Warning: Permanently added '[localhost]:20181' (ED25519) to the list of known hosts.
executing program
syzkaller login: [ 86.643978][ T8] cfg80211: failed to load regulatory.db
[ 86.888791][ T5091] loop0: detected capacity change from 0 to 32768
[ 86.946667][ T5091] JBD2: Ignoring recovery information on journal
[ 86.990639][ T5091] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 87.009961][ T24] audit: type=1800 audit(1723783485.698:2): pid=5091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor321" name="file1" dev="loop0" ino=16946 res=0 errno=0
[ 87.031025][ T5090] ocfs2: Unmounting device (7,0) on (node local)
executing program
[ 87.380126][ T5095] loop0: detected capacity change from 0 to 32768
[ 87.419466][ T5095] JBD2: Ignoring recovery information on journal
[ 87.456044][ T5095] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 87.461593][ T24] audit: type=1800 audit(1723783486.148:3): pid=5095 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor321" name="file1" dev="loop0" ino=16946 res=0 errno=0
[ 87.485146][ T5090] ocfs2: Unmounting device (7,0) on (node local)
executing program
[ 87.936580][ T5098] loop0: detected capacity change from 0 to 32768
[ 87.983728][ T5098] JBD2: Ignoring recovery information on journal
[ 88.018712][ T5098] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 88.033249][ T24] audit: type=1800 audit(1723783486.728:4): pid=5098 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor321" name="file1" dev="loop0" ino=16946 res=0 errno=0
[ 88.056432][ T5090] ocfs2: Unmounting device (7,0) on (node local)
executing program
[ 88.511077][ T5101] loop0: detected capacity change from 0 to 32768
[ 88.549581][ T5101] JBD2: Ignoring recovery information on journal
[ 88.590829][ T5101] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 88.613907][ T24] audit: type=1800 audit(1723783487.298:5): pid=5101 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor321" name="file1" dev="loop0" ino=16946 res=0 errno=0
[ 88.635290][ T5090] ocfs2: Unmounting device (7,0) on (node local)
executing program
[ 89.182041][ T5104] loop0: detected capacity change from 0 to 32768
[ 89.215552][ T5104] JBD2: Ignoring recovery information on journal
[ 89.262760][ T5104] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 89.280002][ T24] audit: type=1800 audit(1723783487.968:6): pid=5104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor321" name="file1" dev="loop0" ino=16946 res=0 errno=0
[ 89.292449][ T5090] ocfs2: Unmounting device (7,0) on (node local)
executing program
[ 89.798708][ T5107] loop0: detected capacity change from 0 to 32768
[ 89.844474][ T5107] JBD2: Ignoring recovery information on journal
[ 89.879304][ T5107] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 89.885636][ T24] audit: type=1800 audit(1723783488.578:7): pid=5107 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor321" name="file1" dev="loop0" ino=16946 res=0 errno=0
[ 89.910784][ T5090] ocfs2: Unmounting device (7,0) on (node local)
executing program
[ 90.369455][ T5110] loop0: detected capacity change from 0 to 32768
[ 90.401252][ T5110] JBD2: Ignoring recovery information on journal
[ 90.439269][ T5110] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 90.452422][ T24] audit: type=1800 audit(1723783489.138:8): pid=5110 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor321" name="file1" dev="loop0" ino=16946 res=0 errno=0
