Warning: Permanently added '10.128.0.10' (ED25519) to the list of known hosts. 2024/08/18 13:53:46 ignoring optional flag "sandboxArg"="0" 2024/08/18 13:53:46 parsed 1 programs 2024/08/18 13:53:48 executed programs: 0 [ 57.704352][ T1355] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 62.520345][ T1777] loop0: detected capacity change from 0 to 1024 [ 62.530160][ T1777] ================================================================== [ 62.538288][ T1777] BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0x724/0x1180 [ 62.546101][ T1777] Read of size 2 at addr ffff88810ffc140c by task syz-executor.0/1777 [ 62.554308][ T1777] [ 62.556704][ T1777] CPU: 1 PID: 1777 Comm: syz-executor.0 Not tainted 6.1.105-syzkaller #0 [ 62.565080][ T1777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 62.575199][ T1777] Call Trace: [ 62.578462][ T1777] [ 62.581367][ T1777] dump_stack_lvl+0xf4/0x251 [ 62.585940][ T1777] ? nf_tcp_handle_invalid+0x2f3/0x2f3 [ 62.591379][ T1777] ? panic+0x3fe/0x3fe [ 62.595449][ T1777] ? __virt_addr_valid+0x139/0x270 [ 62.600538][ T1777] ? __virt_addr_valid+0x221/0x270 [ 62.605616][ T1777] print_report+0x15f/0x4f0 [ 62.610101][ T1777] ? __virt_addr_valid+0x139/0x270 [ 62.615190][ T1777] ? __virt_addr_valid+0x221/0x270 [ 62.620388][ T1777] ? hfsplus_uni2asc+0x724/0x1180 [ 62.625582][ T1777] kasan_report+0x136/0x160 [ 62.630196][ T1777] ? hfsplus_uni2asc+0x724/0x1180 [ 62.635200][ T1777] hfsplus_uni2asc+0x724/0x1180 [ 62.640115][ T1777] ? memcpy+0x3c/0x60 [ 62.644135][ T1777] hfsplus_readdir+0x7fd/0x10d0 [ 62.648977][ T1777] ? hfsplus_rename+0x160/0x160 [ 62.653799][ T1777] ? iterate_dir+0xaa/0x500 [ 62.658280][ T1777] ? down_read_interruptible+0x1010/0x1010 [ 62.664067][ T1777] ? common_file_perm+0x130/0x1e0 [ 62.669090][ T1777] ? fsnotify_perm+0x120/0x440 [ 62.673833][ T1777] ? hfsplus_rename+0x160/0x160 [ 62.678923][ T1777] iterate_dir+0x1fa/0x500 [ 62.683416][ T1777] __se_sys_getdents64+0x1af/0x3e0 [ 62.688598][ T1777] ? __x64_sys_getdents64+0x80/0x80 [ 62.693864][ T1777] ? filldir+0x570/0x570 [ 62.698343][ T1777] ? switch_fpu_return+0xc9/0x130 [ 62.703340][ T1777] do_syscall_64+0x3b/0x80 [ 62.707751][ T1777] ? clear_bhb_loop+0x45/0xa0 [ 62.712413][ T1777] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 62.718392][ T1777] RIP: 0033:0x7f0d6687cce9 [ 62.722872][ T1777] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 62.742814][ T1777] RSP: 002b:00007f0d676c10c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 [ 62.751394][ T1777] RAX: ffffffffffffffda RBX: 00007f0d6699bf80 RCX: 00007f0d6687cce9 [ 62.759355][ T1777] RDX: 0000000000000067 RSI: 0000000020000540 RDI: 0000000000000003 [ 62.767327][ T1777] RBP: 00007f0d668c947a R08: 0000000000000000 R09: 0000000000000000 [ 62.775292][ T1777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 62.783247][ T1777] R13: 0000000000000006 R14: 00007f0d6699bf80 R15: 00007fffca1cc4f8 [ 62.791269][ T1777] [ 62.794349][ T1777] [ 62.796644][ T1777] Allocated by task 1777: [ 62.801200][ T1777] kasan_set_track+0x4b/0x70 [ 62.805794][ T1777] __kasan_kmalloc+0x97/0xb0 [ 62.810357][ T1777] __kmalloc+0xa6/0x1c0 [ 62.814657][ T1777] hfsplus_find_init+0x7c/0x180 [ 62.819560][ T1777] hfsplus_readdir+0x1f4/0x10d0 [ 62.824405][ T1777] iterate_dir+0x1fa/0x500 [ 62.828886][ T1777] __se_sys_getdents64+0x1af/0x3e0 [ 62.833972][ T1777] do_syscall_64+0x3b/0x80 [ 62.838371][ T1777] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 62.844331][ T1777] [ 62.846719][ T1777] The buggy address belongs to the object at ffff88810ffc1000 [ 62.846719][ T1777] which belongs to the cache kmalloc-2k of size 2048 [ 62.860917][ T1777] The buggy address is located 1036 bytes inside of [ 62.860917][ T1777] 2048-byte region [ffff88810ffc1000, ffff88810ffc1800) [ 62.874427][ T1777] [ 62.876815][ T1777] The buggy address belongs to the physical page: [ 62.883227][ T1777] page:ffffea00043ff000 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10ffc0 [ 62.893517][ T1777] head:ffffea00043ff000 order:3 compound_mapcount:0 compound_pincount:0 [ 62.901916][ T1777] flags: 0x100000000010200(slab|head|node=0|zone=2) [ 62.908573][ T1777] raw: 0100000000010200 0000000000000000 dead000000000001 ffff888100042000 [ 62.917242][ T1777] raw: 0000000000000000 0000000000080008 00000001ffffffff 0000000000000000 [ 62.926083][ T1777] page dumped because: kasan: bad access detected [ 62.932643][ T1777] page_owner tracks the page as allocated [ 62.938330][ T1777] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 696, tgid 696 (acpid), ts 6064735912, free_ts 0 [ 62.958001][ T1777] post_alloc_hook+0x286/0x2b0 [ 62.962765][ T1777] get_page_from_freelist+0x3994/0x3b70 [ 62.968568][ T1777] __alloc_pages+0x251/0x640 [ 62.973240][ T1777] alloc_slab_page+0x6a/0x150 [ 62.977995][ T1777] new_slab+0x70/0x250 [ 62.982038][ T1777] ___slab_alloc+0x9df/0xe70 [ 62.986598][ T1777] __kmem_cache_alloc_node+0x195/0x250 [ 62.992029][ T1777] __kmalloc+0x95/0x1c0 [ 62.996168][ T1777] sk_prot_alloc+0xdf/0x1b0 [ 63.000651][ T1777] sk_alloc+0x31/0x540 [ 63.004688][ T1777] __netlink_create+0x66/0x2a0 [ 63.009418][ T1777] netlink_create+0x313/0x480 [ 63.014061][ T1777] __sock_create+0x333/0x6d0 [ 63.018618][ T1777] __sys_socket+0x124/0x340 [ 63.023086][ T1777] __x64_sys_socket+0x71/0x80 [ 63.027747][ T1777] do_syscall_64+0x3b/0x80 [ 63.032145][ T1777] page_owner free stack trace missing [ 63.037492][ T1777] [ 63.039794][ T1777] Memory state around the buggy address: [ 63.045479][ T1777] ffff88810ffc1300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 63.053511][ T1777] ffff88810ffc1380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 63.061566][ T1777] >ffff88810ffc1400: 00 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.069594][ T1777] ^ [ 63.073892][ T1777] ffff88810ffc1480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.081922][ T1777] ffff88810ffc1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.090133][ T1777] ================================================================== [ 63.098344][ T1777] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 63.105779][ T1777] Kernel Offset: disabled [ 63.110106][ T1777] Rebooting in 86400 seconds..