Warning: Permanently added '10.128.1.159' (ED25519) to the list of known hosts.
Setting up swapspace version 1, size = 127995904 bytes
executing program
[   46.626895][ T3564] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
[   46.790761][ T3570] loop0: detected capacity change from 0 to 32768
[   46.887959][ T3570] ==================================================================
[   46.896420][ T3570] BUG: KASAN: use-after-free in __ocfs2_find_path+0x1ff/0x7e0
[   46.903920][ T3570] Read of size 4 at addr ffff888065aa7000 by task syz-executor423/3570
[   46.912164][ T3570] 
[   46.914485][ T3570] CPU: 0 PID: 3570 Comm: syz-executor423 Not tainted 5.15.167-syzkaller #0
[   46.923285][ T3570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   46.933335][ T3570] Call Trace:
[   46.936597][ T3570]  <TASK>
[   46.939515][ T3570]  dump_stack_lvl+0x1e3/0x2d0
[   46.944181][ T3570]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   46.949796][ T3570]  ? _printk+0xd1/0x120
[   46.953955][ T3570]  ? __wake_up_klogd+0xcc/0x100
[   46.958788][ T3570]  ? panic+0x860/0x860
[   46.962835][ T3570]  ? _raw_spin_lock_irqsave+0xdd/0x120
[   46.968307][ T3570]  print_address_description+0x63/0x3b0
[   46.973833][ T3570]  ? __ocfs2_find_path+0x1ff/0x7e0
[   46.978921][ T3570]  kasan_report+0x16b/0x1c0
[   46.983409][ T3570]  ? __ocfs2_find_path+0x1ff/0x7e0
[   46.988547][ T3570]  __ocfs2_find_path+0x1ff/0x7e0
[   46.993494][ T3570]  ? ocfs2_find_leaf+0x220/0x220
[   46.998514][ T3570]  ? ocfs2_find_path+0x130/0x130
[   47.003451][ T3570]  ? rcu_is_watching+0x11/0xa0
[   47.008593][ T3570]  ocfs2_find_leaf+0xcb/0x220
[   47.013269][ T3570]  ? find_path_ins+0x1f0/0x1f0
[   47.018032][ T3570]  ? ocfs2_refresh_inode+0x960/0x960
[   47.023501][ T3570]  ocfs2_get_clusters_nocache+0x1a9/0xbe0
[   47.029423][ T3570]  ? ocfs2_get_clusters+0xbc0/0xbc0
[   47.034645][ T3570]  ? ocfs2_read_inode_block+0x148/0x1d0
[   47.040192][ T3570]  ? ocfs2_read_inode_block_full+0x1e0/0x1e0
[   47.046303][ T3570]  ? do_raw_spin_unlock+0x137/0x8b0
[   47.051514][ T3570]  ocfs2_get_clusters+0x5b5/0xbc0
[   47.056563][ T3570]  ? ocfs2_xattr_get_clusters+0x9c0/0x9c0
[   47.062313][ T3570]  ocfs2_extent_map_get_blocks+0x248/0x7d0
[   47.068110][ T3570]  ? ocfs2_relative_extent_offsets+0x240/0x240
[   47.074277][ T3570]  ? down_read+0x1b3/0x2e0
[   47.078807][ T3570]  ocfs2_read_virt_blocks+0x2ea/0xa10
[   47.084238][ T3570]  ? ocfs2_validate_dx_leaf+0x210/0x210
[   47.089915][ T3570]  ? ocfs2_seek_data_hole_offset+0xd10/0xd10
[   47.095925][ T3570]  ocfs2_find_entry+0x437/0x26d0
[   47.100911][ T3570]  ? ocfs2_free_dir_lookup_result+0x100/0x100
[   47.107435][ T3570]  ? __lock_acquire+0x1295/0x1ff0
[   47.112546][ T3570]  ? format_decode+0xd1d/0x1f10
[   47.117482][ T3570]  ? vsnprintf+0x1c70/0x1c70
[   47.122152][ T3570]  ? __mutex_trylock_common+0x17e/0x2e0
[   47.127680][ T3570]  ? __might_sleep+0xc0/0xc0
[   47.132249][ T3570]  ? string+0x26a/0x2b0
[   47.136382][ T3570]  ? widen_string+0x3a/0x310
[   47.140947][ T3570]  ? string+0x26a/0x2b0
[   47.145099][ T3570]  ? vsnprintf+0x1b93/0x1c70
[   47.149673][ T3570]  ocfs2_find_files_on_disk+0xea/0x310
