program: syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000280)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x800700, &(0x7f0000000880)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@nogrpid}, {@oldalloc}, {}, {@resgid}, {@sysvgroups}, {@usrjquota}]}, 0x3, 0x467, &(0x7f0000002280)="$eJzs3M9rHFUcAPDvzCb93SbWKrRWjRYx+CNp0qo9eFEUPFQU9FCPcZOW0m0jTQRbio0i9SJIQc/iUfAv8OZF1JPgVe9SKBqEVk+R2Z1JN9vdZNNsdmv384Fp39t5M/O+O+/tvJm3mwD61kj2TxKxKyJ+i4ihWnZlgZHafzcXL5X/WbxUTmJp6a0/k2q5G4uXykXRYrudeWY0jUg/SfKDxNb63c5duHhmqlKZOZ/nx+fPvjc+d+His6fPTp2aOTVzbvLYsaNHJl54fvK5tuJI1lifxXXjwIezB/e/9s7V18snrr7707fZNrvy9fVxdMpIFvhfS1WN657o9MF6bHddOhnoYUVYl1JEZKdrsNr/h6IUt07eULz6cU8rB2yq7Nq0tfXqhSXgHpbE2mX+7kZFgC4rLvTZ/W+xdGnocVe4/lLtBiiL+2a+1NYMRJqXGWy4v+2kkYg4sfDvV9kSm/QcAgCg3mflL4/HM83Gf2k8WFduTz6HMhwR90XE3oi4PyL2RcQDEVnZxiFlW0Ya8rePf9JrdxhaW7Lx34v53NbK8V8x+ovhUp7bXY1/MDl5ujJzOH9PRmNwa5afWOUY37/y6+et1tWP/7IlO34xFszrcW2g4QHd9NT8VHVQ2gHXP4o4MNAs/mR5JiCJiP0RcWB9u95TJE4/9c3B7QebF1o7/lV0YJ5p6euIJ2vnfyEa4i8kq89Pjm+Lyszh8aJV3O7nX6682er4LeLfsvHI2pOd/x0r239jkeGkfr52bv3HuPL7py3vae60/W9J3q6el+KN+mBqfv78RMSW5Hg1v+L1yVvbFvmifBb/6KHm/X9vvk12nIciImvCD0fEIxHxaF73xyLi8Yg4tEr8P76cJ5q01w21/w7I4p9u+vm33P4bzv/6E6UzP3xX7GzbuuPPzv/Ramo0f6X6+beGdiu40fcPAAAA/g/S6nfgk3RsOZ2mY2O17/Dvix1pZXZu/umTs++fm659V344BtPiSddQ3fPQiWQh32MtP5k/Ky7WH8mfG39R2l7Nj5VnK9M9jh363c4W/T/zR6nXtQM2XbN5tMmuTUEBvdTY/9OV2ctvdLMyQFf5vTb0rzX6f9qtegDd5/oP/atZ/7/ckDcXAPcm13/oX/o/9C/9H/qX/g99aSO/65fo50Sklcr0tojVCxd/EOjuqLNE+4lefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xn8BAAD///xQ9VA=") chdir(&(0x7f0000000140)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='net_prio.prioidx\x00', 0x275a, 0x0) r0 = syz_open_dev$video4linux(&(0x7f0000000140), 0xf, 0x121080) ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000180)={0x0, 0x8, 0x6, '\x00', &(0x7f0000000100)=0xb}) mkdir(&(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x5) creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) symlink(&(0x7f0000000dc0)='./file0\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001300)=@newqdisc={0x6c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_PRATE64={0xc, 0x5, 0xc9ae602c4a7e3555}, @TCA_TBF_PARMS={0x28, 0x1, {{0xd, 0x1, 0x1, 0x9, 0x4cc3, 0x3}, {0x7f, 0x2, 0x518, 0x3, 0x1, 0x5}, 0x1c0000, 0x9, 0x1012}}, @TCA_TBF_BURST={0x8, 0x6, 0x900}]}}]}, 0x6c}}, 0x0) sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000e00)={0x6c8, 0x0, 0x2, 0x70bd2a, 0x25dfdbfe, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e22}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e22}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x1}, @WGDEVICE_A_PEERS={0x644, 0x8, 0x0, 0x1, [{0x4d0, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8, 0x3, 0x4}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "ac0ad627f19af5b2425c14c5a7f88e07e9bab5ea26d48827a929bcf913066365"}, @WGPEER_A_ALLOWEDIPS={0x430, 0x9, 0x0, 0x1, [{0xc4, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010101}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x2d}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5, 0x3, 