program:
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000280)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x800700, &(0x7f0000000880)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@nogrpid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@sysvgroups}, {@usrjquota}]}, 0x3, 0x467, &(0x7f0000002280)="$eJzs3M9rHFUcAPDvzCb93SbWKrRWjRYx+CNp0qo9eFEUPFQU9FCPcZOW0m0jTQRbio0i9SJIQc/iUfAv8OZF1JPgVe9SKBqEVk+R2Z1JN9vdZNNsdmv384Fp39t5M/O+O+/tvJm3mwD61kj2TxKxKyJ+i4ihWnZlgZHafzcXL5X/WbxUTmJp6a0/k2q5G4uXykXRYrudeWY0jUg/SfKDxNb63c5duHhmqlKZOZ/nx+fPvjc+d+His6fPTp2aOTVzbvLYsaNHJl54fvK5tuJI1lifxXXjwIezB/e/9s7V18snrr7707fZNrvy9fVxdMpIFvhfS1WN657o9MF6bHddOhnoYUVYl1JEZKdrsNr/h6IUt07eULz6cU8rB2yq7Nq0tfXqhSXgHpbE2mX+7kZFgC4rLvTZ/W+xdGnocVe4/lLtBiiL+2a+1NYMRJqXGWy4v+2kkYg4sfDvV9kSm/QcAgCg3mflL4/HM83Gf2k8WFduTz6HMhwR90XE3oi4PyL2RcQDEVnZxiFlW0Ya8rePf9JrdxhaW7Lx34v53NbK8V8x+ovhUp7bXY1/MDl5ujJzOH9PRmNwa5afWOUY37/y6+et1tWP/7IlO34xFszrcW2g4QHd9NT8VHVQ2gHXP4o4MNAs/mR5JiCJiP0RcWB9u95TJE4/9c3B7QebF1o7/lV0YJ5p6euIJ2vnfyEa4i8kq89Pjm+Lyszh8aJV3O7nX6682er4LeLfsvHI2pOd/x0r239jkeGkfr52bv3HuPL7py3vae60/W9J3q6el+KN+mBqfv78RMSW5Hg1v+L1yVvbFvmifBb/6KHm/X9vvk12nIciImvCD0fEIxHxaF73xyLi8Yg4tEr8P76cJ5q01w21/w7I4p9u+vm33P4bzv/6E6UzP3xX7GzbuuPPzv/Ramo0f6X6+beGdiu40fcPAAAA/g/S6nfgk3RsOZ2mY2O17/Dvix1pZXZu/umTs++fm659V344BtPiSddQ3fPQiWQh32MtP5k/Ky7WH8mfG39R2l7Nj5VnK9M9jh363c4W/T/zR6nXtQM2XbN5tMmuTUEBvdTY/9OV2ctvdLMyQFf5vTb0rzX6f9qtegDd5/oP/atZ/7/ckDcXAPcm13/oX/o/9C/9H/qX/g99aSO/65fo50Sklcr0tojVCxd/EOjuqLNE+4lefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xn8BAAD///xQ9VA=")
chdir(&(0x7f0000000140)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='net_prio.prioidx\x00', 0x275a, 0x0) (async)
mkdir(&(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x5)
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) (async)
symlink(&(0x7f0000000dc0)='./file0\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000240), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) (async)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x42, 0x0)
write$binfmt_elf64(r1, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{0x0, 0x0, 0x0, 0xfffffffffffffffc}]}, 0x78) (async)
io_uring_enter(r1, 0x5d64, 0x2552, 0x5, &(0x7f0000000200)={[0x3]}, 0x8) (async)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f00000001c0)='./bus\x00', 0x0, 0x1000, 0x0) (async)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file5\x00', 0x100, 0x7) (async)
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x8000003d) (async)
fcntl$setsig(r3, 0xa, 0x21) (async)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x4000, 0x0) (async)
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x6b142, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000a40)='./file5\x00', 0x2) (async)
write$sequencer(r0, &(0x7f00000004c0)=[@generic], 0x1)
creat(&(0x7f0000000a80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x19a)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x88, 0x0, 0x0, 0x0, 0x0, 0x10, "ef359f413bb93852f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aa429e4b78c660e677df701908b9aaa300", "036c47c6780820d1cbe78969e3fdcf335263bdbcef549ba197fce41584505b6cd8c623ce721b6ae9b49600002a000000000000000000000000000000004000", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00"})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_AGEING_TIME={0x8, 0x4, 0x5}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x0) (async)
write$binfmt_script(r0, &(0x7f0000000140), 0x4)
[ 69.889456][ T4673] Bluetooth: hci0: command tx timeout
