Warning: Permanently added '10.128.0.17' (ED25519) to the list of known hosts. 2024/04/18 10:03:50 ignoring optional flag "sandboxArg"="0" 2024/04/18 10:03:50 parsed 1 programs [ 38.772392][ T30] audit: type=1400 audit(1713434630.705:157): avc: denied { mounton } for pid=337 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 38.797255][ T30] audit: type=1400 audit(1713434630.705:158): avc: denied { mount } for pid=337 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 2024/04/18 10:03:50 executed programs: 0 [ 38.878251][ T30] audit: type=1400 audit(1713434630.815:159): avc: denied { unlink } for pid=337 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 38.895365][ T337] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 39.031647][ T353] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.038540][ T353] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.045626][ T353] device bridge_slave_0 entered promiscuous mode [ 39.053693][ T353] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.060641][ T353] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.067652][ T353] device bridge_slave_1 entered promiscuous mode [ 39.129939][ T352] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.136791][ T352] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.144067][ T352] device bridge_slave_0 entered promiscuous mode [ 39.155192][ T352] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.162075][ T352] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.169359][ T352] device bridge_slave_1 entered promiscuous mode [ 39.186446][ T348] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.193355][ T348] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.200656][ T348] device bridge_slave_0 entered promiscuous mode [ 39.218183][ T348] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.225035][ T348] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.232403][ T348] device bridge_slave_1 entered promiscuous mode [ 39.283483][ T350] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.290600][ T350] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.297672][ T350] device bridge_slave_0 entered promiscuous mode [ 39.316159][ T350] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.323028][ T350] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.330418][ T350] device bridge_slave_1 entered promiscuous mode [ 39.371387][ T351] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.378277][ T351] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.385379][ T351] device bridge_slave_0 entered promiscuous mode [ 39.392250][ T351] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.399165][ T351] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.406202][ T351] device bridge_slave_1 entered promiscuous mode [ 39.412915][ T30] audit: type=1400 audit(1713434631.345:160): avc: denied { write } for pid=353 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 39.433304][ T30] audit: type=1400 audit(1713434631.345:161): avc: denied { read } for pid=353 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 39.548734][ T348] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.555588][ T348] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.562707][ T348] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.569495][ T348] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.578526][ T350] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.585374][ T350] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.592495][ T350] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.599383][ T350] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.614791][ T352] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.621666][ T352] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.628771][ T352] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.635542][ T352] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.662903][ T297] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.670715][ T297] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.678455][ T297] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.685446][ T297] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.692901][ T297] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.700036][ T297] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.708726][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 39.715935][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.723392][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 39.731491][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 39.739654][ T297] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.746483][ T297] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.753804][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 39.762134][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 39.770260][ T297] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.777082][ T297] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.784800][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 39.811332][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 39.819508][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 39.827241][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 39.834623][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 39.841947][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 39.849849][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 39.860420][ T353] device veth0_vlan entered promiscuous mode [ 39.885856][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.894042][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 39.902098][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.909044][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.919208][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 39.927381][ T20] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.934266][ T20] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.946302][ T353] device veth1_macvtap entered promiscuous mode [ 39.958567][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 39.980129][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.987755][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 39.996952][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 40.005144][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 40.013120][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 40.021141][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 