Warning: Permanently added '10.128.1.172' (ED25519) to the list of known hosts.
2024/10/03 02:15:59 ignoring optional flag "sandboxArg"="0"
2024/10/03 02:15:59 parsed 1 programs
[   49.544354] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
2024/10/03 02:16:02 executed programs: 0
[   53.636124] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[   53.642658] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   53.650948] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b002c118, mo2=0002]
[   53.658273] System zones: 1-12
[   53.662318] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2193: inode #15: comm syz.0.15: corrupted in-inode xattr
[   53.673564] EXT4-fs error (device loop0): ext4_orphan_get:1232: comm syz.0.15: couldn't read orphan inode 15 (err -117)
[   53.685222] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,data_err=abort,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,debug,,errors=continue
[   53.705609] EXT4-fs warning (device loop0): dx_probe:754: inode #2: comm syz.0.15: Unrecognised inode hash code 4
[   53.716040] EXT4-fs warning (device loop0): dx_probe:865: inode #2: comm syz.0.15: Corrupt directory, running e2fsck is recommended
[   53.728025] EXT4-fs error (device loop0): ext4_readdir:237: inode #2: block 255: comm syz.0.15: path (unknown): bad entry in directory: directory entry overrun - offset=1023, inode=1768316672, rec_len=30072, name_len=112, size=1024
[   53.838284] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[   53.844913] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   53.852785] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b002c118, mo2=0002]
[   53.860318] System zones: 1-12
[   53.863941] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2193: inode #15: comm syz.0.16: corrupted in-inode xattr
[   53.875557] EXT4-fs error (device loop0): ext4_orphan_get:1232: comm syz.0.16: couldn't read orphan inode 15 (err -117)
[   53.886670] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,data_err=abort,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,debug,,errors=continue
[   53.906444] EXT4-fs warning (device loop0): dx_probe:754: inode #2: comm syz.0.16: Unrecognised inode hash code 4
[   53.916895] EXT4-fs warning (device loop0): dx_probe:865: inode #2: comm syz.0.16: Corrupt directory, running e2fsck is recommended
[   53.928927] EXT4-fs error (device loop0): ext4_readdir:237: inode #2: block 255: comm syz.0.16: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=1023, inode=0, rec_len=0, name_len=0, size=1024
[   54.001279] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[   54.007761] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   54.015696] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b002c118, mo2=0002]
[   54.022909] System zones: 1-12
[   54.026851] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2193: inode #15: comm syz.0.17: corrupted in-inode xattr
[   54.038228] EXT4-fs error (device loop0): ext4_orphan_get:1232: comm syz.0.17: couldn't read orphan inode 15 (err -117)
[   54.049470] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,data_err=abort,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,debug,,errors=continue
[   54.069298] EXT4-fs warning (device loop0): dx_probe:754: inode #2: comm syz.0.17: Unrecognised inode hash code 4
[   54.079745] EXT4-fs warning (device loop0): dx_probe:865: inode #2: comm syz.0.17: Corrupt directory, running e2fsck is recommended
[   54.091757] EXT4-fs error (device loop0): ext4_readdir:237: inode #2: block 255: comm syz.0.17: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=1023, inode=0, rec_len=0, name_len=0, size=1024
[   54.197815] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[   54.204266] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   54.212181] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b002c118, mo2=0002]
[   54.219456] System zones: 1-12
[   54.223045] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2193: inode #15: comm syz.0.18: corrupted in-inode xattr
[   54.234294] EXT4-fs error (device loop0): ext4_orphan_get:1232: comm syz.0.18: couldn't read orphan inode 15 (err -117)
[   54.245519] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,data_err=abort,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,debug,,errors=continue
[   54.265664] EXT4-fs warning (device loop0): dx_probe:754: inode #2: comm syz.0.18: Unrecognised inode hash code 4
[   54.276100] EXT4-fs warning (device loop0): dx_probe:865: inode #2: comm syz.0.18: Corrupt directory, running e2fsck is recommended
