Warning: Permanently added '10.128.1.68' (ED25519) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
[ 42.827418][ T3508] loop1: detected capacity change from 0 to 128
[ 42.838829][ T3512] loop2: detected capacity change from 0 to 128
[ 42.848150][ T3513] loop0: detected capacity change from 0 to 128
[ 42.849362][ T3515] loop3: detected capacity change from 0 to 128
[ 42.857153][ T3516] loop4: detected capacity change from 0 to 128
[ 42.882104][ T3513] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 42.898591][ T3513] ext4 filesystem being mounted at /root/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[ 42.921793][ T3515] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 42.945972][ T3508] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 42.957723][ T3516] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 42.970556][ T3512] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 42.989976][ T3513] EXT4-fs warning (device loop0): dx_probe:892: inode #2: comm syz-executor581: dx entry: limit 0 != root limit 124
[ 42.996236][ T3512] ext4 filesystem being mounted at /root/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[ 43.003371][ T3508] ext4 filesystem being mounted at /root/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[ 43.034066][ T3513] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz-executor581: Corrupt directory, running e2fsck is recommended
[ 43.066127][ T3516] ext4 filesystem being mounted at /root/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[ 43.078961][ T3513] ==================================================================
[ 43.118279][ T3513] BUG: KASAN: use-after-free in __ext4_check_dir_entry+0x6f3/0x870
[ 43.126197][ T3513] Read of size 2 at addr ffff8880708f6003 by task syz-executor581/3513
[ 43.133850][ T3515] ext4 filesystem being mounted at /root/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[ 43.134422][ T3513]
[ 43.134436][ T3513] CPU: 1 PID: 3513 Comm: syz-executor581 Not tainted 5.15.160-syzkaller #0
[ 43.176762][ T3513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 43.186819][ T3513] Call Trace:
[ 43.190100][ T3513]
[ 43.193030][ T3513] dump_stack_lvl+0x1e3/0x2d0
[ 43.197714][ T3513] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 43.203347][ T3513] ? _printk+0xd1/0x120
[ 43.207508][ T3513] ? __wake_up_klogd+0xcc/0x100
[ 43.212364][ T3513] ? panic+0x860/0x860
[ 43.216436][ T3513] ? _raw_spin_lock_irqsave+0xdd/0x120
[ 43.221903][ T3513] print_address_description+0x63/0x3b0
[ 43.227455][ T3513] ? __ext4_check_dir_entry+0x6f3/0x870
[ 43.233003][ T3513] kasan_report+0x16b/0x1c0
[ 43.237523][ T3513] ? __ext4_check_dir_entry+0x6f3/0x870
[ 43.243078][ T3513] __ext4_check_dir_entry+0x6f3/0x870
[ 43.248452][ T3513] ? read_cache_pages_invalidate_pages+0x1c0/0x1c0
[ 43.254967][ T3513] ext4_readdir+0x14a6/0x38e0
[ 43.259682][ T3513] ? ext4_dir_llseek+0x500/0x500
[ 43.264623][ T3513] ? __fdget_pos+0x2cb/0x380
[ 43.269210][ T3513] ? mutex_lock_io_nested+0x60/0x60
[ 43.274399][ T3513] ? ext4_dir_llseek+0x500/0x500
[ 43.279329][ T3513] ? iterate_dir+0x10a/0x570
[ 43.283898][ T3513] ? iterate_dir+0x10a/0x570
[ 43.288465][ T3513] ? fsnotify_perm+0x438/0x5a0
[ 43.293211][ T3513] iterate_dir+0x224/0x570
[ 43.297614][ T3513] ? ext4_dir_llseek+0x500/0x500
[ 43.302533][ T3513] __se_sys_getdents64+0x209/0x4f0
