Warning: Permanently added '10.128.1.32' (ED25519) to the list of known hosts. 2024/02/05 22:24:47 ignoring optional flag "sandboxArg"="0" 2024/02/05 22:24:47 parsed 1 programs 2024/02/05 22:24:49 executed programs: 0 [ 54.798695][ T1436] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 59.530584][ T1861] loop0: detected capacity change from 0 to 1024 [ 59.541013][ T1861] ================================================================== [ 59.549182][ T1861] BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0x724/0x1180 [ 59.556878][ T1861] Read of size 2 at addr ffff88810ea5540c by task syz-executor.0/1861 [ 59.565088][ T1861] [ 59.567397][ T1861] CPU: 0 PID: 1861 Comm: syz-executor.0 Not tainted 6.1.77-syzkaller #0 [ 59.575693][ T1861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 59.585722][ T1861] Call Trace: [ 59.588981][ T1861] [ 59.591887][ T1861] dump_stack_lvl+0xf4/0x251 [ 59.596631][ T1861] ? nf_tcp_handle_invalid+0x2f3/0x2f3 [ 59.602062][ T1861] ? panic+0x3f7/0x3f7 [ 59.606202][ T1861] ? __virt_addr_valid+0x139/0x260 [ 59.611283][ T1861] ? __virt_addr_valid+0x211/0x260 [ 59.616372][ T1861] print_report+0x15f/0x4f0 [ 59.620905][ T1861] ? __virt_addr_valid+0x139/0x260 [ 59.625987][ T1861] ? __virt_addr_valid+0x211/0x260 [ 59.631067][ T1861] ? hfsplus_uni2asc+0x724/0x1180 [ 59.636060][ T1861] kasan_report+0x136/0x160 [ 59.640535][ T1861] ? hfsplus_uni2asc+0x724/0x1180 [ 59.646223][ T1861] hfsplus_uni2asc+0x724/0x1180 [ 59.651137][ T1861] ? memcpy+0x3c/0x60 [ 59.655183][ T1861] hfsplus_readdir+0x7fd/0x10d0 [ 59.660026][ T1861] ? hfsplus_rename+0x160/0x160 [ 59.664973][ T1861] ? iterate_dir+0xaa/0x4f0 [ 59.669545][ T1861] ? down_read_interruptible+0x1010/0x1010 [ 59.675334][ T1861] ? do_raw_spin_unlock+0x137/0x8a0 [ 59.681024][ T1861] ? common_file_perm+0x130/0x1e0 [ 59.686020][ T1861] ? fsnotify_perm+0x29e/0x450 [ 59.690750][ T1861] ? hfsplus_rename+0x160/0x160 [ 59.695583][ T1861] iterate_dir+0x1fa/0x4f0 [ 59.699980][ T1861] __se_sys_getdents64+0x1af/0x3e0 [ 59.705073][ T1861] ? __x64_sys_getdents64+0x80/0x80 [ 59.710334][ T1861] ? filldir+0x570/0x570 [ 59.714553][ T1861] ? switch_fpu_return+0xc9/0x130 [ 59.719552][ T1861] do_syscall_64+0x3d/0x80 [ 59.723941][ T1861] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 59.729947][ T1861] RIP: 0033:0x7f731447cce9 [ 59.734424][ T1861] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 59.754178][ T1861] RSP: 002b:00007f73151bc0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 [ 59.762663][ T1861] RAX: ffffffffffffffda RBX: 00007f731459bf80 RCX: 00007f731447cce9 [ 59.770701][ T1861] RDX: 0000000000000067 RSI: 0000000020000540 RDI: 0000000000000003 [ 59.778680][ T1861] RBP: 00007f73144c947a R08: 0000000000000000 R09: 0000000000000000 [ 59.786724][ T1861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 59.794716][ T1861] R13: 0000000000000006 R14: 00007f731459bf80 R15: 00007ffffd56f408 [ 59.802842][ T1861] [ 59.805842][ T1861] [ 59.808142][ T1861] Allocated by task 1861: [ 59.812452][ T1861] kasan_set_track+0x4b/0x70 [ 59.817110][ T1861] __kasan_kmalloc+0x97/0xb0 [ 59.821679][ T1861] __kmalloc+0xa6/0x1c0 [ 59.825815][ T1861] hfsplus_find_init+0x7c/0x180 [ 59.830712][ T1861] hfsplus_readdir+0x1f4/0x10d0 [ 59.835531][ T1861] iterate_dir+0x1fa/0x4f0 [ 59.840013][ T1861] __se_sys_getdents64+0x1af/0x3e0 [ 59.845095][ T1861] do_syscall_64+0x3d/0x80 [ 59.849483][ T1861] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 