program: syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000280)='./bus\x00', 0x800700, &(0x7f00000001c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x240000}}, {@jqfmt_vfsold}, {@minixdf}, {@resgid}, {@sysvgroups}, {@usrjquota}]}, 0x3, 0x467, &(0x7f0000002280)="$eJzs3M9rHFUcAPDvzCb93SbWKrRWjRYx+CNp0qo9eFEUPFQU9FCPcZOW0m0jTQRbio0i9SJIQc/iUfAv8OZF1JPgVe9SKBqEVk+R2Z1JN9vdZNNsdmv384Fp39t5M/O+O+/tvJm3mwD61kj2TxKxKyJ+i4ihWnZlgZHafzcXL5X/WbxUTmJp6a0/k2q5G4uXykXRYrudeWY0jUg/SfKDxNb63c5duHhmqlKZOZ/nx+fPvjc+d+His6fPTp2aOTVzbvLYsaNHJl54fvK5tuJI1lifxXXjwIezB/e/9s7V18snrr7707fZNrvy9fVxdMpIFvhfS1WN657o9MF6bHddOhnoYUVYl1JEZKdrsNr/h6IUt07eULz6cU8rB2yq7Nq0tfXqhSXgHpbE2mX+7kZFgC4rLvTZ/W+xdGnocVe4/lLtBiiL+2a+1NYMRJqXGWy4v+2kkYg4sfDvV9kSm/QcAgCg3mflL4/HM83Gf2k8WFduTz6HMhwR90XE3oi4PyL2RcQDEVnZxiFlW0Ya8rePf9JrdxhaW7Lx34v53NbK8V8x+ovhUp7bXY1/MDl5ujJzOH9PRmNwa5afWOUY37/y6+et1tWP/7IlO34xFszrcW2g4QHd9NT8VHVQ2gHXP4o4MNAs/mR5JiCJiP0RcWB9u95TJE4/9c3B7QebF1o7/lV0YJ5p6euIJ2vnfyEa4i8kq89Pjm+Lyszh8aJV3O7nX6682er4LeLfsvHI2pOd/x0r239jkeGkfr52bv3HuPL7py3vae60/W9J3q6el+KN+mBqfv78RMSW5Hg1v+L1yVvbFvmifBb/6KHm/X9vvk12nIciImvCD0fEIxHxaF73xyLi8Yg4tEr8P76cJ5q01w21/w7I4p9u+vm33P4bzv/6E6UzP3xX7GzbuuPPzv/Ramo0f6X6+beGdiu40fcPAAAA/g/S6nfgk3RsOZ2mY2O17/Dvix1pZXZu/umTs++fm659V344BtPiSddQ3fPQiWQh32MtP5k/Ky7WH8mfG39R2l7Nj5VnK9M9jh363c4W/T/zR6nXtQM2XbN5tMmuTUEBvdTY/9OV2ctvdLMyQFf5vTb0rzX6f9qtegDd5/oP/atZ/7/ckDcXAPcm13/oX/o/9C/9H/qX/g99aSO/65fo50Sklcr0tojVCxd/EOjuqLNE+4lefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xn8BAAD///xQ9VA=") chdir(&(0x7f0000000140)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0) mkdir(&(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x5) creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="580000fa6b01c31fe696820a89d92a18e9e27100", @ANYRES32=0x0, @ANYBLOB="0000000000000000380012800e00010069703665727370616e0000002400028014001800fc010000000000000000000000000000050016000200000004001200"], 0x58}}, 0x0) symlink(&(0x7f0000000dc0)='./file0\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0) write$cgroup_int(r1, &(0x7f0000000040)=0x1f00, 0x12) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x2000010, &(0x7f0000000080)=ANY=[], 0x1d, 0x6b6, &(0x7f0000000900)="$eJzs3cFvHGfdB/DvbNYbO63yOm3SRq+KiBKpIEUkTqwUwgWDEPKhQlVB4mwlTmNl41S2i9wKgQsITkgc+gcUJN84IXEPChcu5darjyAkLhGHiIvRzM7aa+86XseO7ZTPJxrPM/M888xvfvPMjHc31gb4nzV9Oc2HKTJ9+e3lcnltdbK9tjp5sq5uJynLjaTZmaWYT4pHyVRZX3TW/7Co2xc77eeTuZvvfv547eTmmma3feNp2w0woO1KPeVCkhP1vN/IsLvY0t+tJC/3NWkN29eWhmXSLnUPHo7aep+VvWy+l+sWOGa6T6ei89zsM56cSjJa/x6Q+u7QOLwI9+GvOz+k93SXAwAAgOOumWSyf/VnD44iGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHix1d//X9RTo57nQoru9/+3uuvq8gvt4VEHAAAAAAAAAAAH4MtP8iTLOd1dXi+qz/wvVgtn85/15KV8kMXMZiFXspyZLGUpC7mWZLyno9byzNLSwrWNLUuDt7w+cMvrh3XEAAAAAAAAAPCF9PNMb37+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx0GRnOjMqulstzyeRjOdulbZbiX5W7f8gigGrXx4+HEAAADAvow+wzb/9yRPspzT3eX1onrN/1r1enk0H2Q+S5nLUtqZze