[ 43.307630][ T3513] ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 43.313600][ T3513] ? __x64_sys_getdents64+0x80/0x80
[ 43.318777][ T3513] ? filldir+0x720/0x720
[ 43.323021][ T3513] ? syscall_enter_from_user_mode+0x2e/0x240
[ 43.328982][ T3513] ? lockdep_hardirqs_on+0x94/0x130
[ 43.334162][ T3513] ? syscall_enter_from_user_mode+0x2e/0x240
[ 43.340128][ T3513] do_syscall_64+0x3b/0xb0
[ 43.344540][ T3513] ? clear_bhb_loop+0x15/0x70
[ 43.349219][ T3513] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 43.355103][ T3513] RIP: 0033:0x7fa96dc1e569
[ 43.359497][ T3513] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1b 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 43.379081][ T3513] RSP: 002b:00007fa96dbd0218 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[ 43.387481][ T3513] RAX: ffffffffffffffda RBX: 00007fa96dc9e608 RCX: 00007fa96dc1e569
[ 43.395438][ T3513] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000008
[ 43.403395][ T3513] RBP: 00007fa96dc9e600 R08: 0000000000000000 R09: 0000000000000000
[ 43.411347][ T3513] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa96dc6b62c
[ 43.419298][ T3513] R13: 00007fa96dc6b2e0 R14: 00007fa96dc6b528 R15: 6f6f6c2f7665642f
[ 43.427255][ T3513]
[ 43.430253][ T3513]
[ 43.432554][ T3513] The buggy address belongs to the page:
[ 43.438164][ T3513] page:ffffea0001c23d80 refcount:1 mapcount:1 mapping:0000000000000000 index:0x55b157b7a pfn:0x708f6
[ 43.448988][ T3513] memcg:ffff888011e84000
[ 43.453214][ T3513] anon flags: 0xfff00000080014(uptodate|lru|swapbacked|node=0|zone=1|lastcpupid=0x7ff)
[ 43.462857][ T3513] raw: 00fff00000080014 ffffea0001589b48 ffffea0001c23dc8 ffff88801a9ea771
[ 43.471416][ T3513] raw: 000000055b157b7a 0000000000000000 0000000100000000 ffff888011e84000
[ 43.479975][ T3513] page dumped because: kasan: bad access detected
[ 43.486377][ T3513] page_owner tracks the page as allocated
[ 43.492077][ T3513] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100cca(GFP_HIGHUSER_MOVABLE), pid 2964, ts 43131601451, free_ts 37232586833
[ 43.506645][ T3513] get_page_from_freelist+0x322a/0x33c0
[ 43.512175][ T3513] __alloc_pages+0x272/0x700
[ 43.516747][ T3513] alloc_pages_vma+0x39a/0x800
[ 43.521491][ T3513] wp_page_copy+0x24e/0x2070
[ 43.526083][ T3513] handle_mm_fault+0x2a3d/0x5950
[ 43.531013][ T3513] exc_page_fault+0x271/0x740
[ 43.535669][ T3513] asm_exc_page_fault+0x22/0x30
[ 43.540497][ T3513] page last free stack trace:
[ 43.545154][ T3513] free_unref_page_prepare+0xc34/0xcf0
[ 43.550607][ T3513] free_unref_page_list+0x1f7/0x8e0
[ 43.555799][ T3513] release_pages+0x1bb9/0x1f40
[ 43.560547][ T3513] tlb_finish_mmu+0x177/0x320
[ 43.565209][ T3513] exit_mmap+0x3cd/0x670
[ 43.569453][ T3513] __mmput+0x112/0x3b0
[ 43.573502][ T3513] exit_mm+0x688/0x7f0
[ 43.577550][ T3513] do_exit+0x626/0x2480
[ 43.581684][ T3513] do_group_exit+0x144/0x310
[ 43.586249][ T3513] __x64_sys_exit_group+0x3b/0x40
[ 43.591257][ T3513] do_syscall_64+0x3b/0xb0
[ 43.595666][ T3513] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 43.601551][ T3513]
[ 43.603851][ T3513] Memory state around the buggy address:
[ 43.609453][ T3513] ffff8880708f5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 43.617489][ T3513] ffff8880708f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 43.625526][ T3513] >ffff8880708f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 43.633560][ T3513] ^
