Warning: Permanently added '10.128.0.245' (ED25519) to the list of known hosts. 2023/10/18 05:16:06 ignoring optional flag "sandboxArg"="0" 2023/10/18 05:16:06 parsed 1 programs 2023/10/18 05:16:06 executed programs: 0 [ 47.543302][ T29] kauditd_printk_skb: 74 callbacks suppressed [ 47.543308][ T29] audit: type=1400 audit(1697606166.408:150): avc: denied { mounton } for pid=343 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 47.583550][ T29] audit: type=1400 audit(1697606166.408:151): avc: denied { mount } for pid=343 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 47.611858][ T29] audit: type=1400 audit(1697606166.408:152): avc: denied { setattr } for pid=343 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 47.645597][ T29] audit: type=1400 audit(1697606166.448:153): avc: denied { mounton } for pid=348 comm="syz-executor.2" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 47.675864][ T348] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.682797][ T348] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.690364][ T348] device bridge_slave_0 entered promiscuous mode [ 47.698125][ T348] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.705576][ T348] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.712854][ T348] device bridge_slave_1 entered promiscuous mode [ 47.816301][ T362] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.824183][ T362] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.831488][ T362] device bridge_slave_0 entered promiscuous mode [ 47.839666][ T362] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.846912][ T362] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.854174][ T362] device bridge_slave_1 entered promiscuous mode [ 47.887664][ T365] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.894818][ T365] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.901880][ T365] device bridge_slave_0 entered promiscuous mode [ 47.922830][ T365] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.929697][ T365] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.937005][ T365] device bridge_slave_1 entered promiscuous mode [ 47.960825][ T350] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.967829][ T350] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.976004][ T350] device bridge_slave_0 entered promiscuous mode [ 47.983105][ T350] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.990425][ T350] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.997528][ T350] device bridge_slave_1 entered promiscuous mode [ 48.011222][ T351] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.018160][ T351] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.026693][ T351] device bridge_slave_0 entered promiscuous mode [ 48.044201][ T351] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.051048][ T351] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.058356][ T351] device bridge_slave_1 entered promiscuous mode [ 48.097087][ T359] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.104264][ T359] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.111321][ T359] device bridge_slave_0 entered promiscuous mode [ 48.122103][ T348] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.128961][ T348] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.136071][ T348] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.142832][ T348] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.164822][ T359] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.171656][ T359] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.179173][ T359] device bridge_slave_1 entered promiscuous mode [ 48.255805][ T25] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.262963][ T25] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.271416][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 48.278748][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 48.329971][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 48.338017][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 48.346082][ T305] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.353071][ T305] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.360411][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 48.368321][ T305] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.375054][ T305] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.382362][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 48.390352][ T305] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.397199][ T305] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.404429][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 48.412062][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 48.433720][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 48.441524][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 48.449484][ T305] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.456421][ T305] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.493011][ T348] device veth0_vlan entered promiscuous mode [ 48.507796][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 48.515660][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 48.523751][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 48.531614][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 48.538861][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 48.546377][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 