Warning: Permanently added '10.128.1.78' (ED25519) to the list of known hosts.
executing program
[   38.627894][ T3960] loop0: detected capacity change from 0 to 32768
[   38.738351][ T3960] ==================================================================
[   38.740568][ T3960] BUG: KASAN: slab-out-of-bounds in dtSearch+0x131c/0x1f34
[   38.742462][ T3960] Read of size 1 at addr ffff0000de8b4058 by task syz-executor784/3960
[   38.744635][ T3960] 
[   38.745230][ T3960] CPU: 1 PID: 3960 Comm: syz-executor784 Not tainted 5.15.157-syzkaller #0
[   38.747465][ T3960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   38.750056][ T3960] Call trace:
[   38.750921][ T3960]  dump_backtrace+0x0/0x530
[   38.752097][ T3960]  show_stack+0x2c/0x3c
[   38.753181][ T3960]  dump_stack_lvl+0x108/0x170
[   38.754411][ T3960]  print_address_description+0x7c/0x3f0
[   38.755861][ T3960]  kasan_report+0x174/0x1e4
[   38.757005][ T3960]  __asan_report_load1_noabort+0x44/0x50
[   38.758557][ T3960]  dtSearch+0x131c/0x1f34
[   38.759770][ T3960]  jfs_lookup+0x164/0x39c
[   38.760887][ T3960]  __lookup_slow+0x250/0x388
[   38.762013][ T3960]  lookup_slow+0x60/0x84
[   38.763045][ T3960]  walk_component+0x394/0x4cc
[   38.764188][ T3960]  link_path_walk+0x5a0/0xc38
[   38.765339][ T3960]  path_lookupat+0x90/0x3d0
[   38.766538][ T3960]  do_o_path+0xa8/0x214
[   38.767583][ T3960]  path_openat+0x216c/0x26cc
[   38.768724][ T3960]  do_filp_open+0x1a8/0x3b4
[   38.769832][ T3960]  do_sys_openat2+0x128/0x3d8
[   38.770942][ T3960]  __arm64_sys_openat+0x1f0/0x240
[   38.772248][ T3960]  invoke_syscall+0x98/0x2b8
[   38.773412][ T3960]  el0_svc_common+0x138/0x258
[   38.774654][ T3960]  do_el0_svc+0x58/0x14c
[   38.775771][ T3960]  el0_svc+0x7c/0x1f0
[   38.776738][ T3960]  el0t_64_sync_handler+0x84/0xe4
[   38.777886][ T3960]  el0t_64_sync+0x1a0/0x1a4
[   38.779008][ T3960] 
[   38.779575][ T3960] Allocated by task 3960:
[   38.780649][ T3960]  __kasan_slab_alloc+0x8c/0xcc
[   38.781836][ T3960]  slab_post_alloc_hook+0x74/0x3f4
[   38.783133][ T3960]  kmem_cache_alloc+0x1dc/0x45c
[   38.784340][ T3960]  jfs_alloc_inode+0x24/0x60
[   38.785517][ T3960]  new_inode_pseudo+0x68/0x200
[   38.786695][ T3960]  new_inode+0x38/0x174
[   38.787718][ T3960]  ialloc+0x58/0x7c0
[   38.788703][ T3960]  jfs_create+0x190/0xa1c
[   38.789779][ T3960]  path_openat+0xf18/0x26cc
[   38.790881][ T3960]  do_filp_open+0x1a8/0x3b4
[   38.792025][ T3960]  do_sys_openat2+0x128/0x3d8
[   38.793187][ T3960]  __arm64_sys_openat+0x1f0/0x240
[   38.794557][ T3960]  invoke_syscall+0x98/0x2b8
[   38.795797][ T3960]  el0_svc_common+0x138/0x258
[   38.797033][ T3960]  do_el0_svc+0x58/0x14c
[   38.798132][ T3960]  el0_svc+0x7c/0x1f0
[   38.799159][ T3960]  el0t_64_sync_handler+0x84/0xe4
[   38.800444][ T3960]  el0t_64_sync+0x1a0/0x1a4
[   38.801528][ T3960] 
[   38.802132][ T3960] The buggy address belongs to the object at ffff0000de8b3780
[   38.802132][ T3960]  which belongs to the cache jfs_ip of size 2240
[   38.805503][ T3960] The buggy address is located 24 bytes to the right of
[   38.805503][ T3960]  2240-byte region [ffff0000de8b3780, ffff0000de8b4040)
[   38.808840][ T3960] The buggy address belongs to the page:
[   38.810197][ T3960] page:000000005a924bd1 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11e8b0
[   38.812775][ T3960] head:000000005a924bd1 order:3 compound_mapcount:0 compound_pincount:0
[   38.814827][ T3960] flags: 0x5ffe00000010200(slab|head|node=0|zone=2|lastcpupid=0xfff)
[   38.816805][ T3960] raw: 05ffe00000010200 0000000000000000 dead000000000122 ffff0000c61e5380
[   38.818967][ T3960] raw: 0000000000000000 00000000800d000d 00000001ffffffff 0000000000000000
[   38.821045][ T3960] page dumped because: kasan: bad access detected
[   38.822653][ T3960] 
[   38.823221][ T3960] Memory state around the buggy address:
[   38.824746][ T3960]  ffff0000de8b3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.826806][ T3960]  ffff0000de8b3f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.828919][ T3960] >ffff0000de8b4000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   38.831029][ T3960]                                                     ^
[   38.832921][ T3960]  ffff0000de8b4080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   38.835030][ T3960]  ffff0000de8b4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   38.837348][ T3960] ==================================================================
[   38.839437][ T3960] Disabling lock debugging due to kernel taint
[   38.841158][ T3960] ERROR: (device loop0): dtSearch: stack overrun!
[   38.841158][ T3960] 
[   38.843604][ T3960] ERROR: (device loop0): remounting filesystem as read-only
[   38.845553][ T3960] btstack dump:
[   38.846443][ T3960] bn = 0, index = 0
[   38.847380][ T3960] bn = 0, index = 0
[   38.848344][ T3960] bn = 0, index = 0
[   38.849393][ T3960] bn = 0, index = 0
[   38.850353][ T3960] bn = 0, index = 0
[   38.851317][ T3960] bn = 0, index = 0
[   38.852292][ T3960] bn = 0, index = 0
[   38.853263][ T3960] bn = 0, index = 0
[   38.854145][ T3960] jfs_lookup: dtSearch returned -5