[ 70.150594][ T5337] loop0: detected capacity change from 0 to 512
[ 70.250891][ T5337] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.0: corrupted in-inode xattr: invalid ea_ino
[ 70.275407][ T5337] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.0: couldn't read orphan inode 15 (err -117)
[ 70.285374][ T5337] EXT4-fs (loop0): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 70.312486][ T5337] ==================================================================
[ 70.335874][ T5337] BUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0
[ 70.340062][ T5337] Write of size 247 at addr ffff88804c563f18 by task syz.0.0/5337
[ 70.343966][ T5337]
[ 70.349708][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[ 70.358800][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 70.369366][ T5337] Call Trace:
[ 70.370978][ T5337]
[ 70.372367][ T5337] dump_stack_lvl+0x241/0x360
[ 70.375146][ T5337] ? __pfx_dump_stack_lvl+0x10/0x10
[ 70.379790][ T5337] ? __pfx__printk+0x10/0x10
[ 70.383953][ T5337] ? _printk+0xd5/0x120
[ 70.391284][ T5337] ? __virt_addr_valid+0x183/0x530
[ 70.393650][ T5337] ? __virt_addr_valid+0x183/0x530
[ 70.395884][ T5337] print_report+0x169/0x550
[ 70.397723][ T5337] ? __virt_addr_valid+0x183/0x530
[ 70.399766][ T5337] ? __virt_addr_valid+0x183/0x530
[ 70.413378][ T5337] ? __virt_addr_valid+0x45f/0x530
[ 70.416316][ T5337] ? __phys_addr+0xba/0x170
[ 70.431538][ T5337] ? ext4_insert_dentry+0x36a/0x6d0
[ 70.434591][ T5337] kasan_report+0x143/0x180
[ 70.437333][ T5337] ? ext4_insert_dentry+0x36a/0x6d0
[ 70.440877][ T5337] kasan_check_range+0x282/0x290
[ 70.443917][ T5337] ? ext4_insert_dentry+0x36a/0x6d0
[ 70.449848][ T5337] __asan_memcpy+0x40/0x70
[ 70.453491][ T5337] ext4_insert_dentry+0x36a/0x6d0
[ 70.455512][ T5337] add_dirent_to_buf+0x3d9/0x750
[ 70.457572][ T5337] ? __pfx_add_dirent_to_buf+0x10/0x10
[ 70.459794][ T5337] ? __ext4_handle_dirty_metadata+0x30d/0x820
[ 70.479081][ T5337] make_indexed_dir+0xf98/0x1600
[ 70.481099][ T5337] ? __pfx_make_indexed_dir+0x10/0x10
[ 70.483184][ T5337] ? add_dirent_to_buf+0x398/0x750
[ 70.485210][ T5337] ? __pfx_add_dirent_to_buf+0x10/0x10
[ 70.487334][ T5337] ? __ext4_read_dirblock+0x527/0x890
[ 70.489551][ T5337] ext4_add_entry+0x222a/0x25d0
[ 70.491580][ T5337] ? __pfx_ext4_initxattrs+0x10/0x10
[ 70.496115][ T5337] ? __pfx_security_inode_init_security+0x10/0x10
[ 70.499747][ T5337] ? rcu_is_watching+0x15/0xb0
[ 70.502096][ T5337] ? __brelse+0x59/0xa0
[ 70.503624][ T5337] ? __ext4_new_inode+0x380f/0x4380
[ 70.512048][ T5337] ? tomoyo_path_number_perm+0x208/0x880
[ 70.518343][ T5337] ? __pfx_ext4_add_entry+0x10/0x10
[ 70.522811][ T5337] ext4_add_nondir+0x8d/0x290
[ 70.529178][ T5337] ext4_create+0x377/0x550
[ 70.534118][ T5337] ? __pfx_ext4_create+0x10/0x10
[ 70.537396][ T5337] ? bpf_lsm_inode_create+0x9/0x10
[ 70.539804][ T5337] ? security_inode_create+0xbe/0x340
[ 70.543280][ T5337] vfs_create+0x23c/0x3d0
[ 70.547052][ T5337] do_mknodat+0x447/0x5b0
[ 70.548845][ T5337] ? __pfx_do_mknodat+0x10/0x10
[ 70.558311][ T5337] ? getname_flags+0x1e3/0x540
[ 70.563317][ T5337] __x64_sys_mknod+0x8c/0xa0
[ 70.569432][ T5337] do_syscall_64+0xf3/0x230
[ 70.571240][ T5337] ? clear_bhb_loop+0x35/0x90
[ 70.573158][ T5337] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 70.575462][ T5337] RIP: 0033:0x7f2b1457e719
[ 70.577194][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 70.605338][ T5337] RSP: 002b:00007f2b153ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[ 70.608987][ T5337] RAX: ffffffffffffffda RBX: 00007f2b14735f80 RCX: 00007f2b1457e719
