Warning: Permanently added '10.128.1.72' (ED25519) to the list of known hosts. 2024/05/21 03:53:14 ignoring optional flag "sandboxArg"="0" 2024/05/21 03:53:14 parsed 1 programs [ 52.800433][ T29] kauditd_printk_skb: 78 callbacks suppressed [ 52.800447][ T29] audit: type=1400 audit(1716263594.354:154): avc: denied { mounton } for pid=349 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 52.831913][ T29] audit: type=1400 audit(1716263594.354:155): avc: denied { mount } for pid=349 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 52.855416][ T29] audit: type=1400 audit(1716263594.354:156): avc: denied { setattr } for pid=349 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 52.878813][ T29] audit: type=1400 audit(1716263594.354:157): avc: denied { read write } for pid=349 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 52.905733][ T29] audit: type=1400 audit(1716263594.354:158): avc: denied { open } for pid=349 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" 2024/05/21 03:53:14 executed programs: 0 [ 52.933226][ T29] audit: type=1400 audit(1716263594.494:159): avc: denied { unlink } for pid=349 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 52.960381][ T29] audit: type=1400 audit(1716263594.504:160): avc: denied { relabelto } for pid=350 comm="mkswap" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 52.970224][ T349] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 53.116088][ T365] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.123048][ T365] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.130159][ T365] device bridge_slave_0 entered promiscuous mode [ 53.145213][ T365] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.152159][ T365] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.159442][ T365] device bridge_slave_1 entered promiscuous mode [ 53.174151][ T366] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.181772][ T366] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.188955][ T366] device bridge_slave_0 entered promiscuous mode [ 53.196020][ T366] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.203289][ T366] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.210596][ T366] device bridge_slave_1 entered promiscuous mode [ 53.227673][ T364] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.234802][ T364] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.242008][ T364] device bridge_slave_0 entered promiscuous mode [ 53.257991][ T364] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.265048][ T364] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.272521][ T364] device bridge_slave_1 entered promiscuous mode [ 53.322120][ T363] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.329335][ T363] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.336812][ T363] device bridge_slave_0 entered promiscuous mode [ 53.343615][ T363] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.350634][ T363] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.357957][ T363] device bridge_slave_1 entered promiscuous mode [ 53.373212][ T362] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.380057][ T362] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.387967][ T362] device bridge_slave_0 entered promiscuous mode [ 53.403497][ T362] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.410487][ T362] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.417812][ T362] device bridge_slave_1 entered promiscuous mode [ 53.525230][ T365] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.532350][ T365] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.576075][ T364] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.583081][ T364] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.590177][ T364] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.596972][ T364] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.616927][ T366] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.623815][ T366] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.631055][ T366] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.637902][ T366] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.647387][ T362] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.654515][ T362] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.661716][ T362] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.668567][ T362] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.682708][ T363] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.689676][ T363] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.696968][ T363] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.703739][ T363] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.731439][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 53.739641][ T6] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.747110][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 53.754456][ T6] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.762571][ T6] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.769864][ T6] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.777061][ T6] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.784148][ T6] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.791079][ T6] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.798440][ T6] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.805706][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 53.813977][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 53.821507][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 53.828834][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 53.836948][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 53.844974][ T6] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.851831][ T6] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.882454][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 53.890929][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 53.899246][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 53.907459][ T6] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.914712][ T6] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.922612][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 53.930614][ T6] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.937549][ T6] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.944678][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 53.952401][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 53.960258][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 53.968373][ T6] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.975826][ T6] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.982970][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 53.990879][ T6] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.997659][ T6] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.004950][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 54.016543][ T6] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.023382][ T6] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.030632][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 54.038850][ T6] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.045816][ T6] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.053369][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 54.071259][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.079345][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 54.087710][ T307] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.094683][ T307] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.102292][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 54.110229][ T307] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.117581][ T307] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.125331][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 54.133243][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 54.151249][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 54.159070][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 54.167059][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 54.176166][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 54.184354][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 54.192434][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 54.204674][ T364] device veth0_vlan entered promiscuous mode [ 54.211438][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 54.219258][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 54.227390][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 54.235219][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 54.242869][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 54.250749][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 54.272500][ T363] device veth0_vlan entered promiscuous mode [ 54.279353][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 54.286894][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 54.294286][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 54.302431][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 54.310614][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 54.319010][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 54.326853][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 54.335421][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 54.343467][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 54.351026][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 54.359058][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 54.366327][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 54.374662][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 54.381898][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 54.389778][ T366] device veth0_vlan entered promiscuous mode [ 54.396791][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 54.405000][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 54.418425][ T363] device veth1_macvtap entered promiscuous mode [ 54.427214][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 54.435422][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 54.443417][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 54.453528][ T364] device veth1_macvtap entered promiscuous mode [ 54.466048][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 54.474577][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 54.482510][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 54.490023][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 54.498263][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 54.506635][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 54.514840][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 54.523213][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 54.531151][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 54.540940][ T362] device veth0_vlan entered promiscuous mode [ 54.551393][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 54.559034][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 54.566913][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 54.575746][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 54.583990][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 54.592284][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 54.600472][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 54.608701][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 54.616791][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 54.624625][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 54.636883][ T362] device veth1_macvtap entered promiscuous mode [ 54.644938][ T366] device veth1_macvtap entered promiscuous mode [ 54.651753][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 54.659231][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 54.666675][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 54.674205][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 54.681697][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 54.689008][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 54.697761][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 54.705915][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 54.715047][ T365] device veth0_vlan entered promiscuous mode [ 54.733818][ T29] audit: type=1400 audit(1716263596.294:161): avc: denied { bind } for pid=385 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 54.761346][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 54.770865][ T38] ================================================================== [ 54.776427][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 