Warning: Permanently added '10.128.0.100' (ED25519) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
[   61.976281][ T5845] loop3: detected capacity change from 0 to 128
[   61.977777][ T5844] loop1: detected capacity change from 0 to 128
[   61.989742][ T5845] VFS: Found a Xenix FS (block size = 1024) on device loop3
[   61.992663][ T5840] loop0: detected capacity change from 0 to 128
[   62.008182][ T5846] loop4: detected capacity change from 0 to 128
[   62.012001][ T5838] loop2: detected capacity change from 0 to 128
[   62.016257][ T5845] syz-executor201: attempt to access beyond end of device
[   62.016257][ T5845] loop3: rw=0, sector=6491536, nr_sectors = 2 limit=128
[   62.037338][ T5845] Buffer I/O error on dev loop3, logical block 3245768, async page read
[   62.046154][ T5846] VFS: Found a Xenix FS (block size = 1024) on device loop4
[   62.046469][ T5840] VFS: Found a Xenix FS (block size = 1024) on device loop0
[   62.062281][ T5844] VFS: Found a Xenix FS (block size = 1024) on device loop1
[   62.073277][ T5838] VFS: Found a Xenix FS (block size = 1024) on device loop2
[   62.093898][ T5845] ==================================================================
[   62.102362][ T5845] BUG: KASAN: use-after-free in sysv_new_block+0x790/0x970
[   62.109858][ T5845] Read of size 4 at addr ffff8880784300c8 by task syz-executor201/5845
[   62.118471][ T5845] 
[   62.121059][ T5845] CPU: 0 UID: 0 PID: 5845 Comm: syz-executor201 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[   62.131965][ T5845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   62.142070][ T5845] Call Trace:
[   62.145368][ T5845]  <TASK>
[   62.148319][ T5845]  dump_stack_lvl+0x241/0x360
[   62.153034][ T5845]  ? __pfx_dump_stack_lvl+0x10/0x10
[   62.158263][ T5845]  ? __pfx__printk+0x10/0x10
[   62.162974][ T5845]  ? _printk+0xd5/0x120
[   62.167167][ T5845]  ? __virt_addr_valid+0x183/0x530
[   62.172317][ T5845]  ? __virt_addr_valid+0x183/0x530
[   62.177463][ T5845]  print_report+0x169/0x550
[   62.181998][ T5845]  ? __virt_addr_valid+0x183/0x530
[   62.187133][ T5845]  ? __virt_addr_valid+0x183/0x530
[   62.192270][ T5845]  ? __virt_addr_valid+0x45f/0x530
[   62.197485][ T5845]  ? __phys_addr+0xba/0x170
[   62.202007][ T5845]  ? sysv_new_block+0x790/0x970
[   62.206876][ T5845]  kasan_report+0x143/0x180
[   62.211475][ T5845]  ? sysv_new_block+0x790/0x970
[   62.216339][ T5845]  sysv_new_block+0x790/0x970
[   62.221019][ T5845]  get_block+0x30a/0x16d0
[   62.225348][ T5845]  ? create_empty_buffers+0x53e/0x740
[   62.230745][ T5845]  ? __pfx_lock_release+0x10/0x10
[   62.235789][ T5845]  ? do_raw_spin_lock+0x14f/0x370
[   62.240939][ T5845]  ? __pfx_get_block+0x10/0x10
[   62.245814][ T5845]  ? _raw_spin_unlock+0x28/0x50
[   62.250691][ T5845]  ? create_empty_buffers+0x53e/0x740
[   62.256165][ T5845]  __block_write_begin_int+0x50c/0x1a70
[   62.261734][ T5845]  ? __pfx_get_block+0x10/0x10
[   62.266512][ T5845]  ? __pfx___block_write_begin_int+0x10/0x10
[   62.272770][ T5845]  sysv_make_empty+0xa7/0x580
[   62.277547][ T5845]  ? __mark_inode_dirty+0x3db/0xe90
[   62.282780][ T5845]  sysv_mkdir+0x7f/0x130
[   62.287206][ T5845]  vfs_mkdir+0x2f9/0x4f0
[   62.291463][ T5845]  do_mkdirat+0x264/0x3a0
[   62.295899][ T5845]  ? __check_object_size+0x48e/0x900
[   62.301365][ T5845]  ? __pfx_do_mkdirat+0x10/0x10
[   62.306210][ T5845]  ? getname_flags+0x1e3/0x540
[   62.310967][ T5845]  __x64_sys_mkdirat+0x87/0xa0
[   62.315935][ T5845]  do_syscall_64+0xf3/0x230
[   62.320450][ T5845]  ? clear_bhb_loop+0x35/0x90
[   62.325261][ T5845]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.331274][ T5845] RIP: 0033:0x7f9cd5bc7de9
[   62.335889][ T5845] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 1d 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   62.355708][ T5845] RSP: 002b:00007f9cd5b76168 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   62.364331][ T5845] RAX: ffffffffffffffda RBX: 00007f9cd5c516a8 RCX: 00007f9cd5bc7de9
[   62.372313][ T5845] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 00000000ffffff9c
[   62.380461][ T5845] RBP: 00007f9cd5c516a0 R08: 00007f9cd5b766c0 R09: 0000000000000000
[   62.388424][ T5845] R10: 00007f9cd5b766c0 R11: 0000000000000246 R12: 00007f9cd5c516ac
[   62.396589][ T5845] R13: 0000000000000006 R14: 00007fff920d6970 R15: 00007fff920d6a58
[   62.404665][ T5845]  </TASK>
[   62.407676][ T5845] 
[   62.409992][ T5845] The buggy address belongs to the physical page:
[   62.416394][ T5845] page: refcount:1 mapcount:1 mapping:0000000000000000 index:0x55cf52a7d pfn:0x78430
[   62.425843][ T5845] memcg:ffff888140adc000
[   62.430067][ T5845] anon flags: 0xfff00000020828(uptodate|lru|owner_2|swapbacked|node=0|zone=1|lastcpupid=0x7ff)
[   62.440395][ T5845] raw: 00fff00000020828 ffffea0001e4ffc8 ffffea0001e10c48 ffff88807ebc1111
[   62.448964][ T5845] raw: 000000055cf52a7d 0000000000000000 0000000100000000 ffff888140adc000
[   62.457639][ T5845] page dumped because: kasan: bad access detected
[   62.464125][ T5845] page_owner tracks the page as allocated
[   62.469835][ T5845] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 5848, tgid 5848 (udevd), ts 62155502826, free_ts 55631127432
[   62.486936][ T5845]  post_alloc_hook+0x1f3/0x230
[   62.491706][ T5845]  get_page_from_freelist+0x363e/0x3790
[   62.497333][ T5845]  __alloc_pages_noprof+0x292/0x710
[   62.502521][ T5845]  alloc_pages_mpol_noprof+0x3e8/0x680
[   62.508044][ T5845]  vma_alloc_folio_noprof+0x12e/0x230
[   62.513409][ T5845]  folio_prealloc+0x2e/0x170
[   62.518017][ T5845]  do_wp_page+0x11c4/0x5160
[   62.522520][ T5845]  handle_pte_fault+0x111e/0x68a0
[   62.527658][ T5845]  handle_mm_fault+0x1053/0x1ad0
[   62.532785][ T5845]  exc_page_fault+0x459/0x8c0
[   62.537549][ T5845]  asm_exc_page_fault+0x26/0x30
[   62.542482][ T5845] page last free pid 5820 tgid 5820 stack trace:
[   62.548795][ T5845]  free_unref_folios+0xf21/0x1a10
[   62.553935][ T5845]  folios_put_refs+0x76c/0x860
[   62.558749][ T5845]  free_pages_and_swap_cache+0x2ea/0x690
[   62.564400][ T5845]  tlb_flush_mmu+0x3a3/0x680
[   62.569016][ T5845]  tlb_finish_mmu+0xd4/0x200
[   62.573861][ T5845]  vms_clear_ptes+0x437/0x530
[   62.578533][ T5845]  vms_complete_munmap_vmas+0x210/0x8f0
[   62.584064][ T5845]  do_vmi_align_munmap+0x5ef/0x6f0
[   62.589166][ T5845]  do_vmi_munmap+0x24e/0x2d0
[   62.593752][ T5845]  __vm_munmap+0x24c/0x480
[   62.598163][ T5845]  __x64_sys_munmap+0x60/0x70
[   62.602833][ T5845]  do_syscall_64+0xf3/0x230
[   62.607414][ T5845]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.613309][ T5845] 
[   62.615647][ T5845] Memory state around the buggy address:
[   62.621272][ T5845]  ffff88807842ff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   62.629413][ T5845]  ffff888078430000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   62.637467][ T5845] >ffff888078430080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   62.646161][ T5845]                                               ^
[   62.652651][ T5845]  ffff888078430100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   62.660730][ T5845]  ffff888078430180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   62.668798][ T5845] ==================================================================
[   62.693525][ T5845] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   62.700766][ T5845] CPU: 0 UID: 0 PID: 5845 Comm: syz-executor201 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[   62.711546][ T5845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   62.721622][ T5845] Call Trace:
[   62.725044][ T5845]  <TASK>
[   62.727996][ T5845]  dump_stack_lvl+0x241/0x360
[   62.732955][ T5845]  ? __pfx_dump_stack_lvl+0x10/0x10
[   62.738486][ T5845]  ? __pfx__printk+0x10/0x10
[   62.743112][ T5845]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   62.749116][ T5845]  ? vscnprintf+0x5d/0x90
[   62.753450][ T5845]  panic+0x349/0x880
[   62.757350][ T5845]  ? check_panic_on_warn+0x21/0xb0
[   62.762458][ T5845]  ? __pfx_panic+0x10/0x10
[   62.766870][ T5845]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   62.772848][ T5845]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   62.779182][ T5845]  check_panic_on_warn+0x86/0xb0
[   62.784121][ T5845]  ? sysv_new_block+0x790/0x970
[   62.789157][ T5845]  end_report+0x77/0x160
[   62.793495][ T5845]  kasan_report+0x154/0x180
[   62.797988][ T5845]  ? sysv_new_block+0x790/0x970
[   62.802844][ T5845]  sysv_new_block+0x790/0x970
[   62.807525][ T5845]  get_block+0x30a/0x16d0
[   62.811868][ T5845]  ? create_empty_buffers+0x53e/0x740
[   62.817690][ T5845]  ? __pfx_lock_release+0x10/0x10
[   62.822995][ T5845]  ? do_raw_spin_lock+0x14f/0x370
[   62.828022][ T5845]  ? __pfx_get_block+0x10/0x10
[   62.832885][ T5845]  ? _raw_spin_unlock+0x28/0x50
[   62.837832][ T5845]  ? create_empty_buffers+0x53e/0x740
[   62.843213][ T5845]  __block_write_begin_int+0x50c/0x1a70
[   62.848797][ T5845]  ? __pfx_get_block+0x10/0x10
[   62.853597][ T5845]  ? __pfx___block_write_begin_int+0x10/0x10
[   62.859593][ T5845]  sysv_make_empty+0xa7/0x580
[   62.864448][ T5845]  ? __mark_inode_dirty+0x3db/0xe90
[   62.869829][ T5845]  sysv_mkdir+0x7f/0x130
[   62.874064][ T5845]  vfs_mkdir+0x2f9/0x4f0
[   62.878303][ T5845]  do_mkdirat+0x264/0x3a0
[   62.882642][ T5845]  ? __check_object_size+0x48e/0x900
[   62.887947][ T5845]  ? __pfx_do_mkdirat+0x10/0x10
[   62.892798][ T5845]  ? getname_flags+0x1e3/0x540
[   62.897560][ T5845]  __x64_sys_mkdirat+0x87/0xa0
[   62.902328][ T5845]  do_syscall_64+0xf3/0x230
[   62.906828][ T5845]  ? clear_bhb_loop+0x35/0x90
[   62.911507][ T5845]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.917670][ T5845] RIP: 0033:0x7f9cd5bc7de9
[   62.922093][ T5845] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 1d 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   62.941809][ T5845] RSP: 002b:00007f9cd5b76168 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   62.950252][ T5845] RAX: ffffffffffffffda RBX: 00007f9cd5c516a8 RCX: 00007f9cd5bc7de9
[   62.958263][ T5845] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 00000000ffffff9c
[   62.966234][ T5845] RBP: 00007f9cd5c516a0 R08: 00007f9cd5b766c0 R09: 0000000000000000
[   62.974290][ T5845] R10: 00007f9cd5b766c0 R11: 0000000000000246 R12: 00007f9cd5c516ac
[   62.982253][ T5845] R13: 0000000000000006 R14: 00007fff920d6970 R15: 00007fff920d6a58
[   62.990218][ T5845]  </TASK>
[   62.993678][ T5845] Kernel Offset: disabled
[   62.998015][ T5845] Rebooting in 86400 seconds..