Warning: Permanently added '10.128.0.229' (ECDSA) to the list of known hosts. 2021/08/12 20:06:25 parsed 1 programs 2021/08/12 20:06:25 executed programs: 0 [*** ] A start job is running for dev-ttyS0.device (9s / 1min 30s)[ *** ] A start job is running for dev-ttyS0.device (10s / 1min 30s)[ *** ] A start job is running for dev-ttyS0.device (10s / 1min 30s)[ ***] A start job is running for dev-ttyS0.device (11s / 1min 30s)[ **] A start job is running for dev-ttyS0.device (12s / 1min 30s)[ *] A start job is running for dev-ttyS0.device (12s / 1min 30s)[ **] A start job is running for dev-ttyS0.device (13s / 1min 30s)[ ***] A start job is running for dev-ttyS0.device (13s / 1min 30s)[ *** ] A start job is running for dev-ttyS0.device (14s / 1min 30s)[ *** ] A start job is running for dev-ttyS0.device (15s / 1min 30s)[*** ] A start job is running for dev-ttyS0.device (15s / 1min 30s)[** ] A start job is running for dev-ttyS0.device (16s / 1min 30s)[* ] A start job is running for dev-ttyS0.device (17s / 1min 30s)[** ] A start job is running for dev-ttyS0.device (17s / 1min 30s)[*** ] A start job is running for dev-ttyS0.device (18s / 1min 30s)[ *** ] A start job is running for dev-ttyS0.device (18s / 1min 30s)[ *** ] A start job is running for dev-ttyS0.device (19s / 1min 30s)[ ***] A start job is running for dev-ttyS0.device (20s / 1min 30s)[ **] A start job is running for dev-ttyS0.device (20s / 1min 30s)[ 27.748562][ T22] audit: type=1400 audit(1628798785.200:8): avc: denied { execmem } for pid=344 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 27.780054][ T351] cgroup1: Unknown subsys name 'perf_event' [ 27.788767][ T348] cgroup1: Unknown subsys name 'perf_event' [ 27.801838][ T351] cgroup1: Unknown subsys name 'net_cls' [ 27.803575][ T353] cgroup1: Unknown subsys name 'perf_event' [ 27.806192][ T355] cgroup1: Unknown subsys name 'perf_event' [ 27.809648][ T353] cgroup1: Unknown subsys name 'net_cls' [ 27.822733][ T354] cgroup1: Unknown subsys name 'perf_event' [ 27.829889][ T355] cgroup1: Unknown subsys name 'net_cls' [ 27.833697][ T348] cgroup1: Unknown subsys name 'net_cls' [ 27.846377][ T354] cgroup1: Unknown subsys name 'net_cls' [ 27.851557][ T356] cgroup1: Unknown subsys name 'perf_event' [ 27.871258][ T356] cgroup1: Unknown subsys name 'net_cls' [ 28.036197][ T348] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.043305][ T348] bridge0: port 1(bridge_slave_0) entered disabled state [ 28.050603][ T348] device bridge_slave_0 entered promiscuous mode [ 28.057887][ T348] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.065221][ T348] bridge0: port 2(bridge_slave_1) entered disabled state [ 28.073053][ T348] device bridge_slave_1 entered promiscuous mode [ 28.079718][ T353] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.086990][ T353] bridge0: port 1(bridge_slave_0) entered disabled state [ 28.094593][ T353] device bridge_slave_0 entered promiscuous mode [ 28.101745][ T353] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.108757][ T353] bridge0: port 2(bridge_slave_1) entered disabled state [ 28.116920][ T353] device bridge_slave_1 entered promiscuous mode [ 28.178081][ T355] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.185455][ T355] bridge0: port 1(bridge_slave_0) entered disabled state [ 28.193269][ T355] device bridge_slave_0 entered promiscuous mode [ 28.199819][ T351] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.207552][ T351] bridge0: port 1(bridge_slave_0) entered disabled state [ 28.215314][ T351] device bridge_slave_0 entered promiscuous mode [ 28.234498][ T355] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.241569][ T355] bridge0: port 2(bridge_slave_1) entered disabled state [ 28.248895][ T355] device bridge_slave_1 entered promiscuous mode [ 28.261932][ T351] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.268944][ T351] bridge0: port 2(bridge_slave_1) entered disabled state [ 28.276629][ T351] device bridge_slave_1 entered promiscuous mode [ *] A start job is running for dev-ttyS0.device (21s / 1min 30s)[ 28.318280][ T356] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.325317][ T356] bridge0: port 1(bridge_slave_0) entered disabled state [ 28.332934][ T356] device bridge_slave_0 entered promiscuous mode [ 28.365573][ T356] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.372724][ T356] bridge0: port 2(bridge_slave_1) entered disabled state [ 28.385677][ T356] device bridge_slave_1 entered promiscuous mode [ 28.392386][ T354] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.399488][ T354] bridge0: port 