Warning: Permanently added '10.128.1.130' (ED25519) to the list of known hosts. 2024/01/04 16:17:32 ignoring optional flag "sandboxArg"="0" 2024/01/04 16:17:32 parsed 1 programs 2024/01/04 16:17:32 executed programs: 0 [ 47.358974][ T2244] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 47.864110][ T2311] modprobe (2311) used greatest stack depth: 20824 bytes left [ 50.592973][ T2662] loop0: detected capacity change from 0 to 8192 [ 50.601199][ T2662] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 50.614355][ T2662] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 50.623713][ T2662] REISERFS (device loop0): using ordered data mode [ 50.630415][ T2662] reiserfs: using flush barriers [ 50.636120][ T2662] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 50.652658][ T2662] REISERFS (device loop0): checking transaction log (loop0) [ 50.679929][ T2662] REISERFS (device loop0): Using tea hash to sort names [ 50.687207][ T2662] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 50.700875][ T2662] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 50.714419][ T2662] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 50.729033][ T2662] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 50.761308][ T1588] udevd[1588]: worker [2663] terminated by signal 11 (Segmentation fault) [ 50.770257][ T1588] udevd[1588]: worker [2663] failed while handling '/devices/virtual/block/loop0' [ 50.807632][ T2666] loop0: detected capacity change from 0 to 8192 [ 50.815694][ T2666] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 50.829064][ T2666] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 50.838296][ T2666] REISERFS (device loop0): using ordered data mode [ 50.844911][ T2666] reiserfs: using flush barriers [ 50.850701][ T2666] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 50.867204][ T2666] REISERFS (device loop0): checking transaction log (loop0) [ 50.893016][ T2666] REISERFS (device loop0): Using tea hash to sort names [ 50.900259][ T2666] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 50.914094][ T2666] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 50.929141][ T2666] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 50.943383][ T2666] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 51.012005][ T2670] loop0: detected capacity change from 0 to 8192 [ 51.019929][ T2670] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 51.033215][ T2670] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 51.042417][ T2670] REISERFS (device loop0): using ordered data mode [ 51.048948][ T2670] reiserfs: using flush barriers [ 51.054647][ T2670] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 51.071013][ T2670] REISERFS (device loop0): checking transaction log (loop0) [ 51.096056][ T2670] REISERFS (device loop0): Using tea hash to sort names [ 51.103290][ T2670] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 51.116991][ T2670] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 51.127151][ T2670] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 51.141267][ T2670] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 51.219236][ T2673] loop0: detected capacity change from 0 to 8192 [ 51.226830][ T2673] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 51.239927][ T2673] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 51.249088][ T2673] REISERFS (device loop0): using ordered data mode [ 51.255715][ T2673] reiserfs: using flush barriers [ 51.261369][ T2673] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 51.277711][ T2673] REISERFS (device loop0): checking transaction log (loop0) [ 51.302838][ T2673] REISERFS (device loop0): Using tea hash to sort names [ 51.309980][ T2673] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 51.323738][ T2673] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 51.333928][ T2673] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 51.347852][ T2673] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 51.361881][ T2673] ================================================================== [ 51.369920][ T2673] BUG: KASAN: use-after-free in reiserfs_release_objectid+0x46f/0x850 [ 51.378048][ T2673] Read of size 7172 at addr ffff88806e04a050 by task syz-executor.0/2673 [ 51.386463][ T2673] [ 51.388769][ T2673] CPU: 1 PID: 2673 Comm: syz-executor.0 Not tainted 6.7.0-rc8-syzkaller #0 [ 51.397328][ T2673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 51.407364][ T2673] Call Trace: [ 51.410711][ T2673] [ 51.413625][ T2673] dump_stack_lvl+0xf8/0x260 [ 51.418204][ T2673] ? nf_tcp_handle_invalid+0x300/0x300 [ 51.423674][ T2673] ? panic+0x500/0x500 [ 51.427738][ T2673] ? _printk+0xce/0x110 [ 51.431885][ T2673] print_report+0x163/0x540 [ 51.436408][ T2673] ? reiserfs_release_objectid+0x46f/0x850 [ 51.442189][ T2673] kasan_report+0x142/0x170 [ 51.446666][ T2673] ? reiserfs_release_objectid+0x46f/0x850 [ 51.452463][ T2673] kasan_check_range+0x27e/0x290 [ 51.457392][ T2673] ? reiserfs_release_objectid+0x46f/0x850 [ 51.463272][ T2673] __asan_memmove+0x29/0x70 [ 51.467763][ T2673] reiserfs_release_objectid+0x46f/0x850 [ 51.473460][ T2673] remove_save_link+0x2e3/0x4f0 [ 51.478283][ T2673] ? add_save_link+0x750/0x750 [ 51.483119][ T2673] reiserfs_evict_inode+0x2ad/0x3a0 [ 51.488289][ T2673] ? entry_points_to_object+0x760/0x760 [ 51.493805][ T2673] ? do_raw_spin_unlock+0x13b/0x8b0 [ 51.498982][ T2673] ? do_raw_spin_unlock+0x13b/0x8b0 [ 51.504154][ T2673] evict+0x263/0x640 [ 51.508112][ T2673] vfs_rmdir+0x329/0x3d0 [ 51.512329][ T2673] do_rmdir+0x363/0x500 [ 51.516454][ T2673] ? d_delete_notify+0x120/0x120 [ 51.521362][ T2673] ? getname_flags+0x10f/0x440 [ 51.526127][ T2673] __x64_sys_rmdir+0x44/0x50 [ 51.530707][ T2673] do_syscall_64+0x45/0xe0 [ 51.535100][ T2673] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 51.540982][ T2673] RIP: 0033:0x7f64f027cae9 [ 51.545487][ T2673] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 51.565062][ T2673] RSP: 002b:00007f64f10a30c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000054 [ 51.573446][ T2673] RAX: ffffffffffffffda RBX: 00007f64f039bf80 RCX: 00007f64f027cae9 [ 51.581391][ T2673] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000 [ 51.589421][ T2673] RBP: 00007f64f02c847a R08: 0000000000000000 R09: 0000000000000000 [ 51.597364][ T2673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 51.605392][ T2673] R13: 0000000000000006 R14: 00007f64f039bf80 R15: 00007ffccc5acd68 [ 51.613338][ T2673] [ 51.616329][ T2673] [ 51.618625][ T2673] The buggy address belongs to the physical page: [ 51.625006][ T2673] page:ffffea0001b81280 refcount:2 mapcount:0 mapping:ffff8880110813f0 index:0x10 pfn:0x6e04a [ 51.635218][ T2673] memcg:ffff88807ea96000 [ 51.639428][ T2673] aops:def_blk_aops ino:700000 [ 51.644161][ T2673] flags: 0xfff0000002812c(referenced|uptodate|lru|active|private|mappedtodisk|node=0|zone=1|lastcpupid=0x7ff) [ 51.655769][ T2673] page_type: 0xffffffff() [ 51.660172][ T2673] raw: 00fff0000002812c ffffea0001b620c8 ffffea0001b80e08 ffff8880110813f0 [ 51.668734][ T2673] raw: 0000000000000010 ffff888072d3d9f8 00000002ffffffff ffff88807ea96000 [ 51.677385][ T2673] page dumped because: kasan: bad access detected [ 51.683769][ T2673] page_owner tracks the page as allocated [ 51.689630][ T2673] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL|__GFP_MOVABLE), pid 2673, tgid 2672 (syz-executor.0), ts 51226700292, free_ts 51219015415 [ 51.710083][ T2673] post_alloc_hook+0x10b/0x130 [ 51.714823][ T2673] get_page_from_freelist+0x345c/0x35f0 [ 51.720341][ T2673] __alloc_pages+0x255/0x650 [ 51.724899][ T2673] alloc_pages_mpol+0x27f/0x4d0 [ 51.729729][ T2673] folio_alloc+0xd4/0x220 [ 51.734206][ T2673] filemap_alloc_folio+0xc6/0x3a0 [ 51.739411][ T2673] __filemap_get_folio+0x28f/0x690 [ 51.744499][ T2673] bdev_getblk+0x1b1/0x4c0 [ 51.748975][ T2673] __bread_gfp+0xa7/0x2a0 [ 51.753310][ T2673] read_super_block+0x84/0x700 [ 51.758221][ T2673] reiserfs_fill_super+0xa22/0x2070 [ 51.763388][ T2673] mount_bdev+0x1d6/0x290 [ 51.767694][ T2673] legacy_get_tree+0xe9/0x170 [ 51.772342][ T2673] vfs_get_tree+0x7e/0x190 [ 51.776727][ T2673] do_new_mount+0x1e5/0x930 [ 51.781285][ T2673] __se_sys_mount+0x242/0x2d0 [ 51.786018][ T2673] page last free stack trace: [ 51.790663][ T2673] free_unref_page_prepare+0x7f9/0x910 [ 51.796092][ T2673] free_unref_page_list+0x54b/0x7f0 [ 51.801266][ T2673] release_pages+0x194b/0x1b10 [ 51.806003][ T2673] tlb_flush_mmu+0x273/0x3d0 [ 51.810573][ T2673] tlb_finish_mmu+0xb6/0x1c0 [ 51.815225][ T2673] unmap_region+0x2d0/0x320 [ 51.819699][ T2673] do_vmi_align_munmap+0xd60/0x1390 [ 51.824869][ T2673] do_vmi_munmap+0x1b1/0x210 [ 51.829428][ T2673] __vm_munmap+0x1ef/0x380 [ 51.833902][ T2673] __x64_sys_munmap+0x5b/0x70 [ 51.838574][ T2673] do_syscall_64+0x45/0xe0 [ 51.843048][ T2673] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 51.848915][ T2673] [ 51.851219][ T2673] Memory state around the buggy address: [ 51.856838][ T2673] ffff88806e04af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 51.865044][ T2673] ffff88806e04af80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 51.873074][ T2673] >ffff88806e04b000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 51.881102][ T2673] ^ [ 51.885139][ T2673] ffff88806e04b080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 51.893169][ T2673] ffff88806e04b100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 51.901201][ T2673] ================================================================== [ 51.909458][ T2673] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 51.916929][ T2673] Kernel Offset: disabled [ 51.921234][ T2673] Rebooting in 86400 seconds..