Warning: Permanently added '10.128.1.53' (ED25519) to the list of known hosts. 2024/06/05 06:10:50 ignoring optional flag "sandboxArg"="0" 2024/06/05 06:10:50 parsed 1 programs [ 49.938438][ T2351] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 50.069860][ T1274] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 50.077105][ T1274] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 50.084440][ T1274] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 50.092311][ T1274] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 50.099964][ T1274] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 50.107214][ T1274] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 50.171216][ T2392] modprobe (2392) used greatest stack depth: 21080 bytes left [ 50.595934][ T2427] chnl_net:caif_netlink_parms(): no params data found [ 51.746837][ T2427] 8021q: adding VLAN 0 to HW filter on device bond0 [ 52.509876][ T2427] 8021q: adding VLAN 0 to HW filter on device batadv0 2024/06/05 06:10:55 executed programs: 0 [ 53.999590][ T2841] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 54.006963][ T2841] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 54.014744][ T2841] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 54.014758][ T2844] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 54.029778][ T2844] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 54.032591][ T2841] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 54.044440][ T2844] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 54.044951][ T2841] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 54.059726][ T2841] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 54.067025][ T2844] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 54.074445][ T2844] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 54.081696][ T45] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 54.089034][ T45] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 54.096751][ T2851] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 54.098830][ T45] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 54.104069][ T2851] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 54.111169][ T45] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 54.118417][ T1274] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 54.130389][ T1906] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 54.132390][ T1274] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 54.139535][ T1132] bond0 (unregistering): Released all slaves [ 54.146881][ T2854] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 54.159681][ T1906] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 54.161336][ T1274] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 54.167111][ T1906] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 54.173859][ T2854] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 54.181075][ T1906] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 54.187967][ T1274] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 54.201793][ T2854] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 54.208899][ T2854] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 54.216051][ T1274] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 54.708329][ T2838] chnl_net:caif_netlink_parms(): no params data found [ 54.772541][ T2850] chnl_net:caif_netlink_parms(): no params data found [ 54.784946][ T2847] chnl_net:caif_netlink_parms(): no params data found [ 54.806078][ T2837] chnl_net:caif_netlink_parms(): no params data found [ 54.822729][ T2845] chnl_net:caif_netlink_parms(): no params data found [ 56.237913][ T2854] Bluetooth: hci3: command 0x0409 tx timeout [ 56.244033][ T2854] Bluetooth: hci2: command 0x0409 tx timeout [ 56.250472][ T1274] Bluetooth: hci1: command 0x0409 tx timeout [ 56.256474][ T1274] Bluetooth: hci0: command 0x0409 tx timeout [ 56.317805][ T1274] Bluetooth: hci4: command 0x0409 tx timeout [ 58.318461][ T1274] Bluetooth: hci0: command 0x041b tx timeout [ 58.324581][ T1274] Bluetooth: hci2: command 0x041b tx timeout [ 58.330870][ T2854] Bluetooth: hci1: command 0x041b tx timeout [ 58.337055][ T2854] Bluetooth: hci3: command 0x041b tx timeout [ 58.397882][ T1274] Bluetooth: hci4: command 0x041b tx timeout [ 59.505283][ T2847] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.632445][ T2838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.817178][ T2850] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.886509][ T2837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.902259][ T2845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.400671][ T1274] Bluetooth: hci2: command 0x040f tx timeout [ 60.400696][ T2854] Bluetooth: hci3: command 0x040f tx timeout [ 60.406666][ T1274] Bluetooth: hci1: command 0x040f tx timeout [ 60.412661][ T2848] Bluetooth: hci0: command 0x040f tx timeout [ 60.487842][ T2854] Bluetooth: hci4: command 0x040f tx timeout [ 62.486587][ T2854] Bluetooth: hci1: command 0x0419 tx timeout [ 62.493063][ T2848] Bluetooth: hci3: command 0x0419 tx timeout [ 62.497827][ T2841] Bluetooth: hci2: command 0x0419 tx timeout [ 62.500187][ T2848] Bluetooth: hci0: command 0x0419 tx timeout [ 62.559742][ T2848] Bluetooth: hci4: command 0x0419 tx timeout [ 62.890231][ T2838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.939662][ T2847] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.023857][ T2850] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.192754][ T2845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.336193][ T2837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 69.376186][ T4799] loop2: detected capacity change from 0 to 32768 [ 69.421767][ T4799] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (4799) [ 69.468502][ T4799] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 69.478880][ T4799] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 69.487639][ T4799] BTRFS info (device loop2): using free-space-tree [ 69.611637][ T4827] loop3: detected capacity change from 0 to 32768 [ 69.640050][ T4799] BTRFS info (device loop2): setting incompat feature flag for SIMPLE_QUOTA (0x10000) [ 69.650252][ T4827] BTRFS: device /dev/loop3 (7:3) using temp-fsid e932b51c-41a7-431e-9e76-0bf9a46db81c 2024/06/05 06:11:10 executed programs: 5 [ 69.659892][ T4827] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (4827) [ 69.687591][ T4843] loop4: detected capacity change from 0 to 32768 [ 69.711909][ T4827] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 69.715293][ T2838] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 69.722234][ T4827] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 69.741012][ T4827] BTRFS info (device loop3): using free-space-tree [ 69.754382][ T4845] loop0: detected capacity change from 0 to 32768 [ 69.760009][ T4843] BTRFS: device /dev/loop4 (7:4) using temp-fsid 710f994b-c7c4-42d0-8c6d-1f39ed1395ee [ 69.770458][ T4843] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (4843) [ 69.804152][ T4843] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 69.814606][ T4843] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 69.823419][ T4843] BTRFS info (device loop4): using free-space-tree [ 69.830382][ T4845] BTRFS: device /dev/loop0 (7:0) using temp-fsid 38dce08b-99b8-4b50-9839-b8332f62bb02 [ 69.840188][ T4845] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (4845) [ 69.868647][ T4845] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 69.878909][ T4845] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 69.887571][ T4845] BTRFS info (device loop0): using free-space-tree [ 70.043101][ T4853] loop1: detected capacity change from 0 to 32768 [ 70.052452][ T4843] BTRFS