Warning: Permanently added '10.128.10.17' (ED25519) to the list of known hosts.
executing program
[ 40.577420][ T3498] loop0: detected capacity change from 0 to 512
[ 40.688056][ T3498] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a84ee028, mo2=0001]
[ 40.696403][ T3498] System zones: 0-2, 18-18, 34-34
[ 40.707404][ T3498] EXT4-fs (loop0): 1 orphan inode deleted
[ 40.713245][ T3498] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,noquota,debug,auto_da_alloc=0x0000000000000000,data_err=ignore,auto_da_alloc=0x0000000000008000,nouid32,delalloc,usrquota,. Quota mode: writeback.
[ 40.736788][ T3498] ext4 filesystem being mounted at /root/file1 supports timestamps until 2038 (0x7fffffff)
[ 40.806710][ T3498] ==================================================================
[ 40.815070][ T3498] BUG: KASAN: use-after-free in ext4_find_extent+0xbc4/0xdd0
[ 40.822459][ T3498] Read of size 4 at addr ffff88807003fa90 by task syz-executor152/3498
[ 40.830675][ T3498]
[ 40.832997][ T3498] CPU: 0 PID: 3498 Comm: syz-executor152 Not tainted 5.15.158-syzkaller #0
[ 40.841574][ T3498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 40.851663][ T3498] Call Trace:
[ 40.854949][ T3498]
[ 40.857864][ T3498] dump_stack_lvl+0x1e3/0x2d0
[ 40.862524][ T3498] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 40.868147][ T3498] ? _printk+0xd1/0x120
[ 40.872312][ T3498] ? __wake_up_klogd+0xcc/0x100
[ 40.877171][ T3498] ? panic+0x860/0x860
[ 40.881487][ T3498] ? _raw_spin_lock_irqsave+0xdd/0x120
[ 40.886945][ T3498] print_address_description+0x63/0x3b0
[ 40.892494][ T3498] ? ext4_find_extent+0xbc4/0xdd0
[ 40.897515][ T3498] kasan_report+0x16b/0x1c0
[ 40.902008][ T3498] ? ext4_find_extent+0xbc4/0xdd0
[ 40.907321][ T3498] ext4_find_extent+0xbc4/0xdd0
[ 40.912304][ T3498] ext4_ext_map_blocks+0x2da/0x7690
[ 40.917513][ T3498] ? mark_lock+0x98/0x340
[ 40.921847][ T3498] ? __lock_acquire+0x1295/0x1ff0
[ 40.927062][ T3498] ? ext4_ext_release+0x10/0x10
[ 40.932030][ T3498] ? ext4_es_lookup_extent+0x621/0xa40
[ 40.937575][ T3498] ext4_map_blocks+0xaad/0x1e00
[ 40.942439][ T3498] ? ext4_issue_zeroout+0x250/0x250
[ 40.947632][ T3498] ? ext4_inode_journal_mode+0x187/0x460
[ 40.953267][ T3498] ext4_writepages+0x160e/0x3d10
[ 40.958207][ T3498] ? ext4_readpage+0x300/0x300
[ 40.962969][ T3498] ? validate_chain+0x112/0x5930
[ 40.967903][ T3498] ? reacquire_held_locks+0x660/0x660
[ 40.973270][ T3498] ? __lock_acquire+0x1295/0x1ff0
[ 40.978284][ T3498] ? __lock_acquire+0x1295/0x1ff0
[ 40.983306][ T3498] ? ext4_readpage+0x300/0x300
[ 40.988046][ T3498] do_writepages+0x481/0x730
[ 40.992621][ T3498] ? __writepage+0x120/0x120
[ 40.997201][ T3498] ? __lock_acquire+0x1ff0/0x1ff0
[ 41.002225][ T3498] ? do_raw_spin_unlock+0x137/0x8b0
[ 41.007409][ T3498] ? _raw_spin_unlock+0x24/0x40
[ 41.012512][ T3498] ? wbc_attach_and_unlock_inode+0x3f6/0x600
[ 41.018499][ T3498] filemap_fdatawrite_wbc+0x1d6/0x230
[ 41.023946][ T3498] filemap_write_and_wait_range+0x19e/0x280
