program:
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="5c000000020605000000000000000000000000000c00078005001500267d00000500010007000000050005000a000000050004"], 0x5c}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000280)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x800700, &(0x7f0000000880)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@nogrpid}, {@init_itable_val={'init_itable', 0x3d, 0x4}}, {@minixdf}, {@resgid}, {@sysvgroups}, {@usrjquota}]}, 0x3, 0x467, &(0x7f0000002280)="$eJzs3M9rHFUcAPDvzCb93SbWKrRWjRYx+CNp0qo9eFEUPFQU9FCPcZOW0m0jTQRbio0i9SJIQc/iUfAv8OZF1JPgVe9SKBqEVk+R2Z1JN9vdZNNsdmv384Fp39t5M/O+O+/tvJm3mwD61kj2TxKxKyJ+i4ihWnZlgZHafzcXL5X/WbxUTmJp6a0/k2q5G4uXykXRYrudeWY0jUg/SfKDxNb63c5duHhmqlKZOZ/nx+fPvjc+d+His6fPTp2aOTVzbvLYsaNHJl54fvK5tuJI1lifxXXjwIezB/e/9s7V18snrr7707fZNrvy9fVxdMpIFvhfS1WN657o9MF6bHddOhnoYUVYl1JEZKdrsNr/h6IUt07eULz6cU8rB2yq7Nq0tfXqhSXgHpbE2mX+7kZFgC4rLvTZ/W+xdGnocVe4/lLtBiiL+2a+1NYMRJqXGWy4v+2kkYg4sfDvV9kSm/QcAgCg3mflL4/HM83Gf2k8WFduTz6HMhwR90XE3oi4PyL2RcQDEVnZxiFlW0Ya8rePf9JrdxhaW7Lx34v53NbK8V8x+ovhUp7bXY1/MDl5ujJzOH9PRmNwa5afWOUY37/y6+et1tWP/7IlO34xFszrcW2g4QHd9NT8VHVQ2gHXP4o4MNAs/mR5JiCJiP0RcWB9u95TJE4/9c3B7QebF1o7/lV0YJ5p6euIJ2vnfyEa4i8kq89Pjm+Lyszh8aJV3O7nX6682er4LeLfsvHI2pOd/x0r239jkeGkfr52bv3HuPL7py3vae60/W9J3q6el+KN+mBqfv78RMSW5Hg1v+L1yVvbFvmifBb/6KHm/X9vvk12nIciImvCD0fEIxHxaF73xyLi8Yg4tEr8P76cJ5q01w21/w7I4p9u+vm33P4bzv/6E6UzP3xX7GzbuuPPzv/Ramo0f6X6+beGdiu40fcPAAAA/g/S6nfgk3RsOZ2mY2O17/Dvix1pZXZu/umTs++fm659V344BtPiSddQ3fPQiWQh32MtP5k/Ky7WH8mfG39R2l7Nj5VnK9M9jh363c4W/T/zR6nXtQM2XbN5tMmuTUEBvdTY/9OV2ctvdLMyQFf5vTb0rzX6f9qtegDd5/oP/atZ/7/ckDcXAPcm13/oX/o/9C/9H/qX/g99aSO/65fo50Sklcr0tojVCxd/EOjuqLNE+4lefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xn8BAAD///xQ9VA=")
chdir(&(0x7f0000000140)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='net_prio.prioidx\x00', 0x275a, 0x0)
mkdir(&(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x5)
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
symlink(&(0x7f0000000dc0)='./file0\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r2, &(0x7f0000000040)=0x1f00, 0x12)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0000000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)

[   68.608169][ T4660] Bluetooth: hci0: command tx timeout
[   68.678081][ T5314] loop0: detected capacity change from 0 to 512
[   68.697771][ T5314] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.0: corrupted in-inode xattr: invalid ea_ino
[   68.708063][ T5314] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.0: couldn't read orphan inode 15 (err -117)
[   68.713374][ T5314] EXT4-fs (loop0): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.726179][ T5314] ==================================================================
[   68.729318][ T5314] BUG: KASAN: slab-use-after-free in ext4_insert_dentry+0x36a/0x6d0
[   68.732496][ T5314] Write of size 251 at addr ffff8880402a5f14 by task syz.0.0/5314
[   68.735381][ T5314] 
[   68.736281][ T5314] CPU: 0 UID: 0 PID: 5314 Comm: syz.0.0 Not tainted 6.13.0-rc1-syzkaller-00036-g5076001689e4 #0
[   68.740114][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   68.744047][ T5314] Call Trace:
[   68.745263][ T5314]  <TASK>
[   68.746278][ T5314]  dump_stack_lvl+0x241/0x360
