Warning: Permanently added '10.128.0.41' (ECDSA) to the list of known hosts. 2023/04/06 11:41:12 ignoring optional flag "sandboxArg"="0" 2023/04/06 11:41:12 parsed 1 programs 2023/04/06 11:41:12 executed programs: 0 [ 35.556252][ T29] kauditd_printk_skb: 65 callbacks suppressed [ 35.556262][ T29] audit: type=1400 audit(1680781272.650:137): avc: denied { mounton } for pid=449 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 35.596205][ T29] audit: type=1400 audit(1680781272.650:138): avc: denied { mount } for pid=449 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 35.688509][ T454] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.695363][ T454] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.702863][ T454] device bridge_slave_0 entered promiscuous mode [ 35.727714][ T456] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.734586][ T456] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.741923][ T456] device bridge_slave_0 entered promiscuous mode [ 35.748447][ T454] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.755305][ T454] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.762546][ T454] device bridge_slave_1 entered promiscuous mode [ 35.789073][ T456] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.796022][ T456] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.803787][ T456] device bridge_slave_1 entered promiscuous mode [ 35.844756][ T460] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.851738][ T460] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.858910][ T460] device bridge_slave_0 entered promiscuous mode [ 35.866574][ T460] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.873673][ T460] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.880856][ T460] device bridge_slave_1 entered promiscuous mode [ 35.897644][ T465] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.904554][ T465] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.911754][ T465] device bridge_slave_0 entered promiscuous mode [ 35.927248][ T470] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.934352][ T470] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.941689][ T470] device bridge_slave_0 entered promiscuous mode [ 35.949511][ T470] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.956347][ T470] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.964281][ T470] device bridge_slave_1 entered promiscuous mode [ 35.970852][ T465] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.977770][ T465] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.985227][ T465] device bridge_slave_1 entered promiscuous mode [ 36.003898][ T466] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.010805][ T466] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.017824][ T466] device bridge_slave_0 entered promiscuous mode [ 36.040664][ T466] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.047530][ T466] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.054829][ T466] device bridge_slave_1 entered promiscuous mode [ 36.142368][ T456] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.149248][ T456] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.156301][ T456] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.163230][ T456] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.177471][ T454] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.184360][ T454] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.191429][ T454] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.198406][ T454] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.238905][ T460] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.246042][ T460] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.253116][ T460] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.259941][ T460] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.294062][ T470] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.300934][ T470] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.308014][ T470] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.314841][ T470] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.323089][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 36.330589][ T411] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.337551][ T411] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.344591][ T411] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.351729][ T411] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.358890][ T411] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.366102][ T411] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.373122][ T411] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.380100][ T411] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.424142][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 36.431617][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 36.440463][ T129] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.447384][ T129] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.454805][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 36.463004][ T129] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.470113][ T129] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.502839][ T456] device veth0_vlan entered promiscuous mode [ 36.518623][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 36.526737][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 36.534823][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 36.543125][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 36.551870][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 