systemd[1]: Starting Journal Service... systemd-journald[21935]: File /var/log/journal/7e681e5076844de4a5cfa8606a84b008/system.journal corrupted or uncleanly shut down, renaming and replacing. ================================================================== BUG: KASAN: use-after-free in llist_del_first+0x89/0xa0 Read of size 8 at addr ffff8880445558a8 by task kworker/0:1/12124 CPU: 0 PID: 12124 Comm: kworker/0:1 Not tainted 5.19.0-rc5-next-20220706 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 Workqueue: events kernfs_notify_workfn Call Trace: dump_stack_lvl+0x8b/0xb3 print_report.cold+0x5e/0x5e1 kasan_report+0xb1/0x1b0 llist_del_first+0x89/0xa0 kernfs_notify_workfn+0x78/0x560 process_one_work+0xa0f/0x1690 worker_thread+0x637/0x1250 kthread+0x2ed/0x3a0 ret_from_fork+0x22/0x30 Allocated by task 1: kasan_save_stack+0x1e/0x40 __kasan_slab_alloc+0x66/0x80 kmem_cache_alloc+0x1b1/0x490 __kernfs_new_node+0xd4/0x8b0 kernfs_new_node+0x93/0x120 __kernfs_create_file+0x51/0x350 cgroup_addrm_files+0x3e2/0x9d0 css_populate_dir+0x300/0x450 cgroup_mkdir+0x38b/0x11f0 kernfs_iop_mkdir+0x149/0x1d0 vfs_mkdir+0x417/0x6a0 do_mkdirat+0x17b/0x2e0 __x64_sys_mkdir+0xf2/0x140 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x46/0xb0 Freed by task 12124: kasan_save_stack+0x1e/0x40 kasan_set_track+0x21/0x30 kasan_set_free_info+0x20/0x30 __kasan_slab_free+0x108/0x190 kmem_cache_free+0xfb/0x600 kernfs_put.part.0+0x2c7/0x540 kernfs_put+0x42/0x50 kernfs_notify_workfn+0x417/0x560 process_one_work+0xa0f/0x1690 worker_thread+0x637/0x1250 kthread+0x2ed/0x3a0 ret_from_fork+0x22/0x30 The buggy address belongs to the object at ffff888044555828 which belongs to the cache kernfs_node_cache of size 168 The buggy address is located 128 bytes inside of 168-byte region [ffff888044555828, ffff8880445558d0) The buggy address belongs to the physical page: page:0000000046862e98 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x44555 flags: 0x100000000000200(slab|node=0|zone=1) raw: 0100000000000200 0000000000000000 dead000000000001 ffff8880080358c0 raw: 0000000000000000 0000000000110011 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff888044555780: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc ffff888044555800: fc fc fc fc fc fa fb fb fb fb fb fb fb fb fb fb >ffff888044555880: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc ^ ffff888044555900: fc fc fa fb fb fb fb fb fb fb fb fb fb fb fb fb ffff888044555980: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fa ================================================================== systemd[1]: Started Journal Service. systemd-journald[21935]: Received client request to flush runtime journal.