[   68.747977][ T5314]  ? __pfx_dump_stack_lvl+0x10/0x10
[   68.749791][ T5314]  ? __pfx__printk+0x10/0x10
[   68.751452][ T5314]  ? _printk+0xd5/0x120
[   68.753053][ T5314]  ? __virt_addr_valid+0x183/0x530
[   68.754994][ T5314]  ? __virt_addr_valid+0x183/0x530
[   68.756967][ T5314]  print_report+0x169/0x550
[   68.758673][ T5314]  ? __virt_addr_valid+0x183/0x530
[   68.760612][ T5314]  ? __virt_addr_valid+0x183/0x530
[   68.762448][ T5314]  ? __virt_addr_valid+0x45f/0x530
[   68.764176][ T5314]  ? __phys_addr+0xba/0x170
[   68.765848][ T5314]  ? ext4_insert_dentry+0x36a/0x6d0
[   68.767828][ T5314]  kasan_report+0x143/0x180
[   68.769532][ T5314]  ? ext4_insert_dentry+0x36a/0x6d0
[   68.771629][ T5314]  kasan_check_range+0x282/0x290
[   68.773297][ T5314]  ? ext4_insert_dentry+0x36a/0x6d0
[   68.774997][ T5314]  __asan_memcpy+0x40/0x70
[   68.776636][ T5314]  ext4_insert_dentry+0x36a/0x6d0
[   68.778615][ T5314]  add_dirent_to_buf+0x3d9/0x750
[   68.780554][ T5314]  ? __pfx_add_dirent_to_buf+0x10/0x10
[   68.782572][ T5314]  ? __ext4_handle_dirty_metadata+0x30d/0x820
[   68.784908][ T5314]  make_indexed_dir+0xf98/0x1600
[   68.786814][ T5314]  ? __pfx_make_indexed_dir+0x10/0x10
[   68.788707][ T5314]  ? add_dirent_to_buf+0x398/0x750
[   68.790831][ T5314]  ? __pfx_add_dirent_to_buf+0x10/0x10
[   68.792971][ T5314]  ? __ext4_read_dirblock+0x527/0x890
[   68.794847][ T5314]  ext4_add_entry+0xcf7/0xfa0
[   68.796612][ T5314]  ? __pfx_ext4_add_entry+0x10/0x10
[   68.798648][ T5314]  ext4_add_nondir+0x8d/0x290
[   68.800757][ T5314]  ? ext4_symlink+0x6ce/0xb50
[   68.802466][ T5314]  ext4_symlink+0x920/0xb50
[   68.804188][ T5314]  ? __pfx_ext4_symlink+0x10/0x10
[   68.806127][ T5314]  ? inode_permission+0xff/0x460
[   68.808344][ T5314]  ? bpf_lsm_inode_symlink+0x9/0x10
[   68.810364][ T5314]  ? security_inode_symlink+0xbe/0x330
[   68.812519][ T5314]  vfs_symlink+0x137/0x2e0
[   68.814310][ T5314]  do_symlinkat+0x222/0x3a0
[   68.816079][ T5314]  ? __virt_addr_valid+0x45f/0x530
[   68.818134][ T5314]  ? __pfx_do_symlinkat+0x10/0x10
[   68.820048][ T5314]  ? strncpy_from_user+0x152/0x270
[   68.822135][ T5314]  ? getname_flags+0x1e3/0x540
[   68.824087][ T5314]  __x64_sys_symlink+0x7a/0x90
[   68.825929][ T5314]  do_syscall_64+0xf3/0x230
[   68.827658][ T5314]  ? clear_bhb_loop+0x35/0x90
[   68.829394][ T5314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.831549][ T5314] RIP: 0033:0x7f2a3157ff19
[   68.833076][ T5314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.840057][ T5314] RSP: 002b:00007f2a322a3058 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[   68.842914][ T5314] RAX: ffffffffffffffda RBX: 00007f2a31745fa0 RCX: 00007f2a3157ff19
[   68.845850][ T5314] RDX: 0000000000000000 RSI: 0000000020000cc0 RDI: 0000000020000dc0
[   68.848849][ T5314] RBP: 00007f2a315f3986 R08: 0000000000000000 R09: 0000000000000000
[   68.851708][ T5314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   68.854561][ T5314] R13: 0000000000000000 R14: 00007f2a31745fa0 R15: 00007ffe67ce5568
[   68.857174][ T5314]  </TASK>
[   68.858275][ T5314] 
[   68.859124][ T5314] The buggy address belongs to the physical page:
[   68.861370][ T5314] page: refcount:3 mapcount:0 mapping:ffff888031cf4d78 index:0x3f pfn:0x402a5
[   68.864153][ T5314] memcg:ffff88801c6ce000
