Warning: Permanently added '10.128.0.16' (ED25519) to the list of known hosts. 2024/03/11 02:04:50 ignoring optional flag "sandboxArg"="0" 2024/03/11 02:04:50 parsed 1 programs 2024/03/11 02:04:50 executed programs: 0 [ 51.951153][ T1580] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 56.683386][ T1997] loop0: detected capacity change from 0 to 8192 [ 56.691539][ T1997] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 56.704991][ T1997] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 56.714385][ T1997] REISERFS (device loop0): using ordered data mode [ 56.721151][ T1997] reiserfs: using flush barriers [ 56.726789][ T1997] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 56.743572][ T1997] REISERFS (device loop0): checking transaction log (loop0) [ 56.751768][ T1997] REISERFS (device loop0): Using r5 hash to sort names [ 56.758763][ T1997] ================================================================== [ 56.766808][ T1997] BUG: KASAN: use-after-free in strlen+0x54/0x60 [ 56.773377][ T1997] Read of size 1 at addr ffff88806a40b7a3 by task syz-executor.0/1997 [ 56.781500][ T1997] [ 56.783890][ T1997] CPU: 0 PID: 1997 Comm: syz-executor.0 Not tainted 6.1.81-syzkaller #0 [ 56.792186][ T1997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 56.802257][ T1997] Call Trace: [ 56.805524][ T1997] [ 56.808520][ T1997] dump_stack_lvl+0xf4/0x251 [ 56.813256][ T1997] ? nf_tcp_handle_invalid+0x2f3/0x2f3 [ 56.818685][ T1997] ? panic+0x3f7/0x3f7 [ 56.822724][ T1997] ? __virt_addr_valid+0x139/0x260 [ 56.827814][ T1997] ? __virt_addr_valid+0x211/0x260 [ 56.832915][ T1997] print_report+0x15f/0x4f0 [ 56.837393][ T1997] ? __virt_addr_valid+0x139/0x260 [ 56.842626][ T1997] ? __virt_addr_valid+0x211/0x260 [ 56.847996][ T1997] ? strlen+0x54/0x60 [ 56.851952][ T1997] kasan_report+0x136/0x160 [ 56.856440][ T1997] ? strlen+0x54/0x60 [ 56.860431][ T1997] strlen+0x54/0x60 [ 56.864222][ T1997] reiserfs_find_entry+0x8c4/0x1a30 [ 56.869403][ T1997] ? reiserfs_get_parent+0x270/0x270 [ 56.874855][ T1997] reiserfs_lookup+0x1ae/0x3d0 [ 56.879704][ T1997] ? reiserfs_find_entry+0x1a30/0x1a30 [ 56.885161][ T1997] ? lockdep_init_map_type+0x9d/0x700 [ 56.890541][ T1997] ? __init_waitqueue_head+0xaa/0x140 [ 56.895918][ T1997] __lookup_slow+0x1ff/0x2e0 [ 56.900629][ T1997] ? lookup_one_len+0x10e/0x230 [ 56.905463][ T1997] ? lookup_one_len+0x230/0x230 [ 56.910366][ T1997] ? d_lookup+0x16f/0x1d0 [ 56.914714][ T1997] ? inode_permission+0x151/0x320 [ 56.919838][ T1997] lookup_one_len+0x1f3/0x230 [ 56.924583][ T1997] ? lookup_one_common+0x330/0x330 [ 56.929773][ T1997] reiserfs_lookup_privroot+0x81/0x1d0 [ 56.935296][ T1997] reiserfs_fill_super+0x14e7/0x2070 [ 56.940660][ T1997] ? reiserfs_kill_sb+0x140/0x140 [ 56.945754][ T1997] ? __down_write_common+0x12a/0x1e0 [ 56.951043][ T1997] ? snprintf+0xcc/0x110 [ 56.955266][ T1997] ? __up_read+0x360/0x360 [ 56.959780][ T1997] mount_bdev+0x26b/0x340 [ 56.964351][ T1997] ? reiserfs_kill_sb+0x140/0x140 [ 56.969524][ T1997] legacy_get_tree+0xe5/0x170 [ 56.974272][ T1997] ? remove_save_link+0x4e0/0x4e0 [ 56.979274][ T1997] vfs_get_tree+0x7a/0x170 [ 56.983681][ T1997] do_new_mount+0x21a/0x910 [ 56.988199][ T1997] ? do_move_mount_old+0x120/0x120 [ 56.993466][ T1997] __se_sys_mount+0x23e/0x2d0 [ 56.998126][ T1997] ? __x64_sys_mount+0xc0/0xc0 [ 57.002890][ T1997] ? fpregs_assert_state_consistent+0x43/0x50 [ 57.008954][ T1997] do_syscall_64+0x3d/0x80 [ 57.013440][ T1997] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 