Warning: Permanently added '10.128.0.224' (ED25519) to the list of known hosts. 2023/10/11 00:24:12 ignoring optional flag "sandboxArg"="0" 2023/10/11 00:24:12 parsed 1 programs 2023/10/11 00:24:12 executed programs: 0 [ 47.286605][ T1590] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 50.174773][ T2014] loop0: detected capacity change from 0 to 8192 [ 50.183207][ T2014] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 50.192717][ T2014] REISERFS (device loop0): using ordered data mode [ 50.199311][ T2014] reiserfs: using flush barriers [ 50.205081][ T2014] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 50.222045][ T2014] REISERFS (device loop0): checking transaction log (loop0) [ 50.249220][ T2014] REISERFS (device loop0): Using r5 hash to sort names [ 50.256320][ T2014] REISERFS (device loop0): using 3.5.x disk format [ 50.263648][ T2014] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 50.285818][ T2014] ================================================================== [ 50.293895][ T2014] BUG: KASAN: out-of-bounds in leaf_paste_in_buffer+0x223/0x9b0 [ 50.301795][ T2014] Read of size 18446744073709551365 at addr ffff88806a8c3000 by task syz-executor.0/2014 [ 50.311749][ T2014] [ 50.314159][ T2014] CPU: 0 PID: 2014 Comm: syz-executor.0 Not tainted 5.15.135-syzkaller #0 [ 50.323156][ T2014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 50.333212][ T2014] Call Trace: [ 50.336479][ T2014] [ 50.339837][ T2014] dump_stack_lvl+0x41/0x5e [ 50.344328][ T2014] print_address_description.constprop.0.cold+0x6c/0x309 [ 50.351329][ T2014] ? leaf_paste_in_buffer+0x223/0x9b0 [ 50.356680][ T2014] ? leaf_paste_in_buffer+0x223/0x9b0 [ 50.362032][ T2014] kasan_report.cold+0x83/0xdf [ 50.366783][ T2014] ? leaf_paste_in_buffer+0x223/0x9b0 [ 50.372129][ T2014] kasan_check_range+0x13d/0x180 [ 50.377049][ T2014] memmove+0x20/0x60 [ 50.380954][ T2014] leaf_paste_in_buffer+0x223/0x9b0 [ 50.386843][ T2014] balance_leaf+0x1dbc/0xe180 [ 50.391516][ T2014] ? replace_key+0x300/0x300 [ 50.396171][ T2014] ? do_balance+0x2e0/0x6b0 [ 50.400683][ T2014] do_balance+0x2e0/0x6b0 [ 50.405079][ T2014] ? get_right_neighbor_position+0x170/0x170 [ 50.411048][ T2014] ? wait_for_completion+0x220/0x220 [ 50.416316][ T2014] ? unwind_next_frame+0xec8/0x1ce0 [ 50.421577][ T2014] reiserfs_paste_into_item+0x63c/0x7b0 [ 50.427109][ T2014] ? reiserfs_delete_object+0x1b0/0x1b0 [ 50.432719][ T2014] ? preempt_count_add+0x74/0xe0 [ 50.437728][ T2014] ? fs_reclaim_acquire+0xb2/0x160 [ 50.442817][ T2014] ? kasan_unpoison+0x40/0x60 [ 50.447479][ T2014] ? rcu_is_watching+0x11/0xa0 [ 50.452225][ T2014] reiserfs_get_block+0xe98/0x39b0 [ 50.457315][ T2014] ? reiserfs_commit_write+0x620/0x620 [ 50.462875][ T2014] ? lock_release+0xf/0x620 [ 50.467986][ T2014] ? get_obj_cgroup_from_current+0x199/0x410 [ 50.474864][ T2014] ? __lock_acquire.constprop.0+0x478/0xb30 [ 50.482539][ T2014] ? rwlock_bug.part.0+0x90/0x90 [ 50.487882][ T2014] ? do_raw_spin_unlock+0x171/0x230 [ 50.493073][ T2014] __block_write_begin_int+0x2ef/0x1180 [ 50.498786][ T2014] ? reiserfs_commit_write+0x620/0x620 [ 50.504525][ T2014] ? reiserfs_allow_writes+0x90/0x90 [ 50.509891][ T2014] ? invalidate_bh_lrus_cpu+0x110/0x110 [ 50.515518][ T2014] ? __mutex_lock+0x216/0xec0 [ 50.520313][ T2014] reiserfs_write_begin+0x320/0x820 [ 50.525510][ T2014] generic_cont_expand_simple+0xea/0x120 [ 50.531137][ T2014] ? invalidate_bh_lrus+0x30/0x30 [ 50.536903][ T2014] ? setattr_prepare+0xe3/0xa40 [ 50.542022][ T2014] reiserfs_setattr+0x9b2/0xd20 [ 50.547688][ T2014] ? reiserfs_new_inode+0x1ee0/0x1ee0 [ 50.553522][ T2014] ? current_time+0x6e/0x1f0 [ 50.558100][ T2014] ? mode_strip_sgid+0x160/0x160 [ 50.563021][ T2014] ? do_truncate+0xdc/0x1a0 [ 