Warning: Permanently added '10.128.1.56' (ED25519) to the list of known hosts. 2024/05/19 17:17:44 ignoring optional flag "sandboxArg"="0" 2024/05/19 17:17:44 parsed 1 programs 2024/05/19 17:17:44 executed programs: 0 [ 41.279401][ T3055] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS [ 41.458803][ T3064] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.460733][ T3064] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.462889][ T3064] device bridge_slave_0 entered promiscuous mode [ 41.465309][ T3064] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.467136][ T3064] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.469383][ T3064] device bridge_slave_1 entered promiscuous mode [ 41.647178][ T3064] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.649093][ T3064] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.650947][ T3064] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.652746][ T3064] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.962548][ T27] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.965225][ T27] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.968389][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 41.970781][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 42.017014][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 42.019417][ T27] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.021584][ T27] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.023616][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 42.026222][ T27] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.028470][ T27] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.030700][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 42.033065][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 42.387200][ T2772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 42.437408][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 42.439695][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 42.442128][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 42.445165][ T3064] device veth0_vlan entered promiscuous mode [ 42.449089][ T3064] device veth1_vlan entered promiscuous mode [ 42.455825][ T2772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 42.458224][ T2772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 42.461633][ T3064] device veth0_macvtap entered promiscuous mode [ 42.515498][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 42.518592][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 42.521263][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 42.523695][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 42.526280][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.788296][ T3241] loop0: detected capacity change from 0 to 1024 [ 42.793011][ T3241] ================================================================== [ 42.795501][ T3241] BUG: KASAN: slab-out-of-bounds in hfsplus_bnode_read_key+0x3bc/0x658 [ 42.797881][ T3241] Write of size 4026 at addr ffff0000c914c000 by task syz-executor.0/3241 [ 42.800204][ T3241] [ 42.801064][ T3241] CPU: 0 PID: 3241 Comm: syz-executor.0 Not tainted 6.1.91-syzkaller #0 [ 42.803292][ T3241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 42.805968][ T3241] Call trace: [ 42.807242][ T3241] dump_backtrace+0x1c8/0x1f4 [ 42.808509][ T3241] show_stack+0x2c/0x3c [ 42.809705][ T3241] dump_stack_lvl+0xc0/0x104 [ 42.810997][ T3241] print_report+0x174/0x4c0 [ 42.812173][ T3241] kasan_report+0xcc/0x124 [ 42.813697][ T3241] kasan_check_range+0x264/0x2a4 [ 42.814959][ T3241] memcpy+0x60/0x90 [ 42.816037][ T3241] hfsplus_bnode_read_key+0x3bc/0x658 [ 42.817620][ T3241] hfsplus_brec_insert+0x520/0xaa0 [ 42.819326][ T3241] hfsplus_create_attr+0x3b0/0x568 [ 42.820669][ T3241] __hfsplus_setxattr+0x8fc/0x1c68 [ 42.822101][ T3241] hfsplus_setxattr+0xb4/0xec [ 42.823451][ T3241] hfsplus_user_setxattr+0x54/0x6c [ 42.824759][ T3241] __vfs_setxattr+0x388/0x3a4 [ 42.826372][ T3241] __vfs_setxattr_noperm+0x110/0x528 [ 42.827844][ T3241] __vfs_setxattr_locked+0x1ec/0x218 [ 42.829342][ T3241] vfs_setxattr+0x1a8/0x344 [ 42.830492][ T3241] setxattr+0x230/0x294 [ 42.831913][ T3241] path_setxattr+0x17c/0x258 [ 42.833082][ T3241] __arm64_sys_setxattr+0xbc/0xd8 [ 42.834503][ T3241] invoke_syscall+0x98/0x2c0 [ 42.835841][ T3241] el0_svc_common+0x134/0x24c [ 42.837036][ T3241] do_el0_svc+0x64/0x218 [ 42.838375][ T3241] el0_svc+0x34/0x100 [ 42.839400][ T3241] el0t_64_sync_handler+0x84/0xf0 [ 42.840868][ T3241] el0t_64_sync+0x18c/0x190 [ 42.842101][ T3241] [ 42.842703][ T3241] Allocated by task 3241: [ 42.844215][ T3241] kasan_set_track+0x4c/0x80 [ 42.845386][ T3241] kasan_save_alloc_info+0x24/0x30 [ 42.846789][ T3241] __kasan_kmalloc+0xac/0xc4 [ 42.848079][ T3241] __kmalloc+0xc4/0x118 [ 42.849134][ T3241] hfsplus_find_init+0x84/0x1bc [ 42.850747][ T3241] hfsplus_create_attr+0x14c/0x568 [ 42.852042][ T3241] __hfsplus_setxattr+0x8fc/0x1c68 [ 42.853545][ T3241] hfsplus_setxattr+0xb4/0xec [ 42.854749][ T3241] hfsplus_user_setxattr+0x54/0x6c [ 42.856068][ T3241] __vfs_setxattr+0x388/0x3a4 [ 42.857573][ T3241] __vfs_setxattr_noperm+0x110/0x528 [ 42.858993][ T3241] __vfs_setxattr_locked+0x1ec/0x218 [ 42.860462][ T3241] vfs_setxattr+0x1a8/0x344 [ 42.861646][ T3241] setxattr+0x230/0x294 [ 42.863165][ T3241] path_setxattr+0x17c/0x258 [ 42.864460][ T3241] __arm64_sys_setxattr+0xbc/0xd8 [ 42.865827][ T3241] invoke_syscall+0x98/0x2c0 [ 42.867138][ T3241] el0_svc_common+0x134/0x24c [ 42.868392][ T3241] do_el0_svc+0x64/0x218 [ 42.869834][ T3241] el0_svc+0x34/0x100 [ 42.870865][ T3241] el0t_64_sync_handler+0x84/0xf0 [ 42.872372][ T3241] el0t_64_sync+0x18c/0x190 [ 42.873637][ T3241] [ 42.874247][ T3241] The buggy address belongs to the object at ffff0000c914c000 [ 42.874247][ T3241] which belongs to the cache kmalloc-1k of size 1024 [ 42.878316][ T3241] The buggy address is located 0 bytes inside of [ 42.878316][ T3241] 1024-byte region [ffff0000c914c000, ffff0000c914c400) [ 42.882344][ T3241] [ 42.882954][ T3241] The buggy address belongs to the physical page: [ 42.884742][ T3241] page:000000000bfd97df refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109148 [ 42.887552][ T3241] head:000000000bfd97df order:3 compound_mapcount:0 compound_pincount:0 [ 42.890026][ T3241] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff) [ 42.892383][ T3241] raw: 05ffc00000010200 0000000000000000 dead000000000001 ffff0000c0002780 [ 42.895024][ T3241] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 42.897278][ T3241] page dumped because: kasan: bad access detected [ 42.899099][ T3241] [ 42.899702][ T3241] Memory state around the buggy address: [ 42.901569][ T3241] ffff0000c914c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 42.903734][ T3241] ffff0000c914c180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 42.905914][ T3241] >ffff0000c914c200: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 42.908452][ T3241] ^ [ 42.909807][ T3241] ffff0000c914c280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 