program: statx(0xffffffffffffffff, &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x2000, 0x30, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x800700, &(0x7f00000001c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@abort}, {@delalloc}, {@minixdf}, {@resgid={'resgid', 0x3d, r0}}, {@nomblk_io_submit}, {@usrjquota}]}, 0x3, 0x471, &(0x7f0000000800)="$eJzs3M1rHOUfAPDvzGb73ia//qrQWjVaxOBL0qRVe/CiKHioKOihHuMmLaXbRpoIthQbRaoHQQp6Fo+Cf4E3L6KeBK96l0LRIrR6iszuTLLZ7iabJtmt3c8Hpn2enWfmeb478+w8O89sAuhbw9k/ScSuiPg1Igbr2eUFhuv/3bpxqfL3jUuVJBYW3vgjqZW7eeNSpShabLczz4ykEelHSV5JbG3c7eyFi2cmq9Xp83l+bO7sO2OzFy4+ffrs5KnpU9PnJo4dO3pk/LlnJ57pKI5klfVZXDcPvD9zcP8rb119tXLi6ts/fpNtsytf3xjHRhnOAv9zoaZ53WMbXVmP7W5IJwM9bAhrUoqI7HCVa/1/MEqxdPAG4+UPe9o4YFNl16at7VfPLwD3sCRWL/NXNxoCdFlxoc++/xZLl4Yed4XrL9S/AGVx38qX+pqBSMtL5XZvUv3DEXFi/p8vsyU26T4EAECjTytfHI+nWo3/0ri/odyefA5lKCL+FxF7I+L/EbEvIu6LyMo2Dyk7MtyUv338k167w9A6ko3/ns/ntpaP/9KiyFApz+2uxV9OTp6uTh/O35ORKG/N8uMr1PHdS7981m5d4/gvW7L6i7Fg3o5rA0036KYm5yajvJ6ol1z/IOLAQKv4k8WZgCQi9kfEgbXtek+ROP3E1we3H2xdaPX4V7AB80wLX0U8Xj/+89EUfyFZeX5ybFtUpw+PFWfF7X76+crr7epvE/+W9UfWmez471h+/jcXGUoa52tn117Hld8+bvud5k7P/y3Jm7XjUrxR703OzZ0fj9iSHK/ll70+sbRtkS/KZ/GPHGrd//fm22T1PBAR2Sn8YEQ8FBEP521/JCIejYhDK8T/w4t5osX5uq7zfwNk8U+1/PxbPP+bjv/aE6Uz339b7GzbmuPPjv/RWmokf6X2+beKThu43vcPAAAA/gvS2jPwSTq6mE7T0dH6M/z7YkdanZmde/LkzLvnpurPyg9FOS3udA023A8dT+bzPdbzE/m94mL9kfy+8eel7bX8aGWmOtXj2KHf7WzT/zO/l3rdOmDTtZpHm+jaFBTQS839P12evfxaNxsDdJXfa0P/WqX/Nw0Hlp48/OTmJjUI6BrXf+hfrfr/5aa8uQC4N7n+Q//S/6F/6f/Qv/R/6Evr+V2/RD8nIq1Wp7ZFrFy4+INAd0ebJTpP9PqTCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGP8GwAA//8b2PbT") socket$nl_route(0x10, 0x3, 0x0) (async) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv4_newrule={0x24, 0x20, 0x301, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_PRIORITY={0x8}]}, 0x24}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) (async) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@ipv4_newrule={0x30, 0x20, 0x301, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_IIFNAME={0x14, 0x3, 'veth1_to_batadv\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x40) chdir(&(0x7f0000000140)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='net_prio.prioidx\x00', 0x275a, 0x0) mkdir(&(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x5) creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) (async) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) symlink(&(0x7f0000000dc0)='./file0\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0) syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000040)={[{@iocharset={'iocharset', 0x3d, 