Warning: Permanently added '10.128.0.247' (ED25519) to the list of known hosts.
executing program
[ 85.096794][ T5836] ==================================================================
[ 85.104891][ T5836] BUG: KASAN: slab-out-of-bounds in __rb_map_vma+0x9ab/0xae0
[ 85.112311][ T5836] Read of size 8 at addr ffff8880767dd2b8 by task syz-executor187/5836
[ 85.120579][ T5836]
[ 85.122924][ T5836] CPU: 0 UID: 0 PID: 5836 Comm: syz-executor187 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0
[ 85.134051][ T5836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 85.144138][ T5836] Call Trace:
[ 85.147424][ T5836]
[ 85.150381][ T5836] dump_stack_lvl+0x116/0x1f0
[ 85.155084][ T5836] print_report+0xc3/0x620
[ 85.159525][ T5836] ? __virt_addr_valid+0x5e/0x590
[ 85.164576][ T5836] ? __phys_addr+0xc6/0x150
[ 85.169100][ T5836] kasan_report+0xd9/0x110
[ 85.173562][ T5836] ? __rb_map_vma+0x9ab/0xae0
[ 85.178290][ T5836] ? __rb_map_vma+0x9ab/0xae0
[ 85.182996][ T5836] __rb_map_vma+0x9ab/0xae0
[ 85.187542][ T5836] ? __pfx___rb_map_vma+0x10/0x10
[ 85.192590][ T5836] ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 85.198419][ T5836] ring_buffer_map+0x56e/0x9b0
[ 85.203199][ T5836] tracing_buffers_mmap+0xa6/0x120
[ 85.208343][ T5836] __mmap_region+0x1786/0x2670
[ 85.213132][ T5836] ? kernel_text_address+0x8d/0x100
[ 85.218364][ T5836] ? __pfx___mmap_region+0x10/0x10
[ 85.223507][ T5836] ? hlock_class+0x4e/0x130
[ 85.228040][ T5836] ? mark_lock+0xb5/0xc60
[ 85.232427][ T5836] ? cap_mmap_addr+0x53/0x320
[ 85.237141][ T5836] mmap_region+0x127/0x320
[ 85.241595][ T5836] do_mmap+0xc00/0xfc0
[ 85.245681][ T5836] vm_mmap_pgoff+0x1ba/0x360
[ 85.250316][ T5836] ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 85.255468][ T5836] ? __fget_files+0x206/0x3a0
[ 85.260184][ T5836] ksys_mmap_pgoff+0x32c/0x5c0
[ 85.264984][ T5836] ? rcu_is_watching+0x12/0xc0
[ 85.269798][ T5836] __x64_sys_mmap+0x125/0x190
[ 85.274515][ T5836] do_syscall_64+0xcd/0x250
[ 85.279059][ T5836] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.285003][ T5836] RIP: 0033:0x7f3a0489e9f9
[ 85.289456][ T5836] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 85.309076][ T5836] RSP: 002b:00007ffd1dfacbc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 85.317512][ T5836] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3a0489e9f9
[ 85.325497][ T5836] RDX: 0000000000000040 RSI: 0000000000000009 RDI: 0000000000000000
[ 85.333479][ T5836] RBP: 00007f3a049115f0 R08: 0000000000000003 R09: 0000000000008000
[ 85.341542][ T5836] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001
[ 85.349523][ T5836] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001
[ 85.357516][ T5836]
[ 85.360536][ T5836]
[ 85.362870][ T5836] Allocated by task 5836:
[ 85.367195][ T5836] kasan_save_stack+0x33/0x60
[ 85.371886][ T5836] kasan_save_track+0x14/0x30
[ 85.376679][ T5836] __kasan_kmalloc+0xaa/0xb0
[ 85.381283][ T5836] __kmalloc_noprof+0x21a/0x4f0
[ 85.386147][ T5836] ring_buffer_map+0x1e1/0x9b0
[ 85.390916][ T5836] tracing_buffers_mmap+0xa6/0x120
[ 85.396068][ T5836] __mmap_region+0x1786/0x2670
