Warning: Permanently added '10.128.0.237' (ED25519) to the list of known hosts. 2024/10/14 05:30:22 ignoring optional flag "sandboxArg"="0" 2024/10/14 05:30:23 parsed 1 programs [ 51.762220] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 52.319331] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 52.326898] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 52.341045] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 52.348148] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 52.607838] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 52.615854] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 52.622570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 52.629405] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 52.662610] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 52.670270] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 52.677509] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 52.685817] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 52.694392] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 52.702382] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 52.710272] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 52.718659] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 52.949690] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 52.958520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 52.992930] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 52.999719] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 53.006878] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 53.014586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 53.022000] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 53.028984] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 53.036816] device veth0_vlan entered promiscuous mode [ 53.149597] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 53.157728] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 53.218971] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 53.227601] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 53.235821] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 53.242746] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 53.250381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 53.259440] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 53.266447] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 53.274119] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 53.633150] device veth0_vlan left promiscuous mode 2024/10/14 05:30:25 executed programs: 0 [ 54.028085] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 54.035788] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 54.053315] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 54.060152] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 54.323734] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 54.330797] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 54.337161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.344197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.373020] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 54.381075] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 54.388927] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.396723] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 54.404701] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 54.412848] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 54.430964] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 54.439267] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 54.447253] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 54.455174] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 54.467576] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 54.474851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 54.482326] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 54.490477] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 54.497248] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 54.504646] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 54.813336] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 54.821334] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 54.829333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 