Warning: Permanently added '10.128.1.138' (ECDSA) to the list of known hosts. 2023/05/02 06:30:12 ignoring optional flag "sandboxArg"="0" 2023/05/02 06:30:12 parsed 1 programs 2023/05/02 06:30:12 executed programs: 0 [ 45.824764][ T30] audit: type=1400 audit(1683009012.210:151): avc: denied { mounton } for pid=355 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 45.857103][ T30] audit: type=1400 audit(1683009012.210:152): avc: denied { mount } for pid=355 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 45.945373][ T361] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.952210][ T361] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.959668][ T361] device bridge_slave_0 entered promiscuous mode [ 45.983170][ T361] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.990211][ T361] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.997612][ T361] device bridge_slave_1 entered promiscuous mode [ 46.008812][ T367] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.015649][ T367] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.022861][ T367] device bridge_slave_0 entered promiscuous mode [ 46.030770][ T367] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.037867][ T367] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.045370][ T367] device bridge_slave_1 entered promiscuous mode [ 46.068235][ T374] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.075089][ T374] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.082134][ T374] device bridge_slave_0 entered promiscuous mode [ 46.103544][ T372] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.110487][ T372] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.117776][ T372] device bridge_slave_0 entered promiscuous mode [ 46.124234][ T374] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.131046][ T374] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.138237][ T374] device bridge_slave_1 entered promiscuous mode [ 46.151487][ T366] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.158562][ T366] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.165852][ T366] device bridge_slave_0 entered promiscuous mode [ 46.172431][ T366] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.179310][ T366] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.186481][ T366] device bridge_slave_1 entered promiscuous mode [ 46.192806][ T372] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.199717][ T372] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.206918][ T372] device bridge_slave_1 entered promiscuous mode [ 46.263730][ T370] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.270674][ T370] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.278006][ T370] device bridge_slave_0 entered promiscuous mode [ 46.295047][ T370] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.302043][ T370] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.309350][ T370] device bridge_slave_1 entered promiscuous mode [ 46.356081][ T30] audit: type=1400 audit(1683009012.740:153): avc: denied { write } for pid=367 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 46.359394][ T367] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.376623][ T30] audit: type=1400 audit(1683009012.740:154): avc: denied { read } for pid=367 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 46.383630][ T367] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.383709][ T367] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.417832][ T367] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.431958][ T361] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.438802][ T361] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.445973][ T361] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.452757][ T361] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.482304][ T366] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.489775][ T366] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.496838][ T366] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.503655][ T366] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.533168][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.540790][ T317] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.547985][ T317] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.555061][ T317] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.562322][ T317] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.569691][ T317] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.576864][ T317] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.603631][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.626519][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.634797][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.643639][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.651675][ T317] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.658474][ T317] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.665600][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.673484][ T317] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.680301][ T317] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.687516][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.695423][ T317] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.702141][ T317] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.709377][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 46.717231][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 46.725080][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.733020][ T317] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.739926][ T317] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.747226][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 46.754523][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.761623][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.769487][ T317] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.776325][ T317] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.783989][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 46.791372][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 46.825572][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 46.834197][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.842298][ T312] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.849242][ T312] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.856527][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.864545][ T312] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.871546][ T312] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.878828][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.886825][ T312] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.893763][ T312] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.900866][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.908768][ T312] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.915697][ T312] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.922837][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 46.930523][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 46.938340][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 46.946545][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 46.956974][ T374] device veth0_vlan entered promiscuous mode [ 46.963607][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 46.971553][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 46.982181][ T366] device veth0_vlan entered promiscuous mode [ 46.994510][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 47.001798][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 47.009216][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 47.017582][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 47.025783][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 47.034168][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 47.042209][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.050643][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.058664][ T20] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.065497][ T20] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.072750][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 47.080515][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 47.088513][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 47.095787][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 47.108328][ T372] device veth0_vlan entered promiscuous mode [ 47.117570][ T366] device veth1_macvtap entered promiscuous mode [ 47.130631][ T361] device veth0_vlan entered promiscuous mode [ 47.136728][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 47.144767][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 47.152585][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 47.160654][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 47.168714][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 47.176427][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 47.184128][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 47.192169][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 47.200192][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 47.207603][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 47.215466][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 47.223375][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 47.231259][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 47.239088][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 47.247123][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 47.255274][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 47.262869][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 47.271100][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 47.278400][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 47.285730][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 47.292859][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 47.312856][ T372] device veth1_macvtap entered promiscuous mode [ 47.319739][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 47.327637][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 47.335965][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 47.343955][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 47.351934][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 47.359842][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 47.369014][ T374] device veth1_macvtap entered promiscuous mode [ 47.385997][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 47.394196][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 47.402326][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 47.410452][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 47.418771][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 47.427400][ T361] device veth1_macvtap entered promiscuous mode [ 47.436865][ T367] device veth0_vlan entered promiscuous mode [ 47.444469][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 47.451790][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 47.459729][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 