Warning: Permanently added '10.128.1.77' (ED25519) to the list of known hosts. 2023/08/12 16:13:20 ignoring optional flag "sandboxArg"="0" 2023/08/12 16:13:20 parsed 1 programs 2023/08/12 16:13:20 executed programs: 0 [ 47.340696][ T1503] loop0: detected capacity change from 0 to 2048 [ 47.358634][ T1503] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 47.377720][ T1503] ================================================================== [ 47.385956][ T1503] BUG: KASAN: slab-out-of-bounds in ext4_read_inline_data+0x1e0/0x290 [ 47.394173][ T1503] Read of size 20 at addr ffff8881129bb1a3 by task syz-executor.0/1503 [ 47.402663][ T1503] [ 47.404976][ T1503] CPU: 0 PID: 1503 Comm: syz-executor.0 Not tainted 5.15.126-syzkaller #0 [ 47.413446][ T1503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 47.424347][ T1503] Call Trace: [ 47.427620][ T1503] [ 47.430614][ T1503] dump_stack_lvl+0x41/0x5e [ 47.435103][ T1503] print_address_description.constprop.0.cold+0x6c/0x309 [ 47.442094][ T1503] ? ext4_read_inline_data+0x1e0/0x290 [ 47.449087][ T1503] ? ext4_read_inline_data+0x1e0/0x290 [ 47.454806][ T1503] kasan_report.cold+0x83/0xdf [ 47.459556][ T1503] ? ext4_read_inline_data+0x1e0/0x290 [ 47.464985][ T1503] kasan_check_range+0x13d/0x180 [ 47.470065][ T1503] memcpy+0x20/0x60 [ 47.473929][ T1503] ext4_read_inline_data+0x1e0/0x290 [ 47.479193][ T1503] ext4_convert_inline_data_nolock+0xe2/0xbd0 [ 47.485425][ T1503] ? ext4_convert_inline_data+0x2ad/0x4e0 [ 47.491413][ T1503] ? ext4_prepare_inline_data+0x1b0/0x1b0 [ 47.497206][ T1503] ? down_write+0xc8/0x130 [ 47.501793][ T1503] ? down_write_killable_nested+0x160/0x160 [ 47.507849][ T1503] ? ext4_journal_check_start+0x46/0x1d0 [ 47.513750][ T1503] ? __ext4_journal_start_sb+0x226/0x2e0 [ 47.519647][ T1503] ext4_convert_inline_data+0x419/0x4e0 [ 47.526648][ T1503] ? ext4_inline_data_truncate+0xa00/0xa00 [ 47.533324][ T1503] ? down_write_killable_nested+0x160/0x160 [ 47.539292][ T1503] ? aa_path_link+0x2e0/0x2e0 [ 47.544119][ T1503] ext4_fallocate+0x13f/0x2d60 [ 47.548957][ T1503] ? __lock_acquire.constprop.0+0x478/0xb30 [ 47.554910][ T1503] ? ext4_ext_truncate+0x1c0/0x1c0 [ 47.560111][ T1503] ? lock_acquire+0x11a/0x230 [ 47.565291][ T1503] ? __x64_sys_fallocate+0xb0/0x100 [ 47.570654][ T1503] vfs_fallocate+0x2a8/0xa40 [ 47.575233][ T1503] __x64_sys_fallocate+0xb0/0x100 [ 47.580256][ T1503] do_syscall_64+0x35/0x80 [ 47.584649][ T1503] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 47.590563][ T1503] RIP: 0033:0x7f0e81d69959 [ 47.594951][ T1503] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 47.614528][ T1503] RSP: 002b:00007f0e818ec0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 47.623016][ T1503] RAX: ffffffffffffffda RBX: 00007f0e81e88f80 RCX: 00007f0e81d69959 [ 47.631351][ T1503] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 47.639418][ T1503] RBP: 00007f0e81dc5c88 R08: 0000000000000000 R09: 0000000000000000 [ 47.647751][ T1503] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000000 [ 47.655699][ T1503] R13: 0000000000000006 R14: 00007f0e81e88f80 R15: 00007ffcdbc1af78 [ 47.663955][ T1503] [ 47.667038][ T1503] [ 47.669945][ T1503] Allocated by task 1060: [ 47.674327][ T1503] kasan_save_stack+0x1b/0x40 [ 47.679146][ T1503] __kasan_kmalloc+0x7c/0x90 [ 47.684084][ T1503] tomoyo_dump_page+0x391/0x4c0 [ 47.688914][ T1503] tomoyo_condition+0x627/0x20d0 [ 47.693826][ T1503] tomoyo_check_acl+0x162/0x370 [ 47.698646][ T1503] tomoyo_execute_permission+0x16f/0x450 [ 47.704249][ T1503] tomoyo_find_next_domain+0x379/0x1bf0 [ 47.710995][ T1503] tomoyo_bprm_check_security+0xfb/0x170 [ 47.716726][ T1503] security_bprm_check+0x34/0x70 [ 47.721756][ T1503] bprm_execve+0x59b/0x1330 [ 47.726244][ T1503] kernel_execve+0x2dc/0x400 [ 47.731070][ T1503] call_usermodehelper_exec_async+0x2c1/0x500 [ 47.737218][ T1503] ret_from_fork+0x1f/0x30 [ 47.741639][ T1503] [ 47.744128][ T1503] Freed by task 1060: [ 47.748333][ T1503] kasan_save_stack+0x1b/0x40 [ 47.753185][ T1503] kasan_set_track+0x1c/0x30 [ 47.758294][ T1503] kasan_set_free_info+0x20/0x30 [ 47.763320][ T1503] __kasan_slab_free+0xe0/0x110 [ 47.768678][ T1503] kfree+0xd0/0x4c0 [ 47.772493][ T1503] tomoyo_find_next_domain+0x800/0x1bf0 [ 47.778109][ T1503] tomoyo_bprm_check_security+0xfb/0x170 [ 47.783739][ T1503] security_bprm_check+0x34/0x70 [ 47.789096][ T1503] bprm_execve+0x59b/0x1330 [ 47.793663][ T1503] kernel_execve+0x2dc/0x400 [ 47.798229][ T1503] call_usermodehelper_exec_async+0x2c1/0x500 [ 47.804315][ T1503] ret_from_fork+0x1f/0x30 [ 47.808787][ T1503] [ 47.811087][ T1503] The buggy address belongs to the object at ffff8881129ba000 [ 47.811087][ T1503] which belongs to the cache kmalloc-4k of size 4096 [ 47.825425][ T1503] The buggy address is located 419 bytes to the right of [ 47.825425][ T1503] 4096-byte region [ffff8881129ba000, ffff8881129bb000) [ 47.839566][ T1503] The buggy address belongs to the page: [ 47.845949][ T1503] page:ffffea00044a6e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1129b8 [ 47.856253][ T1503] head:ffffea00044a6e00 order:3 compound_mapcount:0 compound_pincount:0 [ 47.864728][ T1503] flags: 0x200000000010200(slab|head|node=0|zone=2) [ 47.871382][ T1503] raw: 0200000000010200 dead000000000100 dead000000000122 ffff888100042140 [ 47.880026][ T1503] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000 [ 47.888860][ T1503] page dumped because: kasan: bad access detected [ 47.895246][ T1503] page_owner tracks the page as allocated [ 47.900927][ T1503] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 372, ts 3930295896, free_ts 0 [ 47.918164][ T1503] get_page_from_freelist+0x166f/0x2910 [ 47.923691][ T1503] __alloc_pages+0x2b3/0x590 [ 47.928250][ T1503] allocate_slab+0x2eb/0x430 [ 47.932831][ T1503] ___slab_alloc+0xb1c/0xf80 [ 47.937484][ T1503] __kmalloc+0x2da/0x2f0 [ 47.941718][ T1503] tomoyo_realpath_from_path+0xb0/0x6d0 [ 47.947436][ T1503] tomoyo_path_perm+0x1ed/0x320 [ 47.952310][ T1503] security_inode_getattr+0xab/0x100 [ 47.957574][ T1503] vfs_statx+0xe8/0x2e0 [ 47.961986][ T1503] __do_sys_newfstatat+0x7d/0xd0 [ 47.966890][ T1503] do_syscall_64+0x35/0x80 [ 47.971683][ T1503] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 47.977730][ T1503] page_owner free stack trace missing [ 47.983152][ T1503] [ 47.985474][ T1503] Memory state around the buggy address: [ 47.991283][ T1503] ffff8881129bb080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.999315][ T1503] ffff8881129bb100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.007567][ T1503] >ffff8881129bb180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.015691][ T1503] ^ [ 48.020864][ T1503] ffff8881129bb200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.029000][ T1503] ffff8881129bb280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.037030][ T1503] ================================================================== [ 48.045234][ T1503] Disabling lock debugging due to kernel taint [ 48.051902][ T1503] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 48.059756][ T1503] Kernel Offset: disabled [ 48.064067][ T1503] Rebooting in 86400 seconds..