Warning: Permanently added '10.128.10.34' (ED25519) to the list of known hosts. 2023/11/14 17:04:58 ignoring optional flag "sandboxArg"="0" 2023/11/14 17:04:59 parsed 1 programs [ 41.668115][ T3316] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS 2023/11/14 17:04:59 executed programs: 0 [ 41.817626][ T3324] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.819435][ T3324] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.821507][ T3324] device bridge_slave_0 entered promiscuous mode [ 41.823815][ T3324] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.826093][ T3324] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.828154][ T3324] device bridge_slave_1 entered promiscuous mode [ 41.991820][ T3324] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.993667][ T3324] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.995442][ T3324] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.997299][ T3324] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.163549][ T3078] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.166028][ T3078] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.168305][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 42.170325][ T3078] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 42.212977][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 42.215409][ T27] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.217323][ T27] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.219832][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 42.221965][ T27] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.223770][ T27] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.226499][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 42.228629][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 42.559746][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 42.605136][ T3324] device veth0_vlan entered promiscuous mode [ 42.608418][ T3324] device veth1_vlan entered promiscuous mode [ 42.614585][ T3324] device veth0_macvtap entered promiscuous mode [ 42.618372][ T2496] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 42.620654][ T2496] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 42.622678][ T2496] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 42.624664][ T2496] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 42.627248][ T2496] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 42.629475][ T2496] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 42.631687][ T2496] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 42.668549][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 42.671038][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.859261][ T3466] loop0: detected capacity change from 0 to 8192 [ 42.861930][ T3466] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 42.865177][ T3466] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 42.867661][ T3466] REISERFS (device loop0): using ordered data mode [ 42.869258][ T3466] reiserfs: using flush barriers [ 42.870766][ T3466] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 42.875006][ T3466] REISERFS (device loop0): checking transaction log (loop0) [ 42.891587][ T3466] REISERFS (device loop0): Using r5 hash to sort names [ 42.893532][ T3466] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 42.904179][ T3466] ================================================================== [ 42.906211][ T3466] BUG: KASAN: out-of-bounds in leaf_insert_into_buf+0x1f4/0x748 [ 42.908269][ T3466] Read of size 18446744073709551384 at addr ffff0000e0954000 by task syz-executor.0/3466 [ 42.910806][ T3466] [ 42.911435][ T3466] CPU: 0 PID: 3466 Comm: syz-executor.0 Not tainted 6.1.62-syzkaller #0 [ 