Warning: Permanently added '10.128.1.168' (ED25519) to the list of known hosts. 2024/02/26 07:06:31 ignoring optional flag "sandboxArg"="0" 2024/02/26 07:06:31 parsed 1 programs 2024/02/26 07:06:31 executed programs: 0 [ 42.849363][ T29] kauditd_printk_skb: 74 callbacks suppressed [ 42.849369][ T29] audit: type=1400 audit(1708931191.307:150): avc: denied { mounton } for pid=339 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 42.880602][ T29] audit: type=1400 audit(1708931191.307:151): avc: denied { mount } for pid=339 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 42.906750][ T29] audit: type=1400 audit(1708931191.307:152): avc: denied { setattr } for pid=339 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 42.943491][ T29] audit: type=1400 audit(1708931191.387:153): avc: denied { mounton } for pid=350 comm="syz-executor.1" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 43.019617][ T356] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.026718][ T356] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.034057][ T356] device bridge_slave_0 entered promiscuous mode [ 43.064865][ T356] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.071907][ T356] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.079310][ T356] device bridge_slave_1 entered promiscuous mode [ 43.121175][ T357] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.128131][ T357] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.135449][ T357] device bridge_slave_0 entered promiscuous mode [ 43.159867][ T357] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.166833][ T357] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.174133][ T357] device bridge_slave_1 entered promiscuous mode [ 43.185858][ T352] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.193368][ T352] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.200633][ T352] device bridge_slave_0 entered promiscuous mode [ 43.209717][ T353] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.216718][ T353] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.223949][ T353] device bridge_slave_0 entered promiscuous mode [ 43.236506][ T352] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.243356][ T352] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.250508][ T352] device bridge_slave_1 entered promiscuous mode [ 43.262334][ T353] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.269203][ T353] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.276301][ T353] device bridge_slave_1 entered promiscuous mode [ 43.291591][ T350] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.298507][ T350] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.306086][ T350] device bridge_slave_0 entered promiscuous mode [ 43.320235][ T351] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.327075][ T351] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.334333][ T351] device bridge_slave_0 entered promiscuous mode [ 43.340865][ T350] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.347859][ T350] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.355030][ T350] device bridge_slave_1 entered promiscuous mode [ 43.376279][ T351] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.383170][ T351] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.390391][ T351] device bridge_slave_1 entered promiscuous mode [ 43.521675][ T356] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.528615][ T356] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.535940][ T356] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.542787][ T356] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.581428][ T357] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.588438][ T357] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.595663][ T357] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.602426][ T357] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.614227][ T352] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.621165][ T352] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.628243][ T352] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.635315][ T352] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.649723][ T353] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.656644][ T353] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.664032][ T353] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.670926][ T353] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.716173][ T25] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.723158][ T25] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.730606][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.737917][ T25] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.745164][ T25] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.752190][ T25] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.759792][ T25] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.766738][ T25] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.774046][ T25] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.781841][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 43.789119][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.810736][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.818505][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.826681][ T301] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.833516][ T301] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.841135][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.849100][ T301] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.856716][ T301] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.864128][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.872054][ T301] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.879579][ T301] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.887674][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 43.909842][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.920138][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 43.928277][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.936235][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.943068][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.950344][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 43.958434][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.966455][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.973289][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.980478][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.988630][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.995489][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.002638][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.010387][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.018058][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.025974][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.032958][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.048467][ T352] device veth0_vlan entered promiscuous mode [ 44.066933][ T352] device veth1_macvtap entered promiscuous mode [ 44.074563][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 44.083471][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 44.091643][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.099584][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 44.107469][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 44.115564][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 44.123365][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 44.132357][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 44.140381][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.148313][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.155117][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.162331][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.169542][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.176670][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 44.184615][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.192427][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 44.199716][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 44.220043][ T356] device veth0_vlan entered promiscuous mode [ 44.227352][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 44.235600][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.243912][ T37] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.250910][ T37] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.258205][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 44.266332][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.274207][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.281129][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.288184][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.296153][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.304058][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 44.312174][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 44.321000][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 44.328519][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 44.336140][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 44.343753][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 44.352257][ T353] device veth0_vlan entered promiscuous mode [ 44.378286][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 44.386693][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 44.394269][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 44.401865][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 44.409041][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 44.416196][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 44.423609][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.430753][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.437856][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 44.445877][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.453850][ T37] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.460673][ T37] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.467790][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 44.475925][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.483801][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.490564][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.497679][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.505410][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.513260][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 44.521050][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.529113][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 44.537116][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.552496][ T351] device veth0_vlan entered promiscuous mode [ 44.562230][ T356] device veth1_macvtap entered promiscuous mode [ 44.571675][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 44.579967][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 44.587549][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 44.594897][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 