Warning: Permanently added '10.128.1.149' (ED25519) to the list of known hosts. 2023/12/05 14:16:53 ignoring optional flag "sandboxArg"="0" 2023/12/05 14:16:54 parsed 1 programs 2023/12/05 14:16:54 executed programs: 0 [ 64.879956][ T2264] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 67.873999][ T2681] loop0: detected capacity change from 0 to 8192 [ 67.882459][ T2681] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 67.895566][ T2681] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 67.904825][ T2681] REISERFS (device loop0): using ordered data mode [ 67.911316][ T2681] reiserfs: using flush barriers [ 67.917367][ T2681] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 67.933644][ T2681] REISERFS (device loop0): checking transaction log (loop0) [ 67.957525][ T2681] REISERFS (device loop0): Using r5 hash to sort names [ 67.964454][ T2681] REISERFS (device loop0): using 3.5.x disk format [ 67.971255][ T2681] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 67.987365][ T2681] ================================================================== [ 67.987422][ T2274] BUG: unable to handle page fault for address: 000055e02e080027 [ 67.995787][ T2681] BUG: KASAN: stack-out-of-bounds in __schedule+0x5667/0x5980 [ 68.003651][ T2274] #PF: supervisor read access in kernel mode [ 68.011089][ T2681] Read of size 8 at addr ffffc90002df8000 by task syz-executor.0/2681 [ 68.017029][ T2274] #PF: error_code(0x0000) - not-present page [ 68.025172][ T2681] [ 68.031112][ T2274] PGD 7397a067 [ 68.033414][ T2681] CPU: 0 PID: 2681 Comm: syz-executor.0 Not tainted 6.7.0-rc4-syzkaller #0 [ 68.033420][ T2681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 68.036846][ T2274] P4D 7397a067 [ 68.045911][ T2681] Call Trace: [ 68.055932][ T2274] PUD 0 [ 68.059353][ T2681] [ 68.062600][ T2274] [ 68.065417][ T2681] dump_stack_lvl+0x5c/0xb0 [ 68.068316][ T2274] Oops: 0000 [#1] PREEMPT SMP KASAN [ 68.070610][ T2681] print_report+0xc4/0x620 [ 68.075074][ T2274] CPU: 1 PID: 2274 Comm: udevd Not tainted 6.7.0-rc4-syzkaller #0 [ 68.080234][ T2681] kasan_report+0xda/0x110 [ 68.086176][ T2274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 68.093944][ T2681] ? __schedule+0x5667/0x5980 [ 68.098322][ T2274] RIP: 0010:kmem_cache_alloc+0x100/0x2f0 [ 68.108340][ T2681] ? __schedule+0x5667/0x5980 [ 68.112980][ T2274] Code: b7 8b 7e 48 8b 50 08 48 83 78 10 00 48 8b 38 0f 84 db 01 00 00 48 85 ff 0f 84 d2 01 00 00 41 8b 45 28 48 8d 4a 08 49 8b 75 00 <48> 8b 1c 07 48 89 f8 65 48 0f c7 0e 75 bf 41 8b 45 28 0f 0d 0c 03 [ 68.118575][ T2681] __schedule+0x5667/0x5980 [ 68.123215][ T2274] RSP: 0000:ffffc9000208fc80 EFLAGS: 00010006 [ 68.143249][ T2681] ? hlock_class+0x4e/0x130 [ 68.148242][ T2274] [ 68.154441][ T2681] ? mark_lock+0xb5/0xc50 [ 68.158902][ T2274] RAX: 0000000000000028 RBX: 0000000000000820 RCX: 00000000000008b9 [ 68.161196][ T2681] ? print_usage_bug.part.0+0x550/0x550 [ 68.165488][ T2274] RDX: 00000000000008b1 RSI: 00000000000408d0 RDI: 000055e02e07ffff [ 68.173422][ T2681] ? journal_mark_dirty+0x156/0xcb0 [ 68.178926][ T2274] RBP: ffffc9000208fcd0 R08: 0000000000000000 R09: fffffbfff0ece14a [ 68.186861][ T2681] ? journal_mark_dirty+0x156/0xcb0 [ 68.192019][ T2274] R10: ffffffff87670a57 R11: 000000000000005c R12: 0000000000000050 [ 68.199956][ T2681] ? io_schedule_timeout+0x150/0x150 [ 68.205111][ T2274] R13: ffff88800da6c280 R14: 