0x10
[ 81.783116][ C1] ? lockdep_hardirqs_on+0x99/0x150
[ 81.788466][ C1] ? __fdget_pos+0x272/0x320
[ 81.793097][ C1] ksys_write+0x1a0/0x2c0
[ 81.797473][ C1] ? __pfx_ksys_write+0x10/0x10
[ 81.802422][ C1] ? do_syscall_64+0x10a/0x240
[ 81.807248][ C1] ? syscall_trace_enter+0x5f/0x150
[ 81.812495][ C1] do_syscall_64+0xfb/0x240
[ 81.817027][ C1] entry_SYSCALL_64_after_hwframe+0x6d/0x75
[ 81.823207][ C1] RIP: 0033:0x7f0728a91179
[ 81.827764][ C1] Code: 48 83 c4 28 c3 e8 e7 18 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 81.848538][ C1] RSP: 002b:00007ffc32847a58 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 81.857776][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0728a91179
[ 81.866007][ C1] RDX: 0000000000000012 RSI: 00000000200000c0 RDI: 0000000000000003
[ 81.874015][ C1] RBP: 00007ffc32847aa8 R08: 00007ffc328477f7 R09: 000055556e9a90c0
[ 81.882202][ C1] R10: 0000000000000012 R11: 0000000000000246 R12: 00007f0728b0e380
[ 81.890297][ C1] R13: 0000000000000004 R14: 00007ffc32847aa0 R15: 0000000000000003
[ 81.898314][ C1]
[ 81.901371][ C1]
[ 81.903874][ C1] The buggy address belongs to stack of task syz-executor293/5072
[ 81.911874][ C1] and is located at offset 0 in frame:
[ 81.917517][ C1] _raw_spin_unlock_irqrestore+0x0/0x140
[ 81.923180][ C1]
[ 81.925528][ C1] This frame has 1 object:
[ 81.930049][ C1] [32, 40) 'flags.i.i.i.i'
[ 81.930065][ C1]
[ 81.937070][ C1] The buggy address belongs to the virtual mapping at
[ 81.937070][ C1] [ffffc90003920000, ffffc90003929000) created by:
[ 81.937070][ C1] copy_process+0x5d1/0x3df0
[ 81.955160][ C1]
[ 81.957521][ C1] The buggy address belongs to the physical page:
[ 81.964135][ C1] page:ffffea00007c8880 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1f222
[ 81.974367][ C1] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 81.981479][ C1] page_type: 0xffffffff()
[ 81.985838][ C1] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[ 81.994705][ C1] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 82.003497][ C1] page dumped because: kasan: bad access detected
[ 82.009943][ C1] page_owner tracks the page as allocated
[ 82.016038][ C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 4920, tgid 4920 (sshd), ts 60489886545, free_ts 43352677092
[ 82.034553][ C1] post_alloc_hook+0x1ea/0x210
[ 82.039337][ C1] get_page_from_freelist+0x33ea/0x3580
[ 82.044890][ C1] __alloc_pages+0x256/0x680
[ 82.049488][ C1] alloc_pages_mpol+0x3de/0x650
[ 82.054385][ C1] __vmalloc_node_range+0x9a4/0x14a0
[ 82.059805][ C1] dup_task_struct+0x3e9/0x7d0
[ 82.064703][ C1] copy_process+0x5d1/0x3df0
[ 82.069310][ C1] kernel_clone+0x21e/0x8d0
[ 82.073821][ C1] __x64_sys_clone+0x258/0x2a0
[ 82.078617][ C1] do_syscall_64+0xfb/0x240
[ 82.083173][ C1] entry_SYSCALL_64_after_hwframe+0x6d/0x75
[ 82.089077][ C1] page last free pid 4530 tgid 4530 stack trace:
[ 82.095425][ C1] free_unref_page_prepare+0x968/0xa90
[ 82.100906][ C1] free_unref_page+0x37/0x3f0
[ 82.105980][ C1] __slab_free+0x31b/0x3d0
[ 82.110407][ C1] qlist_free_all+0x5e/0xc0
[ 82.114936][ C1] kasan_quarantine_reduce+0x14f/0x170
[ 82.121201][ C1] __kasan_slab_alloc+0x23/0x80
[ 82.126081][ C1] __kmalloc+0x1e2/0x4a0
[ 82.130616][ C1] tomoyo_realpath_from_path+0xcf/0x5e0
[ 82.136231][ C1] tomoyo_path2_perm+0x3eb/0xbb0
[ 82.141298][ C1] tomoyo_path_rename+0x198/0x1e0
[ 82.146392][ C1] security_path_rename+0x179/0x220
[ 82.151723][ C1] do_renameat2+0x94a/0x13f0
[ 82.156333][ C1] __x64_sys_rename+0x86/0xa0
[ 82.161126][ C1] do_syscall_64+0xfb/0x240
[ 82.165784][ C1] entry_SYSCALL_64_after_hwframe+0x6d/0x75