[ 41.029847][ T3498] ? xas_next_entry+0x3d0/0x3d0
[ 41.034707][ T3498] ext4_punch_hole+0x199/0xc10
[ 41.039491][ T3498] ? __up_read+0x690/0x690
[ 41.043904][ T3498] ext4_fallocate+0x30a/0x20c0
[ 41.048675][ T3498] ? rcu_read_lock_any_held+0xb3/0x160
[ 41.054124][ T3498] ? end_current_label_crit_section+0x147/0x170
[ 41.060352][ T3498] ? ext4_ext_truncate+0x250/0x250
[ 41.065447][ T3498] vfs_fallocate+0x54a/0x6b0
[ 41.070115][ T3498] do_vfs_ioctl+0x2317/0x2b70
[ 41.074885][ T3498] ? __x64_compat_sys_ioctl+0x80/0x80
[ 41.080250][ T3498] ? __lock_acquire+0x1ff0/0x1ff0
[ 41.085278][ T3498] ? slab_free_freelist_hook+0xdd/0x160
[ 41.091424][ T3498] ? tomoyo_path_number_perm+0x6ab/0x810
[ 41.097043][ T3498] ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 41.102524][ T3498] ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 41.108595][ T3498] ? print_irqtrace_events+0x210/0x210
[ 41.114047][ T3498] ? vtime_user_exit+0x2d1/0x400
[ 41.119138][ T3498] ? bpf_lsm_file_ioctl+0x5/0x10
[ 41.124076][ T3498] ? security_file_ioctl+0x7d/0xa0
[ 41.129184][ T3498] __se_sys_ioctl+0x81/0x160
[ 41.133778][ T3498] do_syscall_64+0x3b/0xb0
[ 41.138192][ T3498] ? clear_bhb_loop+0x15/0x70
[ 41.142953][ T3498] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 41.148830][ T3498] RIP: 0033:0x7ff66a973ba9
[ 41.153245][ T3498] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 41.175896][ T3498] RSP: 002b:00007ffde0ff8068 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 41.184481][ T3498] RAX: ffffffffffffffda RBX: 00007ff66a9b5110 RCX: 00007ff66a973ba9
[ 41.192440][ T3498] RDX: 0000000020000000 RSI: 0000000040305829 RDI: 0000000000000004
[ 41.200532][ T3498] RBP: 636f6c6c615f6164 R08: 00007ff66a9b50cc R09: 00007ff66a9b50cc
[ 41.208502][ T3498] R10: 00007ff66a9b50cc R11: 0000000000000246 R12: 5f61645f6f747561
[ 41.217387][ T3498] R13: 00007ff66a9b50e5 R14: 0000000000000001 R15: 0000000000000001
[ 41.225395][ T3498]
[ 41.228408][ T3498]
[ 41.232324][ T3498] The buggy address belongs to the page:
[ 41.238151][ T3498] page:ffffea0001c00fc0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x7003f
[ 41.248389][ T3498] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 41.255593][ T3498] raw: 00fff00000000000 ffffea0001c01008 ffffea0001c00f88 0000000000000000
[ 41.264188][ T3498] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[ 41.275119][ T3498] page dumped because: kasan: bad access detected
[ 41.281528][ T3498] page_owner tracks the page as freed
[ 41.286972][ T3498] page last allocated via order 0, migratetype Movable, gfp_mask 0x8(__GFP_MOVABLE), pid 1, ts 10687359079, free_ts 11846083502
[ 41.300949][ T3498] split_map_pages+0x246/0x510
[ 41.306262][ T3498] isolate_freepages_range+0x47c/0x4e0
[ 41.313387][ T3498] alloc_contig_range+0xc2b/0xf90
[ 41.318422][ T3498] alloc_contig_pages+0x3ea/0x4e0
[ 41.323439][ T3498] debug_vm_pgtable_alloc_huge_page+0xb9/0x110
[ 41.329677][ T3498] init_args+0xc4f/0xf40
[ 41.334356][ T3498] debug_vm_pgtable+0xaa/0x470