36NXT5qr+xtjrZXludvF9O/f1++197CqPqsX5/YfCez1ctxnInc9WaK7lVBXM7jWrL0vluPIPj+riMqfhWbcjImnVay539dqd3EQ7EXt+KGC+DSzYyMlHHVmbjTCcDRfVGTbI9E7ueneb2PaWRkY09XUtj452fs88h56d6cv6r55rzvdrIRCNVJq73jL7Xnp6J5Ct/+sOP7rbn7929s3j5+BzSLk5sXzG2WewdE5M9mXj9hc5Ec4/tJ6pMnNtYns738oNczoW8k4XM5ceZyVJms17Xz9Tjufw5/vRMTW1Zeme3SFr1CO2cs2FiupDvVqWZXKy2PZ25FHmQ25nNW9W/67mWr+dGbuRmzxk+t2Pc1bFVV31j+1XfPdN/Hhj8pa/WhXKA/XpzoE097Yj7RucB69yHyrye6clrZ9Q/3mh1puc6mOjJ0ivd7IwM7PxZ7o3N/68L5T5+Uc+Ph/E6E+UF1H1KdKN7tZOJZvUs6h/nv6uujcX2/L2FuzPv79D/yrblN+t5OaxWvzRslINPxcEqx8srGa3vJFtHR1n36sZd5syWp2qr/sSlU9foqztX1RVF90r9/o5Xaqv+Ha6/p+tV3esD6yaruvM9dVt+38qDtHP7EPIHwD6N51Rr7J9jn419OvbLsbtjb49+5+Q3Tr7RyshfRr7ZnDjxZuON4o/5ND/dfP0PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8u8UPP7o3027PLgwuNHau2qWwW8/bCkX9hT7PtK9jWBhNsmXNSLliqM3/8VJyUGGMbQ+jr7D+s+Rgj/3xrkNr49u7Bvfzm7LQzDD7mtqtzcc7VhXNDLWLL3qhPBmDqo7ungQcjqtL99+/uvjhR1+buz/z3ux7s/MjN27cnLh5463Jq3fm2rMTnZ9HHSXwPGw+9I86EgAAAAAAAAAAAGBYg/4w4OLLu/3RyDCFlv9ZCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAByI6ctpPkyRaxNXJsrltdXJdjl1y5stm0kajaT4SVI8SqbSmTLe012R3z/K+oD9fDJ3893PH6/9fbOvZqd90qjn+7BST7mQ5EQ9P6j+bu27v+Lf3SMsE3apmzg4av8NAAD//zZG73k=") r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000) symlinkat(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', r2, &(0x7f0000000340)='./file0\x00') [ 59.830181][ T5331] loop0: detected capacity change from 0 to 512 [ 59.860801][ T5331] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.0: corrupted in-inode xattr: invalid ea_ino [ 59.902548][ T5331] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.0: couldn't read orphan inode 15 (err -117) [ 59.914947][ T5331] EXT4-fs (loop0): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 59.932298][ T4675] Bluetooth: hci0: command tx timeout [ 59.942748][ T5331] ================================================================== [ 59.950805][ T5331] BUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0 [ 59.954290][ T5331] Write of size 251 at addr ffff88804f884f14 by task syz.0.0/5331 [ 59.957067][ T5331] [ 59.958006][ T5331] CPU: 0 UID: 0 PID: 5331 Comm: syz.0.0 Not tainted 6.12.0-syzkaller-00233-g9fb2cfa4635a #0 [ 59.961637][ T5331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 59.965441][ T5331] Call Trace: [ 59.967672][ T5331] [ 59.969163][ T5331] dump_stack_lvl+0x241/0x360 [ 59.971309][ T5331] ? __pfx_dump_stack_lvl+0x10/0x10 [ 59.973462][ T5331] ? __pfx__printk+0x10/0x10 [ 59.977725][ T5331] ? _printk+0xd5/0x120 [ 59.981585][ T5331] ? __virt_addr_valid+0x183/0x530 [ 59.988070][ T5331] ? __virt_addr_valid+0x183/0x530 [ 59.992275][ T5331] print_report+0x169/0x550 [ 59.995612][ T5331] ? __virt_addr_valid+0x183/0x530 [ 60.014906][ T5331] ? __virt_addr_valid+0x183/0x530 [ 60.017024][ T5331] ? __virt_addr_valid+0x45f/0x530 [ 60.019255][ T5331] ? __phys_addr+0xba/0x170 [ 60.055506][ T5331] ? ext4_insert_dentry+0x36a/0x6d0 [ 60.057627][ T5331] kasan_report+0x143/0x180 [ 60.059567][ T5331] ? ext4_insert_dentry+0x36a/0x6d0 [ 60.061455][ T5331] kasan_check_range+0x282/0x290 [ 60.064116][ T5331] ? ext4_insert_dentry+0x36a/0x6d0 [ 60.066210][ T5331] __asan_memcpy+0x40/0x70 [ 60.068034][ T5331] ext4_insert_dentry+0x36a/0x6d0 [ 60.070072][ T5331] add_dirent_to_buf+0x3d9/0x750 [ 60.072122][ T5331] ? __pfx_add_dirent_to_buf+0x10/0x10 [ 60.095277][ T5331] ? __ext4_handle_dirty_metadata+0x30d/0x820 [ 60.110662][ T5331] make_indexed_dir+0xf98/0x1600 [ 60.112665][ T5331] ? __pfx_make_indexed_dir+0x10/0x10 [ 60.123202][ T5331] ? add_dirent_to_buf+0x398/0x750 [ 60.127062][ T5331] ? __pfx_add_dirent_to_buf+0x10/0x10 [ 60.131432][ T5331] ? __ext4_read_dirblock+0x527/0x890 [ 60.150655][ T5331] ext4_add_entry+0xcf7/0xfa0 [ 60.152439][ T5331] ? __pfx_ext4_add_entry+0x10/0x10 [ 60.154384][ T5331] ext4_add_nondir+0x8d/0x290 [ 60.156107][ T5331] ? ext4_symlink+0x6ce/0xb50 [ 60.157818][ T5331] ext4_symlink+0x920/0xb50 [ 60.159504][ T5331] ? __pfx_ext4_symlink+0x10/0x10 [ 60.161343][ T5331] ? inode_permission+0xff/0x460 [ 60.164994][ T5331] ? bpf_lsm_inode_symlink+0x9/0x10 [ 60.168247][ T5331] ? security_inode_symlink+0xbe/0x330 [ 60.171498][ T5331] vfs_symlink+0x137/0x2e0 [ 60.173837][ T5331] do_symlinkat+0x222/0x3a0 [ 60.178627][ T5331] ? __pfx_do_symlinkat+0x10/0x10 [ 60.186632][ T5331] ? strncpy_from_user+0x13a/0x260 [ 60.189240][ T5331] ? getname_flags+0x1e3/0x540 [ 60.191393][ T5331] __x64_sys_symlink+0x7a/0x90 [ 60.193242][ T5331] do_syscall_64+0xf3/0x230 [ 60.196540][ T5331] ? clear_bhb_loop+0x35/0x90 [ 60.199965][ T5331] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.202133][ T5331] RIP: 0033:0x7f9902f7e759 [ 60.203776][ T5331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 60.210713][ T5331] RSP: 002b:00007f9903cf7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 60.213636][ T5331] RAX: ffffffffffffffda RBX: 00007f9903135f80 RCX: 00007f9902f7e759 [ 60.216504][ T5331] RDX: 0000000000000000 RSI: 0000000020000cc0 RDI: 0000000020000dc0 [ 60.222009][ T5331] RBP: 00007f9902ff175e R08: 0000000000000000 R09: 0000000000000000 [ 60.227406][ T5331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 60.232425][ T5331] R13: 0000000000000000 R14: 00007f9903135f80 R15: 00007ffd2bc41a88 [ 60.239767][ T5331] [ 60.240847][ T5331] [ 60.241713][ T5331] The buggy address belongs to the physical page: [ 60.246691][ T5331] page: refcount:3 mapcount:0 mapping:ffff888031ce4d78 index:0x3f pfn:0x4f884 [ 60.254588][ T5331] memcg:ffff88801b70e000 [ 60.257096][ T5331] aops:def_blk_aops ino:700000 dentry name(?):"" [ 60.259931][ T5331] flags: 0x4fff08000004214(referenced|dirty|workingset|private|node=1|zone=1|lastcpupid=0x7ff) [ 60.263691][ T5331] raw: 04fff08000004214 0000000000000000 dead000000000122 ffff888031ce4d78 [ 60.269918][ T5331] raw: 000000000000003f ffff88804379eae0 00000003ffffffff ffff88801b70e000 [ 60.278334][ T5331] page dumped because: kasan: bad access detected [ 60.297147][ T5331] page_owner tracks the page as allocated [ 60.301525][ T5331] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL|__GFP_MOVABLE), pid 5331, tgid 5330 (syz.0.0), ts 59942541921, free_ts 59772902381 [ 60.318709][ T5331] post_alloc_hook+0x1f3/0x230 [ 60.321413][ T5331] get_page_from_freelist+0x3649/0x3790 [ 60.324307][ T5331] __alloc_pages_noprof+0x292/0x710 [ 60.327357][ T5331] alloc_pages_mpol_noprof+0x3e8/0x680 [ 60.332964][ T5331] folio_alloc_noprof+0x128/0x180 [ 60.337152][ T5331] filemap_alloc_folio_noprof+0xdf/0x500 [ 60.364674][ T5331] __filemap_get_folio+0x446/0xbd0 [ 60.367955][ T5331] bdev_getblk+0x1d8/0x550 [ 60.370269][ T5331] ext4_getblk+0x303/0x800 [ 60.372165][ T5331] ext4_bread+0x2e/0x180 [ 60.373931][ T5331] ext4_append+0x327/0x5c0 [ 60.382393][ T5331] make_indexed_dir+0x523/0x1600 [ 60.386617][ T5331] ext4_add_entry+0xcf7/0xfa0 [ 60.391452][ T5331] ext4_add_nondir+0x8d/0x290 [ 60.395698][ T5331] ext4_symlink+0x920/0xb50 [ 60.406367][ T5331] vfs_symlink+0x137/0x2e0 [ 60.408017][ T5331] page last free pid 5333 tgid 5333 stack trace: [ 60.410286][ T5331] free_unref_folios+0xf37/0x1a20 [ 60.413134][ T5331] folios_put_refs+0x76c/0x860 [ 60.415170][ T5331] free_pages_and_swap_cache+0x2ea/0x690 [ 60.427398][ T5331] tlb_flush_mmu+0x3a3/0x680 [ 60.429075][ T5331] tlb_finish_mmu+0xd4/0x200 [ 60.430658][ T5331] exit_mmap+0x496/0xc40 [ 60.431989][ T5331] __mmput+0x115/0x390 [ 60.433285][ T5331] exit_mm+0x220/0x310 [ 60.434645][ T5331] do_exit+0x9b2/0x28e0 [ 60.438480][ T5331] do_group_exit+0x207/0x2c0 [ 60.443249][ T5331] __x64_sys_exit_group+0x3f/0x40 [ 60.445294][ T5331] x64_sys_call+0x26a8/0x26b0 [ 60.463205][ T5331] do_syscall_64+0xf3/0x230 [ 60.478613][ T5331] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.480940][ T5331] [ 60.495087][ T5331] Memory state around the buggy address: [ 60.497479][ T5331] ffff88804f884f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 60.500777][ T5331] ffff88804f884f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 60.504052][ T5331] >ffff88804f885000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 60.519461][ T5331] ^ [ 60.520771][ T5331] ffff88804f885080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 60.523318][ T5331] ffff88804f885100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 60.525810][ T5331] ================================================================== [ 60.558051][ T5331] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 60.563706][ T5331] CPU: 0 UID: 0 PID: 5331 Comm: syz.0.0 Not tainted 6.12.0-syzkaller-00233-g9fb2cfa4635a #0 [ 60.572164][ T5331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 60.579793][ T5331] Call Trace: [ 60.581007][ T5331] [ 60.582204][ T5331] dump_stack_lvl+0x241/0x360 [ 60.584272][ T5331] ? __pfx_dump_stack_lvl+0x10/0x10 [ 60.586643][ T5331] ? __pfx__printk+0x10/0x10 [ 60.588686][ T5331] ? preempt_schedule+0xe1/0xf0 [ 60.590976][ T5331] ? vscnprintf+0x5d/0x90 [ 60.601877][ T5331] panic+0x349/0x880 [ 60.612005][ T5331] ? check_panic_on_warn+0x21/0xb0 [ 60.616040][ T5331] ? __pfx_panic+0x10/0x10 [ 60.619226][ T5331] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 60.625202][ T5331] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 60.636993][ T5331] ? print_report+0x502/0x550 [ 60.639251][ T5331] check_panic_on_warn+0x86/0xb0 [ 60.642461][ T5331] ? ext4_insert_dentry+0x36a/0x6d0 [ 60.648189][ T5331] end_report+0x77/0x160 [ 60.651626][ T5331] kasan_report+0x154/0x180 [ 60.653665][ T5331] ? ext4_insert_dentry+0x36a/0x6d0 [ 60.659516][ T5331] kasan_check_range+0x282/0x290 [ 60.663455][ T5331] ? ext4_insert_dentry+0x36a/0x6d0 [ 60.666433][ T5331] __asan_memcpy+0x40/0x70 [ 60.668846][ T5331] ext4_insert_dentry+0x36a/0x6d0 [ 60.671418][ T5331] add_dirent_to_buf+0x3d9/0x750 [ 60.673909][ T5331] ? __pfx_add_dirent_to_buf+0x10/0x10 [ 60.675757][ T5331] ? __ext4_handle_dirty_metadata+0x30d/0x820 [ 60.677887][ T5331] make_indexed_dir+0xf98/0x1600 [ 60.679687][ T5331] ? __pfx_make_indexed_dir+0x10/0x10 [ 60.681809][ T5331] ? add_dirent_to_buf+0x398/0x750 [ 60.685778][ T5331] ? __pfx_add_dirent_to_buf+0x10/0x10 [ 60.687776][ T5331] ? __ext4_read_dirblock+0x527/0x890 [ 60.689453][ T5331] ext4_add_entry+0xcf7/0xfa0 [ 60.691046][ T5331] ? __pfx_ext4_add_entry+0x10/0x10 [ 60.692842][ T5331] ext4_add_nondir+0x8d/0x290 [ 60.694512][ T5331] ? ext4_symlink+0x6ce/0xb50 [ 60.697722][ T5331] ext4_symlink+0x920/0xb50 [ 60.702377][ T5331] ? __pfx_ext4_symlink+0x10/0x10 [ 60.706801][ T5331] ? inode_permission+0xff/0x460 [ 60.709924][ T5331] ? bpf_lsm_inode_symlink+0x9/0x10 [ 60.713927][ T5331] ? security_inode_symlink+0xbe/0x330 [ 60.716238][ T5331] vfs_symlink+0x137/0x2e0 [ 60.717950][ T5331] do_symlinkat+0x222/0x3a0 [ 60.735126][ T5331] ? __pfx_do_symlinkat+0x10/0x10 [ 60.736720][ T5331] ? strncpy_from_user+0x13a/0x260 [ 60.744228][ T5331] ? getname_flags+0x1e3/0x540 [ 60.750298][ T5331] __x64_sys_symlink+0x7a/0x90 [ 60.753910][ T5331] do_syscall_64+0xf3/0x230 [ 60.756611][ T5331] ? clear_bhb_loop+0x35/0x90 [ 60.760570][ T5331] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.765781][ T5331] RIP: 0033:0x7f9902f7e759 [ 60.767692][ T5331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 60.784496][ T5331] RSP: 002b:00007f9903cf7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 60.787399][ T5331] RAX: ffffffffffffffda RBX: 00007f9903135f80 RCX: 00007f9902f7e759 [ 60.792091][ T5331] RDX: 0000000000000000 RSI: 0000000020000cc0 RDI: 0000000020000dc0 [ 60.796178][ T5331] RBP: 00007f9902ff175e R08: 0000000000000000 R09: 0000000000000000 [ 60.799603][ T5331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 60.802079][ T5331] R13: 0000000000000000 R14: 00007f9903135f80 R15: 00007ffd2bc41a88 [ 60.804570][ T5331] [ 60.810196][ T5331] Kernel Offset: disabled [ 60.812326][ T5331] Rebooting in 86400 seconds..