0x2}}]}, {0xac, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010102}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}]}, {0x10c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @multicast2}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010102}, {0x5}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}]}, {0x10c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x3d}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x39}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x3}}]}]}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "09f4d0ff5e95b4ecda119637b603e4ff16a6462f06a95a5d7858d08bdd69d54f"}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x1}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e24, 0xffff, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, 0x6}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}, {0xc, 0x0, 0x0, 0x1, [@WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0xd61b}]}, {0x164, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "ac2df49014ee8a3f5d60056402a0329fae1c9c074179ab0feed1c17a17802dfc"}, @WGPEER_A_ALLOWEDIPS={0x108, 0x9, 0x0, 0x1, [{0x88, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @private=0xa010101}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x3e}}, {0x5, 0x3, 0x2}}]}, {0x7c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x3}}]}]}, @WGPEER_A_FLAGS={0x8}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "61f2c5286f9290622f408151b6ea0352d9b0650fbe5d9a8cf4be195512a6a142"}]}]}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @b}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r4}]}, 0x6c8}, 0x1, 0x0, 0x0, 0x64008005}, 0x4008841) r5 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r5, 0x29, 0x3c, &(0x7f0000000180)=0x1, 0x4) r6 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) r7 = openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r8 = dup2(r6, r7) setsockopt$inet6_buf(r5, 0x29, 0x3e, &(0x7f00002cef88)="d84f7398", 0x4) sendto$inet6(r5, &(0x7f0000000800)="51e251578851f74182a74b89b27df427aeef44966d202e4138b5a18e75a0424e7fe93b0d32c7abba87b65f97aba1c26a06b6d94c4aefd8fdca10e744391062c8e612721c20051608d9aa6dacf61e1eb331a4daad402b9885599d56130f7149fb1111fa116e94324d585a0569fbd311dad54cb4e32ff7f02216844ef42eeb66c3d526c878d5135ad1c9262239339c18885e2a0a95854d6cde3dd2feeaa50216af6c5760923413af81199a65a6332b02ec7bbf79d557c033cbe032fdc44f66a5c59cc4a3c5d218f5896b359d1efd60baf98df6396567478f7b817ce6e11d59a7def452a068e9607f57f626a5b8d476636ef1ee76307524009ae49be402000000000000001e80fed632155e14da1f7324d97bc61a3c1edc4431ee8a6caa2ed9f85cea5a2a9b263630c7d6fc35dda6002da571a2e51917e7c1019d8ce21a608147e408074c7c5f444fab931bda86d977d7c9ccefd881e5ef05b287f41eea526862885881c2cdc687dff02ba9b70a9b08734ac4d62c7f34465c34aa9e9f136c7f796d9eea41aa37f61830508338bb1f887089070567a1dd96cd700e7a098dabedb60f31acd17d487bc8be1a3101d2b5ac1715003793596c6daa93a27f4adb4d6fbea5669cabc206c944317ea18a2c762457f1bc945fec8f849641d44e7e2a24faeee28f3f266395fe18b0dce20c1f64e8896c8ff0e4a44a116fb32462471a0fcde143e551723d57339722765673b4163d66f473ac10f988cb252f106632f9884a47866d284b4efc6bb1aa74ed48d4a6535795f0873a99907ebc22be2337364cf9acc063e32f7d2e02fad64d04aa405d2dbdee1128ab1e4761d2dd30885ad37dd168478f10789d172feef4c817a5cd372caade57f23300e45f47e001