36.559344][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 36.566838][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 36.574633][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 36.582700][ T129] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.589648][ T129] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.596915][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 36.604935][ T129] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.611775][ T129] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.619327][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 36.627076][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 36.634948][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 36.642924][ T129] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.649809][ T129] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.656915][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 36.664978][ T129] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.671968][ T129] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.694616][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 36.705746][ T456] device veth1_macvtap entered promiscuous mode [ 36.717619][ T470] device veth0_vlan entered promiscuous mode [ 36.724282][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 36.732754][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 36.740709][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 36.747948][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 36.755353][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 36.763094][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 36.770388][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 36.777653][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 36.785626][ T411] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.792499][ T411] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.799666][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 36.807701][ T411] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.814548][ T411] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.821796][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 36.829187][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 36.836431][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 36.844638][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 36.852633][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 36.860135][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 36.867922][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 36.875795][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 36.883807][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 36.891769][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 36.899927][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 36.907848][ T411] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.914932][ T411] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.922077][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 36.930219][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 36.938127][ T411] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.944913][ T411] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.971299][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 36.979538][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 36.987418][ T411] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.994203][ T411] bridge0: port 1(bridge_slave_0) entered forwarding state [ 37.002164][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 37.010290][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 37.018173][ T411] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.024947][ T411] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.032096][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 37.039978][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 37.047644][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 37.055430][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 37.063439][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 37.071571][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 37.079556][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 37.087741][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 37.095625][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 37.103380][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 37.111288][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 37.124236][ T466] device veth0_vlan entered promiscuous mode [ 37.137316][ T465] device veth0_vlan entered promiscuous mode [ 37.150918][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 37.159853][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 37.168016][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 37.175902][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 37.183126][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 37.190475][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 37.198581][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 37.205760][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 37.213077][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 37.220529][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 37.228605][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 37.242440][ T29] audit: type=1400 audit(1680781274.340:139): avc: denied { mount } for pid=456 comm="syz-executor.0" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 37.245797][ T470] device veth1_macvtap entered promiscuous mode [ 37.285019][ T29] audit: type=1400 audit(1680781274.380:140): avc: denied { mounton } for pid=490 comm="syz-executor.0" path="/root/syzkaller-testdir2829816837/syzkaller.nxRhks/0/file0" dev="sda1" ino=1158 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 37.285093][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 37.319800][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 37.328287][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 37.336351][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 37.344689][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 37.352472][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 37.362610][ T465] device veth1_macvtap entered promiscuous mode [ 37.372921][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 37.380326][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 37.387518][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 37.396072][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 37.408620][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 37.416733][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 37.425117][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 37.433166][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 37.441373][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 37.448925][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 37.456719][ T460] device veth0_vlan entered promiscuous mode [ 37.465751][ T466] device veth1_macvtap entered promiscuous mode [ 37.474397][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 37.482525][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 37.491301][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 37.504044][ T454] device veth0_vlan entered promiscuous mode [ 37.511227][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 37.519538][ T411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 37.537937][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 37.546108][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 37.554736][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 37.563127][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 37.571450][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 37.579588][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 37.592132][ T460] device veth1_macvtap entered promiscuous mode [ 37.606354][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 37.614762][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 37.632398][ T454] device veth1_macvtap entered promiscuous mode [ 37.650956][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 37.659152][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 37.667334][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 37.675396][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 37.683644][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 37.692113][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 37.700569][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 37.714982][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 37.723364][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 37.731557][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 37.739571][ T129] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 38.117984][ T29] audit: type=1400 audit(1680781275.210:141): avc: denied { unmount } for pid=456 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 2023/04/06 11:41:17 executed programs: 24 [ 42.055630][ T672] ================================================================== [ 42.063997][ T672] BUG: KASAN: use-after-free in fuse_copy_one+0x1bd/0x3c0 [ 42.071026][ T672] Read of size 256 at addr ffff8881222b8010 by task syz-executor.4/672 [ 42.079101][ T672] [ 42.081700][ T672] CPU: 0 PID: 672 Comm: syz-executor.4 Not tainted 5.15.106-syzkaller-00100-gd86dfc4d95cd #0 [ 42.091686][ T672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023 [ 42.101577][ T672] Call Trace: [ 42.104703][ T672] [ 42.107481][ T672] dump_stack_lvl+0x151/0x1b7 [ 42.111992][ T672] ? io_uring_drop_tctx_refs+0x190/0x190 [ 42.117460][ T672] ? panic+0x751/0x751 [ 42.121365][ T672] print_address_description+0x87/0x3a0 [ 42.126747][ T672] kasan_report+0x177/0x1c0 [ 42.131085][ T672] ? fuse_copy_one+0x1bd/0x3c0 [ 42.135687][ T672] ? fuse_copy_one+0x1bd/0x3c0 [ 42.140285][ T672] kasan_check_range+0x293/0x2a0 [ 42.145058][ T672] ? fuse_copy_one+0x1bd/0x3c0 [ 42.149657][ T672] memcpy+0x2d/0x70 [ 42.153306][ T672] fuse_copy_one+0x1bd/0x3c0 [ 42.157851][ T672] fuse_copy_args+0x330/0x410 [ 42.162362][ T672] ? fuse_copy_one+0x374/0x3c0 [ 42.166966][ T672] fuse_dev_do_read+0xc87/0x11d0 [ 42.171737][ T672] ? do_futex+0x1770/0x1770 [ 42.176082][ T672] ? queue_interrupt+0x390/0x390 [ 42.181026][ T672] ? memset+0x35/0x40 [ 42.184844][ T672] ? __fsnotify_parent+0x4b9/0x6c0 [ 42.189795][ T672] fuse_dev_read+0x182/0x210 [ 42.194309][ T672] ? fuse_dev_release+0x5c0/0x5c0 [ 42.199313][ T672] ? fsnotify_perm+0x4ba/0x5d0 [ 42.203985][ T672] ? iov_iter_init+0x53/0x190 [ 42.208533][ T672] vfs_read+0xa7e/0xd40 [ 42.212583][ T672] ? kernel_read+0x1f0/0x1f0 [ 42.217013][ T672] ? __fdget_pos+0x209/0x310 [ 42.221517][ T672] ? ksys_read+0x77/0x2c0 [ 42.225771][ T672] ksys_read+0x199/0x2c0 [ 42.229858][ T672] ? vfs_write+0x1050/0x1050 [ 42.234283][ T672] ? __kasan_check_read+0x11/0x20 [ 42.239228][ T672] __x64_sys_read+0x7b/0x90 [ 42.243566][ T672] do_syscall_64+0x3d/0xb0 [ 42.247825][ T672] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 