Warning: Permanently added '10.128.1.120' (ECDSA) to the list of known hosts. 2023/04/02 03:04:30 ignoring optional flag "sandboxArg"="0" 2023/04/02 03:04:31 parsed 1 programs 2023/04/02 03:04:31 executed programs: 0 [ 45.260462][ T30] kauditd_printk_skb: 65 callbacks suppressed [ 45.260471][ T30] audit: type=1400 audit(1680404671.099:137): avc: denied { mounton } for pid=374 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 45.292116][ T30] audit: type=1400 audit(1680404671.109:138): avc: denied { mount } for pid=374 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 45.425160][ T379] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.432028][ T379] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.439205][ T379] device bridge_slave_0 entered promiscuous mode [ 45.460697][ T379] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.467781][ T379] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.474752][ T379] device bridge_slave_1 entered promiscuous mode [ 45.485672][ T382] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.492496][ T382] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.499788][ T382] device bridge_slave_0 entered promiscuous mode [ 45.507435][ T382] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.514376][ T382] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.521813][ T382] device bridge_slave_1 entered promiscuous mode [ 45.531783][ T392] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.538774][ T392] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.546071][ T392] device bridge_slave_0 entered promiscuous mode [ 45.552553][ T385] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.559793][ T385] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.566925][ T385] device bridge_slave_0 entered promiscuous mode [ 45.577118][ T385] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.584135][ T385] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.591389][ T385] device bridge_slave_1 entered promiscuous mode [ 45.604299][ T392] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.611250][ T392] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.618293][ T392] device bridge_slave_1 entered promiscuous mode [ 45.655535][ T389] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.662543][ T389] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.670110][ T389] device bridge_slave_0 entered promiscuous mode [ 45.676687][ T390] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.683492][ T390] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.690749][ T390] device bridge_slave_0 entered promiscuous mode [ 45.709057][ T389] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.715912][ T389] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.723151][ T389] device bridge_slave_1 entered promiscuous mode [ 45.736860][ T390] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.743685][ T390] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.750927][ T390] device bridge_slave_1 entered promiscuous mode [ 45.814690][ T392] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.821622][ T392] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.828730][ T392] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.835509][ T392] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.880280][ T385] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.887134][ T385] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.894288][ T385] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.901112][ T385] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.920122][ T379] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.927056][ T379] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.934196][ T379] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.941052][ T379] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.960440][ T382] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.967294][ T382] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.974530][ T382] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.981474][ T382] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.997578][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.005013][ T338] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.012499][ T338] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.019787][ T338] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.027448][ T338] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.034608][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.042847][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.051145][ T338] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.058248][ T338] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.074338][ T392] device veth0_vlan entered promiscuous mode [ 46.081278][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 46.089731][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 46.097692][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 46.104920][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 46.112406][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 46.121137][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 46.155477][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.163921][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.172279][ T6] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.179165][ T6] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.187124][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.195177][ T6] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.202139][ T6] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.224462][ T385] device veth0_vlan entered promiscuous mode [ 46.237969][ T392] device veth1_macvtap entered promiscuous mode [ 46.245363][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 46.254331][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 46.262839][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 46.270731][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 46.278164][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 46.285592][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.292730][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.300664][ T338] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.307509][ T338] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.315239][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.323303][ T338] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.330225][ T338] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.337539][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 46.345342][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 46.362083][ T385] device veth1_macvtap entered promiscuous mode [ 46.371640][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 46.388862][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 46.396386][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.403610][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.411828][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.418895][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.426682][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 46.434409][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 46.442636][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.450684][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.457524][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.464790][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 46.472305][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.479697][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.487888][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.495811][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.502709][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.509928][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 46.518231][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.526143][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.532956][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.540215][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 46.548035][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 46.555972][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 46.588673][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 46.596192][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.604251][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.613378][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.621464][ T338] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.628308][ T338] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.635518][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 46.643650][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.651632][ T338] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.658485][ T338] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.666062][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 46.674150][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 46.682295][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 46.690109][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 46.697877][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 46.705693][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 46.713468][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 46.721271][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 46.729827][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 46.737978][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 46.746219][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 46.754205][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 46.762399][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 46.770686][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 46.778500][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 46.786385][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 46.794139][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 46.802302][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 46.810121][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 46.818399][ T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 46.832094][ T390] device veth0_vlan entered promiscuous mode [ 46.846234][ T382] device veth0_vlan entered promiscuous mode [ 46.857714][ T382] device veth1_macvtap entered promiscuous mode [ 46.867012][ T30] audit: type=1400 audit(1680404672.709:139): avc: denied { mount } for pid=385 comm="syz-executor.4" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 46.868080][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 46.898775][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 46.906944][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 46.915082][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 