57.019414][ T1997] RIP: 0033:0x7f1e8787e22a [ 57.023822][ T1997] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 57.043533][ T1997] RSP: 002b:00007f1e88556ee8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 57.052127][ T1997] RAX: ffffffffffffffda RBX: 00007f1e88556f80 RCX: 00007f1e8787e22a [ 57.060165][ T1997] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 00007f1e88556f40 [ 57.068147][ T1997] RBP: 00000000200000c0 R08: 00007f1e88556f80 R09: 0000000000008001 [ 57.076129][ T1997] R10: 0000000000008001 R11: 0000000000000246 R12: 0000000020000040 [ 57.084166][ T1997] R13: 00007f1e88556f40 R14: 0000000000001122 R15: 0000000020000080 [ 57.092141][ T1997] [ 57.095315][ T1997] [ 57.097625][ T1997] The buggy address belongs to the physical page: [ 57.104015][ T1997] page:ffffea0001a902c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6a40b [ 57.114170][ T1997] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 57.121303][ T1997] raw: 00fff00000000000 ffffea0001a90308 ffff8880bac3e5e0 0000000000000000 [ 57.130212][ T1997] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 57.138791][ T1997] page dumped because: kasan: bad access detected [ 57.145301][ T1997] page_owner tracks the page as freed [ 57.150676][ T1997] page last allocated via order 0, migratetype Movable, gfp_mask 0x8(__GFP_MOVABLE), pid 1, tgid 1 (swapper/0), ts 5026964821, free_ts 5998706431 [ 57.165519][ T1997] post_alloc_hook+0x286/0x2b0 [ 57.170268][ T1997] split_map_pages+0x22a/0x480 [ 57.175119][ T1997] isolate_freepages_range+0x2a4/0x460 [ 57.180551][ T1997] alloc_contig_range+0x60a/0x930 [ 57.185560][ T1997] alloc_contig_pages+0x3ef/0x4f0 [ 57.190656][ T1997] debug_vm_pgtable_alloc_huge_page+0x7d/0xd7 [ 57.196805][ T1997] init_args+0x965/0xbb0 [ 57.201041][ T1997] debug_vm_pgtable+0xa5/0x5ad [ 57.205973][ T1997] do_one_initcall+0x19f/0x4c0 [ 57.210982][ T1997] do_initcall_level+0x11e/0x1cd [ 57.215988][ T1997] do_initcalls+0x46/0x74 [ 57.220309][ T1997] kernel_init_freeable+0x375/0x4e4 [ 57.225485][ T1997] kernel_init+0x14/0x190 [ 57.229803][ T1997] ret_from_fork+0x1f/0x30 [ 57.234226][ T1997] page last free stack trace: [ 57.238878][ T1997] free_unref_page_prepare+0xd4b/0xee0 [ 57.244510][ T1997] free_unref_page+0x33/0x390 [ 57.249528][ T1997] free_contig_range+0x8d/0x130 [ 57.254469][ T1997] destroy_args+0xde/0x79f [ 57.258909][ T1997] debug_vm_pgtable+0x373/0x5ad [ 57.263744][ T1997] do_one_initcall+0x19f/0x4c0 [ 57.268494][ T1997] do_initcall_level+0x11e/0x1cd [ 57.273405][ T1997] do_initcalls+0x46/0x74 [ 57.277702][ T1997] kernel_init_freeable+0x375/0x4e4 [ 57.282892][ T1997] kernel_init+0x14/0x190 [ 57.287235][ T1997] ret_from_fork+0x1f/0x30 [ 57.291979][ T1997] [ 57.294287][ T1997] Memory state around the buggy address: [ 57.299897][ T1997] ffff88806a40b680: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 57.308335][ T1997] ffff88806a40b700: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 57.317118][ T1997] >ffff88806a40b780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 57.327904][ T1997] ^ [ 57.333094][ T1997] ffff88806a40b800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 57.341588][ T1997] ffff88806a40b880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 57.349639][ T1997] ================================================================== [ 57.358856][ T1997] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 57.366606][ T1997] Kernel Offset: disabled [ 57.370917][ T1997] Rebooting in 86400 seconds..