Warning: Permanently added '10.128.1.141' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 63.717435][ T3543] loop0: detected capacity change from 0 to 2048
[ 63.735795][ T3543] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 63.767575][ T3543] ==================================================================
[ 63.775693][ T3543] BUG: KASAN: slab-out-of-bounds in ext4_convert_inline_data_nolock+0x319/0xda0
[ 63.784754][ T3543] Read of size 20 at addr ffff888021fc41a3 by task syz-executor200/3543
[ 63.793164][ T3543]
[ 63.795503][ T3543] CPU: 1 PID: 3543 Comm: syz-executor200 Not tainted 6.1.29-syzkaller #0
[ 63.803928][ T3543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 63.814011][ T3543] Call Trace:
[ 63.817299][ T3543]
[ 63.820231][ T3543] dump_stack_lvl+0x1e3/0x2cb
[ 63.824971][ T3543] ? nf_tcp_handle_invalid+0x642/0x642
[ 63.830466][ T3543] ? panic+0x75d/0x75d
[ 63.834573][ T3543] ? _printk+0xd1/0x111
[ 63.838849][ T3543] ? _raw_spin_lock_irqsave+0xac/0x120
[ 63.844321][ T3543] print_report+0x15f/0x4f0
[ 63.848837][ T3543] ? __virt_addr_valid+0x22b/0x2e0
[ 63.853956][ T3543] ? __phys_addr+0xb6/0x170
[ 63.858458][ T3543] ? ext4_convert_inline_data_nolock+0x319/0xda0
[ 63.864811][ T3543] kasan_report+0x136/0x160
[ 63.869347][ T3543] ? ext4_convert_inline_data_nolock+0x319/0xda0
[ 63.875706][ T3543] kasan_check_range+0x27f/0x290
[ 63.880673][ T3543] ? ext4_convert_inline_data_nolock+0x319/0xda0
[ 63.887030][ T3543] memcpy+0x25/0x60
[ 63.890849][ T3543] ext4_convert_inline_data_nolock+0x319/0xda0
[ 63.897025][ T3543] ? ext4_add_dirent_to_inline+0x4f0/0x4f0
[ 63.902839][ T3543] ext4_convert_inline_data+0x4cf/0x610
[ 63.908486][ T3543] ? memalloc_retry_wait+0xb0/0xb0
[ 63.913626][ T3543] ext4_fallocate+0x149/0x2160
[ 63.918423][ T3543] ? rcu_read_lock_any_held+0xb3/0x160
[ 63.923893][ T3543] ? memalloc_retry_wait+0xb0/0xb0
[ 63.929002][ T3543] ? common_file_perm+0x17d/0x1d0
[ 63.934034][ T3543] vfs_fallocate+0x547/0x6b0
[ 63.938804][ T3543] __x64_sys_fallocate+0xb9/0x100
[ 63.943833][ T3543] do_syscall_64+0x3d/0xb0
[ 63.948256][ T3543] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 63.954173][ T3543] RIP: 0033:0x7fd1575f3059
[ 63.958600][ T3543] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 63.978326][ T3543] RSP: 002b:00007fffbd64e728 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[ 63.986751][ T3543] RAX: ffffffffffffffda RBX: 00007fd157661720 RCX: 00007fd1575f3059
[ 63.994736][ T3543] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[ 64.002723][ T3543] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 64.010723][ T3543] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000004
[ 64.018734][ T3543] R13: 0000000000000003 R14: 00007fffbd64e760 R15: 000000000000000c
[ 64.026728][ T3543]
[ 64.029749][ T3543]
[ 64.032071][ T3543] Allocated by task 3397:
[ 64.036385][ T3543] kasan_set_track+0x4b/0x70
[ 64.040980][ T3543] __kasan_slab_alloc+0x65/0x70
[ 64.045833][ T3543] slab_post_alloc_hook+0x50/0x370
[ 64.050950][ T3543] kmem_cache_alloc+0x10c/0x2d0
[ 64.055794][ T3543] vm_area_dup+0x23/0x1b0
[ 64.060113][ T3543] dup_mm+0xa7c/0x1610
[ 64.064174][ T3543] copy_mm+0xca/0x160
[ 64.068150][ T3543] copy_process+0x19a2/0x4020
[ 64.072861][ T3543] kernel_clone+0x222/0x920
