Warning: Permanently added '10.128.0.86' (ED25519) to the list of known hosts.
executing program
[   57.959802][ T5083] loop0: detected capacity change from 0 to 32768
[   57.995099][ T5083] find_entry called with index >= next_index
[   58.005985][ T5083] ==================================================================
[   58.014057][ T5083] BUG: KASAN: slab-out-of-bounds in diWrite+0xde3/0x19b0
[   58.021073][ T5083] Write of size 32 at addr ffff888077428180 by task syz-executor145/5083
[   58.029457][ T5083] 
[   58.031772][ T5083] CPU: 0 PID: 5083 Comm: syz-executor145 Not tainted 6.10.0-syzkaller-10729-g3c3ff7be9729 #0
[   58.041894][ T5083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   58.051936][ T5083] Call Trace:
[   58.055195][ T5083]  <TASK>
[   58.058112][ T5083]  dump_stack_lvl+0x241/0x360
[   58.062778][ T5083]  ? __pfx_dump_stack_lvl+0x10/0x10
[   58.067952][ T5083]  ? __pfx__printk+0x10/0x10
[   58.072521][ T5083]  ? _printk+0xd5/0x120
[   58.076656][ T5083]  ? __virt_addr_valid+0x183/0x530
[   58.081753][ T5083]  ? __virt_addr_valid+0x183/0x530
[   58.086843][ T5083]  print_report+0x169/0x550
[   58.091324][ T5083]  ? __virt_addr_valid+0x183/0x530
[   58.096411][ T5083]  ? __virt_addr_valid+0x183/0x530
[   58.101506][ T5083]  ? __virt_addr_valid+0x45f/0x530
[   58.106595][ T5083]  ? __phys_addr+0xba/0x170
[   58.111076][ T5083]  ? diWrite+0xde3/0x19b0
[   58.115379][ T5083]  kasan_report+0x143/0x180
[   58.119860][ T5083]  ? diWrite+0xde3/0x19b0
[   58.124164][ T5083]  kasan_check_range+0x282/0x290
[   58.129079][ T5083]  ? diWrite+0xde3/0x19b0
[   58.133380][ T5083]  __asan_memcpy+0x40/0x70
[   58.137770][ T5083]  diWrite+0xde3/0x19b0
[   58.141949][ T5083]  txCommit+0xa1a/0x6a20
[   58.146170][ T5083]  ? add_index+0x34c/0x1620
[   58.150657][ T5083]  ? __pfx_add_index+0x10/0x10
[   58.155413][ T5083]  ? __pfx_txCommit+0x10/0x10
[   58.160073][ T5083]  ? rcu_is_watching+0x15/0xb0
[   58.164812][ T5083]  ? __mark_inode_dirty+0x41c/0xe20
[   58.169988][ T5083]  jfs_readdir+0x28e9/0x4660
[   58.174555][ T5083]  ? mark_lock+0x9a/0x350
[   58.178866][ T5083]  ? __pfx_jfs_readdir+0x10/0x10
[   58.183781][ T5083]  ? __pfx_lock_acquire+0x10/0x10
[   58.188787][ T5083]  ? down_write+0x18c/0x220
[   58.193267][ T5083]  ? __pfx_down_write+0x10/0x10
[   58.198091][ T5083]  ? __pfx___mutex_lock+0x10/0x10
[   58.203094][ T5083]  ? __pfx_jfs_readdir+0x10/0x10
[   58.208006][ T5083]  wrap_directory_iterator+0x94/0xe0
[   58.213268][ T5083]  iterate_dir+0x57a/0x810
[   58.217666][ T5083]  __se_sys_getdents64+0x20d/0x4f0
[   58.222755][ T5083]  ? __pfx___se_sys_getdents64+0x10/0x10
[   58.228361][ T5083]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   58.234317][ T5083]  ? __pfx_filldir64+0x10/0x10
[   58.239056][ T5083]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   58.245356][ T5083]  ? do_syscall_64+0x100/0x230
[   58.250094][ T5083]  ? do_syscall_64+0xb6/0x230
[   58.254745][ T5083]  do_syscall_64+0xf3/0x230
[   58.259223][ T5083]  ? clear_bhb_loop+0x35/0x90
[   58.263876][ T5083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.269755][ T5083] RIP: 0033:0x7fdead60a289