'iso8859-7'}}, {@dir_umask={'dir_umask', 0x3d, 0x7}}, {@creator={'creator', 0x3d, "f30db903"}}, {@gid}, {@umask={'umask', 0x3d, 0x1}}, {@type={'type', 0x3d, "ddcaf083"}}, {@codepage={'codepage', 0x3d, 'macgaelic'}}, {@file_umask={'file_umask', 0x3d, 0x100}}, {@creator={'creator', 0x3d, "dce4f4c3"}}]}, 0x1, 0x243, &(0x7f00000002c0)="$eJzs3U9u00wYx/HfTPK+DaQq7h+ExLJQiRVqywaxiYRyCFYIaIJUERUJigSsEGvEAdhzBQ7BCnEBWLHiAGFlNOMJdRPHDlGTIen3I8Uy8Tz2M3jcmcdSVQE4t+62v3289cN9jFRTTdIdyUpqSHVJl3Wl8eLo+PC41+2UnajmI9zHKIs0I20OjrpFoS7ORwSJ+1ddq/nvMBtpmqbfYyeB6PzTX8BKK+Hp9Mcbc89sNt7ETiAy01dfL7UWOw8AQFxh/rdhnl8N63drpZ0w7S/V/N+PnUBkufnfV1mpcff3kj90Uu/5Es4dt4MqcZpr/a9sZJ1aYJqqqtLnYi88Pux1bx48/ZVmWl6u2ZbfdrKhO1CR7XZBbVpi+r43fR/+c33Yt3qrVmsk/82zvWI189l8qd03iT6o82f9V0+Nu03+TiVDdyrLf3f8GX0vk6zVmF6u+4tcDVcIKnrZKK5INBhR6zr9giCpytNHbQxFZb3bq4jaLIzar4jaGo4ajOZe6auUM2RHvzLvzT2zrZ/6pHZu/W/d//aOJnkyXRvfMoyM0v7UfctkulwxM+/0SLe19vzV6ycPe73us4Xbaa78E2mww85S7sT+AYV5OLnpsTNBJG7dZbL6L1ev7PoSyW2SknV6WnXy3Bn3xtQGG3578a8quOb4Cm7SmuvaDen65FdMQp5LwrT1VQ94/w8AAAAAAAAAAAAAAAAAALBo5vDrBK3YfQQAAAAAAAAAAAAAAAAAAAAAYNHx93+B8+t3AAAA///VEYdJ") (async) syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000040)={[{@iocharset={'iocharset', 0x3d, 'iso8859-7'}}, {@dir_umask={'dir_umask', 0x3d, 0x7}}, {@creator={'creator', 0x3d, "f30db903"}}, {@gid}, {@umask={'umask', 0x3d, 0x1}}, {@type={'type', 0x3d, "ddcaf083"}}, {@codepage={'codepage', 0x3d, 'macgaelic'}}, {@file_umask={'file_umask', 0x3d, 0x100}}, {@creator={'creator', 0x3d, "dce4f4c3"}}]}, 0x1, 0x243, &(0x7f00000002c0)="$eJzs3U9u00wYx/HfTPK+DaQq7h+ExLJQiRVqywaxiYRyCFYIaIJUERUJigSsEGvEAdhzBQ7BCnEBWLHiAGFlNOMJdRPHDlGTIen3I8Uy8Tz2M3jcmcdSVQE4t+62v3289cN9jFRTTdIdyUpqSHVJl3Wl8eLo+PC41+2UnajmI9zHKIs0I20OjrpFoS7ORwSJ+1ddq/nvMBtpmqbfYyeB6PzTX8BKK+Hp9Mcbc89sNt7ETiAy01dfL7UWOw8AQFxh/rdhnl8N63drpZ0w7S/V/N+PnUBkufnfV1mpcff3kj90Uu/5Es4dt4MqcZpr/a9sZJ1aYJqqqtLnYi88Pux1bx48/ZVmWl6u2ZbfdrKhO1CR7XZBbVpi+r43fR/+c33Yt3qrVmsk/82zvWI189l8qd03iT6o82f9V0+Nu03+TiVDdyrLf3f8GX0vk6zVmF6u+4tcDVcIKnrZKK5INBhR6zr9giCpytNHbQxFZb3bq4jaLIzar4jaGo4ajOZe6auUM2RHvzLvzT2zrZ/6pHZu/W/d//aOJnkyXRvfMoyM0v7UfctkulwxM+/0SLe19vzV6ycPe73us4Xbaa78E2mww85S7sT+AYV5OLnpsTNBJG7dZbL6L1ev7PoSyW2SknV6WnXy3Bn3xtQGG3578a8quOb4Cm7SmuvaDen65FdMQp5LwrT1VQ94/w8AAAAAAAAAAAAAAAAAALBo5vDrBK3YfQQAAAAAAAAAAAAAAAAAAAAAYNHx93+B8+t3AAAA///VEYdJ") chmod(&(0x7f0000000180)='./file0\x00', 0x0) write$cgroup_int(r3, &(0x7f0000000040)=0x1f00, 0x12) (async) write$cgroup_int(r3, &(0x7f0000000040)=0x1f00, 0x12) [ 96.625723][ T4665] Bluetooth: hci0: command tx timeout [ 96.692906][ T5319] loop0: detected capacity change from 0 to 512 [ 96.727223][ T5319] EXT4-fs: Ignoring removed nomblk_io_submit option [ 96.736262][ T5319] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.0: corrupted in-inode xattr: invalid ea_ino [ 96.742529][ T5319] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.0: couldn't read orphan inode 15 (err -117) [ 96.746998][ T5319] EXT4-fs (loop0): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.766426][ T5320] ================================================================== [ 96.769404][ T5320] BUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0 [ 96.772179][ T5320] Write of size 251 at addr ffff888045696f14 by task syz.0.0/5320 [ 96.774975][ T5320] [ 96.775857][ T5320] CPU: 0 UID: 0 PID: 5320 Comm: syz.0.0 Not tainted 6.12.0-syzkaller-12113-gbcc8eda6d349 #0 [ 96.779143][ T5320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 96.782781][ T5320] Call Trace: [ 96.783917][ T5320] [ 96.784917][ T5320] dump_stack_lvl+0x241/0x360 [ 96.786629][ T5320] ? __pfx_dump_stack_lvl+0x10/0x10 [ 96.788498][ T5320] ? __pfx__printk+0x10/0x10 [ 96.790260][ T5320] ? _printk+0xd5/0x120 [ 96.791785][ T5320] ? __virt_addr_valid+0x183/0x530 [ 96.793635][ T5320] ? __virt_addr_valid+0x183/0x530 [ 96.795425][ T5320] print_report+0x169/0x550 [ 96.797032][ T5320] ? __virt_addr_valid+0x183/0x530 [ 96.798737][ T5320] ? __virt_addr_valid+0x183/0x530 [ 96.800468][ T5320] ? __virt_addr_valid+0x45f/0x530 [ 96.802287][ T5320] ? __phys_addr+0xba/0x170 [ 96.803921][ T5320] ? ext4_insert_dentry+0x36a/0x6d0 [ 96.805588][ T5320] kasan_report+0x143/0x180 [ 96.807111][ T5320] ? ext4_insert_dentry+0x36a/0x6d0 [ 96.808615][ T5320] kasan_check_range+0x282/0x290 [ 96.810271][ T5320] ? ext4_insert_dentry+0x36a/0x6d0 [ 96.812180][ T5320] __asan_memcpy+0x40/0x70 [ 96.813834][ T5320] ext4_insert_dentry+0x36a/0x6d0 [ 96.815655][ T5320] add_dirent_to_buf+0x3d9/0x750 [ 96.817447][ T5320] ? __pfx_add_dirent_to_buf+0x10/0x10 [ 96.819448][ T5320] ? __ext4_handle_dirty_metadata+0x30d/0x820 [ 96.821679][ T5320] make_indexed_dir+0xf98/0x1600 [ 96.823584][ T5320] ? __pfx_make_indexed_dir+0x10/0x10 [ 96.825654][ T5320] ? add_dirent_to_buf+0x398/0x750 [ 96.828027][ T5320] ? __pfx_add_dirent_to_buf+0x10/0x10 [ 96.830226][ T5320] ? __ext4_read_dirblock+0x527/0x890 [ 96.832180][ T5320] ext4_add_entry+0xcf7/0xfa0 [ 96.833949][ T5320] ? __pfx_ext4_add_entry+0x10/0x10 [ 96.835857][ T5320] ext4_add_nondir+0x8d/0x290 [ 96.837684][ T5320] ? ext4_symlink+0x6ce/0xb50 [ 96.839416][ T5320] ext4_symlink+0x920/0xb50 [ 96.841137][ T5320] ? __pfx_ext4_symlink+0x10/0x10 [ 96.843061][ T5320] ? inode_permission+0xff/0x460 [ 96.844859][ T5320] ? bpf_lsm_inode_symlink+0x9/0x10 [ 96.846754][ T5320] ? security_inode_symlink+0xbe/0x330 [ 96.848790][ T5320] vfs_symlink+0x137/0x2e0 [ 96.850568][ T5320] do_symlinkat+0x222/0x3a0 [ 96.852312][ T5320] ? __virt_addr_valid+0x45f/0x530 [ 96.854425][ T5320] ? __pfx_do_symlinkat+0x10/0x10 [ 96.856709][ T5320] ? strncpy_from_user+0x152/0x270 [ 96.859037][ T5320] ? getname_flags+0x1e3/0x540 [ 96.860965][ T5320] __x64_sys_symlink+0x7a/0x90 [ 96.862661][ T5320] do_syscall_64+0xf3/0x230 [ 96.864244][ T5320] ? clear_bhb_loop+0x35/0x90 [ 96.865988][ T5320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 96.868101][ T5320] RIP: 0033:0x7fac24d80849 [ 96.869695][ T5320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 96.876352][ T5320] RSP: 002b:00007fac25bd7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 96.879014][ T5320] RAX: ffffffffffffffda RBX: 00007fac24f46080 RCX: 00007fac24d80849 [ 96.881584][ T5320] RDX: 0000000000000000 RSI: 0000000020000cc0 RDI: 0000000020000dc0 [ 96.884339][ T5320] RBP: 00007fac24df3986 R08: 0000000000000000 R09: 0000000000000000 [ 96.887137][ T5320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 96.889812][ T5320] R13: 0000000000000000 R14: 00007fac24f46080 R15: 00007ffd52272b58 [ 96.892607][ T5320] [ 96.893778][ T5320] [ 96.894682][ T5320] The buggy address belongs to the physical page: [ 96.897101][ T5320] page: refcount:3 mapcount:0 mapping:ffff888031cd4d78 index:0x3f pfn:0x45696 [ 96.900442][ T5320] memcg:ffff88801c6ce000 [ 96.902065][ T5320] aops:def_blk_aops ino:700000 dentry name(?):"" [ 96.904295][ T5320] flags: 0x4fff08000004214(referenced|dirty|workingset|private|node=1|zone=1|lastcpupid=0x7ff) [ 96.908112][ T5320] raw: 04fff08000004214 0000000000000000 dead000000000122 ffff888031cd4d78 [ 96.911049][ T5320] raw: 000000000000003f ffff888043e78910 00000003ffffffff ffff88801c6ce000 [ 96.914108][ T5320] page dumped because: kasan: bad access detected [ 96.916386][ T5320] page_owner tracks the page as allocated [ 96.918269][ T5320] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x148c40(GFP_NOFS|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL), pid 5320, tgid 5318 (syz.0.0), ts 96766260551, free_ts 95051406764 [ 96.924929][ T5320] post_alloc_hook+0x1f3/0x230 [ 96.926671][ T5320] get_page_from_freelist+0x365c/0x37a0 [ 96.928711][ T5320] __alloc_pages_noprof+0x292/0x710 [ 96.930566][ T5320] alloc_pages_mpol_noprof+0x3e8/0x680 [ 96.932529][ T5320] folio_alloc_noprof+0x128/0x180 [ 96.934435][ T5320] filemap_alloc_folio_noprof+0xdf/0x500 [ 96.936780][ T5320] __filemap_get_folio+0x446/0xbd0 [ 96.938818][ T5320] bdev_getblk+0x1d8/0x550 [ 96.940877][ T5320] ext4_getblk+0x31b/0x880 [ 96.942969][ T5320] ext4_bread+0x2e/0x180 [ 96.945057][ T5320] ext4_append+0x327/0x5c0 [ 96.946904][ T5320] make_indexed_dir+0x523/0x1600 [ 96.949228][ T5320] ext4_add_entry+0xcf7/0xfa0 [ 96.951014][ T5320] ext4_add_nondir+0x8d/0x290 [ 96.952793][ T5320] ext4_symlink+0x920/0xb50 [ 96.954529][ T5320] vfs_symlink+0x137/0x2e0 [ 96.956126][ T5320] page last free pid 9 tgid 9 stack trace: [ 96.958285][ T5320] free_unref_page+0xdef/0x1130 [ 96.960186][ T5320] __put_partials+0xeb/0x130 [ 96.962119][ T5320] put_cpu_partial+0x17c/0x250 [ 96.963869][ T5320] __slab_free+0x2ea/0x3d0 [ 96.965543][ T5320] qlist_free_all+0x9a/0x140 [ 96.967228][ T5320] kasan_quarantine_reduce+0x14f/0x170 [ 96.969202][ T5320] __kasan_slab_alloc+0x23/0x80 [ 96.971073][ T5320] kmem_cache_alloc_node_noprof+0x1d9/0x380 [ 96.973237][ T5320] __alloc_skb+0x1c3/0x440 [ 96.974865][ T5320] alloc_skb_with_frags+0xc3/0x820 [ 96.976497][ T5320] sock_alloc_send_pskb+0x91a/0xa60 [ 96.978380][ T5320] mld_newpack+0x1c3/0xaf0 [ 96.980167][ T5320] add_grec+0x1492/0x19a0 [ 96.981815][ T5320] mld_ifc_work+0x691/0xd90 [ 96.983457][ T5320] process_scheduled_works+0xa66/0x1840 [ 96.985579][ T5320] worker_thread+0x870/0xd30 [ 96.987411][ T5320] [ 96.988280][ T5320] Memory state around the buggy address: [ 96.990388][ T5320] ffff888045696f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 96.993447][ T5320] ffff888045696f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 96.996248][ T5320] >ffff888045697000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 96.999206][ T5320] ^ [ 97.000772][ T5320] ffff888045697080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 97.004223][ T5320] ffff888045697100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 97.007613][ T5320] ================================================================== [ 97.025445][ T5320] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 97.028099][ T5320] CPU: 0 UID: 0 PID: 5320 Comm: syz.0.0 Not tainted 6.12.0-syzkaller-12113-gbcc8eda6d349 #0 [ 97.031845][ T5320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 97.035759][ T5320] Call Trace: [ 97.037002][ T5320] [ 97.038083][ T5320] dump_stack_lvl+0x241/0x360 [ 97.039808][ T5320] ? __pfx_dump_stack_lvl+0x10/0x10 [ 97.041766][ T5320] ? __pfx__printk+0x10/0x10 [ 97.043408][ T5320] ? preempt_schedule+0xe1/0xf0 [ 97.045182][ T5320] ? vscnprintf+0x5d/0x90 [ 97.046815][ T5320] panic+0x349/0x880 [ 97.048197][ T5320] ? check_panic_on_warn+0x21/0xb0 [ 97.050119][ T5320] ? __pfx_panic+0x10/0x10 [ 97.051824][ T5320] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 97.053945][ T5320] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 97.055905][ T5320] ? print_report+0x502/0x550 [ 97.057396][ T5320] check_panic_on_warn+0x86/0xb0 [ 97.058934][ T5320] ? ext4_insert_dentry+0x36a/0x6d0 [ 97.060719][ T5320] end_report+0x77/0x160 [ 97.062375][ T5320] kasan_report+0x154/0x180 [ 97.063915][ T5320] ? ext4_insert_dentry+0x36a/0x6d0 [ 97.065838][ T5320] kasan_check_range+0x282/0x290 [ 97.067708][ T5320] ? ext4_insert_dentry+0x36a/0x6d0 [ 97.069684][ T5320] __asan_memcpy+0x40/0x70 [ 97.071759][ T5320] ext4_insert_dentry+0x36a/0x6d0 [ 97.073897][ T5320] add_dirent_to_buf+0x3d9/0x750 [ 97.075846][ T5320] ? __pfx_add_dirent_to_buf+0x10/0x10 [ 97.077955][ T5320] ? __ext4_handle_dirty_metadata+0x30d/0x820 [ 97.080266][ T5320] make_indexed_dir+0xf98/0x1600 [ 97.082148][ T5320] ? __pfx_make_indexed_dir+0x10/0x10 [ 97.084122][ T5320] ? add_dirent_to_buf+0x398/0x750 [ 97.086013][ T5320] ? __pfx_add_dirent_to_buf+0x10/0x10 [ 97.088108][ T5320] ? __ext4_read_dirblock+0x527/0x890 [ 97.090177][ T5320] ext4_add_entry+0xcf7/0xfa0 [ 97.091907][ T5320] ? __pfx_ext4_add_entry+0x10/0x10 [ 97.093855][ T5320] ext4_add_nondir+0x8d/0x290 [ 97.095609][ T5320] ? ext4_symlink+0x6ce/0xb50 [ 97.097376][ T5320] ext4_symlink+0x920/0xb50 [ 97.099032][ T5320] ? __pfx_ext4_symlink+0x10/0x10 [ 97.100864][ T5320] ? inode_permission+0xff/0x460 [ 97.102747][ T5320] ? bpf_lsm_inode_symlink+0x9/0x10 [ 97.104678][ T5320] ? security_inode_symlink+0xbe/0x330 [ 97.106620][ T5320] vfs_symlink+0x137/0x2e0 [ 97.108206][ T5320] do_symlinkat+0x222/0x3a0 [ 97.109803][ T5320] ? __virt_addr_valid+0x45f/0x530 [ 97.111820][ T5320] ? __pfx_do_symlinkat+0x10/0x10 [ 97.113632][ T5320] ? strncpy_from_user+0x152/0x270 [ 97.115436][ T5320] ? getname_flags+0x1e3/0x540 [ 97.117198][ T5320] __x64_sys_symlink+0x7a/0x90 [ 97.118935][ T5320] do_syscall_64+0xf3/0x230 [ 97.120614][ T5320] ? clear_bhb_loop+0x35/0x90 [ 97.122571][ T5320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.124833][ T5320] RIP: 0033:0x7fac24d80849 [ 97.126595][ T5320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 97.133752][ T5320] RSP: 002b:00007fac25bd7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 97.136782][ T5320] RAX: ffffffffffffffda RBX: 00007fac24f46080 RCX: 00007fac24d80849 [ 97.139809][ T5320] RDX: 0000000000000000 RSI: 0000000020000cc0 RDI: 0000000020000dc0 [ 97.142862][ T5320] RBP: 00007fac24df3986 R08: 0000000000000000 R09: 0000000000000000 [ 97.145894][ T5320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 97.148981][ T5320] R13: 0000000000000000 R14: 00007fac24f46080 R15: 00007ffd52272b58 [ 97.152109][ T5320] [ 97.153598][ T5320] Kernel Offset: disabled [ 97.155222][ T5320] Rebooting in 86400 seconds..