Warning: Permanently added '10.128.1.245' (ED25519) to the list of known hosts. 2024/08/07 21:20:28 ignoring optional flag "sandboxArg"="0" 2024/08/07 21:20:28 parsed 1 programs 2024/08/07 21:20:30 executed programs: 0 [ 58.092678][ T1353] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 62.886035][ T1775] loop0: detected capacity change from 0 to 64 [ 62.893823][ T1775] hfs: unable to locate alternate MDB [ 62.899375][ T1775] hfs: continuing without an alternate MDB [ 62.911955][ T1775] ================================================================== [ 62.920022][ T1775] BUG: KASAN: slab-out-of-bounds in hfs_bnode_read_key+0x1c8/0x3d0 [ 62.927910][ T1775] Write of size 256 at addr ffff88810ea5fb00 by task syz-executor.0/1775 [ 62.936324][ T1775] [ 62.938629][ T1775] CPU: 0 PID: 1775 Comm: syz-executor.0 Not tainted 6.1.103-syzkaller #0 [ 62.947007][ T1775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 62.957066][ T1775] Call Trace: [ 62.960324][ T1775] [ 62.963233][ T1775] dump_stack_lvl+0xf4/0x251 [ 62.967800][ T1775] ? nf_tcp_handle_invalid+0x2f3/0x2f3 [ 62.973227][ T1775] ? panic+0x3fe/0x3fe [ 62.977262][ T1775] ? __virt_addr_valid+0x139/0x270 [ 62.982341][ T1775] ? __virt_addr_valid+0x221/0x270 [ 62.987419][ T1775] print_report+0x15f/0x4f0 [ 62.991893][ T1775] ? __virt_addr_valid+0x139/0x270 [ 62.997059][ T1775] ? __virt_addr_valid+0x221/0x270 [ 63.002132][ T1775] ? hfs_bnode_read_key+0x1c8/0x3d0 [ 63.007293][ T1775] kasan_report+0x136/0x160 [ 63.011764][ T1775] ? hfs_bnode_read_key+0x1c8/0x3d0 [ 63.016933][ T1775] kasan_check_range+0x27f/0x290 [ 63.021848][ T1775] ? hfs_bnode_read_key+0x1c8/0x3d0 [ 63.027116][ T1775] memcpy+0x3c/0x60 [ 63.030995][ T1775] hfs_bnode_read_key+0x1c8/0x3d0 [ 63.036005][ T1775] hfs_brec_insert+0x65a/0xc90 [ 63.040748][ T1775] ? do_raw_spin_unlock+0x137/0x8a0 [ 63.045917][ T1775] ? hfs_brec_keylen+0x2b0/0x2b0 [ 63.050825][ T1775] ? memset+0x1f/0x40 [ 63.054777][ T1775] ? hfs_cat_build_record+0x5b/0x7c0 [ 63.060028][ T1775] hfs_cat_create+0x52a/0x8b0 [ 63.064670][ T1775] ? hfs_cat_build_key+0x160/0x160 [ 63.069767][ T1775] ? _raw_spin_unlock+0x24/0x40 [ 63.074763][ T1775] ? hfs_new_inode+0x7f8/0xa50 [ 63.079497][ T1775] hfs_create+0x5b/0xb0 [ 63.083630][ T1775] ? hfs_lookup+0x2a0/0x2a0 [ 63.088100][ T1775] path_openat+0xf0c/0x27d0 [ 63.092572][ T1775] ? do_filp_open+0x430/0x430 [ 63.097244][ T1775] ? __virt_addr_valid+0x139/0x270 [ 63.102328][ T1775] do_filp_open+0x226/0x430 [ 63.106885][ T1775] ? vfs_tmpfile+0x410/0x410 [ 63.111447][ T1775] ? _raw_spin_unlock+0x24/0x40 [ 63.116260][ T1775] ? alloc_fd+0x3dc/0x470 [ 63.120558][ T1775] do_sys_openat2+0x10b/0x3f0 [ 63.125202][ T1775] ? rcu_is_watching+0x1b/0x90 [ 63.129931][ T1775] ? do_sys_open+0x1c0/0x1c0 [ 63.134487][ T1775] ? __rseq_handle_notify_resume+0x827/0xdf0 [ 63.140445][ T1775] __x64_sys_openat+0x209/0x250 [ 63.145275][ T1775] ? __ia32_sys_open+0x230/0x230 [ 63.150202][ T1775] ? switch_fpu_return+0xc9/0x130 [ 63.155201][ T1775] do_syscall_64+0x3b/0x80 [ 63.159594][ T1775] ? clear_bhb_loop+0x45/0xa0 [ 63.164240][ T1775] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 63.170108][ T1775] RIP: 0033:0x7f8f25e7cb29 [ 63.174494][ T1775] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 63.194090][ T1775] RSP: 002b:00007f8f26b540c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 63.202560][ T1775] RAX: ffffffffffffffda RBX: 00007f8f25f9bf80 RCX: 00007f8f25e7cb29 [ 63.210511][ T1775] RDX: 0000000000141842 RSI: 0000000020000380 RDI: ffffffffffffff9c [ 63.218461][ T1775] RBP: 00007f8f25ec847a