42.912020][ T3241] ffff0000c914c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 42.914516][ T3241] ================================================================== [ 42.917832][ T3241] Disabling lock debugging due to kernel taint [ 42.933049][ T3243] loop0: detected capacity change from 0 to 1024 [ 42.941604][ T1350] Unable to handle kernel paging request at virtual address dfff82c000000088 [ 42.944041][ T1350] KASAN: probably user-memory-access in range [0x0000160000000440-0x0000160000000447] [ 42.947207][ T1350] Mem abort info: [ 42.948231][ T1350] ESR = 0x0000000096000004 [ 42.949490][ T1350] EC = 0x25: DABT (current EL), IL = 32 bits [ 42.951311][ T1350] SET = 0, FnV = 0 [ 42.952485][ T1350] EA = 0, S1PTW = 0 [ 42.953440][ T1350] FSC = 0x04: level 0 translation fault [ 42.955028][ T1350] Data abort info: [ 42.956292][ T1350] ISV = 0, ISS = 0x00000004 [ 42.957676][ T1350] CM = 0, WnR = 0 [ 42.958776][ T1350] [dfff82c000000088] address between user and kernel address ranges [ 42.960821][ T1350] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP [ 42.962722][ T1350] Modules linked in: [ 42.963789][ T1350] CPU: 1 PID: 1350 Comm: kworker/u4:3 Tainted: G B 6.1.91-syzkaller #0 [ 42.966349][ T1350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 42.969104][ T1350] Workqueue: writeback wb_workfn (flush-7:0) [ 42.971042][ T1350] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 42.973122][ T1350] pc : hfsplus_find_init+0x68/0x1bc [ 42.974613][ T1350] lr : hfsplus_find_init+0x2c/0x1bc [ 42.975954][ T1350] sp : ffff80001a636f00 [ 42.977429][ T1350] x29: ffff80001a636f00 x28: dfff800000000000 x27: ffff7000034c6dec [ 42.979598][ T1350] x26: 1fffe00019782a48 x25: ffff0000da5ce028 x24: dfff800000000000 [ 42.981795][ T1350] x23: 000002c000000088 x22: ffff80001a636f98 x21: 0000160000000440 [ 42.984182][ T1350] x20: ffff80001a636f80 x19: 0000160000000400 x18: 1fffe000190f6011 [ 42.986263][ T1350] x17: 0000000000000000 x16: ffff800016797150 x15: 0000000000000000 [ 42.988496][ T1350] x14: 0000000000000012 x13: 0000000000000000 x12: 0000000000000005 [ 42.990905][ T1350] x11: 0000000000ff0100 x10: 0000000000000000 x9 : ffff800008c643a8 [ 42.993090][ T1350] x8 : 0000000000000000 x7 : 0000000000000000 x6 : 000000000000003f [ 42.995171][ T1350] x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000020 [ 42.997716][ T1350] x2 : 0000000000000008 x1 : ffff80001a636f80 x0 : ffff80001a636f90 [ 43.000061][ T1350] Call trace: [ 43.000910][ T1350] hfsplus_find_init+0x68/0x1bc [ 43.002588][ T1350] hfsplus_cat_write_inode+0x1a4/0xd48 [ 43.004006][ T1350] hfsplus_write_inode+0x15c/0x4dc [ 43.005459][ T1350] __writeback_single_inode+0x380/0x4e4 [ 43.007123][ T1350] writeback_sb_inodes+0x8c4/0x139c [ 43.008646][ T1350] wb_writeback+0x390/0x650 [ 43.010011][ T1350] wb_workfn+0x2d8/0xc24 [ 43.011121][ T1350] process_one_work+0x698/0xc7c [ 43.012616][ T1350] worker_thread+0x860/0xea4 [ 43.013788][ T1350] kthread+0x200/0x260 [ 43.014799][ T1350] ret_from_fork+0x10/0x20 [ 43.016435][ T1350] Code: 97ebfb99 91010275 f90002df d343feb7 (38f86ae8) [ 43.018354][ T1350] ---[ end trace 0000000000000000 ]--- [ 43.191739][ T1350] Kernel panic - not syncing: Oops: Fatal exception [ 43.193919][ T1350] SMP: stopping secondary CPUs [ 43.195347][ T1350] Kernel Offset: disabled [ 43.196510][ T1350] CPU features: 0x00000,02070084,26017203 [ 43.198164][ T1350] Memory Limit: none [ 43.366059][ T1350] Rebooting in 86400 seconds..