Warning: Permanently added '10.128.0.72' (ED25519) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
[   56.346402][ T5220] loop1: detected capacity change from 0 to 512
[   56.364229][ T5218] loop0: detected capacity change from 0 to 512
[   56.367698][ T5221] loop2: detected capacity change from 0 to 512
[   56.374434][ T5223] loop3: detected capacity change from 0 to 512
[   56.379919][ T5222] loop4: detected capacity change from 0 to 512
[   56.406889][ T5218] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.423134][ T5222] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.440515][ T5223] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.456402][ T5220] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.475485][ T5221] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.521213][ T5222] loop4: detected capacity change from 512 to 511
[   56.541397][ T5220] loop1: detected capacity change from 512 to 511
[   56.541525][ T5218] loop0: detected capacity change from 512 to 511
[   56.551477][ T5221] loop2: detected capacity change from 512 to 511
[   56.558946][ T5219] EXT4-fs error (device loop4): htree_dirblock_to_tree:1112: inode #2: block 21: comm syz-executor242: bad entry in directory: directory entry overrun - offset=1004, inode=0, rec_len=1000, size=1024 fake=0
[   56.560848][ T5223] loop3: detected capacity change from 512 to 511
[   56.587563][ T5219] ==================================================================
[   56.595895][ T5219] BUG: KASAN: slab-out-of-bounds in ext4_inlinedir_to_tree+0x57a/0x11d0
[   56.604267][ T5219] Read of size 324 at addr ffff88801f0c3c05 by task syz-executor242/5219
[   56.612772][ T5219] 
[   56.615125][ T5219] CPU: 1 UID: 0 PID: 5219 Comm: syz-executor242 Not tainted 6.11.0-rc4-syzkaller-00255-gd2bafcf224f3 #0
[   56.626510][ T5219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   56.636594][ T5219] Call Trace:
[   56.639894][ T5219]  <TASK>
[   56.642639][ T5214] EXT4-fs error (device loop0): htree_dirblock_to_tree:1112: inode #2: block 21: comm syz-executor242: bad entry in directory: directory entry overrun - offset=1004, inode=0, rec_len=1000, size=1024 fake=0
[   56.642911][ T5219]  dump_stack_lvl+0x241/0x360
[   56.667721][ T5219]  ? __pfx_dump_stack_lvl+0x10/0x10
[   56.672942][ T5219]  ? __pfx__printk+0x10/0x10
[   56.677553][ T5219]  ? _printk+0xd5/0x120
[   56.681857][ T5219]  ? __virt_addr_valid+0x183/0x530
[   56.686978][ T5219]  ? __virt_addr_valid+0x183/0x530
[   56.692188][ T5219]  print_report+0x169/0x550
[   56.696707][ T5219]  ? __virt_addr_valid+0x183/0x530
[   56.700738][ T5216] EXT4-fs error (device loop2): htree_dirblock_to_tree:1112: inode #2: block 21: comm syz-executor242: bad entry in directory: directory entry overrun - offset=1004, inode=0, rec_len=1000, size=1024 fake=0
[   56.701985][ T5219]  ? __virt_addr_valid+0x183/0x530
[   56.702006][ T5219]  ? __virt_addr_valid+0x45f/0x530
[   56.702021][ T5219]  ? __phys_addr+0xba/0x170
[   56.702036][ T5219]  ? ext4_inlinedir_to_tree+0x57a/0x11d0
[   56.702063][ T5219]  kasan_report+0x143/0x180
[   56.702084][ T5219]  ? ext4_inlinedir_to_tree+0x57a/0x11d0
[   56.702108][ T5219]  kasan_check_range+0x282/0x290
[   56.702127][ T5219]  ? ext4_inlinedir_to_tree+0x57a/0x11d0
[   56.702149][ T5219]  __asan_memcpy+0x29/0x70
[   56.702166][ T5219]  ext4_inlinedir_to_tree+0x57a/0x11d0
[   56.702188][ T5219]  ? is_bpf_text_address+0x285/0x2a0
[   56.702214][ T5219]  ? __kernel_text_address+0xd/0x40
