Warning: Permanently added '10.128.1.184' (ED25519) to the list of known hosts. 2024/11/30 10:13:47 ignoring optional flag "sandboxArg"="0" 2024/11/30 10:13:47 parsed 1 programs [ 60.705814] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 61.128173] IPVS: ftp: loaded support on port[0] = 21 [ 61.165106] IPVS: ftp: loaded support on port[0] = 21 [ 61.206692] IPVS: ftp: loaded support on port[0] = 21 [ 61.296580] IPVS: ftp: loaded support on port[0] = 21 [ 61.319370] IPVS: ftp: loaded support on port[0] = 21 [ 61.366574] IPVS: ftp: loaded support on port[0] = 21 [ 61.407055] IPVS: ftp: loaded support on port[0] = 21 [ 61.440797] IPVS: ftp: loaded support on port[0] = 21 [ 61.483262] IPVS: ftp: loaded support on port[0] = 21 2024/11/30 10:13:52 executed programs: 0 [ 63.433953] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 63.452009] ocfs2: Unmounting device (7,3) on (node local) [ 63.613325] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 63.629062] ocfs2: Unmounting device (7,3) on (node local) [ 63.773267] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 63.788918] ocfs2: Unmounting device (7,3) on (node local) [ 63.954136] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 63.968766] ================================================================== [ 63.976139] BUG: KASAN: slab-out-of-bounds in ocfs2_find_entry+0x13b2/0x1540 [ 63.983303] Read of size 1 at addr ffff8800a9f3c8cb by task syz.3.18/3861 [ 63.990241] [ 63.991855] CPU: 0 PID: 3861 Comm: syz.3.18 Not tainted 4.19.0-syzkaller #0 [ 63.998946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 64.008543] Call Trace: [ 64.011134] dump_stack+0x10c/0x17a [ 64.014826] print_address_description.cold.6+0x9/0x244 [ 64.020169] kasan_report.cold.7+0x242/0x305 [ 64.024578] ? ocfs2_find_entry+0x13b2/0x1540 [ 64.029071] __asan_report_load1_noabort+0x14/0x20 [ 64.033979] ocfs2_find_entry+0x13b2/0x1540 [ 64.038271] ? __lock_acquire.isra.10+0x116/0x1870 [ 64.043179] ? ocfs2_inode_lock_full_nested+0x447/0x1ba0 [ 64.048605] ? ocfs2_free_dir_lookup_result+0xe0/0xe0 [ 64.053773] ? kasan_check_write+0x14/0x20 [ 64.057975] ? __lock_acquire.isra.10+0x116/0x1870 [ 64.062875] ? ocfs2_inode_lock_full_nested+0x447/0x1ba0 [ 64.068304] ? lock_downgrade+0x590/0x590 [ 64.072433] ? lock_acquire+0x18b/0x340 [ 64.076386] ? do_raw_spin_unlock+0x172/0x260 [ 64.080854] ? _raw_spin_unlock+0x2c/0x50 [ 64.084973] ocfs2_find_files_on_disk+0x54/0x2e0 [ 64.089793] ocfs2_lookup_ino_from_name+0x83/0xc0 [ 64.094609] ? ocfs2_find_files_on_disk+0x2e0/0x2e0 [ 64.099599] ? memset+0x31/0x40 [ 64.102855] ocfs2_lookup+0x179/0x850 [ 64.106627] ? ocfs2_remote_dentry_delete+0x110/0x110 [ 64.111791] ? security_inode_permission+0x79/0xc0 [ 64.116694] ? inode_permission+0xaf/0x390 [ 64.120905] ? ocfs2_remote_dentry_delete+0x110/0x110 [ 64.126062] lookup_open+0x5c5/0x1d20 [ 64.129837] ? may_open.isra.25+0x270/0x270 [ 64.134142] path_openat+0xe56/0x2910 [ 64.137916] ? kasan_kmalloc.part.1+0xc9/0xf0 [ 64.142380] ? kasan_kmalloc+0x61/0xc0 [ 64.146281] ? path_mountpoint+0x890/0x890 [ 64.150516] ? exit_robust_list+0x140/0x140 [ 64.154812] ? kasan_check_write+0x14/0x20 [ 64.159040] ? __lock_acquire.isra.10+0x116/0x1870 [ 64.163941] ? kasan_check_write+0x14/0x20 [ 64.168156] ? __lock_acquire.isra.10+0x116/0x1870 [ 64.173063] ? kasan_check_write+0x14/0x20 [ 64.177271] ? __lock_acquire.isra.10+0x116/0x1870 [ 64.182207] ? __lock_acquire.isra.10+0x116/0x1870 [ 64.187211] do_filp_open+0x177/0x250 [ 64.190996] ? __alloc_fd+0x168/0x3c0 [ 64.194770] ? may_open_dev+0xc0/0xc0 [ 64.198560] ? lock_acquire+0x18b/0x340 [ 64.202516] ? _raw_spin_unlock+0x2c/0x50 [ 64.206723] ? __alloc_fd+0x168/0x3c0 [ 64.210504] ? kmem_cache_alloc+0x1ce/0x230 [ 64.214804] do_sys_open+0x1dc/0x350 [ 64.218499] ? syscall_slow_exit_work+0x460/0x460 [ 64.223312] ? filp_open+0x50/0x50 [ 64.226825] __x64_sys_open+0x79/0xb0 [ 64.230595] do_syscall_64+0xd0/0x340 [ 64.234372] ? prepare_exit_to_usermode+0xec/0x130 [ 