[ 82.171799][ C1]
[ 82.174155][ C1] Memory state around the buggy address:
[ 82.179874][ C1] ffffc90003927280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 82.188144][ C1] ffffc90003927300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 82.196433][ C1] >ffffc90003927380: 00 00 00 00 f1 f1 f1 f1 00 f3 f3 f3 00 00 00 00
[ 82.204522][ C1] ^
[ 82.209735][ C1] ffffc90003927400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 82.217848][ C1] ffffc90003927480: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 00
[ 82.225916][ C1] ==================================================================
[ 82.234205][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 82.241819][ C1] CPU: 1 PID: 5072 Comm: syz-executor293 Not tainted 6.8.0-syzkaller-08073-g480e035fc4c7 #0
[ 82.252158][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[ 82.262583][ C1] Call Trace:
[ 82.265865][ C1]
[ 82.268741][ C1] dump_stack_lvl+0x241/0x360
[ 82.274388][ C1] ? __pfx_dump_stack_lvl+0x10/0x10
[ 82.279823][ C1] ? __pfx__printk+0x10/0x10
[ 82.284928][ C1] ? rcu_is_watching+0x15/0xb0
[ 82.290538][ C1] ? vscnprintf+0x5d/0x90
[ 82.295425][ C1] panic+0x349/0x860
[ 82.299863][ C1] ? __pfx_lock_release+0x10/0x10
[ 82.304984][ C1] ? check_panic_on_warn+0x21/0xb0
[ 82.310293][ C1] ? __pfx_panic+0x10/0x10
[ 82.315558][ C1] ? do_raw_spin_unlock+0x13c/0x8b0
[ 82.320825][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 82.326963][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 82.333634][ C1] check_panic_on_warn+0x86/0xb0
[ 82.338725][ C1] ? profile_pc+0xd2/0x170
[ 82.343406][ C1] end_report+0x6e/0x140
[ 82.347795][ C1] kasan_report+0x154/0x180
[ 82.352696][ C1] ? profile_pc+0xd2/0x170
[ 82.357171][ C1] ? _raw_spin_unlock_irqrestore+0xd8/0x140
[ 82.363344][ C1] profile_pc+0xd2/0x170
[ 82.367934][ C1] profile_tick+0xd7/0x150
[ 82.372826][ C1] tick_nohz_handler+0x3a8/0x540
[ 82.378165][ C1] ? __pfx_tick_nohz_handler+0x10/0x10
[ 82.384133][ C1] __hrtimer_run_queues+0x54b/0xd00
[ 82.389555][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10
[ 82.395614][ C1] ? ktime_get_update_offsets_now+0x411/0x430
[ 82.402542][ C1] hrtimer_interrupt+0x396/0x990
[ 82.407638][ C1] __sysvec_apic_timer_interrupt+0x107/0x3a0
[ 82.414684][ C1] sysvec_apic_timer_interrupt+0xa1/0xc0
[ 82.420884][ C1]
[ 82.423864][ C1]
[ 82.426843][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 82.433240][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140
[ 82.440739][ C1] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 fe 49 79 f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 a3 f1 e5 f5 65 8b 05 f4 d5 84 74 85 c0 74 43 48 c7 04 24 0e 36
[ 82.462592][ C1] RSP: 0018:ffffc900039273a0 EFLAGS: 00000206
[ 82.469522][ C1] RAX: 699ba57281667000 RBX: 1ffff92000724e78 RCX: ffffffff81720c2a
[ 82.478849][ C1] RDX: dffffc0000000000 RSI: ffffffff8baac1e0 RDI: 0000000000000001
[ 82.489485][ C1] RBP: ffffc90003927430 R08: ffffffff92ce15cf R09: 1ffffffff259c2b9
[ 82.497768][ C1] R10: dffffc0000000000 R11: fffffbfff259c2ba R12: dffffc0000000000
[ 82.506198][ C1] R13: 1ffff92000724e74 R14: ffffc900039273c0 R15: 0000000000000246
[ 82.515976][ C1] ? mark_lock+0x9a/0x350
[ 82.520696][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 82.528225][ C1] ? stack_trace_save+0x118/0x1d0
[ 82.533402][ C1] stack_depot_save_flags+0x37d/0x860
[ 82.539391][ C1] save_stack+0x109/0x1f0
[ 82.543943][ C1] ? __pfx_save_stack+0x10/0x10
[ 82.549037][ C1] ? free_unref_page_prepare+0x968/0xa90
[ 82.555878][ C1] ? free_unref_page+0x37/0x3f0