[ 90.463902][ T5090] ocfs2: Unmounting device (7,0) on (node local)
executing program
[ 90.898834][ T5113] loop0: detected capacity change from 0 to 32768
[ 90.949149][ T5113] JBD2: Ignoring recovery information on journal
[ 90.984130][ T5113] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 90.993524][ T24] audit: type=1800 audit(1723783489.688:9): pid=5113 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor321" name="file1" dev="loop0" ino=16946 res=0 errno=0
[ 91.016666][ T5090] ocfs2: Unmounting device (7,0) on (node local)
executing program
[ 91.379567][ T5116] loop0: detected capacity change from 0 to 32768
[ 91.430578][ T5116] JBD2: Ignoring recovery information on journal
[ 91.460626][ T5116] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 91.474154][ T24] audit: type=1800 audit(1723783490.158:10): pid=5116 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor321" name="file1" dev="loop0" ino=16946 res=0 errno=0
[ 91.484895][ T5090] ocfs2: Unmounting device (7,0) on (node local)
executing program
[ 91.940635][ T5119] loop0: detected capacity change from 0 to 32768
[ 91.977163][ T5119] JBD2: Ignoring recovery information on journal
[ 92.016809][ T5119] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 92.023397][ T24] audit: type=1800 audit(1723783490.708:11): pid=5119 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor321" name="file1" dev="loop0" ino=16946 res=0 errno=0
[ 92.045767][ T5090] ocfs2: Unmounting device (7,0) on (node local)
executing program
[ 92.479349][ T5122] loop0: detected capacity change from 0 to 32768
[ 92.535920][ T5122] JBD2: Ignoring recovery information on journal
[ 92.574342][ T5122] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 92.580195][ T24] audit: type=1800 audit(1723783491.268:12): pid=5122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor321" name="file1" dev="loop0" ino=16946 res=0 errno=0
[ 92.603032][ T5090] ocfs2: Unmounting device (7,0) on (node local)
executing program
[ 93.021357][ T5125] loop0: detected capacity change from 0 to 32768
[ 93.049160][ T5125] JBD2: Ignoring recovery information on journal
[ 93.094018][ T5125] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 93.113754][ T24] audit: type=1800 audit(1723783491.808:13): pid=5125 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor321" name="file1" dev="loop0" ino=16946 res=0 errno=0
[ 93.126198][ T5090] ocfs2: Unmounting device (7,0) on (node local)
executing program
[ 93.571476][ T5128] loop0: detected capacity change from 0 to 32768
[ 93.603830][ T5128] JBD2: Ignoring recovery information on journal
[ 93.655974][ T5128] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 93.669580][ T5090] ocfs2: Unmounting device (7,0) on (node local)
[ 93.686095][ T24] audit: type=1800 audit(1723783492.348:14): pid=5128 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor321" name="file1" dev="loop0" ino=16946 res=0 errno=0
executing program
[ 94.238242][ T5131] loop0: detected capacity change from 0 to 32768
[ 94.266503][ T5131] JBD2: Ignoring recovery information on journal
[ 94.308385][ T5131] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 94.326185][ T24] audit: type=1800 audit(1723783493.018:15): pid=5131 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor321" name="file1" dev="loop0" ino=16946 res=0 errno=0