[   56.702235][ T5219]  ? __pfx_ext4_inlinedir_to_tree+0x10/0x10
[   56.702268][ T5219]  ? kasan_save_track+0x51/0x80
[   56.724154][ T5217] EXT4-fs error (device loop3): htree_dirblock_to_tree:1112: inode #2: block 21: comm syz-executor242: bad entry in directory: directory entry overrun - offset=1004, inode=0, rec_len=1000, size=1024 fake=0
[   56.727567][ T5219]  ? kasan_save_track+0x3f/0x80
[   56.732982][ T5215] EXT4-fs error (device loop1): htree_dirblock_to_tree:1112: inode #2: block 21: comm syz-executor242: bad entry in directory: directory entry overrun - offset=1004, inode=0, rec_len=1000, size=1024 fake=0
[   56.737225][ T5219]  ? __kasan_kmalloc+0x98/0xb0
[   56.844925][ T5219]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[   56.850475][ T5219]  ? ext4_readdir+0x4c4/0x3500
[   56.855402][ T5219]  ? do_syscall_64+0xf3/0x230
[   56.860168][ T5219]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.866323][ T5219]  ext4_htree_fill_tree+0x5d8/0x1400
[   56.871613][ T5219]  ? __pfx_ext4_htree_fill_tree+0x10/0x10
[   56.877325][ T5219]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[   56.882863][ T5219]  ext4_readdir+0x2b1c/0x3500
[   56.887530][ T5219]  ? __pfx___might_resched+0x10/0x10
[   56.892843][ T5219]  ? __mutex_trylock_common+0x183/0x2e0
[   56.898375][ T5219]  ? __pfx___might_resched+0x10/0x10
[   56.903827][ T5219]  ? __pfx___mutex_trylock_common+0x10/0x10
[   56.909710][ T5219]  ? down_read_killable+0xaaa/0xd30
[   56.914896][ T5219]  ? __pfx_ext4_readdir+0x10/0x10
[   56.919909][ T5219]  ? trace_contention_end+0x3c/0x120
[   56.925185][ T5219]  ? __mutex_lock+0x2ef/0xd70
[   56.929850][ T5219]  ? iterate_dir+0x215/0x810
[   56.934441][ T5219]  ? __pfx_down_read_killable+0x10/0x10
[   56.939984][ T5219]  ? __fdget_pos+0x24e/0x310
[   56.944573][ T5219]  ? __pfx___mutex_lock+0x10/0x10
[   56.949594][ T5219]  ? __pfx_reacquire_held_locks+0x10/0x10
[   56.955403][ T5219]  ? bpf_lsm_file_permission+0x9/0x10
[   56.960773][ T5219]  iterate_dir+0x57a/0x810
[   56.965361][ T5219]  __se_sys_getdents64+0x20d/0x4f0
[   56.970483][ T5219]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   56.976481][ T5219]  ? __pfx___se_sys_getdents64+0x10/0x10
[   56.982195][ T5219]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   56.988166][ T5219]  ? __pfx_filldir64+0x10/0x10
[   56.992943][ T5219]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   56.999348][ T5219]  ? exc_page_fault+0x590/0x8c0
[   57.004198][ T5219]  ? do_syscall_64+0xb6/0x230
[   57.008867][ T5219]  do_syscall_64+0xf3/0x230
[   57.013358][ T5219]  ? clear_bhb_loop+0x35/0x90
[   57.018031][ T5219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.024011][ T5219] RIP: 0033:0x7f9958524233
[   57.028533][ T5219] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 52 47 fb ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 b8 ff ff ff f7 d8
[   57.048227][ T5219] RSP: 002b:00007fff6deca968 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[   57.056655][ T5219] RAX: ffffffffffffffda RBX: 0000555574b92770 RCX: 00007f9958524233
[   57.064632][ T5219] RDX: 0000000000008000 RSI: 0000555574b92770 RDI: 0000000000000005
[   57.072609][ T5219] RBP: 0000555574b92744 R08: 0000000000000000 R09: 0000000000000000
[   57.080568][ T5219] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffb8
[   57.088538][ T5219] R13: 0000000000000016 R14: 0000555574b92740 R15: 00007fff6decdcd0
[   57.096504][ T5219]  </TASK>
