Warning: Permanently added '10.128.0.86' (ECDSA) to the list of known hosts. executing program [ 38.182542][ T4217] loop0: detected capacity change from 0 to 8192 [ 38.225061][ T4217] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 38.227968][ T4217] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 38.230308][ T4217] REISERFS (device loop0): using ordered data mode [ 38.231818][ T4217] reiserfs: using flush barriers [ 38.233866][ T4217] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 38.237672][ T4217] REISERFS (device loop0): checking transaction log (loop0) [ 38.241567][ T4217] REISERFS (device loop0): Using r5 hash to sort names [ 38.243288][ T4217] ================================================================== [ 38.245083][ T4217] BUG: KASAN: use-after-free in strlen+0x54/0x70 [ 38.246549][ T4217] Read of size 1 at addr ffff0000e21bc7a3 by task syz-executor234/4217 [ 38.248458][ T4217] [ 38.249020][ T4217] CPU: 1 PID: 4217 Comm: syz-executor234 Not tainted 6.1.31-syzkaller #0 [ 38.250970][ T4217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023 [ 38.253408][ T4217] Call trace: [ 38.254211][ T4217] dump_backtrace+0x1c8/0x1f4 [ 38.255438][ T4217] show_stack+0x2c/0x3c [ 38.256437][ T4217] dump_stack_lvl+0x108/0x170 [ 38.257592][ T4217] print_report+0x174/0x4c0 [ 38.258721][ T4217] kasan_report+0xd4/0x130 [ 38.259740][ T4217] __asan_report_load1_noabort+0x2c/0x38 [ 38.261052][ T4217] strlen+0x54/0x70 [ 38.261955][ T4217] reiserfs_find_entry+0x898/0x149c [ 38.263201][ T4217] reiserfs_lookup+0x184/0x3c4 [ 38.264345][ T4217] __lookup_slow+0x250/0x374 [ 38.265458][ T4217] lookup_one_len+0x178/0x28c [ 38.266580][ T4217] reiserfs_lookup_privroot+0x8c/0x204 [ 38.267957][ T4217] reiserfs_fill_super+0x15b4/0x2028 [ 38.269252][ T4217] mount_bdev+0x274/0x370 [ 38.270330][ T4217] get_super_block+0x44/0x58 [ 38.271428][ T4217] legacy_get_tree+0xd4/0x16c [ 38.272507][ T4217] vfs_get_tree+0x90/0x274 [ 38.273558][ T4217] do_new_mount+0x25c/0x8c4 [ 38.274669][ T4217] path_mount+0x590/0xe58 [ 38.275793][ T4217] __arm64_sys_mount+0x45c/0x594 [ 38.276976][ T4217] invoke_syscall+0x98/0x2c0 [ 38.278017][ T4217] el0_svc_common+0x138/0x258 [ 38.279182][ T4217] do_el0_svc+0x64/0x218 [ 38.280235][ T4217] el0_svc+0x58/0x168 [ 38.281159][ T4217] el0t_64_sync_handler+0x84/0xf0 [ 38.282414][ T4217] el0t_64_sync+0x18c/0x190 [ 38.283427][ T4217] [ 38.283920][ T4217] The buggy address belongs to the physical page: [ 38.285488][ T4217] page:00000000cb8d89e1 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x1221bc [ 38.287876][ T4217] flags: 0x5ffc00000000000(node=0|zone=2|lastcpupid=0x7ff) [ 38.289692][ T4217] raw: 05ffc00000000000 fffffc0003886f48 ffff0001b45e8220 0000000000000000 [ 38.291722][ T4217] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 38.293884][ T4217] page dumped because: kasan: bad access detected [ 38.295432][ T4217] [ 38.295982][ T4217] Memory state around the buggy address: [ 38.297299][ T4217] ffff0000e21bc680: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.299176][ T4217] ffff0000e21bc700: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.301157][ T4217] >ffff0000e21bc780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.303085][ T4217] ^ [ 38.304315][ T4217] ffff0000e21bc800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.306307][ T4217] ffff0000e21bc880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 38.308302][ T4217] ================================================================== [ 38.310375][ T4217] Disabling lock debugging due to kernel taint