Warning: Permanently added '10.128.10.21' (ED25519) to the list of known hosts.
executing program
syzkaller login: [   60.646252][ T4165] loop0: detected capacity change from 0 to 32768
[   60.694012][ T4165] =======================================================
[   60.694012][ T4165] WARNING: The mand mount option has been deprecated and
[   60.694012][ T4165]          and is ignored by this kernel. Remove the mand
[   60.694012][ T4165]          option from the mount to silence this warning.
[   60.694012][ T4165] =======================================================
[   60.763015][ T4165] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   60.804406][ T4164] ocfs2: Unmounting device (7,0) on (node local)
executing program
[   61.075233][ T4169] loop0: detected capacity change from 0 to 32768
[   61.163039][ T4169] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   61.190588][ T4164] ocfs2: Unmounting device (7,0) on (node local)
executing program
[   61.459010][ T4172] loop0: detected capacity change from 0 to 32768
[   61.551618][ T4172] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   61.563353][ T4172] ==================================================================
[   61.571665][ T4172] BUG: KASAN: use-after-free in ocfs2_search_dirblock+0x267/0x7f0
[   61.579513][ T4172] Read of size 1 at addr ffff88806de318cb by task syz-executor292/4172
[   61.587756][ T4172] 
[   61.590100][ T4172] CPU: 1 PID: 4172 Comm: syz-executor292 Not tainted 5.15.178-syzkaller #0
[   61.598675][ T4172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   61.608727][ T4172] Call Trace:
[   61.612002][ T4172]  <TASK>
[   61.614923][ T4172]  dump_stack_lvl+0x1e3/0x2d0
[   61.619605][ T4172]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   61.625225][ T4172]  ? _printk+0xd1/0x120
[   61.629383][ T4172]  ? __wake_up_klogd+0xcc/0x100
[   61.634236][ T4172]  ? panic+0x860/0x860
[   61.638294][ T4172]  ? _raw_spin_lock_irqsave+0xdd/0x120
[   61.643749][ T4172]  print_address_description+0x63/0x3b0
[   61.649290][ T4172]  ? ocfs2_search_dirblock+0x267/0x7f0
[   61.654756][ T4172]  kasan_report+0x16b/0x1c0
[   61.659247][ T4172]  ? ocfs2_search_dirblock+0x267/0x7f0
[   61.664700][ T4172]  ocfs2_search_dirblock+0x267/0x7f0
[   61.669988][ T4172]  ? stack_trace_snprint+0xe0/0xe0
[   61.675118][ T4172]  ? ocfs2_read_inode_block+0x148/0x1d0
[   61.680662][ T4172]  ? ocfs2_read_dir_block_direct+0x540/0x540
[   61.686660][ T4172]  ? __lock_acquire+0x1295/0x1ff0
[   61.691682][ T4172]  ocfs2_find_entry+0x114b/0x26d0
[   61.696708][ T4172]  ? mark_lock+0x98/0x340
[   61.701052][ T4172]  ? ocfs2_free_dir_lookup_result+0x100/0x100
[   61.707157][ T4172]  ? read_lock_is_recursive+0x10/0x10
[   61.712519][ T4172]  ? ocfs2_inode_lock_full_nested+0x177/0x1bf0
[   61.718677][ T4172]  ? __lock_acquire+0x1ff0/0x1ff0
[   61.723694][ T4172]  ? do_raw_spin_lock+0x14a/0x370
[   61.728713][ T4172]  ? do_raw_spin_unlock+0x137/0x8b0
[   61.733899][ T4172]  ? __lock_acquire+0x1295/0x1ff0
[   61.738924][ T4172]  ? _raw_spin_unlock+0x24/0x40
[   61.743765][ T4172]  ? ocfs2_inode_lock_full_nested+0xb2e/0x1bf0
[   61.750199][ T4172]  ? ocfs2_downconvert_lock+0x500/0x500
[   61.755756][ T4172]  ocfs2_find_files_on_disk+0xea/0x310
[   61.761212][ T4172]  ocfs2_lookup_ino_from_name+0xad/0x1e0