1(bridge_slave_0) entered disabled state [ 28.407250][ T354] device bridge_slave_0 entered promiscuous mode [ 28.442317][ T354] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.449343][ T354] bridge0: port 2(bridge_slave_1) entered disabled state [ 28.457091][ T354] device bridge_slave_1 entered promiscuous mode [ 28.519969][ T351] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.527119][ T351] bridge0: port 2(bridge_slave_1) entered forwarding state [ 28.534414][ T351] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.541466][ T351] bridge0: port 1(bridge_slave_0) entered forwarding state [ 28.637107][ T355] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.644266][ T355] bridge0: port 2(bridge_slave_1) entered forwarding state [ 28.651600][ T355] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.658622][ T355] bridge0: port 1(bridge_slave_0) entered forwarding state [ 28.671917][ T100] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 28.679869][ T100] bridge0: port 1(bridge_slave_0) entered disabled state [ 28.687185][ T100] bridge0: port 2(bridge_slave_1) entered disabled state [ 28.694715][ T100] bridge0: port 1(bridge_slave_0) entered disabled state [ 28.702079][ T100] bridge0: port 2(bridge_slave_1) entered disabled state [ 28.723238][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 28.731384][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.738435][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 28.787196][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 28.795376][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.802402][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 28.826798][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 28.834740][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 28.842941][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 28.872927][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 28.880874][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 28.889595][ T142] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.896657][ T142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 28.904850][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 28.913074][ T142] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.920103][ T142] bridge0: port 2(bridge_slave_1) entered forwarding state [ **] A start job is running for dev-ttyS0.device (22s / [ 28.933838][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready 1min 30s)[ 28.961900][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 28.970061][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 28.978778][ T67] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.985821][ T67] bridge0: port 1(bridge_slave_0) entered forwarding state [ 28.993945][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 29.003503][ T67] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.010504][ T67] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.017866][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 29.025427][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 29.033028][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 29.040934][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 29.049157][ T67] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.056369][ T67] bridge0: port 1(bridge_slave_0) entered forwarding state [ 29.063837][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 29.071757][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 29.080051][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 29.089133][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 29.128304][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 29.136647][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 29.144848][ T67] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.151866][ T67] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.159715][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 29.168138][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 29.176526][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 29.184681][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 29.193146][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 29.201340][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 29.209679][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 29.217838][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 29.226540][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 29.234922][ T67] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.242072][ T67] bridge0: port 1(bridge_slave_0) entered forwarding state [ 