Warning: Permanently added '10.128.1.227' (ED25519) to the list of known hosts. 2024/08/04 00:36:55 ignoring optional flag "sandboxArg"="0" 2024/08/04 00:36:55 parsed 1 programs 2024/08/04 00:36:55 executed programs: 0 [ 49.899364][ T2487] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 56.179252][ T2504] veth0_vlan: entered promiscuous mode [ 56.202458][ T2508] veth0_vlan: entered promiscuous mode [ 56.216065][ T2501] veth0_vlan: entered promiscuous mode [ 56.264082][ T2495] veth0_vlan: entered promiscuous mode [ 56.300380][ T2505] veth0_vlan: entered promiscuous mode [ 58.363782][ T10] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 58.373908][ T8] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 58.403797][ T3625] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 58.503793][ T3624] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 58.534561][ T36] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 58.563789][ T8] usb 5-1: Using ep0 maxpacket: 8 [ 58.569122][ T10] usb 1-1: Using ep0 maxpacket: 8 [ 58.575766][ T8] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 58.586959][ T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 58.597490][ T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 544 [ 58.607585][ T8] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 58.620961][ T8] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 58.630113][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 58.638702][ T10] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 58.650131][ T10] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 58.660126][ T10] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 544 [ 58.670377][ T10] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 58.683369][ T10] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 58.692954][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 58.701765][ T3625] usb 4-1: Using ep0 maxpacket: 8 [ 58.710593][ T3625] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 58.714244][ T36] usb 3-1: Using ep0 maxpacket: 8 [ 58.721813][ T3625] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 58.728874][ T36] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 58.736909][ T3625] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 544 [ 58.736919][ T3625] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 58.736937][ T3625] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 58.736945][ T3625] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 58.748055][ T36] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 58.748065][ T36] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 544 [ 58.748072][ T36] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 58.748088][ T36] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 58.748095][ T36] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 58.873821][ T3624] usb 2-1: Using ep0 maxpacket: 8 [ 58.880280][ T3624] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 58.891825][ T3624] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 58.902057][ T3624] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 544 [ 58.912274][ T3624] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 58.916838][ T3619] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 58.925353][ T3624] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 58.925365][ T3624] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 58.926054][ T8] usb 5-1: usb_control_msg returned -32 [ 58.934020][ T3619] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 58.943061][ T8] usbtmc 5-1:16.0: can't read capabilities [ 58.960328][ T3648] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 58.980492][ T3648] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 58.984305][ T10] usb 1-1: usb_control_msg returned -32 [ 58.992192][ T36] usb 3-1: usb_control_msg returned -32 [ 58.993895][ T10] usbtmc 1-1:16.0: can't read capabilities [ 58.999587][ T36] usbtmc 3-1:16.0: can't read capabilities [ 59.000985][ T3619] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.020252][ T3619] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.023210][ T3618] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.037238][ T3618] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.051131][ T3618] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.059859][ T3625] usb 4-1: usb_control_msg returned -32 [ 59.059882][ T3625] usbtmc 4-1:16.0: can't read capabilities [ 59.071421][ T3648] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.080281][ T3648] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.088935][ T3630] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.091625][ T3618] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.097484][ T3630] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.109057][ T3618] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.121337][ T3619] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.121760][ T3618] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.130625][ T3619] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.139072][ T3648] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.154745][ T3630] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.155175][ T3648] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.163188][ T3630] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.179246][ T3618] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.187970][ T3618] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.191256][ T3648] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.205517][ T3648] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.208309][ T3618] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.221912][ T3619] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.222032][ T3618] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.230887][ T3619] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.246301][ T3630] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.254928][ T3630] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.265247][ T3648] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.274105][ T3648] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.276085][ T25] usb 1-1: USB disconnect, device number 2 [ 59.289476][ T3624] usb 2-1: usb_control_msg returned -32 [ 59.295147][ T3624] usbtmc 2-1:16.0: can't read capabilities [ 59.297017][ T3619] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.309528][ T3619] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.319873][ T3630] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.328503][ T3630] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.343089][ T3630] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.345871][ T3624] usb 3-1: USB disconnect, device number 2 [ 59.351811][ T3630] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.373303][ T3625] usb 2-1: USB disconnect, device number 2 [ 59.380336][ T36] usb 5-1: USB disconnect, device number 2 [ 59.389511][ T10] usb 4-1: USB disconnect, device number 2 2024/08/04 00:37:05 executed programs: 5 [ 60.083798][ T3624] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 60.143776][ T36] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 60.163781][ T3658] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 60.173868][ T3625] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 60.183807][ T25] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 60.263745][ T3624] usb 1-1: Using ep0 maxpacket: 8 [ 60.270091][ T3624] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 60.281623][ T3624] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 60.291899][ T3624] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 544 [ 60.302198][ T3624] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 60.315351][ T3624] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 60.323804][ T36] usb 3-1: Using ep0 maxpacket: 8 [ 60.324479][ T3624] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.339709][ T36] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 60.351061][ T36] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 60.361087][ T36] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 544 [ 60.371121][ T36] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 60.373735][ T3625] usb 5-1: Using ep0 maxpacket: 8 [ 60.384225][ T36] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 60.391419][ T3625] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 60.398324][ T36] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.409392][ T3625] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 60.409405][ T3625] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 544 [ 60.409412][ T3625] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 60.409434][ T3625] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 60.409442][ T3625] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.417939][ T3658] usb 2-1: Using ep0 maxpacket: 8 [ 60.474005][ T25] usb 4-1: Using ep0 maxpacket: 8 [ 60.481341][ T25] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 60.492658][ T25] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 60.502882][ T25] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 544 [ 60.513022][ T25] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 60.526127][ T25] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 60.535541][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.545683][ T3624] usb 1-1: usb_control_msg returned -32 [ 60.547298][ T3658] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 60.551389][ T3624] usbtmc 1-1:16.0: can't read capabilities [ 60.562475][ T3658] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 60.578397][ T3658] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 544 [ 60.588426][ T3658] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 60.591159][ T3661] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 60.601510][ T3658] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 60.601524][ T3658] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.627272][ T3661] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 60.636221][ T3661] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 60.644958][ T3661] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 60.652263][ C1] hrtimer: interrupt took 27768 ns [ 60.653205][ T3661] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 60.666719][ T3661] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 60.674053][ C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 60.674930][ T3625] usb 5-1: usb_control_msg returned -32 [ 60.685156][ T3661] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 60.689252][ T3625] usbtmc 5-1:16.0: can't read capabilities [ 60.704033][ T3661] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 60.704107][ C0] ================================================================== [ 60.711821][ T36] usb 3-1: usb_control_msg returned -32 [ 60.719957][ C0] BUG: KASAN: slab-use-after-free in usb_anchor_suspend_wakeups+0x1e/0x30 [ 60.719986][ C0] Write of size 4 at addr ffff88812191f910 by task syz-executor.4/3667 [ 60.719992][ C0] [ 60.720007][ C0] CPU: 0 UID: 0 PID: 3667 Comm: syz-executor.4 Not tainted 6.11.0-rc1-syzkaller #0 [ 60.720015][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 60.720022][ C0] Call Trace: [ 60.725701][ T36] usbtmc 3-1:16.0: can't read capabilities [ 60.734081][ C0] [ 60.734085][ C0] dump_stack_lvl+0x108/0x280 [ 60.734097][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 60.734105][ C0] ? __pfx__printk+0x10/0x10 [ 60.734113][ C0] ? __virt_addr_valid+0x141/0x270 [ 60.734120][ C0] ? __virt_addr_valid+0x229/0x270 [ 60.734124][ C0] print_report+0x169/0x550 [ 60.734132][ C0] ? __virt_addr_valid+0x141/0x270 [ 60.810499][ C0] ? __virt_addr_valid+0x229/0x270 [ 60.815585][ C0] ? usb_anchor_suspend_wakeups+0x1e/0x30 [ 60.821359][ C0] kasan_report+0x143/0x180 [ 60.825839][ C0] ? usb_anchor_suspend_wakeups+0x1e/0x30 [ 60.831527][ C0] kasan_check_range+0x282/0x290 [ 60.836554][ C0] usb_anchor_suspend_wakeups+0x1e/0x30 [ 60.842246][ C0] __usb_hcd_giveback_urb+0x1d8/0x370 [ 60.847592][ C0] dummy_timer+0x9e9/0x3da0 [ 60.852071][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 60.856987][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 60.861980][ C0] __hrtimer_run_queues+0x410/0x820 [ 60.867156][ C0] ? hrtimer_interrupt+0xfe/0xbc0 [ 60.872186][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 60.877983][ C0] ? __rseq_handle_notify_resume+0x86e/0xe60 [ 60.883952][ C0] hrtimer_interrupt+0x2e6/0xbc0 [ 60.888882][ C0] __sysvec_apic_timer_interrupt+0xed/0x320 [ 60.894839][ C0] sysvec_apic_timer_interrupt+0x52/0xc0 [ 60.900494][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 60.906470][ C0] RIP: 0033:0x7f2c54cfddbe [ 60.910901][ C0] Code: 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 <48> 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 [ 60.930920][ C0] RSP: 002b:00007f2c5487f0c8 EFLAGS: 00000217 [ 60.937141][ C0] RAX: 0000000000000009 RBX: 00007f2c54e2bf80 RCX: ffffffffffffffb0 [ 60.945257][ C0] RDX: 0000000020000040 RSI: 00000000c0145b0e RDI: 0000000000000004 [ 60.953299][ C0] RBP: 00007f2c54d4a47a R08: 0000000000000000 R09: 0000000000000000 [ 60.961373][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 60.969410][ C0] R13: 000000000000000b R14: 00007f2c54e2bf80 R15: 00007ffca18f2038 [ 60.977408][ C0] [ 60.980927][ C0] [ 60.983259][ C0] Allocated by task 3667: [ 60.987734][ C0] kasan_save_track+0x3f/0x80 [ 60.992474][ C0] __kasan_kmalloc+0x98/0xb0 [ 60.997131][ C0] __kmalloc_cache_noprof+0x19e/0x360 [ 61.002564][ C0] usbtmc_open+0x8e/0x820 [ 61.006869][ C0] usb_open+0x176/0x1e0 [ 61.011184][ C0] chrdev_open+0x4bd/0x580 [ 61.015585][ C0] do_dentry_open+0x6f4/0xfa0 [ 61.020241][ C0] vfs_open+0x36/0x290 [ 61.024369][ C0] path_openat+0x21bf/0x2870 [ 61.029033][ C0] do_filp_open+0x22b/0x440 [ 61.033501][ C0] do_sys_openat2+0xf6/0x180 [ 61.038061][ C0] __x64_sys_openat+0x20d/0x260 [ 61.043060][ C0] do_syscall_64+0x8d/0x190 [ 61.047803][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.054100][ C0] [ 61.056401][ C0] Freed by task 3667: [ 61.060705][ C0] kasan_save_track+0x3f/0x80 [ 61.065541][ C0] kasan_save_free_info+0x40/0x50 [ 61.070559][ C0] poison_slab_object+0xe0/0x150 [ 61.075476][ C0] __kasan_slab_free+0x37/0x60 [ 61.080208][ C0] kfree+0x12f/0x310 [ 61.084247][ C0] usbtmc_release+0x220/0x250 [ 61.088893][ C0] __fput+0x1a8/0x690 [ 61.093024][ C0] task_work_run+0x20f/0x290 [ 61.097670][ C0] syscall_exit_to_user_mode+0xb5/0x1e0 [ 61.103191][ C0] do_syscall_64+0x9a/0x190 [ 61.107771][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.113656][ C0] [ 61.116053][ C0] The buggy address belongs to the object at ffff88812191f800 [ 61.116053][ C0] which belongs to the cache kmalloc-1k of size 1024 [ 61.130079][ C0] The buggy address is located 272 bytes inside of [ 61.130079][ C0] freed 1024-byte region [ffff88812191f800, ffff88812191fc00) [ 61.143936][ C0] [ 61.146322][ C0] The buggy address belongs to the physical page: [ 61.152788][ C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x121918 [ 61.161695][ C0] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 61.170347][ C0] anon flags: 0x200000000000040(head|node=0|zone=2) [ 61.177102][ C0] page_type: 0xfdffffff(slab) [ 61.181757][ C0] raw: 0200000000000040 ffff888100041dc0 ffffea000466e400 0000000000000003 [ 61.190483][ C0] raw: 0000000000000000 0000000000100010 00000001fdffffff 0000000000000000 [ 61.199039][ C0] head: 0200000000000040 ffff888100041dc0 ffffea000466e400 0000000000000003 [ 61.207782][ C0] head: 0000000000000000 0000000000100010 00000001fdffffff 0000000000000000 [ 61.216517][ C0] head: 0200000000000003 ffffea0004864601 ffffffffffffffff 0000000000000000 [ 61.225154][ C0] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 61.234085][ C0] page dumped because: kasan: bad access detected [ 61.240563][ C0] page_owner tracks the page as allocated [ 61.246248][ C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 1600, tgid 1600 (kworker/u8:7), ts 55900115359, free_ts 55846967734 [ 61.268625][ C0] post_alloc_hook+0x10f/0x130 [ 61.273543][ C0] get_page_from_freelist+0x2b8c/0x2c40 [ 61.279065][ C0] __alloc_pages_noprof+0x256/0x670 [ 61.284235][ C0] alloc_slab_page+0x5f/0x120 [ 61.288964][ C0] allocate_slab+0x5d/0x290 [ 61.293434][ C0] ___slab_alloc+0xa7f/0x11d0 [ 61.298082][ C0] __kmalloc_node_track_caller_noprof+0x27d/0x460 [ 61.304542][ C0] kmalloc_reserve+0xe7/0x210 [ 61.309283][ C0] __alloc_skb+0x18d/0x760 [ 61.313787][ C0] inet6_rt_notify+0x262/0x4f0 [ 61.318523][ C0] fib6_add+0x2160/0x3ce0 [ 61.322837][ C0] ip6_ins_rt+0x101/0x170 [ 61.327222][ C0] __ipv6_ifa_notify+0x36e/0xfe0 [ 61.332305][ C0] addrconf_dad_completed+0x14d/0xa20 [ 61.337667][ C0] addrconf_dad_work+0x80b/0x1460 [ 61.342665][ C0] process_scheduled_works+0x8cf/0x1320 [ 61.348191][ C0] page last free pid 3312 tgid 3312 stack trace: [ 61.354835][ C0] free_unref_page+0xbc0/0xd00 [ 61.359569][ C0] __put_partials+0x18e/0x1d0 [ 61.364217][ C0] put_cpu_partial+0x151/0x1b0 [ 61.368994][ C0] __slab_free+0x2b8/0x3a0 [ 61.373381][ C0] qlist_free_all+0x9e/0x140 [ 61.378124][ C0] kasan_quarantine_reduce+0x14f/0x170 [ 61.383662][ C0] __kasan_slab_alloc+0x23/0x80 [ 61.388498][ C0] kmem_cache_alloc_noprof+0x12b/0x350 [ 61.394202][ C0] vm_area_dup+0x5b/0x130 [ 61.398698][ C0] __split_vma+0xfe/0xa00 [ 61.403009][ C0] do_vmi_align_munmap+0x3c7/0x1430 [ 61.408270][ C0] do_vmi_munmap+0x1c4/0x230 [ 61.412843][ C0] mmap_region+0x606/0x19c0 [ 61.417325][ C0] do_mmap+0x709/0xc80 [ 61.421454][ C0] vm_mmap_pgoff+0x1b2/0x340 [ 61.426024][ C0] ksys_mmap_pgoff+0x2d2/0x3f0 [ 61.430760][ C0] [ 61.433059][ C0] Memory state around the buggy address: [ 61.438753][ C0] ffff88812191f800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 61.446893][ C0] ffff88812191f880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 61.455098][ C0] >ffff88812191f900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 61.463301][ C0] ^ [ 61.467947][ C0] ffff88812191f980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 61.475984][ C0] ffff88812191fa00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 61.484013][ C0] ================================================================== [ 61.492197][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 61.499766][ C0] Kernel Offset: disabled [ 61.504221][ C0] Rebooting in 86400 seconds..