Warning: Permanently added '10.128.0.142' (ED25519) to the list of known hosts. 2024/10/09 02:14:32 ignoring optional flag "sandboxArg"="0" 2024/10/09 02:14:32 ignoring optional flag "type"="gce" 2024/10/09 02:14:33 parsed 1 programs 2024/10/09 02:14:34 executed programs: 0 [ 58.886270][ T1354] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 63.611349][ T1775] loop0: detected capacity change from 0 to 1024 [ 63.624981][ T1775] ================================================================== [ 63.633064][ T1775] BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0x724/0x1180 [ 63.640769][ T1775] Read of size 2 at addr ffff88810ea6840c by task syz-executor.0/1775 [ 63.648983][ T1775] [ 63.651384][ T1775] CPU: 0 PID: 1775 Comm: syz-executor.0 Not tainted 6.1.112-syzkaller #0 [ 63.659772][ T1775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 63.669824][ T1775] Call Trace: [ 63.673090][ T1775] [ 63.675997][ T1775] dump_stack_lvl+0xf4/0x251 [ 63.680563][ T1775] ? nf_tcp_handle_invalid+0x2f3/0x2f3 [ 63.686005][ T1775] ? panic+0x3fe/0x3fe [ 63.690055][ T1775] ? __virt_addr_valid+0x139/0x270 [ 63.695142][ T1775] ? __virt_addr_valid+0x221/0x270 [ 63.700224][ T1775] print_report+0x15f/0x4f0 [ 63.704699][ T1775] ? __virt_addr_valid+0x139/0x270 [ 63.709781][ T1775] ? __virt_addr_valid+0x221/0x270 [ 63.714874][ T1775] ? hfsplus_uni2asc+0x724/0x1180 [ 63.719886][ T1775] kasan_report+0x136/0x160 [ 63.724375][ T1775] ? hfsplus_uni2asc+0x724/0x1180 [ 63.729376][ T1775] hfsplus_uni2asc+0x724/0x1180 [ 63.734204][ T1775] ? memcpy+0x3c/0x60 [ 63.738157][ T1775] hfsplus_readdir+0x7fd/0x10d0 [ 63.742991][ T1775] ? hfsplus_rename+0x160/0x160 [ 63.747815][ T1775] ? iterate_dir+0xaa/0x500 [ 63.752297][ T1775] ? down_read_interruptible+0x1010/0x1010 [ 63.758085][ T1775] ? common_file_perm+0x130/0x1e0 [ 63.763080][ T1775] ? fsnotify_perm+0x120/0x440 [ 63.767812][ T1775] ? hfsplus_rename+0x160/0x160 [ 63.772637][ T1775] iterate_dir+0x1fa/0x500 [ 63.777032][ T1775] __se_sys_getdents64+0x1af/0x3e0 [ 63.782115][ T1775] ? __x64_sys_getdents64+0x80/0x80 [ 63.787282][ T1775] ? filldir+0x570/0x570 [ 63.791493][ T1775] ? switch_fpu_return+0xc9/0x130 [ 63.796489][ T1775] do_syscall_64+0x3b/0x80 [ 63.800877][ T1775] ? clear_bhb_loop+0x45/0xa0 [ 63.805523][ T1775] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 63.811396][ T1775] RIP: 0033:0x7fe92487cce9 [ 63.815790][ T1775] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 63.835364][ T1775] RSP: 002b:00007fe9256150c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 [ 63.843747][ T1775] RAX: ffffffffffffffda RBX: 00007fe92499bf80 RCX: 00007fe92487cce9 [ 63.851690][ T1775] RDX: 0000000000000067 RSI: 0000000020000540 RDI: 0000000000000003 [ 63.859633][ T1775] RBP: 00007fe9248c947a R08: 0000000000000000 R09: 0000000000000000 [ 63.867574][ T1775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 63.875515][ T1775] R13: 0000000000000006 R14: 00007fe92499bf80 R15: 00007ffcd6a3d078 [ 63.883457][ T1775] [ 63.886452][ T1775] [ 63.888751][ T1775] Allocated by task 1775: [ 63.893048][ T1775] kasan_set_track+0x4b/0x70 [ 63.897609][ T1775] __kasan_kmalloc+0x97/0xb0 [ 63.902171][ T1775] __kmalloc+0xa6/0x1c0 [ 63.906300][ T1775] hfsplus_find_init+0x7c/0x180 [ 63.911124][ T1775] hfsplus_readdir+0x1f4/0x10d0 [ 63.915946][ T1775] iterate_dir+0x1fa/0x500 [ 63.920328][ T1775] __se_sys_getdents64+0x1af/0x3e0 [ 63.925581][ T1775] do_syscall_64+0x3b/0x80 [ 63.929968][ T1775] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 63.935833][ T1775] [ 63.938132][ T1775] Last potentially related work creation: [ 63.943828][ T1775] kasan_save_stack+0x3b/0x60 [ 63.948476][ T1775] __kasan_record_aux_stack+0xb0/0xc0 [ 63.953819][ T1775] call_rcu+0x149/0x830 [ 63.957945][ T1775] netlink_release+0xf48/0x1460 [ 63.962764][ T1775] sock_close+0xbe/0x200 [ 63.966974][ T1775] __fput+0x1d7/0x720 [ 63.970927][ T1775] task_work_run+0x206/0x280 [ 63.975495][ T1775] exit_to_user_mode_loop+0xa9/0xc0 [ 63.980669][ T1775] exit_to_user_mode_prepare+0x64/0xb0 [ 63.986106][ T1775] syscall_exit_to_user_mode+0x27/0x1b0 [ 63.991622][ T1775] do_syscall_64+0x47/0x80 [ 63.996007][ T1775] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 64.001869][ T1775] [ 64.004174][ T1775] The buggy address belongs to the object at ffff88810ea68000 [ 64.004174][ T1775] which belongs to the cache kmalloc-2k of size 2048 [ 64.018202][ T1775] The buggy address is located 1036 bytes inside of [ 64.018202][ T1775] 2048-byte region [ffff88810ea68000, ffff88810ea68800) [ 64.031619][ T1775] [ 64.033922][ T1775] The buggy address belongs to the physical page: [ 64.040308][ T1775] page:ffffea00043a9a00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10ea68 [ 64.050518][ T1775] head:ffffea00043a9a00 order:3 compound_mapcount:0 compound_pincount:0 [ 64.058809][ T1775] flags: 0x100000000010200(slab|head|node=0|zone=2) [ 64.065455][ T1775] raw: 0100000000010200 dead000000000100 dead000000000122 ffff888100042000 [ 64.074013][ T1775] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000 [ 64.082568][ T1775] page dumped because: kasan: bad access detected [ 64.088957][ T1775] page_owner tracks the page as allocated [ 64.094644][ T1775] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 1997811796, free_ts 0 [ 64.114316][ T1775] post_alloc_hook+0x286/0x2b0 [ 64.119054][ T1775] get_page_from_freelist+0x3994/0x3b70 [ 64.124570][ T1775] __alloc_pages+0x251/0x640 [ 64.129129][ T1775] alloc_page_interleave+0xf/0x120 [ 64.134208][ T1775] alloc_slab_page+0x6a/0x150 [ 64.138854][ T1775] new_slab+0x70/0x250 [ 64.142894][ T1775] ___slab_alloc+0x9df/0xe70 [ 64.147456][ T1775] __kmem_cache_alloc_node+0x195/0x250 [ 64.152884][ T1775] kmalloc_trace+0x26/0xc0 [ 64.157269][ T1775] acpi_ds_create_walk_state+0xee/0x270 [ 64.162794][ T1775] acpi_ds_execute_arguments+0x1aa/0x260 [ 64.168402][ T1775] acpi_ns_init_one_object+0x127/0x2e0 [ 64.173831][ T1775] acpi_ns_walk_namespace+0x182/0x350 [ 64.179172][ T1775] acpi_walk_namespace+0x8a/0xc0 [ 64.184079][ T1775] acpi_ns_initialize_objects+0x97/0x100 [ 64.189679][ T1775] acpi_load_tables+0x57/0xa2 [ 64.194327][ T1775] page_owner free stack trace missing [ 64.199663][ T1775] [ 64.201962][ T1775] Memory state around the buggy address: [ 64.207563][ T1775] ffff88810ea68300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.215603][ T1775] ffff88810ea68380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.223636][ T1775] >ffff88810ea68400: 00 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.231663][ T1775] ^ [ 64.235968][ T1775] ffff88810ea68480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.243996][ T1775] ffff88810ea68500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.252033][ T1775] ================================================================== [ 64.260473][ T1775] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 64.267917][ T1775] Kernel Offset: disabled [ 64.272232][ T1775] Rebooting in 86400 seconds..