Warning: Permanently added '10.128.0.229' (ED25519) to the list of known hosts. 2023/10/07 07:02:41 ignoring optional flag "sandboxArg"="0" 2023/10/07 07:02:41 parsed 1 programs 2023/10/07 07:02:41 executed programs: 0 [ 46.450879][ T1502] loop0: detected capacity change from 0 to 2048 [ 46.465243][ T1502] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 46.482058][ T1502] ================================================================== [ 46.490687][ T1502] BUG: KASAN: slab-out-of-bounds in ext4_read_inline_data+0x1e0/0x290 [ 46.499435][ T1502] Read of size 20 at addr ffff88810c71a1a3 by task syz-executor.0/1502 [ 46.507657][ T1502] [ 46.510008][ T1502] CPU: 0 PID: 1502 Comm: syz-executor.0 Not tainted 5.15.134-syzkaller #0 [ 46.518505][ T1502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 46.528811][ T1502] Call Trace: [ 46.532487][ T1502] [ 46.535761][ T1502] dump_stack_lvl+0x41/0x5e [ 46.540271][ T1502] print_address_description.constprop.0.cold+0x6c/0x309 [ 46.547365][ T1502] ? ext4_read_inline_data+0x1e0/0x290 [ 46.552905][ T1502] ? ext4_read_inline_data+0x1e0/0x290 [ 46.558365][ T1502] kasan_report.cold+0x83/0xdf [ 46.563159][ T1502] ? ext4_read_inline_data+0x1e0/0x290 [ 46.568696][ T1502] kasan_check_range+0x13d/0x180 [ 46.573777][ T1502] memcpy+0x20/0x60 [ 46.577680][ T1502] ext4_read_inline_data+0x1e0/0x290 [ 46.582966][ T1502] ext4_convert_inline_data_nolock+0xe2/0xbd0 [ 46.589533][ T1502] ? ext4_convert_inline_data+0x2ad/0x4e0 [ 46.595416][ T1502] ? ext4_prepare_inline_data+0x1b0/0x1b0 [ 46.601115][ T1502] ? down_write+0xc8/0x130 [ 46.605524][ T1502] ? down_write_killable_nested+0x160/0x160 [ 46.611420][ T1502] ? ext4_journal_check_start+0x46/0x1d0 [ 46.617041][ T1502] ? __ext4_journal_start_sb+0x226/0x2e0 [ 46.622675][ T1502] ext4_convert_inline_data+0x419/0x4e0 [ 46.628275][ T1502] ? ext4_inline_data_truncate+0xa00/0xa00 [ 46.634085][ T1502] ? down_write_killable_nested+0x160/0x160 [ 46.639988][ T1502] ? lock_acquire+0x11a/0x230 [ 46.644650][ T1502] ? aa_path_link+0x2e0/0x2e0 [ 46.649319][ T1502] ext4_fallocate+0x13f/0x2d60 [ 46.654342][ T1502] ? __lock_acquire.constprop.0+0x478/0xb30 [ 46.660331][ T1502] ? ext4_ext_truncate+0x1c0/0x1c0 [ 46.665446][ T1502] ? lock_acquire+0x11a/0x230 [ 46.670110][ T1502] ? __x64_sys_fallocate+0xb0/0x100 [ 46.675301][ T1502] vfs_fallocate+0x2a8/0xa40 [ 46.679973][ T1502] __x64_sys_fallocate+0xb0/0x100 [ 46.684992][ T1502] do_syscall_64+0x35/0x80 [ 46.689396][ T1502] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 46.695276][ T1502] RIP: 0033:0x7fb09d8b3959 [ 46.699692][ T1502] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 46.719396][ T1502] RSP: 002b:00007fb09d4360c8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 46.727800][ T1502] RAX: ffffffffffffffda RBX: 00007fb09d9d2f80 RCX: 00007fb09d8b3959 [ 46.735768][ T1502] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 46.743959][ T1502] RBP: 00007fb09d90fc88 R08: 0000000000000000 R09: 0000000000000000 [ 46.751935][ T1502] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000000 [ 46.759979][ T1502] R13: 0000000000000006 R14: 00007fb09d9d2f80 R15: 00007ffe6837fb68 [ 46.768041][ T1502] [ 46.771137][ T1502] [ 46.773537][ T1502] Allocated by task 1334: [ 46.778152][ T1502] kasan_save_stack+0x1b/0x40 [ 46.782861][ T1502] __kasan_slab_alloc+0x61/0x80 [ 46.787704][ T1502] kmem_cache_alloc+0x211/0x310 [ 46.792622][ T1502] getname_flags.part.0+0x4a/0x440 [ 46.797829][ T1502] do_sys_openat2+0xd2/0x400 [ 46.802426][ T1502] __x64_sys_openat+0x11b/0x1d0 [ 46.807324][ T1502] do_syscall_64+0x35/0x80 [ 46.811837][ T1502] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 46.817732][ T1502] [ 