[   58.274159][ T5083] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   58.293739][ T5083] RSP: 002b:00007ffd6acb0138 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   58.302127][ T5083] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fdead60a289
[   58.310161][ T5083] RDX: 0000000000001000 RSI: 0000000020000840 RDI: 0000000000000005
[   58.318107][ T5083] RBP: 0000000000000000 R08: 00007ffd6acb0190 R09: 00007ffd6acb0190
[   58.326058][ T5083] R10: 00007ffd6acb0190 R11: 0000000000000246 R12: 00007ffd6acb0190
[   58.334002][ T5083] R13: 00007ffd6acb0270 R14: 431bde82d7b634db R15: 00007fdead65301d
[   58.341953][ T5083]  </TASK>
[   58.344949][ T5083] 
[   58.347249][ T5083] Allocated by task 5076:
[   58.351547][ T5083]  kasan_save_track+0x3f/0x80
[   58.356200][ T5083]  __kasan_slab_alloc+0x66/0x80
[   58.361025][ T5083]  kmem_cache_alloc_bulk_noprof+0x4cd/0x770
[   58.366900][ T5083]  mas_alloc_nodes+0x3d5/0x840
[   58.371640][ T5083]  mas_preallocate+0xfca/0x1730
[   58.376464][ T5083]  __split_vma+0x2e5/0xc30
[   58.380856][ T5083]  vma_modify+0x268/0x350
[   58.385160][ T5083]  mprotect_fixup+0x3ea/0xa90
[   58.389824][ T5083]  do_mprotect_pkey+0x908/0xe00
[   58.394652][ T5083]  __x64_sys_mprotect+0x80/0x90
[   58.399478][ T5083]  do_syscall_64+0xf3/0x230
[   58.403953][ T5083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.409820][ T5083] 
[   58.412119][ T5083] Freed by task 0:
[   58.415809][ T5083]  kasan_save_track+0x3f/0x80
[   58.420461][ T5083]  kasan_save_free_info+0x40/0x50
[   58.425455][ T5083]  poison_slab_object+0xe0/0x150
[   58.430373][ T5083]  __kasan_slab_free+0x37/0x60
[   58.435111][ T5083]  kmem_cache_free+0x145/0x350
[   58.439845][ T5083]  rcu_core+0xafd/0x1830
[   58.444071][ T5083]  handle_softirqs+0x2c4/0x970
[   58.448810][ T5083]  __irq_exit_rcu+0xf4/0x1c0
[   58.453372][ T5083]  irq_exit_rcu+0x9/0x30
[   58.457586][ T5083]  sysvec_apic_timer_interrupt+0xa6/0xc0
[   58.463193][ T5083]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   58.469148][ T5083] 
[   58.471448][ T5083] Last potentially related work creation:
[   58.477133][ T5083]  kasan_save_stack+0x3f/0x60
[   58.481790][ T5083]  __kasan_record_aux_stack+0xac/0xc0
[   58.487133][ T5083]  call_rcu+0x167/0xa70
[   58.491290][ T5083]  mas_wmb_replace+0x143a/0x2810
[   58.496199][ T5083]  mas_commit_b_node+0x13b2/0x2440
[   58.501282][ T5083]  mas_wr_modify+0x72e/0x2830
[   58.505935][ T5083]  mas_store_prealloc+0x278/0x5f0
[   58.510933][ T5083]  vma_complete+0x21d/0xb60
[   58.515415][ T5083]  __split_vma+0xaca/0xc30
[   58.519807][ T5083]  vma_modify+0x268/0x350
[   58.524107][ T5083]  mprotect_fixup+0x3ea/0xa90
[   58.528760][ T5083]  do_mprotect_pkey+0x908/0xe00
[   58.533586][ T5083]  __x64_sys_mprotect+0x80/0x90
[   58.538410][ T5083]  do_syscall_64+0xf3/0x230
[   58.542886][ T5083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.548759][ T5083] 
[   58.551067][ T5083] The buggy address belongs to the object at ffff888077428000
[   58.551067][ T5083]  which belongs to the cache maple_node of size 256
[   58.565008][ T5083] The buggy address is located 128 bytes to the right of
[   58.565008][ T5083]  allocated 256-byte region [ffff888077428000, ffff888077428100)
[   58.579731][ T5083] 
[   58.582030][ T5083] The buggy address belongs to the physical page:
[   58.588418][ T5083] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x77428