[   57.099508][ T5219] 
[   57.101816][ T5219] Allocated by task 1:
[   57.105875][ T5219]  kasan_save_track+0x3f/0x80
[   57.110631][ T5219]  __kasan_slab_alloc+0x66/0x80
[   57.115590][ T5219]  kmem_cache_alloc_noprof+0x135/0x2a0
[   57.121048][ T5219]  __kernfs_new_node+0xd8/0x870
[   57.125889][ T5219]  kernfs_new_node+0x137/0x240
[   57.130704][ T5219]  __kernfs_create_file+0x49/0x2e0
[   57.136171][ T5219]  sysfs_add_file_mode_ns+0x24a/0x310
[   57.141615][ T5219]  sysfs_merge_group+0x1fd/0x450
[   57.146549][ T5219]  dpm_sysfs_add+0xd3/0x280
[   57.151258][ T5219]  device_add+0x5bc/0xbf0
[   57.155583][ T5219]  tty_register_device_attr+0x437/0x960
[   57.161116][ T5219]  tty_register_driver+0x5f6/0xc30
[   57.166219][ T5219]  legacy_pty_init+0x3c7/0x610
[   57.170985][ T5219]  pty_init+0xe/0x20
[   57.174912][ T5219]  do_one_initcall+0x248/0x880
[   57.179680][ T5219]  do_initcall_level+0x157/0x210
[   57.184634][ T5219]  do_initcalls+0x3f/0x80
[   57.189059][ T5219]  kernel_init_freeable+0x435/0x5d0
[   57.194252][ T5219]  kernel_init+0x1d/0x2b0
[   57.198579][ T5219]  ret_from_fork+0x4b/0x80
[   57.203010][ T5219]  ret_from_fork_asm+0x1a/0x30
[   57.207870][ T5219] 
[   57.210274][ T5219] The buggy address belongs to the object at ffff88801f0c3b40
[   57.210274][ T5219]  which belongs to the cache kernfs_node_cache of size 176
[   57.224843][ T5219] The buggy address is located 21 bytes to the right of
[   57.224843][ T5219]  allocated 176-byte region [ffff88801f0c3b40, ffff88801f0c3bf0)
[   57.239511][ T5219] 
[   57.241916][ T5219] The buggy address belongs to the physical page:
[   57.248331][ T5219] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1f0c3
[   57.257094][ T5219] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   57.264201][ T5219] page_type: 0xfdffffff(slab)
[   57.268864][ T5219] raw: 00fff00000000000 ffff888016ee5000 dead000000000122 0000000000000000
[   57.277435][ T5219] raw: 0000000000000000 0000000000110011 00000001fdffffff 0000000000000000
[   57.285996][ T5219] page dumped because: kasan: bad access detected
[   57.292411][ T5219] page_owner tracks the page as allocated
[   57.298110][ T5219] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 6740143553, free_ts 6726213725
[   57.316513][ T5219]  post_alloc_hook+0x1f3/0x230
[   57.321275][ T5219]  get_page_from_freelist+0x2e4c/0x2f10
[   57.326826][ T5219]  __alloc_pages_noprof+0x256/0x6c0
[   57.332012][ T5219]  alloc_slab_page+0x5f/0x120
[   57.336673][ T5219]  allocate_slab+0x5a/0x2f0
[   57.341159][ T5219]  ___slab_alloc+0xcd1/0x14b0
[   57.345823][ T5219]  __slab_alloc+0x58/0xa0
[   57.350142][ T5219]  kmem_cache_alloc_noprof+0x1c1/0x2a0
[   57.355592][ T5219]  __kernfs_new_node+0xd8/0x870
[   57.360433][ T5219]  kernfs_new_node+0x137/0x240
[   57.365189][ T5219]  __kernfs_create_file+0x49/0x2e0
[   57.370330][ T5219]  sysfs_add_file_mode_ns+0x24a/0x310
[   57.375699][ T5219]  sysfs_merge_group+0x1fd/0x450
[   57.380716][ T5219]  dpm_sysfs_add+0xd3/0x280
[   57.385216][ T5219]  device_add+0x5bc/0xbf0
[   57.389537][ T5219]  tty_register_device_attr+0x437/0x960
[   57.395076][ T5219] page last free pid 46 tgid 46 stack trace:
[   57.401049][ T5219]  free_unref_page+0xd19/0xea0
[   57.405805][ T5219]  vfree+0x186/0x2e0
[   57.409688][ T5219]  delayed_vfree_work+0x56/0x80
[   57.414639][ T5219]  process_scheduled_works+0xa2c/0x1830
[   57.420267][ T5219]  worker_thread+0x86d/0xd10