54.779004][ T38] BUG: KASAN: use-after-free in _raw_spin_lock_bh+0x78/0x110 [ 54.794294][ T38] Write of size 4 at addr ffff88810c3dba88 by task kworker/0:1/38 [ 54.796828][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 54.802175][ T38] [ 54.802188][ T38] CPU: 0 PID: 38 Comm: kworker/0:1 Not tainted 5.15.149-syzkaller #0 [ 54.802196][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 54.802204][ T38] Workqueue: vsock-loopback vsock_loopback_work [ 54.814876][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 54.820302][ T38] [ 54.846457][ T38] Call Trace: [ 54.846521][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 54.849562][ T38] [ 54.858492][ T29] audit: type=1400 audit(1716263596.294:162): avc: denied { listen } for pid=385 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 54.861448][ T38] dump_stack_lvl+0x38/0x49 [ 54.861462][ T38] print_address_description.constprop.0+0x24/0x160 [ 54.861471][ T38] ? _raw_spin_lock_bh+0x78/0x110 [ 54.891502][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 54.892742][ T38] kasan_report.cold+0x82/0xdb [ 54.898069][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 54.906748][ T38] ? _raw_spin_lock_bh+0x78/0x110 [ 54.906767][ T38] kasan_check_range+0x148/0x190 [ 54.906775][ T38] __kasan_check_write+0x14/0x20 [ 54.906780][ T38] _raw_spin_lock_bh+0x78/0x110 [ 54.906786][ T38] ? _raw_write_lock_irq+0xd0/0xd0 [ 54.906792][ T38] ? __local_bh_enable_ip+0x28/0x60 [ 54.925734][ T29] audit: type=1400 audit(1716263596.294:163): avc: denied { connect } for pid=385 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 54.930401][ T38] ? _raw_spin_unlock_bh+0x45/0x60 [ 54.944420][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 54.946411][ T38] virtio_transport_recv_pkt+0x391/0x2040 [ 54.990382][ T38] ? virtio_transport_reset_no_sock.isra.0+0x380/0x380 [ 54.997068][ T38] ? __kasan_check_write+0x14/0x20 [ 55.002157][ T38] ? virtio_transport_do_socket_init+0x320/0x320 [ 55.008380][ T38] ? vsock_deliver_tap+0x30/0x240 [ 55.013342][ T38] vsock_loopback_work+0x233/0x450 [ 55.018380][ T38] ? vsock_loopback_send_pkt+0x130/0x130 [ 55.024006][ T38] ? __kasan_check_read+0x11/0x20 [ 55.028886][ T38] ? strscpy+0x94/0x280 [ 55.032939][ T38] process_one_work+0x62c/0xec0 [ 55.037649][ T38] ? mutex_unlock+0x7e/0x240 [ 55.042166][ T38] worker_thread+0x48e/0xdb0 [ 55.046586][ T38] ? rescuer_thread+0xc30/0xc30 [ 55.051352][ T38] kthread+0x324/0x3e0 [ 55.055285][ T38] ? set_kthread_struct+0x100/0x100 [ 55.060411][ T38] ret_from_fork+0x1f/0x30 [ 55.064846][ T38] [ 55.067709][ T38] [ 55.069959][ T38] Allocated by task 386: [ 55.074145][ T38] kasan_save_stack+0x26/0x50 [ 55.079304][ T38] __kasan_kmalloc+0xae/0xe0 [ 55.083714][ T38] kmem_cache_alloc_trace+0xbb/0x490 [ 55.088943][ T38] virtio_transport_do_socket_init+0x46/0x320 [ 55.094824][ T38] vsock_assign_transport+0x385/0x5b0 [ 55.100034][ T38] vsock_connect+0x285/0xba0 [ 55.104461][ T38] __sys_connect_file+0x136/0x190 [ 55.109327][ T38] __sys_connect+0x101/0x130 [ 55.113744][ T38] __x64_sys_connect+0x6e/0xb0 [ 55.118412][ T38] do_syscall_64+0x35/0xb0 [ 55.122598][ T38] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 55.128335][ T38] [ 55.130583][ T38] Freed by task 386: [ 55.134317][ T38] kasan_save_stack+0x26/0x50 [ 55.139000][ T38] kasan_set_track+0x25/0x30 [ 55.143680][ T38] kasan_set_free_info+0x24/0x40 [ 55.148427][ T38] __kasan_slab_free+0x111/0x150 [ 55.153204][ T38] slab_free_freelist_hook+0x94/0x1a0 [ 55.158410][ T38] kfree+0xc2/0x260 [ 55.162053][ T38] virtio_transport_destruct+0x32/0x40 [ 55.167470][ T38] vsock_assign_transport+0x285/0x5b0 [ 55.172845][ T38] vsock_connect+0x285/0xba0 [ 55.177359][ T38] __sys_connect_file+0x136/0x190 [ 55.182405][ T38] __sys_connect+0x101/0x130 [ 55.187107][ T38] __x64_sys_connect+0x6e/0xb0 [ 55.191794][ T38] do_syscall_64+0x35/0xb0 [ 55.196139][ T38] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 55.201871][ T38] [ 55.204049][ T38] The buggy address belongs to the object at ffff88810c3dba80 [ 55.204049][ T38] which belongs to the cache kmalloc-96 of size 96 [ 55.218003][ T38] The buggy address is located 8 bytes inside of [ 55.218003][ T38] 96-byte region [ffff88810c3dba80, ffff88810c3dbae0) [ 55.231081][ T38] The buggy address belongs to the page: [ 55.236628][ T38] page:ffffea000430f6c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10c3db [ 55.247003][ T38] flags: 0x4000000000000200(slab|zone=1) [ 55.252440][ T38] raw: 4000000000000200 ffffea00040c6700 0000000300000003 ffff888100042900 [ 55.260874][ T38] raw: 0000000000000000 0000000000200020 00000001ffffffff 0000000000000000 [ 55.269489][ T38] page dumped because: kasan: bad access detected [ 55.275967][ T38] page_owner tracks the page as allocated [ 55.281543][ T38] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 87, ts 3432767874, free_ts 0 [ 55.296267][ T38] prep_new_page+0x1a2/0x310 [ 55.300781][ T38] get_page_from_freelist+0x1ce2/0x30a0 [ 55.306243][ T38] __alloc_pages+0x2d1/0x2620 [ 55.310931][ T38] allocate_slab+0x39d/0x530 [ 55.315543][ T38] ___slab_alloc.constprop.0+0x3ca/0x890 [ 55.321104][ T38] __slab_alloc.constprop.0+0x42/0x80 [ 55.326572][ T38] kmem_cache_alloc_trace+0x456/0x490 [ 55.331776][ T38] mm_init+0x4ad/0xc80 [ 55.335865][ T38] mm_alloc+0x93/0xb0 [ 55.339672][ T38] alloc_bprm+0x177/0x900 [ 55.344123][ T38] do_execveat_common+0x1e6/0x7b0 [ 55.348964][ T38] __x64_sys_execve+0x8a/0xb0 [ 55.353471][ T38] do_syscall_64+0x35/0xb0 [ 55.357824][ T38] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 55.363629][ T38] page_owner free stack trace missing [ 55.368938][ T38] [ 55.371104][ T38] Memory state around the buggy address: [ 55.376771][ T38] ffff88810c3db980: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 55.384835][ T38] ffff88810c3dba00: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 55.392817][ T38] >ffff88810c3dba80: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 55.400815][ T38] ^ [ 55.405062][ T38] ffff88810c3dbb00: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 55.413055][ T38] ffff88810c3dbb80: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 55.421186][ T38] ================================================================== [ 55.429250][ T38] Disabling lock debugging due to kernel taint 2024/05/21 03:53:22 executed programs: 7