Warning: Permanently added '10.128.0.102' (ED25519) to the list of known hosts. 2024/10/30 17:44:09 ignoring optional flag "sandboxArg"="0" 2024/10/30 17:44:09 ignoring optional flag "type"="gce" 2024/10/30 17:44:10 parsed 1 programs [ 46.608514][ T27] kauditd_printk_skb: 19 callbacks suppressed [ 46.608522][ T27] audit: type=1400 audit(1730310250.090:95): avc: denied { unlink } for pid=348 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" 2024/10/30 17:44:10 executed programs: 0 [ 46.676056][ T348] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 46.801669][ T360] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.808539][ T360] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.815742][ T360] device bridge_slave_0 entered promiscuous mode [ 46.823509][ T360] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.830366][ T360] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.837560][ T360] device bridge_slave_1 entered promiscuous mode [ 46.862332][ T364] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.869481][ T364] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.876954][ T364] device bridge_slave_0 entered promiscuous mode [ 46.884951][ T364] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.891870][ T364] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.899345][ T364] device bridge_slave_1 entered promiscuous mode [ 46.963808][ T365] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.970697][ T365] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.977828][ T365] device bridge_slave_0 entered promiscuous mode [ 46.997732][ T365] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.005209][ T365] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.012882][ T365] device bridge_slave_1 entered promiscuous mode [ 47.019311][ T361] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.026229][ T361] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.033745][ T361] device bridge_slave_0 entered promiscuous mode [ 47.040662][ T361] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.047575][ T361] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.054955][ T361] device bridge_slave_1 entered promiscuous mode [ 47.117827][ T363] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.124947][ T363] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.132321][ T363] device bridge_slave_0 entered promiscuous mode [ 47.159773][ T363] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.166796][ T363] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.174292][ T363] device bridge_slave_1 entered promiscuous mode [ 47.237914][ T360] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.244900][ T360] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.252256][ T360] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.259100][ T360] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.277430][ T364] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.284292][ T364] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.291571][ T364] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.298420][ T364] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.311821][ T365] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.318690][ T365] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.325762][ T365] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.332833][ T365] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.385581][ T361] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.392444][ T361] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.399545][ T361] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.406315][ T361] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.427243][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 47.434792][ T41] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.442214][ T41] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.449986][ T41] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.457128][ T41] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.464403][ T41] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.471536][ T41] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.478666][ T41] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.485684][ T41] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.508311][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.517033][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.524083][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.532491][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.541269][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.548508][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.560056][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 47.568995][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 47.576274][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 