Warning: Permanently added '10.128.10.30' (ED25519) to the list of known hosts.
executing program
syzkaller login: [   62.286546][ T4168] loop0: detected capacity change from 0 to 32768
[   62.337364][ T4168] =======================================================
[   62.337364][ T4168] WARNING: The mand mount option has been deprecated and
[   62.337364][ T4168]          and is ignored by this kernel. Remove the mand
[   62.337364][ T4168]          option from the mount to silence this warning.
[   62.337364][ T4168] =======================================================
[   62.405993][ T4168] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   62.437144][ T4167] ocfs2: Unmounting device (7,0) on (node local)
executing program
[   62.706167][ T4173] loop0: detected capacity change from 0 to 32768
[   62.794025][ T4173] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   62.825318][ T4167] ocfs2: Unmounting device (7,0) on (node local)
executing program
[   63.104133][ T4176] loop0: detected capacity change from 0 to 32768
[   63.193929][ T4176] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   63.204527][ T4176] ==================================================================
[   63.212770][ T4176] BUG: KASAN: use-after-free in ocfs2_search_dirblock+0x267/0x7f0
[   63.220634][ T4176] Read of size 1 at addr ffff88807168d8cb by task syz-executor299/4176
[   63.228865][ T4176] 
[   63.231206][ T4176] CPU: 0 PID: 4176 Comm: syz-executor299 Not tainted 5.15.178-syzkaller #0
[   63.239778][ T4176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   63.249830][ T4176] Call Trace:
[   63.253111][ T4176]  <TASK>
[   63.256079][ T4176]  dump_stack_lvl+0x1e3/0x2d0
[   63.260772][ T4176]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   63.266395][ T4176]  ? _printk+0xd1/0x120
[   63.270549][ T4176]  ? __wake_up_klogd+0xcc/0x100
[   63.275401][ T4176]  ? panic+0x860/0x860
[   63.279488][ T4176]  ? _raw_spin_lock_irqsave+0xdd/0x120
[   63.284949][ T4176]  print_address_description+0x63/0x3b0
[   63.290491][ T4176]  ? ocfs2_search_dirblock+0x267/0x7f0
[   63.296068][ T4176]  kasan_report+0x16b/0x1c0
[   63.300560][ T4176]  ? ocfs2_search_dirblock+0x267/0x7f0
[   63.306030][ T4176]  ocfs2_search_dirblock+0x267/0x7f0
[   63.311326][ T4176]  ? ocfs2_read_inode_block+0x148/0x1d0
[   63.316888][ T4176]  ? ocfs2_read_dir_block_direct+0x540/0x540
[   63.322884][ T4176]  ocfs2_find_entry+0x114b/0x26d0
[   63.327918][ T4176]  ? mark_lock+0x98/0x340
[   63.332266][ T4176]  ? unwind_next_frame+0x1437/0x1fa0
[   63.337570][ T4176]  ? ocfs2_free_dir_lookup_result+0x100/0x100
[   63.343660][ T4176]  ? read_lock_is_recursive+0x10/0x10
[   63.349024][ T4176]  ? ocfs2_inode_lock_full_nested+0x177/0x1bf0
[   63.355171][ T4176]  ? __lock_acquire+0x1ff0/0x1ff0
[   63.360184][ T4176]  ? do_raw_spin_lock+0x14a/0x370
[   63.365229][ T4176]  ? do_raw_spin_unlock+0x137/0x8b0
[   63.370534][ T4176]  ? _raw_spin_unlock+0x24/0x40
[   63.375710][ T4176]  ? ocfs2_inode_lock_full_nested+0xb2e/0x1bf0
[   63.381883][ T4176]  ? __kasan_slab_alloc+0x8e/0xc0
[   63.386919][ T4176]  ? d_alloc+0x48/0x1d0
[   63.391086][ T4176]  ? filename_create+0x293/0x530
[   63.396018][ T4176]  ? __x64_sys_mkdir+0x6a/0x80
[   63.400808][ T4176]  ? do_syscall_64+0x3b/0xb0
[   63.405407][ T4176]  ? ocfs2_downconvert_lock+0x500/0x500
[   63.410969][ T4176]  ocfs2_find_files_on_disk+0xea/0x310
[   63.416433][ T4176]  ocfs2_lookup_ino_from_name+0xad/0x1e0
[   63.422098][ T4176]  ? ocfs2_find_files_on_disk+0x310/0x310
[   63.427827][ T4176]  ocfs2_lookup+0x27b/0x9f0
[   63.432330][ T4176]  ? ocfs2_update_inode_fsync_trans+0x200/0x200
[   63.438586][ T4176]  ? do_raw_spin_unlock+0x137/0x8b0
[   63.443784][ T4176]  ? _raw_spin_unlock+0x24/0x40
[   63.448626][ T4176]  ? d_alloc+0x194/0x1d0
[   63.452877][ T4176]  lookup_one_qstr_excl+0x117/0x240
[   63.458115][ T4176]  filename_create+0x293/0x530
[   63.462906][ T4176]  ? kern_path_create+0x180/0x180
