Warning: Permanently added '10.128.0.178' (ED25519) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
[   86.401118][ T5834] loop1: detected capacity change from 0 to 1024
[   86.410864][ T5837] loop3: detected capacity change from 0 to 1024
[   86.412172][ T5835] loop4: detected capacity change from 0 to 1024
[   86.418015][ T5832] loop0: detected capacity change from 0 to 1024
[   86.432342][ T5836] loop2: detected capacity change from 0 to 1024
[   86.440981][ T5837] =======================================================
[   86.440981][ T5837] WARNING: The mand mount option has been deprecated and
[   86.440981][ T5837]          and is ignored by this kernel. Remove the mand
[   86.440981][ T5837]          option from the mount to silence this warning.
[   86.440981][ T5837] =======================================================
[   86.441408][ T5834] EXT4-fs: Ignoring removed bh option
[   86.479160][ T5836] EXT4-fs: Ignoring removed bh option
[   86.489272][ T5832] EXT4-fs: Ignoring removed bh option
[   86.489816][ T5835] EXT4-fs: Ignoring removed bh option
[   86.506073][ T5837] EXT4-fs: Ignoring removed bh option
[   86.533105][ T5836] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.534195][ T5835] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.563073][ T5832] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.575002][ T5836] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   86.599425][ T5834] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.599442][ T5837] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.607283][ T5832] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   86.650304][ T5835] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   86.653609][ T5834] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   86.666231][ T5837] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   86.726123][ T5850] ==================================================================
[   86.734248][ T5850] BUG: KASAN: use-after-free in ext4_find_extent+0xae6/0xcc0
[   86.741681][ T5850] Read of size 4 at addr ffff8880756f3018 by task syz-executor277/5850
[   86.749945][ T5850] 
[   86.752299][ T5850] CPU: 0 UID: 0 PID: 5850 Comm: syz-executor277 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) 
[   86.752319][ T5850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   86.752332][ T5850] Call Trace:
[   86.752341][ T5850]  <TASK>
[   86.752348][ T5850]  dump_stack_lvl+0x189/0x250
[   86.752377][ T5850]  ? rcu_is_watching+0x15/0xb0
[   86.752401][ T5850]  ? __kasan_check_byte+0x12/0x40
[   86.752421][ T5850]  ? __pfx_dump_stack_lvl+0x10/0x10
[   86.752443][ T5850]  ? rcu_is_watching+0x15/0xb0
[   86.752465][ T5850]  ? lock_release+0x4b/0x3e0
[   86.752485][ T5850]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[   86.752509][ T5850]  ? __virt_addr_valid+0x1c8/0x5c0
[   86.752524][ T5850]  ? __virt_addr_valid+0x4a5/0x5c0
[   86.752539][ T5850]  print_report+0xd2/0x2b0
[   86.752558][ T5850]  ? ext4_find_extent+0xae6/0xcc0
[   86.752577][ T5850]  kasan_report+0x118/0x150
[   86.752597][ T5850]  ? ext4_find_extent+0xae6/0xcc0
[   86.752618][ T5850]  ext4_find_extent+0xae6/0xcc0
[   86.752641][ T5850]  ext4_ext_map_blocks+0x288/0x6ac0
[   86.752666][ T5850]  ? __pfx_ext4_ext_map_blocks+0x10/0x10
[   86.752716][ T5850]  ? __lock_acquire+0xab9/0xd20
[   86.752739][ T5850]  ? __pfx_ext4_ext_map_blocks+0x10/0x10
[   86.752769][ T5850]  ext4_map_blocks+0x931/0x18d0
[   86.752785][ T5850]  ? ext4_da_write_begin+0x449/0xd20
[   86.752808][ T5850]  ? __pfx_ext4_map_blocks+0x10/0x10
[   86.752829][ T5850]  _ext4_get_block+0x200/0x4c0