[ 85.400850][ T5836] mmap_region+0x127/0x320
[ 85.405288][ T5836] do_mmap+0xc00/0xfc0
[ 85.409363][ T5836] vm_mmap_pgoff+0x1ba/0x360
[ 85.413969][ T5836] ksys_mmap_pgoff+0x32c/0x5c0
[ 85.418757][ T5836] __x64_sys_mmap+0x125/0x190
[ 85.423469][ T5836] do_syscall_64+0xcd/0x250
[ 85.427985][ T5836] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.433888][ T5836]
[ 85.436210][ T5836] The buggy address belongs to the object at ffff8880767dd280
[ 85.436210][ T5836] which belongs to the cache kmalloc-32 of size 32
[ 85.450099][ T5836] The buggy address is located 32 bytes to the right of
[ 85.450099][ T5836] allocated 24-byte region [ffff8880767dd280, ffff8880767dd298)
[ 85.464609][ T5836]
[ 85.466939][ T5836] The buggy address belongs to the physical page:
[ 85.473373][ T5836] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x767dd
[ 85.482141][ T5836] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 85.489270][ T5836] page_type: f5(slab)
[ 85.493270][ T5836] raw: 00fff00000000000 ffff88801ac41780 dead000000000122 0000000000000000
[ 85.501948][ T5836] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000
[ 85.510541][ T5836] page dumped because: kasan: bad access detected
[ 85.517081][ T5836] page_owner tracks the page as allocated
[ 85.522791][ T5836] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP), pid 5833, tgid 5833 (sshd), ts 84990303308, free_ts 79508073557
[ 85.540268][ T5836] post_alloc_hook+0x2d1/0x350
[ 85.545049][ T5836] get_page_from_freelist+0xfce/0x2f80
[ 85.550532][ T5836] __alloc_pages_noprof+0x223/0x25b0
[ 85.555845][ T5836] alloc_pages_mpol_noprof+0x2c9/0x610
[ 85.561432][ T5836] new_slab+0x2c9/0x410
[ 85.565599][ T5836] ___slab_alloc+0xce2/0x1650
[ 85.570296][ T5836] __slab_alloc.constprop.0+0x56/0xb0
[ 85.575777][ T5836] __kmalloc_cache_noprof+0xf6/0x420
[ 85.581087][ T5836] kmem_cache_free+0x2ef/0x4c0
[ 85.585869][ T5836] fput+0x3ad/0x440
[ 85.589695][ T5836] path_openat+0xec1/0x2d60
[ 85.594225][ T5836] do_filp_open+0x20c/0x470
[ 85.598742][ T5836] do_sys_openat2+0x17a/0x1e0
[ 85.603458][ T5836] __x64_sys_openat+0x175/0x210
[ 85.608338][ T5836] do_syscall_64+0xcd/0x250
[ 85.612852][ T5836] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.618773][ T5836] page last free pid 5832 tgid 5832 stack trace:
[ 85.625104][ T5836] free_unref_page+0x661/0x1080
[ 85.629966][ T5836] __folio_put+0x32a/0x450
[ 85.634403][ T5836] put_page+0x21e/0x280
[ 85.638571][ T5836] anon_pipe_buf_release+0x11a/0x240
[ 85.643884][ T5836] pipe_read+0x641/0x13f0
[ 85.648221][ T5836] vfs_read+0xa4c/0xbe0
[ 85.652399][ T5836] ksys_read+0x207/0x250
[ 85.656666][ T5836] do_syscall_64+0xcd/0x250
[ 85.661196][ T5836] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.667122][ T5836]
[ 85.669443][ T5836] Memory state around the buggy address:
[ 85.675073][ T5836] ffff8880767dd180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[ 85.683136][ T5836] ffff8880767dd200: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc
[ 85.691223][ T5836] >ffff8880767dd280: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 85.699294][ T5836] ^