[ 82.561387][ C1] ? stack_depot_save_flags+0x38f/0x860
[ 82.568324][ C1] ? kasan_save_track+0x51/0x80
[ 82.573512][ C1] ? __kasan_slab_alloc+0x66/0x80
[ 82.579090][ C1] ? kmem_cache_alloc+0x174/0x340
[ 82.584262][ C1] ? __proc_create+0x44f/0xa50
[ 82.590372][ C1] ? proc_create+0x124/0x2c0
[ 82.596513][ C1] ? create_proc_profile+0xba/0x120
[ 82.602564][ C1] ? profiling_store+0x81/0xc0
[ 82.607647][ C1] ? kernfs_fop_write_iter+0x3a4/0x500
[ 82.613785][ C1] ? vfs_write+0xa84/0xcb0
[ 82.618372][ C1] ? ksys_write+0x1a0/0x2c0
[ 82.623188][ C1] ? do_syscall_64+0xfb/0x240
[ 82.628197][ C1] ? entry_SYSCALL_64_after_hwframe+0x6d/0x75
[ 82.634777][ C1] ? page_ext_get+0x20/0x2a0
[ 82.639782][ C1] __reset_page_owner+0x44/0x2d0
[ 82.644945][ C1] free_unref_page_prepare+0x968/0xa90
[ 82.650640][ C1] free_unref_page+0x37/0x3f0
[ 82.655634][ C1] ? __virt_addr_valid+0x183/0x520
[ 82.661146][ C1] stack_depot_save_flags+0x38f/0x860
[ 82.666926][ C1] kasan_save_track+0x51/0x80
[ 82.672222][ C1] ? kasan_save_track+0x3f/0x80
[ 82.677375][ C1] ? __kasan_slab_alloc+0x66/0x80
[ 82.682903][ C1] ? kmem_cache_alloc+0x174/0x340
[ 82.688354][ C1] ? __proc_create+0x44f/0xa50
[ 82.693255][ C1] ? proc_create+0x124/0x2c0
[ 82.698347][ C1] ? create_proc_profile+0xba/0x120
[ 82.704564][ C1] ? profiling_store+0x81/0xc0
[ 82.710148][ C1] ? kernfs_fop_write_iter+0x3a4/0x500
[ 82.717210][ C1] ? vfs_write+0xa84/0xcb0
[ 82.722887][ C1] ? ksys_write+0x1a0/0x2c0
[ 82.728115][ C1] ? do_syscall_64+0xfb/0x240
[ 82.733258][ C1] ? entry_SYSCALL_64_after_hwframe+0x6d/0x75
[ 82.741471][ C1] __kasan_slab_alloc+0x66/0x80
[ 82.746662][ C1] ? __proc_create+0x431/0xa50
[ 82.751909][ C1] kmem_cache_alloc+0x174/0x340
[ 82.756899][ C1] ? __proc_create+0x44f/0xa50
[ 82.761902][ C1] __proc_create+0x44f/0xa50
[ 82.767537][ C1] ? __pfx___proc_create+0x10/0x10
[ 82.773243][ C1] ? __pfx_profile_online_cpu+0x10/0x10
[ 82.779026][ C1] proc_create+0x124/0x2c0
[ 82.783574][ C1] ? __pfx_proc_create+0x10/0x10
[ 82.788782][ C1] ? __pfx_profile_online_cpu+0x10/0x10
[ 82.794478][ C1] ? cpus_read_unlock+0xa6/0x140
[ 82.799579][ C1] ? __cpuhp_setup_state+0x46/0x60
[ 82.804844][ C1] ? __pfx_sysfs_kf_write+0x10/0x10
[ 82.810120][ C1] create_proc_profile+0xba/0x120
[ 82.815429][ C1] profiling_store+0x81/0xc0
[ 82.820348][ C1] kernfs_fop_write_iter+0x3a4/0x500
[ 82.826190][ C1] vfs_write+0xa84/0xcb0
[ 82.830572][ C1] ? __pfx_vfs_write+0x10/0x10
[ 82.835475][ C1] ? lockdep_hardirqs_on+0x99/0x150
[ 82.840745][ C1] ? __fdget_pos+0x272/0x320
[ 82.845850][ C1] ksys_write+0x1a0/0x2c0
[ 82.850406][ C1] ? __pfx_ksys_write+0x10/0x10
[ 82.856189][ C1] ? do_syscall_64+0x10a/0x240
[ 82.861436][ C1] ? syscall_trace_enter+0x5f/0x150
[ 82.866770][ C1] do_syscall_64+0xfb/0x240
[ 82.871470][ C1] entry_SYSCALL_64_after_hwframe+0x6d/0x75
[ 82.877675][ C1] RIP: 0033:0x7f0728a91179
[ 82.882323][ C1] Code: 48 83 c4 28 c3 e8 e7 18 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 82.903693][ C1] RSP: 002b:00007ffc32847a58 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 82.912596][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0728a91179
[ 82.920862][ C1] RDX: 0000000000000012 RSI: 00000000200000c0 RDI: 0000000000000003
[ 82.928954][ C1] RBP: 00007ffc32847aa8 R08: 00007ffc328477f7 R09: 000055556e9a90c0
[ 82.937579][ C1] R10: 0000000000000012 R11: 0000000000000246 R12: 00007f0728b0e380
[ 82.946312][ C1] R13: 0000000000000004 R14: 00007ffc32847aa0 R15: 0000000000000003
[ 82.954852][ C1]
[ 82.958801][ C1] Kernel Offset: disabled
[ 82.963484][ C1] Rebooting in 86400 seconds..