Warning: Permanently added '10.128.0.210' (ED25519) to the list of known hosts. 2025/01/04 20:28:56 ignoring optional flag "sandboxArg"="0" 2025/01/04 20:28:57 parsed 1 programs [ 62.805465][ T2625] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k 2025/01/04 20:29:04 executed programs: 0 [ 71.591800][ T3519] loop3: detected capacity change from 0 to 131072 [ 71.600638][ T3519] F2FS-fs (loop3): inline encryption not supported [ 71.607235][ T3519] F2FS-fs (loop3): heap/no_heap options were deprecated [ 71.614283][ T3519] F2FS-fs (loop3): QUOTA feature is enabled, so ignore jquota_fmt [ 71.623265][ T3519] F2FS-fs (loop3): invalid crc value [ 71.631323][ T3519] F2FS-fs (loop3): Found nat_bits in checkpoint [ 71.651311][ T3519] F2FS-fs (loop3): Mounted with checkpoint version = 1b41e954 [ 71.660173][ T3519] ================================================================== [ 71.668288][ T3519] BUG: KASAN: slab-out-of-bounds in f2fs_getxattr+0x11e5/0x1350 [ 71.675915][ T3519] Read of size 4 at addr ffff88810c7c5fd8 by task syz.3.16/3519 [ 71.683516][ T3519] [ 71.685828][ T3519] CPU: 1 PID: 3519 Comm: syz.3.16 Not tainted 6.10.0-rc3-syzkaller #0 [ 71.693947][ T3519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 71.704071][ T3519] Call Trace: [ 71.707446][ T3519] [ 71.710429][ T3519] dump_stack_lvl+0x108/0x280 [ 71.715119][ T3519] ? __pfx_dump_stack_lvl+0x10/0x10 [ 71.720384][ T3519] ? __pfx__printk+0x10/0x10 [ 71.725034][ T3519] ? _printk+0xce/0x120 [ 71.729184][ T3519] ? __virt_addr_valid+0x141/0x260 [ 71.734273][ T3519] ? __virt_addr_valid+0x219/0x260 [ 71.739351][ T3519] print_report+0x169/0x550 [ 71.743825][ T3519] ? __virt_addr_valid+0x141/0x260 [ 71.748926][ T3519] ? __virt_addr_valid+0x219/0x260 [ 71.754008][ T3519] ? f2fs_getxattr+0x11e5/0x1350 [ 71.758915][ T3519] kasan_report+0x143/0x180 [ 71.763414][ T3519] ? f2fs_getxattr+0x11e5/0x1350 [ 71.768320][ T3519] f2fs_getxattr+0x11e5/0x1350 [ 71.773141][ T3519] __vfs_getxattr+0x300/0x350 [ 71.777794][ T3519] smk_fetch+0x98/0x100 [ 71.781931][ T3519] smack_d_instantiate+0x4f0/0x780 [ 71.787018][ T3519] ? __pfx_smack_d_instantiate+0x10/0x10 [ 71.792619][ T3519] security_d_instantiate+0x6f/0xb0 [ 71.797872][ T3519] d_splice_alias+0x5f/0x2a0 [ 71.802435][ T3519] f2fs_lookup+0x2f5/0x940 [ 71.806820][ T3519] ? __pfx_smack_inode_permission+0x10/0x10 [ 71.812683][ T3519] ? __pfx_f2fs_lookup+0x10/0x10 [ 71.817595][ T3519] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 71.823117][ T3519] ? security_inode_permission+0x50/0xc0 [ 71.828723][ T3519] ? __pfx_f2fs_lookup+0x10/0x10 [ 71.833629][ T3519] path_openat+0xd15/0x2810 [ 71.838127][ T3519] ? __pfx_path_openat+0x10/0x10 [ 71.843136][ T3519] do_filp_open+0x22b/0x440 [ 71.847609][ T3519] ? __pfx_do_filp_open+0x10/0x10 [ 71.852712][ T3519] ? _raw_spin_unlock+0x28/0x50 [ 71.857536][ T3519] ? alloc_fd+0x3dd/0x480 [ 71.861868][ T3519] do_sys_openat2+0xf6/0x180 [ 71.866432][ T3519] ? __pfx_do_sys_openat2+0x10/0x10 [ 71.871605][ T3519] __x64_sys_openat+0x20d/0x260 [ 71.876428][ T3519] ? __pfx___x64_sys_openat+0x10/0x10 [ 71.881774][ T3519] ? switch_fpu_return+0xce/0x140 [ 71.886771][ T3519] do_syscall_64+0x8d/0x170 [ 71.891247][ T3519] ? clear_bhb_loop+0x55/0xb0 [ 71.896020][ T3519] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.901901][ T3519] RIP: 0033:0x7f79e1585d29 [ 71.906289][ T3519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 71.926073][ T3519] RSP: 002b:00007f79e2447038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 71.934544][ T3519] RAX: ffffffffffffffda RBX: 00007f79e1775fa0 RCX: 00007f79e1585d29 [ 71.942499][ T3519] RDX: 