[ 43.637600][ T3513] ffff8880708f6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 43.645635][ T3513] ffff8880708f6100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 43.653668][ T3513] ==================================================================
[ 43.661702][ T3513] Disabling lock debugging due to kernel taint
[ 43.668305][ T3513] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 43.675486][ T3513] CPU: 1 PID: 3513 Comm: syz-executor581 Tainted: G B 5.15.160-syzkaller #0
[ 43.685460][ T3513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 43.695487][ T3513] Call Trace:
[ 43.698743][ T3513]
[ 43.701651][ T3513] dump_stack_lvl+0x1e3/0x2d0
[ 43.706306][ T3513] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 43.711911][ T3513] ? panic+0x860/0x860
[ 43.716009][ T3513] ? preempt_schedule_common+0xa6/0xd0
[ 43.721445][ T3513] ? preempt_schedule+0xd9/0xe0
[ 43.726271][ T3513] panic+0x318/0x860
[ 43.730144][ T3513] ? check_panic_on_warn+0x1d/0xa0
[ 43.735229][ T3513] ? fb_is_primary_device+0xd0/0xd0
[ 43.740401][ T3513] ? _raw_spin_unlock_irqrestore+0x128/0x130
[ 43.746353][ T3513] ? _raw_spin_unlock+0x40/0x40
[ 43.751179][ T3513] ? print_memory_metadata+0xe2/0x140
[ 43.756528][ T3513] check_panic_on_warn+0x7e/0xa0
[ 43.761453][ T3513] ? __ext4_check_dir_entry+0x6f3/0x870
[ 43.766971][ T3513] end_report+0x6d/0xf0
[ 43.771101][ T3513] kasan_report+0x18e/0x1c0
[ 43.775578][ T3513] ? __ext4_check_dir_entry+0x6f3/0x870
[ 43.781112][ T3513] __ext4_check_dir_entry+0x6f3/0x870
[ 43.786463][ T3513] ? read_cache_pages_invalidate_pages+0x1c0/0x1c0
[ 43.792943][ T3513] ext4_readdir+0x14a6/0x38e0
[ 43.797614][ T3513] ? ext4_dir_llseek+0x500/0x500
[ 43.802527][ T3513] ? __fdget_pos+0x2cb/0x380
[ 43.807091][ T3513] ? mutex_lock_io_nested+0x60/0x60
[ 43.812268][ T3513] ? ext4_dir_llseek+0x500/0x500
[ 43.817191][ T3513] ? iterate_dir+0x10a/0x570
[ 43.821772][ T3513] ? iterate_dir+0x10a/0x570
[ 43.826336][ T3513] ? fsnotify_perm+0x438/0x5a0
[ 43.831072][ T3513] iterate_dir+0x224/0x570
[ 43.835460][ T3513] ? ext4_dir_llseek+0x500/0x500
[ 43.840371][ T3513] __se_sys_getdents64+0x209/0x4f0
[ 43.845456][ T3513] ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 43.851410][ T3513] ? __x64_sys_getdents64+0x80/0x80
[ 43.856578][ T3513] ? filldir+0x720/0x720
[ 43.860796][ T3513] ? syscall_enter_from_user_mode+0x2e/0x240
[ 43.866755][ T3513] ? lockdep_hardirqs_on+0x94/0x130
[ 43.871950][ T3513] ? syscall_enter_from_user_mode+0x2e/0x240
[ 43.877909][ T3513] do_syscall_64+0x3b/0xb0
[ 43.882297][ T3513] ? clear_bhb_loop+0x15/0x70
[ 43.886948][ T3513] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 43.892813][ T3513] RIP: 0033:0x7fa96dc1e569
[ 43.897200][ T3513] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1b 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 43.916774][ T3513] RSP: 002b:00007fa96dbd0218 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[ 43.925165][ T3513] RAX: ffffffffffffffda RBX: 00007fa96dc9e608 RCX: 00007fa96dc1e569
[ 43.933123][ T3513] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000008
[ 43.941067][ T3513] RBP: 00007fa96dc9e600 R08: 0000000000000000 R09: 0000000000000000
[ 43.949012][ T3513] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa96dc6b62c
[ 43.956954][ T3513] R13: 00007fa96dc6b2e0 R14: 00007fa96dc6b528 R15: 6f6f6c2f7665642f
[ 43.964907][ T3513]
[ 43.967998][ T3513] Kernel Offset: disabled
[ 43.972306][ T3513] Rebooting in 86400 seconds..