info (device loop4): setting incompat feature flag for SIMPLE_QUOTA (0x10000) [ 70.060021][ T4827] BTRFS info (device loop3): setting incompat feature flag for SIMPLE_QUOTA (0x10000) [ 70.070844][ T4853] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (4853) [ 70.086253][ T2850] BTRFS info (device loop4): last unmount of filesystem 710f994b-c7c4-42d0-8c6d-1f39ed1395ee [ 70.102677][ T4853] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 70.113944][ T4853] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 70.122683][ T4853] BTRFS info (device loop1): using free-space-tree [ 70.129785][ T2847] BTRFS info (device loop3): last unmount of filesystem e932b51c-41a7-431e-9e76-0bf9a46db81c [ 70.157334][ T4845] BTRFS info (device loop0): setting incompat feature flag for SIMPLE_QUOTA (0x10000) [ 70.199026][ T2845] BTRFS info (device loop0): last unmount of filesystem 38dce08b-99b8-4b50-9839-b8332f62bb02 [ 70.337482][ T4853] BTRFS info (device loop1): setting incompat feature flag for SIMPLE_QUOTA (0x10000) [ 70.411455][ T2837] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 70.683556][ T4930] loop2: detected capacity change from 0 to 32768 [ 70.708591][ T4930] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (4930) [ 70.756197][ T4930] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 70.766518][ T4930] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 70.775276][ T4930] BTRFS info (device loop2): using free-space-tree [ 70.940310][ T4930] BTRFS info (device loop2): setting incompat feature flag for SIMPLE_QUOTA (0x10000) [ 70.970726][ T4945] loop0: detected capacity change from 0 to 32768 [ 70.991559][ T4945] BTRFS: device /dev/loop0 (7:0) using temp-fsid 090bb9e2-5e0f-41d5-8772-16076e4128e7 [ 71.001325][ T4945] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (4945) [ 71.029253][ T2838] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 71.039585][ T4945] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 71.049991][ T4945] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 71.058805][ T4945] BTRFS info (device loop0): using free-space-tree [ 71.072122][ T4949] loop3: detected capacity change from 0 to 32768 [ 71.117838][ T4949] BTRFS: device /dev/loop3 (7:3) using temp-fsid 4c0e10e0-a631-4880-9eb9-fda064a94e00 [ 71.127482][ T4949] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (4949) [ 71.153808][ T4947] loop4: detected capacity change from 0 to 32768 [ 71.155886][ T4949] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 71.170671][ T4949] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 71.179377][ T4949] BTRFS info (device loop3): using free-space-tree [ 71.190062][ T4947] BTRFS: device /dev/loop4 (7:4) using temp-fsid f31f1433-3e96-4160-9e1e-c70d04de97fe [ 71.199889][ T4947] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (4947) [ 71.261730][ T4947] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 71.272093][ T4947] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 71.280773][ T4947] BTRFS info (device loop4): using free-space-tree [ 71.352144][ T4951] loop1: detected capacity change from 0 to 32768 [ 71.373289][ T4949] BTRFS info (device loop3): setting incompat feature flag for SIMPLE_QUOTA (0x10000) [ 71.383717][ T4945] BTRFS info (device loop0): setting incompat feature flag for SIMPLE_QUOTA (0x10000) [ 71.408754][ T2847] BTRFS info (device loop3): last unmount of filesystem 4c0e10e0-a631-4880-9eb9-fda064a94e00 [ 71.438423][ T4951] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (4951) [ 71.503800][ T2845] BTRFS info (device loop0): last unmount of filesystem 090bb9e2-5e0f-41d5-8772-16076e4128e7 [ 71.574467][ T4951] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 71.585101][ T4951] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 71.594099][ T4951] BTRFS info (device loop1): using