42.913572][ T3466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 42.916172][ T3466] Call trace: [ 42.916995][ T3466] dump_backtrace+0x1c8/0x1f4 [ 42.918191][ T3466] show_stack+0x2c/0x3c [ 42.919266][ T3466] dump_stack_lvl+0xc0/0x104 [ 42.920510][ T3466] print_report+0x174/0x4c0 [ 42.921740][ T3466] kasan_report+0xcc/0x124 [ 42.922849][ T3466] kasan_check_range+0x264/0x2a4 [ 42.924159][ T3466] memmove+0x48/0x90 [ 42.925189][ T3466] leaf_insert_into_buf+0x1f4/0x748 [ 42.926457][ T3466] do_balance+0x4220/0xb510 [ 42.927668][ T3466] reiserfs_insert_item+0x908/0xa4c [ 42.928980][ T3466] indirect2direct+0x51c/0x88c [ 42.930199][ T3466] reiserfs_cut_from_item+0x840/0x1c50 [ 42.931636][ T3466] reiserfs_do_truncate+0x764/0x10a0 [ 42.933009][ T3466] reiserfs_truncate_file+0x510/0xb1c [ 42.934393][ T3466] reiserfs_write_end+0x640/0x800 [ 42.935721][ T3466] generic_perform_write+0x384/0x548 [ 42.937092][ T3466] __generic_file_write_iter+0x168/0x388 [ 42.938571][ T3466] generic_file_write_iter+0xb8/0x2b4 [ 42.939973][ T3466] vfs_write+0x610/0x914 [ 42.941119][ T3466] ksys_write+0x15c/0x26c [ 42.942276][ T3466] __arm64_sys_write+0x7c/0x90 [ 42.943563][ T3466] invoke_syscall+0x98/0x2c0 [ 42.944718][ T3466] el0_svc_common+0x134/0x24c [ 42.945919][ T3466] do_el0_svc+0x64/0x218 [ 42.946982][ T3466] el0_svc+0x34/0x100 [ 42.948032][ T3466] el0t_64_sync_handler+0x84/0xf0 [ 42.949352][ T3466] el0t_64_sync+0x18c/0x190 [ 42.950556][ T3466] [ 42.951151][ T3466] The buggy address belongs to the physical page: [ 42.952840][ T3466] page:00000000e22f0b78 refcount:1 mapcount:1 mapping:0000000000000000 index:0xffffa2978 pfn:0x120954 [ 42.955708][ T3466] memcg:ffff0000c7b2e000 [ 42.956762][ T3466] anon flags: 0x5ffc000000a0014(uptodate|lru|mappedtodisk|swapbacked|node=0|zone=2|lastcpupid=0x7ff) [ 42.959670][ T3466] raw: 05ffc000000a0014 fffffc00037fd308 fffffc0003825548 ffff0000dae5f991 [ 42.961990][ T3466] raw: 0000000ffffa2978 0000000000000000 0000000100000000 ffff0000c7b2e000 [ 42.964377][ T3466] page dumped because: kasan: bad access detected [ 42.966079][ T3466] [ 42.966635][ T3466] Memory state around the buggy address: [ 42.968103][ T3466] ffff0000e0953f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 42.970130][ T3466] ffff0000e0953f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 42.972202][ T3466] >ffff0000e0954000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 42.974233][ T3466] ^ [ 42.975262][ T3466] ffff0000e0954080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 42.977386][ T3466] ffff0000e0954100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 42.979498][ T3466] ================================================================== [ 42.981987][ T3466] Disabling lock debugging due to kernel taint [ 42.995491][ C0] Unable to handle kernel paging request at virtual address 002e0e4d000e8406 [ 42.995512][ C1] Unable to handle kernel paging request at virtual address dfff80000000002e [ 42.997843][ C0] Mem abort info: [ 42.997847][ C0] ESR = 0x0000000096000004 [ 42.999987][ C1] KASAN: null-ptr-deref in range [0x0000000000000170-0x0000000000000177] [ 43.000873][ C0] EC = 0x25: DABT (current EL), IL = 32 bits [ 43.002006][ C1] Mem abort info: [ 43.004134][ C0] SET = 0, FnV = 0 [ 43.005720][ C1] ESR = 0x0000000096000006 [ 43.006679][ C0] EA = 0, S1PTW = 0 [ 43.007675][ C1] EC = 0x25: DABT (current EL), IL = 32 bits [ 43.008776][ C0] FSC = 0x04: level 0 translation fault [ 43.009798][ C1] SET = 0, FnV = 0 [ 43.011343][ C0] Data abort info: [ 43.011347][ C0] ISV = 0, ISS = 0x00000004 [ 43.012812][ C1] EA = 0, S1PTW = 0 [ 43.013786][ C0] CM = 0, WnR = 0 [ 43.014739][ C1] FSC = 0x06: level 2 translation fault [ 43.015889][ C0] [002e0e4d000e8406] address