Warning: Permanently added '10.128.1.200' (ED25519) to the list of known hosts.
2024/11/07 05:53:59 ignoring optional flag "sandboxArg"="0"
2024/11/07 05:53:59 ignoring optional flag "type"="gce"
2024/11/07 05:53:59 parsed 1 programs
2024/11/07 05:53:59 executed programs: 0
[   48.340866][  T423] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.347933][  T423] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.355413][  T423] device bridge_slave_0 entered promiscuous mode
[   48.362590][  T423] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.369452][  T423] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.376862][  T423] device bridge_slave_1 entered promiscuous mode
[   48.408870][  T420] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.415705][  T420] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.423357][  T420] device bridge_slave_0 entered promiscuous mode
[   48.434070][  T420] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.441177][  T420] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.448834][  T420] device bridge_slave_1 entered promiscuous mode
[   48.538569][  T421] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.545603][  T421] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.553184][  T421] device bridge_slave_0 entered promiscuous mode
[   48.562800][  T427] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.569794][  T427] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.577368][  T427] device bridge_slave_0 entered promiscuous mode
[   48.588402][  T422] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.595240][  T422] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.602687][  T422] device bridge_slave_0 entered promiscuous mode
[   48.609349][  T421] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.616178][  T421] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.623764][  T421] device bridge_slave_1 entered promiscuous mode
[   48.634643][  T427] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.641622][  T427] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.649367][  T427] device bridge_slave_1 entered promiscuous mode
[   48.659333][  T422] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.666164][  T422] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.673703][  T422] device bridge_slave_1 entered promiscuous mode
[   48.701665][  T428] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.708637][  T428] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.716026][  T428] device bridge_slave_0 entered promiscuous mode
[   48.726619][  T428] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.733504][  T428] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.741051][  T428] device bridge_slave_1 entered promiscuous mode
[   48.991156][  T423] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.998028][  T423] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.005248][  T423] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.012136][  T423] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.021507][  T420] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.028379][  T420] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.035471][  T420] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.042337][  T420] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.062818][  T422] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.069693][  T422] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.076785][  T422] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.083583][  T422] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.093338][  T427] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.100195][  T427] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.107358][  T427] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.114179][  T427] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.124658][  T421] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.131547][  T421] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.138688][  T421] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.145521][  T421] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.206216][  T428] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.213106][  T428] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.220314][  T428] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.227159][  T428] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.266529][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.273725][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.281148][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.288619][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.295638][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   49.303780][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.311196][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.318285][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.325533][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.332840][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.340174][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.347562][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.355001][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.364091][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   49.371554][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   49.401148][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.409581][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.418114][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.424940][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.433060][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   49.442118][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.450296][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.457135][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.464494][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   49.472212][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   49.479610][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.487833][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.495862][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.502861][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.510417][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   49.519036][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.527133][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.534149][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.541608][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.550228][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.558425][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.565503][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.572781][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   49.581907][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.590134][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.597166][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.631599][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   49.640590][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   49.648771][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   