[ 41.339118][ T3498] do_one_initcall+0x22b/0x7a0
[ 41.345124][ T3498] do_initcall_level+0x157/0x210
[ 41.350062][ T3498] do_initcalls+0x49/0x90
[ 41.354543][ T3498] kernel_init_freeable+0x425/0x5c0
[ 41.359730][ T3498] kernel_init+0x19/0x290
[ 41.364074][ T3498] ret_from_fork+0x1f/0x30
[ 41.368492][ T3498] page last free stack trace:
[ 41.373222][ T3498] free_unref_page_prepare+0xc34/0xcf0
[ 41.378677][ T3498] free_unref_page+0x95/0x2d0
[ 41.384567][ T3498] free_contig_range+0x95/0xf0
[ 41.389617][ T3498] destroy_args+0xfe/0x980
[ 41.394497][ T3498] debug_vm_pgtable+0x40d/0x470
[ 41.400029][ T3498] do_one_initcall+0x22b/0x7a0
[ 41.405245][ T3498] do_initcall_level+0x157/0x210
[ 41.411026][ T3498] do_initcalls+0x49/0x90
[ 41.415342][ T3498] kernel_init_freeable+0x425/0x5c0
[ 41.421577][ T3498] kernel_init+0x19/0x290
[ 41.426028][ T3498] ret_from_fork+0x1f/0x30
[ 41.430909][ T3498]
[ 41.433798][ T3498] Memory state around the buggy address:
[ 41.439774][ T3498] ffff88807003f980: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 41.447833][ T3498] ffff88807003fa00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 41.455882][ T3498] >ffff88807003fa80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 41.464082][ T3498] ^
[ 41.469866][ T3498] ffff88807003fb00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 41.478300][ T3498] ffff88807003fb80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 41.486344][ T3498] ==================================================================
[ 41.494467][ T3498] Disabling lock debugging due to kernel taint
[ 41.504955][ T3498] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 41.512168][ T3498] CPU: 0 PID: 3498 Comm: syz-executor152 Tainted: G B 5.15.158-syzkaller #0
[ 41.522337][ T3498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 41.534308][ T3498] Call Trace:
[ 41.537605][ T3498]
[ 41.540529][ T3498] dump_stack_lvl+0x1e3/0x2d0
[ 41.545193][ T3498] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 41.550908][ T3498] ? panic+0x860/0x860
[ 41.554968][ T3498] ? preempt_schedule_common+0xa6/0xd0
[ 41.560491][ T3498] ? preempt_schedule+0xd9/0xe0
[ 41.565319][ T3498] panic+0x318/0x860
[ 41.569285][ T3498] ? check_panic_on_warn+0x1d/0xa0
[ 41.574584][ T3498] ? fb_is_primary_device+0xd0/0xd0
[ 41.580023][ T3498] ? _raw_spin_unlock_irqrestore+0x128/0x130
[ 41.586165][ T3498] ? _raw_spin_unlock+0x40/0x40
[ 41.591103][ T3498] ? print_memory_metadata+0xe2/0x140
[ 41.596457][ T3498] check_panic_on_warn+0x7e/0xa0
[ 41.601483][ T3498] ? ext4_find_extent+0xbc4/0xdd0
[ 41.606502][ T3498] end_report+0x6d/0xf0
[ 41.610742][ T3498] kasan_report+0x18e/0x1c0
[ 41.615241][ T3498] ? ext4_find_extent+0xbc4/0xdd0
[ 41.620786][ T3498] ext4_find_extent+0xbc4/0xdd0
[ 41.625792][ T3498] ext4_ext_map_blocks+0x2da/0x7690
[ 41.631003][ T3498] ? mark_lock+0x98/0x340
[ 41.635329][ T3498] ? __lock_acquire+0x1295/0x1ff0
[ 41.640360][ T3498] ? ext4_ext_release+0x10/0x10
[ 41.645204][ T3498] ? ext4_es_lookup_extent+0x621/0xa40