[ 94.338138][ T5090] ocfs2: Unmounting device (7,0) on (node local)
executing program
[ 94.765764][ T5134] loop0: detected capacity change from 0 to 32768
[ 94.795276][ T5134] JBD2: Ignoring recovery information on journal
[ 94.829137][ T5134] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 94.843402][ T24] audit: type=1800 audit(1723783493.538:16): pid=5134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor321" name="file1" dev="loop0" ino=16946 res=0 errno=0
[ 94.866372][ T5090] ocfs2: Unmounting device (7,0) on (node local)
executing program
[ 95.279629][ T5137] loop0: detected capacity change from 0 to 32768
[ 95.330354][ T5137] JBD2: Ignoring recovery information on journal
[ 95.366471][ T5137] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 95.372531][ T24] audit: type=1800 audit(1723783494.058:17): pid=5137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor321" name="file1" dev="loop0" ino=16946 res=0 errno=0
[ 95.383782][ T5090] ocfs2: Unmounting device (7,0) on (node local)
executing program
[ 95.844805][ T5140] loop0: detected capacity change from 0 to 32768
[ 95.890305][ T5140] JBD2: Ignoring recovery information on journal
[ 95.923675][ T5140] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 95.935323][ T5140] ==================================================================
[ 95.938402][ T5140] BUG: KASAN: slab-out-of-bounds in ocfs2_search_dirblock+0x26b/0x830
[ 95.941653][ T5140] Read of size 1 at addr ffff888011cb7982 by task syz-executor321/5140
[ 95.945434][ T5140]
[ 95.946393][ T5140] CPU: 0 UID: 0 PID: 5140 Comm: syz-executor321 Not tainted 6.11.0-rc3-syzkaller-00156-gd7a5aa4b3c00 #0
[ 95.950624][ T5140] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 95.954688][ T5140] Call Trace:
[ 95.955994][ T5140]
[ 95.957070][ T5140] dump_stack_lvl+0x241/0x360
[ 95.958919][ T5140] ? __pfx_dump_stack_lvl+0x10/0x10
[ 95.960909][ T5140] ? __pfx__printk+0x10/0x10
[ 95.962676][ T5140] ? _printk+0xd5/0x120
[ 95.964287][ T5140] ? __virt_addr_valid+0x183/0x530
[ 95.966285][ T5140] ? __virt_addr_valid+0x183/0x530
[ 95.968270][ T5140] print_report+0x169/0x550
[ 95.970081][ T5140] ? __virt_addr_valid+0x183/0x530
[ 95.972090][ T5140] ? __virt_addr_valid+0x183/0x530
[ 95.974094][ T5140] ? __virt_addr_valid+0x45f/0x530
[ 95.976137][ T5140] ? __phys_addr+0xba/0x170
[ 95.977675][ T5140] ? ocfs2_search_dirblock+0x26b/0x830
[ 95.979573][ T5140] kasan_report+0x143/0x180
[ 95.981006][ T5140] ? ocfs2_search_dirblock+0x26b/0x830
[ 95.982715][ T5140] ocfs2_search_dirblock+0x26b/0x830
[ 95.984642][ T5140] ? ocfs2_read_inode_block+0x14c/0x1e0
[ 95.986630][ T5140] ? __pfx_ocfs2_search_dirblock+0x10/0x10
[ 95.988828][ T5140] ? validate_chain+0x11e/0x5900
[ 95.990685][ T5140] ocfs2_find_entry+0x1169/0x2780
[ 95.992550][ T5140] ? mark_lock+0x9a/0x350
[ 95.994185][ T5140] ? __lock_acquire+0x137a/0x2040
[ 95.996190][ T5140] ? __pfx_ocfs2_find_entry+0x10/0x10
[ 95.998316][ T5140] ? __pfx_lock_acquire+0x10/0x10
[ 96.000240][ T5140] ? ocfs2_inode_lock_full_nested+0x17b/0x1c10
[ 96.002593][ T5140] ? __pfx_lock_release+0x10/0x10
[ 96.004490][ T5140] ? do_raw_spin_lock+0x14f/0x370
[ 96.006450][ T5140] ? do_raw_spin_unlock+0x58/0x8b0
[ 96.008403][ T5140] ? _raw_spin_unlock+0x28/0x50
[ 96.010433][ T5140] ? ocfs2_inode_lock_full_nested+0xb2f/0x1c10
[ 96.012926][ T5140] ? __pfx_ocfs2_inode_lock_full_nested+0x10/0x10