[   86.752843][ T5850]  ? __pfx__ext4_get_block+0x10/0x10
[   86.752859][ T5850]  ? ext4_inode_journal_mode+0x18c/0x480
[   86.752877][ T5850]  ext4_block_write_begin+0x6f8/0x14b0
[   86.752897][ T5850]  ? __pfx_ext4_get_block+0x10/0x10
[   86.752909][ T5850]  ? __pfx_ext4_block_write_begin+0x10/0x10
[   86.752925][ T5850]  ? folio_mapping+0x16f/0x240
[   86.752941][ T5850]  ext4_write_begin+0xa4f/0x1680
[   86.752987][ T5850]  ? ext4_mark_iloc_dirty+0x6f3/0x1ca0
[   86.753005][ T5850]  ? __pfx_ext4_write_begin+0x10/0x10
[   86.753027][ T5850]  ? __lock_acquire+0xab9/0xd20
[   86.753048][ T5850]  ext4_da_write_begin+0x449/0xd20
[   86.753076][ T5850]  ? __pfx_ext4_da_write_begin+0x10/0x10
[   86.753102][ T5850]  generic_perform_write+0x2c4/0x910
[   86.753128][ T5850]  ? __pfx_generic_perform_write+0x10/0x10
[   86.753147][ T5850]  ? file_modified_flags+0x4bb/0x560
[   86.753165][ T5850]  ? ext4_write_checks+0x24b/0x2c0
[   86.753182][ T5850]  ext4_buffered_write_iter+0xce/0x3a0
[   86.753197][ T5850]  ? futex_unqueue+0x22/0x240
[   86.753213][ T5850]  ext4_file_write_iter+0x298/0x1bc0
[   86.753230][ T5850]  ? futex_unqueue+0x22/0x240
[   86.753244][ T5850]  ? futex_unqueue+0x211/0x240
[   86.753257][ T5850]  ? __futex_wait+0x1d1/0x3e0
[   86.753276][ T5850]  ? __futex_wait+0x34f/0x3e0
[   86.753297][ T5850]  ? __pfx_ext4_file_write_iter+0x10/0x10
[   86.753318][ T5850]  do_iter_readv_writev+0x56e/0x7f0
[   86.753339][ T5850]  ? __pfx_do_iter_readv_writev+0x10/0x10
[   86.753358][ T5850]  ? rcu_read_lock_any_held+0xb3/0x120
[   86.753388][ T5850]  vfs_writev+0x31a/0x960
[   86.753412][ T5850]  ? __lock_acquire+0xab9/0xd20
[   86.753432][ T5850]  ? __pfx_vfs_writev+0x10/0x10
[   86.753461][ T5850]  ? __fget_files+0x2a/0x420
[   86.753483][ T5850]  ? __fget_files+0x3a0/0x420
[   86.753503][ T5850]  ? __fget_files+0x2a/0x420
[   86.753527][ T5850]  __se_sys_pwritev2+0x179/0x290
[   86.753548][ T5850]  ? __pfx___se_sys_pwritev2+0x10/0x10
[   86.753568][ T5850]  ? rcu_is_watching+0x15/0xb0
[   86.753592][ T5850]  ? do_syscall_64+0xbe/0x3b0
[   86.753622][ T5850]  ? __x64_sys_pwritev2+0x20/0xc0
[   86.753642][ T5850]  do_syscall_64+0xfa/0x3b0
[   86.753661][ T5850]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.753674][ T5850]  ? __switch_to_asm+0x39/0x70
[   86.753687][ T5850]  ? clear_bhb_loop+0x60/0xb0
[   86.753711][ T5850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.753725][ T5850] RIP: 0033:0x7fe3fc82e049
[   86.753745][ T5850] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   86.753761][ T5850] RSP: 002b:00007fe3fc7c1208 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   86.753777][ T5850] RAX: ffffffffffffffda RBX: 00007fe3fc8b56d8 RCX: 00007fe3fc82e049
[   86.753788][ T5850] RDX: 0000000000000001 RSI: 00002000000001c0 RDI: 0000000000000004
[   86.753797][ T5850] RBP: 00007fe3fc8b56d0 R08: 0000000000000000 R09: 0000000000000000
[   86.753806][ T5850] R10: 0000000000000e7b R11: 0000000000000246 R12: 00007fe3fc882614
[   86.753815][ T5850] R13: 000000000000006e R14: 0000200000000080 R15: 00007ffef60cc2b8
[   86.753832][ T5850]  </TASK>
[   86.753836][ T5850] 
[   87.189135][ T5850] The buggy address belongs to the physical page:
[   87.195556][ T5850] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x7f169a374 pfn:0x756f3
[   87.205031][ T5850] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   87.212150][ T5850] raw: 00fff00000000000 ffffea0001d5bc88 ffffea0001d5c908 0000000000000000
[   87.220739][ T5850] raw: 00000007f169a374 0000000000000000 00000000ffffffff 0000000000000000
