Warning: Permanently added '[localhost]:58615' (ED25519) to the list of known hosts.
[ 77.395715][ T5304] loop0: detected capacity change from 0 to 512
executing program
[ 77.427009][ T5304] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz-executor327: corrupted in-inode xattr: invalid ea_ino
[ 77.453175][ T5304] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz-executor327: couldn't read orphan inode 15 (err -117)
[ 77.461930][ T5304] EXT4-fs (loop0): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 77.489163][ T5303] EXT4-fs (loop0): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[ 77.528595][ T5308] loop0: detected capacity change from 0 to 512
executing program
[ 77.544475][ T5308] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz-executor327: corrupted in-inode xattr: invalid ea_ino
[ 77.558691][ T5308] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz-executor327: couldn't read orphan inode 15 (err -117)
[ 77.565080][ T5308] EXT4-fs (loop0): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 77.575697][ T5308] ==================================================================
[ 77.579026][ T5308] BUG: KASAN: use-after-free in ext4_insert_dentry+0x3cd/0x780
[ 77.582374][ T5308] Write of size 251 at addr ffff888043f8cf14 by task syz-executor327/5308
[ 77.586726][ T5308]
[ 77.587736][ T5308] CPU: 0 UID: 0 PID: 5308 Comm: syz-executor327 Not tainted 6.14.0-rc5-syzkaller #0
[ 77.587750][ T5308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 77.587758][ T5308] Call Trace:
[ 77.587765][ T5308]
[ 77.587772][ T5308] dump_stack_lvl+0x241/0x360
[ 77.587789][ T5308] ? __pfx_dump_stack_lvl+0x10/0x10
[ 77.587800][ T5308] ? __pfx__printk+0x10/0x10
[ 77.587809][ T5308] ? _printk+0xd5/0x120
[ 77.587818][ T5308] ? __virt_addr_valid+0x183/0x530
[ 77.587828][ T5308] ? __virt_addr_valid+0x183/0x530
[ 77.587838][ T5308] print_report+0x16e/0x5b0
[ 77.587850][ T5308] ? __virt_addr_valid+0x183/0x530
[ 77.587858][ T5308] ? __virt_addr_valid+0x183/0x530
[ 77.587866][ T5308] ? __virt_addr_valid+0x45f/0x530
[ 77.587874][ T5308] ? __phys_addr+0xba/0x170
[ 77.587883][ T5308] ? ext4_insert_dentry+0x3cd/0x780
[ 77.587890][ T5308] kasan_report+0x143/0x180
[ 77.587900][ T5308] ? ext4_insert_dentry+0x3cd/0x780
[ 77.587911][ T5308] kasan_check_range+0x282/0x290
[ 77.587922][ T5308] ? ext4_insert_dentry+0x3cd/0x780
[ 77.587933][ T5308] __asan_memcpy+0x40/0x70
[ 77.587942][ T5308] ext4_insert_dentry+0x3cd/0x780
[ 77.587955][ T5308] add_dirent_to_buf+0x315/0x660
[ 77.587968][ T5308] ? __pfx_add_dirent_to_buf+0x10/0x10
[ 77.587980][ T5308] ? __ext4_handle_dirty_metadata+0x30d/0x820
[ 77.587990][ T5308] ? ext4_handle_dirty_dirblock+0xc0/0x350
[ 77.588001][ T5308] make_indexed_dir+0xcaf/0x1280
[ 77.588015][ T5308] ? __pfx_make_indexed_dir+0x10/0x10
[ 77.588027][ T5308] ? add_dirent_to_buf+0x2a7/0x660
[ 77.588038][ T5308] ? add_dirent_to_buf+0x2c5/0x660
[ 77.588050][ T5308] ? __pfx_add_dirent_to_buf+0x10/0x10
[ 77.588062][ T5308] ? __ext4_read_dirblock+0x486/0x790
[ 77.588075][ T5308] ext4_add_entry+0xb36/0xd30