47.592999][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 47.601126][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 47.619581][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.627624][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.634585][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.642154][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.650633][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.657468][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.688882][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 47.696761][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.705039][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.712306][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.719966][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.729338][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.736283][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.743939][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 47.752484][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 47.761085][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 47.769014][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 47.777058][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.785400][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.792369][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.799975][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.808352][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.815463][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.831013][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 47.839062][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.847143][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.854084][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.862245][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.870550][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.877396][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.885005][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 47.893785][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 47.906787][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 47.914922][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 47.927102][ T364] device veth0_vlan entered promiscuous mode [ 47.940821][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 47.948744][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 47.956586][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 47.964601][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 47.972790][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 47.981026][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 47.989152][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 47.997416][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 48.006276][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 48.013652][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 48.026627][ T364] device veth1_macvtap entered promiscuous mode [ 48.035111][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 48.043152][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 48.051401][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 48.059572][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 48.067870][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 48.075538][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 48.083448][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 48.091346][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 48.098818][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 48.109154][ T365] device veth0_vlan entered promiscuous mode [ 48.120611][ T360] device veth0_vlan entered promiscuous mode [ 48.126943][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 48.135324][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 48.143838][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 48.152102][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 48.160648][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 48.168665][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 48.176569][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 48.184327][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 48.193366][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 48.201740][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 48.216307][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 48.224633][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 48.233221][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 48.241462][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 48.261669][ T363] device veth0_vlan entered promiscuous mode [ 48.270073][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 48.277828][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 48.286144][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 