[ 64.077415][ T3543] __x64_sys_clone+0x231/0x280
[ 64.082231][ T3543] do_syscall_64+0x3d/0xb0
[ 64.086670][ T3543] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 64.092669][ T3543]
[ 64.095107][ T3543] Freed by task 3398:
[ 64.099116][ T3543] kasan_set_track+0x4b/0x70
[ 64.103725][ T3543] kasan_save_free_info+0x27/0x40
[ 64.108756][ T3543] ____kasan_slab_free+0xd6/0x120
[ 64.113789][ T3543] kmem_cache_free+0x292/0x510
[ 64.118574][ T3543] exit_mmap+0x538/0x9f0
[ 64.122864][ T3543] __mmput+0x115/0x3c0
[ 64.126928][ T3543] exit_mm+0x226/0x300
[ 64.131005][ T3543] do_exit+0x67e/0x2300
[ 64.135160][ T3543] do_group_exit+0x202/0x2b0
[ 64.139767][ T3543] __x64_sys_exit_group+0x3b/0x40
[ 64.144897][ T3543] do_syscall_64+0x3d/0xb0
[ 64.149315][ T3543] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 64.155218][ T3543]
[ 64.157572][ T3543] The buggy address belongs to the object at ffff888021fc40d8
[ 64.157572][ T3543] which belongs to the cache vm_area_struct of size 152
[ 64.171893][ T3543] The buggy address is located 51 bytes to the right of
[ 64.171893][ T3543] 152-byte region [ffff888021fc40d8, ffff888021fc4170)
[ 64.185598][ T3543]
[ 64.187914][ T3543] The buggy address belongs to the physical page:
[ 64.194317][ T3543] page:ffffea000087f100 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x21fc4
[ 64.204459][ T3543] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 64.212014][ T3543] raw: 00fff00000000200 0000000000000000 dead000000000122 ffff888140007b40
[ 64.220604][ T3543] raw: 0000000000000000 0000000000120012 00000001ffffffff 0000000000000000
[ 64.229200][ T3543] page dumped because: kasan: bad access detected
[ 64.235611][ T3543] page_owner tracks the page as allocated
[ 64.241329][ T3543] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 3397, tgid 3397 (sshd), ts 46628352006, free_ts 45979203794
[ 64.259091][ T3543] post_alloc_hook+0x18d/0x1b0
[ 64.263877][ T3543] get_page_from_freelist+0x32ed/0x3480
[ 64.269435][ T3543] __alloc_pages+0x28d/0x770
[ 64.274035][ T3543] alloc_slab_page+0x6a/0x150
[ 64.278730][ T3543] new_slab+0x84/0x2d0
[ 64.282812][ T3543] ___slab_alloc+0xa71/0x1080
[ 64.287501][ T3543] kmem_cache_alloc+0x1a5/0x2d0
[ 64.292363][ T3543] vm_area_dup+0x23/0x1b0
[ 64.296714][ T3543] dup_mm+0xa7c/0x1610
[ 64.300797][ T3543] copy_mm+0xca/0x160
[ 64.304843][ T3543] copy_process+0x19a2/0x4020
[ 64.309524][ T3543] kernel_clone+0x222/0x920
[ 64.314025][ T3543] __x64_sys_clone+0x231/0x280
[ 64.318791][ T3543] do_syscall_64+0x3d/0xb0
[ 64.323207][ T3543] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 64.329116][ T3543] page last free stack trace:
[ 64.333816][ T3543] free_unref_page_prepare+0xf63/0x1120
[ 64.339385][ T3543] free_unref_page_list+0x107/0x810
[ 64.344590][ T3543] release_pages+0x2836/0x2b40
[ 64.349477][ T3543] tlb_flush_mmu+0xfc/0x210
[ 64.354014][ T3543] tlb_finish_mmu+0xce/0x1f0
[ 64.358717][ T3543] exit_mmap+0x3c3/0x9f0
[ 64.362966][ T3543] __mmput+0x115/0x3c0
[ 64.367137][ T3543] exit_mm+0x226/0x300
[ 64.371221][ T3543] do_exit+0x67e/0x2300
[ 64.375386][ T3543] do_group_exit+0x202/0x2b0
[ 64.380080][ T3543] __x64_sys_exit_group+0x3b/0x40
[ 64.385143][ T3543] do_syscall_64+0x3d/0xb0
[ 64.389563][ T3543] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 64.395465][ T3543]