42.253568][ T672] RIP: 0033:0x7f9670ba1639 [ 42.257891][ T672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 42.277683][ T672] RSP: 002b:00007f96706b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 42.285906][ T672] RAX: ffffffffffffffda RBX: 00007f9670cc21f0 RCX: 00007f9670ba1639 [ 42.293707][ T672] RDX: 0000000000002020 RSI: 0000000020002140 RDI: 0000000000000003 [ 42.301518][ T672] RBP: 00007f9670bfcae9 R08: 0000000000000000 R09: 0000000000000000 [ 42.309331][ T672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 42.317402][ T672] R13: 00007ffe9faa18df R14: 00007f96706b2300 R15: 0000000000022000 [ 42.325398][ T672] [ 42.328259][ T672] [ 42.330515][ T672] Allocated by task 659: [ 42.334591][ T672] ____kasan_kmalloc+0xdb/0x110 [ 42.339271][ T672] __kasan_kmalloc+0x9/0x10 [ 42.343723][ T672] __kmalloc+0x13a/0x270 [ 42.347785][ T672] __d_alloc+0xad/0x6c0 [ 42.351791][ T672] d_alloc_parallel+0xe1/0x1270 [ 42.356463][ T672] __lookup_slow+0x154/0x400 [ 42.361004][ T672] lookup_slow+0x5a/0x80 [ 42.365255][ T672] walk_component+0x48c/0x610 [ 42.369796][ T672] path_lookupat+0x16d/0x450 [ 42.374220][ T672] filename_lookup+0x230/0x5c0 [ 42.378799][ T672] user_path_at_empty+0x43/0x1a0 [ 42.383594][ T672] __se_sys_mount+0x285/0x3b0 [ 42.388082][ T672] __x64_sys_mount+0xbf/0xd0 [ 42.392511][ T672] do_syscall_64+0x3d/0xb0 [ 42.396763][ T672] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 42.402496][ T672] [ 42.404671][ T672] Freed by task 25: [ 42.408405][ T672] kasan_set_track+0x4b/0x80 [ 42.412817][ T672] kasan_set_free_info+0x23/0x40 [ 42.417679][ T672] ____kasan_slab_free+0x126/0x160 [ 42.422630][ T672] __kasan_slab_free+0x11/0x20 [ 42.427228][ T672] slab_free_freelist_hook+0xbd/0x190 [ 42.432442][ T672] kmem_cache_free_bulk+0x552/0x700 [ 42.437566][ T672] kfree_rcu_work+0x2b2/0x6a0 [ 42.442166][ T672] process_one_work+0x6bb/0xc10 [ 42.446846][ T672] worker_thread+0xad2/0x12a0 [ 42.451727][ T672] kthread+0x421/0x510 [ 42.455609][ T672] ret_from_fork+0x1f/0x30 [ 42.459863][ T672] [ 42.462029][ T672] Last potentially related work creation: [ 42.467767][ T672] kasan_save_stack+0x36/0x60 [ 42.472273][ T672] kasan_record_aux_stack+0xca/0xf0 [ 42.477307][ T672] kvfree_call_rcu+0xb2/0x7d0 [ 42.482095][ T672] __d_move+0x86e/0x1370 [ 42.486623][ T672] __d_unalias+0x1cc/0x220 [ 42.490950][ T672] d_splice_alias+0x20a/0x390 [ 42.495536][ T672] fuse_lookup+0x2b9/0x5f0 [ 42.500106][ T672] __lookup_slow+0x2b9/0x400 [ 42.504860][ T672] lookup_slow+0x5a/0x80 [ 42.508938][ T672] walk_component+0x48c/0x610 [ 42.513443][ T672] link_path_walk+0x642/0xd90 [ 42.517955][ T672] filename_parentat+0x23a/0x650 [ 42.522734][ T672] filename_create+0xf0/0x520 [ 42.527243][ T672] do_mkdirat+0xbd/0x450 [ 42.531604][ T672] __x64_sys_mkdir+0x6e/0x80 [ 42.536046][ T672] do_syscall_64+0x3d/0xb0 [ 42.540291][ T672] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 42.546106][ T672] [ 42.548461][ T672] The buggy address belongs to the object at ffff8881222b8000 [ 42.548461][ T672] which belongs to the cache kmalloc-rcl-512 of size 512 [ 42.562696][ T672] The buggy address is located 16 bytes inside of [ 42.562696][ T672] 512-byte region [ffff8881222b8000, ffff8881222b8200) [ 42.575810][ T672] The buggy address belongs to the page: [ 42.581280][ T672] page:ffffea000488ae00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1222b8 [ 42.591346][ T672] head:ffffea000488ae00 order:2 compound_mapcount:0 compound_pincount:0 [ 42.599493][ T672] flags: 0x4000000000010200(slab|head|zone=1) [ 42.605404][ T672] raw: 4000000000010200 0000000000000000 dead000000000122 ffff888100042dc0 [ 42.613833][ T672] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 42.622319][ T672] page dumped because: kasan: bad access detected [ 42.628572][ T672] page_owner tracks the page as allocated [ 42.634146][ T672] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0x1d20d0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 588, ts 39824507187, free_ts 0 [ 42.655478][ T672] post_alloc_hook+0x15d/0x170 [ 42.660159][ T672] get_page_from_freelist+0x33e6/0x34c0 [ 42.665540][ T672] __alloc_pages+0x38a/0x7b0 [ 42.670147][ T672] new_slab+0x92/0x490 [ 42.674392][ T672] ___slab_alloc+0x39e/0x830 [ 42.678822][ T672] __slab_alloc+0x4a/0x90 [ 42.682985][ T672] __kmalloc+0x16d/0x270 [ 42.687159][ T672] __d_alloc+0xad/0x6c0 [ 42.691247][ T672] d_alloc_parallel+0xe1/0x1270 [ 42.695928][ T672] __lookup_slow+0x154/0x400 [ 42.700345][ T672] lookup_slow+0x5a/0x80 [ 42.704432][ T672] walk_component+0x48c/0x610 [ 42.708946][ T672] path_lookupat+0x16d/0x450 [ 42.713363][ T672] filename_lookup+0x230/0x5c0 [ 42.718059][ T672] user_path_at_empty+0x43/0x1a0 [ 42.722852][ T672] __se_sys_mount+0x285/0x3b0 [ 42.727426][ T672] page_owner free stack trace missing [ 42.732721][ T672] [ 42.734889][ T672] Memory state around the buggy address: [ 42.740559][ T672] ffff8881222b7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 42.748435][ T672] ffff8881222b7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 42.756333][ T672] >ffff8881222b8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 42.764398][ T672] ^ [ 42.768832][ T672] ffff8881222b8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 42.776747][ T672] ffff8881222b8100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 42.784632][ T672] ================================================================== [ 42.792524][ T672] Disabling lock debugging due to kernel taint 2023/04/06 11:41:23 executed programs: 60 2023/04/06 11:41:28 executed programs: 96