[   58.597175][ T5083] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   58.605654][ T5083] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[   58.613179][ T5083] page_type: 0xffffefff(slab)
[   58.617835][ T5083] raw: 00fff00000000040 ffff888015091000 dead000000000122 0000000000000000
[   58.626394][ T5083] raw: 0000000000000000 0000000000100010 00000001ffffefff 0000000000000000
[   58.634949][ T5083] head: 00fff00000000040 ffff888015091000 dead000000000122 0000000000000000
[   58.643592][ T5083] head: 0000000000000000 0000000000100010 00000001ffffefff 0000000000000000
[   58.652255][ T5083] head: 00fff00000000001 ffffea0001dd0a01 ffffffffffffffff 0000000000000000
[   58.660897][ T5083] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[   58.669535][ T5083] page dumped because: kasan: bad access detected
[   58.675929][ T5083] page_owner tracks the page as allocated
[   58.681620][ T5083] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5076, tgid 5076 (sshd), ts 51766055028, free_ts 49226447608
[   58.702268][ T5083]  post_alloc_hook+0x1f3/0x230
[   58.707026][ T5083]  get_page_from_freelist+0x2e4c/0x2f10
[   58.712547][ T5083]  __alloc_pages_noprof+0x256/0x6c0
[   58.717716][ T5083]  alloc_slab_page+0x5f/0x120
[   58.722368][ T5083]  allocate_slab+0x5a/0x2f0
[   58.726844][ T5083]  ___slab_alloc+0xcd1/0x14b0
[   58.731495][ T5083]  kmem_cache_alloc_bulk_noprof+0x202/0x770
[   58.737366][ T5083]  mas_alloc_nodes+0x3d5/0x840
[   58.742109][ T5083]  mas_preallocate+0xfca/0x1730
[   58.746964][ T5083]  __split_vma+0x2e5/0xc30
[   58.751354][ T5083]  vma_modify+0x268/0x350
[   58.755656][ T5083]  mprotect_fixup+0x3ea/0xa90
[   58.760328][ T5083]  do_mprotect_pkey+0x908/0xe00
[   58.765182][ T5083]  __x64_sys_mprotect+0x80/0x90
[   58.770008][ T5083]  do_syscall_64+0xf3/0x230
[   58.774482][ T5083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.780356][ T5083] page last free pid 4940 tgid 4940 stack trace:
[   58.786674][ T5083]  free_unref_page+0xd19/0xea0
[   58.791432][ T5083]  __folio_put+0x3b9/0x620
[   58.795829][ T5083]  pipe_read+0x6f2/0x13e0
[   58.800139][ T5083]  vfs_read+0x9bd/0xbc0
[   58.804272][ T5083]  ksys_read+0x1a0/0x2c0
[   58.808497][ T5083]  do_syscall_64+0xf3/0x230
[   58.812981][ T5083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.818855][ T5083] 
[   58.821157][ T5083] Memory state around the buggy address:
[   58.826756][ T5083]  ffff888077428080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   58.834795][ T5083]  ffff888077428100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   58.842829][ T5083] >ffff888077428180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   58.850862][ T5083]                    ^
[   58.854900][ T5083]  ffff888077428200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   58.862931][ T5083]  ffff888077428280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   58.870961][ T5083] ==================================================================
[   58.879565][ T5083] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   58.886775][ T5083] CPU: 0 PID: 5083 Comm: syz-executor145 Not tainted 6.10.0-syzkaller-10729-g3c3ff7be9729 #0
[   58.896910][ T5083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   58.906954][ T5083] Call Trace:
[   58.910220][ T5083]  <TASK>
[   58.913137][ T5083]  dump_stack_lvl+0x241/0x360
[   58.917811][ T5083]  ? __pfx_dump_stack_lvl+0x10/0x10
[   58.923000][ T5083]  ? __pfx__printk+0x10/0x10
[   58.927582][ T5083]  ? preempt_schedule+0xe1/0xf0
[   58.932421][ T5083]  ? vscnprintf+0x5d/0x90
[   58.936738][ T5083]  panic+0x349/0x860
[   58.940623][ T5083]  ? check_panic_on_warn+0x21/0xb0
[   58.945723][ T5083]  ? __pfx_panic+0x10/0x10
[   58.950128][ T5083]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   58.956091][ T5083]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   58.962401][ T5083]  ? print_report+0x502/0x550
[   58.967069][ T5083]  check_panic_on_warn+0x86/0xb0
[   58.971999][ T5083]  ? diWrite+0xde3/0x19b0
[   58.976312][ T5083]  end_report+0x77/0x160
[   58.980544][ T5083]  kasan_report+0x154/0x180
[   58.985079][ T5083]  ? diWrite+0xde3/0x19b0
[   58.989398][ T5083]  kasan_check_range+0x282/0x290
[   58.994324][ T5083]  ? diWrite+0xde3/0x19b0
[   58.998640][ T5083]  __asan_memcpy+0x40/0x70
[   59.003047][ T5083]  diWrite+0xde3/0x19b0
[   59.007199][ T5083]  txCommit+0xa1a/0x6a20
[   59.011429][ T5083]  ? add_index+0x34c/0x1620
[   59.015925][ T5083]  ? __pfx_add_index+0x10/0x10
[   59.020686][ T5083]  ? __pfx_txCommit+0x10/0x10
[   59.025350][ T5083]  ? rcu_is_watching+0x15/0xb0
[   59.030103][ T5083]  ? __mark_inode_dirty+0x41c/0xe20
[   59.035303][ T5083]  jfs_readdir+0x28e9/0x4660
[   59.039879][ T5083]  ? mark_lock+0x9a/0x350
[   59.044206][ T5083]  ? __pfx_jfs_readdir+0x10/0x10
[   59.049132][ T5083]  ? __pfx_lock_acquire+0x10/0x10
[   59.054160][ T5083]  ? down_write+0x18c/0x220
[   59.058651][ T5083]  ? __pfx_down_write+0x10/0x10
[   59.063494][ T5083]  ? __pfx___mutex_lock+0x10/0x10
[   59.068515][ T5083]  ? __pfx_jfs_readdir+0x10/0x10
[   59.073448][ T5083]  wrap_directory_iterator+0x94/0xe0
[   59.078722][ T5083]  iterate_dir+0x57a/0x810
[   59.083127][ T5083]  __se_sys_getdents64+0x20d/0x4f0
[   59.088229][ T5083]  ? __pfx___se_sys_getdents64+0x10/0x10
[   59.093847][ T5083]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   59.099812][ T5083]  ? __pfx_filldir64+0x10/0x10
[   59.104565][ T5083]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   59.110879][ T5083]  ? do_syscall_64+0x100/0x230
[   59.115628][ T5083]  ? do_syscall_64+0xb6/0x230
[   59.120299][ T5083]  do_syscall_64+0xf3/0x230
[   59.124788][ T5083]  ? clear_bhb_loop+0x35/0x90
[   59.129451][ T5083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.135328][ T5083] RIP: 0033:0x7fdead60a289
[   59.139737][ T5083] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   59.159336][ T5083] RSP: 002b:00007ffd6acb0138 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   59.167739][ T5083] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fdead60a289
[   59.175697][ T5083] RDX: 0000000000001000 RSI: 0000000020000840 RDI: 0000000000000005
[   59.183654][ T5083] RBP: 0000000000000000 R08: 00007ffd6acb0190 R09: 00007ffd6acb0190
[   59.191610][ T5083] R10: 00007ffd6acb0190 R11: 0000000000000246 R12: 00007ffd6acb0190
[   59.199566][ T5083] R13: 00007ffd6acb0270 R14: 431bde82d7b634db R15: 00007fdead65301d
[   59.207530][ T5083]  </TASK>
[   59.210639][ T5083] Kernel Offset: disabled
[   59.214950][ T5083] Rebooting in 86400 seconds..