Warning: Permanently added '10.128.0.223' (ED25519) to the list of known hosts. 2024/05/18 03:34:18 ignoring optional flag "sandboxArg"="0" 2024/05/18 03:34:18 parsed 1 programs 2024/05/18 03:34:18 executed programs: 0 [ 55.307936][ T1994] loop0: detected capacity change from 0 to 8192 [ 55.316391][ T1994] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 55.329465][ T1994] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 55.339053][ T1994] REISERFS (device loop0): using ordered data mode [ 55.345752][ T1994] reiserfs: using flush barriers [ 55.351482][ T1994] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 55.368324][ T1994] REISERFS (device loop0): checking transaction log (loop0) [ 55.401204][ T1994] REISERFS (device loop0): Using r5 hash to sort names [ 55.465571][ T1997] loop0: detected capacity change from 0 to 8192 [ 55.473399][ T1997] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 55.487329][ T1997] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 55.496892][ T1997] REISERFS (device loop0): using ordered data mode [ 55.504127][ T1997] reiserfs: using flush barriers 2024/05/18 03:34:23 executed programs: 2 [ 55.510003][ T1997] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 55.526919][ T1997] REISERFS (device loop0): checking transaction log (loop0) [ 55.555848][ T1997] REISERFS (device loop0): Using r5 hash to sort names [ 55.618684][ T2000] loop0: detected capacity change from 0 to 8192 [ 55.626911][ T2000] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 55.640918][ T2000] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 55.650430][ T2000] REISERFS (device loop0): using ordered data mode [ 55.657106][ T2000] reiserfs: using flush barriers [ 55.662937][ T2000] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 55.679481][ T2000] REISERFS (device loop0): checking transaction log (loop0) [ 55.707071][ T2000] REISERFS (device loop0): Using r5 hash to sort names [ 55.714954][ T2000] ================================================================== [ 55.723123][ T2000] BUG: KASAN: out-of-bounds in reiserfs_readdir_inode+0x5a0/0x1490 [ 55.731203][ T2000] Read of size 8 at addr ffff88806aa10000 by task syz-executor.0/2000 [ 55.739518][ T2000] [ 55.741819][ T2000] CPU: 1 PID: 2000 Comm: syz-executor.0 Not tainted 6.1.91-syzkaller #0 [ 55.750113][ T2000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 55.760588][ T2000] Call Trace: [ 55.763937][ T2000] [ 55.766848][ T2000] dump_stack_lvl+0xf4/0x251 [ 55.771586][ T2000] ? nf_tcp_handle_invalid+0x2f3/0x2f3 [ 55.777103][ T2000] ? panic+0x3fe/0x3fe [ 55.781148][ T2000] ? __virt_addr_valid+0x139/0x260 [ 55.787273][ T2000] ? __virt_addr_valid+0x211/0x260 [ 55.792445][ T2000] print_report+0x15f/0x4f0 [ 55.796923][ T2000] ? __virt_addr_valid+0x139/0x260 [ 55.802005][ T2000] ? __virt_addr_valid+0x211/0x260 [ 55.807085][ T2000] ? reiserfs_readdir_inode+0x5a0/0x1490 [ 55.812687][ T2000] kasan_report+0x136/0x160 [ 55.817168][ T2000] ? reiserfs_readdir_inode+0x5a0/0x1490 [ 55.822795][ T2000] kasan_check_range+0x27f/0x290 [ 55.827815][ T2000] reiserfs_readdir_inode+0x5a0/0x1490 [ 55.833254][ T2000] ? reiserfs_dir_fsync+0xe0/0xe0 [ 55.838251][ T2000] ? __fdget_pos+0x204/0x2b0 [ 55.842902][ T2000] ? down_read_interruptible+0x1010/0x1010 [ 55.849549][ T2000] ? common_file_perm+0x130/0x1e0 [ 55.854559][ T2000] ? fsnotify_perm+0x29e/0x450 [ 55.859292][ T2000] ? reiserfs_sync_file+0x1f0/0x1f0 [ 55.864462][ T2000] iterate_dir+0x1fa/0x4f0 [ 55.868851][ T2000] __se_sys_getdents64+0x1af/0x3e0 [ 55.874070][ T2000] ? __x64_sys_getdents64+0x80/0x80 [ 55.879324][ T2000] ? filldir+0x570/0x570 [ 55.883545][ T2000] ? switch_fpu_return+0xc9/0x130 [ 55.888647][ T2000] do_syscall_64+0x3b/0x80 [ 55.893148][ T2000] ? clear_bhb_loop+0x45/0xa0 [ 55.898172][ T2000] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 55.904134][ T2000] RIP: 0033:0x7f089b27c959 [ 55.908523][ T2000] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 55.928448][ T2000] RSP: 002b:00007f089bfb90c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 [ 55.936836][ T2000] RAX: ffffffffffffffda RBX: 00007f089b39bf80 RCX: 00007f089b27c959 [ 55.944787][ T2000] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 55.952763][ T2000] RBP: 00007f089b2d8c88 R08: 0000000000000000 R09: 0000000000000000 [ 55.960707][ T2000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 55.968737][ T2000] R13: 0000000000000006 R14: 00007f089b39bf80 R15: 00007ffc853d73c8 [ 55.976682][ T2000] [ 55.979680][ T2000] [ 55.981984][ T2000] The buggy address belongs to the physical page: [ 55.988394][ T2000] page:ffffea0001aa8400 refcount:1 mapcount:1 mapping:0000000000000000 index:0x7fffffff6 pfn:0x6aa10 [ 55.999295][ T2000] memcg:ffff888140060000 [ 56.003518][ T2000] anon flags: 0xfff000000a0014(uptodate|lru|mappedtodisk|swapbacked|node=0|zone=1|lastcpupid=0x7ff) [ 56.014264][ T2000] raw: 00fff000000a0014 ffffea0001ac2148 ffffea0001aa8448 ffff888079575001 [ 56.022821][ T2000] raw: 00000007fffffff6 0000000000000000 0000000100000000 ffff888140060000 [ 56.031371][ T2000] page dumped because: kasan: bad access detected [ 56.037839][ T2000] page_owner tracks the page as allocated [ 56.043534][ T2000] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 1993, tgid 1993 (udevd), ts 55721269000, free_ts 6190652804 [ 56.060708][ T2000] post_alloc_hook+0x286/0x2b0 [ 56.065455][ T2000] get_page_from_freelist+0x2fdd/0x3170 [ 56.071063][ T2000] __alloc_pages+0x251/0x640 [ 56.075797][ T2000] __folio_alloc+0xf/0x30 [ 56.080096][ T2000] vma_alloc_folio+0x484/0x9e0 [ 56.084924][ T2000] wp_page_copy+0x226/0x1970 [ 56.089525][ T2000] handle_mm_fault+0x1f58/0x4260 [ 56.094433][ T2000] exc_page_fault+0x22a/0x5e0 [ 56.099109][ T2000] asm_exc_page_fault+0x22/0x30 [ 56.103986][ T2000] page last free stack trace: [ 56.108630][ T2000] free_unref_page_prepare+0xd4b/0xee0 [ 56.114248][ T2000] free_unref_page+0x33/0x390 [ 56.118986][ T2000] free_contig_range+0x8d/0x130 [ 56.123810][ T2000] destroy_args+0xde/0x79f [ 56.128218][ T2000] debug_vm_pgtable+0x373/0x5ad [ 56.133227][ T2000] do_one_initcall+0x19f/0x4c0 [ 56.138745][ T2000] do_initcall_level+0x11e/0x1cd [ 56.144113][ T2000] do_initcalls+0x46/0x74 [ 56.149107][ T2000] kernel_init_freeable+0x375/0x4e4 [ 56.154380][ T2000] kernel_init+0x14/0x190 [ 56.158947][ T2000] ret_from_fork+0x1f/0x30 [ 56.163433][ T2000] [ 56.165771][ T2000] Memory state around the buggy address: [ 56.171553][ T2000] ffff88806aa0ff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 56.179672][ T2000] ffff88806aa0ff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 56.187737][ T2000] >ffff88806aa10000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 56.195961][ T2000] ^ [ 56.200262][ T2000] ffff88806aa10080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 56.208297][ T2000] ffff88806aa10100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 56.216346][ T2000] ================================================================== [ 56.225085][ T2000] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 56.232776][ T2000] Kernel Offset: disabled [ 56.237291][ T2000] Rebooting in 86400 seconds..