Warning: Permanently added '10.128.1.83' (ED25519) to the list of known hosts.
2025/07/28 02:46:47 ignoring optional flag "sandboxArg"="0"
2025/07/28 02:46:47 ignoring optional flag "type"="gce"
2025/07/28 02:46:48 parsed 1 programs
[   72.388086][ T1449] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
2025/07/28 02:46:55 executed programs: 0
[   79.767032][ T1975] loop0: detected capacity change from 0 to 1024
[   79.791513][ T1975] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.817902][ T1975] loop0: detected capacity change from 1024 to 1023
[   79.829274][ T1518] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 16: comm syz-executor: path /1/bus: bad entry in directory: rec_len is smaller than minimal - offset=980, inode=0, rec_len=0, size=1024 fake=0
[   79.850780][ T1518] ==================================================================
[   79.858833][ T1518] BUG: KASAN: slab-use-after-free in ext4_read_inline_data+0x18f/0x280
[   79.867226][ T1518] Read of size 68 at addr ffff888120ab651a by task syz-executor/1518
[   79.875262][ T1518] 
[   79.877603][ T1518] CPU: 1 UID: 0 PID: 1518 Comm: syz-executor Not tainted 6.16.0-syzkaller #0 PREEMPT(none) 
[   79.877610][ T1518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   79.877616][ T1518] Call Trace:
[   79.877623][ T1518]  <TASK>
[   79.877626][ T1518]  dump_stack_lvl+0xf4/0x170
[   79.877637][ T1518]  ? __pfx_dump_stack_lvl+0x10/0x10
[   79.877642][ T1518]  ? rcu_is_watching+0x1f/0xa0
[   79.877648][ T1518]  ? __virt_addr_valid+0x176/0x2b0
[   79.877653][ T1518]  ? lock_release+0x42/0x2f0
[   79.877657][ T1518]  ? lock_acquire+0x69/0x210
[   79.877661][ T1518]  ? __virt_addr_valid+0x262/0x2b0
[   79.877664][ T1518]  print_report+0xca/0x240
[   79.877671][ T1518]  ? ext4_read_inline_data+0x18f/0x280
[   79.877675][ T1518]  kasan_report+0x118/0x150
[   79.877680][ T1518]  ? ext4_read_inline_data+0x18f/0x280
[   79.877684][ T1518]  kasan_check_range+0x2b0/0x2c0
[   79.877687][ T1518]  ? ext4_read_inline_data+0x18f/0x280
[   79.877691][ T1518]  __asan_memcpy+0x29/0x70
[   79.877696][ T1518]  ext4_read_inline_data+0x18f/0x280
[   79.877700][ T1518]  ext4_read_inline_dir+0x2cd/0x940
[   79.877705][ T1518]  ? __mem_cgroup_threshold+0x29/0x2e0
[   79.877710][ T1518]  ? __mem_cgroup_threshold+0x29/0x2e0
[   79.877714][ T1518]  ? __pfx_ext4_read_inline_dir+0x10/0x10
[   79.877719][ T1518]  ? __lock_acquire+0x74/0x4c0
[   79.877722][ T1518]  ext4_readdir+0x252/0x2d10
[   79.877727][ T1518]  ? rcu_is_watching+0x1f/0xa0
[   79.877733][ T1518]  ? handle_mm_fault+0x1d0b/0x2310
[   79.877736][ T1518]  ? __pfx_ext4_readdir+0x10/0x10
[   79.877740][ T1518]  ? rwsem_read_trylock+0x18e/0x210
[   79.877745][ T1518]  ? __pfx_rwsem_read_trylock+0x10/0x10
[   79.877750][ T1518]  ? iterate_dir+0xb5/0x4c0
[   79.877754][ T1518]  ? down_read_killable+0x120/0x1a0
[   79.877760][ T1518]  iterate_dir+0x1a7/0x4c0
[   79.877764][ T1518]  __se_sys_getdents64+0xd3/0x1b0
[   79.877768][ T1518]  ? __pfx___se_sys_getdents64+0x10/0x10
[   79.877771][ T1518]  ? exc_page_fault+0x62/0xa0
[   79.877775][ T1518]  ? __pfx_filldir64+0x10/0x10
[   79.877779][ T1518]  ? do_user_addr_fault+0x378/0xc30
[   79.877785][ T1518]  do_syscall_64+0x8f/0x250
[   79.877790][ T1518]  ? fpregs_assert_state_consistent+0x48/0x60
[   79.877795][ T1518]  ? clear_bhb_loop+0x40/0x90
[   79.877799][ T1518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.877803][ T1518] RIP: 0033:0x7f7c57229333
[   79.877812][ T1518] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 02 45 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[   79.877818][ T1518] RSP: 002b:00007fff1d9c66e8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[   79.877826][ T1518] RAX: ffffffffffffffda RBX: 0000555582a42520 RCX: 00007f7c57229333
[   79.877829][ T1518] RDX: 0000000000008000 RSI: 0000555582a42520 RDI: 0000000000000006
[   79.877832][ T1518] RBP: 0000555582a424f4 R08: 0000000000000000 R09: 0000000000000000
[   79.877834][ T1518] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[   79.877837][ T1518] R13: 0000000000000016 R14: 0000555582a424f0 R15: 00007fff1d9c9a80
[   79.877841][ T1518]  </TASK>
[   79.877843][ T1518] 
[   80.172769][ T1518] Allocated by task 1800:
[   80.177078][ T1518]  kasan_save_track+0x3e/0x80
[   80.181733][ T1518]  __kasan_kmalloc+0x93/0xb0
[   80.186309][ T1518]  __kmalloc_noprof+0x263/0x500
[   80.191139][ T1518]  tomoyo_realpath_from_path+0xf5/0x550
[   80.196685][ T1518]  tomoyo_path_perm+0x1d3/0x460