[   68.865557][ T5314] aops:def_blk_aops ino:700000 dentry name(?):""
[   68.867566][ T5314] flags: 0x4fff08000004214(referenced|dirty|workingset|private|node=1|zone=1|lastcpupid=0x7ff)
[   68.870951][ T5314] raw: 04fff08000004214 0000000000000000 dead000000000122 ffff888031cf4d78
[   68.874137][ T5314] raw: 000000000000003f ffff888031cae828 00000003ffffffff ffff88801c6ce000
[   68.877264][ T5314] page dumped because: kasan: bad access detected
[   68.879641][ T5314] page_owner tracks the page as allocated
[   68.881718][ T5314] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x148c40(GFP_NOFS|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL), pid 5314, tgid 5313 (syz.0.0), ts 68726020863, free_ts 68719185969
[   68.888440][ T5314]  post_alloc_hook+0x1f3/0x230
[   68.890175][ T5314]  get_page_from_freelist+0x365c/0x37a0
[   68.892160][ T5314]  __alloc_pages_noprof+0x292/0x710
[   68.894167][ T5314]  alloc_pages_mpol_noprof+0x3e8/0x680
[   68.896312][ T5314]  folio_alloc_noprof+0x128/0x180
[   68.898307][ T5314]  filemap_alloc_folio_noprof+0xdf/0x500
[   68.900452][ T5314]  __filemap_get_folio+0x446/0xbd0
[   68.902455][ T5314]  bdev_getblk+0x1d8/0x550
[   68.904183][ T5314]  ext4_getblk+0x31b/0x880
[   68.905763][ T5314]  ext4_bread+0x2e/0x180
[   68.907427][ T5314]  ext4_append+0x327/0x5c0
[   68.909174][ T5314]  make_indexed_dir+0x523/0x1600
[   68.911013][ T5314]  ext4_add_entry+0xcf7/0xfa0
[   68.912788][ T5314]  ext4_add_nondir+0x8d/0x290
[   68.914616][ T5314]  ext4_symlink+0x920/0xb50
[   68.916403][ T5314]  vfs_symlink+0x137/0x2e0
[   68.918131][ T5314] page last free pid 5314 tgid 5313 stack trace:
[   68.920574][ T5314]  free_unref_page+0xdef/0x1130
[   68.922394][ T5314]  __slab_free+0x31b/0x3d0
[   68.924136][ T5314]  qlist_free_all+0x9a/0x140
[   68.925944][ T5314]  kasan_quarantine_reduce+0x14f/0x170
[   68.928048][ T5314]  __kasan_slab_alloc+0x23/0x80
[   68.929953][ T5314]  kmem_cache_alloc_noprof+0x1d9/0x380
[   68.932128][ T5314]  getname_flags+0xb7/0x540
[   68.933963][ T5314]  user_path_at+0x24/0x60
[   68.935659][ T5314]  __se_sys_chdir+0xbc/0x220
[   68.937469][ T5314]  do_syscall_64+0xf3/0x230
[   68.939200][ T5314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.941445][ T5314] 
[   68.942218][ T5314] Memory state around the buggy address:
[   68.943991][ T5314]  ffff8880402a5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   68.946822][ T5314]  ffff8880402a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   68.949654][ T5314] >ffff8880402a6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   68.952634][ T5314]                    ^
[   68.954254][ T5314]  ffff8880402a6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   68.957364][ T5314]  ffff8880402a6100: 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc
[   68.960326][ T5314] ==================================================================
[   68.975844][ T5314] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   68.978320][ T5314] CPU: 0 UID: 0 PID: 5314 Comm: syz.0.0 Not tainted 6.13.0-rc1-syzkaller-00036-g5076001689e4 #0
[   68.981923][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   68.985997][ T5314] Call Trace:
[   68.987302][ T5314]  <TASK>
[   68.988424][ T5314]  dump_stack_lvl+0x241/0x360
