Warning: Permanently added '10.128.1.187' (ED25519) to the list of known hosts.
2025/09/02 03:24:19 ignoring optional flag "type"="gce"
2025/09/02 03:24:19 parsed 1 programs
[   69.282004][ T1873] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
2025/09/02 03:24:27 executed programs: 0
2025/09/02 03:24:32 executed programs: 2
[   82.007372][ T2823] loop0: detected capacity change from 0 to 1024
[   82.021424][ T2823] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.076642][ T2823] loop0: detected capacity change from 1024 to 1023
[   82.088305][ T2374] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 16: comm syz-executor: path /0/bus: bad entry in directory: rec_len is smaller than minimal - offset=980, inode=0, rec_len=0, size=1024 fake=0
[   82.109230][ T2374] ==================================================================
[   82.117294][ T2374] BUG: KASAN: slab-use-after-free in ext4_read_inline_data+0x18f/0x280
[   82.125539][ T2374] Read of size 68 at addr ffff88812573a51a by task syz-executor/2374
[   82.133582][ T2374] 
[   82.135920][ T2374] CPU: 1 UID: 0 PID: 2374 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(none) 
[   82.135926][ T2374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   82.135929][ T2374] Call Trace:
[   82.135936][ T2374]  <TASK>
[   82.135940][ T2374]  dump_stack_lvl+0xf4/0x170
[   82.135951][ T2374]  ? __pfx_dump_stack_lvl+0x10/0x10
[   82.135955][ T2374]  ? rcu_is_watching+0x1f/0xa0
[   82.135959][ T2374]  ? __virt_addr_valid+0x176/0x2b0
[   82.135964][ T2374]  ? lock_release+0x42/0x2f0
[   82.135968][ T2374]  ? lock_acquire+0x69/0x210
[   82.135971][ T2374]  ? __virt_addr_valid+0x262/0x2b0
[   82.135975][ T2374]  print_report+0xca/0x240
[   82.135985][ T2374]  ? ext4_read_inline_data+0x18f/0x280
[   82.135991][ T2374]  kasan_report+0x118/0x150
[   82.135997][ T2374]  ? ext4_read_inline_data+0x18f/0x280
[   82.136002][ T2374]  kasan_check_range+0x2b0/0x2c0
[   82.136006][ T2374]  ? ext4_read_inline_data+0x18f/0x280
[   82.136010][ T2374]  __asan_memcpy+0x29/0x70
[   82.136015][ T2374]  ext4_read_inline_data+0x18f/0x280
[   82.136019][ T2374]  ext4_read_inline_dir+0x2cd/0x940
[   82.136031][ T2374]  ? __pfx_css_rstat_updated+0x10/0x10
[   82.136039][ T2374]  ? __pfx_ext4_read_inline_dir+0x10/0x10
[   82.136043][ T2374]  ? __lock_acquire+0x74/0x4c0
[   82.136047][ T2374]  ext4_readdir+0x252/0x2d10
[   82.136052][ T2374]  ? rcu_is_watching+0x1f/0xa0
[   82.136055][ T2374]  ? __mutex_lock+0x55d/0x1d50
[   82.136062][ T2374]  ? handle_mm_fault+0x1d0b/0x2310
[   82.136069][ T2374]  ? __pfx_ext4_readdir+0x10/0x10
[   82.136072][ T2374]  ? rwsem_read_trylock+0x18e/0x210
[   82.136078][ T2374]  ? lock_vma_under_rcu+0x11c/0x200
[   82.136081][ T2374]  ? __pfx_rwsem_read_trylock+0x10/0x10
[   82.136087][ T2374]  ? iterate_dir+0xb5/0x4c0
[   82.136094][ T2374]  ? down_read_killable+0x120/0x1a0
[   82.136098][ T2374]  iterate_dir+0x1a7/0x4c0
[   82.136103][ T2374]  __se_sys_getdents64+0xd3/0x1b0
[   82.136107][ T2374]  ? __pfx___se_sys_getdents64+0x10/0x10
[   82.136111][ T2374]  ? exc_page_fault+0x62/0xa0
[   82.136115][ T2374]  ? __pfx_filldir64+0x10/0x10