48.554345][ T6] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.561429][ T6] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.568629][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 48.576396][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 48.592854][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 48.600447][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 48.608746][ T6] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.615581][ T6] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.629550][ T348] device veth1_macvtap entered promiscuous mode [ 48.646178][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 48.653809][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 48.661120][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 48.668493][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 48.676657][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 48.683792][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 48.691961][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 48.699968][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 48.707428][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 48.715644][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 48.723376][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 48.731183][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 48.739018][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 48.747214][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 48.761505][ T365] device veth0_vlan entered promiscuous mode [ 48.777601][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 48.785689][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 48.793792][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.800773][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.808637][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 48.817195][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 48.825211][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.832023][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.839491][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 48.847667][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 48.855811][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 48.863385][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 48.871014][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 48.878974][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 48.887310][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 48.895250][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 48.903269][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 48.911068][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 48.920300][ T350] device veth0_vlan entered promiscuous mode [ 48.931038][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 48.938697][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 48.946190][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 48.953838][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 48.961916][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 48.990638][ T350] device veth1_macvtap entered promiscuous mode [ 48.994610][ T29] audit: type=1400 audit(1697606167.858:154): avc: denied { mounton } for pid=384 comm="syz-executor.2" path="/root/syzkaller-testdir2490527481/syzkaller.0UtTu3/0/file0" dev="sda1" ino=1947 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 49.002808][ T365] device veth1_macvtap entered promiscuous mode [ 49.036249][ T362] device veth0_vlan entered promiscuous mode [ 49.045836][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 49.053828][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 49.062455][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 49.069883][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 49.077408][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.085513][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.093410][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.100170][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.107669][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.115941][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.123852][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.130702][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.137932][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 49.145852][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 49.153514][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 49.161314][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 49.169560][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 49.177774][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 49.186000][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 49.193952][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 49.201417][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 49.208590][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 49.225008][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 49.232970][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 49.241267][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 49.249337][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 49.257550][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 49.264718][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 