[   68.990234][ T5314]  ? __pfx_dump_stack_lvl+0x10/0x10
[   68.992789][ T5314]  ? __pfx__printk+0x10/0x10
[   68.995093][ T5314]  ? preempt_schedule+0xe1/0xf0
[   68.997249][ T5314]  ? vscnprintf+0x5d/0x90
[   68.998620][ T5314]  panic+0x349/0x880
[   69.000026][ T5314]  ? check_panic_on_warn+0x21/0xb0
[   69.001813][ T5314]  ? __pfx_panic+0x10/0x10
[   69.003326][ T5314]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   69.005427][ T5314]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   69.007716][ T5314]  ? print_report+0x502/0x550
[   69.009515][ T5314]  check_panic_on_warn+0x86/0xb0
[   69.011544][ T5314]  ? ext4_insert_dentry+0x36a/0x6d0
[   69.013604][ T5314]  end_report+0x77/0x160
[   69.015247][ T5314]  kasan_report+0x154/0x180
[   69.017057][ T5314]  ? ext4_insert_dentry+0x36a/0x6d0
[   69.019132][ T5314]  kasan_check_range+0x282/0x290
[   69.021048][ T5314]  ? ext4_insert_dentry+0x36a/0x6d0
[   69.022796][ T5314]  __asan_memcpy+0x40/0x70
[   69.024446][ T5314]  ext4_insert_dentry+0x36a/0x6d0
[   69.026231][ T5314]  add_dirent_to_buf+0x3d9/0x750
[   69.028193][ T5314]  ? __pfx_add_dirent_to_buf+0x10/0x10
[   69.030327][ T5314]  ? __ext4_handle_dirty_metadata+0x30d/0x820
[   69.032716][ T5314]  make_indexed_dir+0xf98/0x1600
[   69.034572][ T5314]  ? __pfx_make_indexed_dir+0x10/0x10
[   69.036694][ T5314]  ? add_dirent_to_buf+0x398/0x750
[   69.038638][ T5314]  ? __pfx_add_dirent_to_buf+0x10/0x10
[   69.040428][ T5314]  ? __ext4_read_dirblock+0x527/0x890
[   69.042423][ T5314]  ext4_add_entry+0xcf7/0xfa0
[   69.044058][ T5314]  ? __pfx_ext4_add_entry+0x10/0x10
[   69.046043][ T5314]  ext4_add_nondir+0x8d/0x290
[   69.047672][ T5314]  ? ext4_symlink+0x6ce/0xb50
[   69.050292][ T5314]  ext4_symlink+0x920/0xb50
[   69.052202][ T5314]  ? __pfx_ext4_symlink+0x10/0x10
[   69.053949][ T5314]  ? inode_permission+0xff/0x460
[   69.055896][ T5314]  ? bpf_lsm_inode_symlink+0x9/0x10
[   69.058070][ T5314]  ? security_inode_symlink+0xbe/0x330
[   69.060220][ T5314]  vfs_symlink+0x137/0x2e0
[   69.061908][ T5314]  do_symlinkat+0x222/0x3a0
[   69.063628][ T5314]  ? __virt_addr_valid+0x45f/0x530
[   69.065701][ T5314]  ? __pfx_do_symlinkat+0x10/0x10
[   69.067629][ T5314]  ? strncpy_from_user+0x152/0x270
[   69.069538][ T5314]  ? getname_flags+0x1e3/0x540
[   69.071440][ T5314]  __x64_sys_symlink+0x7a/0x90
[   69.073307][ T5314]  do_syscall_64+0xf3/0x230
[   69.075140][ T5314]  ? clear_bhb_loop+0x35/0x90
[   69.076905][ T5314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.079227][ T5314] RIP: 0033:0x7f2a3157ff19
[   69.080996][ T5314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.087986][ T5314] RSP: 002b:00007f2a322a3058 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[   69.091186][ T5314] RAX: ffffffffffffffda RBX: 00007f2a31745fa0 RCX: 00007f2a3157ff19
[   69.094226][ T5314] RDX: 0000000000000000 RSI: 0000000020000cc0 RDI: 0000000020000dc0
[   69.097322][ T5314] RBP: 00007f2a315f3986 R08: 0000000000000000 R09: 0000000000000000
[   69.100282][ T5314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   69.103307][ T5314] R13: 0000000000000000 R14: 00007f2a31745fa0 R15: 00007ffe67ce5568
[   69.106302][ T5314]  </TASK>
[   69.107792][ T5314] Kernel Offset: disabled
[   69.109540][ T5314] Rebooting in 86400 seconds..