46.820068][ T1502] Freed by task 1334: [ 46.824064][ T1502] kasan_save_stack+0x1b/0x40 [ 46.828728][ T1502] kasan_set_track+0x1c/0x30 [ 46.833404][ T1502] kasan_set_free_info+0x20/0x30 [ 46.838322][ T1502] __kasan_slab_free+0xe0/0x110 [ 46.843244][ T1502] kmem_cache_free+0x7e/0x450 [ 46.848086][ T1502] do_sys_openat2+0x106/0x400 [ 46.852757][ T1502] __x64_sys_openat+0x11b/0x1d0 [ 46.857730][ T1502] do_syscall_64+0x35/0x80 [ 46.862385][ T1502] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 46.868798][ T1502] [ 46.871123][ T1502] The buggy address belongs to the object at ffff88810c719100 [ 46.871123][ T1502] which belongs to the cache names_cache of size 4096 [ 46.885390][ T1502] The buggy address is located 163 bytes to the right of [ 46.885390][ T1502] 4096-byte region [ffff88810c719100, ffff88810c71a100) [ 46.899434][ T1502] The buggy address belongs to the page: [ 46.905243][ T1502] page:ffffea000431c600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10c718 [ 46.915700][ T1502] head:ffffea000431c600 order:3 compound_mapcount:0 compound_pincount:0 [ 46.924109][ T1502] flags: 0x200000000010200(slab|head|node=0|zone=2) [ 46.930689][ T1502] raw: 0200000000010200 ffffea0004302c00 0000000200000002 ffff88810013e3c0 [ 46.939500][ T1502] raw: 0000000000000000 0000000000070007 00000001ffffffff 0000000000000000 [ 46.948160][ T1502] page dumped because: kasan: bad access detected [ 46.954650][ T1502] page_owner tracks the page as allocated [ 46.960531][ T1502] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 918, ts 24799905716, free_ts 24788479428 [ 46.982295][ T1502] get_page_from_freelist+0x166f/0x2910 [ 46.987913][ T1502] __alloc_pages+0x2b3/0x590 [ 46.992488][ T1502] allocate_slab+0x2eb/0x430 [ 46.997706][ T1502] ___slab_alloc+0xb1c/0xf80 [ 47.002382][ T1502] kmem_cache_alloc+0x2d7/0x310 [ 47.007213][ T1502] getname_flags.part.0+0x4a/0x440 [ 47.012614][ T1502] user_path_at_empty+0x1e/0x50 [ 47.017699][ T1502] vfs_statx+0xd6/0x2e0 [ 47.022039][ T1502] __do_sys_newfstatat+0x7d/0xd0 [ 47.026954][ T1502] do_syscall_64+0x35/0x80 [ 47.031444][ T1502] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 47.037334][ T1502] page last free stack trace: [ 47.042165][ T1502] free_pcp_prepare+0x34e/0x730 [ 47.047017][ T1502] free_unref_page+0x19/0x3b0 [ 47.051686][ T1502] __unfreeze_partials+0x27d/0x2a0 [ 47.056877][ T1502] qlist_free_all+0x68/0x110 [ 47.061630][ T1502] kasan_quarantine_reduce+0x180/0x1f0 [ 47.067184][ T1502] __kasan_slab_alloc+0x73/0x80 [ 47.072103][ T1502] kmem_cache_alloc+0x211/0x310 [ 47.077109][ T1502] getname_flags.part.0+0x4a/0x440 [ 47.082236][ T1502] do_sys_openat2+0xd2/0x400 [ 47.086922][ T1502] __x64_sys_openat+0x11b/0x1d0 [ 47.091864][ T1502] do_syscall_64+0x35/0x80 [ 47.096263][ T1502] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 47.102226][ T1502] [ 47.104531][ T1502] Memory state around the buggy address: [ 47.110405][ T1502] ffff88810c71a080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 47.118483][ T1502] ffff88810c71a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.126919][ T1502] >ffff88810c71a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.135268][ T1502] ^ [ 47.140586][ T1502] ffff88810c71a200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 47.148726][ T1502] ffff88810c71a280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 47.156780][ T1502] ================================================================== [ 47.164945][ T1502] Disabling lock debugging due to kernel taint [ 47.171776][ T1502] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 47.179231][ T1502] Kernel Offset: disabled [ 47.183951][ T1502] Rebooting in 86400 seconds..