46.923447][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 46.930742][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 46.938182][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 46.946410][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 46.953828][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 46.961186][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 46.968468][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 46.976671][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 46.985252][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 46.993831][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 47.002671][ T390] device veth1_macvtap entered promiscuous mode [ 47.012057][ T389] device veth0_vlan entered promiscuous mode [ 47.027417][ T379] device veth0_vlan entered promiscuous mode [ 47.040814][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 47.053324][ T30] audit: type=1400 audit(1680404672.899:140): avc: denied { mounton } for pid=417 comm="syz-executor.4" path="/root/syzkaller-testdir3093591144/syzkaller.kyRw21/0/file0" dev="sda1" ino=1159 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 47.054538][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 47.091040][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 47.098967][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 47.107638][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 47.116054][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 47.124067][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 47.138860][ T389] device veth1_macvtap entered promiscuous mode [ 47.147862][ T379] device veth1_macvtap entered promiscuous mode [ 47.154749][ T414] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 47.163079][ T414] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 47.170940][ T414] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 47.178403][ T414] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 47.185912][ T414] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 47.193195][ T414] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 47.201115][ T414] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 47.209487][ T414] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 47.218664][ T414] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 47.227224][ T414] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 47.235385][ T414] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 47.243601][ T414] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 47.266988][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 47.275327][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 47.283648][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 47.292296][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 47.324572][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 47.333660][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 47.348385][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 47.356550][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 47.888788][ T30] audit: type=1400 audit(1680404673.729:141): avc: denied { unmount } for pid=385 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 2023/04/02 03:04:36 executed programs: 24 2023/04/02 03:04:41 executed programs: 60 2023/04/02 03:04:46 executed programs: 96 [ 60.756503][ T922] ================================================================== [ 60.764411][ T922] BUG: KASAN: use-after-free in fuse_copy_one+0x16f/0x350 [ 60.771789][ T922] Read of size 256 at addr ffff888125cafc10 by task syz-executor.0/922 [ 60.779978][ T922] [ 60.782145][ T922] CPU: 1 PID: 922 Comm: syz-executor.0 Not tainted 5.15.98-syzkaller #0 [ 60.790571][ T922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 60.800466][ T922] Call Trace: [ 60.803758][ T922] [ 60.806549][ T922] dump_stack_lvl+0x105/0x148 [ 60.811100][ T922] ? io_uring_drop_tctx_refs+0x14e/0x14e [ 60.816535][ T922] ? panic+0x4f8/0x4f8 [ 60.820429][ T922] print_address_description+0x87/0x3b0 [ 60.825944][ T922] kasan_report+0x179/0x1c0 [ 60.830281][ T922] ? fuse_copy_one+0x16f/0x350 [ 60.834879][ T922] ? fuse_copy_one+0x16f/0x350 [ 60.839572][ T922] kasan_check_range+0x293/0x2a0 [ 60.844343][ T922] ? fuse_copy_one+0x16f/0x350 [ 60.848943][ T922] memcpy+0x2d/0x70 [ 60.852673][ T922] fuse_copy_one+0x16f/0x350 [ 60.857106][ T922] fuse_copy_args+0x2d3/0x3a0 [ 60.861709][ T922] ? fuse_copy_one+0x192/0x350 [ 60.866389][ T922] fuse_dev_do_read+0xa29/0xf20 [ 60.871075][ T922] ? queue_interrupt+0x310/0x310 [ 60.876613][ T922] ? memset+0x35/0x40 [ 60.880406][ T922] ? __fsnotify_parent+0x104/0x590 [ 60.885366][ T922] fuse_dev_read+0x15d/0x1f0 [ 60.889781][ T922] ? fuse_dev_release+0x4d0/0x4d0 [ 60.894734][ T922] ? fsnotify_perm+0x34a/0x4a0 [ 60.899337][ T922] vfs_read+0x8e3/0xba0 [ 60.903333][ T922] ? kernel_read+0x130/0x130 [ 60.907766][ T922] ? __fget_files+0x261/0x290 [ 60.912272][ T922] ? __fdget_pos+0x14a/0x250 [ 60.916698][ T922] ksys_read+0x15c/0x240 [ 60.920782][ T922] ? vfs_write+0xd00/0xd00 [ 60.925040][ T922] __x64_sys_read+0x76/0x80 [ 60.929896][ T922] do_syscall_64+0x3d/0xb0 [ 60.934171][ T922] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 60.939974][ T922] RIP: 0033:0x7f32106d1639 [ 60.944234][ T922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 60.963760][ T922] RSP: 002b:00007f32101e2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 