Warning: Permanently added '10.128.1.133' (ED25519) to the list of known hosts.
executing program
[   58.118045][ T5083] loop0: detected capacity change from 0 to 32768
[   58.141509][ T5083] ==================================================================
[   58.149613][ T5083] BUG: KASAN: use-after-free in diWrite+0xde3/0x19b0
[   58.156328][ T5083] Write of size 32 at addr ffff888076cee0c0 by task syz-executor949/5083
[   58.164755][ T5083] 
[   58.167083][ T5083] CPU: 1 PID: 5083 Comm: syz-executor949 Not tainted 6.9.0-rc4-next-20240418-syzkaller #0
[   58.176982][ T5083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   58.187058][ T5083] Call Trace:
[   58.190323][ T5083]  <TASK>
[   58.193234][ T5083]  dump_stack_lvl+0x241/0x360
[   58.197924][ T5083]  ? __pfx_dump_stack_lvl+0x10/0x10
[   58.203102][ T5083]  ? __pfx__printk+0x10/0x10
[   58.207670][ T5083]  ? _printk+0xd5/0x120
[   58.211806][ T5083]  ? __virt_addr_valid+0x183/0x520
[   58.216899][ T5083]  ? __virt_addr_valid+0x183/0x520
[   58.222007][ T5083]  print_report+0x169/0x550
[   58.226505][ T5083]  ? __virt_addr_valid+0x183/0x520
[   58.231623][ T5083]  ? __virt_addr_valid+0x183/0x520
[   58.236734][ T5083]  ? __virt_addr_valid+0x44e/0x520
[   58.241841][ T5083]  ? __phys_addr+0xba/0x170
[   58.246337][ T5083]  ? diWrite+0xde3/0x19b0
[   58.250651][ T5083]  kasan_report+0x143/0x180
[   58.255402][ T5083]  ? diWrite+0xde3/0x19b0
[   58.259749][ T5083]  kasan_check_range+0x282/0x290
[   58.264702][ T5083]  ? diWrite+0xde3/0x19b0
[   58.269026][ T5083]  __asan_memcpy+0x40/0x70
[   58.273430][ T5083]  diWrite+0xde3/0x19b0
[   58.277574][ T5083]  txCommit+0xa1a/0x6a20
[   58.281814][ T5083]  ? add_index+0x34c/0x1620
[   58.286299][ T5083]  ? __pfx_add_index+0x10/0x10
[   58.291042][ T5083]  ? lockdep_unlock+0x16a/0x300
[   58.295873][ T5083]  ? __pfx_txCommit+0x10/0x10
[   58.300532][ T5083]  ? rcu_is_watching+0x15/0xb0
[   58.305278][ T5083]  ? __mark_inode_dirty+0x41c/0xe20
[   58.310460][ T5083]  jfs_readdir+0x28e9/0x4660
[   58.315127][ T5083]  ? __pfx_jfs_readdir+0x10/0x10
[   58.320054][ T5083]  ? __pfx___down_write_common+0x10/0x10
[   58.325670][ T5083]  ? end_current_label_crit_section+0x14e/0x180
[   58.331904][ T5083]  ? __pfx_jfs_readdir+0x10/0x10
[   58.336827][ T5083]  wrap_directory_iterator+0x94/0xe0
[   58.342097][ T5083]  iterate_dir+0x65e/0x820
[   58.346515][ T5083]  __se_sys_getdents64+0x20d/0x4f0
[   58.351622][ T5083]  ? __pfx___se_sys_getdents64+0x10/0x10
[   58.357240][ T5083]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   58.363224][ T5083]  ? __pfx_filldir64+0x10/0x10
[   58.367988][ T5083]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   58.374313][ T5083]  ? do_syscall_64+0x102/0x240
[   58.379065][ T5083]  ? do_syscall_64+0xb6/0x240
[   58.383721][ T5083]  do_syscall_64+0xf5/0x240
[   58.388206][ T5083]  ? clear_bhb_loop+0x35/0x90
[   58.392869][ T5083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.398767][ T5083] RIP: 0033:0x7ff57c567679
[   58.403165][ T5083] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   58.422754][ T5083] RSP: 002b:00007fffddcb47e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   58.431159][ T5083] RAX: ffffffffffffffda RBX: 00007fffddcb49b8 RCX: 00007ff57c567679
