[ 34.478952][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 34.490264][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 34.504045][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 34.516486][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 34.526538][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 34.596968][ T374] syz-executor.2 (374) used greatest stack depth: 20024 bytes left [ 35.492860][ T7] device bridge_slave_1 left promiscuous mode [ 35.498827][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.506288][ T7] device bridge_slave_0 left promiscuous mode [ 35.512454][ T7] bridge0: port 1(bridge_slave_0) entered disabled state Warning: Permanently added '10.128.0.173' (ED25519) to the list of known hosts. 2024/10/26 03:02:14 ignoring optional flag "sandboxArg"="0" 2024/10/26 03:02:14 ignoring optional flag "type"="gce" 2024/10/26 03:02:14 parsed 1 programs [ 53.918703][ T23] kauditd_printk_skb: 19 callbacks suppressed [ 53.918712][ T23] audit: type=1400 audit(1729911734.190:95): avc: denied { unlink } for pid=417 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" 2024/10/26 03:02:14 executed programs: 0 [ 53.973549][ T417] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 54.161907][ T431] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.169199][ T431] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.177192][ T431] device bridge_slave_0 entered promiscuous mode [ 54.184257][ T431] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.191087][ T431] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.198621][ T431] device bridge_slave_1 entered promiscuous mode [ 54.242045][ T434] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.249078][ T434] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.256466][ T434] device bridge_slave_0 entered promiscuous mode [ 54.263881][ T434] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.270724][ T434] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.278465][ T434] device bridge_slave_1 entered promiscuous mode [ 54.368424][ T429] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.375325][ T429] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.382928][ T429] device bridge_slave_0 entered promiscuous mode [ 54.396035][ T429] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.403341][ T429] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.411046][ T429] device bridge_slave_1 entered promiscuous mode [ 54.439898][ T433] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.446888][ T433] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.454326][ T433] device bridge_slave_0 entered promiscuous mode [ 54.460763][ T432] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.467659][ T432] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.474894][ T432] device bridge_slave_0 entered promiscuous mode [ 54.489272][ T433] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.496379][ T433] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.503988][ T433] device bridge_slave_1 entered promiscuous mode [ 54.524399][ T432] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.531499][ T432] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.539587][ T432] device bridge_slave_1 entered promiscuous mode [ 54.689034][ T434] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.695896][ T434] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.703405][ T434] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.710509][ T434] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.749306][ T431] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.756338][ T431] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.763582][ T431] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.771665][ T431] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.804202][ T429] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.811217][ T429] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.818783][ T429] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.826251][ T429] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.855703][ T432] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.863066][ T432] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.870359][ T432] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.877350][ T432] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.891885][ T433] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.898756][ T433] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.906223][ T433] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.913223][ T433] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.936917][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.944660][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.951735][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.959503][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.966721][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.973846][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.981039][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.989266][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.996523][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.004225][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.011826][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.020557][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.028487][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.054208][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.062999][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.070108][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.077970][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.086770][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.094119][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.102359][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.110692][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.117729][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.125951][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.134202][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.141042][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.153853][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 55.162012][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 55.185588][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 55.194121][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 55.201876][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 55.210992][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 55.230886][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.238311][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.246013][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 55.254466][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 55.263093][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 