[ 70.612084][ T5337] RDX: 0000000000000701 RSI: 0000000000000000 RDI: 0000000020000000
[ 70.615276][ T5337] RBP: 00007f2b145f132e R08: 0000000000000000 R09: 0000000000000000
[ 70.634981][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 70.638605][ T5337] R13: 0000000000000000 R14: 00007f2b14735f80 R15: 00007ffce0fe1798
[ 70.642235][ T5337]
[ 70.643691][ T5337]
[ 70.644814][ T5337] The buggy address belongs to the physical page:
[ 70.647864][ T5337] page: refcount:3 mapcount:0 mapping:ffff88801aa24d78 index:0x3f pfn:0x4c563
[ 70.667888][ T5337] memcg:ffff888030476000
[ 70.669863][ T5337] aops:def_blk_aops ino:700000 dentry name(?):""
[ 70.673623][ T5337] flags: 0x4fff08000004214(referenced|dirty|workingset|private|node=1|zone=1|lastcpupid=0x7ff)
[ 70.678090][ T5337] raw: 04fff08000004214 0000000000000000 dead000000000122 ffff88801aa24d78
[ 70.681850][ T5337] raw: 000000000000003f ffff888043e12910 00000003ffffffff ffff888030476000
[ 70.685268][ T5337] page dumped because: kasan: bad access detected
[ 70.687836][ T5337] page_owner tracks the page as allocated
[ 70.702111][ T5337] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL|__GFP_MOVABLE), pid 5337, tgid 5336 (syz.0.0), ts 70312294796, free_ts 66704893449
[ 70.709452][ T5337] post_alloc_hook+0x1f3/0x230
[ 70.711342][ T5337] get_page_from_freelist+0x3045/0x3190
[ 70.713574][ T5337] __alloc_pages_noprof+0x292/0x710
[ 70.715627][ T5337] alloc_pages_mpol_noprof+0x3e8/0x680
[ 70.740021][ T5337] folio_alloc_noprof+0x128/0x180
[ 70.742123][ T5337] filemap_alloc_folio_noprof+0xdf/0x500
[ 70.744356][ T5337] __filemap_get_folio+0x446/0xbd0
[ 70.746465][ T5337] bdev_getblk+0x1d8/0x550
[ 70.748218][ T5337] ext4_getblk+0x303/0x800
[ 70.749853][ T5337] ext4_bread+0x2e/0x180
[ 70.751458][ T5337] ext4_append+0x327/0x5c0
[ 70.766391][ T5337] make_indexed_dir+0x523/0x1600
[ 70.768286][ T5337] ext4_add_entry+0x222a/0x25d0
[ 70.770175][ T5337] ext4_add_nondir+0x8d/0x290
[ 70.771996][ T5337] ext4_create+0x377/0x550
[ 70.773747][ T5337] vfs_create+0x23c/0x3d0
[ 70.775424][ T5337] page last free pid 5333 tgid 5333 stack trace:
[ 70.777956][ T5337] free_unref_folios+0xf12/0x18d0
[ 70.780096][ T5337] folios_put_refs+0x76c/0x860
[ 70.798584][ T5337] free_pages_and_swap_cache+0x2ea/0x690
[ 70.801022][ T5337] tlb_flush_mmu+0x3a3/0x680
[ 70.802936][ T5337] tlb_finish_mmu+0xd4/0x200
[ 70.804844][ T5337] exit_mmap+0x496/0xc40
[ 70.806520][ T5337] __mmput+0x115/0x390
[ 70.808170][ T5337] exit_mm+0x220/0x310
[ 70.821098][ T5337] do_exit+0x9b2/0x28e0
[ 70.822760][ T5337] do_group_exit+0x207/0x2c0
[ 70.824604][ T5337] __x64_sys_exit_group+0x3f/0x40
[ 70.826641][ T5337] x64_sys_call+0x2634/0x2640
[ 70.828500][ T5337] do_syscall_64+0xf3/0x230
[ 70.830366][ T5337] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 70.834005][ T5337]
[ 70.834859][ T5337] Memory state around the buggy address:
[ 70.836809][ T5337] ffff88804c563f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 70.860324][ T5337] ffff88804c563f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 70.863585][ T5337] >ffff88804c564000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 70.872553][ T5337] ^
[ 70.874166][ T5337] ffff88804c564080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 70.878223][ T5337] ffff88804c564100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 70.881143][ T5337] ==================================================================
