Warning: Permanently added '10.128.1.137' (ED25519) to the list of known hosts. 2023/09/27 06:24:38 ignoring optional flag "sandboxArg"="0" 2023/09/27 06:24:38 parsed 1 programs 2023/09/27 06:24:38 executed programs: 0 [ 49.726483][ T1578] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 54.421560][ T1995] loop0: detected capacity change from 0 to 8192 [ 54.429532][ T1995] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 54.442576][ T1995] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 54.451787][ T1995] REISERFS (device loop0): using ordered data mode [ 54.458525][ T1995] reiserfs: using flush barriers [ 54.464151][ T1995] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 54.480719][ T1995] REISERFS (device loop0): checking transaction log (loop0) [ 54.488861][ T1995] REISERFS (device loop0): Using r5 hash to sort names [ 54.496029][ T1995] ================================================================== [ 54.504169][ T1995] BUG: KASAN: use-after-free in strlen+0x54/0x60 [ 54.510544][ T1995] Read of size 1 at addr ffff88806ac8b7a3 by task syz-executor.0/1995 [ 54.519085][ T1995] [ 54.521409][ T1995] CPU: 1 PID: 1995 Comm: syz-executor.0 Not tainted 6.1.55-syzkaller #0 [ 54.529811][ T1995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 54.539842][ T1995] Call Trace: [ 54.543096][ T1995] [ 54.546013][ T1995] dump_stack_lvl+0xf4/0x251 [ 54.550666][ T1995] ? nf_tcp_handle_invalid+0x2f3/0x2f3 [ 54.556097][ T1995] ? panic+0x3f7/0x3f7 [ 54.560140][ T1995] ? _printk+0xca/0x10a [ 54.564535][ T1995] print_report+0x15f/0x4f0 [ 54.569034][ T1995] ? strlen+0x54/0x60 [ 54.573176][ T1995] kasan_report+0x136/0x160 [ 54.577745][ T1995] ? strlen+0x54/0x60 [ 54.581696][ T1995] strlen+0x54/0x60 [ 54.585493][ T1995] reiserfs_find_entry+0x8c4/0x1a30 [ 54.590665][ T1995] ? reiserfs_get_parent+0x270/0x270 [ 54.595920][ T1995] reiserfs_lookup+0x1ae/0x3d0 [ 54.600648][ T1995] ? reiserfs_find_entry+0x1a30/0x1a30 [ 54.606080][ T1995] ? lockdep_init_map_type+0x9d/0x700 [ 54.611473][ T1995] ? __init_waitqueue_head+0xaa/0x140 [ 54.616813][ T1995] __lookup_slow+0x1ff/0x2e0 [ 54.621386][ T1995] ? lookup_one_len+0x10e/0x230 [ 54.626231][ T1995] ? lookup_one_len+0x230/0x230 [ 54.631062][ T1995] ? d_lookup+0x16f/0x1d0 [ 54.635370][ T1995] ? inode_permission+0x151/0x320 [ 54.640456][ T1995] lookup_one_len+0x1f3/0x230 [ 54.645220][ T1995] ? lookup_one_common+0x330/0x330 [ 54.650389][ T1995] reiserfs_lookup_privroot+0x81/0x1d0 [ 54.655821][ T1995] reiserfs_fill_super+0x14e7/0x2070 [ 54.661082][ T1995] ? reiserfs_kill_sb+0x140/0x140 [ 54.666076][ T1995] ? __down_write_common+0x12a/0x1e0 [ 54.671345][ T1995] ? snprintf+0xcc/0x110 [ 54.675603][ T1995] ? __up_read+0x360/0x360 [ 54.680082][ T1995] mount_bdev+0x26b/0x340 [ 54.684414][ T1995] ? reiserfs_kill_sb+0x140/0x140 [ 54.690029][ T1995] legacy_get_tree+0xe5/0x170 [ 54.694768][ T1995] ? remove_save_link+0x4e0/0x4e0 [ 54.699849][ T1995] vfs_get_tree+0x7a/0x170 [ 54.704239][ T1995] do_new_mount+0x1e1/0x8f0 [ 54.708716][ T1995] ? do_move_mount_old+0x120/0x120 [ 54.713811][ T1995] ? user_path_at_empty+0xed/0x140 [ 54.719013][ T1995] __se_sys_mount+0x23e/0x2d0 [ 54.723670][ T1995] ? __x64_sys_mount+0xc0/0xc0 [ 54.728404][ T1995] ? fpregs_assert_state_consistent+0x43/0x50 [ 54.734539][ T1995] do_syscall_64+0x3d/0x80 [ 54.739142][ T1995] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 54.745358][ T1995] RIP: 0033:0x7fbc8f07e22a [ 54.749746][ T1995] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 54.769755][ T1995] RSP: 002b:00007fbc8fec8ee8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 54.778142][ T1995] RAX: ffffffffffffffda RBX: 00007fbc8fec8f80 RCX: 00007fbc8f07e22a [ 54.786084][ T1995] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 00007fbc8fec8f40 [ 54.794216][ T1995] RBP: 00000000200000c0 R08: 00007fbc8fec8f80 R09: 0000000000008001 [ 54.802173][ T1995] R10: 0000000000008001 R11: 0000000000000246 R12: 0000000020000040 [ 54.810304][ T1995] R13: 00007fbc8fec8f40 R14: 0000000000001122 R15: 0000000020000080 [ 54.818255][ T1995] [ 54.821260][ T1995] [ 54.823557][ T1995] The buggy address belongs to the physical page: [ 54.829942][ T1995] page:ffffea0001ab22c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6ac8b [ 54.840145][ T1995] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 54.847322][ T1995] raw: 00fff00000000000 ffffea0001ab2308 ffff8880bad3e5e0 0000000000000000 [ 54.856314][ T1995] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 54.864954][ T1995] page dumped because: kasan: bad access detected [ 54.871338][ T1995] page_owner tracks the page as freed [ 54.876688][ T1995] page last allocated via order 0, migratetype Movable, gfp_mask 0x8(__GFP_MOVABLE), pid 1, tgid 1 (swapper/0), ts 5420224227, free_ts 6408735724 [ 54.891603][ T1995] post_alloc_hook+0x286/0x2b0 [ 54.896351][ T1995] split_map_pages+0x22a/0x480 [ 54.901084][ T1995] isolate_freepages_range+0x2a4/0x460 [ 54.906510][ T1995] alloc_contig_range+0x60a/0x930 [ 54.911509][ T1995] alloc_contig_pages+0x3ef/0x4f0 [ 54.916505][ T1995] debug_vm_pgtable_alloc_huge_page+0x7d/0xd7 [ 54.922667][ T1995] init_args+0x862/0xa66 [ 54.926882][ T1995] debug_vm_pgtable+0xa5/0x5ad [ 54.931704][ T1995] do_one_initcall+0x19f/0x4c0 [ 54.936445][ T1995] do_initcall_level+0x11e/0x1cd [ 54.941354][ T1995] do_initcalls+0x46/0x74 [ 54.945748][ T1995] kernel_init_freeable+0x379/0x4e2 [ 54.950914][ T1995] kernel_init+0x14/0x190 [ 54.955303][ T1995] ret_from_fork+0x1f/0x30 [ 54.959702][ T1995] page last free stack trace: [ 54.964347][ T1995] free_unref_page_prepare+0xd4b/0xee0 [ 54.969950][ T1995] free_unref_page+0x9a/0x500 [ 54.974657][ T1995] free_contig_range+0x8d/0x130 [ 54.979478][ T1995] destroy_args+0xde/0x79f [ 54.983952][ T1995] debug_vm_pgtable+0x373/0x5ad [ 54.988773][ T1995] do_one_initcall+0x19f/0x4c0 [ 54.993507][ T1995] do_initcall_level+0x11e/0x1cd [ 54.998500][ T1995] do_initcalls+0x46/0x74 [ 55.002809][ T1995] kernel_init_freeable+0x379/0x4e2 [ 55.008087][ T1995] kernel_init+0x14/0x190 [ 55.012386][ T1995] ret_from_fork+0x1f/0x30 [ 55.016778][ T1995] [ 55.019088][ T1995] Memory state around the buggy address: [ 55.024689][ T1995] ffff88806ac8b680: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 55.032807][ T1995] ffff88806ac8b700: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 55.041284][ T1995] >ffff88806ac8b780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 55.049677][ T1995] ^ [ 55.054762][ T1995] ffff88806ac8b800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 55.062796][ T1995] ffff88806ac8b880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 55.070912][ T1995] ================================================================== [ 55.079514][ T1995] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 55.087063][ T1995] Kernel Offset: disabled [ 55.091537][ T1995] Rebooting in 86400 seconds..