54.837951] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 54.878018] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 54.884810] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 54.891076] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 54.898182] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 54.905787] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 54.913512] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 54.921073] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 54.927962] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 54.935604] device veth0_vlan entered promiscuous mode [ 55.058577] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 55.066687] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 55.074483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 55.082667] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 55.137677] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 55.146373] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 55.154490] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 55.161458] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 55.169550] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 55.178357] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 55.185900] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 55.194291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 55.434950] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 55.447290] ================================================================== [ 55.454671] BUG: KASAN: slab-out-of-bounds in ocfs2_block_group_alloc+0x1698/0x1c90 [ 55.462453] Read of size 4 at addr ffff8800b422f034 by task syz.0.15/4303 [ 55.469538] [ 55.471160] CPU: 0 PID: 4303 Comm: syz.0.15 Not tainted 4.19.0-syzkaller #0 [ 55.478244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 55.487607] Call Trace: [ 55.490180] dump_stack+0x10c/0x17a [ 55.493859] print_address_description.cold.6+0x9/0x244 [ 55.499229] kasan_report.cold.7+0x242/0x305 [ 55.503631] ? ocfs2_block_group_alloc+0x1698/0x1c90 [ 55.508721] __asan_report_load4_noabort+0x14/0x20 [ 55.513629] ocfs2_block_group_alloc+0x1698/0x1c90 [ 55.518540] ? ocfs2_block_group_alloc_discontig+0x1b30/0x1b30 [ 55.524538] ? ocfs2_read_inode_block+0xb/0x10 [ 55.529100] ? ocfs2_inode_lock_full_nested+0x1034/0x1ba0 [ 55.534630] ? __lock_acquire.isra.10+0xae8/0x1870 [ 55.539540] ? ocfs2_inode_unlock_tracker+0x1d0/0x1d0 [ 55.544716] ? lock_acquire+0x18b/0x340 [ 55.548693] ? ocfs2_reserve_suballoc_bits+0x104/0xc80 [ 55.553958] ocfs2_reserve_suballoc_bits+0x3da/0xc80 [ 55.559125] ? ocfs2_block_group_alloc+0x1c90/0x1c90 [ 55.564307] ? kasan_kmalloc+0xaf/0xc0 [ 55.568176] ? kmem_cache_alloc_trace+0x13c/0x260 [ 55.572996] ? do_raw_spin_unlock+0x172/0x260 [ 55.577479] ocfs2_reserve_new_metadata_blocks+0x522/0x950 [ 55.583084] ? ocfs2_steal_resource+0x330/0x330 [ 55.587750] ocfs2_mknod+0xd3a/0x1d00 [ 55.591544] ? __x64_sys_open+0x79/0xb0 [ 55.595515] ? do_syscall_64+0xd0/0x340 [ 55.599493] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 55.604836] ? set_fs_pwd+0x50/0x1d0 [ 55.608541] ? ocfs2_mknod_locked.isra.1+0x380/0x380 [ 55.613631] ? graph_lock+0x170/0x170 [ 55.617501] ? kasan_check_write+0x14/0x20 [ 55.621711] ? __lock_acquire.isra.10+0x116/0x1870 [ 55.626626] ? __wake_up_common_lock+0xec/0x180 [ 55.631361] ? lock_downgrade+0x590/0x590 [ 55.635572] ? __lock_acquire.isra.10+0x116/0x1870 [ 55.640585] ? ocfs2_inode_unlock+0x162/0x270 [ 55.645068] ? lock_downgrade+0x590/0x590 [ 55.649198] ? lock_acquire+0x18b/0x340 [ 55.653177] ? do_raw_spin_unlock+0x172/0x260 [ 55.657684] ? ocfs2_inode_unlock+0x162/0x270 [ 55.662183] ? d_splice_alias+0x39f/0xb50 [ 55.666428] ? ocfs2_lookup+0x39f/0x850 [ 55.670379] ocfs2_create+0xe0/0x390 [ 55.674069] ? ocfs2_mkdir+0x390/0x390 [ 55.677936] ? security_inode_permission+0x79/0xc0 [ 55.682839] ? inode_permission+0xaf/0x390 [ 55.687165] lookup_open+0x78b/0x1d20 [ 55.690963] ? may_open.isra.25+0x270/0x270 [ 55.695275] path_openat+0xde7/0x2870 [ 55.699061] ? kmem_cache_alloc+0xd1/0x230 [ 55.703270] ? path_mountpoint+0x890/0x890 [ 55.707478] ? exit_robust_list+0x140/0x140 [ 55.711823] ? kasan_check_write+0x14/0x20 [ 55.716035] ? __lock_acquire.isra.10+0x116/0x1870 [ 