[   80.201525][ T1518]  security_inode_getattr+0xb2/0x150
[   80.206876][ T1518]  __se_sys_newfstat+0xcc/0x370
[   80.211741][ T1518]  do_syscall_64+0x8f/0x250
[   80.216259][ T1518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.222315][ T1518] 
[   80.224618][ T1518] Freed by task 1800:
[   80.228575][ T1518]  kasan_save_track+0x3e/0x80
[   80.233258][ T1518]  kasan_save_free_info+0x46/0x50
[   80.238323][ T1518]  __kasan_slab_free+0x62/0x70
[   80.243059][ T1518]  kfree+0x174/0x3e0
[   80.246934][ T1518]  tomoyo_realpath_from_path+0x525/0x550
[   80.252546][ T1518]  tomoyo_path_perm+0x1d3/0x460
[   80.257371][ T1518]  security_inode_getattr+0xb2/0x150
[   80.262625][ T1518]  __se_sys_newfstat+0xcc/0x370
[   80.267445][ T1518]  do_syscall_64+0x8f/0x250
[   80.271933][ T1518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.277911][ T1518] 
[   80.280207][ T1518] The buggy address belongs to the object at ffff888120ab6000
[   80.280207][ T1518]  which belongs to the cache kmalloc-4k of size 4096
[   80.294413][ T1518] The buggy address is located 1306 bytes inside of
[   80.294413][ T1518]  freed 4096-byte region [ffff888120ab6000, ffff888120ab7000)
[   80.308359][ T1518] 
[   80.310659][ T1518] The buggy address belongs to the physical page:
[   80.317300][ T1518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x120ab0
[   80.326144][ T1518] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   80.334706][ T1518] flags: 0x200000000000040(head|node=0|zone=2)
[   80.340851][ T1518] page_type: f5(slab)
[   80.344806][ T1518] raw: 0200000000000040 ffff888100042140 dead000000000100 dead000000000122
[   80.353459][ T1518] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[   80.362042][ T1518] head: 0200000000000040 ffff888100042140 dead000000000100 dead000000000122
[   80.370686][ T1518] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[   80.379332][ T1518] head: 0200000000000003 ffffea000482ac01 00000000ffffffff 00000000ffffffff
[   80.387970][ T1518] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000008
[   80.396691][ T1518] page dumped because: kasan: bad access detected
[   80.403077][ T1518] page_owner tracks the page as allocated
[   80.408760][ T1518] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 930, tgid 930 (kworker/u8:1), ts 45078630375, free_ts 34730239885
[   80.429216][ T1518]  post_alloc_hook+0x168/0x1a0
[   80.433955][ T1518]  get_page_from_freelist+0x2c22/0x2de0
[   80.439477][ T1518]  __alloc_frozen_pages_noprof+0x26b/0x460
[   80.445253][ T1518]  alloc_pages_mpol+0xcb/0x270
[   80.450095][ T1518]  allocate_slab+0x8a/0x350
[   80.454583][ T1518]  ___slab_alloc+0x9dc/0x10e0
[   80.459242][ T1518]  __kmalloc_noprof+0x2e8/0x500
[   80.464143][ T1518]  tomoyo_realpath_from_path+0xf5/0x550
[   80.469740][ T1518]  tomoyo_realpath_nofollow+0x96/0xe0
[   80.475092][ T1518]  tomoyo_find_next_domain+0x260/0x1a40
[   80.480636][ T1518]  tomoyo_bprm_check_security+0x101/0x140
[   80.486339][ T1518]  security_bprm_check+0x2b/0xb0
[   80.491324][ T1518]  bprm_execve+0x610/0xe80
[   80.495715][ T1518]  kernel_execve+0x4d3/0x5f0
[   80.500274][ T1518]  call_usermodehelper_exec_async+0x1dd/0x2f0
[   80.506320][ T1518]  ret_from_fork+0x139/0x2d0
[   80.510894][ T1518] page last free pid 882 tgid 882 stack trace:
[   80.517111][ T1518]  __free_frozen_pages+0xa1a/0xbf0
[   80.522197][ T1518]  __folio_put+0x1b9/0x240
[   80.526582][ T1518]  anon_pipe_read+0x474/0xad0
[   80.531228][ T1518]  vfs_read+0x423/0x940
[   80.535361][ T1518]  ksys_read+0x108/0x1f0
[   80.539569][ T1518]  do_syscall_64+0x8f/0x250
[   80.544040][ T1518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.550025][ T1518] 
[   80.552327][ T1518] Memory state around the buggy address:
[   80.557937][ T1518]  ffff888120ab6400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   80.565985][ T1518]  ffff888120ab6480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   80.574103][ T1518] >ffff888120ab6500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   80.582135][ T1518]                             ^
[   80.586967][ T1518]  ffff888120ab6580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   80.594999][ T1518]  ffff888120ab6600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   80.603040][ T1518] ==================================================================
[   80.611218][ T1518] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   80.618759][ T1518] Kernel Offset: disabled
[   80.623061][ T1518] Rebooting in 86400 seconds..