[   82.136119][ T2374]  ? do_user_addr_fault+0x378/0xc30
[   82.136124][ T2374]  do_syscall_64+0x8f/0x250
[   82.136129][ T2374]  ? fpregs_assert_state_consistent+0x48/0x60
[   82.136135][ T2374]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.136139][ T2374] RIP: 0033:0x7fcdf9399333
[   82.136145][ T2374] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 02 45 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[   82.136148][ T2374] RSP: 002b:00007fff58777548 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[   82.136158][ T2374] RAX: ffffffffffffffda RBX: 0000555592838520 RCX: 00007fcdf9399333
[   82.136161][ T2374] RDX: 0000000000008000 RSI: 0000555592838520 RDI: 0000000000000006
[   82.136164][ T2374] RBP: 00005555928384f4 R08: 0000000000000000 R09: 0000000000000000
[   82.136167][ T2374] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[   82.136169][ T2374] R13: 0000000000000016 R14: 00005555928384f0 R15: 00007fff5877a8e0
[   82.136173][ T2374]  </TASK>
[   82.136175][ T2374] 
[   82.429170][ T2374] Allocated by task 2410:
[   82.433470][ T2374]  kasan_save_track+0x3e/0x80
[   82.438123][ T2374]  __kasan_slab_alloc+0x6c/0x80
[   82.442940][ T2374]  kmem_cache_alloc_noprof+0x1b1/0x400
[   82.448367][ T2374]  vm_area_dup+0x22/0x490
[   82.452680][ T2374]  __split_vma+0x101/0x7d0
[   82.457064][ T2374]  vma_modify+0x13d1/0x1950
[   82.461531][ T2374]  vma_modify_flags+0x1c2/0x210
[   82.466356][ T2374]  mprotect_fixup+0x2bd/0x7c0
[   82.470999][ T2374]  do_mprotect_pkey+0x5d8/0x900
[   82.475816][ T2374]  __x64_sys_mprotect+0x7b/0x90
[   82.480634][ T2374]  do_syscall_64+0x8f/0x250
[   82.485112][ T2374]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.490982][ T2374] 
[   82.493276][ T2374] Freed by task 15:
[   82.497049][ T2374]  kasan_save_track+0x3e/0x80
[   82.501705][ T2374]  kasan_save_free_info+0x46/0x50
[   82.506712][ T2374]  __kasan_slab_free+0x5b/0x80
[   82.511450][ T2374]  slab_free_after_rcu_debug+0x131/0x290
[   82.517070][ T2374]  rcu_core+0xbe2/0x1570
[   82.521287][ T2374]  handle_softirqs+0x19a/0x500
[   82.526017][ T2374]  run_ksoftirqd+0x28/0x40
[   82.530411][ T2374]  smpboot_thread_fn+0x3f7/0x7d0
[   82.535380][ T2374]  kthread+0x59b/0x690
[   82.539418][ T2374]  ret_from_fork+0x136/0x2d0
[   82.543981][ T2374]  ret_from_fork_asm+0x1a/0x30
[   82.548798][ T2374] 
[   82.551096][ T2374] Last potentially related work creation:
[   82.556778][ T2374]  kasan_save_stack+0x3e/0x60
[   82.561437][ T2374]  kasan_record_aux_stack+0xbd/0xd0
[   82.566612][ T2374]  kmem_cache_free+0x2b5/0x460
[   82.571363][ T2374]  exit_mmap+0x430/0x850
[   82.575583][ T2374]  __mmput+0x62/0x290
[   82.579542][ T2374]  exit_mm+0x11b/0x1b0
[   82.583582][ T2374]  do_exit+0x506/0x1d50
[   82.587707][ T2374]  do_group_exit+0x1b1/0x280
[   82.592264][ T2374]  __x64_sys_exit_group+0x3f/0x40
[   82.597256][ T2374]  x64_sys_call+0x21f7/0x2200
[   82.601899][ T2374]  do_syscall_64+0x8f/0x250
[   82.606378][ T2374]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.612235][ T2374] 
[   82.614528][ T2374] The buggy address belongs to the object at ffff88812573a500
