Warning: Permanently added '10.128.1.190' (ED25519) to the list of known hosts. 2024/08/18 20:44:24 ignoring optional flag "sandboxArg"="0" 2024/08/18 20:44:24 parsed 1 programs 2024/08/18 20:44:24 executed programs: 0 [ 60.519396][ T1401] loop0: detected capacity change from 0 to 2048 [ 60.531340][ T1401] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 60.547260][ T1401] ================================================================== [ 60.555944][ T1401] BUG: KASAN: slab-out-of-bounds in ext4_convert_inline_data_nolock+0x282/0xc10 [ 60.564970][ T1401] Read of size 20 at addr ffff888116b491a3 by task syz-executor.0/1401 [ 60.573178][ T1401] [ 60.575488][ T1401] CPU: 0 PID: 1401 Comm: syz-executor.0 Not tainted 6.1.105-syzkaller #0 [ 60.583893][ T1401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 60.594031][ T1401] Call Trace: [ 60.597310][ T1401] [ 60.600214][ T1401] dump_stack_lvl+0xf4/0x251 [ 60.605238][ T1401] ? nf_tcp_handle_invalid+0x2f3/0x2f3 [ 60.610849][ T1401] ? panic+0x3fe/0x3fe [ 60.614892][ T1401] ? _printk+0xca/0x10a [ 60.619012][ T1401] ? __virt_addr_valid+0x139/0x270 [ 60.624090][ T1401] ? __virt_addr_valid+0x221/0x270 [ 60.629195][ T1401] print_report+0x15f/0x4f0 [ 60.633686][ T1401] ? __virt_addr_valid+0x139/0x270 [ 60.638823][ T1401] ? __virt_addr_valid+0x221/0x270 [ 60.643916][ T1401] ? ext4_convert_inline_data_nolock+0x282/0xc10 [ 60.650562][ T1401] kasan_report+0x136/0x160 [ 60.655128][ T1401] ? ext4_convert_inline_data_nolock+0x282/0xc10 [ 60.661446][ T1401] kasan_check_range+0x27f/0x290 [ 60.666632][ T1401] ? ext4_convert_inline_data_nolock+0x282/0xc10 [ 60.673021][ T1401] memcpy+0x25/0x60 [ 60.676887][ T1401] ext4_convert_inline_data_nolock+0x282/0xc10 [ 60.683017][ T1401] ? ext4_add_dirent_to_inline+0x390/0x390 [ 60.688846][ T1401] ? down_write+0x146/0x1d0 [ 60.693323][ T1401] ? __ext4_journal_start_sb+0xa4/0x360 [ 60.699274][ T1401] ext4_convert_inline_data+0x3b8/0x4d0 [ 60.704789][ T1401] ? ext4_inline_data_truncate+0xb70/0xb70 [ 60.710563][ T1401] ? down_write+0x146/0x1d0 [ 60.715030][ T1401] ext4_fallocate+0x136/0x1790 [ 60.719765][ T1401] ? read_lock_is_recursive+0x10/0x10 [ 60.725109][ T1401] ? ext4_ext_truncate+0x260/0x260 [ 60.730539][ T1401] ? preempt_count_add+0x8f/0x120 [ 60.735547][ T1401] vfs_fallocate+0x30c/0x3d0 [ 60.740112][ T1401] __x64_sys_fallocate+0xa6/0xd0 [ 60.745018][ T1401] do_syscall_64+0x3b/0x80 [ 60.749438][ T1401] ? clear_bhb_loop+0x45/0xa0 [ 60.754085][ T1401] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 60.759959][ T1401] RIP: 0033:0x7effd414f959 [ 60.764351][ T1401] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 60.784035][ T1401] RSP: 002b:00007effd3cd20c8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 60.792527][ T1401] RAX: ffffffffffffffda RBX: 00007effd426ef80 RCX: 00007effd414f959 [ 60.800570][ T1401] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 60.808519][ T1401] RBP: 00007effd41abc88 R08: 0000000000000000 R09: 0000000000000000 [ 60.816549][ T1401] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000000 [ 60.824582][ T1401] R13: 0000000000000006 R14: 00007effd426ef80 R15: 00007ffddafd18b8 [ 60.832618][ T1401] [ 60.835779][ T1401] [ 60.838076][ T1401] Allocated by task 1394: [ 60.842370][ T1401] kasan_set_track+0x4b/0x70 [ 60.846938][ T1401] __kasan_slab_alloc+0x65/0x70 [ 60.851800][ T1401] slab_post_alloc_hook+0x54/0x3e0 [ 60.856885][ T1401] kmem_cache_alloc_bulk+0x2d4/0x360 [ 60.862156][ T1401] mas_alloc_nodes+0x359/0x680 [ 60.866999][ T1401] mas_preallocate+0xee/0x290 [ 60.871734][ T1401] __vma_adjust+0x31c/0x12b0 [ 60.876293][ T1401] __split_vma+0x32f/0x4a0 [ 60.880694][ T1401] do_mas_align_munmap+0xd67/0x11e0 [ 60.885860][ T1401] do_mas_munmap+0x195/0x1f0 [ 60.890418][ T1401] mmap_region+0x708/0x1780 [ 60.894893][ T1401] do_mmap+0x69e/0xb60 [ 60.899120][ T1401] vm_mmap_pgoff+0x1b7/0x280 [ 60.903704][ T1401] ksys_mmap_pgoff+0x2cf/0x3b0 [ 60.908451][ T1401] do_syscall_64+0x3b/0x80 [ 60.912858][ T1401] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 60.918774][ T1401] [ 60.921159][ T1401] Freed by task 1394: [ 60.925108][ T1401] kasan_set_track+0x4b/0x70 [ 60.929675][ T1401] kasan_save_free_info+0x27/0x40 [ 60.934796][ T1401] ____kasan_slab_free+0x122/0x1e0 [ 60.939876][ T1401] kmem_cache_free_bulk+0x582/0x770 [ 60.945042][ T1401] mas_destroy+0x2730/0x2ec0 [ 60.949622][ T1401] mas_store_prealloc+0x283/0x3b0 [ 60.954618][ T1401] __vma_adjust+0xc22/0x12b0 [ 60.959263][ T1401] __split_vma+0x32f/0x4a0 [ 60.963648][ T1401] do_mas_align_munmap+0xd67/0x11e0 [ 60.968813][ T1401] do_mas_munmap+0x195/0x1f0 [ 60.973543][ T1401] mmap_region+0x708/0x1780 [ 60.978098][ T1401] do_mmap+0x69e/0xb60 [ 60.982131][ T1401] vm_mmap_pgoff+0x1b7/0x280 [ 60.986688][ T1401] ksys_mmap_pgoff+0x2cf/0x3b0 [ 60.991419][ T1401] do_syscall_64+0x3b/0x80 [ 60.996249][ T1401] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 61.002473][ T1401] [ 61.004779][ T1401] The buggy address belongs to the object at ffff888116b49000 [ 61.004779][ T1401] which belongs to the cache maple_node of size 256 [ 61.018807][ T1401] The buggy address is located 163 bytes to the right of [ 61.018807][ T1401] 256-byte region [ffff888116b49000, ffff888116b49100) [ 61.032568][ T1401] [ 61.034868][ T1401] The buggy address belongs to the physical page: [ 61.041265][ T1401] page:ffffea00045ad200 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888116b48a00 pfn:0x116b48 [ 61.052775][ T1401] head:ffffea00045ad200 order:1 compound_mapcount:0 compound_pincount:0 [ 61.061073][ T1401] flags: 0x200000000010200(slab|head|node=0|zone=2) [ 61.067785][ T1401] raw: 0200000000010200 ffffea00045bd788 ffffea000453e988 ffff8881000cd000 [ 61.076336][ T1401] raw: ffff888116b48a00 000000000010000d 00000001ffffffff 0000000000000000 [ 61.084891][ T1401] page dumped because: kasan: bad access detected [ 61.091800][ T1401] page_owner tracks the page as allocated [ 61.097482][ T1401] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 837, tgid 837 (modprobe), ts 34921588473, free_ts 34910541524 [ 61.118365][ T1401] post_alloc_hook+0x286/0x2b0 [ 61.123199][ T1401] get_page_from_freelist+0x2ba7/0x2de0 [ 61.128818][ T1401] __alloc_pages+0x251/0x640 [ 61.133385][ T1401] alloc_slab_page+0x6a/0x150 [ 61.138035][ T1401] new_slab+0x70/0x250 [ 61.142163][ T1401] ___slab_alloc+0x9df/0xe70 [ 61.146741][ T1401] kmem_cache_alloc_bulk+0x15c/0x360 [ 61.152173][ T1401] mas_alloc_nodes+0x359/0x680 [ 61.157010][ T1401] mas_preallocate+0xee/0x290 [ 61.161654][ T1401] __vma_adjust+0x31c/0x12b0 [ 61.166309][ T1401] __split_vma+0x32f/0x4a0 [ 61.170692][ T1401] mprotect_fixup+0x5b5/0x630 [ 61.175513][ T1401] do_mprotect_pkey+0x6e1/0x930 [ 61.180334][ T1401] __x64_sys_mprotect+0x77/0x90 [ 61.185235][ T1401] do_syscall_64+0x3b/0x80 [ 61.189741][ T1401] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 61.195742][ T1401] page last free stack trace: [ 61.200400][ T1401] free_unref_page_prepare+0xccc/0xdb0 [ 61.205833][ T1401] free_unref_page+0x30/0x230 [ 61.210493][ T1401] __unfreeze_partials+0x1af/0x210 [ 61.215835][ T1401] put_cpu_partial+0x150/0x1a0 [ 61.220568][ T1401] qlist_free_all+0x76/0xe0 [ 61.225299][ T1401] kasan_quarantine_reduce+0x156/0x170 [ 61.230809][ T1401] __kasan_slab_alloc+0x1f/0x70 [ 61.235890][ T1401] slab_post_alloc_hook+0x54/0x3e0 [ 61.240998][ T1401] kmem_cache_alloc+0x10c/0x290 [ 61.246007][ T1401] getname_flags+0x9c/0x430 [ 61.250501][ T1401] __se_sys_newfstatat+0xd7/0x790 [ 61.255496][ T1401] do_syscall_64+0x3b/0x80 [ 61.260000][ T1401] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 61.265866][ T1401] [ 61.268165][ T1401] Memory state around the buggy address: [ 61.273860][ T1401] ffff888116b49080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 61.281902][ T1401] ffff888116b49100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 61.290021][ T1401] >ffff888116b49180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 61.298163][ T1401] ^ [ 61.303265][ T1401] ffff888116b49200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 61.311317][ T1401] ffff888116b49280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 61.319362][ T1401] ================================================================== [ 61.327547][ T1401] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 61.335290][ T1401] Kernel Offset: disabled [ 61.339641][ T1401] Rebooting in 86400 seconds..