free-space-tree [ 71.605693][ T4947] BTRFS info (device loop4): setting incompat feature flag for SIMPLE_QUOTA (0x10000) [ 71.619511][ T5021] ================================================================== [ 71.627943][ T5021] BUG: KASAN: slab-out-of-bounds in btrfs_qgroup_inherit+0x426/0x2a70 [ 71.636118][ T5021] Read of size 8 at addr ffff88810deff5d0 by task syz-executor.4/5021 [ 71.644262][ T5021] [ 71.646592][ T5021] CPU: 0 PID: 5021 Comm: syz-executor.4 Not tainted 6.8.0-rc7-syzkaller #0 [ 71.655172][ T5021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 71.665223][ T5021] Call Trace: [ 71.668504][ T5021] [ 71.671431][ T5021] dump_stack_lvl+0xf8/0x260 [ 71.676015][ T5021] ? __pfx_dump_stack_lvl+0x10/0x10 [ 71.681292][ T5021] ? __pfx__printk+0x10/0x10 [ 71.685878][ T5021] ? __virt_addr_valid+0x141/0x260 [ 71.690991][ T5021] ? __virt_addr_valid+0x219/0x260 [ 71.696278][ T5021] print_report+0x167/0x540 [ 71.700783][ T5021] ? __virt_addr_valid+0x141/0x260 [ 71.706319][ T5021] ? __virt_addr_valid+0x219/0x260 [ 71.711442][ T5021] ? btrfs_qgroup_inherit+0x426/0x2a70 [ 71.716883][ T5021] kasan_report+0x142/0x180 [ 71.721360][ T5021] ? btrfs_qgroup_inherit+0x426/0x2a70 [ 71.726799][ T5021] btrfs_qgroup_inherit+0x426/0x2a70 [ 71.732255][ T5021] ? __pfx_btrfs_insert_fs_root+0x10/0x10 [ 71.738038][ T5021] ? __pfx_btrfs_qgroup_inherit+0x10/0x10 [ 71.743918][ T5021] ? btrfs_get_root_ref+0x627/0xa10 [ 71.749116][ T5021] ? __pfx_btrfs_get_root_ref+0x10/0x10 [ 71.754636][ T5021] ? __pfx_btrfs_reloc_post_snapshot+0x10/0x10 [ 71.760958][ T5021] create_pending_snapshot+0x127f/0x26e0 [ 71.766633][ T5021] ? __pfx_create_pending_snapshot+0x10/0x10 [ 71.772594][ T5021] ? __mutex_unlock_slowpath+0x2f/0x5c0 [ 71.778146][ T5021] ? btrfs_commit_transaction+0xfab/0x3820 [ 71.783922][ T5021] ? __pfx___mutex_lock+0x10/0x10 [ 71.789011][ T5021] create_pending_snapshots+0x86/0x1a0 [ 71.794451][ T5021] ? btrfs_commit_transaction+0x170/0x3820 [ 71.800226][ T5021] btrfs_commit_transaction+0xfb3/0x3820 [ 71.805921][ T5021] ? btrfs_commit_transaction+0x170/0x3820 [ 71.811713][ T5021] ? __pfx_btrfs_commit_transaction+0x10/0x10 [ 71.817750][ T5021] ? __pfx_lock_release+0x10/0x10 [ 71.822830][ T5021] ? do_raw_spin_lock+0x14d/0x3b0 [ 71.827835][ T5021] ? do_raw_spin_unlock+0x13b/0x8b0 [ 71.833015][ T5021] ? _raw_spin_unlock+0x28/0x50 [ 71.837840][ T5021] ? btrfs_qgroup_convert_reserved_meta+0x898/0xa30 [ 71.844400][ T5021] ? __pfx_btrfs_qgroup_convert_reserved_meta+0x10/0x10 [ 71.851312][ T5021] ? btrfs_record_root_in_trans+0xd8/0x130 [ 71.857199][ T5021] create_snapshot+0x517/0x860 [ 71.861939][ T5021] btrfs_mksubvol+0x4d4/0x630 [ 71.866601][ T5021] ? __pfx_btrfs_mksubvol+0x10/0x10 [ 71.871772][ T5021] ? __fget_files+0x252/0x2b0 [ 71.876433][ T5021] btrfs_mksnapshot+0x98/0xe0 [ 71.881096][ T5021] __btrfs_ioctl_snap_create+0x2c1/0x3a0 [ 71.886699][ T5021] btrfs_ioctl_snap_create_v2+0x185/0x310 [ 71.892399][ T5021] btrfs_ioctl+0x8e0/0xaa0 [ 71.896875][ T5021] __se_sys_ioctl+0xab/0xf0 [ 71.901350][ T5021] do_syscall_64+0x94/0x1a0 [ 71.905913][ T5021] entry_SYSCALL_64_after_hwframe+0x6f/0x77 [ 71.911782][ T5021] RIP: 0033:0x7effb927cee9 [ 71.916170][ T5021] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 71.935753][ T5021] RSP: 002b:00007effb9f1c0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 71.944336][ T5021] RAX: ffffffffffffffda RBX: 00007effb93b4050 RCX: 00007effb927cee9 [ 71.952549][ T5021] RDX: 0000000020000280 RSI: 0000000050009417 RDI: 0000000000000003 [ 71.960523][ T5021] RBP: 00007effb92da6fe R08: 0000000000000000 R09: 0000000000000000 [ 71.968563][ T5021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 71.976525][ T5021] R13: 000000000000006e R14: 00007effb93b4050 R15: 00007fff59317a98 [ 71.984776][ T5021] [ 71.987779][ T5021] [ 71.990097][ T5021] Allocated by