[ 41.650779][ T3498] ext4_map_blocks+0xaad/0x1e00
[ 41.655706][ T3498] ? ext4_issue_zeroout+0x250/0x250
[ 41.660906][ T3498] ? ext4_inode_journal_mode+0x187/0x460
[ 41.666532][ T3498] ext4_writepages+0x160e/0x3d10
[ 41.671612][ T3498] ? ext4_readpage+0x300/0x300
[ 41.676376][ T3498] ? validate_chain+0x112/0x5930
[ 41.681788][ T3498] ? reacquire_held_locks+0x660/0x660
[ 41.687703][ T3498] ? __lock_acquire+0x1295/0x1ff0
[ 41.692714][ T3498] ? __lock_acquire+0x1295/0x1ff0
[ 41.697754][ T3498] ? ext4_readpage+0x300/0x300
[ 41.702506][ T3498] do_writepages+0x481/0x730
[ 41.707152][ T3498] ? __writepage+0x120/0x120
[ 41.712869][ T3498] ? __lock_acquire+0x1ff0/0x1ff0
[ 41.718467][ T3498] ? do_raw_spin_unlock+0x137/0x8b0
[ 41.723661][ T3498] ? _raw_spin_unlock+0x24/0x40
[ 41.728504][ T3498] ? wbc_attach_and_unlock_inode+0x3f6/0x600
[ 41.734485][ T3498] filemap_fdatawrite_wbc+0x1d6/0x230
[ 41.739962][ T3498] filemap_write_and_wait_range+0x19e/0x280
[ 41.745872][ T3498] ? xas_next_entry+0x3d0/0x3d0
[ 41.750867][ T3498] ext4_punch_hole+0x199/0xc10
[ 41.755919][ T3498] ? __up_read+0x690/0x690
[ 41.760358][ T3498] ext4_fallocate+0x30a/0x20c0
[ 41.765607][ T3498] ? rcu_read_lock_any_held+0xb3/0x160
[ 41.771149][ T3498] ? end_current_label_crit_section+0x147/0x170
[ 41.777378][ T3498] ? ext4_ext_truncate+0x250/0x250
[ 41.782485][ T3498] vfs_fallocate+0x54a/0x6b0
[ 41.787187][ T3498] do_vfs_ioctl+0x2317/0x2b70
[ 41.791863][ T3498] ? __x64_compat_sys_ioctl+0x80/0x80
[ 41.797457][ T3498] ? __lock_acquire+0x1ff0/0x1ff0
[ 41.802737][ T3498] ? slab_free_freelist_hook+0xdd/0x160
[ 41.809180][ T3498] ? tomoyo_path_number_perm+0x6ab/0x810
[ 41.814827][ T3498] ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 41.820277][ T3498] ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 41.826235][ T3498] ? print_irqtrace_events+0x210/0x210
[ 41.832762][ T3498] ? vtime_user_exit+0x2d1/0x400
[ 41.838680][ T3498] ? bpf_lsm_file_ioctl+0x5/0x10
[ 41.844572][ T3498] ? security_file_ioctl+0x7d/0xa0
[ 41.849775][ T3498] __se_sys_ioctl+0x81/0x160
[ 41.854353][ T3498] do_syscall_64+0x3b/0xb0
[ 41.858879][ T3498] ? clear_bhb_loop+0x15/0x70
[ 41.863636][ T3498] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 41.870305][ T3498] RIP: 0033:0x7ff66a973ba9
[ 41.874721][ T3498] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 41.894489][ T3498] RSP: 002b:00007ffde0ff8068 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 41.905533][ T3498] RAX: ffffffffffffffda RBX: 00007ff66a9b5110 RCX: 00007ff66a973ba9
[ 41.913488][ T3498] RDX: 0000000020000000 RSI: 0000000040305829 RDI: 0000000000000004
[ 41.921445][ T3498] RBP: 636f6c6c615f6164 R08: 00007ff66a9b50cc R09: 00007ff66a9b50cc
[ 41.929984][ T3498] R10: 00007ff66a9b50cc R11: 0000000000000246 R12: 5f61645f6f747561
[ 41.939198][ T3498] R13: 00007ff66a9b50e5 R14: 0000000000000001 R15: 0000000000000001
[ 41.949024][ T3498]
[ 41.953016][ T3498] Kernel Offset: disabled
[ 41.957361][ T3498] Rebooting in 86400 seconds..