49.271845][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 49.279878][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 49.289721][ T362] device veth1_macvtap entered promiscuous mode [ 49.311060][ T351] device veth0_vlan entered promiscuous mode [ 49.318779][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 49.327186][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 49.335038][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 49.342140][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 49.349874][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 49.357340][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 49.365402][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 49.373472][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.382027][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.390165][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.397047][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.418833][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 49.426312][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 49.434501][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 49.442825][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.451776][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.460087][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.466923][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.474154][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 49.482403][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 49.490632][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 49.498752][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 49.520256][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 49.529584][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 49.539983][ T351] device veth1_macvtap entered promiscuous mode [ 49.547185][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 49.559164][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 49.567668][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 49.578083][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 49.586632][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 49.602199][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 49.615054][ T359] device veth0_vlan entered promiscuous mode [ 49.621935][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 49.629624][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 49.637529][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 49.647976][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 49.656131][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 49.666477][ T359] device veth1_macvtap entered promiscuous mode [ 49.675820][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 49.683919][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 49.692430][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 49.702861][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 49.711048][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 49.829729][ T29] audit: type=1400 audit(1697606168.698:155): avc: denied { unmount } for pid=348 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 51.304164][ T466] ================================================================== [ 51.312175][ T466] BUG: KASAN: use-after-free in fuse_copy_one+0x84/0x310 [ 51.319023][ T466] Read of size 256 at addr ffff88811eec4410 by task syz-executor.0/466 [ 51.327088][ T466] [ 51.329262][ T466] CPU: 1 PID: 466 Comm: syz-executor.0 Not tainted 5.15.132-syzkaller #0 [ 51.337590][ T466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 51.347778][ T466] Call Trace: [ 51.350903][ T466] [ 51.353685][ T466] dump_stack_lvl+0x38/0x49 [ 51.358197][ T466] print_address_description.constprop.0+0x24/0x160 [ 51.364728][ T466] ? fuse_copy_one+0x84/0x310 [ 51.369320][ T466] kasan_report.cold+0x82/0xdb [ 51.374264][ T466] ? fuse_copy_one+0x84/0x310 [ 51.379330][ T466] kasan_check_range+0x148/0x190 [ 51.384094][ T466] memcpy+0x24/0x60 [ 51.387725][ T466] fuse_copy_one+0x84/0x310 [ 51.392060][ T466] ? fuse_copy_finish+0x240/0x240 [ 51.397041][ T466] fuse_copy_args+0x84/0x360 [ 51.401458][ T466] ? memcpy+0x4e/0x60 [ 51.405274][ T466] fuse_dev_do_read.constprop.0+0x144b/0x1c30 [ 51.411218][ T466] ? futex_wait_queue_me+0x6d0/0x6d0 [ 51.416383][ T466] ? fuse_copy_args+0x360/0x360 [ 51.421171][ T466] fuse_dev_read+0x13d/0x1e0 [ 51.425672][ T466] ? fuse_dev_splice_read+0x490/0x490 [ 51.430961][ T466] ? __pmd_alloc+0x330/0x330 [ 51.435479][ T466] new_sync_read+0x353/0x6d0 [ 51.439905][ T466] ? fsnotify+0xe30/0xe30 [ 51.444071][ T466] ? ksys_lseek+0x140/0x140 [ 51.448523][ T466] ? put_vma+0x1a/0x50 [ 51.452424][ T466] ? selinux_file_permission+0x2f1/0x3f0 [ 51.457892][ T466] ? fsnotify+0xe30/0xe30 [ 51.462055][ T466] vfs_read+0x347/0x4b0 [ 51.466051][ T466] ksys_read+0x111/0x210 [ 51.470306][ T466] ? vfs_write+0x8e0/0x8e0 [ 51.474997][ T466] ? __kasan_check_write+0x14/0x20 [ 51.479933][ T466] ? switch_fpu_return+0xec/0x1f0 [ 51.484808][ T466] __x64_sys_read+0x6e/0xb0 [ 51.489223][ T466] ? syscall_exit_to_user_mode+0x2f/0x40 [ 51.494783][ T466] do_syscall_64+0x35/0xb0 [ 51.499157][ T466] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 51.504930][ T466] RIP: 0033:0x7f84d5172db9 [ 51.509272][ T466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 51.528711][ T466] RSP: 