[ 96.015360][ T5140] ocfs2_find_files_on_disk+0xff/0x360
[ 96.017321][ T5140] ocfs2_lookup_ino_from_name+0xb1/0x1e0
[ 96.019538][ T5140] ? __pfx_ocfs2_lookup_ino_from_name+0x10/0x10
[ 96.021927][ T5140] ocfs2_lookup+0x292/0xa60
[ 96.023868][ T5140] ? __pfx_ocfs2_lookup+0x10/0x10
[ 96.025640][ T5140] ? from_kgid+0x1a7/0x730
[ 96.027243][ T5140] ? make_vfsgid+0x46/0x90
[ 96.028821][ T5140] ? HAS_UNMAPPED_ID+0xf9/0x150
[ 96.030589][ T5140] ? inode_permission+0xff/0x460
[ 96.032296][ T5140] ? __pfx_ocfs2_permission+0x10/0x10
[ 96.034211][ T5140] ? bpf_lsm_inode_create+0x9/0x10
[ 96.036099][ T5140] ? security_inode_create+0xc2/0x110
[ 96.038066][ T5140] ? __pfx_ocfs2_lookup+0x10/0x10
[ 96.039881][ T5140] path_openat+0x11cc/0x3470
[ 96.041682][ T5140] ? __pfx_path_openat+0x10/0x10
[ 96.043594][ T5140] do_filp_open+0x235/0x490
[ 96.045069][ T5140] ? __pfx_do_filp_open+0x10/0x10
[ 96.046757][ T5140] ? _raw_spin_unlock+0x28/0x50
[ 96.048512][ T5140] ? alloc_fd+0x5a1/0x640
[ 96.050132][ T5140] do_sys_openat2+0x13e/0x1d0
[ 96.051741][ T5140] ? mntput_no_expire+0xc2/0x850
[ 96.053500][ T5140] ? __pfx_do_sys_openat2+0x10/0x10
[ 96.055124][ T5140] ? __pfx_mntput_no_expire+0x10/0x10
[ 96.056818][ T5140] __x64_sys_openat+0x247/0x2a0
[ 96.058390][ T5140] ? __pfx___x64_sys_openat+0x10/0x10
[ 96.060271][ T5140] ? do_syscall_64+0x100/0x230
[ 96.062063][ T5140] ? do_syscall_64+0xb6/0x230
[ 96.063874][ T5140] do_syscall_64+0xf3/0x230
[ 96.065627][ T5140] ? clear_bhb_loop+0x35/0x90
[ 96.067413][ T5140] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 96.069510][ T5140] RIP: 0033:0x7f9ee60650e9
[ 96.071031][ T5140] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 96.077836][ T5140] RSP: 002b:00007fff52287c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 96.080736][ T5140] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9ee60650e9
[ 96.083497][ T5140] RDX: 0000000000105042 RSI: 0000000020000080 RDI: 00000000ffffff9c
[ 96.086245][ T5140] RBP: 00000000ffffffff R08: 000000000000447f R09: 0000000002800400
[ 96.088988][ T5140] R10: 00000000000001ff R11: 0000000000000246 R12: 00007fff52287cc0
[ 96.091766][ T5140] R13: 00007fff52287d00 R14: 0000000001000000 R15: 0000000000000003
[ 96.094778][ T5140]
[ 96.095960][ T5140]
[ 96.096881][ T5140] Allocated by task 4587:
[ 96.098665][ T5140] kasan_save_track+0x3f/0x80
[ 96.100341][ T5140] __kasan_kmalloc+0x98/0xb0
[ 96.101973][ T5140] __kmalloc_noprof+0x1fc/0x400
[ 96.103629][ T5140] tomoyo_realpath_from_path+0xcf/0x5e0
[ 96.105531][ T5140] tomoyo_path_perm+0x2b7/0x740
[ 96.107375][ T5140] security_inode_getattr+0xd8/0x130
[ 96.109338][ T5140] vfs_getattr+0x45/0x430
[ 96.110842][ T5140] vfs_statx+0x199/0x490
[ 96.112259][ T5140] vfs_fstatat+0x145/0x190
[ 96.113721][ T5140] __x64_sys_newfstatat+0x11d/0x1a0
[ 96.115590][ T5140] do_syscall_64+0xf3/0x230
[ 96.117108][ T5140] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 96.119102][ T5140]
[ 96.119961][ T5140] Freed by task 4587:
[ 96.121310][ T5140] kasan_save_track+0x3f/0x80
[ 96.123000][ T5140] kasan_save_free_info+0x40/0x50
[ 96.124921][ T5140] poison_slab_object+0xe0/0x150
[ 96.126840][ T5140] __kasan_slab_free+0x37/0x60
[ 96.128694][ T5140] kfree+0x149/0x360
[ 96.130189][ T5140] tomoyo_realpath_from_path+0x5a9/0x5e0
[ 96.132312][ T5140] tomoyo_path_perm+0x2b7/0x740
[ 96.134194][ T5140] security_inode_getattr+0xd8/0x130
[ 96.136195][ T5140] vfs_getattr+0x45/0x430
[ 96.137884][ T5140] vfs_statx+0x199/0x490
[ 96.139546][ T5140] vfs_fstatat+0x145/0x190
[ 96.141223][ T5140] __x64_sys_newfstatat+0x11d/0x1a0
[ 96.142927][ T5140] do_syscall_64+0xf3/0x230
[ 96.144456][ T5140] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 96.146714][ T5140]
[ 96.147616][ T5140] The buggy address belongs to the object at ffff888011cb6000
[ 96.147616][ T5140] which belongs to the cache kmalloc-4k of size 4096
[ 96.152703][ T5140] The buggy address is located 2434 bytes to the right of
[ 96.152703][ T5140] allocated 4096-byte region [ffff888011cb6000, ffff888011cb7000)
[ 96.158157][ T5140]
[ 96.159119][ T5140] The buggy address belongs to the physical page:
[ 96.161496][ T5140] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11cb0
[ 96.164826][ T5140] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 96.168044][ T5140] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 96.170918][ T5140] page_type: 0xfdffffff(slab)
[ 96.172745][ T5140] raw: 00fff00000000040 ffff888015842140 dead000000000100 dead000000000122
[ 96.176024][ T5140] raw: 0000000000000000 0000000000040004 00000001fdffffff 0000000000000000
[ 96.179347][ T5140] head: 00fff00000000040 ffff888015842140 dead000000000100 dead000000000122
[ 96.182845][ T5140] head: 0000000000000000 0000000000040004 00000001fdffffff 0000000000000000
[ 96.186044][ T5140] head: 00fff00000000003 ffffea0000472c01 ffffffffffffffff 0000000000000000
[ 96.189014][ T5140] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[ 96.191957][ T5140] page dumped because: kasan: bad access detected
[ 96.194108][ T5140] page_owner tracks the page as allocated
[ 96.196083][ T5140] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4590, tgid 4590 (udevd), ts 30024302860, free_ts 30012516210
[ 96.202763][ T5140] post_alloc_hook+0x1f3/0x230
[ 96.204472][ T5140] get_page_from_freelist+0x2e4c/0x2f10
[ 96.206646][ T5140] __alloc_pages_noprof+0x256/0x6c0
[ 96.208523][ T5140] alloc_slab_page+0x5f/0x120
[ 96.210367][ T5140] allocate_slab+0x5a/0x2f0
[ 96.212128][ T5140] ___slab_alloc+0xcd1/0x14b0
[ 96.213983][ T5140] __slab_alloc+0x58/0xa0
[ 96.215671][ T5140] __kmalloc_noprof+0x25a/0x400
[ 96.217605][ T5140] tomoyo_realpath_from_path+0xcf/0x5e0
[ 96.219967][ T5140] tomoyo_check_open_permission+0x255/0x500
[ 96.222409][ T5140] security_file_open+0x6a/0x750
[ 96.224617][ T5140] do_dentry_open+0x38e/0x1440
[ 96.226780][ T5140] vfs_open+0x3e/0x330
[ 96.228587][ T5140] path_openat+0x2b3e/0x3470
[ 96.230687][ T5140] do_filp_open+0x235/0x490
[ 96.232398][ T5140] do_sys_openat2+0x13e/0x1d0
[ 96.234167][ T5140] page last free pid 4598 tgid 4598 stack trace:
[ 96.236666][ T5140] free_unref_page+0xd22/0xea0
[ 96.238512][ T5140] __put_partials+0xeb/0x130
[ 96.240426][ T5140] put_cpu_partial+0x17c/0x250
[ 96.242407][ T5140] __slab_free+0x2ea/0x3d0
[ 96.244130][ T5140] qlist_free_all+0x9e/0x140
[ 96.245807][ T5140] kasan_quarantine_reduce+0x14f/0x170
[ 96.247816][ T5140] __kasan_slab_alloc+0x23/0x80
[ 96.249628][ T5140] kmem_cache_alloc_node_noprof+0x16b/0x320
[ 96.251731][ T5140] __alloc_skb+0x1c3/0x440
[ 96.253403][ T5140] netlink_sendmsg+0x638/0xcb0
[ 96.255280][ T5140] __sock_sendmsg+0x221/0x270
[ 96.257045][ T5140] ____sys_sendmsg+0x525/0x7d0
[ 96.258839][ T5140] __sys_sendmsg+0x2b0/0x3a0