[   61.766837][ T4172]  ? ocfs2_find_files_on_disk+0x310/0x310
[   61.772573][ T4172]  ? _raw_spin_unlock+0x24/0x40
[   61.777451][ T4172]  ocfs2_lookup+0x27b/0x9f0
[   61.781951][ T4172]  ? ocfs2_update_inode_fsync_trans+0x200/0x200
[   61.788196][ T4172]  ? HAS_UNMAPPED_ID+0x1ef/0x240
[   61.793128][ T4172]  ? inode_permission+0xf7/0x450
[   61.798061][ T4172]  ? ocfs2_getattr+0x380/0x380
[   61.802815][ T4172]  ? bpf_lsm_inode_create+0x5/0x10
[   61.807936][ T4172]  ? security_inode_create+0xb4/0x100
[   61.813303][ T4172]  ? ocfs2_update_inode_fsync_trans+0x200/0x200
[   61.819534][ T4172]  path_openat+0x111d/0x2f20
[   61.824137][ T4172]  ? do_filp_open+0x460/0x460
[   61.828838][ T4172]  do_filp_open+0x21c/0x460
[   61.833331][ T4172]  ? vfs_tmpfile+0x2e0/0x2e0
[   61.837936][ T4172]  ? _raw_spin_unlock+0x24/0x40
[   61.842778][ T4172]  ? alloc_fd+0x598/0x630
[   61.847121][ T4172]  do_sys_openat2+0x13b/0x4f0
[   61.851794][ T4172]  ? do_sys_open+0x220/0x220
[   61.856382][ T4172]  __x64_sys_openat+0x243/0x290
[   61.861225][ T4172]  ? __ia32_sys_open+0x270/0x270
[   61.866154][ T4172]  ? syscall_enter_from_user_mode+0x2e/0x240
[   61.872130][ T4172]  ? lockdep_hardirqs_on+0x94/0x130
[   61.877320][ T4172]  ? syscall_enter_from_user_mode+0x2e/0x240
[   61.883300][ T4172]  do_syscall_64+0x3b/0xb0
[   61.887725][ T4172]  ? clear_bhb_loop+0x15/0x70
[   61.892391][ T4172]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   61.898275][ T4172] RIP: 0033:0x7ff9695ca769
[   61.902686][ T4172] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   61.922282][ T4172] RSP: 002b:00007ffed3ffeb68 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   61.930689][ T4172] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007ff9695ca769
[   61.938650][ T4172] RDX: 000000000000275a RSI: 00000000200001c0 RDI: 00000000ffffff9c
[   61.946610][ T4172] RBP: 0000000000000004 R08: 0000000000004433 R09: 00000000000088c0
[   61.954571][ T4172] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffed3ffebb0
[   61.962547][ T4172] R13: 00007ffed3ffebf0 R14: 0000000001000000 R15: 0000000000000003
[   61.970550][ T4172]  </TASK>
[   61.973572][ T4172] 
[   61.975886][ T4172] The buggy address belongs to the page:
[   61.981536][ T4172] page:ffffea0001b78c40 refcount:0 mapcount:0 mapping:0000000000000000 index:0x100 pfn:0x6de31
[   61.991862][ T4172] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   61.998996][ T4172] raw: 00fff00000000000 dead000000000100 dead000000000122 0000000000000000
[   62.007566][ T4172] raw: 0000000000000100 0000000000000000 00000000ffffffff 0000000000000000
[   62.016128][ T4172] page dumped because: kasan: bad access detected
[   62.022529][ T4172] page_owner tracks the page as freed
[   62.027908][ T4172] page last allocated via order 0, migratetype Movable, gfp_mask 0x108c48(GFP_NOFS|__GFP_NOFAIL|__GFP_HARDWALL|__GFP_MOVABLE), pid 4169, ts 61157768261, free_ts 61201821346
[   62.045017][ T4172]  get_page_from_freelist+0x3b78/0x3d40
[   62.050581][ T4172]  __alloc_pages+0x272/0x700
[   62.055183][ T4172]  __page_cache_alloc+0xd4/0x4a0
[   62.060112][ T4172]  pagecache_get_page+0xa91/0x1010
[   62.065212][ T4172]  __getblk_gfp+0x22a/0xaf0
[   62.069703][ T4172]  ocfs2_read_blocks_sync+0x407/0xbc0
[   62.075073][ T4172]  ocfs2_iget+0x9db/0x1f90
[   62.079483][ T4172]  ocfs2_get_system_file_inode+0x353/0x7b0
