Warning: Permanently added '10.128.0.231' (ED25519) to the list of known hosts. executing program [ 54.986821][ T5063] loop0: detected capacity change from 0 to 8192 [ 54.997410][ T5063] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 55.010746][ T5063] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 55.020257][ T5063] REISERFS (device loop0): using ordered data mode [ 55.026753][ T5063] reiserfs: using flush barriers [ 55.032999][ T5063] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 55.049950][ T5063] REISERFS (device loop0): checking transaction log (loop0) [ 55.099490][ T5063] REISERFS (device loop0): Using r5 hash to sort names [ 55.107234][ T5063] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 55.128448][ T4525] stack segment: 0000 [#1] PREEMPT SMP KASAN [ 55.128984][ C0] ================================================================== [ 55.134490][ T4525] CPU: 1 PID: 4525 Comm: udevd Not tainted 6.7.0-rc3-syzkaller-00284-g815fb87b7530 #0 [ 55.142532][ C0] BUG: KASAN: unknown-crash in tick_sched_handle+0x15d/0x170 [ 55.152103][ T4525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 55.159502][ C0] Read of size 8 at addr ffffc90003b4eb40 by task /0 [ 55.169546][ T4525] RIP: 0010:__stack_depot_save+0x15e/0x520 [ 55.176331][ C0] [ 55.176337][ C0] CPU: 0 PID: 0 Comm:  Not tainted 6.7.0-rc3-syzkaller-00284-g815fb87b7530 #0 [ 55.182118][ T4525] Code: 29 c0 89 c3 48 8b 05 f9 df 15 0e 89 d9 23 0d e9 df 15 0e 48 8d 0c c8 48 8b 29 48 85 ed 75 0b eb 70 48 8b 6d 00 48 85 ed 74 67 <39> 5d 08 75 f2 44 3b 7d 0c 75 ec 31 c0 48 8b 74 c5 18 49 39 34 c6 [ 55.184510][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 55.193470][ T4525] RSP: 0018:ffffc9000313f5c0 EFLAGS: 00010202 [ 55.213404][ C0] Call Trace: [ 55.213416][ C0] [ 55.223446][ T4525] [ 55.223451][ T4525] RAX: ffff88823b400000 RBX: 0000000002972db3 RCX: ffff88823b796d98 [ 55.229491][ C0] dump_stack_lvl+0xd9/0x1b0 [ 55.232748][ T4525] RDX: 000000000000000f RSI: 0000000000000003 RDI: 000000001871a4f5 [ 55.235581][ C0] print_report+0xc4/0x620 [ 55.237888][ T4525] RBP: 1f0f66c35b044389 R08: 000000008c47e937 R09: 0000000000000000 [ 55.245844][ C0] ? __virt_addr_valid+0x5e/0x2d0 [ 55.250407][ T4525] R10: 0000000000000000 R11: 0000000000000004 R12: 0000000000000001 [ 55.258363][ C0] kasan_report+0xda/0x110 [ 55.262744][ T4525] R13: 0000000000000dc0 R14: ffffc9000313f628 R15: 000000000000000f [ 55.270692][ C0] ? tick_sched_handle+0x15d/0x170 [ 55.275722][ T4525] FS: 00007f1a013b6c80(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 55.283669][ C0] ? tick_sched_handle+0x15d/0x170 [ 55.288055][ T4525] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 55.296004][ C0] ? tick_sched_do_timer+0x2e0/0x2e0 [ 55.301084][ T4525] CR2: 00007ffeaa65d000 CR3: 0000000018334000 CR4: 0000000000350ef0 [ 55.309984][ C0] tick_sched_handle+0x15d/0x170 [ 55.315091][ T4525] Call Trace: [ 55.321650][ C0] tick_nohz_highres_handler+0xe9/0x110 [ 55.326932][ T4525] [ 55.334882][ C0] __hrtimer_run_queues+0x647/0xc20 [ 55.339794][ T4525] ? show_regs+0x8f/0xa0 [ 55.343064][ C0] ? enqueue_hrtimer+0x310/0x310 [ 55.348661][ T4525] ? die+0x36/0xa0 [ 55.351572][ C0] ? ktime_get_update_offsets_now+0x3bc/0x610 [ 55.356748][ T4525] ? do_trap+0x22b/0x420 [ 55.360971][ C0] hrtimer_interrupt+0x31b/0x800 [ 55.365965][ T4525] ? do_error_trap+0xf4/0x230 [ 55.369667][ C0] __sysvec_apic_timer_interrupt+0x105/0x400 [ 55.375700][ T4525] ? exc_stack_segment+0x38/0x50 [ 55.379916][ C0] sysvec_apic_timer_interrupt+0x90/0xb0 [ 55.384824][ T4525] ? asm_exc_stack_segment+0x26/0x30 [ 55.389481][ C0] [ 55.395433][ T4525] ? __stack_depot_save+0x15e/0x520 [ 55.400345][ C0] [ 55.400354][ C0] The buggy address belongs to the virtual mapping at [ 55.400354][ C0] [ffffc90003b48000, ffffc90003b51000) created by: [ 55.400354][ C0] kernel_clone+0xfd/0x930 [ 55.405960][ T4525] kasan_save_stack+0x43/0x50 [ 55.411227][ C0] [ 55.411232][ C0] The buggy address belongs to the physical page: [ 55.414145][ T4525] ? kasan_save_stack+0x33/0x50 [ 55.419314][ C0] page:ffffea0001e4ee00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x793b8 [ 55.421618][ T4525] ? kasan_set_track+0x25/0x30 [ 55.439029][ C0] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 55.443684][ T4525] ? __kasan_slab_alloc+0x81/0x90 [ 55.445998][ C0] page_type: 0xffffffff() [ 55.452385][ T4525] ? kmem_cache_alloc+0x15d/0x2f0 [ 55.457219][ C0] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 55.467508][ T4525] ? __kernfs_iattrs+0xb8/0x3f0 [ 55.472263][ C0] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 55.479430][ T4525] ? __kernfs_setattr+0x4d/0x3c0 [ 55.484455][ C0] page dumped because: kasan: bad access detected [ 55.484465][ C0] page_owner tracks the page as allocated [ 55.488760][ T4525] ? kernfs_iop_setattr+0x120/0x180 [ 55.493782][ C0] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 5061, tgid 5061 (sshd), ts 54915954346, free_ts 49349323250 [ 55.502354][ T4525] ? notify_change+0x742/0x11c0 [ 55.507183][ C0] post_alloc_hook+0x2d0/0x350 [ 55.515822][ T4525] ? do_truncate+0x15c/0x220 [ 55.520738][ C0] get_page_from_freelist+0xa25/0x36d0 [ 55.527130][ T4525] ? path_openat+0x25a0/0x2c50 [ 55.532824][ C0] __alloc_pages+0x22e/0x2420 [ 55.538029][ T4525] ? do_filp_open+0x1de/0x430 [ 55.556659][ C0] alloc_pages_mpol+0x258/0x5f0 [ 55.561494][ T4525] ? do_sys_openat2+0x176/0x1e0 [ 55.566237][ C0] __vmalloc_node_range+0xa6e/0x1540 [ 55.570840][ T4525] ? __x64_sys_openat+0x175/0x210 [ 55.576287][ C0] copy_process+0x138b/0x73f0 [ 55.581216][ T4525] ? do_syscall_64+0x40/0x110 [ 55.585879][ C0] kernel_clone+0xfd/0x930 [ 55.590535][ T4525] ? entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 55.595421][ C0] __do_sys_clone+0xba/0x100 [ 55.600269][ T4525] kasan_set_track+0x25/0x30 [ 55.605628][ C0] do_syscall_64+0x40/0x110 [ 55.610748][ T4525] __kasan_slab_alloc+0x81/0x90 [ 55.615401][ C0] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 55.620056][ T4525] kmem_cache_alloc+0x15d/0x2f0 [ 55.624446][ C0] page last free stack trace: [ 55.624452][ C0] free_unref_page_prepare+0x4fa/0xaa0 [ 55.630522][ T4525] __kernfs_iattrs+0xb8/0x3f0 [ 55.635084][ C0] free_unref_page+0x33/0x3b0 [ 