[   58.439115][ T5083] RDX: 000000000000005d RSI: 00000000200002c0 RDI: 0000000000000005
[   58.447066][ T5083] RBP: 00007ff57c5e0610 R08: 0000000000000000 R09: 00007fffddcb49b8
[   58.455031][ T5083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.463057][ T5083] R13: 00007fffddcb49a8 R14: 0000000000000001 R15: 0000000000000001
[   58.471127][ T5083]  </TASK>
[   58.474132][ T5083] 
[   58.476435][ T5083] The buggy address belongs to the physical page:
[   58.482822][ T5083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x76cee
[   58.491576][ T5083] flags: 0xfff80000000000(node=0|zone=1|lastcpupid=0xfff)
[   58.498693][ T5083] raw: 00fff80000000000 ffffea0001db3bc8 ffffea0001dcea48 0000000000000000
[   58.507263][ T5083] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   58.515827][ T5083] page dumped because: kasan: bad access detected
[   58.522256][ T5083] page_owner tracks the page as freed
[   58.527602][ T5083] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), pid 5078, tgid 397447660 (sshd), ts 5078, free_ts 51945391130
[   58.544855][ T5083]  post_alloc_hook+0x1f3/0x230
[   58.549602][ T5083]  get_page_from_freelist+0x2ce2/0x2d90
[   58.555150][ T5083]  __alloc_pages_noprof+0x256/0x6c0
[   58.560328][ T5083]  alloc_pages_mpol_noprof+0x3e8/0x680
[   58.565943][ T5083]  pipe_write+0x657/0x1a40
[   58.570336][ T5083]  vfs_write+0xa72/0xc90
[   58.574648][ T5083]  ksys_write+0x1a0/0x2c0
[   58.578957][ T5083]  do_syscall_64+0xf5/0x240
[   58.583436][ T5083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.589313][ T5083] page last free pid 5080 tgid 5080 stack trace:
[   58.595614][ T5083]  free_unref_page+0xd22/0xea0
[   58.600358][ T5083]  __folio_put+0x3b9/0x620
[   58.604756][ T5083]  pipe_read+0x6f2/0x13e0
[   58.609064][ T5083]  vfs_read+0x9c4/0xbd0
[   58.613201][ T5083]  ksys_read+0x1a0/0x2c0
[   58.617424][ T5083]  do_syscall_64+0xf5/0x240
[   58.621907][ T5083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.627783][ T5083] 
[   58.630082][ T5083] Memory state around the buggy address:
[   58.635712][ T5083]  ffff888076cedf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   58.643752][ T5083]  ffff888076cee000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   58.651806][ T5083] >ffff888076cee080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   58.659842][ T5083]                                            ^
[   58.666061][ T5083]  ffff888076cee100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   58.674102][ T5083]  ffff888076cee180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   58.682139][ T5083] ==================================================================
[   58.690569][ T5083] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   58.697781][ T5083] CPU: 0 PID: 5083 Comm: syz-executor949 Not tainted 6.9.0-rc4-next-20240418-syzkaller #0
[   58.707679][ T5083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   58.717738][ T5083] Call Trace:
[   58.721017][ T5083]  <TASK>