29.249371][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 29.258048][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 29.266348][ T67] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.273489][ T67] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.282008][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 29.312710][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 29.321155][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 29.330748][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 29.339113][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 29.347399][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 29.355665][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 29.363300][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 29.370885][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 29.379711][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 29.388157][ T142] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.395420][ T142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 29.402854][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 29.411178][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 29.419696][ T142] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.426929][ T142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.435316][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 29.443770][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 29.462361][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 29.470216][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 29.478195][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 29.486718][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 29.495314][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 29.503476][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 29.513043][ T100] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 29.521247][ T100] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 29.543509][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 29.551589][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 29.560024][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ *[ 29.569192][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready *[[ 29.578667][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready 0;31m*] A st[ 29.587935][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready art job is runni[ 29.597202][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready ng for dev-ttyS0[ 29.606596][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready .device (22s / 1min 30s)[ 29.626117][ T100] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 29.634550][ T100] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 29.643423][ T100] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 29.664625][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 29.672968][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 29.681407][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 29.690230][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 29.698670][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 29.707676][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 29.716737][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 29.725575][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 29.743065][ T100] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 29.750930][ T100] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 29.771860][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 29.780387][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 29.803690][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 29.812782][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 29.821212][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 29.830215][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 29.839073][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 29.867284][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 29.876047][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 29.885118][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 29.899430][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 29.907956][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 29.922885][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 29.931109][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 29.939640][ T376] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 29.987964][ T117] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 29.997610][ T117] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 