[   47.155117][ T3570]  ocfs2_lookup_ino_from_name+0xad/0x1e0
[   47.160812][ T3570]  ? ocfs2_find_files_on_disk+0x310/0x310
[   47.166597][ T3570]  ? ____kasan_kmalloc+0xd1/0xf0
[   47.171507][ T3570]  ? ____kasan_kmalloc+0xba/0xf0
[   47.176425][ T3570]  ocfs2_get_system_file_inode+0x314/0x7b0
[   47.182210][ T3570]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   47.188257][ T3570]  ? ocfs2_fast_symlink_readpage+0x420/0x420
[   47.194242][ T3570]  ocfs2_init_global_system_inodes+0x328/0x720
[   47.200432][ T3570]  ? trace_ocfs2_initialize_super+0x1f0/0x1f0
[   47.206615][ T3570]  ? kmem_cache_alloc_trace+0x143/0x290
[   47.212154][ T3570]  ? ocfs2_new_dlm_debug+0x93/0x1f0
[   47.217355][ T3570]  ? ocfs2_new_dlm_debug+0xb1/0x1f0
[   47.222615][ T3570]  ? ocfs2_put_dlm_debug+0x80/0x80
[   47.227733][ T3570]  ? rcu_is_watching+0x11/0xa0
[   47.232485][ T3570]  ? trace_ocfs2_initialize_super+0x98/0x1f0
[   47.238508][ T3570]  ocfs2_fill_super+0x479e/0x58a0
[   47.243670][ T3570]  ? ocfs2_mount+0x40/0x40
[   47.248093][ T3570]  ? validate_chain+0x13bd/0x5930
[   47.253120][ T3570]  ? add_chain_block+0x850/0x850
[   47.258052][ T3570]  ? lockdep_unlock+0x166/0x300
[   47.262904][ T3570]  ? reacquire_held_locks+0x660/0x660
[   47.268298][ T3570]  ? validate_chain+0x112/0x5930
[   47.273224][ T3570]  ? validate_chain+0x13bd/0x5930
[   47.278380][ T3570]  ? mark_lock+0x98/0x340
[   47.282815][ T3570]  ? __lock_acquire+0x1295/0x1ff0
[   47.287861][ T3570]  ? string+0x26a/0x2b0
[   47.292225][ T3570]  ? widen_string+0x3a/0x310
[   47.296804][ T3570]  ? string+0x26a/0x2b0
[   47.300956][ T3570]  ? bdev_name+0x297/0x3a0
[   47.305448][ T3570]  ? pointer+0x6a5/0xc40
[   47.309668][ T3570]  ? print_unlock_imbalance_bug+0x2b0/0x2b0
[   47.315557][ T3570]  ? string+0x2b0/0x2b0
[   47.319692][ T3570]  ? vsnprintf+0x1c70/0x1c70
[   47.324377][ T3570]  ? ptr_to_hashval+0x60/0x60
[   47.329061][ T3570]  ? snprintf+0xd6/0x120
[   47.333387][ T3570]  ? vscnprintf+0x80/0x80
[   47.337811][ T3570]  ? set_blocksize+0x1ec/0x370
[   47.342582][ T3570]  mount_bdev+0x2c9/0x3f0
[   47.346912][ T3570]  ? ocfs2_mount+0x40/0x40
[   47.351314][ T3570]  legacy_get_tree+0xeb/0x180
[   47.355972][ T3570]  ? trace_raw_output_ocfs2_buffer_cached_end+0xe0/0xe0
[   47.362891][ T3570]  vfs_get_tree+0x88/0x270
[   47.367295][ T3570]  do_new_mount+0x2ba/0xb40
[   47.371860][ T3570]  ? do_move_mount_old+0x160/0x160
[   47.376972][ T3570]  ? user_path_at_empty+0x12b/0x180
[   47.382337][ T3570]  __se_sys_mount+0x2d5/0x3c0
[   47.386997][ T3570]  ? __x64_sys_mount+0xc0/0xc0
[   47.391741][ T3570]  ? syscall_enter_from_user_mode+0x2e/0x240
[   47.397703][ T3570]  ? lockdep_hardirqs_on+0x94/0x130
[   47.402892][ T3570]  ? __x64_sys_mount+0x1c/0xc0
[   47.407633][ T3570]  do_syscall_64+0x3b/0xb0
[   47.412086][ T3570]  ? clear_bhb_loop+0x15/0x70
[   47.416737][ T3570]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   47.422607][ T3570] RIP: 0033:0x7f1f9135743a
[   47.427013][ T3570] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 1e 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   47.446856][ T3570] RSP: 002b:00007f1f91309088 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5