0000000000101042 RSI: 0000000020000040 RDI: ffffffffffffff9c [ 71.950446][ T3519] RBP: 00007f79e1601b08 R08: 0000000000000000 R09: 0000000000000000 [ 71.958473][ T3519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 71.966504][ T3519] R13: 0000000000000000 R14: 00007f79e1775fa0 R15: 00007ffe7513fa68 [ 71.974627][ T3519] [ 71.977622][ T3519] [ 71.979922][ T3519] Allocated by task 3519: [ 71.984221][ T3519] kasan_save_track+0x3f/0x80 [ 71.988879][ T3519] __kasan_kmalloc+0x98/0xb0 [ 71.993449][ T3519] __kmalloc_noprof+0x1d5/0x440 [ 71.998374][ T3519] f2fs_getxattr+0xfd6/0x1350 [ 72.003022][ T3519] __vfs_getxattr+0x300/0x350 [ 72.007758][ T3519] smk_fetch+0x98/0x100 [ 72.011891][ T3519] smack_d_instantiate+0x4f0/0x780 [ 72.017066][ T3519] security_d_instantiate+0x6f/0xb0 [ 72.022235][ T3519] d_splice_alias+0x5f/0x2a0 [ 72.026796][ T3519] f2fs_lookup+0x2f5/0x940 [ 72.031180][ T3519] path_openat+0xd15/0x2810 [ 72.035654][ T3519] do_filp_open+0x22b/0x440 [ 72.040130][ T3519] do_sys_openat2+0xf6/0x180 [ 72.044690][ T3519] __x64_sys_openat+0x20d/0x260 [ 72.049685][ T3519] do_syscall_64+0x8d/0x170 [ 72.054159][ T3519] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.060038][ T3519] [ 72.062345][ T3519] The buggy address belongs to the object at ffff88810c7c5fc0 [ 72.062345][ T3519] which belongs to the cache kmalloc-16 of size 16 [ 72.076463][ T3519] The buggy address is located 12 bytes to the right of [ 72.076463][ T3519] allocated 12-byte region [ffff88810c7c5fc0, ffff88810c7c5fcc) [ 72.091205][ T3519] [ 72.093504][ T3519] The buggy address belongs to the physical page: [ 72.099894][ T3519] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10c7c5 [ 72.108751][ T3519] flags: 0x100000000000000(node=0|zone=2) [ 72.114469][ T3519] page_type: 0xffffefff(slab) [ 72.119205][ T3519] raw: 0100000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 72.127756][ T3519] raw: 0000000000000000 0000000080800080 00000001ffffefff 0000000000000000 [ 72.136315][ T3519] page dumped because: kasan: bad access detected [ 72.142705][ T3519] page_owner tracks the page as allocated [ 72.148522][ T3519] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 3814652191, free_ts 3712240958 [ 72.168300][ T3519] register_dummy_stack+0x85/0xe0 [ 72.173308][ T3519] init_page_owner+0x24/0x860 [ 72.177959][ T3519] page_ext_init+0x3cd/0x410 [ 72.182791][ T3519] mm_core_init+0x4c/0x60 [ 72.187093][ T3519] page last free pid 206 tgid 206 stack trace: [ 72.193216][ T3519] free_unref_page+0xb58/0xc90 [ 72.197951][ T3519] vfree+0x10e/0x210 [ 72.201818][ T3519] delayed_vfree_work+0x3c/0x70 [ 72.206670][ T3519] process_scheduled_works+0x8cf/0x1320 [ 72.212207][ T3519] worker_thread+0x869/0xca0 [ 72.216804][ T3519] kthread+0x268/0x2c0 [ 72.220844][ T3519] ret_from_fork+0x32/0x60 [ 72.225242][ T3519] ret_from_fork_asm+0x1a/0x30 [ 72.229978][ T3519] [ 72.232275][ T3519] Memory state around the buggy address: [ 72.237884][ T3519] ffff88810c7c5e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 72.245913][ T3519] ffff88810c7c5f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 72.254062][ T3519] >ffff88810c7c5f80: fa fb fc fc fa fb fc fc 00 04 fc fc 00 00 fc fc [ 72.262178][ T3519] ^ [ 72.269169][ T3519] ffff88810c7c6000: 00 01 fc fc 00 01 fc fc 00 02 fc fc 00 02 fc fc [ 72.277344][ T3519] ffff88810c7c6080: 00 02 fc fc 00 02 fc fc 00 00 fc fc 00 00 fc fc [ 72.285394][ T3519] ================================================================== [ 72.293619][ T3519] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 72.301146][ T3519] Kernel Offset: disabled [ 72.305492][ T3519] Rebooting in 86400 seconds..