40.029227][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.036045][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.058021][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 40.079962][ T30] audit: type=1400 audit(1713434632.015:162): avc: denied { mounton } for pid=353 comm="syz-executor.4" path="/dev/binderfs" dev="devtmpfs" ino=362 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 40.088900][ T290] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 40.111406][ T290] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.118264][ T290] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.125513][ T290] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 40.133553][ T290] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.140392][ T290] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.147524][ T290] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 40.155458][ T290] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.162305][ T290] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.169519][ T290] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 40.177304][ T290] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 40.185172][ T290] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 40.193002][ T290] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 40.200920][ T290] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 40.209020][ T290] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 40.232535][ T352] device veth0_vlan entered promiscuous mode [ 40.239255][ T30] audit: type=1400 audit(1713434632.175:163): avc: denied { bind } for pid=374 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 40.258862][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 40.262090][ T30] audit: type=1400 audit(1713434632.175:164): avc: denied { listen } for pid=374 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 40.267047][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 40.287926][ T30] audit: type=1400 audit(1713434632.175:165): avc: denied { connect } for pid=374 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 40.298926][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 40.322310][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 40.342249][ T350] device veth0_vlan entered promiscuous mode [ 40.357093][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 40.364485][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 40.371976][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 40.380364][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 40.388934][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 40.396634][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 40.404465][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 40.412130][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 40.420021][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 40.427312][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 40.434646][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 40.441978][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 40.450705][ T348] device veth0_vlan entered promiscuous mode [ 40.467117][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 40.474359][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 40.481753][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 40.490019][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 40.497982][ T298] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.504817][ T298] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.512040][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 40.520217][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 40.528600][ T298] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.535420][ T298] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.545772][ T352] device veth1_macvtap entered promiscuous mode [ 40.555501][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 40.563284][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 40.571425][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 40.579486][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 40.586830][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 40.594881][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 40.607136][ T350] device veth1_macvtap entered promiscuous mode [ 40.614410][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 40.622244][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 40.630161][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 40.638005][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 40.645790][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 40.653660][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 40.661648][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 40.676814][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 40.684842][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 40.693094][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 40.701096][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 40.709263][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 40.717311][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 40.740864][ T348] device veth1_macvtap entered promiscuous mode [ 40.750183][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 40.759279][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 40.767521][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 40.775580][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 40.783523][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 40.802267][ T351] device veth0_vlan entered promiscuous mode [ 40.814183][ T351] device veth1_macvtap entered promiscuous mode [ 40.823458][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 40.831646][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 40.840185][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 40.848512][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 40.856493][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 40.864678][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 40.872309][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 40.887455][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 40.894975][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 40.902595][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 40.910896][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 40.919545][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 40.927533][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 