[   58.723943][ T5083]  dump_stack_lvl+0x241/0x360
[   58.728621][ T5083]  ? __pfx_dump_stack_lvl+0x10/0x10
[   58.733809][ T5083]  ? __pfx__printk+0x10/0x10
[   58.738391][ T5083]  ? preempt_schedule+0xe1/0xf0
[   58.743257][ T5083]  ? vscnprintf+0x5d/0x90
[   58.747582][ T5083]  panic+0x349/0x860
[   58.751467][ T5083]  ? check_panic_on_warn+0x21/0xb0
[   58.756585][ T5083]  ? __pfx_panic+0x10/0x10
[   58.761013][ T5083]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   58.767003][ T5083]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   58.773333][ T5083]  ? print_report+0x502/0x550
[   58.778022][ T5083]  check_panic_on_warn+0x86/0xb0
[   58.782968][ T5083]  ? diWrite+0xde3/0x19b0
[   58.787294][ T5083]  end_report+0x77/0x160
[   58.791553][ T5083]  kasan_report+0x154/0x180
[   58.796046][ T5083]  ? diWrite+0xde3/0x19b0
[   58.800367][ T5083]  kasan_check_range+0x282/0x290
[   58.805293][ T5083]  ? diWrite+0xde3/0x19b0
[   58.809610][ T5083]  __asan_memcpy+0x40/0x70
[   58.814019][ T5083]  diWrite+0xde3/0x19b0
[   58.818171][ T5083]  txCommit+0xa1a/0x6a20
[   58.822403][ T5083]  ? add_index+0x34c/0x1620
[   58.826897][ T5083]  ? __pfx_add_index+0x10/0x10
[   58.831662][ T5083]  ? lockdep_unlock+0x16a/0x300
[   58.836503][ T5083]  ? __pfx_txCommit+0x10/0x10
[   58.841172][ T5083]  ? rcu_is_watching+0x15/0xb0
[   58.845924][ T5083]  ? __mark_inode_dirty+0x41c/0xe20
[   58.851113][ T5083]  jfs_readdir+0x28e9/0x4660
[   58.855712][ T5083]  ? __pfx_jfs_readdir+0x10/0x10
[   58.860655][ T5083]  ? __pfx___down_write_common+0x10/0x10
[   58.866283][ T5083]  ? end_current_label_crit_section+0x14e/0x180
[   58.872528][ T5083]  ? __pfx_jfs_readdir+0x10/0x10
[   58.877460][ T5083]  wrap_directory_iterator+0x94/0xe0
[   58.882738][ T5083]  iterate_dir+0x65e/0x820
[   58.887151][ T5083]  __se_sys_getdents64+0x20d/0x4f0
[   58.892253][ T5083]  ? __pfx___se_sys_getdents64+0x10/0x10
[   58.897872][ T5083]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   58.903837][ T5083]  ? __pfx_filldir64+0x10/0x10
[   58.908588][ T5083]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   58.914906][ T5083]  ? do_syscall_64+0x102/0x240
[   58.919663][ T5083]  ? do_syscall_64+0xb6/0x240
[   58.924326][ T5083]  do_syscall_64+0xf5/0x240
[   58.928816][ T5083]  ? clear_bhb_loop+0x35/0x90
[   58.933482][ T5083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.939367][ T5083] RIP: 0033:0x7ff57c567679
[   58.943771][ T5083] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   58.963368][ T5083] RSP: 002b:00007fffddcb47e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   58.971771][ T5083] RAX: ffffffffffffffda RBX: 00007fffddcb49b8 RCX: 00007ff57c567679
[   58.979729][ T5083] RDX: 000000000000005d RSI: 00000000200002c0 RDI: 0000000000000005
[   58.987692][ T5083] RBP: 00007ff57c5e0610 R08: 0000000000000000 R09: 00007fffddcb49b8
[   58.995648][ T5083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.003607][ T5083] R13: 00007fffddcb49a8 R14: 0000000000000001 R15: 0000000000000001
[   59.011570][ T5083]  </TASK>
[   59.014831][ T5083] Kernel Offset: disabled
[   59.019138][ T5083] Rebooting in 86400 seconds..