002b:00007f84d4c930c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 51.537292][ T466] RAX: ffffffffffffffda RBX: 00007f84d52931f0 RCX: 00007f84d5172db9 [ 51.545240][ T466] RDX: 0000000000002020 RSI: 0000000020002140 RDI: 0000000000000003 [ 51.554410][ T466] RBP: 00007f84d51cfad0 R08: 0000000000000000 R09: 0000000000000000 [ 51.562371][ T466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 51.570659][ T466] R13: 000000000000006e R14: 00007f84d52931f0 R15: 00007ffca0e37278 [ 51.578572][ T466] [ 51.581567][ T466] [ 51.583677][ T466] Allocated by task 458: [ 51.587947][ T466] kasan_save_stack+0x26/0x50 [ 51.592467][ T466] __kasan_kmalloc+0xae/0xe0 [ 51.596882][ T466] __kmalloc+0x2d5/0x4e0 [ 51.600947][ T466] __d_alloc+0x593/0x8a0 [ 51.605029][ T466] d_alloc+0x3c/0x210 [ 51.608940][ T466] d_alloc_parallel+0xdc/0x1090 [ 51.613628][ T466] __lookup_slow+0x106/0x3d0 [ 51.618164][ T466] walk_component+0x3a1/0x690 [ 51.622796][ T466] path_lookupat+0x11f/0x6b0 [ 51.627367][ T466] filename_lookup+0x192/0x510 [ 51.631965][ T466] user_path_at_empty+0x3a/0x60 [ 51.637012][ T466] __x64_sys_mount+0x1a0/0x280 [ 51.641583][ T466] do_syscall_64+0x35/0xb0 [ 51.645843][ T466] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 51.651648][ T466] [ 51.653833][ T466] Freed by task 301: [ 51.657557][ T466] kasan_save_stack+0x26/0x50 [ 51.662153][ T466] kasan_set_track+0x25/0x30 [ 51.667157][ T466] kasan_set_free_info+0x24/0x40 [ 51.672350][ T466] __kasan_slab_free+0x111/0x150 [ 51.677562][ T466] slab_free_freelist_hook+0x94/0x1a0 [ 51.683028][ T466] kmem_cache_free_bulk+0x3be/0x7a0 [ 51.688148][ T466] kfree_rcu_work+0x418/0x8b0 [ 51.692666][ T466] process_one_work+0x62c/0xec0 [ 51.697352][ T466] worker_thread+0x48e/0xdb0 [ 51.701776][ T466] kthread+0x324/0x3e0 [ 51.705676][ T466] ret_from_fork+0x1f/0x30 [ 51.709939][ T466] [ 51.712099][ T466] Last potentially related work creation: [ 51.717654][ T466] kasan_save_stack+0x26/0x50 [ 51.722167][ T466] __kasan_record_aux_stack+0xd8/0xf0 [ 51.727462][ T466] kasan_record_aux_stack_noalloc+0xb/0x10 [ 51.733290][ T466] kvfree_call_rcu+0x98/0x8e0 [ 51.737969][ T466] __d_move+0x3f1/0x13a0 [ 51.742041][ T466] d_splice_alias+0x8a7/0xb40 [ 51.746815][ T466] fuse_lookup+0x5a6/0x15a0 [ 51.751245][ T466] __lookup_slow+0x19b/0x3d0 [ 51.755671][ T466] walk_component+0x3a1/0x690 [ 51.760179][ T466] link_path_walk.part.0+0x57b/0xb30 [ 51.765392][ T466] path_parentat+0x8f/0x160 [ 51.769728][ T466] filename_parentat+0x192/0x550 [ 51.774690][ T466] filename_create+0x93/0x3e0 [ 51.779875][ T466] do_mkdirat+0x9c/0x2c0 [ 51.784040][ T466] __x64_sys_mkdir+0xd5/0x120 [ 51.788726][ T466] do_syscall_64+0x35/0xb0 [ 51.793333][ T466] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 51.799394][ T466] [ 51.801654][ T466] The buggy address belongs to the object at ffff88811eec4400 [ 51.801654][ T466] which belongs to the cache kmalloc-rcl-512 of size 512 [ 51.816304][ T466] The buggy address is located 16 bytes inside of [ 51.816304][ T466] 512-byte region [ffff88811eec4400, ffff88811eec4600) [ 51.829658][ T466] The buggy address belongs to the page: [ 51.835135][ T466] page:ffffea00047bb100 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11eec4 [ 51.846322][ T466] head:ffffea00047bb100 order:2 compound_mapcount:0 compound_pincount:0 [ 51.854906][ T466] flags: 0x4000000000010200(slab|head|zone=1) [ 51.860935][ T466] raw: 4000000000010200 0000000000000000 dead000000000122 ffff88810004c300 [ 51.869394][ T466] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 51.877764][ T466] page dumped because: kasan: bad access detected [ 51.884010][ T466] page_owner tracks the page as allocated [ 51.889713][ T466] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0x1d20d0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 385, ts 49026361868, free_ts 0 [ 51.911268][ T466] prep_new_page+0x1a2/0x310 [ 51.915682][ T466] get_page_from_freelist+0x1ce2/0x30a0 [ 51.921057][ T466] __alloc_pages+0x217/0x2330 [ 51.925570][ T466] allocate_slab+0x39d/0x530 [ 51.929992][ T466] ___slab_alloc.constprop.0+0x3ca/0x890 [ 51.935547][ T466] __slab_alloc.constprop.0+0x42/0x80 [ 51.941103][ T466] __kmalloc+0x49f/0x4e0 [ 51.945188][ T466] __d_alloc+0x593/0x8a0 [ 51.949263][ T466] d_alloc+0x3c/0x210 [ 51.953179][ T466] d_alloc_parallel+0xdc/0x1090 [ 51.957966][ T466] __lookup_slow+0x106/0x3d0 [ 51.962389][ T466] walk_component+0x3a1/0x690 [ 51.967089][ T466] path_lookupat+0x11f/0x6b0 [ 51.971497][ T466] filename_lookup+0x192/0x510 [ 51.976102][ T466] user_path_at_empty+0x3a/0x60 [ 51.980816][ T466] __x64_sys_mount+0x1a0/0x280 [ 51.985907][ T466] page_owner free stack trace missing [ 51.991116][ T466] [ 51.993282][ T466] Memory state around the buggy address: [ 51.998764][ T466] ffff88811eec4300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 52.006665][ T466] ffff88811eec4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 52.014818][ T466] >ffff88811eec4400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 52.022708][ T466] ^ [ 52.027154][ T466] ffff88811eec4480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 52.035206][ T466] ffff88811eec4500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 52.043893][ T466] ================================================================== [ 52.052254][ T466] Disabling lock debugging due to kernel taint 2023/10/18 05:16:11 executed programs: 23 2023/10/18 05:16:16 executed programs: 59