59.855438][ T1861] [ 59.857735][ T1861] Last potentially related work creation: [ 59.863513][ T1861] kasan_save_stack+0x3b/0x60 [ 59.868163][ T1861] __kasan_record_aux_stack+0xb0/0xc0 [ 59.873512][ T1861] call_rcu+0x149/0x830 [ 59.877639][ T1861] netlink_release+0xf48/0x1460 [ 59.882460][ T1861] sock_close+0xbe/0x200 [ 59.886701][ T1861] __fput+0x32e/0x710 [ 59.890676][ T1861] task_work_run+0x206/0x280 [ 59.895355][ T1861] exit_to_user_mode_loop+0xa9/0xc0 [ 59.900618][ T1861] exit_to_user_mode_prepare+0x64/0xb0 [ 59.906057][ T1861] syscall_exit_to_user_mode+0x27/0x1c0 [ 59.911577][ T1861] do_syscall_64+0x49/0x80 [ 59.915981][ T1861] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 59.921935][ T1861] [ 59.924235][ T1861] The buggy address belongs to the object at ffff88810ea55000 [ 59.924235][ T1861] which belongs to the cache kmalloc-2k of size 2048 [ 59.938268][ T1861] The buggy address is located 1036 bytes inside of [ 59.938268][ T1861] 2048-byte region [ffff88810ea55000, ffff88810ea55800) [ 59.952124][ T1861] [ 59.954430][ T1861] The buggy address belongs to the physical page: [ 59.960815][ T1861] page:ffffea00043a9400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10ea50 [ 59.971278][ T1861] head:ffffea00043a9400 order:3 compound_mapcount:0 compound_pincount:0 [ 59.979672][ T1861] flags: 0x100000000010200(slab|head|node=0|zone=2) [ 59.986329][ T1861] raw: 0100000000010200 dead000000000100 dead000000000122 ffff888100042000 [ 59.994969][ T1861] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000 [ 60.003543][ T1861] page dumped because: kasan: bad access detected [ 60.009932][ T1861] page_owner tracks the page as allocated [ 60.015802][ T1861] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 2153355942, free_ts 0 [ 60.035497][ T1861] post_alloc_hook+0x286/0x2b0 [ 60.040416][ T1861] get_page_from_freelist+0x398c/0x3b60 [ 60.045937][ T1861] __alloc_pages+0x251/0x640 [ 60.050510][ T1861] alloc_page_interleave+0xf/0x120 [ 60.055653][ T1861] alloc_slab_page+0x6a/0x150 [ 60.060315][ T1861] new_slab+0x70/0x250 [ 60.064366][ T1861] ___slab_alloc+0x9df/0xe70 [ 60.069013][ T1861] __kmem_cache_alloc_node+0x195/0x250 [ 60.074449][ T1861] kmalloc_trace+0x26/0xc0 [ 60.078843][ T1861] acpi_ds_create_walk_state+0xee/0x270 [ 60.084356][ T1861] acpi_ds_execute_arguments+0x1aa/0x260 [ 60.089959][ T1861] acpi_ns_init_one_object+0x127/0x2e0 [ 60.095585][ T1861] acpi_ns_walk_namespace+0x182/0x350 [ 60.100923][ T1861] acpi_walk_namespace+0x8a/0xc0 [ 60.105827][ T1861] acpi_ns_initialize_objects+0x97/0x100 [ 60.111638][ T1861] acpi_load_tables+0x57/0xa2 [ 60.116303][ T1861] page_owner free stack trace missing [ 60.121730][ T1861] [ 60.124030][ T1861] Memory state around the buggy address: [ 60.129628][ T1861] ffff88810ea55300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 60.137748][ T1861] ffff88810ea55380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 60.145869][ T1861] >ffff88810ea55400: 00 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 60.153899][ T1861] ^ [ 60.158207][ T1861] ffff88810ea55480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 60.166322][ T1861] ffff88810ea55500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 60.174363][ T1861] ================================================================== [ 60.182591][ T1861] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 60.190023][ T1861] Kernel Offset: disabled [ 60.194414][ T1861] Rebooting in 86400 seconds..