[ 96.260350][ T5140] do_syscall_64+0xf3/0x230
[ 96.262034][ T5140] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 96.264353][ T5140]
[ 96.265274][ T5140] Memory state around the buggy address:
[ 96.267289][ T5140] ffff888011cb7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 96.270022][ T5140] ffff888011cb7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 96.272915][ T5140] >ffff888011cb7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 96.275750][ T5140] ^
[ 96.277233][ T5140] ffff888011cb7a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 96.280389][ T5140] ffff888011cb7a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 96.283083][ T5140] ==================================================================
[ 96.663580][ T5140] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 96.666454][ T5140] CPU: 0 UID: 0 PID: 5140 Comm: syz-executor321 Not tainted 6.11.0-rc3-syzkaller-00156-gd7a5aa4b3c00 #0
[ 96.670670][ T5140] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 96.674790][ T5140] Call Trace:
[ 96.676159][ T5140]
[ 96.677356][ T5140] dump_stack_lvl+0x241/0x360
[ 96.679286][ T5140] ? __pfx_dump_stack_lvl+0x10/0x10
[ 96.681293][ T5140] ? __pfx__printk+0x10/0x10
[ 96.683105][ T5140] ? preempt_schedule+0xe1/0xf0
[ 96.684986][ T5140] ? vscnprintf+0x5d/0x90
[ 96.686601][ T5140] panic+0x349/0x860
[ 96.688095][ T5140] ? check_panic_on_warn+0x21/0xb0
[ 96.690090][ T5140] ? __pfx_panic+0x10/0x10
[ 96.691815][ T5140] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 96.693912][ T5140] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 96.696070][ T5140] ? print_report+0x502/0x550
[ 96.697700][ T5140] check_panic_on_warn+0x86/0xb0
[ 96.699474][ T5140] ? ocfs2_search_dirblock+0x26b/0x830
[ 96.701369][ T5140] end_report+0x77/0x160
[ 96.702871][ T5140] kasan_report+0x154/0x180
[ 96.704491][ T5140] ? ocfs2_search_dirblock+0x26b/0x830
[ 96.706452][ T5140] ocfs2_search_dirblock+0x26b/0x830
[ 96.708466][ T5140] ? ocfs2_read_inode_block+0x14c/0x1e0
[ 96.710636][ T5140] ? __pfx_ocfs2_search_dirblock+0x10/0x10
[ 96.712894][ T5140] ? validate_chain+0x11e/0x5900
[ 96.714841][ T5140] ocfs2_find_entry+0x1169/0x2780
[ 96.716807][ T5140] ? mark_lock+0x9a/0x350
[ 96.718507][ T5140] ? __lock_acquire+0x137a/0x2040
[ 96.720482][ T5140] ? __pfx_ocfs2_find_entry+0x10/0x10
[ 96.722583][ T5140] ? __pfx_lock_acquire+0x10/0x10
[ 96.724533][ T5140] ? ocfs2_inode_lock_full_nested+0x17b/0x1c10
[ 96.726915][ T5140] ? __pfx_lock_release+0x10/0x10
[ 96.728876][ T5140] ? do_raw_spin_lock+0x14f/0x370
[ 96.730741][ T5140] ? do_raw_spin_unlock+0x58/0x8b0
[ 96.732545][ T5140] ? _raw_spin_unlock+0x28/0x50
[ 96.734273][ T5140] ? ocfs2_inode_lock_full_nested+0xb2f/0x1c10
[ 96.736368][ T5140] ? __pfx_ocfs2_inode_lock_full_nested+0x10/0x10
[ 96.738616][ T5140] ocfs2_find_files_on_disk+0xff/0x360
[ 96.740509][ T5140] ocfs2_lookup_ino_from_name+0xb1/0x1e0
[ 96.742466][ T5140] ? __pfx_ocfs2_lookup_ino_from_name+0x10/0x10
[ 96.744673][ T5140] ocfs2_lookup+0x292/0xa60
[ 96.746465][ T5140] ? __pfx_ocfs2_lookup+0x10/0x10
[ 96.748352][ T5140] ? from_kgid+0x1a7/0x730
[ 96.750106][ T5140] ? make_vfsgid+0x46/0x90
[ 96.751854][ T5140] ? HAS_UNMAPPED_ID+0xf9/0x150
[ 96.753727][ T5140] ? inode_permission+0xff/0x460
[ 96.755677][ T5140] ? __pfx_ocfs2_permission+0x10/0x10
[ 96.757773][ T5140] ? bpf_lsm_inode_create+0x9/0x10