e3ea09364ab42ee9802477368b9910f4e24037c871cb8251568c792287a6f49fa61b7c2600accaa0e7b40c59d88a29af5886c1f5dfc6837c58aaef12a9e100225c70441144ffa82927fa4802ed9ebb03eea8e945af5f4993f21a7f53baf7ec5bb6cc96b917dde82c18840c3500e9565f68f687b1c73d834c0d99d4acb002dc5682dbcdb1217a98f6c3ef8318b7fa93894e8a097b4511ba5c035e27c9fe8bfe7754741ac21bbc0303b81672e3117e5590fe2d92f912759b9937f64204ec5caa92e218daa5a3ef64617beb30cccb31016b13ed8d7bcabb03e176b1c9bda3bf1c1256ab74ab6f42ed9bafbbd0096263be1a7da1e1c88deec55a653d170e1e13c77dacaa60a37a6ba2383e661ebc9f13dbaade2dd884c9951819fb4608e19e70cd2496ccfb12f24c71f496cfe90400fe1bbea1e9a24b1d4664fb0776aca6269b396779680e52f86877d9209988d12ccb137be01ab7496d00547a7d4849d365a18dbb55c429cde87d33c4b74ad2273cdfee88b5418866ef327f25e9cbcd5a64d97184339f7e4cb5f8de171d2779c0f68884ae835e398f982d5749f085628d3608986656ea04b721f828202e9342bd7d19dfa091e772aebf9718030167a8c029df7c58b7f40029d7cfcaf26fd1900d8775ef373e8e2c5bf3525f907add3be426cd5a079c49abffe933e9ee213a3baf34f932d1299312691e1c53e6247ae0989ad66070d51fad22856a8b6b28954e7d41189b11c5321789eec8670de9e8db0b0473ba2e02731e60e7222697d61e052c18d4bcc6d1572fdf426f7b2fee6c1dee66c85c497b90facaf63b8ec5cde4a73400f9180bcfc0f81eca9580a7c81462a077f9034026bf72aa7c6de4b3c15d4a2dbd6fd7d87084aea9f25fb4bf5ec83eb56874a760533792dff2695407ccdd6a7375e0007230fd3f6501c152f1c1ff279b1d67cc95f2820762b7927659368e41657bdef2dd15b63498a93b787bdb26809d734aaf98b86fcf9fc643a34d03ebbe072820662d20d4774d66c5ae270adade5b8f6242a059b926221ee3d677487471c432b0d6d64dad030703475bb3ecac39b204a814f5ece5961621358e36f8a2cf7196c76959824bbb475a7cad8f57853fe05f59f341b5207cc9bb8d686982c2f158e0d8f5c7ec6cbfd5", 0x5ad, 0x0, &(0x7f0000000080)={0xa, 0x5e20, 0x0, @mcast2}, 0x1c) ioctl$FICLONERANGE(r3, 0x4020940d, &(0x7f0000000240)={{r8}, 0x9, 0x3, 0x10}) recvfrom$inet6(r5, 0x0, 0x0, 0x0, 0x0, 0x0) write$cgroup_int(r1, &(0x7f0000000040)=0x1f00, 0x12) [ 69.397945][ T4670] Bluetooth: hci0: command tx timeout [ 69.432592][ T5325] loop0: detected capacity change from 0 to 512 [ 69.461672][ T5325] EXT4-fs: Ignoring removed oldalloc option [ 69.498078][ T5325] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.0: corrupted in-inode xattr: invalid ea_ino [ 69.508101][ T5325] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.0: couldn't read orphan inode 15 (err -117) [ 69.513524][ T5325] EXT4-fs (loop0): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 69.529787][ T5325] ================================================================== [ 69.533025][ T5325] BUG: KASAN: use-after-free in ext4_insert_dentry+0x3cd/0x780 [ 69.535922][ T5325] Write of size 251 at addr ffff888043500f14 by task syz.0.0/5325 [ 69.539035][ T5325] [ 69.539960][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted 6.14.0-rc5-syzkaller-00268-g1110ce6a1e34 #0 [ 69.539974][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.539982][ T5325] Call Trace: [ 69.539988][ T5325] [ 69.539993][ T5325] dump_stack_lvl+0x241/0x360 [ 69.540012][ T5325] ? __pfx_dump_stack_lvl+0x10/0x10 [ 69.540024][ T5325] ? __pfx__printk+0x10/0x10 [ 69.540034][ T5325] ? _printk+0xd5/0x120 [ 69.540043][ T5325] ? __virt_addr_valid+0x183/0x530 [ 69.540053][ T5325] ? __virt_addr_valid+0x183/0x530 [ 69.540062][ T5325] print_report+0x16e/0x5b0 [ 69.540076][ T5325] ? __virt_addr_valid+0x183/0x530 [ 69.540085][ T5325] ? __virt_addr_valid+0x183/0x530 [ 69.540093][ T5325] ? __virt_addr_valid+0x45f/0x530 [ 69.540102][ T5325] ? __phys_addr+0xba/0x170 [ 69.540111][ T5325] ? ext4_insert_dentry+0x3cd/0x780 [ 69.540121][ T5325] kasan_report+0x143/0x180 [ 69.540129][ T5325] ? ext4_insert_dentry+0x3cd/0x780 [ 69.540137][ T5325] kasan_check_range+0x282/0x290 [ 69.540145][ T5325] ? ext4_insert_dentry+0x3cd/0x780 [ 69.540152][ T5325] __asan_memcpy+0x40/0x70 [ 69.540159][ T5325] ext4_insert_dentry+0x3cd/0x780 [ 69.540167][ T5325] add_dirent_to_buf+0x315/0x660 [ 69.540177][ T5325] ? __pfx_add_dirent_to_buf+0x10/0x10 [ 69.540189][ T5325] ? __ext4_handle_dirty_metadata+0x30d/0x820 [ 69.540200][ T5325] ? ext4_handle_dirty_dirblock+0xc0/0x350 [ 69.540212][ T5325] make_indexed_dir+0xcaf/0x1280 [ 69.540226][ T5325] ? __pfx_make_indexed_dir+0x10/0x10 [ 69.540238][ T5325] ? add_dirent_to_buf+0x2a7/0x660 [ 69.540250][ T5325] ? add_dirent_to_buf+0x2c5/0x660 [ 69.540264][ T5325] ? __pfx_add_dirent_to_buf+0x10/0x10 [ 69.540278][ T5325] ? __ext4_read_dirblock+0x486/0x790 [ 69.540290][ T5325] ext4_add_entry+0xb36/0xd30 [ 69.540300][ T5325] ? __pfx_ext4_add_entry+0x10/0x10 [ 69.540310][ T5325] ext4_add_nondir+0x8d/0x290 [ 69.540318][ T5325] ? ext4_symlink+0x70c/0xda0 [ 69.540326][ T5325] ext4_symlink+0xa10/0xda0 [ 69.540335][ T5325] ? __pfx_ext4_symlink+0x10/0x10 [ 69.540343][ T5325] ? inode_permission+0xff/0x460 [ 69.540353][ T5325] ? bpf_lsm_inode_symlink+0x9/0x10 [ 69.540361][ T5325] ? security_inode_symlink+0xbe/0x330 [ 69.540370][ T5325] vfs_symlink+0x137/0x2e0 [ 69.540378][ T5325] do_symlinkat+0x222/0x3a0 [ 69.540386][ T5325] ? __pfx_do_symlinkat+0x10/0x10 [ 69.540393][ T5325] ? strncpy_from_user+0x146/0x270 [ 69.540403][ T5325] ? getname_flags+0x1e3/0x540 [ 69.540411][ T5325] __x64_sys_symlink+0x7a/0x90 [ 69.540419][ T5325] do_syscall_64+0xf3/0x230 [ 69.540475][ T5325] ? clear_bhb_loop+0x35/0x90 [ 69.540492][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.540506][ T5325] RIP: 0033:0x7f8a7498d169 [ 69.540517][ T5325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.540527][ T5325] RSP: 002b:00007f8a7581f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 69.540540][ T5325] RAX: ffffffffffffffda RBX: 00007f8a74ba5fa0 RCX: 00007f8a7498d169 [ 69.540548][ T5325] RDX: 0000000000000000 RSI: 0000400000000cc0 RDI: 0000400000000dc0 [ 69.540556][ T5325] RBP: 00007f8a74a0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 69.540563][ T5325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 69.540570][ T5325] R13: 0000000000000000 R14: 00007f8a74ba5fa0 R15: 00007ffcbdf8b538 [ 69.540581][ T5325] [ 69.540585][ T5325] [ 69.674189][ T5325] The buggy address belongs to the physical page: [ 69.676729][ T5325] page: refcount:3 mapcount:0 mapping:ffff8880004acd78 index:0x3f pfn:0x43500 [ 69.680170][ T5325] memcg:ffff888012850000 [ 69.681916][ T5325] aops:def_blk_aops ino:700000 dentry name(?):"" [ 69.684476][ T5325] flags: 0x4fff10000004014(referenced|dirty|private|node=1|zone=1|lastcpupid=0x7ff) [ 69.688084][ T5325] raw: 