55.271344][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.280056][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.287123][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.294585][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 55.303406][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.311505][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.318744][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.332755][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.340249][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.348167][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.355766][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.363477][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 55.371776][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.380041][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.387076][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.405010][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 55.413246][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.421261][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.428233][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.436180][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 55.444677][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.453567][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.460423][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.480912][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 55.488867][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 55.496816][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 55.505177][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 55.513424][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 55.521747][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.531014][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.538398][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.546191][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 55.554542][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 55.584007][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 55.593668][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 55.603032][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 55.611816][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 55.620974][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 55.629746][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 55.637922][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 55.646226][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 55.654922][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 55.663134][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 55.683028][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 55.691274][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 55.704914][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 55.713519][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 55.738483][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 55.747386][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 55.755579][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 55.764890][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 55.773910][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 55.782152][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 55.791587][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 55.799858][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 55.808626][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 55.817158][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 55.829173][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 55.838767][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 55.856454][ T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 55.869240][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 55.899817][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 55.911664][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 55.920414][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 55.929537][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 55.938104][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 55.947082][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 55.955623][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 55.968868][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 55.981392][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 55.993712][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 56.002162][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 56.029445][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 56.038530][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 56.047602][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 56.066595][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 56.086112][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 56.095727][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 56.106089][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 56.114428][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 66.612853][ T13] cfg80211: failed to load regulatory.db [ 81.027532][ T434] ================================================================== [ 81.035521][ T434] BUG: KASAN: use-after-free in mutex_spin_on_owner+0x27b/0x2e0 [ 81.043269][ T434] Read of size 4 at addr ffff8881f30e1fb8 by task syz-executor.4/434 [ 81.051251][ T434] [ 81.053520][ T434] CPU: 0 PID: 434 Comm: syz-executor.4 Not tainted 5.4.283-syzkaller-04984-ge6ac8beecb16 #0 [ 81.063700][ T434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 81.073922][ T434] Call Trace: [ 81.077120][ T434] dump_stack+0x1d8/0x241 [ 81.081374][ T434] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 81.087181][ T434] ? printk+0xd1/0x111 [ 81.091099][ T434] ? mutex_spin_on_owner+0x27b/0x2e0 [ 81.096293][ T434] ? wake_up_klogd+0xb2/0xf0 [ 81.100932][ T434] ? mutex_spin_on_owner+0x27b/0x2e0 [ 81.106204][ T434] print_address_description+0x8c/0x600 [ 81.111860][ T434] ? panic+0x89d/0x89d [ 81.116010][ T434] ? finish_task_switch+0x1bb/0x590 [ 81.121165][ T434] ? mutex_spin_on_owner+0x27b/0x2e0 [ 81.126647][ T434] __kasan_report+0xf3/0x120 [ 81.131276][ T434] ? mutex_spin_on_owner+0x27b/0x2e0 [ 81.136888][ T434] kasan_report+0x30/0x60 [ 81.141043][ T434] mutex_spin_on_owner+0x27b/0x2e0 [ 81.146345][ T434] __mutex_lock+0x737/0x1060 [ 81.151052][ T434] ? __ww_mutex_lock_interruptible_slowpath+0x10/0x10 [ 81.157719][ T434] ? __module_put_and_exit+0x20/0x20 [ 81.162953][ T434] ? up_read+0x6f/0x1b0 [ 81.167233][ T434] mutex_lock_killable+0xd8/0x110 [ 81.172365][ T434] ? __mutex_lock_interruptible_slowpath+0x10/0x10 [ 81.178795][ T434] ? mutex_lock+0xa5/0x110 [ 81.183257][ T434] ? mutex_trylock+0xa0/0xa0 [ 81.187685][ T434] lo_open+0x18/0xc0 [ 81.191413][ T434] __blkdev_get+0x3c8/0x1160 [ 81.195939][ T434] ? blkdev_get+0x3a0/0x3a0 [ 81.200309][ T434] ? _raw_spin_unlock+0x49/0x60 [ 81.205036][ T434] blkdev_get+0x2de/0x3a0 [ 