30.011108][ T117] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 30.020154][ T117] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 30.029149][ T117] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 30.037721][ T117] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 30.062536][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 30.079254][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 2021/08/12 20:06:30 executed programs: 200 2021/08/12 20:06:35 executed programs: 575 [ *** ] A start job is running for dev-ttyS0.device (23s / 1min 30s)[ *** ] A start job is running for dev-ttyS0.device (23s / 1min 30s)[*** ] A start job is running for dev-ttyS0.device (24s / 1min 30s)[** ] A start job is running for dev-ttyS0.device (25s / 1min 30s)[* ] A start job is running for dev-ttyS0.device (25s / 1min 30s)[** ] A start job is running for dev-ttyS0.device (26s / 1min 30s)[*** ] A start job is running for dev-ttyS0.device (26s / 1min 30s)[ *** ] A start job is running for dev-ttyS0.device (27s / 1min 30s)[ *** ] A start job is running for dev-ttyS0.device (28s / 1min 30s)[ ***] A start job is running for dev-ttyS0.device (28s / 1min 30s)[ **] A start job is running for dev-ttyS0.device (29s / 1min 30s)[ *] A start job is running for dev-ttyS0.device (30s / 1min 30s)[ **] A start job is running for dev-ttyS0.device (30s / 1min 30s)[ ***] A start job is running for dev-ttyS0.device (31s / 1min 30s)[ 38.724549][ T3053] ================================================================== [ 38.732640][ T3053] BUG: KASAN: use-after-free in selinux_inode_permission+0x599/0x690 [ 38.740682][ T3053] Read of size 4 at addr ffff8881e9d8b824 by task syz-executor.2/3053 [ 38.748798][ T3053] [ 38.751117][ T3053] CPU: 1 PID: 3053 Comm: syz-executor.2 Not tainted 5.4.125-syzkaller-00007-g299ecc4fc137 #0 [ 38.761227][ T3053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 38.771339][ T3053] Call Trace: [ 38.774617][ T3053] dump_stack+0x1d8/0x24e [ 38.778916][ T3053] ? is_mmconf_reserved+0x420/0x420 [ 38.784084][ T3053] ? show_regs_print_info+0x12/0x12 [ 38.789257][ T3053] ? printk+0xcf/0x114 [ 38.793301][ T3053] print_address_description+0x9b/0x650 [ 38.798821][ T3053] ? devkmsg_release+0x11c/0x11c [ 38.803726][ T3053] __kasan_report+0x182/0x260 [ 38.808397][ T3053] ? selinux_inode_permission+0x599/0x690 [ 38.814083][ T3053] kasan_report+0x30/0x60 [ 38.818551][ T3053] ? memset+0x1f/0x40 [ 38.822610][ T3053] selinux_inode_permission+0x599/0x690 [ 38.828133][ T3053] ? selinux_inode_follow_link+0x3c0/0x3c0 [ 38.833925][ T3053] ? generic_permission+0x13a/0x490 [ 38.839089][ T3053] security_inode_permission+0x92/0x110 [ 38.844609][ T3053] link_path_walk+0x204/0x14b0 [ 38.849435][ T3053] ? kmem_cache_alloc+0x115/0x290 [ 38.854431][ T3053] ? path_init+0x11f0/0x11f0 [ 38.858991][ T3053] ? path_init+0xd70/0x11f0 [ 38.863467][ T3053] path_openat+0x1bb/0x3da0 [ 38.867942][ T3053] ? arch_stack_walk+0xf8/0x140 [ 38.872764][ T3053] ? stack_trace_snprint+0x150/0x150 [ 38.878045][ T3053] ? stack_trace_snprint+0x150/0x150 [ 38.883301][ T3053] ? futex_exit_release+0xc0/0xc0 [ 38.888297][ T3053] ? do_filp_open+0x450/0x450 [ 38.892959][ T3053] ? __kasan_kmalloc+0x137/0x1e0 [ 38.897864][ T3053] ? kmem_cache_alloc+0x115/0x290 [ 38.902860][ T3053] ? getname_flags+0xba/0x640 [ 38.907512][ T3053] ? do_sys_open+0x33e/0x7c0 [ 38.912273][ T3053] ? do_syscall_64+0xcb/0x1e0 [ 38.916926][ T3053] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 38.922972][ T3053] do_filp_open+0x208/0x450 [ 38.927452][ T3053] ? vfs_tmpfile+0x210/0x210 [ 38.932014][ T3053] ? _raw_spin_unlock+0x49/0x60 [ 38.936831][ T3053] ? __alloc_fd+0x4f1/0x590 [ 38.941306][ T3053] do_sys_open+0x383/0x7c0 [ 38.945694][ T3053] ? file_open_root+0x450/0x450 [ 38.950513][ T3053] ? __fpregs_load_activate+0x1d7/0x3c0 [ 38.956026][ T3053] ? ksys_mount+0xe0/0xf0 [ 38.960500][ T3053] do_syscall_64+0xcb/0x1e0 [ 38.964985][ T3053] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 38.970843][ T3053] RIP: 0033:0x4665e9 [ 38.974703][ T3053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 38.994271][ T3053] RSP: 002b:00007f21b7ead188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 39.002648][ T3053] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 39.010601][ T3053] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003 [ 39.018544][ T3053] RBP: 00000000004bfcc4 R08: 0000000000000000 R09: 0000000000000000 [ 39.026490][ T3053] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038 [ 39.034428][ T3053] R13: 00007ffc1131010f R14: 00007f21b7ead300 R15: 0000000000022000 [ 39.042370][ T3053] [ 39.044672][ T3053] Allocated by task 3053: [ 39.048974][ T3053] __kasan_kmalloc+0x137/0x1e0 [ 39.053712][ T3053] kmem_cache_alloc_trace+0x139/0x2b0 [ 39.059054][ T3053] alloc_inode+0x43/0x70 [ 39.063349][ T3053] iget5_locked+0x9e/0x3c0 [ 39.067759][ T3053] fetch_regular_inode+0x22f/0x300 [ 39.072850][ T3053] incfs_mount_fs+0x4e7/0x840 [ 39.077498][ T3053] legacy_get_tree+0xde/0x170 [ 39.082151][ T3053] vfs_get_tree+0x83/0x260 [ 39.086623][ T3053] do_mount+0x19d0/0x2670 [ 39.090923][ T3053] ksys_mount+0xc2/0xf0 [ 39.095137][ T3053] __x64_sys_mount+0xb1/0xc0 [ 39.099781][ T3053] do_syscall_64+0xcb/0x1e0 [ 39.104250][ T3053] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 39.110104][ T3053] [ 39.112403][ T3053] Freed by task 3034: [ 39.116370][ T3053] __kasan_slab_free+0x18a/0x240 [ 39.121301][ T3053] slab_free_freelist_hook+0x7b/0x150 [ 39.126643][ T3053] kfree+0xe0/0x660 [ 39.130774][ T3053] evict+0x59b/0x6a0 [ 39.134645][ T3053] evict_inodes+0x608/0x690 [ 39.139123][ T3053] generic_shutdown_super+0x8f/0x2a0 [ 39.144406][ T3053] incfs_kill_sb+0x3d/0x50 [ 39.148790][ T3053] deactivate_locked_super+0xaf/0x100 [ 39.154240][ T3053] deactivate_super+0x1b3/0x270 [ 39.159055][ T3053] cleanup_mnt+0x432/0x4e0 [ 39.163455][ T3053] task_work_run+0x186/0x1b0 [ 39.168027][ T3053] prepare_exit_to_usermode+0x2b0/0x310 [ 39.173551][ T3053] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 39.179407][ T3053] [ 39.181881][ T3053] The buggy address belongs to the object at ffff8881e9d8b800 [ 39.181881][ T3053] which belongs to the cache kmalloc-1k of size 1024 [ 39.195901][ T3053] The buggy address is located 36 bytes inside of [ 39.195901][ T3053] 1024-byte region [ffff8881e9d8b800, ffff8881e9d8bc00) [ 39.209133][ T3053] The buggy address belongs to the page: [ 39.214733][ T3053] page:ffffea0007a76200 refcount:1 mapcount:0 mapping:ffff8881f5c02280 index:0x0 compound_mapcount: 0 [ 39.225627][ T3053] flags: 0x8000000000010200(slab|head) [ 39.231140][ T3053] raw: 8000000000010200 ffffea0007945800 0000000200000002 ffff8881f5c02280 [ 39.239689][ T3053] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 39.248245][ T3053] page dumped because: kasan: bad access detected [ 39.254623][ T3053] page_owner tracks the page as allocated [ 39.260321][ T3053] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC) [ 39.275307][ T3053] prep_new_page+0x19a/0x380 [ 39.279868][ T3053] get_page_from_freelist+0x550/0x8b0 [ 39.285218][ T3053] __alloc_pages_nodemask+0x3a2/0x880 [ 39.290559][ T3053] alloc_slab_page+0x39/0x3e0 [ 39.295199][ T3053] new_slab+0x97/0x460 [ 39.299232][ T3053] ___slab_alloc+0x330/0x4c0 [ 39.303876][ T3053] __kmalloc_track_caller+0x1d1/0x2e0 [ 39.309214][ T3053] __alloc_skb+0xaf/0x4d0 [ 39.313511][ T3053] netlink_sendmsg+0x748/0xd40 [ 39.318240][ T3053] ____sys_sendmsg+0x583/0x8c0 [ 39.322970][ T3053] __sys_sendmsg+0x2c4/0x3b0 [ 39.327527][ T3053] do_syscall_64+0xcb/0x1e0 [ 39.331997][ T3053] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 39.337870][ T3053] page last free stack trace: [ 39.342515][ T3053] __free_pages_ok+0xc60/0xd80 [ 39.347245][ T3053] __free_pages+0x8f/0x250 [ 39.351628][ T3053] __free_slab+0x237/0x2f0 [ 39.356009][ T3053] unfreeze_partials+0x14f/0x180 [ 39.360909][ T3053] put_cpu_partial+0xb5/0x150 [ 39.365566][ T3053] ___cache_free+0x352/0x4e0 [ 39.370125][ T3053] quarantine_reduce+0x17a/0x1e0 [ 39.375030][ T3053] __kasan_kmalloc+0x43/0x1e0 [ 39.379673][ T3053] kmem_cache_alloc+0x115/0x290 [ 39.384589][ T3053] getname_flags+0xba/0x640 [ 39.389077][ T3053] user_path_at_empty+0x28/0x50 [ 39.393916][ T3053] __se_sys_newlstat+0xde/0x860 [ 39.398737][ T3053] do_syscall_64+0xcb/0x1e0 [ 39.403225][ T3053] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 39.409093][ T3053] [ 39.411410][ T3053] Memory state around the buggy address: [ 39.417014][ T3053] ffff8881e9d8b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 39.425056][ T3053] ffff8881e9d8b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 39.433432][ T3053] >ffff8881e9d8b800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 39.441457][ T3053] ^ [ 39.446532][ T3053] ffff8881e9d8b880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 39.454674][ T3053] ffff8881e9d8b900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 39.462704][ T3053] ================================================================== [ 39.470750][ T3053] Disabling lock debugging due to kernel taint 2021/08/12 20:06:40 executed programs: 887 2021/08/12 20:06:45 executed programs: 1268