Warning: Permanently added '10.128.0.88' (ED25519) to the list of known hosts. 2024/10/30 16:15:18 ignoring optional flag "sandboxArg"="0" 2024/10/30 16:15:18 ignoring optional flag "type"="gce" 2024/10/30 16:15:18 parsed 1 programs 2024/10/30 16:15:18 executed programs: 0 [ 66.262918][ T1500] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 72.079234][ T1917] loop0: detected capacity change from 0 to 8192 [ 72.087244][ T1917] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 72.100480][ T1917] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 72.109726][ T1917] REISERFS (device loop0): using ordered data mode [ 72.116238][ T1917] reiserfs: using flush barriers [ 72.122045][ T1917] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 72.138510][ T1917] REISERFS (device loop0): checking transaction log (loop0) [ 72.147119][ T1917] REISERFS (device loop0): Using r5 hash to sort names [ 72.154235][ T1917] ================================================================== [ 72.162300][ T1917] BUG: KASAN: use-after-free in strlen+0x54/0x60 [ 72.168637][ T1917] Read of size 1 at addr ffff88806b4537a3 by task syz-executor.0/1917 [ 72.176878][ T1917] [ 72.179197][ T1917] CPU: 1 PID: 1917 Comm: syz-executor.0 Not tainted 6.1.114-syzkaller #0 [ 72.187589][ T1917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 72.197633][ T1917] Call Trace: [ 72.200896][ T1917] [ 72.203819][ T1917] dump_stack_lvl+0xf4/0x251 [ 72.208395][ T1917] ? nf_tcp_handle_invalid+0x2f3/0x2f3 [ 72.213835][ T1917] ? panic+0x3fe/0x3fe [ 72.217888][ T1917] ? __virt_addr_valid+0x139/0x270 [ 72.222992][ T1917] ? __virt_addr_valid+0x221/0x270 [ 72.228085][ T1917] print_report+0x15f/0x4f0 [ 72.232658][ T1917] ? __virt_addr_valid+0x139/0x270 [ 72.237759][ T1917] ? __virt_addr_valid+0x221/0x270 [ 72.242874][ T1917] ? strlen+0x54/0x60 [ 72.246837][ T1917] kasan_report+0x136/0x160 [ 72.251321][ T1917] ? strlen+0x54/0x60 [ 72.255293][ T1917] strlen+0x54/0x60 [ 72.259082][ T1917] reiserfs_find_entry+0x8c4/0x1a30 [ 72.264296][ T1917] ? reiserfs_get_parent+0x270/0x270 [ 72.269570][ T1917] reiserfs_lookup+0x1ae/0x3d0 [ 72.274338][ T1917] ? reiserfs_find_entry+0x1a30/0x1a30 [ 72.279891][ T1917] ? lockdep_init_map_type+0x9d/0x700 [ 72.285244][ T1917] ? __init_waitqueue_head+0xaa/0x140 [ 72.290595][ T1917] __lookup_slow+0x1ff/0x2e0 [ 72.295192][ T1917] ? lookup_one_len+0x10e/0x230 [ 72.300024][ T1917] ? lookup_one_len+0x230/0x230 [ 72.304856][ T1917] ? d_lookup+0x16f/0x1d0 [ 72.309186][ T1917] ? inode_permission+0x151/0x320 [ 72.314481][ T1917] lookup_one_len+0x1f3/0x230 [ 72.319229][ T1917] ? lookup_one_common+0x340/0x340 [ 72.324322][ T1917] reiserfs_lookup_privroot+0x81/0x1d0 [ 72.329763][ T1917] reiserfs_fill_super+0x14e7/0x2070 [ 72.335047][ T1917] ? reiserfs_kill_sb+0x140/0x140 [ 72.340137][ T1917] ? snprintf+0xcc/0x110 [ 72.344358][ T1917] ? __up_read+0x360/0x360 [ 72.348753][ T1917] mount_bdev+0x26b/0x340 [ 72.353066][ T1917] ? reiserfs_kill_sb+0x140/0x140 [ 72.358068][ T1917] legacy_get_tree+0xe5/0x170 [ 72.362723][ T1917] ? remove_save_link+0x4e0/0x4e0 [ 72.367726][ T1917] vfs_get_tree+0x7a/0x170 [ 72.372121][ T1917] do_new_mount+0x21a/0x910 [ 72.376610][ T1917] ? do_move_mount_old+0x120/0x120 [ 72.381712][ T1917] __se_sys_mount+0x23e/0x2d0 [ 72.386371][ T1917] ? __x64_sys_mount+0xc0/0xc0 [ 72.391129][ T1917] ? fpregs_assert_state_consistent+0x43/0x50 [ 72.397283][ T1917] do_syscall_64+0x3b/0x80 [ 72.401683][ T1917] ? clear_bhb_loop+0x45/0xa0 [ 72.406340][ T1917] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 72.412224][ T1917] RIP: 0033:0x7f32ef47e22a [ 72.416628][ T1917] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 72.436317][ T1917] RSP: 002b:00007f32f0158ee8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 72.444740][ T1917] RAX: ffffffffffffffda RBX: 00007f32f0158f80 RCX: 00007f32ef47e22a [ 72.452726][ T1917] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 00007f32f0158f40 [ 72.460710][ T1917] RBP: 00000000200000c0 R08: 00007f32f0158f80 R09: 0000000000008001 [ 72.468671][ T1917] R10: 0000000000008001 R11: 0000000000000246 R12: 0000000020000040 [ 72.476628][ T1917] R13: 00007f32f0158f40 R14: 0000000000001122 R15: 0000000020000080 [ 72.484607][ T1917] [ 72.487617][ T1917] [ 72.490017][ T1917] The buggy address belongs to the physical page: [ 72.496421][ T1917] page:ffffea0001ad14c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6b453 [ 72.506550][ T1917] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 72.513773][ T1917] raw: 00fff00000000000 ffffea0001ad1288 ffff8880bad3e5a0 0000000000000000 [ 72.522336][ T1917] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 72.530898][ T1917] page dumped because: kasan: bad access detected [ 72.537300][ T1917] page_owner tracks the page as freed [ 72.542650][ T1917] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 1915, tgid 1915 (modprobe), ts 72034319925, free_ts 72036697168 [ 72.560086][ T1917] post_alloc_hook+0x286/0x2b0 [ 72.564836][ T1917] get_page_from_freelist+0x2fe5/0x3170 [ 72.570363][ T1917] __alloc_pages+0x251/0x640 [ 72.574958][ T1917] __folio_alloc+0xf/0x30 [ 72.579270][ T1917] vma_alloc_folio+0x484/0x9e0 [ 72.584015][ T1917] handle_mm_fault+0x1fa6/0x4290 [ 72.588942][ T1917] exc_page_fault+0x22a/0x5a0 [ 72.593720][ T1917] asm_exc_page_fault+0x22/0x30 [ 72.598553][ T1917] page last free stack trace: [ 72.603218][ T1917] free_unref_page_prepare+0xd6c/0xf00 [ 72.608831][ T1917] free_unref_page_list+0x54b/0x7e0 [ 72.614008][ T1917] release_pages+0x1e0a/0x1fe0 [ 72.618840][ T1917] tlb_flush_mmu+0xe5/0x1d0 [ 72.623425][ T1917] tlb_finish_mmu+0xb0/0x1b0 [ 72.628215][ T1917] exit_mmap+0x341/0x730 [ 72.632544][ T1917] __mmput+0x9b/0x2e0 [ 72.636514][ T1917] exit_mm+0x122/0x1b0 [ 72.640563][ T1917] do_exit+0x81e/0x23a0 [ 72.644702][ T1917] do_group_exit+0x1b5/0x280 [ 72.649295][ T1917] __x64_sys_exit_group+0x3b/0x40 [ 72.654297][ T1917] do_syscall_64+0x3b/0x80 [ 72.658695][ T1917] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 72.664579][ T1917] [ 72.666918][ T1917] Memory state around the buggy address: [ 72.672526][ T1917] ffff88806b453680: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 72.680566][ T1917] ffff88806b453700: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 72.688694][ T1917] >ffff88806b453780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 72.696736][ T1917] ^ [ 72.701823][ T1917] ffff88806b453800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 72.709864][ T1917] ffff88806b453880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 72.717923][ T1917] ================================================================== [ 72.729227][ T1917] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 72.736665][ T1917] Kernel Offset: disabled [ 72.740997][ T1917] Rebooting in 86400 seconds..