81.209207][ T434] ? blkdev_open+0x173/0x290 [ 81.213624][ T434] ? block_ioctl+0xe0/0xe0 [ 81.217983][ T434] do_dentry_open+0x964/0x1130 [ 81.222597][ T434] ? finish_open+0xd0/0xd0 [ 81.226914][ T434] ? security_inode_permission+0xad/0xf0 [ 81.232392][ T434] ? memcpy+0x38/0x50 [ 81.236208][ T434] path_openat+0x29bf/0x34b0 [ 81.241176][ T434] ? stack_trace_save+0x118/0x1c0 [ 81.246286][ T434] ? do_filp_open+0x450/0x450 [ 81.250792][ T434] ? do_sys_open+0x357/0x810 [ 81.255206][ T434] ? do_syscall_64+0xca/0x1c0 [ 81.259938][ T434] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 81.265834][ T434] do_filp_open+0x20b/0x450 [ 81.270369][ T434] ? vfs_tmpfile+0x2c0/0x2c0 [ 81.274796][ T434] ? _raw_spin_unlock+0x49/0x60 [ 81.279673][ T434] ? __alloc_fd+0x4c5/0x570 [ 81.284100][ T434] do_sys_open+0x39c/0x810 [ 81.288422][ T434] ? file_open_root+0x490/0x490 [ 81.293234][ T434] ? switch_fpu_return+0x1d4/0x410 [ 81.298155][ T434] do_syscall_64+0xca/0x1c0 [ 81.303065][ T434] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 81.309236][ T434] RIP: 0033:0x7f46fafe7921 [ 81.313665][ T434] Code: 75 57 89 f0 25 00 00 41 00 3d 00 00 41 00 74 49 80 3d ea 35 10 00 00 74 6d 89 da 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 93 00 00 00 48 8b 54 24 28 64 48 2b 14 25 [ 81.333848][ T434] RSP: 002b:00007ffc45d84980 EFLAGS: 00000202 ORIG_RAX: 0000000000000101 [ 81.342985][ T434] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f46fafe7921 [ 81.351173][ T434] RDX: 0000000000000002 RSI: 00007ffc45d84ac0 RDI: 00000000ffffff9c [ 81.358978][ T434] RBP: 00007ffc45d84ac0 R08: 000000000000000a R09: 00007ffc45d84747 [ 81.366879][ T434] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f46fb0e4e28 [ 81.375079][ T434] R13: 00007f46fb0e4120 R14: 0000000000000003 R15: 00007ffc45d84ac0 [ 81.382970][ T434] [ 81.385118][ T434] Allocated by task 459: [ 81.389303][ T434] __kasan_kmalloc+0x171/0x210 [ 81.393991][ T434] kmem_cache_alloc+0xd9/0x250 [ 81.398890][ T434] dup_task_struct+0x4f/0x600 [ 81.403713][ T434] copy_process+0x56d/0x3230 [ 81.408424][ T434] _do_fork+0x197/0x900 [ 81.412405][ T434] __x64_sys_clone3+0x2da/0x300 [ 81.417098][ T434] do_syscall_64+0xca/0x1c0 [ 81.421596][ T434] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 81.428026][ T434] [ 81.430213][ T434] Freed by task 10: [ 81.433826][ T434] __kasan_slab_free+0x1b5/0x270 [ 81.438677][ T434] kmem_cache_free+0x10b/0x2c0 [ 81.443387][ T434] rcu_do_batch+0x492/0xa00 [ 81.447788][ T434] rcu_core+0x4c8/0xcb0 [ 81.451781][ T434] __do_softirq+0x23b/0x6b7 [ 81.456337][ T434] [ 81.458532][ T434] The buggy address belongs to the object at ffff8881f30e1f80 [ 81.458532][ T434] which belongs to the cache task_struct of size 3904 [ 81.472717][ T434] The buggy address is located 56 bytes inside of [ 81.472717][ T434] 3904-byte region [ffff8881f30e1f80, ffff8881f30e2ec0) [ 81.485776][ T434] The buggy address belongs to the page: [ 81.491259][ T434] page:ffffea0007cc3800 refcount:1 mapcount:0 mapping:ffff8881f5cf8f00 index:0x0 compound_mapcount: 0 [ 81.502113][ T434] flags: 0x8000000000010200(slab|head) [ 81.507446][ T434] raw: 8000000000010200 ffffea0007cc3c00 0000000200000002 ffff8881f5cf8f00 [ 81.515828][ T434] raw: 0000000000000000 0000000000080008 00000001ffffffff 0000000000000000 [ 81.524465][ T434] page dumped because: kasan: bad access detected [ 81.531028][ T434] page_owner tracks the page as allocated [ 81.536585][ T434] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC) [ 81.552261][ T434] prep_new_page+0x18f/0x370 [ 81.556767][ T434] get_page_from_freelist+0x2d13/0x2d90 [ 81.562377][ T434] __alloc_pages_nodemask+0x393/0x840 [ 81.567574][ T434] alloc_slab_page+0x39/0x3c0 [ 81.572349][ T434] new_slab+0x97/0x440 [ 81.576336][ T434] ___slab_alloc+0x2fe/0x490 [ 81.580796][ T434] __slab_alloc+0x62/0xa0 [ 81.585018][ T434] kmem_cache_alloc+0x109/0x250 [ 81.589794][ T434] dup_task_struct+0x4f/0x600 [ 81.594485][ T434] copy_process+0x56d/0x3230 [ 81.599264][ T434] _do_fork+0x197/0x900 [ 81.603357][ T434] kernel_thread+0x16a/0x1d0 [ 81.607934][ T434] kthreadd+0x3b1/0x4f0 [ 81.611952][ T434] ret_from_fork+0x1f/0x30 [ 81.616368][ T434] page last free stack trace: [ 81.621157][ T434] __free_pages_ok+0x847/0x950 [ 81.625896][ T434] __free_pages+0x91/0x140 [ 81.630389][ T434] put_task_stack+0x212/0x260 [ 81.634880][ T434] finish_task_switch+0x24a/0x590 [ 81.639755][ T434] __schedule+0xb0d/0x1320 [ 81.644248][ T434] schedule_idle+0x50/0x80 [ 81.648678][ T434] do_idle+0x609/0x660 [ 81.652678][ T434] cpu_startup_entry+0x14/0x20 [ 81.657295][ T434] start_secondary+0x3a5/0x460 [ 81.661923][ T434] secondary_startup_64+0xa4/0xb0 [ 81.666908][ T434] [ 81.669114][ T434] Memory state around the buggy address: [ 81.674932][ T434] ffff8881f30e1e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 81.682937][ T434] ffff8881f30e1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 81.690887][ T434] >ffff8881f30e1f80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 81.699112][ T434] ^ [ 81.704939][ T434] ffff8881f30e2000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 81.712913][ T434] ffff8881f30e2080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 81.720909][ T434] ================================================================== [ 81.728787][ T434] Disabling lock debugging due to kernel taint 2024/10/26 03:02:42 executed programs: 6 [ 82.773368][ T454] device bridge_slave_1 left promiscuous mode [ 82.779303][ T454] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.787091][ T454] device bridge_slave_0 left promiscuous mode [ 82.793213][ T454] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.988847][ T491] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.995706][ T491] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.003658][ T491] device bridge_slave_0 entered promiscuous mode [ 83.015690][ T491] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.022915][ T491] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.030692][ T491] device bridge_slave_1 entered promiscuous mode [ 83.114623][ T495] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.121911][ T495] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.129370][ T495] device bridge_slave_0 entered promiscuous mode [ 83.143661][ T494] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.150669][ T494] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.158407][ T494] device bridge_slave_0 entered promiscuous mode [ 83.165107][ T495] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.172961][ T495] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.180972][ T495] device bridge_slave_1 entered promiscuous mode [ 83.203466][ T494] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.210307][ T494] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.218200][ T494] device bridge_slave_1 entered promiscuous mode [ 83.293249][ T491] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.300796][ T491] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.308075][ T491] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.315109][ T491] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.359146][ T495] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.366019][ T495] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.373306][ T495] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.380228][ T495] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.432781][ T494] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.439639][ T494] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.446788][ T494] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.453631][ T494] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.462043][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 83.469702][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.477225][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.485300][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.492692][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.499829][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.507257][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.516732][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 83.524857][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.532008][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.548403][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 83.556639][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.563480][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.583990][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 83.591440][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 83.599880][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.606759][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.618212][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 83.626917][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.633854][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.653000][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 83.660768][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 83.668614][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 83.683065][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 83.698581][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 83.720460][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 83.743445][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 83.751757][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 83.760100][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 83.779210][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 83.788502][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 83.798037][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 83.807332][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 83.828181][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 83.836475][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 83.845120][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.852045][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.859750][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 83.868104][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 83.876262][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.883180][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.890584][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 83.899764][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 83.911343][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 83.919507][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 83.944695][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 83.953156][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 83.961426][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 83.970343][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 83.978788][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 83.987119][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 83.997793][ T454] device bridge_slave_1 left promiscuous mode [ 84.003894][ T454] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.011215][ T454] device bridge_slave_0 left promiscuous mode [ 84.017489][ T454] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.024917][ T454] device bridge_slave_1 left promiscuous mode [ 84.030830][ T454] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.038183][ T454] device bridge_slave_0 left promiscuous mode [ 84.044187][ T454] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.206459][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 84.214794][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 84.227390][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 84.235486][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 84.247837][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 84.256179][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 84.275212][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 84.283402][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 84.294148][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 84.302917][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 87.007982][ T511] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.015322][ T511] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.022845][ T511] device bridge_slave_0 entered promiscuous mode [ 87.029738][ T511] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.037038][ T511] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.044257][ T511] device bridge_slave_1 entered promiscuous mode [ 87.085224][ T511] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.092471][ T511] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.100023][ T511] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.106933][ T511] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.131228][ T454] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.138516][ T454] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.146081][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 87.153445][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 87.162742][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 87.170823][ T454] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.177680][ T454] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.187625][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 87.195833][ T454] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.202799][ T454] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.217142][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 87.227225][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 87.243660][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 87.255286][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 87.268268][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 87.280887][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 87.292039][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready