Warning: Permanently added '10.128.1.146' (ED25519) to the list of known hosts. 2024/05/28 01:16:08 ignoring optional flag "sandboxArg"="0" 2024/05/28 01:16:08 parsed 1 programs 2024/05/28 01:16:08 executed programs: 0 2024/05/28 01:16:13 executed programs: 1 [ 54.031695][ T1400] loop0: detected capacity change from 0 to 2048 [ 54.050886][ T1400] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 54.065771][ T1400] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #18: comm syz-executor.0: corrupted in-inode xattr [ 54.083404][ T946] EXT4-fs (loop0): unmounting filesystem. [ 54.112743][ T1406] loop0: detected capacity change from 0 to 2048 [ 54.131001][ T1406] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 54.146052][ T1406] ================================================================== [ 54.154235][ T1406] BUG: KASAN: slab-out-of-bounds in ext4_convert_inline_data_nolock+0x282/0xc10 [ 54.163260][ T1406] Read of size 20 at addr ffff8881026ff1a3 by task syz-executor.0/1406 [ 54.171491][ T1406] [ 54.173802][ T1406] CPU: 1 PID: 1406 Comm: syz-executor.0 Not tainted 6.1.92-syzkaller #0 [ 54.182214][ T1406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 54.192655][ T1406] Call Trace: [ 54.196289][ T1406] [ 54.199221][ T1406] dump_stack_lvl+0xf4/0x251 [ 54.203882][ T1406] ? nf_tcp_handle_invalid+0x2f3/0x2f3 [ 54.209336][ T1406] ? panic+0x3fe/0x3fe [ 54.213386][ T1406] ? _printk+0xca/0x10a [ 54.217635][ T1406] ? __virt_addr_valid+0x139/0x260 [ 54.222896][ T1406] ? __virt_addr_valid+0x211/0x260 [ 54.228067][ T1406] print_report+0x15f/0x4f0 [ 54.232625][ T1406] ? __virt_addr_valid+0x139/0x260 [ 54.237904][ T1406] ? __virt_addr_valid+0x211/0x260 [ 54.243030][ T1406] ? ext4_convert_inline_data_nolock+0x282/0xc10 [ 54.249802][ T1406] kasan_report+0x136/0x160 [ 54.254399][ T1406] ? ext4_convert_inline_data_nolock+0x282/0xc10 [ 54.260707][ T1406] kasan_check_range+0x27f/0x290 [ 54.265904][ T1406] ? ext4_convert_inline_data_nolock+0x282/0xc10 [ 54.272484][ T1406] memcpy+0x25/0x60 [ 54.276290][ T1406] ext4_convert_inline_data_nolock+0x282/0xc10 [ 54.282517][ T1406] ? __down_write_common+0x12a/0x1e0 [ 54.287974][ T1406] ? ext4_add_dirent_to_inline+0x390/0x390 [ 54.293863][ T1406] ? __ext4_journal_start_sb+0xa4/0x360 [ 54.299387][ T1406] ext4_convert_inline_data+0x3b8/0x4d0 [ 54.305455][ T1406] ? ext4_inline_data_truncate+0xb70/0xb70 [ 54.311252][ T1406] ext4_fallocate+0x136/0x1790 [ 54.316202][ T1406] ? read_lock_is_recursive+0x10/0x10 [ 54.321625][ T1406] ? ext4_ext_truncate+0x260/0x260 [ 54.326739][ T1406] ? preempt_count_add+0x8f/0x120 [ 54.331834][ T1406] vfs_fallocate+0x30c/0x3d0 [ 54.336418][ T1406] __x64_sys_fallocate+0xa6/0xd0 [ 54.341413][ T1406] do_syscall_64+0x3b/0x80 [ 54.346003][ T1406] ? clear_bhb_loop+0x45/0xa0 [ 54.351076][ T1406] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 54.357146][ T1406] RIP: 0033:0x7f5b096ec959 [ 54.361582][ T1406] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 54.381826][ T1406] RSP: 002b:00007f5b0926f0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 54.390409][ T1406] RAX: ffffffffffffffda RBX: 00007f5b0980bf80 RCX: 00007f5b096ec959 [ 54.398621][ T1406] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 54.406987][ T1406] RBP: 00007f5b09748c88 R08: 0000000000000000 R09: 0000000000000000 [ 54.415243][ T1406] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000000 [ 54.423230][ T1406] R13: 0000000000000006 R14: 00007f5b0980bf80 R15: 00007ffd723799b8 [ 54.431286][ T1406] [ 54.434296][ T1406] [ 54.436603][ T1406] Allocated by task 9: [ 54.440698][ T1406] kasan_set_track+0x4b/0x70 [ 54.445276][ T1406] __kasan_slab_alloc+0x65/0x70 [ 54.450399][ T1406] slab_post_alloc_hook+0x54/0x3e0 [ 54.455530][ T1406] kmem_cache_alloc+0x10c/0x290 [ 54.460388][ T1406] __kernfs_new_node+0xd7/0x6b0 [ 54.465211][ T1406] kernfs_new_node+0x109/0x1d0 [ 54.469966][ T1406] __kernfs_create_file+0x24/0x280 [ 54.475045][ T1406] sysfs_add_file_mode_ns+0x1c2/0x230 [ 54.480388][ T1406] internal_create_group+0x560/0xcf0 [ 54.485766][ T1406] sysfs_create_groups+0x62/0xe0 [ 54.490745][ T1406] device_add_attrs+0x122/0x4a0 [ 54.495668][ T1406] device_add+0x64a/0xd90 [ 54.500092][ T1406] device_add_disk+0x3ab/0xe40 [ 54.504863][ T1406] sd_probe+0xa5a/0x10c0 [ 54.509097][ T1406] really_probe+0x330/0xad0 [ 54.513622][ T1406] __driver_probe_device+0x138/0x340 [ 54.518888][ T1406] driver_probe_device+0x4b/0x3a0 [ 54.523901][ T1406] __driver_attach_async_helper+0x12f/0x250 [ 54.529950][ T1406] async_run_entry_fn+0x98/0x3e0 [ 54.534884][ T1406] process_one_work+0x745/0xe90 [ 54.539801][ T1406] worker_thread+0x806/0xe60 [ 54.544401][ T1406] kthread+0x1e8/0x240 [ 54.548450][ T1406] ret_from_fork+0x1f/0x30 [ 54.552839][ T1406] [ 54.555151][ T1406] The buggy address belongs to the object at ffff8881026ff0e8 [ 54.555151][ T1406] which belongs to the cache kernfs_node_cache of size 168 [ 54.570639][ T1406] The buggy address is located 19 bytes to the right of [ 54.570639][ T1406] 168-byte region [ffff8881026ff0e8, ffff8881026ff190) [ 54.584638][ T1406] [ 54.587164][ T1406] The buggy address belongs to the physical page: [ 54.593664][ T1406] page:ffffea000409bfc0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ff [ 54.604332][ T1406] flags: 0x200000000000200(slab|node=0|zone=2) [ 54.610762][ T1406] raw: 0200000000000200 0000000000000000 dead000000000122 ffff888100163b40 [ 54.620246][ T1406] raw: 0000000000000000 0000000000110011 00000001ffffffff 0000000000000000 [ 54.629050][ T1406] page dumped because: kasan: bad access detected [ 54.635486][ T1406] page_owner tracks the page as allocated [ 54.641280][ T1406] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 9, tgid 9 (kworker/u4:0), ts 3201347691, free_ts 0 [ 54.658692][ T1406] post_alloc_hook+0x286/0x2b0 [ 54.663709][ T1406] get_page_from_freelist+0x2ba7/0x2de0 [ 54.669250][ T1406] __alloc_pages+0x251/0x640 [ 54.674189][ T1406] alloc_slab_page+0x6a/0x150 [ 54.679118][ T1406] new_slab+0x70/0x250 [ 54.683346][ T1406] ___slab_alloc+0x9df/0xe70 [ 54.688151][ T1406] kmem_cache_alloc+0x18b/0x290 [ 54.693189][ T1406] __kernfs_new_node+0xd7/0x6b0 [ 54.698245][ T1406] kernfs_new_node+0x109/0x1d0 [ 54.703058][ T1406] __kernfs_create_file+0x24/0x280 [ 54.708290][ T1406] sysfs_add_file_mode_ns+0x1c2/0x230 [ 54.713650][ T1406] internal_create_group+0x560/0xcf0 [ 54.719202][ T1406] sysfs_create_groups+0x62/0xe0 [ 54.724117][ T1406] device_add_attrs+0x122/0x4a0 [ 54.729095][ T1406] device_add+0x64a/0xd90 [ 54.733568][ T1406] device_add_disk+0x3ab/0xe40 [ 54.738323][ T1406] page_owner free stack trace missing [ 54.743799][ T1406] [ 54.746138][ T1406] Memory state around the buggy address: [ 54.751898][ T1406] ffff8881026ff080: 00 00 00 00 00 fc fc fc fc fc fc fc fc 00 00 00 [ 54.761166][ T1406] ffff8881026ff100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 54.769301][ T1406] >ffff8881026ff180: 00 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 [ 54.778014][ T1406] ^ [ 54.783276][ T1406] ffff8881026ff200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 54.791403][ T1406] ffff8881026ff280: fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 00 [ 54.799632][ T1406] ================================================================== [ 54.807938][ T1406] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 54.815640][ T1406] Kernel Offset: disabled [ 54.820050][ T1406] Rebooting in 86400 seconds..