64.239277] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 64.244447] RIP: 0033:0x7fa4ecc82849 [ 64.248266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 64.267156] RSP: 002b:00007fa4ec701058 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 64.274852] RAX: ffffffffffffffda RBX: 00007fa4ece47fa0 RCX: 00007fa4ecc82849 [ 64.282103] RDX: 0000000000000000 RSI: 0000000400141042 RDI: 0000000020000080 [ 64.289351] RBP: 00007fa4eccf5986 R08: 0000000000000000 R09: 0000000000000000 [ 64.296592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 64.303833] R13: 0000000000000000 R14: 00007fa4ece47fa0 R15: 00007ffd03102478 [ 64.311090] [ 64.312703] Allocated by task 3770: [ 64.316341] kasan_kmalloc.part.1+0x62/0xf0 [ 64.320637] kasan_kmalloc+0xaf/0xc0 [ 64.324336] kasan_slab_alloc+0x11/0x20 [ 64.328279] kmem_cache_alloc+0xdc/0x230 [ 64.332316] vm_area_dup+0x1b/0x150 [ 64.335920] __split_vma+0x8e/0x4b0 [ 64.339515] do_munmap+0x1fa/0xd60 [ 64.343025] mmap_region+0x1a4/0x13c0 [ 64.346794] do_mmap+0x673/0xe90 [ 64.350139] vm_mmap_pgoff+0x17f/0x1e0 [ 64.354006] ksys_mmap_pgoff+0x250/0x5a0 [ 64.358067] __x64_sys_mmap+0xe9/0x1b0 [ 64.361955] do_syscall_64+0xd0/0x340 [ 64.365735] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 64.371000] [ 64.372607] Freed by task 3770: [ 64.376293] __kasan_slab_free+0x167/0x240 [ 64.380506] kasan_slab_free+0xe/0x10 [ 64.384282] kmem_cache_free+0xc7/0x290 [ 64.388377] vm_area_free+0x13/0x20 [ 64.392499] remove_vma+0xf5/0x130 [ 64.396038] exit_mmap+0x2ce/0x450 [ 64.399579] mmput+0xc7/0x330 [ 64.402659] do_exit+0x8fd/0x2a80 [ 64.406088] do_group_exit+0xf1/0x2b0 [ 64.409857] __x64_sys_exit_group+0x39/0x40 [ 64.414180] do_syscall_64+0xd0/0x340 [ 64.417964] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 64.423123] [ 64.424731] The buggy address belongs to the object at ffff8800a9f3c800 [ 64.424731] which belongs to the cache vm_area_struct of size 192 [ 64.437625] The buggy address is located 11 bytes to the right of [ 64.437625] 192-byte region [ffff8800a9f3c800, ffff8800a9f3c8c0) [ 64.449908] The buggy address belongs to the page: [ 64.454824] page:ffffea0002a7cf00 count:1 mapcount:0 mapping:ffff88013bf5e800 index:0x0 [ 64.462947] flags: 0xfff00000000100(slab) [ 64.467070] raw: 00fff00000000100 dead000000000100 dead000000000200 ffff88013bf5e800 [ 64.474941] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 64.482802] page dumped because: kasan: bad access detected [ 64.488499] page allocated via order 0, migratetype Unmovable, gfp_mask 0x6212c0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY) [ 64.499676] get_page_from_freelist+0x2c68/0x41c0 [ 64.504499] __alloc_pages_nodemask+0x390/0x2380 [ 64.509232] alloc_pages_current+0xfd/0x290 [ 64.513525] new_slab+0x49d/0x7f0 [ 64.517064] ___slab_alloc+0x5b3/0x8e0 [ 64.520926] __slab_alloc.isra.22+0x6a/0xa0 [ 64.525223] kmem_cache_alloc+0x1ef/0x230 [ 64.529356] vm_area_alloc+0x1b/0xf0 [ 64.533061] mmap_region+0x761/0x13c0 [ 64.536838] do_mmap+0x673/0xe90 [ 64.540191] vm_mmap_pgoff+0x17f/0x1e0 [ 64.544049] ksys_mmap_pgoff+0x250/0x5a0 [ 64.548083] __x64_sys_mmap+0xe9/0x1b0 [ 64.551947] do_syscall_64+0xd0/0x340 [ 64.555730] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 64.560889] [ 64.562494] Memory state around the buggy address: [ 64.567396] ffff8800a9f3c780: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 64.574731] ffff8800a9f3c800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.582077] >ffff8800a9f3c880: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 64.589422] ^ [ 64.595132] ffff8800a9f3c900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.602461] ffff8800a9f3c980: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 64.609788] ================================================================== [ 64.617135] Disabling lock debugging due to kernel taint [ 64.624357] Kernel panic - not syncing: panic_on_warn set ... [ 64.624357] [ 64.631963] Kernel Offset: disabled [ 64.635570] Rebooting in 86400 seconds..