[   47.455280][ T3570] RAX: ffffffffffffffda RBX: 00007f1f913090a0 RCX: 00007f1f9135743a
[   47.463248][ T3570] RDX: 0000000020004440 RSI: 0000000020000780 RDI: 00007f1f913090a0
[   47.471195][ T3570] RBP: 0000000000000004 R08: 00007f1f913090e0 R09: 0000000000004444
[   47.479398][ T3570] R10: 0000000001000000 R11: 0000000000000282 R12: 00007f1f913090e0
[   47.487344][ T3570] R13: 0000000001000000 R14: 0000000000000003 R15: 0000000001000000
[   47.495299][ T3570]  </TASK>
[   47.498307][ T3570] 
[   47.500622][ T3570] The buggy address belongs to the page:
[   47.506335][ T3570] page:ffffea000196a9c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x65aa7
[   47.516578][ T3570] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   47.523777][ T3570] raw: 00fff00000000000 ffffea000196aa08 ffff8880b9040960 0000000000000000
[   47.532336][ T3570] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   47.540891][ T3570] page dumped because: kasan: bad access detected
[   47.547305][ T3570] page_owner tracks the page as freed
[   47.552651][ T3570] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), pid 3570, ts 46687290697, free_ts 46789887949
[   47.568253][ T3570]  get_page_from_freelist+0x322a/0x33c0
[   47.573797][ T3570]  __alloc_pages+0x272/0x700
[   47.578367][ T3570]  alloc_pages_vma+0x39a/0x800
[   47.583121][ T3570]  handle_mm_fault+0x2f49/0x5960
[   47.588032][ T3570]  exc_page_fault+0x271/0x700
[   47.592681][ T3570]  asm_exc_page_fault+0x22/0x30
[   47.597527][ T3570] page last free stack trace:
[   47.602173][ T3570]  free_unref_page_prepare+0xc34/0xcf0
[   47.607612][ T3570]  free_unref_page_list+0x1f7/0x8e0
[   47.612802][ T3570]  release_pages+0x1bb9/0x1f40
[   47.617552][ T3570]  tlb_finish_mmu+0x177/0x320
[   47.622223][ T3570]  unmap_region+0x304/0x350
[   47.626700][ T3570]  __do_munmap+0x12db/0x1740
[   47.631328][ T3570]  __vm_munmap+0x134/0x230
[   47.635716][ T3570]  __x64_sys_munmap+0x67/0x70
[   47.640368][ T3570]  do_syscall_64+0x3b/0xb0
[   47.644762][ T3570]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   47.650667][ T3570] 
[   47.652980][ T3570] Memory state around the buggy address:
[   47.658592][ T3570]  ffff888065aa6f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.666658][ T3570]  ffff888065aa6f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.674700][ T3570] >ffff888065aa7000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   47.682733][ T3570]                    ^
[   47.686861][ T3570]  ffff888065aa7080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   47.694900][ T3570]  ffff888065aa7100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   47.702940][ T3570] ==================================================================
[   47.710973][ T3570] Disabling lock debugging due to kernel taint
[   47.717341][ T3570] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   47.724520][ T3570] CPU: 0 PID: 3570 Comm: syz-executor423 Tainted: G    B             5.15.167-syzkaller #0
[   47.734487][ T3570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   47.744614][ T3570] Call Trace:
[   47.747875][ T3570]  <TASK>
[   47.750778][ T3570]  dump_stack_lvl+0x1e3/0x2d0