between user and kernel address ranges [ 43.016916][ C1] Data abort info: [ 43.016920][ C1] ISV = 0, ISS = 0x00000006 [ 43.017889][ C0] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP [ 43.019402][ C1] CM = 0, WnR = 0 [ 43.021425][ C0] Modules linked in: [ 43.022351][ C1] [dfff80000000002e] address between user and kernel address ranges [ 43.023489][ C0] CPU: 0 PID: 3466 Comm: syz-executor.0 Tainted: G B 6.1.62-syzkaller #0 [ 43.031779][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 43.034350][ C0] pstate: 004000c5 (nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 43.036283][ C0] pc : rb_insert_color+0xb0/0x504 [ 43.037559][ C0] lr : timerqueue_add+0x1b8/0x1e0 [ 43.038818][ C0] sp : ffff800008007c70 [ 43.039896][ C0] x29: ffff800008007c80 x28: 1ffff00002fdef08 x27: dfff800000000000 [ 43.041960][ C0] x26: ffff0001b50e9790 x25: 0000000000000000 x24: ffff0001b50e9fd8 [ 43.044080][ C0] x23: 6974726800742031 x22: ffff800017ef7840 x21: ffff800010e26276 [ 43.046079][ C0] x20: ffff0001b50e9fd8 x19: 0d2e8e4d000e8406 x18: 1fffe00036a1cd77 [ 43.048076][ C0] x17: ffff8001a3caa000 x16: 0000000000010001 x15: 0000000000000000 [ 43.050066][ C0] x14: 0000000000010001 x13: f304f204f1f1f1f1 x12: 0000000000000002 [ 43.052096][ C0] x11: ff8080000ecba194 x10: 0000000000010001 x9 : ffff80000ecba194 [ 43.054163][ C0] x8 : 0000000000000000 x7 : 0000000000000000 x6 : ffff800009a5f61c [ 43.056224][ C0] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000010 [ 43.058274][ C0] x2 : 0000000000000000 x1 : ffff0001b50e9790 x0 : ffff0001b50e9fd8 [ 43.060264][ C0] Call trace: [ 43.061094][ C0] rb_insert_color+0xb0/0x504 [ 43.062256][ C0] timerqueue_add+0x1b8/0x1e0 [ 43.063425][ C0] __hrtimer_run_queues+0x39c/0x60c [ 43.064760][ C0] hrtimer_interrupt+0x2ac/0xb2c [ 43.066040][ C0] arch_timer_handler_virt+0x74/0x88 [ 43.067409][ C0] handle_percpu_devid_irq+0x168/0x2c8 [ 43.068771][ C0] generic_handle_domain_irq+0x7c/0xc4 [ 43.070182][ C0] gic_handle_irq+0x70/0x1ac [ 43.071336][ C0] call_on_irq_stack+0x24/0x4c [ 43.072560][ C0] do_interrupt_handler+0xd4/0x138 [ 43.073919][ C0] el1_interrupt+0x34/0x68 [ 43.074991][ C0] el1h_64_irq_handler+0x18/0x24 [ 43.076230][ C0] el1h_64_irq+0x64/0x68 [ 43.077341][ C0] __memcpy+0x1e0/0x230 [ 43.078389][ C0] leaf_insert_into_buf+0x2ac/0x748 [ 43.079742][ C0] do_balance+0x4220/0xb510 [ 43.080865][ C0] reiserfs_insert_item+0x908/0xa4c [ 43.082211][ C0] indirect2direct+0x51c/0x88c [ 43.083478][ C0] reiserfs_cut_from_item+0x840/0x1c50 [ 43.084893][ C0] reiserfs_do_truncate+0x764/0x10a0 [ 43.086235][ C0] reiserfs_truncate_file+0x510/0xb1c [ 43.087640][ C0] reiserfs_write_end+0x640/0x800 [ 43.088891][ C0] generic_perform_write+0x384/0x548 [ 43.090329][ C0] __generic_file_write_iter+0x168/0x388 [ 43.091820][ C0] generic_file_write_iter+0xb8/0x2b4 [ 43.093198][ C0] vfs_write+0x610/0x914 [ 43.094234][ C0] ksys_write+0x15c/0x26c [ 43.095327][ C0] __arm64_sys_write+0x7c/0x90 [ 43.096560][ C0] invoke_syscall+0x98/0x2c0 [ 43.097692][ C0] el0_svc_common+0x134/0x24c [ 43.098943][ C0] do_el0_svc+0x64/0x218 [ 43.099989][ C0] el0_svc+0x34/0x100 [ 43.100969][ C0] el0t_64_sync_handler+0x84/0xf0 [ 43.102240][ C0] el0t_64_sync+0x18c/0x190 [ 43.103405][ C0] Code: eb1602ff 540001c0 b40005b7 d343fef3 (387b6a68) [ 43.105132][ C0] ---[ end trace 0000000000000000 ]--- [ 43.310811][ C0] Kernel panic - not syncing: Oops: Fatal exception in interrupt [ 43.312795][ C0] SMP: stopping secondary CPUs [ 44.389690][ C0] SMP: failed to stop secondary CPUs 0-1 [ 44.391099][ C0] Kernel Offset: disabled [ 44.392217][ C0] CPU features: 0x00000,02070084,26017203 [ 44.393617][ C0] Memory Limit: none [ 44.597776][ C0] Rebooting in 86400 seconds..