[   57.424865][ T5219]  kthread+0x2f0/0x390
[   57.428922][ T5219]  ret_from_fork+0x4b/0x80
[   57.433349][ T5219]  ret_from_fork_asm+0x1a/0x30
[   57.438122][ T5219] 
[   57.440439][ T5219] Memory state around the buggy address:
[   57.446143][ T5219]  ffff88801f0c3b00: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   57.454189][ T5219]  ffff88801f0c3b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
[   57.462323][ T5219] >ffff88801f0c3c00: fc fc fc fc fc fc 00 00 00 00 00 00 00 00 00 00
[   57.470366][ T5219]                    ^
[   57.474416][ T5219]  ffff88801f0c3c80: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc
[   57.482474][ T5219]  ffff88801f0c3d00: fc fc fc fc 00 00 00 00 00 00 00 00 00 00 00 00
[   57.490530][ T5219] ==================================================================
[   57.513376][ T5214] EXT4-fs error (device loop0): ext4_inlinedir_to_tree:1403: inode #12: block 10: comm syz-executor242: path /root/syzkaller.TKkpyy/0/file0/file0: bad entry in directory: rec_len is smaller than minimal - offset=4, inode=0, rec_len=0, size=384 fake=0
[   57.515761][ T5215] EXT4-fs error (device loop1): ext4_inlinedir_to_tree:1403: inode #12: block 10: comm syz-executor242: path /root/syzkaller.ox99h9/0/file0/file0: bad entry in directory: rec_len is smaller than minimal - offset=4, inode=0, rec_len=0, size=384 fake=0
[   57.562200][ T5216] EXT4-fs error (device loop2): ext4_inlinedir_to_tree:1403: inode #12: block 10: comm syz-executor242: path /root/syzkaller.GEV1Sf/0/file0/file0: bad entry in directory: rec_len is smaller than minimal - offset=4, inode=0, rec_len=0, size=384 fake=0
[   57.563454][ T5214] EXT4-fs error (device loop0): empty_inline_dir:1833: inode #12: block 10: comm syz-executor242: bad entry in directory: rec_len is smaller than minimal - offset=4, inode=0, rec_len=0, size=60 fake=0
[   57.600501][ T5217] EXT4-fs error (device loop3): ext4_inlinedir_to_tree:1403: inode #12: block 10: comm syz-executor242: path /root/syzkaller.v03fKr/0/file0/file0: bad entry in directory: rec_len is smaller than minimal - offset=4, inode=0, rec_len=0, size=384 fake=0
[   57.607452][ T5214] EXT4-fs warning (device loop0): empty_inline_dir:1840: bad inline directory (dir #12) - inode 0, rec_len 0, name_len 0inline size 60
[   57.646491][ T5219] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   57.653719][ T5219] CPU: 0 UID: 0 PID: 5219 Comm: syz-executor242 Not tainted 6.11.0-rc4-syzkaller-00255-gd2bafcf224f3 #0
[   57.664839][ T5219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   57.674909][ T5219] Call Trace:
[   57.678207][ T5219]  <TASK>
[   57.681152][ T5219]  dump_stack_lvl+0x241/0x360
[   57.685835][ T5219]  ? __pfx_dump_stack_lvl+0x10/0x10
[   57.691032][ T5219]  ? __pfx__printk+0x10/0x10
[   57.695633][ T5219]  ? preempt_schedule+0xe1/0xf0
[   57.700473][ T5219]  ? vscnprintf+0x5d/0x90
[   57.704792][ T5219]  panic+0x349/0x860
[   57.708680][ T5219]  ? check_panic_on_warn+0x21/0xb0
[   57.713803][ T5219]  ? __pfx_panic+0x10/0x10
[   57.718232][ T5219]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   57.724213][ T5219]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   57.730537][ T5219]  ? print_report+0x502/0x550
[   57.735380][ T5219]  check_panic_on_warn+0x86/0xb0
[   57.740322][ T5219]  ? ext4_inlinedir_to_tree+0x57a/0x11d0
[   57.746042][ T5219]  end_report+0x77/0x160
[   57.750495][ T5219]  kasan_report+0x154/0x180
[   57.754997][ T5219]  ? ext4_inlinedir_to_tree+0x57a/0x11d0