41.093909][ T20] ================================================================== [ 41.101807][ T20] BUG: KASAN: use-after-free in _raw_spin_lock_bh+0x97/0x1b0 [ 41.109007][ T20] Write of size 4 at addr ffff888105f80b88 by task kworker/0:1/20 [ 41.116652][ T20] [ 41.118815][ T20] CPU: 0 PID: 20 Comm: kworker/0:1 Not tainted 5.15.148-syzkaller-1069101-gad06eaf051cd #0 [ 41.128714][ T20] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 41.138605][ T20] Workqueue: vsock-loopback vsock_loopback_work [ 41.144863][ T20] Call Trace: [ 41.147976][ T20] [ 41.150755][ T20] dump_stack_lvl+0x151/0x1b7 [ 41.155267][ T20] ? io_uring_drop_tctx_refs+0x190/0x190 [ 41.160734][ T20] ? __wake_up_klogd+0xd5/0x110 [ 41.165430][ T20] ? panic+0x751/0x751 [ 41.169329][ T20] print_address_description+0x87/0x3b0 [ 41.174708][ T20] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 41.179571][ T20] kasan_report+0x179/0x1c0 [ 41.183905][ T20] ? _raw_spin_lock_bh+0x97/0x1b0 [ 41.188771][ T20] ? _raw_spin_lock_bh+0x97/0x1b0 [ 41.193631][ T20] kasan_check_range+0x293/0x2a0 [ 41.198405][ T20] __kasan_check_write+0x14/0x20 [ 41.203177][ T20] _raw_spin_lock_bh+0x97/0x1b0 [ 41.207862][ T20] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 41.212894][ T20] ? vsock_find_bound_socket+0x2d0/0x330 [ 41.218365][ T20] virtio_transport_recv_pkt+0x6d0/0x4160 [ 41.223923][ T20] ? virtio_transport_release+0xba0/0xba0 [ 41.229486][ T20] ? ip6_finish_output+0x31/0x210 [ 41.234331][ T20] ? ip6_output+0x486/0x4d0 [ 41.238759][ T20] ? ac6_seq_show+0xf0/0xf0 [ 41.243107][ T20] ? ip6_output+0x4d0/0x4d0 [ 41.247452][ T20] ? ndisc_send_skb+0x841/0xc90 [ 41.252130][ T20] ? __update_load_avg_cfs_rq+0xb1/0x2f0 [ 41.257618][ T20] ? update_load_avg+0x43a/0x1150 [ 41.262453][ T20] ? __update_load_avg_cfs_rq+0xb1/0x2f0 [ 41.267929][ T20] ? update_load_avg+0x43a/0x1150 [ 41.272781][ T20] ? __kasan_check_write+0x14/0x20 [ 41.277736][ T20] ? __switch_to+0x62a/0x1190 [ 41.282249][ T20] ? __kasan_check_write+0x14/0x20 [ 41.287308][ T20] ? virtio_transport_deliver_tap_pkt+0x60/0xb0 [ 41.293370][ T20] vsock_loopback_work+0x37d/0x3f0 [ 41.298313][ T20] ? _raw_spin_unlock+0x4d/0x70 [ 41.303003][ T20] ? vsock_loopback_send_pkt+0x120/0x120 [ 41.308468][ T20] ? read_word_at_a_time+0x12/0x20 [ 41.313418][ T20] ? strscpy+0x9c/0x260 [ 41.317406][ T20] process_one_work+0x6bb/0xc10 [ 41.322101][ T20] worker_thread+0xad5/0x12a0 [ 41.326610][ T20] ? _raw_spin_lock+0x1b0/0x1b0 [ 41.331298][ T20] kthread+0x421/0x510 [ 41.335199][ T20] ? worker_clr_flags+0x180/0x180 [ 41.340062][ T20] ? kthread_blkcg+0xd0/0xd0 [ 41.344485][ T20] ret_from_fork+0x1f/0x30 [ 41.348742][ T20] [ 41.351602][ T20] [ 41.353771][ T20] Allocated by task 427: [ 41.357863][ T20] ____kasan_kmalloc+0xdb/0x110 [ 41.362541][ T20] __kasan_kmalloc+0x9/0x10 [ 41.366878][ T20] kmem_cache_alloc_trace+0x115/0x210 [ 41.372097][ T20] virtio_transport_do_socket_init+0x56/0x2d0 [ 41.377986][ T20] vsock_assign_transport+0x473/0x5b0 [ 41.383195][ T20] vsock_connect+0x5cf/0xd30 [ 41.387619][ T20] __sys_connect+0x38b/0x410 [ 41.392050][ T20] __x64_sys_connect+0x7a/0x90 [ 41.396649][ T20] do_syscall_64+0x3d/0xb0 [ 41.400899][ T20] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 41.406628][ T20] [ 41.408796][ T20] Freed by task 427: [ 41.412531][ T20] kasan_set_track+0x4b/0x70 [ 41.416954][ T20] kasan_set_free_info+0x23/0x40 [ 41.421739][ T20] ____kasan_slab_free+0x126/0x160 [ 41.426677][ T20] __kasan_slab_free+0x11/0x20 [ 41.431281][ T20] slab_free_freelist_hook+0xbd/0x190 [ 41.436571][ T20] kfree+0xc8/0x220 [ 41.440221][ T20] virtio_transport_destruct+0x3b/0x40 [ 41.445511][ T20] vsock_assign_transport+0x32b/0x5b0 [ 41.450721][ T20] vsock_connect+0x5cf/0xd30 [ 41.455145][ T20] __sys_connect+0x38b/0x410 [ 41.459573][ T20] __x64_sys_connect+0x7a/0x90 [ 41.464171][ T20] do_syscall_64+0x3d/0xb0 [ 41.468426][ T20] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 41.474153][ T20] [ 41.476323][ T20] The buggy address belongs to the object at ffff888105f80b80 [ 41.476323][ T20] which belongs to the cache kmalloc-96 of size 96 [ 41.490039][ T20] The buggy address is located 8 bytes inside of [ 41.490039][ T20] 96-byte region [ffff888105f80b80, ffff888105f80be0) [ 41.502882][ T20] The buggy address belongs to the page: [ 41.508351][ T20] page:ffffea000417e000 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f80 [ 41.518415][ T20] flags: 0x4000000000000200(slab|zone=1) [ 41.523899][ T20] raw: 4000000000000200 0000000000000000 0000000100000001 ffff888100042900 [ 41.532313][ T20] raw: 0000000000000000 0000000000200020 00000001ffffffff 0000000000000000 [ 41.540723][ T20] page dumped because: kasan: bad access detected [ 41.546983][ T20] page_owner tracks the page as allocated [ 41.552538][ T20] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 1, ts 2447837549, free_ts 0 [ 41.567202][ T20] post_alloc_hook+0x1a3/0x1b0 [ 41.571792][ T20] prep_new_page+0x1b/0x110 [ 41.576130][ T20] get_page_from_freelist+0x3550/0x35d0 [ 41.581512][ T20] __alloc_pages+0x27e/0x8f0 [ 41.585940][ T20] new_slab+0x9a/0x4e0 [ 41.589847][ T20] ___slab_alloc+0x39e/0x830 [ 41.594273][ T20] __slab_alloc+0x4a/0x90 [ 41.598523][ T20] kmem_cache_alloc_trace+0x142/0x210 [ 41.603731][ T20] acpi_ut_evaluate_object+0x104/0x490 [ 41.609024][ T20] acpi_ut_execute_power_methods+0x10e/0x270 [ 41.614841][ T20] acpi_get_object_info+0x621/0x1210 [ 41.619964][ T20] acpi_init_device_object+0x6f4/0x2ff0 [ 41.625345][ T20] acpi_add_single_object+0xf0/0x19c0 [ 41.630558][ T20] acpi_bus_check_add+0x3ee/0x8c0 [ 41.635413][ T20] acpi_bus_check_add_1+0x22/0x30 [ 41.640268][ T20] acpi_ns_walk_namespace+0x249/0x4a0 [ 41.645479][ T20] page_owner free stack trace missing [ 41.650688][ T20] [ 41.652864][ T20] Memory state around the buggy address: [ 41.658326][ T20] ffff888105f80a80: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 41.666227][ T20] ffff888105f80b00: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 41.674129][ T20] >ffff888105f80b80: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 41.682022][ T20] ^ [ 41.686187][ T20] ffff888105f80c00: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 41.694086][ T20] ffff888105f80c80: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 41.701985][ T20] ================================================================== [ 41.709879][ T20] Disabling lock debugging due to kernel taint 2024/04/18 10:03:55 executed programs: 34