[ 85.705199][ T5836] ffff8880767dd300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 85.713268][ T5836] ffff8880767dd380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 85.721329][ T5836] ==================================================================
[ 85.729689][ T5836] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 85.736914][ T5836] CPU: 0 UID: 0 PID: 5836 Comm: syz-executor187 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0
[ 85.748059][ T5836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 85.758163][ T5836] Call Trace:
[ 85.761483][ T5836]
[ 85.764449][ T5836] dump_stack_lvl+0x3d/0x1f0
[ 85.769068][ T5836] panic+0x71d/0x800
[ 85.773033][ T5836] ? __pfx_panic+0x10/0x10
[ 85.777478][ T5836] ? irqentry_exit+0x3b/0x90
[ 85.782105][ T5836] ? lockdep_hardirqs_on+0x7c/0x110
[ 85.787342][ T5836] ? preempt_schedule_thunk+0x1a/0x30
[ 85.792738][ T5836] ? preempt_schedule_common+0x44/0xc0
[ 85.798320][ T5836] ? check_panic_on_warn+0x1f/0xb0
[ 85.803464][ T5836] check_panic_on_warn+0xab/0xb0
[ 85.808434][ T5836] end_report+0x117/0x180
[ 85.812814][ T5836] kasan_report+0xe9/0x110
[ 85.817256][ T5836] ? __rb_map_vma+0x9ab/0xae0
[ 85.821960][ T5836] ? __rb_map_vma+0x9ab/0xae0
[ 85.826673][ T5836] __rb_map_vma+0x9ab/0xae0
[ 85.831234][ T5836] ? __pfx___rb_map_vma+0x10/0x10
[ 85.836311][ T5836] ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 85.842159][ T5836] ring_buffer_map+0x56e/0x9b0
[ 85.846980][ T5836] tracing_buffers_mmap+0xa6/0x120
[ 85.852149][ T5836] __mmap_region+0x1786/0x2670
[ 85.856959][ T5836] ? kernel_text_address+0x8d/0x100
[ 85.862205][ T5836] ? __pfx___mmap_region+0x10/0x10
[ 85.867356][ T5836] ? hlock_class+0x4e/0x130
[ 85.871887][ T5836] ? mark_lock+0xb5/0xc60
[ 85.876301][ T5836] ? cap_mmap_addr+0x53/0x320
[ 85.881011][ T5836] mmap_region+0x127/0x320
[ 85.885456][ T5836] do_mmap+0xc00/0xfc0
[ 85.889564][ T5836] vm_mmap_pgoff+0x1ba/0x360
[ 85.894192][ T5836] ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 85.899341][ T5836] ? __fget_files+0x206/0x3a0
[ 85.904049][ T5836] ksys_mmap_pgoff+0x32c/0x5c0
[ 85.908838][ T5836] ? rcu_is_watching+0x12/0xc0
[ 85.913634][ T5836] __x64_sys_mmap+0x125/0x190
[ 85.918336][ T5836] do_syscall_64+0xcd/0x250
[ 85.922883][ T5836] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.928823][ T5836] RIP: 0033:0x7f3a0489e9f9
[ 85.933254][ T5836] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 85.952882][ T5836] RSP: 002b:00007ffd1dfacbc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 85.961315][ T5836] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3a0489e9f9
[ 85.969305][ T5836] RDX: 0000000000000040 RSI: 0000000000000009 RDI: 0000000000000000
[ 85.977290][ T5836] RBP: 00007f3a049115f0 R08: 0000000000000003 R09: 0000000000008000
[ 85.985275][ T5836] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001
[ 85.993259][ T5836] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001
[ 86.001262][ T5836]
[ 86.004621][ T5836] Kernel Offset: disabled
[ 86.008956][ T5836] Rebooting in 86400 seconds..