[   57.760728][ T5219]  kasan_check_range+0x282/0x290
[   57.765658][ T5219]  ? ext4_inlinedir_to_tree+0x57a/0x11d0
[   57.771283][ T5219]  __asan_memcpy+0x29/0x70
[   57.775689][ T5219]  ext4_inlinedir_to_tree+0x57a/0x11d0
[   57.781152][ T5219]  ? is_bpf_text_address+0x285/0x2a0
[   57.786438][ T5219]  ? __kernel_text_address+0xd/0x40
[   57.791643][ T5219]  ? __pfx_ext4_inlinedir_to_tree+0x10/0x10
[   57.797539][ T5219]  ? kasan_save_track+0x51/0x80
[   57.802644][ T5219]  ? kasan_save_track+0x3f/0x80
[   57.807568][ T5219]  ? __kasan_kmalloc+0x98/0xb0
[   57.812324][ T5219]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[   57.817857][ T5219]  ? ext4_readdir+0x4c4/0x3500
[   57.822630][ T5219]  ? do_syscall_64+0xf3/0x230
[   57.827379][ T5219]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.833449][ T5219]  ext4_htree_fill_tree+0x5d8/0x1400
[   57.838819][ T5219]  ? __pfx_ext4_htree_fill_tree+0x10/0x10
[   57.844536][ T5219]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[   57.850158][ T5219]  ext4_readdir+0x2b1c/0x3500
[   57.854829][ T5219]  ? __pfx___might_resched+0x10/0x10
[   57.860104][ T5219]  ? __mutex_trylock_common+0x183/0x2e0
[   57.865641][ T5219]  ? __pfx___might_resched+0x10/0x10
[   57.870916][ T5219]  ? __pfx___mutex_trylock_common+0x10/0x10
[   57.876886][ T5219]  ? down_read_killable+0xaaa/0xd30
[   57.882073][ T5219]  ? __pfx_ext4_readdir+0x10/0x10
[   57.887116][ T5219]  ? trace_contention_end+0x3c/0x120
[   57.892391][ T5219]  ? __mutex_lock+0x2ef/0xd70
[   57.897076][ T5219]  ? iterate_dir+0x215/0x810
[   57.901740][ T5219]  ? __pfx_down_read_killable+0x10/0x10
[   57.907364][ T5219]  ? __fdget_pos+0x24e/0x310
[   57.911941][ T5219]  ? __pfx___mutex_lock+0x10/0x10
[   57.917018][ T5219]  ? __pfx_reacquire_held_locks+0x10/0x10
[   57.922905][ T5219]  ? bpf_lsm_file_permission+0x9/0x10
[   57.928359][ T5219]  iterate_dir+0x57a/0x810
[   57.932767][ T5219]  __se_sys_getdents64+0x20d/0x4f0
[   57.937953][ T5219]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   57.943929][ T5219]  ? __pfx___se_sys_getdents64+0x10/0x10
[   57.949550][ T5219]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   57.955515][ T5219]  ? __pfx_filldir64+0x10/0x10
[   57.960273][ T5219]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   57.966608][ T5219]  ? exc_page_fault+0x590/0x8c0
[   57.971452][ T5219]  ? do_syscall_64+0xb6/0x230
[   57.976113][ T5219]  do_syscall_64+0xf3/0x230
[   57.980603][ T5219]  ? clear_bhb_loop+0x35/0x90
[   57.985367][ T5219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.991255][ T5219] RIP: 0033:0x7f9958524233
[   57.995674][ T5219] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 52 47 fb ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 b8 ff ff ff f7 d8
[   58.015354][ T5219] RSP: 002b:00007fff6deca968 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[   58.023759][ T5219] RAX: ffffffffffffffda RBX: 0000555574b92770 RCX: 00007f9958524233
[   58.031721][ T5219] RDX: 0000000000008000 RSI: 0000555574b92770 RDI: 0000000000000005
[   58.039675][ T5219] RBP: 0000555574b92744 R08: 0000000000000000 R09: 0000000000000000
[   58.047633][ T5219] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffb8
[   58.055673][ T5219] R13: 0000000000000016 R14: 0000555574b92740 R15: 00007fff6decdcd0
[   58.063640][ T5219]  </TASK>
[   58.066946][ T5219] Kernel Offset: disabled
[   58.071253][ T5219] Rebooting in 86400 seconds..