44.602269][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 44.609698][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 44.617871][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 44.626436][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 44.634411][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 44.642534][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 44.650768][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 44.658889][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 44.669719][ T351] device veth1_macvtap entered promiscuous mode [ 44.683710][ T353] device veth1_macvtap entered promiscuous mode [ 44.697316][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 44.706036][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 44.712407][ T29] audit: type=1400 audit(1708931193.167:154): avc: denied { mounton } for pid=381 comm="syz-executor.2" path="/root/syzkaller-testdir3090957885/syzkaller.cl4V7s/0/file0" dev="sda1" ino=1947 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 44.717525][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 44.750689][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 44.759102][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 44.767227][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 44.775666][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 44.795131][ T350] device veth0_vlan entered promiscuous mode [ 44.804397][ T357] device veth0_vlan entered promiscuous mode [ 44.811969][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 44.820266][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 44.827949][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 44.835203][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 44.842407][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 44.850460][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 44.858529][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 44.866947][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 44.875181][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 44.883197][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 44.891320][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 44.899327][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 44.907371][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 44.916035][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 44.923817][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 44.932057][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 44.942925][ T350] device veth1_macvtap entered promiscuous mode [ 44.954949][ T357] device veth1_macvtap entered promiscuous mode [ 44.965227][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 44.977060][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 45.005563][ T359] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 45.013644][ T359] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 45.022063][ T359] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 45.030376][ T359] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 45.046935][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 45.054996][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 45.064003][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 45.072371][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 45.547530][ T29] audit: type=1400 audit(1708931193.997:155): avc: denied { unmount } for pid=352 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 2024/02/26 07:06:36 executed programs: 24 [ 48.608850][ T536] ================================================================== [ 48.616933][ T536] BUG: KASAN: use-after-free in fuse_copy_one+0x84/0x310 [ 48.623876][ T536] Read of size 256 at addr ffff88811fbce810 by task syz-executor.3/536 [ 48.632149][ T536] [ 48.634301][ T536] CPU: 1 PID: 536 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller #0 [ 48.642536][ T536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 48.652434][ T536] Call Trace: [ 48.655656][ T536] [ 48.658574][ T536] dump_stack_lvl+0x38/0x49 [ 48.663097][ T536] print_address_description.constprop.0+0x24/0x160 [ 48.669635][ T536] ? fuse_copy_one+0x84/0x310 [ 48.674264][ T536] kasan_report.cold+0x82/0xdb [ 48.678861][ T536] ? fuse_copy_one+0x84/0x310 [ 48.683464][ T536] kasan_check_range+0x148/0x190 [ 48.688244][ T536] memcpy+0x24/0x60 [ 48.691898][ T536] fuse_copy_one+0x84/0x310 [ 48.696261][ T536] ? fuse_copy_finish+0x240/0x240 [ 48.701089][ T536] fuse_copy_args+0x84/0x360 [ 48.705693][ T536] ? memcpy+0x4e/0x60 [ 48.709593][ T536] fuse_dev_do_read.constprop.0+0x144b/0x1c30 [ 48.715504][ T536] ? futex_wait_queue_me+0x6d0/0x6d0 [ 48.720625][ T536] ? fuse_copy_args+0x360/0x360 [ 48.725300][ T536] fuse_dev_read+0x13d/0x1e0 [ 48.729728][ T536] ? fuse_dev_splice_read+0x490/0x490 [ 48.734949][ T536] ? __pmd_alloc+0x330/0x330 [ 48.739361][ T536] new_sync_read+0x353/0x6d0 [ 48.743880][ T536] ? fsnotify+0xe30/0xe30 [ 48.748132][ T536] ? ksys_lseek+0x140/0x140 [ 48.752491][ T536] ? put_vma+0x1a/0x50 [ 48.756365][ T536] ? selinux_file_permission+0x2f1/0x3f0 [ 48.761832][ T536] ? fsnotify+0xe30/0xe30 [ 48.766879][ T536] vfs_read+0x347/0x4b0 [ 48.770966][ T536] ksys_read+0x111/0x210 [ 48.775047][ T536] ? vfs_write+0x8e0/0x8e0 [ 48.779294][ T536] ? __kasan_check_write+0x14/0x20 [ 48.784254][ T536] ? switch_fpu_return+0xec/0x1f0 [ 48.789269][ T536] __x64_sys_read+0x6e/0xb0 [ 48.793610][ T536] ? syscall_exit_to_user_mode+0x2f/0x40 [ 48.799078][ T536] do_syscall_64+0x35/0xb0 [ 48.803537][ T536] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 