55.639656][ T4525] __kernfs_setattr+0x4d/0x3c0 [ 55.644141][ C0] __folio_put+0xc3/0x110 [ 55.648972][ T4525] kernfs_iop_setattr+0x120/0x180 [ 55.654835][ C0] anon_pipe_buf_release+0x3fa/0x4b0 [ 55.659922][ T4525] ? __kernfs_setattr+0x3c0/0x3c0 [ 55.664571][ C0] pipe_read+0x645/0x1400 [ 55.670003][ T4525] notify_change+0x742/0x11c0 [ 55.674657][ C0] vfs_read+0x7c5/0x8f0 [ 55.679318][ T4525] do_truncate+0x15c/0x220 [ 55.684048][ C0] ksys_read+0x1f0/0x250 [ 55.688358][ T4525] ? file_open_root+0x450/0x450 [ 55.693359][ C0] do_syscall_64+0x40/0x110 [ 55.698616][ T4525] ? common_perm_cond+0x242/0x560 [ 55.703615][ C0] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 55.707930][ T4525] path_openat+0x25a0/0x2c50 [ 55.712575][ C0] [ 55.712578][ C0] Memory state around the buggy address: [ 55.716827][ T4525] ? path_lookupat+0x770/0x770 [ 55.721222][ C0] ffffc90003b4ea00: 00 cc 65 56 80 88 ff ff b4 13 00 00 71 01 7b 06 [ 55.725439][ T4525] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 55.730282][ C0] ffffc90003b4ea80: 00 e0 f3 41 81 88 ff ff 00 00 00 00 00 00 00 00 [ 55.734770][ T4525] do_filp_open+0x1de/0x430 [ 55.739773][ C0] >ffffc90003b4eb00: 75 16 5d ba ea 22 9d 17 42 00 00 00 00 00 00 00 [ 55.745676][ T4525] ? may_open_dev+0xf0/0xf0 [ 55.750274][ C0] ^ [ 55.752591][ T4525] ? _raw_spin_unlock+0x28/0x40 [ 55.758216][ C0] ffffc90003b4eb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 55.762955][ T4525] ? alloc_fd+0x2da/0x6c0 [ 55.770996][ C0] ffffc90003b4ec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 55.777052][ T4525] do_sys_openat2+0x176/0x1e0 [ 55.785108][ C0] ================================================================== [ 55.785122][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 55.790322][ T4525] ? build_open_flags+0x690/0x690 [ 55.790353][ T4525] ? __fput+0x546/0xbb0 [ 55.790375][ T4525] ? kmem_cache_free+0xf8/0x350 [ 55.790396][ T4525] __x64_sys_openat+0x175/0x210 [ 55.790418][ T4525] ? __ia32_sys_open+0x1e0/0x1e0 [ 55.790440][ T4525] ? syscall_enter_from_user_mode+0x7f/0x120 [ 55.790465][ T4525] do_syscall_64+0x40/0x110 [ 55.790483][ T4525] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 55.790508][ T4525] RIP: 0033:0x7f1a00f169a4 [ 55.790520][ T4525] Code: 24 20 48 8d 44 24 30 48 89 44 24 28 64 8b 04 25 18 00 00 00 85 c0 75 2c 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 60 48 8b 15 55 a4 0d 00 f7 d8 64 89 02 48 83 [ 55.790534][ T4525] RSP: 002b:00007ffef1d9c270 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 55.790548][ T4525] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f1a00f169a4 [ 55.790558][ T4525] RDX: 0000000000080241 RSI: 00007ffef1d9c6a8 RDI: 00000000ffffff9c [ 55.790566][ T4525] RBP: 00007ffef1d9c6a8 R08: 0000000000000004 R09: 0000000000000001 [ 55.790575][ T4525] R10: 00000000000001b6 R11: 0000000000000246 R12: 0000000000080241 [ 55.790583][ T4525] R13: 0000564c2e53f72e R14: 0000000000000001 R15: 0000000000000000 [ 55.790596][ T4525] [ 55.790601][ T4525] Modules linked in: [ 55.791020][ C0] Kernel Offset: disabled [ 55.978450][ C0] Rebooting in 86400 seconds..