Warning: Permanently added '10.128.1.74' (ED25519) to the list of known hosts. 2024/06/01 10:21:55 ignoring optional flag "sandboxArg"="0" 2024/06/01 10:21:55 parsed 1 programs 2024/06/01 10:21:55 executed programs: 0 [ 48.228108][ T1495] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 53.026410][ T1913] loop0: detected capacity change from 0 to 8192 [ 53.034412][ T1913] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 53.047445][ T1913] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 53.056653][ T1913] REISERFS (device loop0): using ordered data mode [ 53.063276][ T1913] reiserfs: using flush barriers [ 53.068907][ T1913] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 53.085374][ T1913] REISERFS (device loop0): checking transaction log (loop0) [ 53.093872][ T1913] REISERFS (device loop0): Using r5 hash to sort names [ 53.151966][ T1917] loop0: detected capacity change from 0 to 8192 [ 53.159546][ T1917] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 53.172607][ T1917] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 53.182130][ T1917] REISERFS (device loop0): using ordered data mode [ 53.188675][ T1917] reiserfs: using flush barriers [ 53.194568][ T1917] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 53.211083][ T1917] REISERFS (device loop0): checking transaction log (loop0) [ 53.219239][ T1917] REISERFS (device loop0): Using r5 hash to sort names [ 53.281299][ T1920] loop0: detected capacity change from 0 to 8192 [ 53.288828][ T1920] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 53.302083][ T1920] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 53.311451][ T1920] REISERFS (device loop0): using ordered data mode [ 53.317977][ T1920] reiserfs: using flush barriers 2024/06/01 10:22:00 executed programs: 3 [ 53.323748][ T1920] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 53.340098][ T1920] REISERFS (device loop0): checking transaction log (loop0) [ 53.348094][ T1920] REISERFS (device loop0): Using r5 hash to sort names [ 53.408890][ T1923] loop0: detected capacity change from 0 to 8192 [ 53.417120][ T1923] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 53.430429][ T1923] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 53.439813][ T1923] REISERFS (device loop0): using ordered data mode [ 53.446307][ T1923] reiserfs: using flush barriers [ 53.451998][ T1923] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 53.468343][ T1923] REISERFS (device loop0): checking transaction log (loop0) [ 53.476522][ T1923] REISERFS (device loop0): Using r5 hash to sort names [ 53.483564][ T1923] ================================================================== [ 53.491707][ T1923] BUG: KASAN: use-after-free in strlen+0x54/0x60 [ 53.498028][ T1923] Read of size 1 at addr ffff88806d7887a3 by task syz-executor.0/1923 [ 53.506170][ T1923] [ 53.508495][ T1923] CPU: 0 PID: 1923 Comm: syz-executor.0 Not tainted 6.1.92-syzkaller #0 [ 53.516889][ T1923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 53.526946][ T1923] Call Trace: [ 53.530204][ T1923] [ 53.533114][ T1923] dump_stack_lvl+0xf4/0x251 [ 53.537679][ T1923] ? nf_tcp_handle_invalid+0x2f3/0x2f3 [ 53.543112][ T1923] ? panic+0x3fe/0x3fe [ 53.547149][ T1923] ? __virt_addr_valid+0x139/0x260 [ 53.552242][ T1923] ? __virt_addr_valid+0x211/0x260 [ 53.557323][ T1923] print_report+0x15f/0x4f0 [ 53.561885][ T1923] ? __virt_addr_valid+0x139/0x260 [ 53.567070][ T1923] ? __virt_addr_valid+0x211/0x260 [ 53.572155][ T1923] ? strlen+0x54/0x60 [ 53.576116][ T1923] kasan_report+0x136/0x160 [ 53.580611][ T1923] ? strlen+0x54/0x60 [ 53.584580][ T1923] strlen+0x54/0x60 [ 53.588458][ T1923] reiserfs_find_entry+0x8c4/0x1a30 [ 53.593645][ T1923] ? reiserfs_get_parent+0x270/0x270 [ 53.598905][ T1923] reiserfs_lookup+0x1ae/0x3d0 [ 53.603744][ T1923] ? reiserfs_find_entry+0x1a30/0x1a30 [ 53.609189][ T1923] ? lockdep_init_map_type+0x9d/0x700 [ 53.614548][ T1923] ? __init_waitqueue_head+0xaa/0x140 [ 53.619895][ T1923] __lookup_slow+0x1ff/0x2e0 [ 53.624581][ T1923] ? lookup_one_len+0x10e/0x230 [ 53.629446][ T1923] ? lookup_one_len+0x230/0x230 [ 53.634411][ T1923] ? d_lookup+0x16f/0x1d0 [ 53.638742][ T1923] ? inode_permission+0x151/0x320 [ 53.643746][ T1923] lookup_one_len+0x1f3/0x230 [ 53.648421][ T1923] ? lookup_one_common+0x330/0x330 [ 53.653614][ T1923] reiserfs_lookup_privroot+0x81/0x1d0 [ 53.659074][ T1923] reiserfs_fill_super+0x14e7/0x2070 [ 53.664362][ T1923] ? reiserfs_kill_sb+0x140/0x140 [ 53.669398][ T1923] ? __down_write_common+0x12a/0x1e0 [ 53.674670][ T1923] ? snprintf+0xcc/0x110 [ 53.678892][ T1923] ? __up_read+0x360/0x360 [ 53.683304][ T1923] mount_bdev+0x26b/0x340 [ 53.687711][ T1923] ? reiserfs_kill_sb+0x140/0x140 [ 53.692740][ T1923] legacy_get_tree+0xe5/0x170 [ 53.697407][ T1923] ? remove_save_link+0x4e0/0x4e0 [ 53.702495][ T1923] vfs_get_tree+0x7a/0x170 [ 53.706896][ T1923] do_new_mount+0x21a/0x910 [ 53.711389][ T1923] ? do_move_mount_old+0x120/0x120 [ 53.716481][ T1923] __se_sys_mount+0x23e/0x2d0 [ 53.721138][ T1923] ? __x64_sys_mount+0xc0/0xc0 [ 53.725956][ T1923] ? fpregs_assert_state_consistent+0x43/0x50 [ 53.732055][ T1923] do_syscall_64+0x3b/0x80 [ 53.736456][ T1923] ? clear_bhb_loop+0x45/0xa0 [ 53.741144][ T1923] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 53.747069][ T1923] RIP: 0033:0x7f0d5867e22a [ 53.751509][ T1923] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 53.771478][ T1923] RSP: 002b:00007f0d593d9ee8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 53.779880][ T1923] RAX: ffffffffffffffda RBX: 00007f0d593d9f80 RCX: 00007f0d5867e22a [ 53.787956][ T1923] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 00007f0d593d9f40 [ 53.796002][ T1923] RBP: 00000000200000c0 R08: 00007f0d593d9f80 R09: 0000000000008001 [ 53.804047][ T1923] R10: 0000000000008001 R11: 0000000000000246 R12: 0000000020000040 [ 53.812094][ T1923] R13: 00007f0d593d9f40 R14: 0000000000001122 R15: 0000000020000080 [ 53.820053][ T1923] [ 53.823054][ T1923] [ 53.825381][ T1923] The buggy address belongs to the physical page: [ 53.831869][ T1923] page:ffffea0001b5e200 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6d788 [ 53.841999][ T1923] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 53.849095][ T1923] raw: 00fff00000000000 ffffea0001aeb0c8 ffff8880bac3e5e0 0000000000000000 [ 53.857750][ T1923] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 53.866485][ T1923] page dumped because: kasan: bad access detected [ 53.872972][ T1923] page_owner tracks the page as freed [ 53.878317][ T1923] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 1923, tgid 1922 (syz-executor.0), ts 53391020669, free_ts 53408666875 [ 53.897220][ T1923] post_alloc_hook+0x286/0x2b0 [ 53.901988][ T1923] get_page_from_freelist+0x2fdd/0x3170 [ 53.907703][ T1923] __alloc_pages+0x251/0x640 [ 53.912303][ T1923] __folio_alloc+0xf/0x30 [ 53.916799][ T1923] vma_alloc_folio+0x484/0x9e0 [ 53.921551][ T1923] handle_mm_fault+0x232f/0x4260 [ 53.926636][ T1923] exc_page_fault+0x22a/0x5e0 [ 53.931321][ T1923] asm_exc_page_fault+0x22/0x30 [ 53.936247][ T1923] page last free stack trace: [ 53.940922][ T1923] free_unref_page_prepare+0xd4b/0xee0 [ 53.946362][ T1923] free_unref_page_list+0x54b/0x7e0 [ 53.951622][ T1923] release_pages+0x175c/0x1900 [ 53.956461][ T1923] tlb_flush_mmu+0xe5/0x1d0 [ 53.960936][ T1923] tlb_finish_mmu+0xb0/0x1b0 [ 53.965504][ T1923] unmap_region+0x265/0x2b0 [ 53.969985][ T1923] do_mas_align_munmap+0xa6c/0x11e0 [ 53.975158][ T1923] do_mas_munmap+0x195/0x1f0 [ 53.979718][ T1923] __vm_munmap+0x236/0x300 [ 53.984103][ T1923] __x64_sys_munmap+0x57/0x60 [ 53.988747][ T1923] do_syscall_64+0x3b/0x80 [ 53.993134][ T1923] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 53.999174][ T1923] [ 54.001510][ T1923] Memory state around the buggy address: [ 54.007199][ T1923] ffff88806d788680: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 54.015232][ T1923] ffff88806d788700: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 54.023409][ T1923] >ffff88806d788780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 54.031640][ T1923] ^ [ 54.036800][ T1923] ffff88806d788800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 54.044843][ T1923] ffff88806d788880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 54.053020][ T1923] ================================================================== [ 54.061828][ T1923] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 54.069312][ T1923] Kernel Offset: disabled [ 54.073741][ T1923] Rebooting in 86400 seconds..