55.720950] ? kasan_check_write+0x14/0x20 [ 55.725166] ? __lock_acquire.isra.10+0x116/0x1870 [ 55.730069] ? kasan_check_write+0x14/0x20 [ 55.734276] ? __lock_acquire.isra.10+0x116/0x1870 [ 55.739187] ? __lock_acquire.isra.10+0x116/0x1870 [ 55.744096] do_filp_open+0x177/0x250 [ 55.747874] ? __alloc_fd+0x168/0x3c0 [ 55.751758] ? may_open_dev+0xc0/0xc0 [ 55.755531] ? lock_acquire+0x18b/0x340 [ 55.759502] ? _raw_spin_unlock+0x2c/0x50 [ 55.763622] ? __alloc_fd+0x168/0x3c0 [ 55.767402] ? kmem_cache_alloc+0x1ce/0x230 [ 55.771697] do_sys_open+0x1dc/0x350 [ 55.775398] ? syscall_slow_exit_work+0x460/0x460 [ 55.780217] ? filp_open+0x50/0x50 [ 55.783739] __x64_sys_open+0x79/0xb0 [ 55.787522] do_syscall_64+0xd0/0x340 [ 55.791303] ? prepare_exit_to_usermode+0xec/0x130 [ 55.796208] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 55.801486] RIP: 0033:0x7f663dc1fff9 [ 55.805175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 55.824161] RSP: 002b:00007f663d6a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 55.832204] RAX: ffffffffffffffda RBX: 00007f663ddd7f80 RCX: 00007f663dc1fff9 [ 55.839537] RDX: 0000000000000000 RSI: 0000000004008040 RDI: 0000000020000200 [ 55.846788] RBP: 00007f663dc92296 R08: 0000000000000000 R09: 0000000000000000 [ 55.854125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 55.861468] R13: 0000000000000000 R14: 00007f663ddd7f80 R15: 00007ffe427b6ae8 [ 55.868805] [ 55.870415] Allocated by task 4045: [ 55.874031] kasan_kmalloc.part.1+0x62/0xf0 [ 55.878336] kasan_kmalloc+0xaf/0xc0 [ 55.882034] kasan_slab_alloc+0x11/0x20 [ 55.886102] kmem_cache_alloc+0xdc/0x230 [ 55.890284] __debug_object_init+0x801/0xda0 [ 55.894854] debug_object_init+0x16/0x20 [ 55.898898] hrtimer_init+0x26/0x1b0 [ 55.902608] copy_process.part.4+0x1e8b/0x6e80 [ 55.907162] _do_fork+0x159/0x920 [ 55.910588] __x64_sys_clone+0xba/0x140 [ 55.914532] do_syscall_64+0xd0/0x340 [ 55.918306] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 55.923637] [ 55.925239] Freed by task 0: [ 55.928230] (stack is not available) [ 55.931917] [ 55.933521] The buggy address belongs to the object at ffff8800b422f000 [ 55.933521] which belongs to the cache debug_objects_cache of size 40 [ 55.946900] The buggy address is located 12 bytes to the right of [ 55.946900] 40-byte region [ffff8800b422f000, ffff8800b422f028) [ 55.959215] The buggy address belongs to the page: [ 55.964134] page:ffffea0002d08bc0 count:1 mapcount:0 mapping:ffff88013bfce400 index:0x0 [ 55.972758] flags: 0xfff00000000100(slab) [ 55.976890] raw: 00fff00000000100 dead000000000100 dead000000000200 ffff88013bfce400 [ 55.984753] raw: 0000000000000000 0000000000490049 00000001ffffffff 0000000000000000 [ 55.992610] page dumped because: kasan: bad access detected [ 55.998329] page allocated via order 0, migratetype Unmovable, gfp_mask 0x4a1220(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL) [ 56.010560] get_page_from_freelist+0x2c68/0x41c0 [ 56.015408] __alloc_pages_nodemask+0x390/0x2380 [ 56.020157] alloc_pages_current+0xfd/0x290 [ 56.024455] new_slab+0x49d/0x7f0 [ 56.027879] ___slab_alloc+0x5b3/0x8e0 [ 56.031850] __slab_alloc.isra.22+0x6a/0xa0 [ 56.036143] kmem_cache_alloc+0x1ef/0x230 [ 56.040303] __debug_object_init+0x801/0xda0 [ 56.044688] debug_object_init+0x16/0x20 [ 56.048724] hrtimer_init+0x26/0x1b0 [ 56.052470] copy_process.part.4+0x1e8b/0x6e80 [ 56.057061] _do_fork+0x159/0x920 [ 56.060491] __x64_sys_clone+0xba/0x140 [ 56.064525] do_syscall_64+0xd0/0x340 [ 56.068331] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 56.073520] [ 56.075115] Memory state around the buggy address: [ 56.080035] ffff8800b422ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 56.087367] ffff8800b422ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 56.094804] >ffff8800b422f000: 00 00 00 00 00 fc fc 00 00 00 00 00 fc fc 00 00 [ 56.102355] ^ [ 56.107277] ffff8800b422f080: 00 00 00 fc fc 00 00 00 00 00 fc fc 00 00 00 00 [ 56.114818] ffff8800b422f100: 00 fc fc 00 00 00 00 00 fc fc 00 00 00 00 00 fc [ 56.122149] ================================================================== [ 56.129564] Disabling lock debugging due to kernel taint [ 56.136946] Kernel panic - not syncing: panic_on_warn set ... [ 56.136946] [ 56.144546] Kernel Offset: disabled [ 56.148171] Rebooting in 86400 seconds..