49.656786][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   49.665788][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   49.673308][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   49.680967][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.689425][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.697957][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.704866][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.712353][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   49.719849][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   49.759251][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   49.768110][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   49.776072][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   49.784720][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   49.793248][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   49.802039][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.810410][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.817262][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.824465][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   49.832687][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   49.840712][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.848975][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.857393][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.864330][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.871743][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   49.880068][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.888554][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.895713][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.925777][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   49.933250][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   49.940838][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   49.951653][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   49.960834][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   49.969396][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   49.978169][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   50.008692][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   50.018102][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   50.026453][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   50.035893][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   50.044424][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.051324][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   50.058662][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   50.066836][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   50.074967][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.081892][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   50.091070][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   50.103123][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   50.115551][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   50.149129][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   50.158555][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   50.166325][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   50.175549][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   50.183867][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   50.218586][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   50.226942][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   50.234901][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   50.243312][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   50.255380][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   50.263755][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   50.294193][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   50.302407][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   50.311870][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   50.320803][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   50.329302][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   50.337946][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   50.346047][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   50.369494][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   50.378120][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   50.386267][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   50.395865][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   50.405314][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   50.418620][  T450] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   50.426784][  T450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   50.443463][   T23] kauditd_printk_skb: 15 callbacks suppressed
[   50.443476][   T23] audit: type=1400 audit(1730958841.660:91): avc:  denied  { mounton } for  pid=427 comm="syz-executor.3" path="/dev/binderfs" dev="devtmpfs" ino=10823 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   50.487063][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   50.495767][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   50.504978][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   50.518553][   T23] audit: type=1400 audit(1730958841.740:92): avc:  denied  { read write } for  pid=453 comm="syz-executor.3" name="fuse" dev="devtmpfs" ino=9172 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   50.532482][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   50.551718][   T23] audit: type=1400 audit(1730958841.770:93): avc:  denied  { open } for  pid=455 comm="syz-executor.0" path="/dev/fuse" dev="devtmpfs" ino=9172 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   50.554205][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   50.578082][   T23] audit: type=1400 audit(1730958841.770:94): avc:  denied  { mounton } for  pid=455 comm="syz-executor.0" path="/root/syzkaller-testdir166946251/syzkaller.IWxUgU/0/file0" dev="sda1" ino=1953 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   50.588244][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   50.619112][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   50.627737][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   50.636461][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   50.645689][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   50.681794][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   50.690741][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   50.699411][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   50.708752][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   50.718004][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   50.726225][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   50.769275][  T462] ==================================================================
[   50.777200][  T462] BUG: KASAN: use-after-free in fuse_copy_one+0x1c0/0x3a0
[   50.784206][  T462] Read of size 256 at addr ffff8881dd2a9010 by task syz-executor.0/462
[   50.792474][  T462] 
[   50.794662][  T462] CPU: 0 PID: 462 Comm: syz-executor.0 Not tainted 5.4.284-syzkaller-04988-g137306201ec6 #0