[   87.229321][ T5850] page dumped because: kasan: bad access detected
[   87.235741][ T5850] page_owner tracks the page as freed
[   87.241108][ T5850] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|__GFP_COMP), pid 5813, tgid 5813 (sshd-session), ts 79886189644, free_ts 79942219609
[   87.259783][ T5850]  post_alloc_hook+0x240/0x2a0
[   87.264577][ T5850]  get_page_from_freelist+0x21d5/0x22b0
[   87.270137][ T5850]  __alloc_frozen_pages_noprof+0x181/0x370
[   87.275958][ T5850]  alloc_pages_mpol+0x232/0x4a0
[   87.280819][ T5850]  vma_alloc_folio_noprof+0xe4/0x200
[   87.286113][ T5850]  folio_prealloc+0x30/0x180
[   87.290705][ T5850]  __handle_mm_fault+0x2c88/0x5620
[   87.295822][ T5850]  handle_mm_fault+0x2d5/0x7f0
[   87.300591][ T5850]  do_user_addr_fault+0xa81/0x1390
[   87.305713][ T5850]  exc_page_fault+0x76/0xf0
[   87.310224][ T5850]  asm_exc_page_fault+0x26/0x30
[   87.315075][ T5850] page last free pid 5813 tgid 5813 stack trace:
[   87.321403][ T5850]  free_unref_folios+0xcd2/0x1570
[   87.326439][ T5850]  folios_put_refs+0x559/0x640
[   87.331215][ T5850]  free_pages_and_swap_cache+0x277/0x520
[   87.336871][ T5850]  tlb_flush_mmu+0x3a0/0x680
[   87.341475][ T5850]  tlb_finish_mmu+0xc3/0x1d0
[   87.346082][ T5850]  vms_clear_ptes+0x42c/0x540
[   87.350773][ T5850]  vms_complete_munmap_vmas+0x206/0x8a0
[   87.356330][ T5850]  do_vmi_align_munmap+0x358/0x420
[   87.361453][ T5850]  do_vmi_munmap+0x253/0x2e0
[   87.366049][ T5850]  __vm_munmap+0x23b/0x3d0
[   87.370476][ T5850]  __x64_sys_munmap+0x60/0x70
[   87.375163][ T5850]  do_syscall_64+0xfa/0x3b0
[   87.379682][ T5850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.385584][ T5850] 
[   87.387913][ T5850] Memory state around the buggy address:
[   87.393549][ T5850]  ffff8880756f2f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   87.401620][ T5850]  ffff8880756f2f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   87.409697][ T5850] >ffff8880756f3000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   87.417764][ T5850]                             ^
[   87.422614][ T5850]  ffff8880756f3080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   87.430687][ T5850]  ffff8880756f3100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   87.438756][ T5850] ==================================================================
[   87.489674][ T5850] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   87.496949][ T5850] CPU: 1 UID: 0 PID: 5850 Comm: syz-executor277 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) 
[   87.509033][ T5850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   87.519104][ T5850] Call Trace:
[   87.522420][ T5850]  <TASK>
[   87.525364][ T5850]  dump_stack_lvl+0x99/0x250
[   87.529989][ T5850]  ? __asan_memcpy+0x40/0x70
[   87.534596][ T5850]  ? __pfx_dump_stack_lvl+0x10/0x10
[   87.539815][ T5850]  ? __pfx__printk+0x10/0x10
[   87.544434][ T5850]  panic+0x2db/0x790
[   87.548370][ T5850]  ? __pfx_preempt_schedule+0x10/0x10
[   87.553772][ T5850]  ? __pfx_panic+0x10/0x10
[   87.558216][ T5850]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[   87.564130][ T5850]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   87.570497][ T5850]  ? ext4_find_extent+0xae6/0xcc0
[   87.575553][ T5850]  check_panic_on_warn+0x89/0xb0
[   87.580518][ T5850]  ? ext4_find_extent+0xae6/0xcc0
[   87.585570][ T5850]  end_report+0x78/0x160
[   87.589839][ T5850]  kasan_report+0x129/0x150
[   87.594373][ T5850]  ? ext4_find_extent+0xae6/0xcc0
[   87.599474][ T5850]  ext4_find_extent+0xae6/0xcc0
[   87.604360][ T5850]  ext4_ext_map_blocks+0x288/0x6ac0