[ 77.588088][ T5308] ? __pfx_ext4_add_entry+0x10/0x10
[ 77.588103][ T5308] ext4_add_nondir+0x8d/0x290
[ 77.588115][ T5308] ? ext4_symlink+0x70c/0xda0
[ 77.588126][ T5308] ext4_symlink+0xa10/0xda0
[ 77.588139][ T5308] ? __pfx_ext4_symlink+0x10/0x10
[ 77.588151][ T5308] ? inode_permission+0xff/0x460
[ 77.588164][ T5308] ? bpf_lsm_inode_symlink+0x9/0x10
[ 77.588175][ T5308] ? security_inode_symlink+0xbe/0x330
[ 77.588188][ T5308] vfs_symlink+0x137/0x2e0
[ 77.588201][ T5308] do_symlinkat+0x222/0x3a0
[ 77.588213][ T5308] ? __pfx_do_symlinkat+0x10/0x10
[ 77.588223][ T5308] ? strncpy_from_user+0x146/0x270
[ 77.588234][ T5308] ? getname_flags+0x1e3/0x540
[ 77.588245][ T5308] __x64_sys_symlink+0x7a/0x90
[ 77.588256][ T5308] do_syscall_64+0xf3/0x230
[ 77.588324][ T5308] ? clear_bhb_loop+0x35/0x90
[ 77.588340][ T5308] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 77.588353][ T5308] RIP: 0033:0x7f010e92a269
[ 77.588364][ T5308] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 77.588373][ T5308] RSP: 002b:00007ffe0c20aaf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[ 77.588387][ T5308] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007f010e92a269
[ 77.588395][ T5308] RDX: 0000000000000000 RSI: 0000400000000cc0 RDI: 0000400000000dc0
[ 77.588401][ T5308] RBP: 0000400000000180 R08: 00007ffe0c20ab30 R09: 00007ffe0c20ab30
[ 77.588407][ T5308] R10: 00007ffe0c20ab30 R11: 0000000000000246 R12: 00007ffe0c20ab1c
[ 77.588413][ T5308] R13: 0000000000000001 R14: 431bde82d7b634db R15: 00007ffe0c20ab50
[ 77.588434][ T5308]
[ 77.588437][ T5308]
[ 77.720074][ T5308] The buggy address belongs to the physical page:
[ 77.722810][ T5308] page: refcount:3 mapcount:0 mapping:ffff888031d2cd78 index:0x3f pfn:0x43f8c
[ 77.727125][ T5308] memcg:ffff888030aa6000
[ 77.729186][ T5308] aops:def_blk_aops ino:700000 dentry name(?):""
[ 77.731672][ T5308] flags: 0x4fff10000004014(referenced|dirty|private|node=1|zone=1|lastcpupid=0x7ff)
[ 77.734972][ T5308] raw: 04fff10000004014 0000000000000000 dead000000000122 ffff888031d2cd78
[ 77.737629][ T5308] raw: 000000000000003f ffff8880447af1d0 00000003ffffffff ffff888030aa6000
[ 77.740617][ T5308] page dumped because: kasan: bad access detected
[ 77.743132][ T5308] page_owner tracks the page as allocated
[ 77.745917][ T5308] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x148c40(GFP_NOFS|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL), pid 5308, tgid 5308 (syz-executor327), ts 77575462155, free_ts 77571932310
[ 77.754581][ T5308] post_alloc_hook+0x1f4/0x240
[ 77.756540][ T5308] get_page_from_freelist+0x365c/0x37a0
[ 77.758550][ T5308] __alloc_frozen_pages_noprof+0x292/0x710
[ 77.760849][ T5308] alloc_pages_mpol+0x311/0x660
[ 77.762673][ T5308] alloc_pages_noprof+0x121/0x190
[ 77.764700][ T5308] folio_alloc_noprof+0x1e/0x30
[ 77.766640][ T5308] filemap_alloc_folio_noprof+0xe1/0x540
[ 77.769437][ T5308] __filemap_get_folio+0x438/0xae0
[ 77.771394][ T5308] bdev_getblk+0x1d4/0x670
[ 77.773132][ T5308] ext4_getblk+0x31b/0x880
[ 77.774962][ T5308] ext4_bread+0x2e/0x180