[ 96.759803][ T5140] ? security_inode_create+0xc2/0x110
[ 96.761888][ T5140] ? __pfx_ocfs2_lookup+0x10/0x10
[ 96.763788][ T5140] path_openat+0x11cc/0x3470
[ 96.765554][ T5140] ? __pfx_path_openat+0x10/0x10
[ 96.767481][ T5140] do_filp_open+0x235/0x490
[ 96.769268][ T5140] ? __pfx_do_filp_open+0x10/0x10
[ 96.771233][ T5140] ? _raw_spin_unlock+0x28/0x50
[ 96.773134][ T5140] ? alloc_fd+0x5a1/0x640
[ 96.774837][ T5140] do_sys_openat2+0x13e/0x1d0
[ 96.776633][ T5140] ? mntput_no_expire+0xc2/0x850
[ 96.778391][ T5140] ? __pfx_do_sys_openat2+0x10/0x10
[ 96.780244][ T5140] ? __pfx_mntput_no_expire+0x10/0x10
[ 96.782138][ T5140] __x64_sys_openat+0x247/0x2a0
[ 96.783870][ T5140] ? __pfx___x64_sys_openat+0x10/0x10
[ 96.785737][ T5140] ? do_syscall_64+0x100/0x230
[ 96.787427][ T5140] ? do_syscall_64+0xb6/0x230
[ 96.789087][ T5140] do_syscall_64+0xf3/0x230
[ 96.790704][ T5140] ? clear_bhb_loop+0x35/0x90
[ 96.792537][ T5140] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 96.794866][ T5140] RIP: 0033:0x7f9ee60650e9
[ 96.796510][ T5140] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 96.804109][ T5140] RSP: 002b:00007fff52287c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 96.807376][ T5140] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9ee60650e9
[ 96.810478][ T5140] RDX: 0000000000105042 RSI: 0000000020000080 RDI: 00000000ffffff9c
[ 96.813476][ T5140] RBP: 00000000ffffffff R08: 000000000000447f R09: 0000000002800400
[ 96.816498][ T5140] R10: 00000000000001ff R11: 0000000000000246 R12: 00007fff52287cc0
[ 96.819622][ T5140] R13: 00007fff52287d00 R14: 0000000001000000 R15: 0000000000000003
[ 96.822730][ T5140]
[ 96.824240][ T5140] Kernel Offset: disabled
[ 96.825920][ T5140] Rebooting in 86400 seconds..
VM DIAGNOSIS:
04:44:54 Registers:
info registers vcpu 0
CPU#0
RAX=000000000000007a RBX=ffffffff95254f80 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=0000000000000000 RSP=ffffc9000afe6910
R8 =ffffffff853f0bbb R9 =1ffff110031ec046 R10=dffffc0000000000 R11=ffffffff853f0b70
R12=dffffc0000000000 R13=000000000000007a R14=000000000000007a R15=00000000000003f8
RIP=ffffffff853f0bee RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555570fab380 ffffffff 00c00000
GS =0000 ffff888020800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f9edebff000 CR3=0000000012136000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000400 Opmask01=0000000000000000 Opmask02=000000000000001f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff52287400 00007fff522873e0
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff52287540 00007fff522873c0
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff52287400
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff52287540
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff52287540 00007fff522873c0
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff52287400 00007fff522873e0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000327366636f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 79f5f0c5c4ed75b3 3fa06c696b300445 1c4fbfbba6002c64 65726564726f3d61
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e657265686f632c 72746e696f6e2c65 756e69746e6f633d 73726f7272652c64
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7461642c6c6c7566 3d79636e65726568 6f632c6c63616f6e 2c6c6c75663d7963
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000