[ 70.920517][ T5337] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 70.925172][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[ 70.930201][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 70.935793][ T5337] Call Trace:
[ 70.939320][ T5337]
[ 70.941039][ T5337] dump_stack_lvl+0x241/0x360
[ 70.958295][ T5337] ? __pfx_dump_stack_lvl+0x10/0x10
[ 70.960384][ T5337] ? __pfx__printk+0x10/0x10
[ 70.962167][ T5337] ? preempt_schedule+0xe1/0xf0
[ 70.964021][ T5337] ? vscnprintf+0x5d/0x90
[ 70.965747][ T5337] panic+0x349/0x880
[ 70.967308][ T5337] ? check_panic_on_warn+0x21/0xb0
[ 70.985668][ T5337] ? __pfx_panic+0x10/0x10
[ 70.987920][ T5337] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 70.990842][ T5337] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 71.006076][ T5337] ? print_report+0x502/0x550
[ 71.007970][ T5337] check_panic_on_warn+0x86/0xb0
[ 71.009946][ T5337] ? ext4_insert_dentry+0x36a/0x6d0
[ 71.011974][ T5337] end_report+0x77/0x160
[ 71.013714][ T5337] kasan_report+0x154/0x180
[ 71.015530][ T5337] ? ext4_insert_dentry+0x36a/0x6d0
[ 71.017554][ T5337] kasan_check_range+0x282/0x290
[ 71.019493][ T5337] ? ext4_insert_dentry+0x36a/0x6d0
[ 71.021644][ T5337] __asan_memcpy+0x40/0x70
[ 71.023424][ T5337] ext4_insert_dentry+0x36a/0x6d0
[ 71.025449][ T5337] add_dirent_to_buf+0x3d9/0x750
[ 71.027475][ T5337] ? __pfx_add_dirent_to_buf+0x10/0x10
[ 71.045610][ T5337] ? __ext4_handle_dirty_metadata+0x30d/0x820
[ 71.047757][ T5337] make_indexed_dir+0xf98/0x1600
[ 71.049629][ T5337] ? __pfx_make_indexed_dir+0x10/0x10
[ 71.051524][ T5337] ? add_dirent_to_buf+0x398/0x750
[ 71.065538][ T5337] ? __pfx_add_dirent_to_buf+0x10/0x10
[ 71.077160][ T5337] ? __ext4_read_dirblock+0x527/0x890
[ 71.079396][ T5337] ext4_add_entry+0x222a/0x25d0
[ 71.081509][ T5337] ? __pfx_ext4_initxattrs+0x10/0x10
[ 71.083714][ T5337] ? __pfx_security_inode_init_security+0x10/0x10
[ 71.086383][ T5337] ? rcu_is_watching+0x15/0xb0
[ 71.088074][ T5337] ? __brelse+0x59/0xa0
[ 71.089764][ T5337] ? __ext4_new_inode+0x380f/0x4380
[ 71.092190][ T5337] ? tomoyo_path_number_perm+0x208/0x880
[ 71.096129][ T5337] ? __pfx_ext4_add_entry+0x10/0x10
[ 71.115202][ T5337] ext4_add_nondir+0x8d/0x290
[ 71.116998][ T5337] ext4_create+0x377/0x550
[ 71.118555][ T5337] ? __pfx_ext4_create+0x10/0x10
[ 71.120492][ T5337] ? bpf_lsm_inode_create+0x9/0x10
[ 71.122486][ T5337] ? security_inode_create+0xbe/0x340
[ 71.124618][ T5337] vfs_create+0x23c/0x3d0
[ 71.145704][ T5337] do_mknodat+0x447/0x5b0
[ 71.148155][ T5337] ? __pfx_do_mknodat+0x10/0x10
[ 71.150610][ T5337] ? getname_flags+0x1e3/0x540
[ 71.152333][ T5337] __x64_sys_mknod+0x8c/0xa0
[ 71.153979][ T5337] do_syscall_64+0xf3/0x230
[ 71.155615][ T5337] ? clear_bhb_loop+0x35/0x90
[ 71.157376][ T5337] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 71.180887][ T5337] RIP: 0033:0x7f2b1457e719
[ 71.185465][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 71.193909][ T5337] RSP: 002b:00007f2b153ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[ 71.200602][ T5337] RAX: ffffffffffffffda RBX: 00007f2b14735f80 RCX: 00007f2b1457e719
[ 71.211489][ T5337] RDX: 0000000000000701 RSI: 0000000000000000 RDI: 0000000020000000
[ 71.214338][ T5337] RBP: 00007f2b145f132e R08: 0000000000000000 R09: 0000000000000000
[ 71.217091][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 71.219823][ T5337] R13: 0000000000000000 R14: 00007f2b14735f80 R15: 00007ffce0fe1798
[ 71.222518][ T5337]
[ 71.223842][ T5337] Kernel Offset: disabled
[ 71.231289][ T5337] Rebooting in 86400 seconds..