[   47.755434][ T3570]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   47.761213][ T3570]  ? panic+0x860/0x860
[   47.765324][ T3570]  ? rcu_is_watching+0x11/0xa0
[   47.770086][ T3570]  ? preempt_schedule_common+0xa6/0xd0
[   47.775532][ T3570]  panic+0x318/0x860
[   47.779414][ T3570]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[   47.785552][ T3570]  ? check_panic_on_warn+0x1d/0xa0
[   47.790662][ T3570]  ? fb_is_primary_device+0xd0/0xd0
[   47.795882][ T3570]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   47.801883][ T3570]  ? _raw_spin_unlock+0x40/0x40
[   47.806724][ T3570]  check_panic_on_warn+0x7e/0xa0
[   47.811642][ T3570]  ? __ocfs2_find_path+0x1ff/0x7e0
[   47.816732][ T3570]  end_report+0x6d/0xf0
[   47.820863][ T3570]  kasan_report+0x18e/0x1c0
[   47.825453][ T3570]  ? __ocfs2_find_path+0x1ff/0x7e0
[   47.830571][ T3570]  __ocfs2_find_path+0x1ff/0x7e0
[   47.835741][ T3570]  ? ocfs2_find_leaf+0x220/0x220
[   47.840674][ T3570]  ? ocfs2_find_path+0x130/0x130
[   47.845771][ T3570]  ? rcu_is_watching+0x11/0xa0
[   47.850530][ T3570]  ocfs2_find_leaf+0xcb/0x220
[   47.855195][ T3570]  ? find_path_ins+0x1f0/0x1f0
[   47.859962][ T3570]  ? ocfs2_refresh_inode+0x960/0x960
[   47.865224][ T3570]  ocfs2_get_clusters_nocache+0x1a9/0xbe0
[   47.870925][ T3570]  ? ocfs2_get_clusters+0xbc0/0xbc0
[   47.876097][ T3570]  ? ocfs2_read_inode_block+0x148/0x1d0
[   47.881706][ T3570]  ? ocfs2_read_inode_block_full+0x1e0/0x1e0
[   47.887659][ T3570]  ? do_raw_spin_unlock+0x137/0x8b0
[   47.892836][ T3570]  ocfs2_get_clusters+0x5b5/0xbc0
[   47.897843][ T3570]  ? ocfs2_xattr_get_clusters+0x9c0/0x9c0
[   47.903556][ T3570]  ocfs2_extent_map_get_blocks+0x248/0x7d0
[   47.909345][ T3570]  ? ocfs2_relative_extent_offsets+0x240/0x240
[   47.915502][ T3570]  ? down_read+0x1b3/0x2e0
[   47.919985][ T3570]  ocfs2_read_virt_blocks+0x2ea/0xa10
[   47.925346][ T3570]  ? ocfs2_validate_dx_leaf+0x210/0x210
[   47.930881][ T3570]  ? ocfs2_seek_data_hole_offset+0xd10/0xd10
[   47.936854][ T3570]  ocfs2_find_entry+0x437/0x26d0
[   47.941775][ T3570]  ? ocfs2_free_dir_lookup_result+0x100/0x100
[   47.947819][ T3570]  ? __lock_acquire+0x1295/0x1ff0
[   47.952829][ T3570]  ? format_decode+0xd1d/0x1f10
[   47.957686][ T3570]  ? vsnprintf+0x1c70/0x1c70
[   47.962248][ T3570]  ? __mutex_trylock_common+0x17e/0x2e0
[   47.967773][ T3570]  ? __might_sleep+0xc0/0xc0
[   47.972339][ T3570]  ? string+0x26a/0x2b0
[   47.976555][ T3570]  ? widen_string+0x3a/0x310
[   47.981121][ T3570]  ? string+0x26a/0x2b0
[   47.985255][ T3570]  ? vsnprintf+0x1b93/0x1c70
[   47.989821][ T3570]  ocfs2_find_files_on_disk+0xea/0x310
[   47.995254][ T3570]  ocfs2_lookup_ino_from_name+0xad/0x1e0
[   48.001035][ T3570]  ? ocfs2_find_files_on_disk+0x310/0x310
[   48.006728][ T3570]  ? ____kasan_kmalloc+0xd1/0xf0
[   48.011822][ T3570]  ? ____kasan_kmalloc+0xba/0xf0
[   48.016851][ T3570]  ocfs2_get_system_file_inode+0x314/0x7b0
[   48.022652][ T3570]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   48.028765][ T3570]  ? ocfs2_fast_symlink_readpage+0x420/0x420
[   48.034745][ T3570]  ocfs2_init_global_system_inodes+0x328/0x720
[   48.040895][ T3570]  ? trace_ocfs2_initialize_super+0x1f0/0x1f0