[   82.614528][ T2374]  which belongs to the cache vm_area_struct of size 256
[   82.628807][ T2374] The buggy address is located 26 bytes inside of
[   82.628807][ T2374]  freed 256-byte region [ffff88812573a500, ffff88812573a600)
[   82.642480][ T2374] 
[   82.644783][ T2374] The buggy address belongs to the physical page:
[   82.651173][ T2374] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12573a
[   82.659984][ T2374] memcg:ffff888126a62a01
[   82.664195][ T2374] flags: 0x200000000000000(node=0|zone=2)
[   82.669890][ T2374] page_type: f5(slab)
[   82.673845][ T2374] raw: 0200000000000000 ffff888100ec3b40 dead000000000122 0000000000000000
[   82.682409][ T2374] raw: 0000000000000000 00000000000c000c 00000000f5000000 ffff888126a62a01
[   82.690954][ T2374] page dumped because: kasan: bad access detected
[   82.697345][ T2374] page_owner tracks the page as allocated
[   82.703026][ T2374] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 2410, tgid 2410 (modprobe), ts 76644156273, free_ts 76578416457
[   82.721999][ T2374]  post_alloc_hook+0x168/0x1a0
[   82.726736][ T2374]  get_page_from_freelist+0x287a/0x2a30
[   82.732248][ T2374]  __alloc_frozen_pages_noprof+0x26b/0x460
[   82.738034][ T2374]  alloc_pages_mpol+0xcb/0x270
[   82.742791][ T2374]  allocate_slab+0x8a/0x320
[   82.747267][ T2374]  ___slab_alloc+0x9c6/0x10a0
[   82.751915][ T2374]  kmem_cache_alloc_noprof+0x26e/0x400
[   82.757340][ T2374]  vm_area_alloc+0x1f/0x130
[   82.761808][ T2374]  mmap_region+0xcf6/0x1b90
[   82.766363][ T2374]  do_mmap+0x930/0xc30
[   82.770404][ T2374]  vm_mmap_pgoff+0x1c0/0x370
[   82.775067][ T2374]  ksys_mmap_pgoff+0x2be/0x3f0
[   82.779808][ T2374]  do_syscall_64+0x8f/0x250
[   82.784286][ T2374]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.790158][ T2374] page last free pid 11 tgid 11 stack trace:
[   82.796136][ T2374]  __free_frozen_pages+0x9e7/0xb40
[   82.801225][ T2374]  vfree+0x17d/0x2b0
[   82.805099][ T2374]  delayed_vfree_work+0x3c/0x70
[   82.809943][ T2374]  process_scheduled_works+0x995/0x12d0
[   82.815456][ T2374]  worker_thread+0x850/0xc60
[   82.820011][ T2374]  kthread+0x59b/0x690
[   82.824046][ T2374]  ret_from_fork+0x136/0x2d0
[   82.828600][ T2374]  ret_from_fork_asm+0x1a/0x30
[   82.833329][ T2374] 
[   82.835642][ T2374] Memory state around the buggy address:
[   82.841279][ T2374]  ffff88812573a400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   82.849318][ T2374]  ffff88812573a480: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   82.857352][ T2374] >ffff88812573a500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   82.865390][ T2374]                             ^
[   82.870223][ T2374]  ffff88812573a580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   82.878256][ T2374]  ffff88812573a600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[   82.886282][ T2374] ==================================================================
[   82.894598][ T2374] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   82.901987][ T2374] Kernel Offset: disabled
[   82.906289][ T2374] Rebooting in 86400 seconds..