Warning: Permanently added '10.128.1.111' (ED25519) to the list of known hosts. 2024/01/14 02:37:08 ignoring optional flag "sandboxArg"="0" 2024/01/14 02:37:09 parsed 1 programs 2024/01/14 02:37:09 executed programs: 0 [ 43.558710][ T1591] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 45.837719][ T2016] loop0: detected capacity change from 0 to 8192 [ 45.846085][ T2016] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 45.857142][ T2016] REISERFS (device loop0): using ordered data mode [ 45.863966][ T2016] reiserfs: using flush barriers [ 45.869759][ T2016] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 45.887325][ T2016] REISERFS (device loop0): checking transaction log (loop0) [ 45.908799][ T2016] REISERFS (device loop0): Using r5 hash to sort names [ 45.916161][ T2016] REISERFS (device loop0): using 3.5.x disk format [ 45.923468][ T2016] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 45.936385][ T2016] ================================================================== [ 45.944559][ T2016] BUG: KASAN: out-of-bounds in leaf_paste_in_buffer+0x223/0x9b0 [ 45.952189][ T2016] Read of size 18446744073709551365 at addr ffff88806a36a000 by task syz-executor.0/2016 [ 45.962220][ T2016] [ 45.964565][ T2016] CPU: 1 PID: 2016 Comm: syz-executor.0 Not tainted 5.15.146-syzkaller #0 [ 45.973321][ T2016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 45.984118][ T2016] Call Trace: [ 45.987659][ T2016] [ 45.990807][ T2016] dump_stack_lvl+0x41/0x5e [ 45.995584][ T2016] print_address_description.constprop.0.cold+0x6c/0x309 [ 46.002983][ T2016] ? leaf_paste_in_buffer+0x223/0x9b0 [ 46.008450][ T2016] ? leaf_paste_in_buffer+0x223/0x9b0 [ 46.013951][ T2016] kasan_report.cold+0x83/0xdf [ 46.018851][ T2016] ? leaf_paste_in_buffer+0x223/0x9b0 [ 46.024774][ T2016] kasan_check_range+0x13d/0x180 [ 46.030298][ T2016] memmove+0x20/0x60 [ 46.035059][ T2016] leaf_paste_in_buffer+0x223/0x9b0 [ 46.040502][ T2016] balance_leaf+0x1dbc/0xe180 [ 46.047817][ T2016] ? replace_key+0x300/0x300 [ 46.052590][ T2016] ? do_balance+0x2e0/0x6b0 [ 46.057799][ T2016] do_balance+0x2e0/0x6b0 [ 46.062386][ T2016] ? get_right_neighbor_position+0x170/0x170 [ 46.068704][ T2016] ? wait_for_completion+0x220/0x220 [ 46.074155][ T2016] reiserfs_paste_into_item+0x63c/0x7b0 [ 46.080151][ T2016] ? reiserfs_delete_object+0x1b0/0x1b0 [ 46.085679][ T2016] ? free_unref_page+0x2ad/0x4b0 [ 46.090949][ T2016] ? fs_reclaim_acquire+0xb2/0x160 [ 46.096514][ T2016] ? kasan_unpoison+0x40/0x60 [ 46.101352][ T2016] reiserfs_get_block+0xe98/0x39b0 [ 46.106730][ T2016] ? reiserfs_commit_write+0x620/0x620 [ 46.112245][ T2016] ? lock_downgrade+0x40f/0x4f0 [ 46.118220][ T2016] ? get_obj_cgroup_from_current+0x199/0x410 [ 46.124496][ T2016] ? __lock_acquire.constprop.0+0x478/0xb30 [ 46.130967][ T2016] ? rwlock_bug.part.0+0x90/0x90 [ 46.136117][ T2016] ? do_raw_spin_unlock+0x171/0x230 [ 46.141826][ T2016] __block_write_begin_int+0x2ef/0x1180 [ 46.147625][ T2016] ? reiserfs_commit_write+0x620/0x620 [ 46.153149][ T2016] ? reiserfs_allow_writes+0x90/0x90 [ 46.158879][ T2016] ? invalidate_bh_lrus_cpu+0xe0/0xe0 [ 46.164500][ T2016] ? __mutex_lock+0x1d4/0xea0 [ 46.169538][ T2016] reiserfs_write_begin+0x320/0x820 [ 46.175000][ T2016] generic_cont_expand_simple+0xea/0x120 [ 46.180851][ T2016] ? invalidate_bh_lrus+0x30/0x30 [ 46.186105][ T2016] ? setattr_prepare+0xe3/0xa40 [ 46.191330][ T2016] reiserfs_setattr+0x9b2/0xd20 [ 46.196258][ T2016] ? reiserfs_new_inode+0x1ee0/0x1ee0 [ 46.201717][ T2016] ? current_time+0x6e/0x1f0 [ 46.206373][ T2016] ? mode_strip_sgid+0x160/0x160 [ 46.211385][ T2016] ? do_truncate+0xdc/0x1a0 [ 46.216114][ T2016] notify_change+0x4b4/0xeb0 [ 46.220955][ T2016] ? down_write_killable+0x160/0x160 [ 46.226675][ T2016] ? do_truncate+0xee/0x1a0 [ 46.231240][ T2016] do_truncate+0xee/0x1a0 [ 46.236064][ T2016] ? file_open_root+0x1f0/0x1f0 [ 46.240915][ T2016] ? lock_acquire+0x11a/0x250 [ 46.245564][ T2016] do_sys_ftruncate+0x423/0x550 [ 46.250408][ T2016] do_syscall_64+0x35/0x80 [ 46.255086][ T2016] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 46.261220][ T2016] RIP: 0033:0x7f3a28d92ae9 [ 46.265713][ T2016] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 46.286530][ T2016] RSP: 002b:00007f3a289150c8 EFLAGS: 00000246 ORIG_RAX: 000000000000004d [ 46.295405][ T2016] RAX: ffffffffffffffda RBX: 00007f3a28eb1f80 RCX: 00007f3a28d92ae9 [ 46.303553][ T2016] RDX: 0000000000000000 RSI: 0000000002007ffb RDI: 0000000000000005 [ 46.312103][ T2016] RBP: 00007f3a28dde47a R08: 0000000000000000 R09: 0000000000000000 [ 46.320327][ T2016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 46.328537][ T2016] R13: 0000000000000006 R14: 00007f3a28eb1f80 R15: 00007ffcda2c49b8 [ 46.336933][ T2016] [ 46.340455][ T2016] [ 46.343027][ T2016] The buggy address belongs to the page: [ 46.348923][ T2016] page:ffffea0001a8da80 refcount:1 mapcount:1 mapping:0000000000000000 index:0x55ea6d66e pfn:0x6a36a [ 46.359733][ T2016] memcg:ffff888008618000 [ 46.363951][ T2016] anon flags: 0xfff00000080014(uptodate|lru|swapbacked|node=0|zone=1|lastcpupid=0x7ff) [ 46.375087][ T2016] raw: 00fff00000080014 ffffea0001a85d88 ffffea0001a8dac8 ffff88807d2d4771 [ 46.383739][ T2016] raw: 000000055ea6d66e 0000000000000000 0000000100000000 ffff888008618000 [ 46.392348][ T2016] page dumped because: kasan: bad access detected [ 46.399575][ T2016] page_owner tracks the page as allocated [ 46.405268][ T2016] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100cca(GFP_HIGHUSER_MOVABLE), pid 930, ts 45933859902, free_ts 6140845977 [ 46.419818][ T2016] get_page_from_freelist+0x12d1/0x2d40 [ 46.425903][ T2016] __alloc_pages+0x1b2/0x440 [ 46.431026][ T2016] alloc_pages_vma+0xe0/0x650 [ 46.435826][ T2016] wp_page_copy+0x18c/0x1890 [ 46.441251][ T2016] __handle_mm_fault+0x15ac/0x33c0 [ 46.446447][ T2016] handle_mm_fault+0x1c5/0x5b0 [ 46.451278][ T2016] do_user_addr_fault+0x298/0xcb0 [ 46.456375][ T2016] exc_page_fault+0x5a/0xb0 [ 46.460893][ T2016] asm_exc_page_fault+0x22/0x30 [ 46.465739][ T2016] page last free stack trace: [ 46.470651][ T2016] free_pcp_prepare+0x379/0x850 [ 46.475913][ T2016] free_unref_page+0x19/0x4b0 [ 46.480669][ T2016] free_contig_range+0x8b/0xb0 [ 46.485498][ T2016] destroy_args+0x7e/0x503 [ 46.489999][ T2016] debug_vm_pgtable+0x170d/0x178f [ 46.495116][ T2016] do_one_initcall+0xb4/0x320 [ 46.499793][ T2016] kernel_init_freeable+0x51e/0x580 [ 46.505092][ T2016] kernel_init+0x14/0x120 [ 46.509487][ T2016] ret_from_fork+0x1f/0x30 [ 46.514079][ T2016] [ 46.516549][ T2016] Memory state around the buggy address: [ 46.522675][ T2016] ffff88806a369f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.531372][ T2016] ffff88806a369f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.539535][ T2016] >ffff88806a36a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.548215][ T2016] ^ [ 46.552348][ T2016] ffff88806a36a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.560757][ T2016] ffff88806a36a100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.568954][ T2016] ================================================================== [ 46.577090][ T2016] Disabling lock debugging due to kernel taint [ 46.583569][ T2016] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 46.591015][ T2016] Kernel Offset: disabled [ 46.595679][ T2016] Rebooting in 86400 seconds..