[   48.046984][ T3570]  ? kmem_cache_alloc_trace+0x143/0x290
[   48.052540][ T3570]  ? ocfs2_new_dlm_debug+0x93/0x1f0
[   48.057844][ T3570]  ? ocfs2_new_dlm_debug+0xb1/0x1f0
[   48.063048][ T3570]  ? ocfs2_put_dlm_debug+0x80/0x80
[   48.068148][ T3570]  ? rcu_is_watching+0x11/0xa0
[   48.073859][ T3570]  ? trace_ocfs2_initialize_super+0x98/0x1f0
[   48.079919][ T3570]  ocfs2_fill_super+0x479e/0x58a0
[   48.084952][ T3570]  ? ocfs2_mount+0x40/0x40
[   48.089371][ T3570]  ? validate_chain+0x13bd/0x5930
[   48.094587][ T3570]  ? add_chain_block+0x850/0x850
[   48.099531][ T3570]  ? lockdep_unlock+0x166/0x300
[   48.104360][ T3570]  ? reacquire_held_locks+0x660/0x660
[   48.109847][ T3570]  ? validate_chain+0x112/0x5930
[   48.115104][ T3570]  ? validate_chain+0x13bd/0x5930
[   48.120219][ T3570]  ? mark_lock+0x98/0x340
[   48.124720][ T3570]  ? __lock_acquire+0x1295/0x1ff0
[   48.129842][ T3570]  ? string+0x26a/0x2b0
[   48.134035][ T3570]  ? widen_string+0x3a/0x310
[   48.139060][ T3570]  ? string+0x26a/0x2b0
[   48.143240][ T3570]  ? bdev_name+0x297/0x3a0
[   48.148448][ T3570]  ? pointer+0x6a5/0xc40
[   48.152694][ T3570]  ? print_unlock_imbalance_bug+0x2b0/0x2b0
[   48.158798][ T3570]  ? string+0x2b0/0x2b0
[   48.162948][ T3570]  ? vsnprintf+0x1c70/0x1c70
[   48.167565][ T3570]  ? ptr_to_hashval+0x60/0x60
[   48.172234][ T3570]  ? snprintf+0xd6/0x120
[   48.176489][ T3570]  ? vscnprintf+0x80/0x80
[   48.180813][ T3570]  ? set_blocksize+0x1ec/0x370
[   48.185651][ T3570]  mount_bdev+0x2c9/0x3f0
[   48.189988][ T3570]  ? ocfs2_mount+0x40/0x40
[   48.194403][ T3570]  legacy_get_tree+0xeb/0x180
[   48.199070][ T3570]  ? trace_raw_output_ocfs2_buffer_cached_end+0xe0/0xe0
[   48.206063][ T3570]  vfs_get_tree+0x88/0x270
[   48.210473][ T3570]  do_new_mount+0x2ba/0xb40
[   48.214958][ T3570]  ? do_move_mount_old+0x160/0x160
[   48.220062][ T3570]  ? user_path_at_empty+0x12b/0x180
[   48.225428][ T3570]  __se_sys_mount+0x2d5/0x3c0
[   48.230189][ T3570]  ? __x64_sys_mount+0xc0/0xc0
[   48.234930][ T3570]  ? syscall_enter_from_user_mode+0x2e/0x240
[   48.240990][ T3570]  ? lockdep_hardirqs_on+0x94/0x130
[   48.246167][ T3570]  ? __x64_sys_mount+0x1c/0xc0
[   48.250928][ T3570]  do_syscall_64+0x3b/0xb0
[   48.255336][ T3570]  ? clear_bhb_loop+0x15/0x70
[   48.260004][ T3570]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   48.265873][ T3570] RIP: 0033:0x7f1f9135743a
[   48.270371][ T3570] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 1e 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   48.289948][ T3570] RSP: 002b:00007f1f91309088 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5
[   48.298341][ T3570] RAX: ffffffffffffffda RBX: 00007f1f913090a0 RCX: 00007f1f9135743a
[   48.306286][ T3570] RDX: 0000000020004440 RSI: 0000000020000780 RDI: 00007f1f913090a0
[   48.314347][ T3570] RBP: 0000000000000004 R08: 00007f1f913090e0 R09: 0000000000004444
[   48.322297][ T3570] R10: 0000000001000000 R11: 0000000000000282 R12: 00007f1f913090e0
[   48.330347][ T3570] R13: 0000000001000000 R14: 0000000000000003 R15: 0000000001000000
[   48.338664][ T3570]  </TASK>
[   48.341773][ T3570] Kernel Offset: disabled
[   48.346182][ T3570] Rebooting in 86400 seconds..