04fff10000004014 0000000000000000 dead000000000122 ffff8880004acd78 [ 69.691388][ T5325] raw: 000000000000003f ffff88801ac990e8 00000003ffffffff ffff888012850000 [ 69.694520][ T5325] page dumped because: kasan: bad access detected [ 69.696673][ T5325] page_owner tracks the page as allocated [ 69.698552][ T5325] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x148c40(GFP_NOFS|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL), pid 5325, tgid 5324 (syz.0.0), ts 69529603698, free_ts 69400950888 [ 69.704737][ T5325] post_alloc_hook+0x1f4/0x240 [ 69.706358][ T5325] get_page_from_freelist+0x365c/0x37a0 [ 69.708184][ T5325] __alloc_frozen_pages_noprof+0x292/0x710 [ 69.710126][ T5325] alloc_pages_mpol+0x311/0x660 [ 69.711757][ T5325] alloc_pages_noprof+0x121/0x190 [ 69.713455][ T5325] folio_alloc_noprof+0x1e/0x30 [ 69.715068][ T5325] filemap_alloc_folio_noprof+0xe1/0x540 [ 69.716963][ T5325] __filemap_get_folio+0x438/0xae0 [ 69.718717][ T5325] bdev_getblk+0x1d4/0x670 [ 69.720269][ T5325] ext4_getblk+0x31b/0x880 [ 69.721857][ T5325] ext4_bread+0x2e/0x180 [ 69.723372][ T5325] ext4_append+0x327/0x5c0 [ 69.724917][ T5325] make_indexed_dir+0x3ff/0x1280 [ 69.726419][ T5325] ext4_add_entry+0xb36/0xd30 [ 69.728097][ T5325] ext4_add_nondir+0x8d/0x290 [ 69.729691][ T5325] ext4_symlink+0xa10/0xda0 [ 69.731191][ T5325] page last free pid 4670 tgid 4670 stack trace: [ 69.733480][ T5325] free_frozen_pages+0xe0d/0x10e0 [ 69.735453][ T5325] __put_partials+0x160/0x1c0 [ 69.737317][ T5325] put_cpu_partial+0x17c/0x250 [ 69.739303][ T5325] __slab_free+0x290/0x380 [ 69.741097][ T5325] qlist_free_all+0x9a/0x140 [ 69.742825][ T5325] kasan_quarantine_reduce+0x14f/0x170 [ 69.744952][ T5325] __kasan_slab_alloc+0x23/0x80 [ 69.746912][ T5325] kmem_cache_alloc_noprof+0x1d9/0x380 [ 69.748998][ T5325] skb_clone+0x20c/0x390 [ 69.750672][ T5325] hci_cmd_work+0xe7/0x6c0 [ 69.752447][ T5325] process_scheduled_works+0xabe/0x18e0 [ 69.754653][ T5325] worker_thread+0x870/0xd30 [ 69.756507][ T5325] kthread+0x7a9/0x920 [ 69.758231][ T5325] ret_from_fork+0x4b/0x80 [ 69.759874][ T5325] ret_from_fork_asm+0x1a/0x30 [ 69.761704][ T5325] [ 69.762650][ T5325] Memory state around the buggy address: [ 69.764697][ T5325] ffff888043500f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 69.767694][ T5325] ffff888043500f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 69.771338][ T5325] >ffff888043501000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 69.774366][ T5325] ^ [ 69.776009][ T5325] ffff888043501080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 69.779157][ T5325] ffff888043501100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 69.782286][ T5325] ================================================================== [ 69.809831][ T5326] sch_tbf: burst 2304 is lower than device lo mtu (65550) ! [ 69.818782][ T5325] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 69.821557][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted 6.14.0-rc5-syzkaller-00268-g1110ce6a1e34 #0 [ 69.825479][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.829538][ T5325] Call Trace: [ 69.830860][ T5325] [ 69.832020][ T5325] dump_stack_lvl+0x241/0x360 [ 69.833910][ T5325] ? __pfx_dump_stack_lvl+0x10/0x10 [ 69.836030][ T5325] ? __pfx__printk+0x10/0x10 [ 69.837893][ T5325] ? preempt_schedule+0xe1/0xf0 [ 69.839716][ T5325] ? vscnprintf+0x5d/0x90 [ 69.841479][ T5325] panic+0x349/0x880 [ 69.843081][ T5325] ? check_panic_on_warn+0x21/0xb0 [ 69.845113][ T5325] ? __pfx_panic+0x10/0x10 [ 69.846967][ T5325] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 69.849426][ T5325] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 69.851983][ T5325] ? print_report+0x519/0x5b0 [ 69.855195][ T5325] check_panic_on_warn+0x86/0xb0 [ 69.857232][ T5325] ? ext4_insert_dentry+0x3cd/0x780 [ 69.859314][ T5325] end_report+0x77/0x160 [ 69.861011][ T5325] kasan_report+0x154/0x180 [ 69.862823][ T5325] ? ext4_insert_dentry+0x3cd/0x780 [ 69.864878][ T5325] kasan_check_range+0x282/0x290 [ 69.866908][ T5325] ? ext4_insert_dentry+0x3cd/0x780 [ 69.868952][ T5325] __asan_memcpy+0x40/0x70 [ 69.870821][ T5325] ext4_insert_dentry+0x3cd/0x780 [ 69.872867][ T5325] add_dirent_to_buf+0x315/0x660 [ 69.874953][ T5325] ? __pfx_add_dirent_to_buf+0x10/0x10 [ 69.877044][ T5325] ? __ext4_handle_dirty_metadata+0x30d/0x820 [ 69.879545][ T5325] ? ext4_handle_dirty_dirblock+0xc0/0x350 [ 69.881914][ T5325] make_indexed_dir+0xcaf/0x1280 [ 69.883916][ T5325] ? __pfx_make_indexed_dir+0x10/0x10 [ 69.886076][ T5325] ? add_dirent_to_buf+0x2a7/0x660 [ 69.893206][ T5325] ? add_dirent_to_buf+0x2c5/0x660 [ 69.895385][ T5325] ? __pfx_add_dirent_to_buf+0x10/0x10 [ 69.897674][ T5325] ? __ext4_read_dirblock+0x486/0x790 [ 69.899911][ T5325] ext4_add_entry+0xb36/0xd30 [ 69.901919][ T5325] ? __pfx_ext4_add_entry+0x10/0x10 [ 69.904144][ T5325] ext4_add_nondir+0x8d/0x290 [ 69.906071][ T5325] ? ext4_symlink+0x70c/0xda0 [ 69.908024][ T5325] ext4_symlink+0xa10/0xda0 [ 69.909912][ T5325] ? __pfx_ext4_symlink+0x10/0x10 [ 69.911975][ T5325] ? inode_permission+0xff/0x460 [ 69.914125][ T5325] ? bpf_lsm_inode_symlink+0x9/0x10 [ 69.916287][ T5325] ? security_inode_symlink+0xbe/0x330 [ 69.918610][ T5325] vfs_symlink+0x137/0x2e0 [ 69.920482][ T5325] do_symlinkat+0x222/0x3a0 [ 69.922401][ T5325] ? __pfx_do_symlinkat+0x10/0x10 [ 69.924507][ T5325] ? strncpy_from_user+0x146/0x270 [ 69.926600][ T5325] ? getname_flags+0x1e3/0x540 [ 69.928648][ T5325] __x64_sys_symlink+0x7a/0x90 [ 69.930576][ T5325] do_syscall_64+0xf3/0x230 [ 69.932502][ T5325] ? clear_bhb_loop+0x35/0x90 [ 69.934482][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.936915][ T5325] RIP: 0033:0x7f8a7498d169 [ 69.938731][ T5325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.946505][ T5325] RSP: 002b:00007f8a7581f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 69.949962][ T5325] RAX: ffffffffffffffda RBX: 00007f8a74ba5fa0 RCX: 00007f8a7498d169 [ 69.953278][ T5325] RDX: 0000000000000000 RSI: 0000400000000cc0 RDI: 0000400000000dc0 [ 69.956547][ T5325] RBP: 00007f8a74a0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 69.959777][ T5325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 69.962968][ T5325] R13: 0000000000000000 R14: 00007f8a74ba5fa0 R15: 00007ffcbdf8b538 [ 69.966189][ T5325] [ 69.967794][ T5325] Kernel Offset: disabled [ 69.969563][ T5325] Rebooting in 86400 seconds..