task 5021: [ 71.994392][ T5021] kasan_save_track+0x3f/0x80 [ 71.999048][ T5021] __kasan_kmalloc+0x98/0xb0 [ 72.003613][ T5021] __kmalloc_node_track_caller+0x22a/0x4b0 [ 72.009390][ T5021] memdup_user+0x26/0x80 [ 72.013627][ T5021] btrfs_ioctl_snap_create_v2+0x29f/0x310 [ 72.019314][ T5021] btrfs_ioctl+0x8e0/0xaa0 [ 72.023697][ T5021] __se_sys_ioctl+0xab/0xf0 [ 72.028165][ T5021] do_syscall_64+0x94/0x1a0 [ 72.032635][ T5021] entry_SYSCALL_64_after_hwframe+0x6f/0x77 [ 72.038495][ T5021] [ 72.040793][ T5021] The buggy address belongs to the object at ffff88810deff580 [ 72.040793][ T5021] which belongs to the cache kmalloc-96 of size 96 [ 72.054637][ T5021] The buggy address is located 0 bytes to the right of [ 72.054637][ T5021] allocated 80-byte region [ffff88810deff580, ffff88810deff5d0) [ 72.069096][ T5021] [ 72.071401][ T5021] The buggy address belongs to the physical page: [ 72.077789][ T5021] page:ffffea000437bfc0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10deff [ 72.088177][ T5021] flags: 0x100000000000800(slab|node=0|zone=2) [ 72.094383][ T5021] page_type: 0xffffffff() [ 72.098680][ T5021] raw: 0100000000000800 ffff888100041780 dead000000000122 0000000000000000 [ 72.107415][ T5021] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 72.116428][ T5021] page dumped because: kasan: bad access detected [ 72.123081][ T5021] page_owner tracks the page as allocated [ 72.128807][ T5021] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL), pid 4800, tgid 4800 (udevd), ts 71434621083, free_ts 71381049624 [ 72.147798][ T5021] post_alloc_hook+0x10f/0x130 [ 72.152540][ T5021] get_page_from_freelist+0x3e5f/0x4080 [ 72.158054][ T5021] __alloc_pages+0x255/0x650 [ 72.162631][ T5021] alloc_slab_page+0x5f/0x160 [ 72.167275][ T5021] new_slab+0x70/0x270 [ 72.171310][ T5021] ___slab_alloc+0xa79/0x10b0 [ 72.175964][ T5021] __kmalloc+0x2ba/0x480 [ 72.180180][ T5021] tomoyo_encode+0xaa/0x490 [ 72.184650][ T5021] tomoyo_realpath_from_path+0x4a9/0x4e0 [ 72.190264][ T5021] tomoyo_path2_perm+0x349/0x9f0 [ 72.195217][ T5021] tomoyo_path_rename+0x169/0x1b0 [ 72.200238][ T5021] security_path_rename+0xeb/0x1a0 [ 72.205320][ T5021] do_renameat2+0x738/0x1010 [ 72.209978][ T5021] __x64_sys_rename+0x81/0x90 [ 72.214640][ T5021] do_syscall_64+0x94/0x1a0 [ 72.219218][ T5021] entry_SYSCALL_64_after_hwframe+0x6f/0x77 [ 72.225170][ T5021] page last free pid 4978 tgid 4978 stack trace: [ 72.231470][ T5021] free_unref_page_prepare+0x87f/0x9a0 [ 72.237104][ T5021] free_unref_page+0x37/0x3a0 [ 72.241748][ T5021] __slab_free+0x2fc/0x3c0 [ 72.246301][ T5021] qlist_free_all+0x5e/0xc0 [ 72.250951][ T5021] kasan_quarantine_reduce+0x14f/0x170 [ 72.256380][ T5021] __kasan_slab_alloc+0x23/0x80 [ 72.261200][ T5021] kmem_cache_alloc+0x15a/0x390 [ 72.266027][ T5021] getname_flags+0xa0/0x440 [ 72.270498][ T5021] do_sys_openat2+0xb0/0x180 [ 72.275056][ T5021] __x64_sys_openat+0x20d/0x260 [ 72.279882][ T5021] do_syscall_64+0x94/0x1a0 [ 72.284553][ T5021] entry_SYSCALL_64_after_hwframe+0x6f/0x77 [ 72.290418][ T5021] [ 72.292717][ T5021] Memory state around the buggy address: [ 72.298329][ T5021] ffff88810deff480: 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc [ 72.306357][ T5021] ffff88810deff500: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 72.314383][ T5021] >ffff88810deff580: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc [ 72.322428][ T5021] ^ [ 72.329178][ T5021] ffff88810deff600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 72.337213][ T5021] ffff88810deff680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 72.345414][ T5021] ================================================================== [ 72.353902][ T5021] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 72.361341][ T5021] Kernel Offset: disabled [ 72.365652][ T5021] Rebooting in 86400 seconds..