[ 64.397780][ T3543] Memory state around the buggy address:
[ 64.403403][ T3543] ffff888021fc4080: fb fb fb fc fc fc fc fc fc fc fc fa fb fb fb fb
[ 64.411456][ T3543] ffff888021fc4100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
[ 64.419505][ T3543] >ffff888021fc4180: fc fc fc fc fc fc fa fb fb fb fb fb fb fb fb fb
[ 64.427569][ T3543] ^
[ 64.432792][ T3543] ffff888021fc4200: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc
[ 64.440893][ T3543] ffff888021fc4280: fc fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 64.448949][ T3543] ==================================================================
[ 64.458176][ T3543] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 64.465402][ T3543] CPU: 1 PID: 3543 Comm: syz-executor200 Not tainted 6.1.29-syzkaller #0
[ 64.474083][ T3543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 64.484141][ T3543] Call Trace:
[ 64.487419][ T3543]
[ 64.490352][ T3543] dump_stack_lvl+0x1e3/0x2cb
[ 64.495035][ T3543] ? nf_tcp_handle_invalid+0x642/0x642
[ 64.500512][ T3543] ? panic+0x75d/0x75d
[ 64.504584][ T3543] ? preempt_schedule_common+0xa6/0xd0
[ 64.510144][ T3543] ? vscnprintf+0x59/0x80
[ 64.514526][ T3543] panic+0x318/0x75d
[ 64.518431][ T3543] ? check_panic_on_warn+0x1d/0xa0
[ 64.523644][ T3543] ? memcpy_page_flushcache+0xfc/0xfc
[ 64.529035][ T3543] ? _raw_spin_unlock_irqrestore+0x128/0x130
[ 64.535040][ T3543] ? _raw_spin_unlock+0x40/0x40
[ 64.539903][ T3543] check_panic_on_warn+0x7e/0xa0
[ 64.546332][ T3543] ? ext4_convert_inline_data_nolock+0x319/0xda0
[ 64.552670][ T3543] end_report+0x66/0x110
[ 64.556929][ T3543] kasan_report+0x143/0x160
[ 64.561442][ T3543] ? ext4_convert_inline_data_nolock+0x319/0xda0
[ 64.567779][ T3543] kasan_check_range+0x27f/0x290
[ 64.572737][ T3543] ? ext4_convert_inline_data_nolock+0x319/0xda0
[ 64.579077][ T3543] memcpy+0x25/0x60
[ 64.582906][ T3543] ext4_convert_inline_data_nolock+0x319/0xda0
[ 64.589163][ T3543] ? ext4_add_dirent_to_inline+0x4f0/0x4f0
[ 64.594992][ T3543] ext4_convert_inline_data+0x4cf/0x610
[ 64.600547][ T3543] ? memalloc_retry_wait+0xb0/0xb0
[ 64.605761][ T3543] ext4_fallocate+0x149/0x2160
[ 64.610530][ T3543] ? rcu_read_lock_any_held+0xb3/0x160
[ 64.616005][ T3543] ? memalloc_retry_wait+0xb0/0xb0
[ 64.621121][ T3543] ? common_file_perm+0x17d/0x1d0
[ 64.626150][ T3543] vfs_fallocate+0x547/0x6b0
[ 64.630846][ T3543] __x64_sys_fallocate+0xb9/0x100
[ 64.635881][ T3543] do_syscall_64+0x3d/0xb0
[ 64.640342][ T3543] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 64.647110][ T3543] RIP: 0033:0x7fd1575f3059
[ 64.651554][ T3543] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 64.671338][ T3543] RSP: 002b:00007fffbd64e728 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[ 64.679754][ T3543] RAX: ffffffffffffffda RBX: 00007fd157661720 RCX: 00007fd1575f3059
[ 64.687730][ T3543] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[ 64.695726][ T3543] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 64.703703][ T3543] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000004
[ 64.711692][ T3543] R13: 0000000000000003 R14: 00007fffbd64e760 R15: 000000000000000c
[ 64.719697][ T3543]
[ 64.722927][ T3543] Kernel Offset: disabled
[ 64.727273][ T3543] Rebooting in 86400 seconds..