Warning: Permanently added '10.128.1.124' (ED25519) to the list of known hosts. 2024/07/02 08:00:54 ignoring optional flag "sandboxArg"="0" 2024/07/02 08:00:55 parsed 1 programs 2024/07/02 08:00:55 executed programs: 0 [ 55.050883][ T1910] loop0: detected capacity change from 0 to 8192 [ 55.059032][ T1910] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 55.072012][ T1910] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 55.081520][ T1910] REISERFS (device loop0): using ordered data mode [ 55.088205][ T1910] reiserfs: using flush barriers [ 55.093833][ T1910] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 55.110342][ T1910] REISERFS (device loop0): checking transaction log (loop0) [ 55.118725][ T1910] REISERFS (device loop0): Using r5 hash to sort names [ 55.174773][ T1914] loop0: detected capacity change from 0 to 8192 [ 55.182308][ T1914] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 55.195715][ T1914] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 55.205110][ T1914] REISERFS (device loop0): using ordered data mode [ 55.211664][ T1914] reiserfs: using flush barriers [ 55.217278][ T1914] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 55.233630][ T1914] REISERFS (device loop0): checking transaction log (loop0) [ 55.241727][ T1914] REISERFS (device loop0): Using r5 hash to sort names [ 55.248815][ T1914] ================================================================== [ 55.256951][ T1914] BUG: KASAN: use-after-free in search_by_entry_key+0x3d7/0x1030 [ 55.264766][ T1914] Read of size 4 at addr ffff88806c512004 by task syz-executor.0/1914 [ 55.272900][ T1914] [ 55.275231][ T1914] CPU: 1 PID: 1914 Comm: syz-executor.0 Not tainted 6.1.96-syzkaller #0 [ 55.283534][ T1914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 55.293575][ T1914] Call Trace: [ 55.296923][ T1914] [ 55.299857][ T1914] dump_stack_lvl+0xf4/0x251 [ 55.304424][ T1914] ? nf_tcp_handle_invalid+0x2f3/0x2f3 [ 55.309885][ T1914] ? panic+0x3fe/0x3fe [ 55.313928][ T1914] ? _printk+0xca/0x10a [ 55.318058][ T1914] ? __virt_addr_valid+0x139/0x260 [ 55.323235][ T1914] ? __virt_addr_valid+0x211/0x260 [ 55.328319][ T1914] print_report+0x15f/0x4f0 [ 55.332797][ T1914] ? __virt_addr_valid+0x139/0x260 [ 55.337964][ T1914] ? __virt_addr_valid+0x211/0x260 [ 55.343051][ T1914] ? search_by_entry_key+0x3d7/0x1030 [ 55.348398][ T1914] kasan_report+0x136/0x160 [ 55.352872][ T1914] ? search_by_entry_key+0x3d7/0x1030 [ 55.358213][ T1914] search_by_entry_key+0x3d7/0x1030 [ 55.363728][ T1914] ? pathrelse+0x76/0xd0 [ 55.367945][ T1914] reiserfs_find_entry+0xe9c/0x1a30 [ 55.373114][ T1914] ? reiserfs_get_parent+0x270/0x270 [ 55.378380][ T1914] reiserfs_lookup+0x1ae/0x3d0 [ 55.383160][ T1914] ? reiserfs_find_entry+0x1a30/0x1a30 [ 55.388586][ T1914] ? lockdep_init_map_type+0x9d/0x700 [ 55.393933][ T1914] ? __init_waitqueue_head+0xaa/0x140 [ 55.399358][ T1914] __lookup_slow+0x1ff/0x2e0 [ 55.403941][ T1914] ? lookup_one_len+0x10e/0x230 [ 55.408758][ T1914] ? lookup_one_len+0x230/0x230 [ 55.413573][ T1914] ? d_lookup+0x16f/0x1d0 [ 55.417872][ T1914] ? inode_permission+0x151/0x320 [ 55.422867][ T1914] lookup_one_len+0x1f3/0x230 [ 55.427508][ T1914] ? lookup_one_common+0x330/0x330 [ 55.432586][ T1914] reiserfs_lookup_privroot+0x81/0x1d0 [ 55.438023][ T1914] reiserfs_fill_super+0x14e7/0x2070 [ 55.443277][ T1914] ? reiserfs_kill_sb+0x140/0x140 [ 55.448278][ T1914] ? __down_write_common+0x12a/0x1e0 [ 55.453618][ T1914] ? snprintf+0xcc/0x110 [ 55.457829][ T1914] ? __up_read+0x360/0x360 [ 55.462215][ T1914] mount_bdev+0x26b/0x340 [ 55.466512][ T1914] ? reiserfs_kill_sb+0x140/0x140 [ 55.471502][ T1914] legacy_get_tree+0xe5/0x170 [ 55.476239][ T1914] ? remove_save_link+0x4e0/0x4e0 [ 55.481231][ T1914] vfs_get_tree+0x7a/0x170 [ 55.485630][ T1914] do_new_mount+0x21a/0x910 [ 55.490186][ T1914] ? do_move_mount_old+0x120/0x120 [ 55.495265][ T1914] __se_sys_mount+0x23e/0x2d0 [ 55.499907][ T1914] ? __x64_sys_mount+0xc0/0xc0 [ 55.504636][ T1914] ? fpregs_assert_state_consistent+0x43/0x50 [ 55.510669][ T1914] do_syscall_64+0x3b/0x80 [ 55.515140][ T1914] ? clear_bhb_loop+0x45/0xa0 [ 55.519785][ T1914] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 55.525686][ T1914] RIP: 0033:0x7f2a3967e05a [ 55.530075][ T1914] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 55.549663][ T1914] RSP: 002b:00007f2a3a4a0ee8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 55.558048][ T1914] RAX: ffffffffffffffda RBX: 00007f2a3a4a0f80 RCX: 00007f2a3967e05a [ 55.565988][ T1914] RDX: 0000000020000140 RSI: 0000000020000340 RDI: 00007f2a3a4a0f40 [ 55.573931][ T1914] RBP: 0000000020000140 R08: 00007f2a3a4a0f80 R09: 000000000120c083 [ 55.581875][ T1914] R10: 000000000120c083 R11: 0000000000000246 R12: 0000000020000340 [ 55.590077][ T1914] R13: 00007f2a3a4a0f40 R14: 0000000000001120 R15: 0000000020000380 [ 55.598020][ T1914] [ 55.601013][ T1914] [ 55.603313][ T1914] The buggy address belongs to the physical page: [ 55.609702][ T1914] page:ffffea0001b14480 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6c512 [ 55.619907][ T1914] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 55.626983][ T1914] raw: 00fff00000000000 ffffea0001b144c8 ffff8880bad3e5e0 0000000000000000 [ 55.635617][ T1914] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 55.644177][ T1914] page dumped because: kasan: bad access detected [ 55.650571][ T1914] page_owner tracks the page as freed [ 55.656077][ T1914] page last allocated via order 0, migratetype Movable, gfp_mask 0x8(__GFP_MOVABLE), pid 1, tgid 1 (swapper/0), ts 4613245352, free_ts 5624194682 [ 55.670805][ T1914] post_alloc_hook+0x286/0x2b0 [ 55.675629][ T1914] split_map_pages+0x22a/0x480 [ 55.680443][ T1914] isolate_freepages_range+0x2a4/0x460 [ 55.685873][ T1914] alloc_contig_range+0x60a/0x930 [ 55.690883][ T1914] alloc_contig_pages+0x3ef/0x4f0 [ 55.695876][ T1914] debug_vm_pgtable_alloc_huge_page+0x7d/0xd7 [ 55.701909][ T1914] init_args+0x965/0xbb0 [ 55.706125][ T1914] debug_vm_pgtable+0xa5/0x5ad [ 55.710867][ T1914] do_one_initcall+0x19f/0x4c0 [ 55.715597][ T1914] do_initcall_level+0x11e/0x1cd [ 55.720503][ T1914] do_initcalls+0x46/0x74 [ 55.724802][ T1914] kernel_init_freeable+0x375/0x4e4 [ 55.729967][ T1914] kernel_init+0x14/0x190 [ 55.734353][ T1914] ret_from_fork+0x1f/0x30 [ 55.738746][ T1914] page last free stack trace: [ 55.743485][ T1914] free_unref_page_prepare+0xd4b/0xee0 [ 55.749024][ T1914] free_unref_page+0x33/0x390 [ 55.753668][ T1914] free_contig_range+0x8d/0x130 [ 55.758497][ T1914] destroy_args+0xde/0x79f [ 55.762899][ T1914] debug_vm_pgtable+0x373/0x5ad [ 55.767894][ T1914] do_one_initcall+0x19f/0x4c0 [ 55.772626][ T1914] do_initcall_level+0x11e/0x1cd [ 55.777541][ T1914] do_initcalls+0x46/0x74 [ 55.781986][ T1914] kernel_init_freeable+0x375/0x4e4 [ 55.787180][ T1914] kernel_init+0x14/0x190 [ 55.791485][ T1914] ret_from_fork+0x1f/0x30 [ 55.795871][ T1914] [ 55.798182][ T1914] Memory state around the buggy address: [ 55.803778][ T1914] ffff88806c511f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 55.811896][ T1914] ffff88806c511f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 55.819925][ T1914] >ffff88806c512000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 55.827952][ T1914] ^ [ 55.831987][ T1914] ffff88806c512080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 55.840100][ T1914] ffff88806c512100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 55.848141][ T1914] ================================================================== [ 55.857163][ T1914] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 55.864719][ T1914] Kernel Offset: disabled [ 55.869040][ T1914] Rebooting in 86400 seconds..