[   63.467937][ T4176]  ? __virt_addr_valid+0x3bb/0x460
[   63.473084][ T4176]  do_mkdirat+0xb3/0x520
[   63.477334][ T4176]  ? vfs_mkdir+0x590/0x590
[   63.481747][ T4176]  ? getname_flags+0x1ec/0x4e0
[   63.486531][ T4176]  ? lockdep_hardirqs_on+0x94/0x130
[   63.491735][ T4176]  __x64_sys_mkdir+0x6a/0x80
[   63.496322][ T4176]  do_syscall_64+0x3b/0xb0
[   63.500758][ T4176]  ? clear_bhb_loop+0x15/0x70
[   63.505435][ T4176]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   63.511344][ T4176] RIP: 0033:0x7f8cf262a129
[   63.515754][ T4176] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   63.535349][ T4176] RSP: 002b:00007ffcecedbb78 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[   63.543799][ T4176] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f8cf262a129
[   63.551768][ T4176] RDX: 00007f8cf26292c0 RSI: 0000000000000044 RDI: 0000000020000180
[   63.559769][ T4176] RBP: 0000000000000004 R08: 0000000000004433 R09: 00000000000088c0
[   63.567731][ T4176] R10: 00007ffcecedbc00 R11: 0000000000000246 R12: 00007ffcecedbbc0
[   63.575696][ T4176] R13: 00007ffcecedbc00 R14: 0000000001000000 R15: 0000000000000003
[   63.583798][ T4176]  </TASK>
[   63.586820][ T4176] 
[   63.589139][ T4176] The buggy address belongs to the page:
[   63.594782][ T4176] page:ffffea0001c5a340 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x7168d
[   63.604940][ T4176] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   63.612061][ T4176] raw: 00fff00000000000 ffffea0001c5a388 ffffea0001be9f48 0000000000000000
[   63.620637][ T4176] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   63.629223][ T4176] page dumped because: kasan: bad access detected
[   63.635635][ T4176] page_owner tracks the page as freed
[   63.640990][ T4176] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100cca(GFP_HIGHUSER_MOVABLE), pid 4167, ts 62068650802, free_ts 62070595920
[   63.655594][ T4176]  get_page_from_freelist+0x3b78/0x3d40
[   63.661149][ T4176]  __alloc_pages+0x272/0x700
[   63.665749][ T4176]  alloc_pages_vma+0x39a/0x800
[   63.670520][ T4176]  wp_page_copy+0x24e/0x2070
[   63.675124][ T4176]  handle_mm_fault+0x2a3d/0x5960
[   63.680080][ T4176]  exc_page_fault+0x271/0x700
[   63.684753][ T4176]  asm_exc_page_fault+0x22/0x30
[   63.689625][ T4176] page last free stack trace:
[   63.694283][ T4176]  free_unref_page_prepare+0xc34/0xcf0
[   63.699744][ T4176]  free_unref_page_list+0x1f7/0x8e0
[   63.704933][ T4176]  release_pages+0x1bb9/0x1f40
[   63.709690][ T4176]  tlb_finish_mmu+0x177/0x320
[   63.714376][ T4176]  unmap_region+0x304/0x350
[   63.718982][ T4176]  __do_munmap+0x130a/0x1710
[   63.723560][ T4176]  __vm_munmap+0x134/0x230
[   63.727965][ T4176]  __x64_sys_munmap+0x67/0x70
[   63.732629][ T4176]  do_syscall_64+0x3b/0xb0
[   63.737034][ T4176]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   63.742918][ T4176] 
[   63.745227][ T4176] Memory state around the buggy address:
[   63.750845][ T4176]  ffff88807168d780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   63.758895][ T4176]  ffff88807168d800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   63.767422][ T4176] >ffff88807168d880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   63.775473][ T4176]                                               ^
[   63.782008][ T4176]  ffff88807168d900: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   63.790092][ T4176]  ffff88807168d980: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   63.798143][ T4176] ==================================================================
[   63.806641][ T4176] Disabling lock debugging due to kernel taint
[   63.813099][ T4176] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   63.820295][ T4176] CPU: 0 PID: 4176 Comm: syz-executor299 Tainted: G    B             5.15.178-syzkaller #0
[   63.830311][ T4176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   63.840375][ T4176] Call Trace:
[   63.843649][ T4176]  <TASK>
