Warning: Permanently added '10.128.1.31' (ECDSA) to the list of known hosts. [ 35.498560] IPVS: ftp: loaded support on port[0] = 21 executing program [ 35.575856] ====================================================== [ 35.575856] WARNING: the mand mount option is being deprecated and [ 35.575856] will be removed in v5.15! [ 35.575856] ====================================================== [ 35.612816] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 35.625236] FAULT_INJECTION: forcing a failure. [ 35.625236] name failslab, interval 1, probability 0, space 0, times 1 [ 35.638018] CPU: 0 PID: 7965 Comm: syz-executor428 Not tainted 4.14.306-syzkaller #0 [ 35.645924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 35.655288] Call Trace: [ 35.657887] dump_stack+0x1b2/0x281 [ 35.661525] should_fail.cold+0x10a/0x149 [ 35.665673] should_failslab+0xd6/0x130 [ 35.669653] kmem_cache_alloc_trace+0x29a/0x3d0 [ 35.674337] udf_find_entry+0x4b3/0xef0 [ 35.678320] ? empty_dir+0x6e0/0x6e0 [ 35.682021] ? mark_buffer_dirty+0x95/0x480 [ 35.686504] udf_rename+0x3ce/0x11b0 [ 35.690225] ? udf_unlink+0x3c0/0x3c0 [ 35.694026] ? trace_hardirqs_on+0x10/0x10 [ 35.698263] ? d_splice_alias+0x426/0xb10 [ 35.702433] ? take_dentry_name_snapshot+0x9e/0x130 [ 35.707449] ? lock_acquire+0x170/0x3f0 [ 35.711515] ? lock_two_nondirectories+0xb2/0xf0 [ 35.716368] ? down_write_nested+0x36/0x90 [ 35.720688] vfs_rename+0x560/0x1820 [ 35.724414] ? path_openat+0x2970/0x2970 [ 35.728468] ? security_path_rename+0x13f/0x2a0 [ 35.733142] SyS_renameat2+0x95b/0xad0 [ 35.737108] ? SyS_link+0x30/0x30 [ 35.740667] ? vfs_write+0x319/0x4d0 [ 35.744461] ? SyS_write+0x14d/0x210 [ 35.748171] ? SyS_read+0x210/0x210 [ 35.751804] ? do_syscall_64+0x4c/0x640 [ 35.755758] ? SyS_renameat+0x30/0x30 [ 35.759546] do_syscall_64+0x1d5/0x640 [ 35.763426] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 35.768609] RIP: 0033:0x7ff2fe032219 [ 35.772313] RSP: 002b:00007ffc914fb4f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 35.780007] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007ff2fe032219 [ 35.787351] RDX: 0000000000000510 RSI: 0000000020000100 RDI: 0000000020000040 [ 35.794605] RBP: 00007ffc914fb510 R08: 0000000000000002 R09: 00007ffc914fb698 [ 35.801869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 35.809125] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 35.817931] ================================================================== [ 35.825457] BUG: KASAN: out-of-bounds in udf_write_fi+0x875/0xe80 [ 35.831695] Write of size 18446744073709551572 at addr ffff88808aa7102c by task syz-executor428/7965 [ 35.840962] [ 35.842597] CPU: 0 PID: 7965 Comm: syz-executor428 Not tainted 4.14.306-syzkaller #0 [ 35.850461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 35.859806] Call Trace: [ 35.862383] dump_stack+0x1b2/0x281 [ 35.866001] print_address_description.cold+0x54/0x1d3 [ 35.871266] kasan_report_error.cold+0x8a/0x191 [ 35.875926] ? udf_write_fi+0x875/0xe80 [ 35.879885] kasan_report+0x6f/0x80 [ 35.883498] ? udf_write_fi+0x875/0xe80 [ 35.887460] memset+0x20/0x40 [ 35.890553] udf_write_fi+0x875/0xe80 [ 35.894362] udf_rename+0x3e5/0x11b0 [ 35.898071] ? udf_unlink+0x3c0/0x3c0 [ 35.901862] ? trace_hardirqs_on+0x10/0x10 [ 35.906083] ? d_splice_alias+0x426/0xb10 [ 35.910221] ? take_dentry_name_snapshot+0x9e/0x130 [ 35.915227] ? lock_acquire+0x170/0x3f0 [ 35.919190] ? lock_two_nondirectories+0xb2/0xf0 [ 35.923937] ? down_write_nested+0x36/0x90 [ 35.928160] vfs_rename+0x560/0x1820 [ 35.931865] ? path_openat+0x2970/0x2970 [ 35.935921] ? security_path_rename+0x13f/0x2a0 [ 35.940604] SyS_renameat2+0x95b/0xad0 [ 35.944487] ? SyS_link+0x30/0x30 [ 35.947939] ? vfs_write+0x319/0x4d0 [ 35.951641] ? SyS_write+0x14d/0x210 [ 35.955344] ? SyS_read+0x210/0x210 [ 35.958966] ? do_syscall_64+0x4c/0x640 [ 35.963012] ? SyS_renameat+0x30/0x30 [ 35.966798] do_syscall_64+0x1d5/0x640 [ 35.970685] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 35.975863] RIP: 0033:0x7ff2fe032219 [ 35.979559] RSP: 002b:00007ffc914fb4f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 35.987251] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007ff2fe032219 [ 35.994503] RDX: 0000000000000510 RSI: 0000000020000100 RDI: 0000000020000040 [ 36.001757] RBP: 00007ffc914fb510 R08: 0000000000000002 R09: 00007ffc914fb698 [ 36.009012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 36.016308] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 36.023577] [ 36.025184] The buggy address belongs to the page: [ 36.030113] page:ffffea00022a9c40 count:3 mapcount:0 mapping:ffff8880b1d8f4a8 index:0xa8 [ 36.038332] flags: 0xfff00000001054(referenced|dirty|active|private) [ 36.044906] raw: 00fff00000001054 ffff8880b1d8f4a8 00000000000000a8 00000003ffffffff [ 36.052772] raw: dead000000000100 dead000000000200 ffff88808dbc0000 ffff88823b3288c0 [ 36.060724] page dumped because: kasan: bad access detected [ 36.066505] page->mem_cgroup:ffff88823b3288c0 [ 36.070981] [ 36.072591] Memory state around the buggy address: [ 36.077515] ffff88808aa70f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.084867] ffff88808aa70f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.092219] >ffff88808aa71000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.099568] ^ [ 36.104222] ffff88808aa71080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.111567] ffff88808aa71100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.118924] ================================================================== [ 36.126264] Disabling lock debugging due to kernel taint [ 36.132064] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 36.132064] [ 36.140044] CPU: 0 PID: 7965 Comm: syz-executor428 Tainted: G B 4.14.306-syzkaller #0 [ 36.149139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 36.158491] Call Trace: [ 36.161076] dump_stack+0x1b2/0x281 [ 36.164687] panic+0x21d/0x451 [ 36.167964] ? add_taint.cold+0x16/0x16 [ 36.171922] ? ___preempt_schedule+0x16/0x18 [ 36.176404] ? preempt_schedule_common+0x45/0xc0 [ 36.181142] ? ___preempt_schedule+0x16/0x18 [ 36.185534] check_panic_on_warn.cold+0x19/0x35 [ 36.190186] kasan_end_report+0x3a/0x40 [ 36.194140] kasan_report_error.cold+0xa7/0x191 [ 36.198790] ? udf_write_fi+0x875/0xe80 [ 36.202847] kasan_report+0x6f/0x80 [ 36.206466] ? udf_write_fi+0x875/0xe80 [ 36.210436] memset+0x20/0x40 [ 36.213525] udf_write_fi+0x875/0xe80 [ 36.217403] udf_rename+0x3e5/0x11b0 [ 36.221102] ? udf_unlink+0x3c0/0x3c0 [ 36.224900] ? trace_hardirqs_on+0x10/0x10 [ 36.229122] ? d_splice_alias+0x426/0xb10 [ 36.233449] ? take_dentry_name_snapshot+0x9e/0x130 [ 36.238450] ? lock_acquire+0x170/0x3f0 [ 36.242408] ? lock_two_nondirectories+0xb2/0xf0 [ 36.247148] ? down_write_nested+0x36/0x90 [ 36.251388] vfs_rename+0x560/0x1820 [ 36.255090] ? path_openat+0x2970/0x2970 [ 36.259142] ? security_path_rename+0x13f/0x2a0 [ 36.263797] SyS_renameat2+0x95b/0xad0 [ 36.267674] ? SyS_link+0x30/0x30 [ 36.271109] ? vfs_write+0x319/0x4d0 [ 36.274809] ? SyS_write+0x14d/0x210 [ 36.278507] ? SyS_read+0x210/0x210 [ 36.282124] ? do_syscall_64+0x4c/0x640 [ 36.286175] ? SyS_renameat+0x30/0x30 [ 36.289959] do_syscall_64+0x1d5/0x640 [ 36.293842] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 36.299013] RIP: 0033:0x7ff2fe032219 [ 36.302707] RSP: 002b:00007ffc914fb4f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 36.310426] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007ff2fe032219 [ 36.317678] RDX: 0000000000000510 RSI: 0000000020000100 RDI: 0000000020000040 [ 36.325121] RBP: 00007ffc914fb510 R08: 0000000000000002 R09: 00007ffc914fb698 [ 36.332375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 36.339674] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 36.347185] Kernel Offset: disabled [ 36.350896] Rebooting in 86400 seconds..