50.567538][ T2014] notify_change+0x4b4/0xeb0 [ 50.572117][ T2014] ? down_write_killable+0x160/0x160 [ 50.577474][ T2014] ? do_truncate+0xee/0x1a0 [ 50.581957][ T2014] do_truncate+0xee/0x1a0 [ 50.586362][ T2014] ? file_open_root+0x1f0/0x1f0 [ 50.591571][ T2014] ? lock_acquire+0x132/0x270 [ 50.596364][ T2014] do_sys_ftruncate+0x452/0x590 [ 50.601327][ T2014] do_syscall_64+0x35/0x80 [ 50.605961][ T2014] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 50.611844][ T2014] RIP: 0033:0x7f01f0eeeae9 [ 50.616259][ T2014] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 50.636225][ T2014] RSP: 002b:00007f01f0a710c8 EFLAGS: 00000246 ORIG_RAX: 000000000000004d [ 50.644720][ T2014] RAX: ffffffffffffffda RBX: 00007f01f100df80 RCX: 00007f01f0eeeae9 [ 50.652770][ T2014] RDX: 0000000000000000 RSI: 0000000002007ffb RDI: 0000000000000005 [ 50.661510][ T2014] RBP: 00007f01f0f3a47a R08: 0000000000000000 R09: 0000000000000000 [ 50.669878][ T2014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 50.678064][ T2014] R13: 0000000000000006 R14: 00007f01f100df80 R15: 00007ffdbaec4878 [ 50.686422][ T2014] [ 50.689786][ T2014] [ 50.692093][ T2014] The buggy address belongs to the page: [ 50.697902][ T2014] page:ffffea0001aa30c0 refcount:1 mapcount:1 mapping:0000000000000000 index:0x558b43490 pfn:0x6a8c3 [ 50.708899][ T2014] memcg:ffff888008610000 [ 50.713264][ T2014] anon flags: 0xfff00000080014(uptodate|lru|swapbacked|node=0|zone=1|lastcpupid=0x7ff) [ 50.723214][ T2014] raw: 00fff00000080014 ffffea0001aa5888 ffffea0001aa3108 ffff88807bafbdd1 [ 50.731786][ T2014] raw: 0000000558b43490 0000000000000000 0000000100000000 ffff888008610000 [ 50.740724][ T2014] page dumped because: kasan: bad access detected [ 50.747405][ T2014] page_owner tracks the page as allocated [ 50.753222][ T2014] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100cca(GFP_HIGHUSER_MOVABLE), pid 2015, ts 50281027439, free_ts 5818717344 [ 50.770179][ T2014] get_page_from_freelist+0x1334/0x2dc0 [ 50.775904][ T2014] __alloc_pages+0x1b2/0x440 [ 50.780937][ T2014] alloc_pages_vma+0xe0/0x650 [ 50.785720][ T2014] wp_page_copy+0x18c/0x18a0 [ 50.790320][ T2014] __handle_mm_fault+0x15ac/0x3400 [ 50.795531][ T2014] handle_mm_fault+0x1c5/0x5b0 [ 50.800288][ T2014] do_user_addr_fault+0x298/0xcb0 [ 50.805301][ T2014] exc_page_fault+0x5a/0xb0 [ 50.810081][ T2014] asm_exc_page_fault+0x22/0x30 [ 50.814925][ T2014] page last free stack trace: [ 50.819983][ T2014] free_pcp_prepare+0x379/0x850 [ 50.824819][ T2014] free_unref_page+0x19/0x510 [ 50.829731][ T2014] free_contig_range+0x8b/0xb0 [ 50.834786][ T2014] destroy_args+0x7e/0x503 [ 50.839283][ T2014] debug_vm_pgtable+0x170d/0x178f [ 50.844301][ T2014] do_one_initcall+0xb4/0x320 [ 50.849054][ T2014] kernel_init_freeable+0x51e/0x580 [ 50.854441][ T2014] kernel_init+0x14/0x120 [ 50.859059][ T2014] ret_from_fork+0x1f/0x30 [ 50.863606][ T2014] [ 50.866086][ T2014] Memory state around the buggy address: [ 50.871882][ T2014] ffff88806a8c2f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 50.880294][ T2014] ffff88806a8c2f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 50.889157][ T2014] >ffff88806a8c3000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 50.897410][ T2014] ^ [ 50.901560][ T2014] ffff88806a8c3080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 50.909839][ T2014] ffff88806a8c3100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 50.918090][ T2014] ================================================================== [ 50.926398][ T2014] Disabling lock debugging due to kernel taint [ 50.933056][ T2014] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 50.940418][ T2014] Kernel Offset: disabled [ 50.944830][ T2014] Rebooting in 86400 seconds..