47.467593][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 47.475942][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 47.485107][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 47.492511][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 47.500090][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 47.508172][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 47.523355][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 47.531316][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 47.540053][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 47.548153][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 47.556442][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 47.563787][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 47.570875][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 47.578987][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.586978][ T6] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.593908][ T6] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.601254][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 47.613052][ T30] audit: type=1400 audit(1683009014.000:155): avc: denied { mounton } for pid=366 comm="syz-executor.2" path="/dev/binderfs" dev="devtmpfs" ino=360 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 47.640095][ T367] device veth1_macvtap entered promiscuous mode [ 47.646949][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 47.655294][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 47.663503][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 47.671689][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 47.679920][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.688032][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.695968][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.702808][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.710022][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 47.717935][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 47.725965][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 47.749378][ T30] audit: type=1400 audit(1683009014.120:156): avc: denied { mounton } for pid=396 comm="syz-executor.2" path="/root/syzkaller-testdir1852962903/syzkaller.8bg6wy/0/file0" dev="sda1" ino=1947 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 47.771087][ T370] device veth0_vlan entered promiscuous mode [ 47.790668][ T394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 47.799087][ T394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 47.808157][ T394] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 47.815678][ T394] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 47.822803][ T394] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 47.830576][ T394] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 47.844749][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 47.853470][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 47.862820][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 47.871098][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 47.886824][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 47.895554][ T370] device veth1_macvtap entered promiscuous mode [ 47.904343][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 47.916423][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 48.577286][ T30] audit: type=1400 audit(1683009014.960:157): avc: denied { unmount } for pid=366 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 2023/05/02 06:30:17 executed programs: 24 2023/05/02 06:30:22 executed programs: 60 [ 56.389067][ T729] ================================================================== [ 56.396936][ T729] BUG: KASAN: use-after-free in fuse_copy_one+0x16f/0x350 [ 56.403883][ T729] Read of size 256 at addr ffff888122791c10 by task syz-executor.5/729 [ 56.412035][ T729] [ 56.414210][ T729] CPU: 0 PID: 729 Comm: syz-executor.5 Not tainted 5.15.104-syzkaller #0 [ 56.422450][ T729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023 [ 56.432551][ T729] Call Trace: [ 56.435661][ T729] [ 56.438453][ T729] dump_stack_lvl+0x105/0x148 [ 56.442956][ T729] ? io_uring_drop_tctx_refs+0x14e/0x14e [ 56.448420][ T729] ? panic+0x4f8/0x4f8 [ 56.452440][ T729] print_address_description+0x87/0x3b0 [ 56.457821][ T729] kasan_report+0x179/0x1c0 [ 56.462155][ T729] ? fuse_copy_one+0x16f/0x350 [ 56.466841][ T729] ? fuse_copy_one+0x16f/0x350 [ 56.471530][ T729] kasan_check_range+0x293/0x2a0 [ 56.476332][ T729] ? fuse_copy_one+0x16f/0x350 [ 56.480902][ T729] memcpy+0x2d/0x70 [ 56.484551][ T729] fuse_copy_one+0x16f/0x350 [ 56.488976][ T729] fuse_copy_args+0x2d3/0x3a0 [ 56.493485][ T729] ? fuse_copy_one+0x192/0x350 [ 56.498087][ T729] fuse_dev_do_read+0xa29/0xf20 [ 56.502772][ T729] ? queue_interrupt+0x310/0x310 [ 56.507544][ T729] ? memset+0x35/0x40 [ 56.511450][ T729] ? __fsnotify_parent+0x104/0x590 [ 56.516400][ T729] fuse_dev_read+0x15d/0x1f0 [ 56.520825][ T729] ? fuse_dev_release+0x4d0/0x4d0 [ 56.525686][ T729] ? fsnotify_perm+0x34a/0x4a0 [ 56.530299][ T729] vfs_read+0x8e3/0xba0 [ 56.534319][ T729] ? kernel_read+0x130/0x130 [ 56.538989][ T729] ? __fget_files+0x261/0x290 [ 56.543500][ T729] ? __fdget_pos+0x14a/0x250 [ 56.547922][ T729] ksys_read+0x15c/0x240 [ 56.552008][ T729] ? vfs_write+0xd00/0xd00 [ 56.556342][ T729] __x64_sys_read+0x76/0x80 [ 56.560701][ T729] do_syscall_64+0x3d/0xb0 [ 56.564936][ T729] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 56.570684][ T729] RIP: 0033:0x7fc078bab639 [ 56.574928][ T729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 56.594361][ T729] RSP: 002b:00007fc0786bc168 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 56.602602][ T729] RAX: ffffffffffffffda RBX: 00007fc078ccc1f0 RCX: 00007fc078bab639 [ 56.610426][ T729] RDX: 0000000000002020 RSI: 0000000020002140 RDI: 0000000000000003 [ 56.618229][ T729] RBP: 00007fc078c06ae9 R08: 0000000000000000 R09: 0000000000000000 [ 56.626038][ T729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 56.633852][ T729] R13: 00007ffeacf8663f R14: 00007fc0786bc300 R15: 0000000000022000 [ 56.641672][ T729] [ 56.644523][ T729] [ 56.646708][ T729] Allocated by task 713: [ 56.650772][ T729] ____kasan_kmalloc+0xdb/0x110 [ 56.655468][ T729] __kasan_kmalloc+0x9/0x10 [ 56.659798][ T729] __kmalloc+0x13a/0x270 [ 56.663887][ T729] __d_alloc+0x95/0x650 [ 56.667872][ T729] d_alloc_parallel+0xd1/0xed0 [ 56.672471][ T729] __lookup_slow+0x149/0x360 [ 56.676899][ T729] lookup_slow+0x54/0x70 [ 56.680979][ T729] walk_component+0x3d2/0x540 [ 56.685493][ T729] path_lookupat+0x95/0x340 [ 56.689832][ T729] filename_lookup+0x22b/0x550 [ 56.694429][ T729] user_path_at_empty+0x38/0x150 [ 56.699202][ T729] __se_sys_mount+0x21f/0x2d0 [ 56.703721][ T729] __x64_sys_mount+0xba/0xd0 [ 56.708144][ T729] do_syscall_64+0x3d/0xb0 [ 56.712398][ T729] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 56.718128][ T729] [ 56.720297][ T729] Freed by task 6: [ 56.723852][ T729] kasan_set_track+0x4b/0x70 [ 56.728280][ T729] kasan_set_free_info+0x23/0x40 [ 56.733056][ T729] ____kasan_slab_free+0x126/0x160 [ 56.738001][ T729] __kasan_slab_free+0x11/0x20 [ 56.742598][ T729] slab_free_freelist_hook+0xbd/0x190 [ 56.747809][ T729] kmem_cache_free_bulk+0x552/0x700 [ 56.752843][ T729] kfree_rcu_work+0x2b2/0x6a0 [ 56.757359][ T729] process_one_work+0x635/0xa70 [ 56.762042][ T729] worker_thread+0x8bb/0xf40 [ 56.766469][ T729] kthread+0x3a1/0x480 [ 56.770375][ T729] ret_from_fork+0x1f/0x30 [ 56.774638][ T729] [ 56.776798][ T729] Last potentially related work creation: [ 56.782359][ T729] kasan_save_stack+0x3b/0x60 [ 56.786869][ T729] __kasan_record_aux_stack+0xd3/0xf0 [ 56.792162][ T729] kasan_record_aux_stack_noalloc+0xb/0x10 [ 56.797827][ T729] kvfree_call_rcu+0xb2/0x7d0 [ 56.802320][ T729] __d_move+0x927/0x10e0 [ 56.806918][ T729] __d_unalias+0x194/0x1c0 [ 56.811167][ T729] d_splice_alias+0x19d/0x310 [ 56.815684][ T729] fuse_lookup+0x23d/0x500 [ 56.820023][ T729] __lookup_slow+0x26d/0x360 [ 56.824715][ T729] lookup_slow+0x54/0x70 [ 56.828947][ T729] walk_component+0x3d2/0x540 [ 56.833413][ T729] link_path_walk+0x5b9/0xd10 [ 56.838098][ T729] filename_parentat+0x228/0x5a0 [ 56.842891][ T729] filename_create+0xe3/0x490 [ 56.847679][ T729] do_mkdirat+0x128/0x390 [ 56.851801][ T729] __x64_sys_mkdir+0x69/0x80 [ 56.856497][ T729] do_syscall_64+0x3d/0xb0 [ 56.860774][ T729] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 56.866645][ T729] [ 56.868900][ T729] The buggy address belongs to the object at ffff888122791c00 [ 56.868900][ T729] which belongs to the cache kmalloc-rcl-512 of size 512 [ 56.883143][ T729] The buggy address is located 16 bytes inside of [ 56.883143][ T729] 512-byte region [ffff888122791c00, ffff888122791e00) [ 56.896268][ T729] The buggy address belongs to the page: [ 56.901799][ T729] page:ffffea000489e400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x122790 [ 56.911867][ T729] head:ffffea000489e400 order:2 compound_mapcount:0 compound_pincount:0 [ 56.920145][ T729] flags: 0x4000000000010200(slab|head|zone=1) [ 56.926056][ T729] raw: 4000000000010200 0000000000000000 dead000000000122 ffff88810004c300 [ 56.934472][ T729] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 56.942875][ T729] page dumped because: kasan: bad access detected [ 56.949137][ T729] page_owner tracks the page as allocated [ 56.954678][ T729] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0x1d20d0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 647, ts 54646444286, free_ts 0 [ 56.975791][ T729] post_alloc_hook+0x1a3/0x1b0 [ 56.980500][ T729] get_page_from_freelist+0x2c14/0x2cf0 [ 56.985879][ T729] __alloc_pages+0x386/0x7b0 [ 56.990304][ T729] new_slab+0x92/0x490 [ 56.994224][ T729] ___slab_alloc+0x39e/0x830 [ 56.998925][ T729] __slab_alloc+0x4a/0x90 [ 57.003145][ T729] __kmalloc+0x16d/0x270 [ 57.007225][ T729] __d_alloc+0x95/0x650 [ 57.011229][ T729] d_alloc_parallel+0xd1/0xed0 [ 57.015986][ T729] __lookup_slow+0x149/0x360 [ 57.020401][ T729] lookup_slow+0x54/0x70 [ 57.024494][ T729] walk_component+0x3d2/0x540 [ 57.029111][ T729] path_lookupat+0x95/0x340 [ 57.033482][ T729] filename_lookup+0x22b/0x550 [ 57.038049][ T729] user_path_at_empty+0x38/0x150 [ 57.042907][ T729] vfs_statx+0xe8/0x580 [ 57.047031][ T729] page_owner free stack trace missing [ 57.052320][ T729] [ 57.054487][ T729] Memory state around the buggy address: [ 57.059962][ T729] ffff888122791b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 57.068042][ T729] ffff888122791b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 57.075932][ T729] >ffff888122791c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 57.083912][ T729] ^ [ 57.088346][ T729] ffff888122791c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 57.096244][ T729] ffff888122791d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 57.104133][ T729] ================================================================== [ 57.112299][ T729] Disabling lock debugging due to kernel taint 2023/05/02 06:30:27 executed programs: 96 2023/05/02 06:30:32 executed programs: 132