48.294014][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 48.302122][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 48.310297][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 48.318507][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 48.326397][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 48.334585][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 48.342081][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 48.349660][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 48.356851][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 48.365657][ T361] device veth0_vlan entered promiscuous mode [ 48.367155][ T27] audit: type=1400 audit(1730310251.840:96): avc: denied { mounton } for pid=364 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=207 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 48.373579][ T365] device veth1_macvtap entered promiscuous mode [ 48.403707][ T360] device veth1_macvtap entered promiscuous mode [ 48.419872][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 48.427909][ T27] audit: type=1400 audit(1730310251.900:97): avc: denied { create } for pid=385 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 48.431042][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 48.456670][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 48.465147][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 48.468330][ T27] audit: type=1400 audit(1730310251.900:98): avc: denied { bind } for pid=385 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 48.473438][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 48.501144][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 48.509652][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 48.517751][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 48.526610][ T27] audit: type=1400 audit(1730310251.930:99): avc: denied { listen } for pid=385 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 48.531262][ T361] device veth1_macvtap entered promiscuous mode [ 48.565344][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 48.573186][ T27] audit: type=1400 audit(1730310252.050:100): avc: denied { connect } for pid=385 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 48.594752][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 48.603433][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 48.615855][ T363] device veth1_macvtap entered promiscuous mode [ 48.622486][ T35] ================================================================== [ 48.630374][ T35] BUG: KASAN: use-after-free in _raw_spin_lock_bh+0x97/0x1b0 [ 48.637559][ T35] Write of size 4 at addr ffff88811ed34688 by task kworker/1:1/35 [ 48.645203][ T35] [ 48.647389][ T35] CPU: 1 PID: 35 Comm: kworker/1:1 Not tainted 6.1.112-syzkaller #0 [ 48.655181][ T35] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 48.665174][ T35] Workqueue: vsock-loopback vsock_loopback_work [ 48.671249][ T35] Call Trace: [ 48.674526][ T35] [ 48.677399][ T35] dump_stack_lvl+0x105/0x148 [ 48.682092][ T35] ? panic+0x3bb/0x3bb [ 48.685996][ T35] ? nf_tcp_handle_invalid+0x30b/0x30b [ 48.691281][ T35] ? _printk+0xca/0x10a [ 48.695280][ T35] print_report+0x158/0x4e0 [ 48.699628][ T35] ? kasan_complete_mode_report_info+0x90/0x1b0 [ 48.705828][ T35] ? _raw_spin_lock_bh+0x97/0x1b0 [ 48.710687][ T35] kasan_report+0x13c/0x170 [ 48.715022][ T35] ? _raw_spin_lock_bh+0x97/0x1b0 [ 48.719960][ T35] ? __local_bh_enable_ip+0x4a/0x70 [ 48.725297][ T35] kasan_check_range+0x294/0x2a0 [ 48.730055][ T35] __kasan_check_write+0x14/0x20 [ 48.734938][ T35] _raw_spin_lock_bh+0x97/0x1b0 [ 48.739612][ T35] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 48.744632][ T35] ? __local_bh_enable_ip+0x4a/0x70 [ 48.749677][ T35] ? _raw_spin_unlock_bh+0x50/0x60 [ 48.754633][ T35] virtio_transport_recv_pkt+0x4fb/0x3ca0 [ 48.760178][ T35] ? virtio_transport_release+0xaa0/0xaa0 [ 48.765722][ T35] ? memcpy+0x56/0x70 [ 48.769541][ T35] ? ip6_finish_output2+0xe06/0x15c0 [ 48.774664][ T35] ? ip6_make_skb+0x670/0x670 [ 48.779273][ T35] ? ip6table_mangle_hook+0x20b/0x720 [ 48.784472][ T35] ? cpudl_cleanup+0x40/0x40 [ 48.788897][ T35] ? ip6_finish_output+0x485/0x970 [ 48.793842][ T35] ? cpudl_cleanup+0x40/0x40 [ 48.798270][ T35] ? update_load_avg+0x513/0x1510 [ 48.803131][ T35] ? __update_load_avg_cfs_rq+0xb1/0x2f0 [ 48.808607][ T35] ? __this_cpu_preempt_check+0x13/0x20 [ 48.813981][ T35] ? xfd_validate_state+0x16/0x50 [ 48.818853][ T35] ? __kasan_check_write+0x14/0x20 [ 48.823982][ T35] ? __switch_to+0x621/0x1170 [ 48.828487][ T35] ? __kasan_check_write+0x14/0x20 [ 48.833436][ T35] ? vsock_deliver_tap+0x2a/0x50 [ 48.838208][ T35] vsock_loopback_work+0x376/0x3d0 [ 48.843511][ T35] ? _raw_spin_unlock+0x4c/0x70 [ 48.848205][ T35] ? vsock_loopback_send_pkt+0x110/0x110 [ 48.853667][ T35] ? __kasan_check_read+0x11/0x20 [ 48.858519][ T35] ? read_word_at_a_time+0x12/0x20 [ 48.863727][ T35] ? strscpy+0x99/0x260 [ 48.867725][ T35] process_one_work+0x6de/0xd00 [ 48.872410][ T35] worker_thread+0x892/0xf20 [ 48.876837][ T35] ? _raw_spin_lock+0x1b0/0x1b0 [ 48.881529][ T35] ? process_one_work+0xd00/0xd00 [ 48.886471][ T35] kthread+0x215/0x270 [ 48.890374][ T35] ? process_one_work+0xd00/0xd00 [ 48.895240][ T35] ? kthread_blkcg+0xa0/0xa0 [ 48.899662][ T35] ret_from_fork+0x1f/0x30 [ 48.903916][ T35] [ 48.906780][ T35] [ 48.908959][ T35] Allocated by task 386: [ 48.913030][ T35] kasan_set_track+0x4b/0x70 [ 48.917626][ T35] kasan_save_alloc_info+0x1f/0x30 [ 48.922660][ T35] __kasan_kmalloc+0x9c/0xb0 [ 48.927176][ T35] kmalloc_trace+0x44/0xa0 [ 48.931434][ T35] virtio_transport_do_socket_init+0x51/0x290 [ 48.937329][ T35] vsock_assign_transport+0x376/0x4f0 [ 48.942538][ T35] vsock_connect+0x3c7/0xb90 [ 48.946961][ T35] __sys_connect+0x304/0x370 [ 48.951395][ T35] __x64_sys_connect+0x75/0x80 [ 48.956257][ T35] x64_sys_call+0x14e/0x9a0 [ 48.960850][ T35] do_syscall_64+0x3b/0xb0 [ 48.965103][ T35] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 48.970848][ T35] [ 48.973100][ T35] Freed by task 386: [ 48.976905][ T35] kasan_set_track+0x4b/0x70 [ 48.981432][ T35] kasan_save_free_info+0x2b/0x40 [ 48.986280][ T35] ____kasan_slab_free+0x131/0x180 [ 48.991403][ T35] __kasan_slab_free+0x11/0x20 [ 48.996004][ T35] __kmem_cache_free+0x1fa/0x370 [ 49.000774][ T35] kfree+0x7a/0xf0 [ 49.004437][ T35] virtio_transport_destruct+0x36/0x40 [ 49.009713][ T35] vsock_assign_transport+0x23f/0x4f0 [ 49.014920][ T35] vsock_connect+0x3c7/0xb90 [ 49.019347][ T35] __sys_connect+0x304/0x370 [ 49.023774][ T35] __x64_sys_connect+0x75/0x80 [ 49.028377][ T35] x64_sys_call+0x14e/0x9a0 [ 49.032906][ T35] do_syscall_64+0x3b/0xb0 [ 49.037147][ T35] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 49.043045][ T35] [ 49.045213][ T35] The buggy address belongs to the object at ffff88811ed34680 [ 49.045213][ T35] which belongs to the cache kmalloc-96 of size 96 [ 49.058943][ T35] The buggy address is located 8 bytes inside of [ 49.058943][ T35] 96-byte region [ffff88811ed34680, ffff88811ed346e0) [ 49.071859][ T35] [ 49.074136][ T35] The buggy address belongs to the physical page: [ 49.080377][ T35] page:ffffea00047b4d00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11ed34 [ 49.090703][ T35] flags: 0x4000000000000200(slab|zone=1) [ 49.096515][ T35] raw: 4000000000000200 0000000000000000 dead000000000122 ffff888100042900 [ 49.104990][ T35] raw: 0000000000000000 0000000000200020 00000001ffffffff 0000000000000000 [ 49.113841][ T35] page dumped because: kasan: bad access detected [ 49.120103][ T35] page_owner tracks the page as allocated [ 49.125640][ T35] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL), pid 320, tgid 320 (kworker/0:2), ts 48498377893, free_ts 40221441925 [ 49.145088][ T35] prep_new_page+0x512/0x5e0 [ 49.149694][ T35] get_page_from_freelist+0x29f1/0x2a70 [ 49.155252][ T35] __alloc_pages+0x234/0x610 [ 49.160359][ T35] alloc_slab_page+0x6c/0xf0 [ 49.164781][ T35] new_slab+0x7b/0x370 [ 49.168679][ T35] ___slab_alloc+0x611/0x9a0 [ 49.173109][ T35] __slab_alloc+0x52/0x90 [ 49.177271][ T35] __kmem_cache_alloc_node+0x1af/0x250 [ 49.182670][ T35] kmalloc_trace+0x2a/0xa0 [ 49.187167][ T35] dst_cow_metrics_generic+0x50/0x160 [ 49.192381][ T35] icmp6_dst_alloc+0x304/0x4c0 [ 49.197069][ T35] mld_sendpack+0x4d1/0xbb0 [ 49.201404][ T35] mld_ifc_work+0x73f/0xa70 [ 49.205741][ T35] process_one_work+0x6de/0xd00 [ 49.210434][ T35] worker_thread+0x892/0xf20 [ 49.214958][ T35] kthread+0x215/0x270 [ 49.218848][ T35] page last free stack trace: [ 49.223460][ T35] free_unref_page_prepare+0x794/0x7a0 [ 49.228788][ T35] free_unref_page+0xb2/0x5b0 [ 49.233268][ T35] __folio_put+0x7c/0xa0 [ 49.237343][ T35] anon_pipe_buf_release+0x10c/0x160 [ 49.242624][ T35] pipe_read+0x4df/0xdb0 [ 49.246710][ T35] vfs_read+0x760/0x9b0 [ 49.250703][ T35] ksys_read+0x15c/0x240 [ 49.254786][ T35] __x64_sys_read+0x76/0x80 [ 49.259125][ T35] x64_sys_call+0x28/0x9a0 [ 49.263371][ T35] do_syscall_64+0x3b/0xb0 [ 49.267620][ T35] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 49.273525][ T35] [ 49.275779][ T35] Memory state around the buggy address: [ 49.281336][ T35] ffff88811ed34580: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 49.289239][ T35] ffff88811ed34600: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 49.297132][ T35] >ffff88811ed34680: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 49.305202][ T35] ^ [ 49.309416][ T35] ffff88811ed34700: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 49.317546][ T35] ffff88811ed34780: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 49.325433][ T35] ================================================================== [ 49.333478][ T35] Disabling lock debugging due to kernel taint 2024/10/30 17:44:17 executed programs: 7