[ 77.776704][ T5308] ext4_append+0x327/0x5c0
[ 77.778776][ T5308] make_indexed_dir+0x3ff/0x1280
[ 77.781015][ T5308] ext4_add_entry+0xb36/0xd30
[ 77.783226][ T5308] ext4_add_nondir+0x8d/0x290
[ 77.785201][ T5308] ext4_symlink+0xa10/0xda0
[ 77.786891][ T5308] page last free pid 5308 tgid 5308 stack trace:
[ 77.789152][ T5308] free_frozen_pages+0xe0d/0x10e0
[ 77.790953][ T5308] __slab_free+0x2c2/0x380
[ 77.792534][ T5308] qlist_free_all+0x9a/0x140
[ 77.794106][ T5308] kasan_quarantine_reduce+0x14f/0x170
[ 77.796036][ T5308] __kasan_slab_alloc+0x23/0x80
[ 77.798281][ T5308] kmem_cache_alloc_noprof+0x1d9/0x380
[ 77.802195][ T5308] getname_flags+0xb7/0x540
[ 77.804486][ T5308] user_path_at+0x24/0x60
[ 77.806158][ T5308] __se_sys_chdir+0xbc/0x220
[ 77.808118][ T5308] do_syscall_64+0xf3/0x230
[ 77.809739][ T5308] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 77.812090][ T5308]
[ 77.813199][ T5308] Memory state around the buggy address:
[ 77.815478][ T5308] ffff888043f8cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 77.818374][ T5308] ffff888043f8cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 77.821762][ T5308] >ffff888043f8d000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 77.825627][ T5308] ^
[ 77.827446][ T5308] ffff888043f8d080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 77.830455][ T5308] ffff888043f8d100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 77.833647][ T5308] ==================================================================
[ 77.844696][ T5308] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 77.848479][ T5308] CPU: 0 UID: 0 PID: 5308 Comm: syz-executor327 Not tainted 6.14.0-rc5-syzkaller #0
[ 77.852082][ T5308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 77.856416][ T5308] Call Trace:
[ 77.857688][ T5308]
[ 77.859020][ T5308] dump_stack_lvl+0x241/0x360
[ 77.860908][ T5308] ? __pfx_dump_stack_lvl+0x10/0x10
[ 77.863047][ T5308] ? __pfx__printk+0x10/0x10
[ 77.864961][ T5308] ? preempt_schedule+0xe1/0xf0
[ 77.867162][ T5308] ? vscnprintf+0x5d/0x90
[ 77.869511][ T5308] panic+0x349/0x880
[ 77.871441][ T5308] ? check_panic_on_warn+0x21/0xb0
[ 77.873982][ T5308] ? __pfx_panic+0x10/0x10
[ 77.875802][ T5308] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 77.878009][ T5308] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 77.880395][ T5308] ? print_report+0x519/0x5b0
[ 77.882165][ T5308] check_panic_on_warn+0x86/0xb0
[ 77.884073][ T5308] ? ext4_insert_dentry+0x3cd/0x780
[ 77.886015][ T5308] end_report+0x77/0x160
[ 77.887495][ T5308] kasan_report+0x154/0x180
[ 77.889249][ T5308] ? ext4_insert_dentry+0x3cd/0x780
[ 77.891224][ T5308] kasan_check_range+0x282/0x290
[ 77.893193][ T5308] ? ext4_insert_dentry+0x3cd/0x780
[ 77.895428][ T5308] __asan_memcpy+0x40/0x70
[ 77.897537][ T5308] ext4_insert_dentry+0x3cd/0x780
[ 77.899688][ T5308] add_dirent_to_buf+0x315/0x660
[ 77.901524][ T5308] ? __pfx_add_dirent_to_buf+0x10/0x10
[ 77.903468][ T5308] ? __ext4_handle_dirty_metadata+0x30d/0x820
[ 77.905722][ T5308] ? ext4_handle_dirty_dirblock+0xc0/0x350