[   62.085285][ T4172]  ocfs2_mount_volume+0x2f7/0x19e0
[   62.090512][ T4172]  ocfs2_fill_super+0x34ec/0x5890
[   62.095536][ T4172]  mount_bdev+0x2c9/0x3f0
[   62.099866][ T4172]  legacy_get_tree+0xeb/0x180
[   62.104533][ T4172]  vfs_get_tree+0x88/0x270
[   62.108952][ T4172]  do_new_mount+0x2ba/0xb40
[   62.113460][ T4172]  __se_sys_mount+0x2d5/0x3c0
[   62.118218][ T4172]  do_syscall_64+0x3b/0xb0
[   62.122628][ T4172] page last free stack trace:
[   62.127288][ T4172]  free_unref_page_prepare+0xc34/0xcf0
[   62.132772][ T4172]  free_unref_page_list+0x1f7/0x8e0
[   62.137958][ T4172]  release_pages+0x1bb9/0x1f40
[   62.142728][ T4172]  __pagevec_release+0x80/0xf0
[   62.147500][ T4172]  truncate_inode_pages_range+0x48b/0x1290
[   62.153311][ T4172]  blkdev_flush_mapping+0x182/0x340
[   62.158499][ T4172]  blkdev_put+0x4f1/0x790
[   62.162814][ T4172]  deactivate_locked_super+0xa0/0x110
[   62.168175][ T4172]  cleanup_mnt+0x44e/0x500
[   62.172590][ T4172]  task_work_run+0x129/0x1a0
[   62.177193][ T4172]  exit_to_user_mode_loop+0x106/0x130
[   62.182556][ T4172]  exit_to_user_mode_prepare+0xb1/0x140
[   62.188110][ T4172]  syscall_exit_to_user_mode+0x5d/0x240
[   62.193642][ T4172]  do_syscall_64+0x47/0xb0
[   62.198045][ T4172]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   62.203948][ T4172] 
[   62.206257][ T4172] Memory state around the buggy address:
[   62.211969][ T4172]  ffff88806de31780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   62.220127][ T4172]  ffff88806de31800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   62.228188][ T4172] >ffff88806de31880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   62.236229][ T4172]                                               ^
[   62.242627][ T4172]  ffff88806de31900: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   62.250674][ T4172]  ffff88806de31980: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   62.258719][ T4172] ==================================================================
[   62.266761][ T4172] Disabling lock debugging due to kernel taint
[   62.273670][ T4172] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   62.280892][ T4172] CPU: 1 PID: 4172 Comm: syz-executor292 Tainted: G    B             5.15.178-syzkaller #0
[   62.290880][ T4172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   62.300963][ T4172] Call Trace:
[   62.304232][ T4172]  <TASK>
[   62.307169][ T4172]  dump_stack_lvl+0x1e3/0x2d0
[   62.311842][ T4172]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   62.317462][ T4172]  ? panic+0x860/0x860
[   62.321516][ T4172]  ? rcu_is_watching+0x11/0xa0
[   62.326283][ T4172]  ? preempt_schedule_common+0xa6/0xd0
[   62.331747][ T4172]  panic+0x318/0x860
[   62.335632][ T4172]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[   62.341772][ T4172]  ? check_panic_on_warn+0x1d/0xa0
[   62.346880][ T4172]  ? fb_is_primary_device+0xd0/0xd0
[   62.352075][ T4172]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   62.358041][ T4172]  ? _raw_spin_unlock+0x40/0x40
[   62.362892][ T4172]  check_panic_on_warn+0x7e/0xa0
[   62.367820][ T4172]  ? ocfs2_search_dirblock+0x267/0x7f0
[   62.373282][ T4172]  end_report+0x6d/0xf0
[   62.377424][ T4172]  kasan_report+0x18e/0x1c0
[   62.381909][ T4172]  ? ocfs2_search_dirblock+0x267/0x7f0