[   63.846566][ T4176]  dump_stack_lvl+0x1e3/0x2d0
[   63.851234][ T4176]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   63.856880][ T4176]  ? panic+0x860/0x860
[   63.860946][ T4176]  ? rcu_is_watching+0x11/0xa0
[   63.865723][ T4176]  ? preempt_schedule_common+0xa6/0xd0
[   63.871174][ T4176]  panic+0x318/0x860
[   63.875065][ T4176]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[   63.881208][ T4176]  ? check_panic_on_warn+0x1d/0xa0
[   63.886312][ T4176]  ? fb_is_primary_device+0xd0/0xd0
[   63.891501][ T4176]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   63.897488][ T4176]  ? _raw_spin_unlock+0x40/0x40
[   63.902347][ T4176]  check_panic_on_warn+0x7e/0xa0
[   63.907272][ T4176]  ? ocfs2_search_dirblock+0x267/0x7f0
[   63.912719][ T4176]  end_report+0x6d/0xf0
[   63.916871][ T4176]  kasan_report+0x18e/0x1c0
[   63.921367][ T4176]  ? ocfs2_search_dirblock+0x267/0x7f0
[   63.926952][ T4176]  ocfs2_search_dirblock+0x267/0x7f0
[   63.932229][ T4176]  ? ocfs2_read_inode_block+0x148/0x1d0
[   63.937772][ T4176]  ? ocfs2_read_dir_block_direct+0x540/0x540
[   63.943747][ T4176]  ocfs2_find_entry+0x114b/0x26d0
[   63.948766][ T4176]  ? mark_lock+0x98/0x340
[   63.953101][ T4176]  ? unwind_next_frame+0x1437/0x1fa0
[   63.958378][ T4176]  ? ocfs2_free_dir_lookup_result+0x100/0x100
[   63.964463][ T4176]  ? read_lock_is_recursive+0x10/0x10
[   63.969844][ T4176]  ? ocfs2_inode_lock_full_nested+0x177/0x1bf0
[   63.975985][ T4176]  ? __lock_acquire+0x1ff0/0x1ff0
[   63.980998][ T4176]  ? do_raw_spin_lock+0x14a/0x370
[   63.986012][ T4176]  ? do_raw_spin_unlock+0x137/0x8b0
[   63.991217][ T4176]  ? _raw_spin_unlock+0x24/0x40
[   63.996056][ T4176]  ? ocfs2_inode_lock_full_nested+0xb2e/0x1bf0
[   64.002201][ T4176]  ? __kasan_slab_alloc+0x8e/0xc0
[   64.007225][ T4176]  ? d_alloc+0x48/0x1d0
[   64.011368][ T4176]  ? filename_create+0x293/0x530
[   64.016309][ T4176]  ? __x64_sys_mkdir+0x6a/0x80
[   64.021080][ T4176]  ? do_syscall_64+0x3b/0xb0
[   64.025680][ T4176]  ? ocfs2_downconvert_lock+0x500/0x500
[   64.031309][ T4176]  ocfs2_find_files_on_disk+0xea/0x310
[   64.036758][ T4176]  ocfs2_lookup_ino_from_name+0xad/0x1e0
[   64.042383][ T4176]  ? ocfs2_find_files_on_disk+0x310/0x310
[   64.048095][ T4176]  ocfs2_lookup+0x27b/0x9f0
[   64.052606][ T4176]  ? ocfs2_update_inode_fsync_trans+0x200/0x200
[   64.058833][ T4176]  ? do_raw_spin_unlock+0x137/0x8b0
[   64.064019][ T4176]  ? _raw_spin_unlock+0x24/0x40
[   64.068857][ T4176]  ? d_alloc+0x194/0x1d0
[   64.073092][ T4176]  lookup_one_qstr_excl+0x117/0x240
[   64.078382][ T4176]  filename_create+0x293/0x530
[   64.083133][ T4176]  ? kern_path_create+0x180/0x180
[   64.088145][ T4176]  ? __virt_addr_valid+0x3bb/0x460
[   64.093246][ T4176]  do_mkdirat+0xb3/0x520
[   64.097480][ T4176]  ? vfs_mkdir+0x590/0x590
[   64.101882][ T4176]  ? getname_flags+0x1ec/0x4e0
[   64.106651][ T4176]  ? lockdep_hardirqs_on+0x94/0x130
[   64.111845][ T4176]  __x64_sys_mkdir+0x6a/0x80
[   64.116457][ T4176]  do_syscall_64+0x3b/0xb0
[   64.120857][ T4176]  ? clear_bhb_loop+0x15/0x70
[   64.125522][ T4176]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   64.131404][ T4176] RIP: 0033:0x7f8cf262a129
[   64.135807][ T4176] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   64.155404][ T4176] RSP: 002b:00007ffcecedbb78 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[   64.163925][ T4176] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f8cf262a129
[   64.171886][ T4176] RDX: 00007f8cf26292c0 RSI: 0000000000000044 RDI: 0000000020000180
[   64.179933][ T4176] RBP: 0000000000000004 R08: 0000000000004433 R09: 00000000000088c0
[   64.187894][ T4176] R10: 00007ffcecedbc00 R11: 0000000000000246 R12: 00007ffcecedbbc0
[   64.195946][ T4176] R13: 00007ffcecedbc00 R14: 0000000001000000 R15: 0000000000000003
[   64.203933][ T4176]  </TASK>
[   64.207254][ T4176] Kernel Offset: disabled
[   64.211584][ T4176] Rebooting in 86400 seconds..