0000000000000820 R15: ffffffff811735ca [ 68.213058][ T2681] ? leaf_cut_from_buffer+0xda9/0x1800 [ 68.218323][ T2274] FS: 00007f18d8abac80(0000) GS:ffff8880ba900000(0000) knlGS:0000000000000000 [ 68.226257][ T2681] ? mark_held_locks+0x9f/0xe0 [ 68.231677][ T2274] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 68.240571][ T2681] preempt_schedule_irq+0x52/0x90 [ 68.245293][ T2274] CR2: 000055e02e080027 CR3: 000000007b3ee000 CR4: 0000000000350ef0 [ 68.251837][ T2681] irqentry_exit+0x36/0x80 [ 68.256817][ T2274] Call Trace: [ 68.264748][ T2681] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 68.269122][ T2274] [ 68.272365][ T2681] RIP: 0010:memmove+0x63/0x1b0 [ 68.277779][ T2274] ? __die+0x1e/0x60 [ 68.280677][ T2681] Code: 48 83 ea 20 48 83 ea 20 4c 8b 1e 4c 8b 56 08 4c 8b 4e 10 4c 8b 46 18 48 8d 76 20 4c 89 1f 4c 89 57 08 4c 89 4f 10 4c 89 47 18 <48> 8d 7f 20 73 d4 48 83 c2 20 e9 b4 00 00 00 66 66 2e 0f 1f 84 00 [ 68.285397][ T2274] ? page_fault_oops+0x273/0x820 [ 68.289260][ T2681] RSP: 0018:ffffc90002dfef60 EFLAGS: 00000282 [ 68.308825][ T2274] ? hlock_class+0x4e/0x130 [ 68.313722][ T2681] [ 68.319746][ T2274] ? dump_pagetable+0x420/0x420 [ 68.324207][ T2681] RAX: ffff88806d2ae030 RBX: ffff88806d2ae000 RCX: 0000000000000000 [ 68.326496][ T2274] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 68.331304][ T2681] RDX: fffffffffcc0a749 RSI: ffff8880706a4760 RDI: ffff8880706a3770 [ 68.339324][ T2274] ? exc_page_fault+0x5d/0xc0 [ 68.345278][ T2681] RBP: 0000000000000000 R08: f8f8f8f8f8f8f8f8 R09: f8f8f8f8f8f8f8f8 [ 68.353226][ T2274] ? asm_exc_page_fault+0x26/0x30 [ 68.357860][ T2681] R10: f8f8f8f8f8f8f8f8 R11: f8f8f8f8f8f8f8f8 R12: 0000000000000fd0 [ 68.365808][ T2274] ? __sigqueue_alloc+0x1ba/0x4f0 [ 68.370808][ T2681] R13: ffff888071ad7488 R14: ffff88806d2ae0d8 R15: ffffc90002dff138 [ 68.378750][ T2274] ? kmem_cache_alloc+0x100/0x2f0 [ 68.383735][ T2681] leaf_paste_in_buffer+0x21e/0xc10 [ 68.391666][ T2274] __sigqueue_alloc+0x1ba/0x4f0 [ 68.396650][ T2681] balance_leaf+0x21f5/0xe280 [ 68.401805][ T2274] __send_signal_locked+0x4e0/0x1110 [ 68.406612][ T2681] ? reiserfs_prepare_for_journal+0xfe/0x200 [ 68.411245][ T2274] force_sig_info_to_task+0x1b0/0x630 [ 68.416485][ T2681] ? replace_key+0x150/0x150 [ 68.422425][ T2274] ? find_held_lock+0x2d/0x110 [ 68.427753][ T2681] do_balance+0x30b/0x7b0 [ 68.432313][ T2274] force_sig_fault+0xbf/0x100 [ 68.437038][ T2681] ? get_right_neighbor_position+0x160/0x160 [ 68.441325][ T2274] ? force_sig+0xf0/0xf0 [ 68.445972][ T2681] ? bit_wait_timeout+0x160/0x160 [ 68.451921][ T2274] __bad_area_nosemaphore+0x1fa/0x580 [ 68.456122][ T2681] reiserfs_paste_into_item+0x553/0x6e0 [ 68.461102][ T2274] ? do_user_addr_fault+0x21a/0xaa0 [ 68.466430][ T2681] ? reiserfs_delete_object+0x1c0/0x1c0 [ 68.472017][ T2274] exc_page_fault+0x5d/0xc0 [ 68.477520][ T2681] ? reacquire_held_locks+0x4c0/0x4c0 [ 68.483037][ T2274] asm_exc_page_fault+0x26/0x30 [ 68.487635][ T2681] ? rcu_is_watching+0x12/0xb0 [ 68.492996][ T2274] RIP: 0033:0x0 [ 68.497817][ T2681] reiserfs_get_block+0xf9e/0x46f0 [ 68.502552][ T2274] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 68.505988][ T2681] ? reiserfs_commit_write+0x620/0x620 [ 68.511070][ T2274] RSP: 002b:00007ffc7a92e3e0 EFLAGS: 00010203 [ 68.518400][ T2681] ? create_empty_buffers+0x2ec/0x3c0 [ 68.523820][ T2274] [ 68.529847][ T2681] ? do_raw_spin_unlock+0x173/0x230 [ 68.535177][ T2274] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 00007f18d8723457 [ 68.537467][ T2681] ? _raw_spin_unlock+0x28/0x40 [ 68.542634][ T2274] RDX: 0000000000000004 RSI: 00007ffc7a92e418 RDI: 0000000000000004 [ 68.550569][ T2681] __block_write_begin_int+0x2da/0x10c0 [ 68.555380][ T2274] RBP: 000055958edeacf0 R08: 0000000000000007 R09: 45b6bbb816f365ce [ 68.563316][ T2681] ? reiserfs_commit_write+0x620/0x620 [ 68.568836][ T2274] R10: 00000000ffffffff R11: 0000000000000246 R12: 000055958edd3b40 [ 68.576769][ T2681] ? reiserfs_allow_writes+0x90/0x90 [ 68.582190][ T2274] R13: 00007ffc7a92e418 R14: 0000000000000008 R15: 000055958edc9910 [ 68.590121][ T2681] ? invalidate_bh_lrus_cpu+0x130/0x130 [ 68.595370][ T2274] [ 68.603302][ T2681] reiserfs_write_begin+0x285/0x7d0 [ 68.608806][ T2274] Modules linked in: [ 68.611793][ T2681] generic_cont_expand_simple+0x105/0x1b0 [ 68.616954][ T2274] [ 68.620808][ T2681] ? end_bio_bh_io_sync+0xf0/0xf0 [ 68.626499][ T2274] CR2: 000055e02e080027 [ 68.628802][ T2681] ? reacquire_held_locks+0x4c0/0x4c0 [ 68.633790][ T2274] ---[ end trace 0000000000000000 ]--- [ 68.637903][ T2681] reiserfs_setattr+0x2a0/0xf70 [ 68.643231][ T2274] RIP: 0010:kmem_cache_alloc+0x100/0x2f0 [ 68.648654][ T2681] ? reiserfs_new_inode+0x1ba0/0x1ba0 [ 68.653463][ T2274] Code: b7 8b 7e 48 8b 50 08 48 83 78 10 00 48 8b 38 0f 84 db 01 00 00 48 85 ff 0f 84 d2 01 00 00 41 8b 45 28 48 8d 4a 08 49 8b 75 00 <48> 8b 1c 07 48 89 f8 65 48 0f c7 0e 75 bf 41 8b 45 28 0f 0d 0c 03 [ 68.659060][ T2681] ? current_time+0x8b/0xb0 [ 68.664390][ T2274] RSP: 0000:ffffc9000208fc80 EFLAGS: 00010006 [ 68.683958][ T2681] ? from_vfsuid+0x120/0x120 [ 68.688423][ T2274] [ 68.694460][ T2681] ? lock_sync+0x190/0x190 [ 68.699009][ T2274] RAX: 0000000000000028 RBX: 0000000000000820 RCX: 00000000000008b9 [ 68.701300][ T2681] notify_change+0x52e/0xdf0 [ 68.705674][ T2274] RDX: 00000000000008b1 RSI: 00000000000408d0 RDI: 000055e02e07ffff [ 68.713606][ T2681] ? preempt_count_sub+0x160/0x160 [ 68.718153][ T2274] RBP: ffffc9000208fcd0 R08: 0000000000000000 R09: fffffbfff0ece14a [ 68.726086][ T2681] ? do_truncate+0x108/0x1b0 [ 68.731155][ T2274] R10: ffffffff87670a57 R11: 000000000000005c R12: 0000000000000050 [ 68.739088][ T2681] do_truncate+0x108/0x1b0 [ 68.743646][ T2274] R13: ffff88800da6c280 R14: 0000000000000820 R15: ffffffff811735ca [ 68.751680][ T2681] ? file_open_root+0x220/0x220 [ 68.756056][ T2274] FS: 00007f18d8abac80(0000) GS:ffff8880ba900000(0000) knlGS:0000000000000000 [ 68.763990][ T2681] ? common_perm_cond+0x32d/0x4e0 [ 68.768798][ T2274] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 68.777696][ T2681] do_sys_ftruncate+0x476/0x5c0 [ 68.782688][ T2274] CR2: 000055e02e080027 CR3: 000000007b3ee000 CR4: 0000000000350ef0 [ 68.789234][ T2681] ? lockdep_hardirqs_on+0x7d/0x110 [ 68.794042][ T2274] Kernel panic - not syncing: Fatal exception [ 68.801979][ T2681] do_syscall_64+0x40/0xe0 [ 68.801986][ T2681] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 68.801991][ T2681] RIP: 0033:0x7f6a18c7cb29 [ 68.802001][ T2681] Code: Unable to access opcode bytes at 0x7f6a18c7caff. [ 68.802002][ T2681] RSP: 002b:00007f6a19ab80c8 EFLAGS: 00000246 ORIG_RAX: 000000000000004d [ 68.802006][ T2681] RAX: ffffffffffffffda RBX: 00007f6a18d9bf80 RCX: 00007f6a18c7cb29 [ 68.802008][ T2681] RDX: 0000000000000000 RSI: 0000000002007fff RDI: 0000000000000004 [ 68.802009][ T2681] RBP: 00007f6a18cc847a R08: 0000000000000000 R09: 0000000000000000 [ 68.802011][ T2681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 68.802012][ T2681] R13: 0000000000000006 R14: 00007f6a18d9bf80 R15: 00007ffde83ee8e8 [ 68.802014][ T2681] [ 68.802016][ T2681] [ 68.802016][ T2681] The buggy address belongs to stack of task syz-executor.0/2681 [ 68.802018][ T2681] [ 68.802022][ T2681] The buggy address belongs to the virtual mapping at [ 68.802022][ T2681] [ffffc90002df8000, ffffc90002e01000) created by: [ 68.802022][ T2681] kernel_clone+0xcb/0x650 [ 68.802028][ T2681] [ 68.802029][ T2681] The buggy address belongs to the physical page: [ 68.802031][ T2681] page:ffffea0001ea2480 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7a892 [ 68.802034][ T2681] memcg:ffff888079984b82 [ 68.802036][ T2681] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 68.802040][ T2681] page_type: 0xffffffff() [ 68.802043][ T2681] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 68.802046][ T2681] raw: 0000000000000000 0000000000000000 00000001ffffffff ffff888079984b82 [ 68.802047][ T2681] page dumped because: kasan: bad access detected [ 68.802049][ T2681] page_owner tracks the page as allocated [ 68.802050][ T2681] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102dc2(GFP_HIGHUSER|__GFP_NOWARN|__GFP_ZERO), pid 77, tgid 77 (kworker/u4:3), ts 67674020208, free_ts 67652870300 [ 68.802056][ T2681] post_alloc_hook+0x2d0/0x350 [ 68.802060][ T2681] get_page_from_freelist+0xa28/0x36d0 [ 68.802063][ T2681] __alloc_pages+0x22e/0x2420 [ 68.802065][ T2681] __alloc_pages_bulk+0x742/0x14f0 [ 68.802067][ T2681] alloc_pages_bulk_array_mempolicy+0x1af/0x340 [ 68.802072][ T2681] __vmalloc_node_range+0xbc7/0x1180 [ 68.802076][ T2681] copy_process+0x1142/0x64e0 [ 68.802078][ T2681] kernel_clone+0xcb/0x650 [ 68.802080][ T2681] user_mode_thread+0xa5/0xe0 [ 68.802083][ T2681] call_usermodehelper_exec_work+0x57/0x140 [ 68.802087][ T2681] process_one_work+0x78b/0x12b0 [ 68.802089][ T2681] worker_thread+0x6fb/0x1170 [ 68.802092][ T2681] kthread+0x294/0x360 [ 68.802094][ T2681] ret_from_fork+0x2c/0x70 [ 68.802098][ T2681] ret_from_fork_asm+0x11/0x20 [ 68.802101][ T2681] page last free stack trace: [ 68.802102][ T2681] free_unref_page_prepare+0x4e7/0xa20 [ 68.802105][ T2681] free_unref_page+0x33/0x3b0 [ 68.802107][ T2681] vfree+0x120/0x6e0 [ 68.802110][ T2681] delayed_vfree_work+0x4a/0x70 [ 68.802112][ T2681] process_one_work+0x78b/0x12b0 [ 68.802115][ T2681] worker_thread+0x6fb/0x1170 [ 68.802117][ T2681] kthread+0x294/0x360 [ 68.802119][ T2681] ret_from_fork+0x2c/0x70 [ 68.802122][ T2681] ret_from_fork_asm+0x11/0x20 [ 68.802124][ T2681] [ 68.802125][ T2681] Memory state around the buggy address: [ 68.802126][ T2681] ffffc90002df7f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 68.802128][ T2681] ffffc90002df7f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 68.802129][ T2681] >ffffc90002df8000: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 [ 68.802130][ T2681] ^ [ 68.802131][ T2681] ffffc90002df8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 68.802133][ T2681] ffffc90002df8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 68.802134][ T2681] ================================================================== [ 68.802422][ T2274] Kernel Offset: disabled [ 69.181276][ T2274] Rebooting in 86400 seconds..