program:
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000280)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x800700, &(0x7f0000000880)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@nogrpid}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@minixdf}, {@resgid}, {@sysvgroups}, {@usrjquota}]}, 0x3, 0x467, &(0x7f0000002280)="$eJzs3M9rHFUcAPDvzCb93SbWKrRWjRYx+CNp0qo9eFEUPFQU9FCPcZOW0m0jTQRbio0i9SJIQc/iUfAv8OZF1JPgVe9SKBqEVk+R2Z1JN9vdZNNsdmv384Fp39t5M/O+O+/tvJm3mwD61kj2TxKxKyJ+i4ihWnZlgZHafzcXL5X/WbxUTmJp6a0/k2q5G4uXykXRYrudeWY0jUg/SfKDxNb63c5duHhmqlKZOZ/nx+fPvjc+d+His6fPTp2aOTVzbvLYsaNHJl54fvK5tuJI1lifxXXjwIezB/e/9s7V18snrr7707fZNrvy9fVxdMpIFvhfS1WN657o9MF6bHddOhnoYUVYl1JEZKdrsNr/h6IUt07eULz6cU8rB2yq7Nq0tfXqhSXgHpbE2mX+7kZFgC4rLvTZ/W+xdGnocVe4/lLtBiiL+2a+1NYMRJqXGWy4v+2kkYg4sfDvV9kSm/QcAgCg3mflL4/HM83Gf2k8WFduTz6HMhwR90XE3oi4PyL2RcQDEVnZxiFlW0Ya8rePf9JrdxhaW7Lx34v53NbK8V8x+ovhUp7bXY1/MDl5ujJzOH9PRmNwa5afWOUY37/y6+et1tWP/7IlO34xFszrcW2g4QHd9NT8VHVQ2gHXP4o4MNAs/mR5JiCJiP0RcWB9u95TJE4/9c3B7QebF1o7/lV0YJ5p6euIJ2vnfyEa4i8kq89Pjm+Lyszh8aJV3O7nX6682er4LeLfsvHI2pOd/x0r239jkeGkfr52bv3HuPL7py3vae60/W9J3q6el+KN+mBqfv78RMSW5Hg1v+L1yVvbFvmifBb/6KHm/X9vvk12nIciImvCD0fEIxHxaF73xyLi8Yg4tEr8P76cJ5q01w21/w7I4p9u+vm33P4bzv/6E6UzP3xX7GzbuuPPzv/Ramo0f6X6+beGdiu40fcPAAAA/g/S6nfgk3RsOZ2mY2O17/Dvix1pZXZu/umTs++fm659V344BtPiSddQ3fPQiWQh32MtP5k/Ky7WH8mfG39R2l7Nj5VnK9M9jh363c4W/T/zR6nXtQM2XbN5tMmuTUEBvdTY/9OV2ctvdLMyQFf5vTb0rzX6f9qtegDd5/oP/atZ/7/ckDcXAPcm13/oX/o/9C/9H/qX/g99aSO/65fo50Sklcr0tojVCxd/EOjuqLNE+4lefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xn8BAAD///xQ9VA=")
chdir(&(0x7f0000000140)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='net_prio.prioidx\x00', 0x275a, 0x0)
mkdir(&(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x5)
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
symlink(&(0x7f0000000dc0)='./file0\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r0, &(0x7f0000000040)=0x1f00, 0x12)
[ 76.220973][ T4659] Bluetooth: hci0: command tx timeout
[ 76.282257][ T5313] loop0: detected capacity change from 0 to 512
[ 76.304597][ T5313] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.0: corrupted in-inode xattr: invalid ea_ino
[ 76.317570][ T5313] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.0: couldn't read orphan inode 15 (err -117)
[ 76.323100][ T5313] EXT4-fs (loop0): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 76.339630][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[ 76.342299][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[ 76.346893][ T5313] ==================================================================
[ 76.350168][ T5313] BUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0
[ 76.353233][ T5313] Write of size 251 at addr ffff8880430e4f14 by task syz.0.0/5313
[ 76.356322][ T5313]
[ 76.357293][ T5313] CPU: 0 UID: 0 PID: 5313 Comm: syz.0.0 Not tainted 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0
[ 76.361239][ T5313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 76.365277][ T5313] Call Trace:
[ 76.366626][ T5313]
[ 76.367765][ T5313] dump_stack_lvl+0x241/0x360
[ 76.369612][ T5313] ? __pfx_dump_stack_lvl+0x10/0x10
[ 76.371648][ T5313] ? __pfx__printk+0x10/0x10
[ 76.373312][ T5313] ? _printk+0xd5/0x120
[ 76.374852][ T5313] ? __virt_addr_valid+0x183/0x530
[ 76.376797][ T5313] ? __virt_addr_valid+0x183/0x530
[ 76.378769][ T5313] print_report+0x169/0x550
[ 76.380510][ T5313] ? __virt_addr_valid+0x183/0x530
[ 76.382465][ T5313] ? __virt_addr_valid+0x183/0x530
[ 76.384560][ T5313] ? __virt_addr_valid+0x45f/0x530
[ 76.386608][ T5313] ? __phys_addr+0xba/0x170
[ 76.388404][ T5313] ? ext4_insert_dentry+0x36a/0x6d0
[ 76.390393][ T5313] kasan_report+0x143/0x180
[ 76.392153][ T5313] ? ext4_insert_dentry+0x36a/0x6d0
[ 76.394083][ T5313] kasan_check_range+0x282/0x290
[ 76.396166][ T5313] ? ext4_insert_dentry+0x36a/0x6d0
[ 76.398100][ T5313] __asan_memcpy+0x40/0x70
[ 76.399801][ T5313] ext4_insert_dentry+0x36a/0x6d0
[ 76.401698][ T5313] add_dirent_to_buf+0x3d9/0x750
[ 76.403603][ T5313] ? __pfx_add_dirent_to_buf+0x10/0x10
[ 76.405680][ T5313] ? __ext4_handle_dirty_metadata+0x30d/0x820
[ 76.407872][ T5313] make_indexed_dir+0xf98/0x1600
[ 76.409925][ T5313] ? __pfx_make_indexed_dir+0x10/0x10
[ 76.411975][ T5313] ? add_dirent_to_buf+0x398/0x750
[ 76.414036][ T5313] ? __pfx_add_dirent_to_buf+0x10/0x10
[ 76.416092][ T5313] ? __ext4_read_dirblock+0x527/0x890
[ 76.418206][ T5313] ext4_add_entry+0xcf7/0xfa0
[ 76.420011][ T5313] ? __pfx_ext4_add_entry+0x10/0x10
[ 76.421984][ T5313] ext4_add_nondir+0x8d/0x290
[ 76.423819][ T5313] ? ext4_symlink+0x6ce/0xb50
[ 76.425640][ T5313] ext4_symlink+0x920/0xb50
[ 76.427414][ T5313] ? __pfx_ext4_symlink+0x10/0x10
[ 76.429393][ T5313] ? inode_permission+0xff/0x460
[ 76.431296][ T5313] ? bpf_lsm_inode_symlink+0x9/0x10
[ 76.433288][ T5313] ? security_inode_symlink+0xbe/0x330
[ 76.435409][ T5313] vfs_symlink+0x137/0x2e0
[ 76.437124][ T5313] do_symlinkat+0x222/0x3a0
[ 76.438857][ T5313] ? __pfx_do_symlinkat+0x10/0x10
[ 76.440900][ T5313] ? strncpy_from_user+0x152/0x270
[ 76.442836][ T5313] ? getname_flags+0x1e3/0x540
[ 76.444669][ T5313] __x64_sys_symlink+0x7a/0x90
[ 76.446465][ T5313] do_syscall_64+0xf3/0x230
[ 76.448241][ T5313] ? clear_bhb_loop+0x35/0x90
[ 76.450080][ T5313] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 76.452583][ T5313] RIP: 0033:0x7efee8785d29
[ 76.454397][ T5313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 76.461676][ T5313] RSP: 002b:00007efee95ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[ 76.464748][ T5313] RAX: ffffffffffffffda RBX: 00007efee8975fa0 RCX: 00007efee8785d29
[ 76.467776][ T5313] RDX: 0000000000000000 RSI: 0000000020000cc0 RDI: 0000000020000dc0
[ 76.470769][ T5313] RBP: 00007efee8801b08 R08: 0000000000000000 R09: 0000000000000000
[ 76.473786][ T5313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 76.476722][ T5313] R13: 0000000000000000 R14: 00007efee8975fa0 R15: 00007ffebd1a7008
[ 76.479842][ T5313]
[ 76.480980][ T5313]
[ 76.481838][ T5313] The buggy address belongs to the physical page:
[ 76.484265][ T5313] page: refcount:3 mapcount:0 mapping:ffff8880004fcd78 index:0x3f pfn:0x430e4
[ 76.487516][ T5313] memcg:ffff8880432fa000
[ 76.489095][ T5313] aops:def_blk_aops ino:700000 dentry name(?):""
[ 76.491543][ T5313] flags: 0x4fff08000004214(referenced|dirty|workingset|private|node=1|zone=1|lastcpupid=0x7ff)
[ 76.495505][ T5313] raw: 04fff08000004214 0000000000000000 dead000000000122 ffff8880004fcd78
[ 76.498848][ T5313] raw: 000000000000003f ffff888043f9a0e8 00000003ffffffff ffff8880432fa000
[ 76.502185][ T5313] page dumped because: kasan: bad access detected
[ 76.504553][ T5313] page_owner tracks the page as allocated
[ 76.506615][ T5313] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x148c40(GFP_NOFS|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL), pid 5313, tgid 5312 (syz.0.0), ts 76346563388, free_ts 76277866919
[ 76.513579][ T5313] post_alloc_hook+0x1f3/0x230
[ 76.515476][ T5313] get_page_from_freelist+0x365c/0x37a0
[ 76.517568][ T5313] __alloc_pages_noprof+0x292/0x710
[ 76.519579][ T5313] alloc_pages_mpol_noprof+0x3e8/0x680
[ 76.521601][ T5313] folio_alloc_noprof+0x128/0x180
[ 76.523430][ T5313] filemap_alloc_folio_noprof+0xdf/0x500
[ 76.525491][ T5313] __filemap_get_folio+0x41f/0x940
[ 76.527391][ T5313] bdev_getblk+0x1d4/0x670
[ 76.529040][ T5313] ext4_getblk+0x31b/0x880
[ 76.530735][ T5313] ext4_bread+0x2e/0x180
[ 76.532309][ T5313] ext4_append+0x327/0x5c0
[ 76.533970][ T5313] make_indexed_dir+0x523/0x1600
[ 76.535741][ T5313] ext4_add_entry+0xcf7/0xfa0
[ 76.537350][ T5313] ext4_add_nondir+0x8d/0x290
[ 76.539046][ T5313] ext4_symlink+0x920/0xb50
[ 76.540700][ T5313] vfs_symlink+0x137/0x2e0
[ 76.542200][ T5313] page last free pid 5313 tgid 5312 stack trace:
[ 76.544415][ T5313] free_unref_page+0xd3f/0x1010
[ 76.546177][ T5313] __put_partials+0x160/0x1c0
[ 76.547989][ T5313] put_cpu_partial+0x17c/0x250
[ 76.549817][ T5313] __slab_free+0x290/0x380
[ 76.551486][ T5313] qlist_free_all+0x9a/0x140
[ 76.553263][ T5313] kasan_quarantine_reduce+0x14f/0x170
[ 76.555416][ T5313] __kasan_slab_alloc+0x23/0x80
[ 76.557204][ T5313] __kmalloc_noprof+0x236/0x4c0
[ 76.559084][ T5313] __se_sys_memfd_create+0x265/0x840
[ 76.561056][ T5313] do_syscall_64+0xf3/0x230
[ 76.562747][ T5313] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 76.564915][ T5313]
[ 76.565815][ T5313] Memory state around the buggy address:
[ 76.568072][ T5313] ffff8880430e4f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 76.571042][ T5313] ffff8880430e4f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 76.574109][ T5313] >ffff8880430e5000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 76.577141][ T5313] ^
[ 76.578745][ T5313] ffff8880430e5080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 76.581721][ T5313] ffff8880430e5100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 76.584658][ T5313] ==================================================================
[ 76.603889][ T5313] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 76.606766][ T5313] CPU: 0 UID: 0 PID: 5313 Comm: syz.0.0 Not tainted 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0
[ 76.610684][ T5313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 76.614624][ T5313] Call Trace:
[ 76.615970][ T5313]
[ 76.617108][ T5313] dump_stack_lvl+0x241/0x360
[ 76.618883][ T5313] ? __pfx_dump_stack_lvl+0x10/0x10
[ 76.620931][ T5313] ? __pfx__printk+0x10/0x10
[ 76.622671][ T5313] ? preempt_schedule+0xe1/0xf0
[ 76.624472][ T5313] ? vscnprintf+0x5d/0x90
[ 76.626108][ T5313] panic+0x349/0x880
[ 76.627634][ T5313] ? check_panic_on_warn+0x21/0xb0
[ 76.629615][ T5313] ? __pfx_panic+0x10/0x10
[ 76.631325][ T5313] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 76.633612][ T5313] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 76.636058][ T5313] ? print_report+0x502/0x550
[ 76.637944][ T5313] check_panic_on_warn+0x86/0xb0
[ 76.640034][ T5313] ? ext4_insert_dentry+0x36a/0x6d0
[ 76.642000][ T5313] end_report+0x77/0x160
[ 76.643664][ T5313] kasan_report+0x154/0x180
[ 76.645450][ T5313] ? ext4_insert_dentry+0x36a/0x6d0
[ 76.647445][ T5313] kasan_check_range+0x282/0x290
[ 76.649428][ T5313] ? ext4_insert_dentry+0x36a/0x6d0
[ 76.651463][ T5313] __asan_memcpy+0x40/0x70
[ 76.653088][ T5313] ext4_insert_dentry+0x36a/0x6d0
[ 76.654954][ T5313] add_dirent_to_buf+0x3d9/0x750
[ 76.656870][ T5313] ? __pfx_add_dirent_to_buf+0x10/0x10
[ 76.658883][ T5313] ? __ext4_handle_dirty_metadata+0x30d/0x820
[ 76.661168][ T5313] make_indexed_dir+0xf98/0x1600
[ 76.663054][ T5313] ? __pfx_make_indexed_dir+0x10/0x10
[ 76.665066][ T5313] ? add_dirent_to_buf+0x398/0x750
[ 76.667022][ T5313] ? __pfx_add_dirent_to_buf+0x10/0x10
[ 76.669066][ T5313] ? __ext4_read_dirblock+0x527/0x890
[ 76.670984][ T5313] ext4_add_entry+0xcf7/0xfa0
[ 76.672699][ T5313] ? __pfx_ext4_add_entry+0x10/0x10
[ 76.674680][ T5313] ext4_add_nondir+0x8d/0x290
[ 76.676437][ T5313] ? ext4_symlink+0x6ce/0xb50
[ 76.678194][ T5313] ext4_symlink+0x920/0xb50
[ 76.679929][ T5313] ? __pfx_ext4_symlink+0x10/0x10
[ 76.681744][ T5313] ? inode_permission+0xff/0x460
[ 76.683417][ T5313] ? bpf_lsm_inode_symlink+0x9/0x10
[ 76.685466][ T5313] ? security_inode_symlink+0xbe/0x330
[ 76.687604][ T5313] vfs_symlink+0x137/0x2e0
[ 76.689303][ T5313] do_symlinkat+0x222/0x3a0
[ 76.690979][ T5313] ? __pfx_do_symlinkat+0x10/0x10
[ 76.692812][ T5313] ? strncpy_from_user+0x152/0x270
[ 76.694728][ T5313] ? getname_flags+0x1e3/0x540
[ 76.696429][ T5313] __x64_sys_symlink+0x7a/0x90
[ 76.698194][ T5313] do_syscall_64+0xf3/0x230
[ 76.699918][ T5313] ? clear_bhb_loop+0x35/0x90
[ 76.701552][ T5313] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 76.703634][ T5313] RIP: 0033:0x7efee8785d29
[ 76.705138][ T5313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 76.712264][ T5313] RSP: 002b:00007efee95ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[ 76.715196][ T5313] RAX: ffffffffffffffda RBX: 00007efee8975fa0 RCX: 00007efee8785d29
[ 76.717976][ T5313] RDX: 0000000000000000 RSI: 0000000020000cc0 RDI: 0000000020000dc0
[ 76.720803][ T5313] RBP: 00007efee8801b08 R08: 0000000000000000 R09: 0000000000000000
[ 76.723530][ T5313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 76.726268][ T5313] R13: 0000000000000000 R14: 00007efee8975fa0 R15: 00007ffebd1a7008
[ 76.729249][ T5313]
[ 76.730729][ T5313] Kernel Offset: disabled
[ 76.732536][ T5313] Rebooting in 86400 seconds..