[   62.387356][ T4172]  ocfs2_search_dirblock+0x267/0x7f0
[   62.392631][ T4172]  ? stack_trace_snprint+0xe0/0xe0
[   62.397729][ T4172]  ? ocfs2_read_inode_block+0x148/0x1d0
[   62.403258][ T4172]  ? ocfs2_read_dir_block_direct+0x540/0x540
[   62.409238][ T4172]  ? __lock_acquire+0x1295/0x1ff0
[   62.414250][ T4172]  ocfs2_find_entry+0x114b/0x26d0
[   62.419270][ T4172]  ? mark_lock+0x98/0x340
[   62.423592][ T4172]  ? ocfs2_free_dir_lookup_result+0x100/0x100
[   62.429678][ T4172]  ? read_lock_is_recursive+0x10/0x10
[   62.435052][ T4172]  ? ocfs2_inode_lock_full_nested+0x177/0x1bf0
[   62.441221][ T4172]  ? __lock_acquire+0x1ff0/0x1ff0
[   62.446245][ T4172]  ? do_raw_spin_lock+0x14a/0x370
[   62.451280][ T4172]  ? do_raw_spin_unlock+0x137/0x8b0
[   62.456478][ T4172]  ? __lock_acquire+0x1295/0x1ff0
[   62.461499][ T4172]  ? _raw_spin_unlock+0x24/0x40
[   62.466357][ T4172]  ? ocfs2_inode_lock_full_nested+0xb2e/0x1bf0
[   62.472504][ T4172]  ? ocfs2_downconvert_lock+0x500/0x500
[   62.478047][ T4172]  ocfs2_find_files_on_disk+0xea/0x310
[   62.483500][ T4172]  ocfs2_lookup_ino_from_name+0xad/0x1e0
[   62.489123][ T4172]  ? ocfs2_find_files_on_disk+0x310/0x310
[   62.494838][ T4172]  ? _raw_spin_unlock+0x24/0x40
[   62.499689][ T4172]  ocfs2_lookup+0x27b/0x9f0
[   62.504196][ T4172]  ? ocfs2_update_inode_fsync_trans+0x200/0x200
[   62.510448][ T4172]  ? HAS_UNMAPPED_ID+0x1ef/0x240
[   62.515461][ T4172]  ? inode_permission+0xf7/0x450
[   62.520408][ T4172]  ? ocfs2_getattr+0x380/0x380
[   62.525181][ T4172]  ? bpf_lsm_inode_create+0x5/0x10
[   62.530284][ T4172]  ? security_inode_create+0xb4/0x100
[   62.535731][ T4172]  ? ocfs2_update_inode_fsync_trans+0x200/0x200
[   62.541959][ T4172]  path_openat+0x111d/0x2f20
[   62.546546][ T4172]  ? do_filp_open+0x460/0x460
[   62.551217][ T4172]  do_filp_open+0x21c/0x460
[   62.555708][ T4172]  ? vfs_tmpfile+0x2e0/0x2e0
[   62.560288][ T4172]  ? _raw_spin_unlock+0x24/0x40
[   62.565130][ T4172]  ? alloc_fd+0x598/0x630
[   62.569464][ T4172]  do_sys_openat2+0x13b/0x4f0
[   62.574147][ T4172]  ? do_sys_open+0x220/0x220
[   62.578733][ T4172]  __x64_sys_openat+0x243/0x290
[   62.583578][ T4172]  ? __ia32_sys_open+0x270/0x270
[   62.588526][ T4172]  ? syscall_enter_from_user_mode+0x2e/0x240
[   62.594502][ T4172]  ? lockdep_hardirqs_on+0x94/0x130
[   62.599699][ T4172]  ? syscall_enter_from_user_mode+0x2e/0x240
[   62.605690][ T4172]  do_syscall_64+0x3b/0xb0
[   62.610096][ T4172]  ? clear_bhb_loop+0x15/0x70
[   62.614763][ T4172]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   62.620649][ T4172] RIP: 0033:0x7ff9695ca769
[   62.625059][ T4172] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   62.644651][ T4172] RSP: 002b:00007ffed3ffeb68 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   62.653057][ T4172] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007ff9695ca769
[   62.661017][ T4172] RDX: 000000000000275a RSI: 00000000200001c0 RDI: 00000000ffffff9c
[   62.668974][ T4172] RBP: 0000000000000004 R08: 0000000000004433 R09: 00000000000088c0
[   62.676931][ T4172] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffed3ffebb0
[   62.684911][ T4172] R13: 00007ffed3ffebf0 R14: 0000000001000000 R15: 0000000000000003
[   62.692897][ T4172]  </TASK>
[   62.696193][ T4172] Kernel Offset: disabled
[   62.700513][ T4172] Rebooting in 86400 seconds..