[   50.804761][  T462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   50.814853][  T462] Call Trace:
[   50.817979][  T462]  dump_stack+0x1d8/0x241
[   50.822149][  T462]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[   50.827968][  T462]  ? printk+0xd1/0x111
[   50.831881][  T462]  ? fuse_copy_one+0x1c0/0x3a0
[   50.836476][  T462]  ? wake_up_klogd+0xb2/0xf0
[   50.841159][  T462]  ? fuse_copy_one+0x1c0/0x3a0
[   50.845947][  T462]  print_address_description+0x8c/0x600
[   50.851458][  T462]  ? panic+0x89d/0x89d
[   50.855375][  T462]  ? _raw_spin_lock+0xa4/0x1b0
[   50.860019][  T462]  ? fuse_copy_one+0x1c0/0x3a0
[   50.864728][  T462]  __kasan_report+0xf3/0x120
[   50.869220][  T462]  ? fuse_copy_one+0x1c0/0x3a0
[   50.873817][  T462]  ? fuse_copy_one+0x1c0/0x3a0
[   50.878591][  T462]  kasan_report+0x30/0x60
[   50.882928][  T462]  check_memory_region+0x272/0x280
[   50.888035][  T462]  memcpy+0x25/0x50
[   50.891662][  T462]  fuse_copy_one+0x1c0/0x3a0
[   50.896330][  T462]  fuse_copy_args+0x339/0x410
[   50.900941][  T462]  fuse_dev_do_read+0xc1b/0x1190
[   50.905665][  T462]  ? queue_interrupt+0x310/0x310
[   50.910447][  T462]  fuse_dev_read+0x179/0x220
[   50.914948][  T462]  ? fuse_dev_release+0x5c0/0x5c0
[   50.919983][  T462]  ? do_futex+0x13c1/0x19f0
[   50.924453][  T462]  ? __lru_cache_add+0x206/0x2b0
[   50.929606][  T462]  ? iov_iter_init+0x82/0x160
[   50.934459][  T462]  __vfs_read+0x5cd/0x730
[   50.938621][  T462]  ? rw_verify_area+0x360/0x360
[   50.943328][  T462]  ? __fsnotify_update_child_dentry_flags+0x290/0x290
[   50.949898][  T462]  ? security_file_permission+0x1dc/0x2f0
[   50.955578][  T462]  vfs_read+0x148/0x360
[   50.959569][  T462]  ksys_read+0x199/0x2c0
[   50.963762][  T462]  ? vfs_write+0x4e0/0x4e0
[   50.968090][  T462]  ? __do_page_fault+0x725/0xbb0
[   50.972948][  T462]  do_syscall_64+0xca/0x1c0
[   50.977279][  T462]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   50.983013][  T462] RIP: 0033:0x7ff1b1fe9db9
[   50.987250][  T462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   51.006774][  T462] RSP: 002b:00007ff1b1b0a0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   51.015108][  T462] RAX: ffffffffffffffda RBX: 00007ff1b210a1f0 RCX: 00007ff1b1fe9db9
[   51.022915][  T462] RDX: 0000000000002020 RSI: 0000000020002140 RDI: 0000000000000003
[   51.030811][  T462] RBP: 00007ff1b2046ad0 R08: 0000000000000000 R09: 0000000000000000
[   51.038728][  T462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   51.046538][  T462] R13: 000000000000006e R14: 00007ff1b210a1f0 R15: 00007ffe15332df8
[   51.054447][  T462] 
[   51.056610][  T462] Allocated by task 456:
[   51.060807][  T462]  __kasan_kmalloc+0x171/0x210
[   51.065410][  T462]  __d_alloc+0xae/0x6a0
[   51.069394][  T462]  d_alloc_parallel+0xec/0x1390
[   51.074087][  T462]  __lookup_slow+0x156/0x460
[   51.078514][  T462]  lookup_slow+0x53/0x70
[   51.082684][  T462]  walk_component+0x2dc/0x590
[   51.087202][  T462]  path_lookupat+0x182/0x3f0
[   51.091626][  T462]  filename_lookup+0x253/0x6e0
[   51.096314][  T462]  do_mount+0x135/0xe10
[   51.100304][  T462]  ksys_mount+0xc2/0xf0
[   51.104308][  T462]  __x64_sys_mount+0xb1/0xc0
[   51.108732][  T462]  do_syscall_64+0xca/0x1c0
[   51.113335][  T462]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   51.119107][  T462] 
[   51.121319][  T462] Freed by task 164:
[   51.125035][  T462]  __kasan_slab_free+0x1b5/0x270
[   51.129808][  T462]  kfree+0x123/0x370
[   51.133781][  T462]  rcu_do_batch+0x451/0xa00
[   51.138334][  T462]  rcu_core+0x4c8/0xcb0
[   51.142296][  T462]  __do_softirq+0x23b/0x6b7
[   51.146612][  T462] 
[   51.148785][  T462] The buggy address belongs to the object at ffff8881dd2a9000
[   51.148785][  T462]  which belongs to the cache kmalloc-rcl-512 of size 512
[   51.163189][  T462] The buggy address is located 16 bytes inside of
[   51.163189][  T462]  512-byte region [ffff8881dd2a9000, ffff8881dd2a9200)
[   51.176330][  T462] The buggy address belongs to the page:
[   51.182103][  T462] page:ffffea000774aa00 refcount:1 mapcount:0 mapping:ffff8881f5c0db80 index:0x0 compound_mapcount: 0
[   51.192856][  T462] flags: 0x8000000000010200(slab|head)
[   51.198253][  T462] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881f5c0db80
[   51.206878][  T462] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   51.215300][  T462] page dumped because: kasan: bad access detected
[   51.221730][  T462] page_owner tracks the page as allocated
[   51.227298][  T462] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0x1d20d0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE)
[   51.245508][  T462]  prep_new_page+0x18f/0x370
[   51.249930][  T462]  get_page_from_freelist+0x2d13/0x2d90
[   51.255480][  T462]  __alloc_pages_nodemask+0x393/0x840
[   51.260823][  T462]  alloc_slab_page+0x39/0x3c0
[   51.265291][  T462]  new_slab+0x97/0x440
[   51.269193][  T462]  ___slab_alloc+0x2fe/0x490
[   51.273615][  T462]  __slab_alloc+0x62/0xa0
[   51.277821][  T462]  __kmalloc+0x19b/0x2e0
[   51.282093][  T462]  __d_alloc+0xae/0x6a0
[   51.286190][  T462]  d_alloc_parallel+0xec/0x1390
[   51.290874][  T462]  __lookup_slow+0x156/0x460
[   51.295312][  T462]  lookup_slow+0x53/0x70
[   51.299383][  T462]  walk_component+0x2dc/0x590
[   51.303884][  T462]  path_lookupat+0x182/0x3f0
[   51.308402][  T462]  filename_lookup+0x253/0x6e0
[   51.313088][  T462]  do_mount+0x135/0xe10
[   51.317419][  T462] page last free stack trace:
[   51.322192][  T462]  free_unref_page_prepare+0x297/0x380
[   51.327502][  T462]  free_unref_page_list+0x10a/0x590
[   51.332609][  T462]  release_pages+0xad8/0xb20
[   51.337116][  T462]  tlb_flush_mmu+0xc8/0x170
[   51.341470][  T462]  unmap_page_range+0x1d29/0x2620
[   51.346334][  T462]  unmap_vmas+0x355/0x4b0
[   51.350489][  T462]  exit_mmap+0x2bc/0x520
[   51.354580][  T462]  __mmput+0x8e/0x2c0
[   51.358399][  T462]  do_exit+0xc08/0x2bc0
[   51.362381][  T462]  do_group_exit+0x138/0x300
[   51.366800][  T462]  get_signal+0xdb1/0x1440
[   51.371217][  T462]  do_signal+0xb0/0x11f0
[   51.375403][  T462]  exit_to_usermode_loop+0xc0/0x1a0
[   51.380424][  T462]  prepare_exit_to_usermode+0x199/0x200
[   51.385790][  T462]  swapgs_restore_regs_and_return_to_usermode+0x0/0x54
[   51.392465][  T462] 
[   51.394634][  T462] Memory state around the buggy address:
[   51.400119][  T462]  ffff8881dd2a8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   51.408185][  T462]  ffff8881dd2a8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   51.416083][  T462] >ffff8881dd2a9000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   51.423978][  T462]                          ^
[   51.428408][  T462]  ffff8881dd2a9080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   51.436405][  T462]  ffff8881dd2a9100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   51.444387][  T462] ==================================================================
[   51.452377][  T462] Disabling lock debugging due to kernel taint
[   51.563378][   T23] audit: type=1400 audit(1730958842.780:95): avc:  denied  { unmount } for  pid=423 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
2024/11/07 05:54:04 executed programs: 17
2024/11/07 05:54:09 executed programs: 53