[   54.288111] EXT4-fs error (device loop0): ext4_readdir:237: inode #2: block 255: comm syz.0.18: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=1023, inode=0, rec_len=0, name_len=0, size=1024
[   54.395902] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[   54.402470] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   54.410398] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b002c118, mo2=0002]
[   54.417625] System zones: 1-12
[   54.421305] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2193: inode #15: comm syz.0.19: corrupted in-inode xattr
[   54.432599] EXT4-fs error (device loop0): ext4_orphan_get:1232: comm syz.0.19: couldn't read orphan inode 15 (err -117)
[   54.443710] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,data_err=abort,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,debug,,errors=continue
[   54.464011] EXT4-fs warning (device loop0): dx_probe:754: inode #2: comm syz.0.19: Unrecognised inode hash code 4
[   54.474814] EXT4-fs warning (device loop0): dx_probe:865: inode #2: comm syz.0.19: Corrupt directory, running e2fsck is recommended
[   54.487195] ==================================================================
[   54.494642] BUG: KASAN: use-after-free in __ext4_check_dir_entry+0x2bc/0x390
[   54.501801] Read of size 2 at addr ffff8801dd7f0003 by task syz.0.19/3115
[   54.508693] 
[   54.510303] CPU: 0 PID: 3115 Comm: syz.0.19 Not tainted 4.19.0-syzkaller #0
[   54.517370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   54.526695] Call Trace:
[   54.529275]  dump_stack+0x10c/0x17a
[   54.532891]  print_address_description.cold.6+0x9/0x244
[   54.538224]  kasan_report.cold.7+0x242/0x305
[   54.542601]  ? __ext4_check_dir_entry+0x2bc/0x390
[   54.547410]  __asan_report_load2_noabort+0x14/0x20
[   54.552318]  __ext4_check_dir_entry+0x2bc/0x390
[   54.557048]  ext4_readdir+0x62d/0x2be0
[   54.560911]  ? __mutex_lock+0x623/0xd80
[   54.564943]  ? __fdget_pos+0xa7/0xd0
[   54.568629]  ? __ext4_check_dir_entry+0x390/0x390
[   54.573455]  ? lock_acquire+0x177/0x310
[   54.577438]  ? iterate_dir+0xb3/0x5f0
[   54.581229]  iterate_dir+0x3ad/0x5f0
[   54.584935]  ksys_getdents64+0x102/0x1d0
[   54.588971]  ? lock_downgrade+0x590/0x590
[   54.593087]  ? __ia32_sys_getdents+0xa0/0xa0
[   54.597464]  ? filldir+0x450/0x450
[   54.600974]  ? vtime_user_exit+0xe9/0x190
[   54.605087]  __x64_sys_getdents64+0x6e/0xb0
[   54.609377]  do_syscall_64+0xd0/0x340
[   54.613144]  ? prepare_exit_to_usermode+0xec/0x130
[   54.618042]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   54.623211] RIP: 0033:0x7f8d47052ff9
[   54.626897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.645768] RSP: 002b:00007f8d46ad4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   54.653650] RAX: ffffffffffffffda RBX: 00007f8d4720af80 RCX: 00007f8d47052ff9
[   54.660892] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000005
[   54.668134] RBP: 00007f8d470c5296 R08: 0000000000000000 R09: 0000000000000000
[   54.675373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   54.682612] R13: 0000000000000000 R14: 00007f8d4720af80 R15: 00007fff9ab68be8
[   54.689860] 
[   54.691456] The buggy address belongs to the page:
[   54.696354] page:ffffea000775fc00 count:0 mapcount:0 mapping:0000000000000000 index:0x1
[   54.704471] flags: 0x200000000000000()
[   54.708632] raw: 0200000000000000 ffffea000775fa48 ffffea000775ff88 0000000000000000
[   54.716481] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   54.724333] page dumped because: kasan: bad access detected
[   54.730033] page_owner info is not active (free page?)
[   54.735295] 
[   54.736892] Memory state around the buggy address:
[   54.741994]  ffff8801dd7eff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   54.749323]  ffff8801dd7eff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   54.756648] >ffff8801dd7f0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   54.763991]                    ^
[   54.767324]  ffff8801dd7f0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   54.774650]  ffff8801dd7f0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   54.781989] ==================================================================
[   54.789328] Disabling lock debugging due to kernel taint
[   54.794809] Kernel panic - not syncing: panic_on_warn set ...
[   54.794809] 
[   54.802361] Kernel Offset: disabled
[   54.805971] Rebooting in 86400 seconds..