Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.48' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 34.251483] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 34.260091] REISERFS (device loop0): using ordered data mode [ 34.267723] reiserfs: using flush barriers [ 34.274415] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 34.290496] REISERFS (device loop0): checking transaction log (loop0) [ 34.344620] REISERFS (device loop0): Using r5 hash to sort names [ 34.353631] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 34.370865] ================================================================== [ 34.378586] BUG: KASAN: out-of-bounds in strlen+0x79/0x90 [ 34.384416] Read of size 1 at addr ffff88808af3e9cc by task syz-executor304/8104 [ 34.392030] [ 34.393643] CPU: 0 PID: 8104 Comm: syz-executor304 Not tainted 4.19.211-syzkaller #0 [ 34.401499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 34.411017] Call Trace: [ 34.413587] dump_stack+0x1fc/0x2ef [ 34.417298] print_address_description.cold+0x54/0x219 [ 34.422566] kasan_report_error.cold+0x8a/0x1b9 [ 34.427216] ? strlen+0x79/0x90 [ 34.430489] __asan_report_load1_noabort+0x88/0x90 [ 34.435486] ? is_bpf_text_address+0x60/0x1b0 [ 34.439968] ? strlen+0x79/0x90 [ 34.443230] strlen+0x79/0x90 [ 34.446316] search_by_entry_key+0x91e/0xf30 [ 34.450793] reiserfs_readdir_inode+0x24b/0x13a0 [ 34.455534] ? reiserfs_dir_fsync+0x140/0x140 [ 34.460012] ? putname+0x23/0x120 [ 34.463442] ? do_syscall_64+0xf9/0x620 [ 34.467398] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 34.472743] ? debug_check_no_obj_freed+0x201/0x490 [ 34.477745] ? lock_acquire+0x170/0x3c0 [ 34.481718] ? iterate_dir+0xd2/0x5c0 [ 34.485564] iterate_dir+0x473/0x5c0 [ 34.489264] ksys_getdents64+0x175/0x2b0 [ 34.493308] ? __ia32_sys_getdents+0xa0/0xa0 [ 34.497695] ? do_sys_open+0x2bf/0x520 [ 34.501655] ? filldir+0x400/0x400 [ 34.505181] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 34.510542] ? trace_hardirqs_off_caller+0x6e/0x210 [ 34.515550] __x64_sys_getdents64+0x6f/0xb0 [ 34.519872] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 34.524437] do_syscall_64+0xf9/0x620 [ 34.528222] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 34.533488] RIP: 0033:0x7f75111a5799 [ 34.537183] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 34.556371] RSP: 002b:00007ffee85a7438 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 [ 34.564131] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f75111a5799 [ 34.571735] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 34.579085] RBP: 00007f7511165030 R08: 0000000000000000 R09: 0000000000000000 [ 34.586425] R10: 00000000000010e3 R11: 0000000000000246 R12: 00007f75111650c0 [ 34.593697] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 34.600956] [ 34.602645] The buggy address belongs to the page: [ 34.607573] page:ffffea00022bcf80 count:1 mapcount:1 mapping:ffff8880a33d9699 index:0x55ba5fd8a [ 34.616855] flags: 0xfff00000040068(uptodate|lru|active|swapbacked) [ 34.623255] raw: 00fff00000040068 ffffea00022bcf48 ffffea00022bcfc8 ffff8880a33d9699 [ 34.631822] raw: 000000055ba5fd8a 0000000000000000 0000000100000000 ffff8880b59f68c0 [ 34.639955] page dumped because: kasan: bad access detected [ 34.645646] page->mem_cgroup:ffff8880b59f68c0 [ 34.650114] [ 34.651725] Memory state around the buggy address: [ 34.656733] ffff88808af3e880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.664096] ffff88808af3e900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.671438] >ffff88808af3e980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.678775] ^ [ 34.684723] ffff88808af3ea00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.692070] ffff88808af3ea80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.699445] ================================================================== [ 34.707536] Disabling lock debugging due to kernel taint [ 34.721099] Kernel panic - not syncing: panic_on_warn set ... [ 34.721099] [ 34.728615] CPU: 0 PID: 8104 Comm: syz-executor304 Tainted: G B 4.19.211-syzkaller #0 [ 34.737873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 34.747207] Call Trace: [ 34.749793] dump_stack+0x1fc/0x2ef [ 34.753489] panic+0x26a/0x50e [ 34.756748] ? __warn_printk+0xf3/0xf3 [ 34.760612] ? preempt_schedule_common+0x45/0xc0 [ 34.765346] ? ___preempt_schedule+0x16/0x18 [ 34.769730] ? trace_hardirqs_on+0x55/0x210 [ 34.774051] kasan_end_report+0x43/0x49 [ 34.778003] kasan_report_error.cold+0xa7/0x1b9 [ 34.782673] ? strlen+0x79/0x90 [ 34.785933] __asan_report_load1_noabort+0x88/0x90 [ 34.790854] ? is_bpf_text_address+0x60/0x1b0 [ 34.795426] ? strlen+0x79/0x90 [ 34.798698] strlen+0x79/0x90 [ 34.801787] search_by_entry_key+0x91e/0xf30 [ 34.806278] reiserfs_readdir_inode+0x24b/0x13a0 [ 34.811027] ? reiserfs_dir_fsync+0x140/0x140 [ 34.815512] ? putname+0x23/0x120 [ 34.819123] ? do_syscall_64+0xf9/0x620 [ 34.823107] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 34.828470] ? debug_check_no_obj_freed+0x201/0x490 [ 34.833480] ? lock_acquire+0x170/0x3c0 [ 34.837647] ? iterate_dir+0xd2/0x5c0 [ 34.841427] iterate_dir+0x473/0x5c0 [ 34.845128] ksys_getdents64+0x175/0x2b0 [ 34.849173] ? __ia32_sys_getdents+0xa0/0xa0 [ 34.853558] ? do_sys_open+0x2bf/0x520 [ 34.857424] ? filldir+0x400/0x400 [ 34.860962] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 34.866411] ? trace_hardirqs_off_caller+0x6e/0x210 [ 34.871441] __x64_sys_getdents64+0x6f/0xb0 [ 34.875746] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 34.880314] do_syscall_64+0xf9/0x620 [ 34.884142] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 34.889326] RIP: 0033:0x7f75111a5799 [ 34.893045] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 34.912015] RSP: 002b:00007ffee85a7438 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 [ 34.919702] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f75111a5799 [ 34.927118] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 34.934548] RBP: 00007f7511165030 R08: 0000000000000000 R09: 0000000000000000 [ 34.941805] R10: 00000000000010e3 R11: 0000000000000246 R12: 00007f75111650c0 [ 34.949061] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 34.956525] Kernel Offset: disabled [ 34.960135] Rebooting in 86400 seconds..