[ 77.907886][ T5308] make_indexed_dir+0xcaf/0x1280
[ 77.909823][ T5308] ? __pfx_make_indexed_dir+0x10/0x10
[ 77.912441][ T5308] ? add_dirent_to_buf+0x2a7/0x660
[ 77.915338][ T5308] ? add_dirent_to_buf+0x2c5/0x660
[ 77.917712][ T5308] ? __pfx_add_dirent_to_buf+0x10/0x10
[ 77.919645][ T5308] ? __ext4_read_dirblock+0x486/0x790
[ 77.921556][ T5308] ext4_add_entry+0xb36/0xd30
[ 77.923219][ T5308] ? __pfx_ext4_add_entry+0x10/0x10
[ 77.925036][ T5308] ext4_add_nondir+0x8d/0x290
[ 77.926875][ T5308] ? ext4_symlink+0x70c/0xda0
[ 77.928545][ T5308] ext4_symlink+0xa10/0xda0
[ 77.930510][ T5308] ? __pfx_ext4_symlink+0x10/0x10
[ 77.932801][ T5308] ? inode_permission+0xff/0x460
[ 77.935237][ T5308] ? bpf_lsm_inode_symlink+0x9/0x10
[ 77.937811][ T5308] ? security_inode_symlink+0xbe/0x330
[ 77.940014][ T5308] vfs_symlink+0x137/0x2e0
[ 77.941782][ T5308] do_symlinkat+0x222/0x3a0
[ 77.943608][ T5308] ? __pfx_do_symlinkat+0x10/0x10
[ 77.945622][ T5308] ? strncpy_from_user+0x146/0x270
[ 77.947338][ T5308] ? getname_flags+0x1e3/0x540
[ 77.949087][ T5308] __x64_sys_symlink+0x7a/0x90
[ 77.951002][ T5308] do_syscall_64+0xf3/0x230
[ 77.953088][ T5308] ? clear_bhb_loop+0x35/0x90
[ 77.955901][ T5308] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 77.958452][ T5308] RIP: 0033:0x7f010e92a269
[ 77.960285][ T5308] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 77.967335][ T5308] RSP: 002b:00007ffe0c20aaf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[ 77.970320][ T5308] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007f010e92a269
[ 77.973311][ T5308] RDX: 0000000000000000 RSI: 0000400000000cc0 RDI: 0000400000000dc0
[ 77.976464][ T5308] RBP: 0000400000000180 R08: 00007ffe0c20ab30 R09: 00007ffe0c20ab30
[ 77.979824][ T5308] R10: 00007ffe0c20ab30 R11: 0000000000000246 R12: 00007ffe0c20ab1c
[ 77.983281][ T5308] R13: 0000000000000001 R14: 431bde82d7b634db R15: 00007ffe0c20ab50
[ 77.986589][ T5308]
[ 77.987962][ T5308] Kernel Offset: disabled
[ 77.989734][ T5308] Rebooting in 86400 seconds..
VM DIAGNOSIS:
15:37:28 Registers:
info registers vcpu 0
CPU#0
RAX=0000000000000020 RBX=ffffffff9a9960a0 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=0000000000000000 RSP=ffffc9000d276f30
R8 =ffffffff8583ed4b R9 =1ffff11006844046 R10=dffffc0000000000 R11=ffffffff8583ed00
R12=dffffc0000000000 R13=0000000000000020 R14=0000000000000020 R15=00000000000003f8
RIP=ffffffff8583ed7e RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055558c4b1380 ffffffff 00c00000
GS =0000 ffff88801fc00000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f010643f000 CR3=0000000042ff6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000440401 Opmask01=0000000000000001 Opmask02=00000000fff7ffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe0c20ab00 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65723d73726f7272 6500747865003036 36396f7369007265 6c6c616b7a797300
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 40571856574a5757 4000515d40001513 131c4a564c005740 4949444e5f5c5600
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000