R08: 0000000000000000 R09: 0000000000000000 [ 63.226409][ T1775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 63.234356][ T1775] R13: 0000000000000006 R14: 00007f8f25f9bf80 R15: 00007ffc2a46b538 [ 63.242303][ T1775] [ 63.245297][ T1775] [ 63.247678][ T1775] Allocated by task 1775: [ 63.251973][ T1775] kasan_set_track+0x4b/0x70 [ 63.256533][ T1775] __kasan_kmalloc+0x97/0xb0 [ 63.261090][ T1775] __kmalloc+0xa6/0x1c0 [ 63.265209][ T1775] hfs_find_init+0x86/0x1b0 [ 63.269678][ T1775] hfs_cat_create+0x165/0x8b0 [ 63.274327][ T1775] hfs_create+0x5b/0xb0 [ 63.278458][ T1775] path_openat+0xf0c/0x27d0 [ 63.282933][ T1775] do_filp_open+0x226/0x430 [ 63.287406][ T1775] do_sys_openat2+0x10b/0x3f0 [ 63.292057][ T1775] __x64_sys_openat+0x209/0x250 [ 63.296961][ T1775] do_syscall_64+0x3b/0x80 [ 63.301433][ T1775] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 63.307292][ T1775] [ 63.309585][ T1775] The buggy address belongs to the object at ffff88810ea5fb00 [ 63.309585][ T1775] which belongs to the cache kmalloc-96 of size 96 [ 63.323430][ T1775] The buggy address is located 0 bytes inside of [ 63.323430][ T1775] 96-byte region [ffff88810ea5fb00, ffff88810ea5fb60) [ 63.336412][ T1775] [ 63.338707][ T1775] The buggy address belongs to the physical page: [ 63.345100][ T1775] page:ffffea00043a97c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10ea5f [ 63.355391][ T1775] flags: 0x100000000000200(slab|node=0|zone=2) [ 63.361513][ T1775] raw: 0100000000000200 ffffea0005d5c700 dead000000000005 ffff888100041780 [ 63.370067][ T1775] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 63.378641][ T1775] page dumped because: kasan: bad access detected [ 63.385033][ T1775] page_owner tracks the page as allocated [ 63.390803][ T1775] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 1, tgid 1 (swapper/0), ts 2104107723, free_ts 0 [ 63.407346][ T1775] post_alloc_hook+0x286/0x2b0 [ 63.412078][ T1775] get_page_from_freelist+0x3994/0x3b70 [ 63.417597][ T1775] __alloc_pages+0x251/0x640 [ 63.422158][ T1775] alloc_page_interleave+0xf/0x120 [ 63.427236][ T1775] alloc_slab_page+0x6a/0x150 [ 63.431885][ T1775] new_slab+0x70/0x250 [ 63.436102][ T1775] ___slab_alloc+0x9df/0xe70 [ 63.440662][ T1775] __kmem_cache_alloc_node+0x195/0x250 [ 63.446089][ T1775] kmalloc_trace+0x26/0xc0 [ 63.450471][ T1775] acpi_ut_evaluate_object+0xf3/0x3e0 [ 63.455817][ T1775] acpi_ut_execute_power_methods+0x129/0x230 [ 63.461767][ T1775] acpi_get_object_info+0x573/0x1160 [ 63.467038][ T1775] acpi_init_device_object+0x5cb/0x2b50 [ 63.472547][ T1775] acpi_add_single_object+0x112/0x1a90 [ 63.477977][ T1775] acpi_bus_check_add+0x2fb/0x7c0 [ 63.482966][ T1775] acpi_ns_walk_namespace+0x182/0x350 [ 63.488320][ T1775] page_owner free stack trace missing [ 63.493673][ T1775] [ 63.495994][ T1775] Memory state around the buggy address: [ 63.501603][ T1775] ffff88810ea5fa00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 63.509770][ T1775] ffff88810ea5fa80: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 63.517805][ T1775] >ffff88810ea5fb00: 00 00 00 00 00 00 00 00 00 06 fc fc fc fc fc fc [ 63.525831][ T1775] ^ [ 63.532208][ T1775] ffff88810ea5fb80: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 63.540241][ T1775] ffff88810ea5fc00: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 63.548271][ T1775] ================================================================== [ 63.556658][ T1775] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 63.564069][ T1775] Kernel Offset: disabled [ 63.568459][ T1775] Rebooting in 86400 seconds..