[   87.609599][ T5850]  ? __pfx_ext4_ext_map_blocks+0x10/0x10
[   87.615274][ T5850]  ? __lock_acquire+0xab9/0xd20
[   87.620174][ T5850]  ? __pfx_ext4_ext_map_blocks+0x10/0x10
[   87.625854][ T5850]  ext4_map_blocks+0x931/0x18d0
[   87.630736][ T5850]  ? ext4_da_write_begin+0x449/0xd20
[   87.636066][ T5850]  ? __pfx_ext4_map_blocks+0x10/0x10
[   87.641403][ T5850]  _ext4_get_block+0x200/0x4c0
[   87.646206][ T5850]  ? __pfx__ext4_get_block+0x10/0x10
[   87.651532][ T5850]  ? ext4_inode_journal_mode+0x18c/0x480
[   87.657204][ T5850]  ext4_block_write_begin+0x6f8/0x14b0
[   87.662696][ T5850]  ? __pfx_ext4_get_block+0x10/0x10
[   87.667919][ T5850]  ? __pfx_ext4_block_write_begin+0x10/0x10
[   87.673844][ T5850]  ? folio_mapping+0x16f/0x240
[   87.678641][ T5850]  ext4_write_begin+0xa4f/0x1680
[   87.683632][ T5850]  ? ext4_mark_iloc_dirty+0x6f3/0x1ca0
[   87.689137][ T5850]  ? __pfx_ext4_write_begin+0x10/0x10
[   87.694535][ T5850]  ? __lock_acquire+0xab9/0xd20
[   87.699419][ T5850]  ext4_da_write_begin+0x449/0xd20
[   87.704584][ T5850]  ? __pfx_ext4_da_write_begin+0x10/0x10
[   87.710266][ T5850]  generic_perform_write+0x2c4/0x910
[   87.715589][ T5850]  ? __pfx_generic_perform_write+0x10/0x10
[   87.721431][ T5850]  ? file_modified_flags+0x4bb/0x560
[   87.726758][ T5850]  ? ext4_write_checks+0x24b/0x2c0
[   87.731885][ T5850]  ext4_buffered_write_iter+0xce/0x3a0
[   87.737376][ T5850]  ? futex_unqueue+0x22/0x240
[   87.742085][ T5850]  ext4_file_write_iter+0x298/0x1bc0
[   87.747406][ T5850]  ? futex_unqueue+0x22/0x240
[   87.752100][ T5850]  ? futex_unqueue+0x211/0x240
[   87.756893][ T5850]  ? __futex_wait+0x1d1/0x3e0
[   87.761609][ T5850]  ? __futex_wait+0x34f/0x3e0
[   87.766302][ T5850]  ? __pfx_ext4_file_write_iter+0x10/0x10
[   87.772068][ T5850]  do_iter_readv_writev+0x56e/0x7f0
[   87.777289][ T5850]  ? __pfx_do_iter_readv_writev+0x10/0x10
[   87.783027][ T5850]  ? rcu_read_lock_any_held+0xb3/0x120
[   87.788509][ T5850]  vfs_writev+0x31a/0x960
[   87.792857][ T5850]  ? __lock_acquire+0xab9/0xd20
[   87.797722][ T5850]  ? __pfx_vfs_writev+0x10/0x10
[   87.802611][ T5850]  ? __fget_files+0x2a/0x420
[   87.807217][ T5850]  ? __fget_files+0x3a0/0x420
[   87.811906][ T5850]  ? __fget_files+0x2a/0x420
[   87.816510][ T5850]  __se_sys_pwritev2+0x179/0x290
[   87.821468][ T5850]  ? __pfx___se_sys_pwritev2+0x10/0x10
[   87.826952][ T5850]  ? rcu_is_watching+0x15/0xb0
[   87.831727][ T5850]  ? do_syscall_64+0xbe/0x3b0
[   87.836416][ T5850]  ? __x64_sys_pwritev2+0x20/0xc0
[   87.841460][ T5850]  do_syscall_64+0xfa/0x3b0
[   87.845981][ T5850]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.852068][ T5850]  ? __switch_to_asm+0x39/0x70
[   87.856849][ T5850]  ? clear_bhb_loop+0x60/0xb0
[   87.861558][ T5850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.867475][ T5850] RIP: 0033:0x7fe3fc82e049
[   87.871907][ T5850] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   87.891540][ T5850] RSP: 002b:00007fe3fc7c1208 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   87.899996][ T5850] RAX: ffffffffffffffda RBX: 00007fe3fc8b56d8 RCX: 00007fe3fc82e049
[   87.907999][ T5850] RDX: 0000000000000001 RSI: 00002000000001c0 RDI: 0000000000000004
[   87.915999][ T5850] RBP: 00007fe3fc8b56d0 R08: 0000000000000000 R09: 0000000000000000
[   87.924001][ T5850] R10: 0000000000000e7b R11: 0000000000000246 R12: 00007fe3fc882614
[   87.931987][ T5850] R13: 000000000000006e R14: 0000200000000080 R15: 00007ffef60cc2b8
[   87.939980][ T5850]  </TASK>
[   87.943260][ T5850] Kernel Offset: disabled
[   87.947597][ T5850] Rebooting in 86400 seconds..