48.809273][ T536] RIP: 0033:0x7fbb9c475db9 [ 48.813518][ T536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 48.833154][ T536] RSP: 002b:00007fbb9bf960c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 48.841943][ T536] RAX: ffffffffffffffda RBX: 00007fbb9c5961f0 RCX: 00007fbb9c475db9 [ 48.849766][ T536] RDX: 0000000000002020 RSI: 0000000020002140 RDI: 0000000000000003 [ 48.857556][ T536] RBP: 00007fbb9c4d2ad0 R08: 0000000000000000 R09: 0000000000000000 [ 48.865380][ T536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 48.873358][ T536] R13: 000000000000006e R14: 00007fbb9c5961f0 R15: 00007fff410db118 [ 48.881565][ T536] [ 48.884390][ T536] [ 48.886561][ T536] Allocated by task 520: [ 48.890906][ T536] kasan_save_stack+0x26/0x50 [ 48.895414][ T536] __kasan_kmalloc+0xae/0xe0 [ 48.899838][ T536] __kmalloc+0x2d5/0x4e0 [ 48.903921][ T536] __d_alloc+0x593/0x8a0 [ 48.908171][ T536] d_alloc+0x3c/0x210 [ 48.911990][ T536] d_alloc_parallel+0xdc/0x1090 [ 48.916772][ T536] __lookup_slow+0x106/0x3d0 [ 48.921202][ T536] walk_component+0x3a1/0x690 [ 48.925702][ T536] path_lookupat+0x11f/0x6b0 [ 48.930167][ T536] filename_lookup+0x192/0x510 [ 48.934744][ T536] user_path_at_empty+0x3a/0x60 [ 48.939574][ T536] __x64_sys_mount+0x1a0/0x280 [ 48.944281][ T536] do_syscall_64+0x35/0xb0 [ 48.948611][ T536] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 48.954340][ T536] [ 48.956507][ T536] Freed by task 394: [ 48.960336][ T536] kasan_save_stack+0x26/0x50 [ 48.965102][ T536] kasan_set_track+0x25/0x30 [ 48.969524][ T536] kasan_set_free_info+0x24/0x40 [ 48.974301][ T536] __kasan_slab_free+0x111/0x150 [ 48.979183][ T536] slab_free_freelist_hook+0x94/0x1a0 [ 48.984366][ T536] kmem_cache_free_bulk+0x3be/0x7a0 [ 48.989585][ T536] kfree_rcu_work+0x418/0x8b0 [ 48.994101][ T536] process_one_work+0x62c/0xec0 [ 48.998829][ T536] worker_thread+0x48e/0xdb0 [ 49.003298][ T536] kthread+0x324/0x3e0 [ 49.007232][ T536] ret_from_fork+0x1f/0x30 [ 49.011642][ T536] [ 49.013975][ T536] Last potentially related work creation: [ 49.019712][ T536] kasan_save_stack+0x26/0x50 [ 49.024302][ T536] __kasan_record_aux_stack+0xd8/0xf0 [ 49.029624][ T536] kasan_record_aux_stack_noalloc+0xb/0x10 [ 49.035266][ T536] kvfree_call_rcu+0x98/0x8e0 [ 49.039778][ T536] __d_move+0x3f1/0x13a0 [ 49.043882][ T536] d_splice_alias+0x8a7/0xb40 [ 49.048550][ T536] fuse_lookup+0x5a6/0x15a0 [ 49.052897][ T536] __lookup_slow+0x19b/0x3d0 [ 49.057309][ T536] walk_component+0x3a1/0x690 [ 49.061831][ T536] link_path_walk.part.0+0x57b/0xb30 [ 49.066946][ T536] path_parentat+0x8f/0x160 [ 49.071283][ T536] __filename_parentat+0x19e/0x630 [ 49.076230][ T536] filename_create+0x95/0x3e0 [ 49.080743][ T536] do_mkdirat+0x9c/0x2c0 [ 49.084823][ T536] __x64_sys_mkdir+0xd5/0x120 [ 49.089474][ T536] do_syscall_64+0x35/0xb0 [ 49.093809][ T536] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 49.099639][ T536] [ 49.101797][ T536] The buggy address belongs to the object at ffff88811fbce800 [ 49.101797][ T536] which belongs to the cache kmalloc-rcl-512 of size 512 [ 49.116031][ T536] The buggy address is located 16 bytes inside of [ 49.116031][ T536] 512-byte region [ffff88811fbce800, ffff88811fbcea00) [ 49.129201][ T536] The buggy address belongs to the page: [ 49.134872][ T536] page:ffffea00047ef300 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11fbcc [ 49.145383][ T536] head:ffffea00047ef300 order:2 compound_mapcount:0 compound_pincount:0 [ 49.153532][ T536] flags: 0x4000000000010200(slab|head|zone=1) [ 49.159522][ T536] raw: 4000000000010200 0000000000000000 dead000000000122 ffff88810004c300 [ 49.167947][ T536] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 49.176361][ T536] page dumped because: kasan: bad access detected [ 49.182611][ T536] page_owner tracks the page as allocated [ 49.188173][ T536] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0x1d20d0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 458, ts 46880413367, free_ts 0 [ 49.209686][ T536] prep_new_page+0x1a2/0x310 [ 49.214136][ T536] get_page_from_freelist+0x1ce2/0x30a0 [ 49.219493][ T536] __alloc_pages+0x2d1/0x2620 [ 49.224037][ T536] allocate_slab+0x39d/0x530 [ 49.228694][ T536] ___slab_alloc.constprop.0+0x3ca/0x890 [ 49.234420][ T536] __slab_alloc.constprop.0+0x42/0x80 [ 49.239626][ T536] __kmalloc+0x49f/0x4e0 [ 49.243709][ T536] __d_alloc+0x593/0x8a0 [ 49.248056][ T536] d_alloc+0x3c/0x210 [ 49.252146][ T536] d_alloc_parallel+0xdc/0x1090 [ 49.256829][ T536] __lookup_slow+0x106/0x3d0 [ 49.261358][ T536] walk_component+0x3a1/0x690 [ 49.265960][ T536] path_lookupat+0x11f/0x6b0 [ 49.270393][ T536] filename_lookup+0x192/0x510 [ 49.274984][ T536] user_path_at_empty+0x3a/0x60 [ 49.279938][ T536] vfs_statx+0xeb/0x330 [ 49.284878][ T536] page_owner free stack trace missing [ 49.290266][ T536] [ 49.292429][ T536] Memory state around the buggy address: [ 49.297898][ T536] ffff88811fbce700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.305968][ T536] ffff88811fbce780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.313966][ T536] >ffff88811fbce800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 49.321855][ T536] ^ [ 49.326365][ T536] ffff88811fbce880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 49.334449][ T536] ffff88811fbce900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 49.342343][ T536] ================================================================== [ 49.350331][ T536] Disabling lock debugging due to kernel taint 2024/02/26 07:06:42 executed programs: 60 2024/02/26 07:06:47 executed programs: 96