Warning: Permanently added '10.128.10.8' (ED25519) to the list of known hosts. 2023/08/14 19:35:03 ignoring optional flag "sandboxArg"="0" 2023/08/14 19:35:03 parsed 1 programs 2023/08/14 19:35:03 executed programs: 0 [ 44.049747] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 45.594811] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 45.615993] ================================================================== [ 45.623447] BUG: KASAN: slab-out-of-bounds in crc_itu_t+0xb3/0xe0 [ 45.629670] Read of size 1 at addr ffff8880ac3dc0a8 by task syz-executor.0/2710 [ 45.637264] [ 45.638868] CPU: 0 PID: 2710 Comm: syz-executor.0 Not tainted 5.0.0-rc3-syzkaller #0 [ 45.647242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 45.657336] Call Trace: [ 45.660032] dump_stack+0x62/0x9a [ 45.663484] print_address_description.cold.3+0x9/0x244 [ 45.668823] ? crc_itu_t+0xb3/0xe0 [ 45.672339] kasan_report.cold.4+0x1b/0x35 [ 45.676797] ? crc_itu_t+0xb3/0xe0 [ 45.680410] ? crc_itu_t+0xb3/0xe0 [ 45.683939] __asan_report_load1_noabort+0x14/0x20 [ 45.688842] crc_itu_t+0xb3/0xe0 [ 45.692185] udf_finalize_lvid+0xd7/0x1e0 [ 45.696308] ? udf_show_options+0xac0/0xac0 [ 45.700601] udf_sync_fs+0xc2/0x140 [ 45.704200] sync_filesystem+0xcb/0x1f0 [ 45.708144] generic_shutdown_super+0x69/0x330 [ 45.712695] kill_block_super+0x96/0xd0 [ 45.716638] deactivate_locked_super+0x77/0xd0 [ 45.721196] deactivate_super+0x13f/0x160 [ 45.725408] ? iterate_supers_type+0x220/0x220 [ 45.730225] ? dput.part.5+0x2e/0x3c0 [ 45.734005] ? dput.part.5+0xf4/0x3c0 [ 45.737777] cleanup_mnt+0x97/0x120 [ 45.741505] __cleanup_mnt+0xd/0x10 [ 45.745215] task_work_run+0x108/0x170 [ 45.749287] exit_to_usermode_loop+0x10e/0x140 [ 45.753840] do_syscall_64+0x254/0x2c0 [ 45.757724] ? prepare_exit_to_usermode+0xec/0x130 [ 45.762726] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 45.768066] RIP: 0033:0x7f7d1dafce17 [ 45.771770] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 45.793450] RSP: 002b:00007ffcb91906b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 45.801148] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f7d1dafce17 [ 45.808735] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffcb9190770 [ 45.815982] RBP: 00007ffcb9190770 R08: 0000000000000000 R09: 0000000000000000 [ 45.823599] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcb9191830 [ 45.831305] R13: 00007f7d1db463b9 R14: 000000000000b1c6 R15: 0000000000000007 [ 45.838751] [ 45.840358] Allocated by task 2053: [ 45.844058] __kasan_kmalloc.part.0+0x66/0x100 [ 45.848803] __kasan_kmalloc.constprop.1+0xb5/0xc0 [ 45.854495] kasan_kmalloc+0x9/0x10 [ 45.858284] kmem_cache_alloc_trace+0x12c/0x240 [ 45.862937] kernfs_iattrs.isra.1+0x8f/0x340 [ 45.867408] kernfs_xattr_get+0x57/0x90 [ 45.872061] __vfs_getxattr+0xbe/0x120 [ 45.875931] smk_fetch.part.6+0x70/0xb0 [ 45.879874] smack_d_instantiate+0x77e/0xf40 [ 45.884252] security_d_instantiate+0x47/0xc0 [ 45.888721] d_splice_alias+0x69/0xb50 [ 45.892672] kernfs_iop_lookup+0x199/0x250 [ 45.897063] lookup_open+0x5bd/0x1d10 [ 45.900834] path_openat+0x157e/0x2860 [ 45.904695] do_filp_open+0x177/0x250 [ 45.908525] do_sys_open+0x1dc/0x3b0 [ 45.912232] __x64_sys_openat+0x98/0xf0 [ 45.916199] do_syscall_64+0x94/0x2c0 [ 45.919981] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 45.925139] [ 45.926761] Freed by task 0: [ 45.929747] (stack is not available) [ 45.933427] [ 45.935028] The buggy address belongs to the object at ffff8880ac3dc000 [ 45.935028] which belongs to the cache kmalloc-192 of size 192 [ 45.948318] The buggy address is located 168 bytes inside of [ 45.948318] 192-byte region [ffff8880ac3dc000, ffff8880ac3dc0c0) [ 45.960533] The buggy address belongs to the page: [ 45.965482] page:ffffea0002b0f700 count:1 mapcount:0 mapping:ffff88813ff35000 index:0x0 [ 45.973608] flags: 0xfff00000000200(slab) [ 45.977831] raw: 00fff00000000200 dead000000000100 dead000000000200 ffff88813ff35000 [ 45.986219] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 45.994477] page dumped because: kasan: bad access detected [ 46.000167] page allocated via order 0, migratetype Unmovable, gfp_mask 0x6012c0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY) [ 46.011255] get_page_from_freelist.part.23+0x2dc6/0x42f0 [ 46.016772] __alloc_pages_nodemask+0x284/0x2340 [ 46.021694] alloc_pages_current+0xfd/0x290 [ 46.026011] new_slab+0x40e/0x750 [ 46.029445] ___slab_alloc+0x5ce/0x870 [ 46.033609] __slab_alloc.isra.22+0x49/0x60 [ 46.038020] kmem_cache_alloc_trace+0x1f6/0x240 [ 46.042671] kernfs_iattrs.isra.1+0x8f/0x340 [ 46.047068] kernfs_xattr_get+0x57/0x90 [ 46.051092] __vfs_getxattr+0xbe/0x120 [ 46.055405] smk_fetch.part.6+0x70/0xb0 [ 46.059357] smack_d_instantiate+0x77e/0xf40 [ 46.063747] security_d_instantiate+0x47/0xc0 [ 46.068213] d_splice_alias+0x69/0xb50 [ 46.072070] kernfs_iop_lookup+0x199/0x250 [ 46.076362] lookup_open+0x5bd/0x1d10 [ 46.080248] [ 46.081853] Memory state around the buggy address: [ 46.086759] ffff8880ac3dbf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.095148] ffff8880ac3dc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.102491] >ffff8880ac3dc080: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 46.109828] ^ [ 46.114474] ffff8880ac3dc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.121803] ffff8880ac3dc180: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 46.129130] ================================================================== [ 46.136564] Disabling lock debugging due to kernel taint [ 46.142412] Kernel panic - not syncing: panic_on_warn set ... [ 46.148495] Kernel Offset: disabled [ 46.152099] Rebooting in 86400 seconds..