60.972092][ T922] RAX: ffffffffffffffda RBX: 00007f32107f21f0 RCX: 00007f32106d1639 [ 60.979945][ T922] RDX: 0000000000002020 RSI: 0000000020002140 RDI: 0000000000000003 [ 60.987911][ T922] RBP: 00007f321072cae9 R08: 0000000000000000 R09: 0000000000000000 [ 60.995718][ T922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 61.004175][ T922] R13: 00007ffd0ee57d5f R14: 00007f32101e2300 R15: 0000000000022000 [ 61.012238][ T922] [ 61.015182][ T922] [ 61.017363][ T922] Allocated by task 914: [ 61.021433][ T922] ____kasan_kmalloc+0xdb/0x110 [ 61.026127][ T922] __kasan_kmalloc+0x9/0x10 [ 61.030461][ T922] __kmalloc+0x13a/0x270 [ 61.034631][ T922] __d_alloc+0x95/0x650 [ 61.038747][ T922] d_alloc_parallel+0xd1/0xed0 [ 61.043507][ T922] __lookup_slow+0x149/0x360 [ 61.047950][ T922] lookup_slow+0x54/0x70 [ 61.052208][ T922] walk_component+0x3d2/0x540 [ 61.057098][ T922] path_lookupat+0x95/0x340 [ 61.061548][ T922] filename_lookup+0x22b/0x550 [ 61.066500][ T922] user_path_at_empty+0x38/0x150 [ 61.071344][ T922] __se_sys_mount+0x21f/0x2d0 [ 61.075885][ T922] __x64_sys_mount+0xba/0xd0 [ 61.080454][ T922] do_syscall_64+0x3d/0xb0 [ 61.084880][ T922] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 61.090698][ T922] [ 61.092869][ T922] Freed by task 412: [ 61.096614][ T922] kasan_set_track+0x4b/0x70 [ 61.102410][ T922] kasan_set_free_info+0x23/0x40 [ 61.107186][ T922] ____kasan_slab_free+0x126/0x160 [ 61.112328][ T922] __kasan_slab_free+0x11/0x20 [ 61.117010][ T922] slab_free_freelist_hook+0xbd/0x190 [ 61.122586][ T922] kmem_cache_free_bulk+0x552/0x700 [ 61.127612][ T922] kfree_rcu_work+0x2b2/0x6a0 [ 61.132215][ T922] process_one_work+0x635/0xa70 [ 61.136900][ T922] worker_thread+0x8bb/0xf40 [ 61.141323][ T922] kthread+0x3a1/0x480 [ 61.145228][ T922] ret_from_fork+0x1f/0x30 [ 61.149481][ T922] [ 61.151648][ T922] Last potentially related work creation: [ 61.157218][ T922] kasan_save_stack+0x3b/0x60 [ 61.162175][ T922] __kasan_record_aux_stack+0xd3/0xf0 [ 61.167395][ T922] kasan_record_aux_stack_noalloc+0xb/0x10 [ 61.173572][ T922] kvfree_call_rcu+0xb2/0x7d0 [ 61.178184][ T922] __d_move+0x927/0x10e0 [ 61.182252][ T922] __d_unalias+0x194/0x1c0 [ 61.186499][ T922] d_splice_alias+0x19d/0x310 [ 61.191015][ T922] fuse_lookup+0x23d/0x500 [ 61.195283][ T922] __lookup_slow+0x26d/0x360 [ 61.199691][ T922] lookup_slow+0x54/0x70 [ 61.203776][ T922] walk_component+0x3d2/0x540 [ 61.208378][ T922] link_path_walk+0x5b9/0xd10 [ 61.212984][ T922] filename_parentat+0x228/0x5a0 [ 61.217767][ T922] filename_create+0xe3/0x490 [ 61.222283][ T922] do_mkdirat+0x112/0x390 [ 61.226423][ T922] __x64_sys_mkdir+0x69/0x80 [ 61.230860][ T922] do_syscall_64+0x3d/0xb0 [ 61.235105][ T922] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 61.240850][ T922] [ 61.243099][ T922] The buggy address belongs to the object at ffff888125cafc00 [ 61.243099][ T922] which belongs to the cache kmalloc-rcl-512 of size 512 [ 61.257411][ T922] The buggy address is located 16 bytes inside of [ 61.257411][ T922] 512-byte region [ffff888125cafc00, ffff888125cafe00) [ 61.271126][ T922] The buggy address belongs to the page: [ 61.276690][ T922] page:ffffea0004972b00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x125cac [ 61.286926][ T922] head:ffffea0004972b00 order:2 compound_mapcount:0 compound_pincount:0 [ 61.295269][ T922] flags: 0x4000000000010200(slab|head|zone=1) [ 61.301254][ T922] raw: 4000000000010200 0000000000000000 dead000000000122 ffff88810004c300 [ 61.309681][ T922] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 61.318082][ T922] page dumped because: kasan: bad access detected [ 61.324350][ T922] page_owner tracks the page as allocated [ 61.329891][ T922] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0x1d20d0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 865, ts 59232547592, free_ts 0 [ 61.351898][ T922] post_alloc_hook+0x1a3/0x1b0 [ 61.356449][ T922] get_page_from_freelist+0x2c14/0x2cf0 [ 61.361896][ T922] __alloc_pages+0x386/0x7b0 [ 61.366256][ T922] new_slab+0x92/0x490 [ 61.370255][ T922] ___slab_alloc+0x39e/0x830 [ 61.374688][ T922] __slab_alloc+0x4a/0x90 [ 61.379152][ T922] __kmalloc+0x16d/0x270 [ 61.383208][ T922] __d_alloc+0x95/0x650 [ 61.387433][ T922] d_alloc_parallel+0xd1/0xed0 [ 61.392139][ T922] __lookup_slow+0x149/0x360 [ 61.396564][ T922] lookup_slow+0x54/0x70 [ 61.400640][ T922] walk_component+0x3d2/0x540 [ 61.405154][ T922] path_lookupat+0x95/0x340 [ 61.409526][ T922] filename_lookup+0x22b/0x550 [ 61.414107][ T922] user_path_at_empty+0x38/0x150 [ 61.419396][ T922] vfs_statx+0xe8/0x580 [ 61.423417][ T922] page_owner free stack trace missing [ 61.428680][ T922] [ 61.430844][ T922] Memory state around the buggy address: [ 61.436330][ T922] ffff888125cafb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 61.444310][ T922] ffff888125cafb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 61.452202][ T922] >ffff888125cafc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 61.460094][ T922] ^ [ 61.464530][ T922] ffff888125cafc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 61.472542][ T922] ffff888125cafd00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 61.480542][ T922] ================================================================== [ 61.488441][ T922] Disabling lock debugging due to kernel taint 2023/04/02 03:04:51 executed programs: 130 2023/04/02 03:04:56 executed programs: 166