Warning: Permanently added '10.128.1.145' (ED25519) to the list of known hosts.
executing program
syzkaller login: [   72.779884][ T4244] loop0: detected capacity change from 0 to 32768
[   72.794171][ T4244] (syz-executor216,4244,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[   72.809594][ T4244] (syz-executor216,4244,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[   72.832690][ T4244] (syz-executor216,4244,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC.
[   72.849219][ T4244] JBD2: Ignoring recovery information on journal
[   72.876226][ T4244] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   72.906655][ T4244] ==================================================================
[   72.914761][ T4244] BUG: KASAN: use-after-free in ocfs2_lock_global_qf+0xb4/0x2a0
[   72.922428][ T4244] Read of size 8 at addr ffff888030c72028 by task syz-executor216/4244
[   72.930660][ T4244] 
[   72.932988][ T4244] CPU: 1 PID: 4244 Comm: syz-executor216 Not tainted 6.1.124-syzkaller #0
[   72.941480][ T4244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   72.951723][ T4244] Call Trace:
[   72.954998][ T4244]  <TASK>
[   72.957955][ T4244]  dump_stack_lvl+0x1e3/0x2cb
[   72.962650][ T4244]  ? nf_tcp_handle_invalid+0x642/0x642
[   72.968129][ T4244]  ? panic+0x764/0x764
[   72.972195][ T4244]  ? _printk+0xd1/0x111
[   72.976345][ T4244]  ? __virt_addr_valid+0x17f/0x530
[   72.981457][ T4244]  ? __virt_addr_valid+0x17f/0x530
[   72.986568][ T4244]  print_report+0x15f/0x4f0
[   72.991071][ T4244]  ? __virt_addr_valid+0x17f/0x530
[   72.996204][ T4244]  ? __virt_addr_valid+0x17f/0x530
[   73.001333][ T4244]  ? __virt_addr_valid+0x45b/0x530
[   73.006455][ T4244]  ? __phys_addr+0xb6/0x170
[   73.010976][ T4244]  ? ocfs2_lock_global_qf+0xb4/0x2a0
[   73.016283][ T4244]  kasan_report+0x136/0x160
[   73.020787][ T4244]  ? ocfs2_lock_global_qf+0xb4/0x2a0
[   73.026080][ T4244]  ocfs2_lock_global_qf+0xb4/0x2a0
[   73.031196][ T4244]  ? lock_buffer+0x80/0x80
[   73.035632][ T4244]  ocfs2_get_next_id+0x24d/0x7a0
[   73.040599][ T4244]  ? ocfs2_write_info+0x3a0/0x3a0
[   73.045630][ T4244]  ? from_kgid+0x1a3/0x730
[   73.050064][ T4244]  ? make_kgid+0x6f0/0x6f0
[   73.054500][ T4244]  dquot_get_next_dqblk+0x6e/0x3a0
[   73.059617][ T4244]  quota_getnextquota+0x2bc/0x6b0
[   73.064644][ T4244]  ? quota_getquota+0x6e0/0x6e0
[   73.069490][ T4244]  ? down_read+0x825/0xa30
[   73.073911][ T4244]  ? bpf_lsm_capable+0x5/0x10
[   73.078588][ T4244]  ? security_capable+0x86/0xb0
[   73.083462][ T4244]  ? bpf_lsm_quotactl+0x5/0x10
[   73.088223][ T4244]  ? security_quotactl+0x86/0xb0
[   73.093169][ T4244]  ? do_quotactl+0x508/0x6c0
[   73.097764][ T4244]  __se_sys_quotactl+0x2b1/0x770
[   73.102732][ T4244]  ? __x64_sys_quotactl+0xa0/0xa0
[   73.107816][ T4244]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   73.113827][ T4244]  ? print_irqtrace_events+0x210/0x210
[   73.119308][ T4244]  ? print_irqtrace_events+0x210/0x210
[   73.124780][ T4244]  ? syscall_enter_from_user_mode+0x2e/0x230
[   73.130768][ T4244]  ? lockdep_hardirqs_on+0x94/0x130
[   73.135975][ T4244]  ? syscall_enter_from_user_mode+0x2e/0x230
[   73.141984][ T4244]  do_syscall_64+0x3b/0xb0
[   73.146437][ T4244]  ? clear_bhb_loop+0x45/0xa0
[   73.151138][ T4244]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   73.157057][ T4244] RIP: 0033:0x7fd9f11f7839
[   73.161486][ T4244] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   73.181117][ T4244] RSP: 002b:00007ffdfa66c0f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[   73.189538][ T4244] RAX: ffffffffffffffda RBX: 00007ffdfa66c2d8 RCX: 00007fd9f11f7839
[   73.197508][ T4244] RDX: 000000000000ee01 RSI: 00000000200080c0 RDI: ffffffff80000901
[   73.205479][ T4244] RBP: 00007fd9f126f610 R08: 0000000020000c40 R09: 0000000000000000
[   73.213446][ T4244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.221414][ T4244] R13: 00007ffdfa66c2c8 R14: 0000000000000001 R15: 0000000000000001
[   73.229388][ T4244]  </TASK>
[   73.232399][ T4244] 
[   73.234717][ T4244] Allocated by task 4244:
[   73.239038][ T4244]  kasan_set_track+0x4b/0x70
[   73.243625][ T4244]  __kasan_kmalloc+0x97/0xb0
[   73.248233][ T4244]  ocfs2_local_read_info+0x1ea/0x19e0
[   73.253608][ T4244]  dquot_load_quota_sb+0x754/0xb90
[   73.258730][ T4244]  dquot_load_quota_inode+0x318/0x600
[   73.264100][ T4244]  ocfs2_enable_quotas+0x221/0x440
[   73.269208][ T4244]  ocfs2_fill_super+0x4c6a/0x5720
[   73.274232][ T4244]  mount_bdev+0x2c9/0x3f0
[   73.278565][ T4244]  legacy_get_tree+0xeb/0x180
[   73.283263][ T4244]  vfs_get_tree+0x88/0x270
[   73.287681][ T4244]  do_new_mount+0x2ba/0xb40
[   73.292182][ T4244]  __se_sys_mount+0x2d5/0x3c0
[   73.296856][ T4244]  do_syscall_64+0x3b/0xb0
[   73.301274][ T4244]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   73.307170][ T4244] 
[   73.309484][ T4244] Freed by task 4244:
[   73.313451][ T4244]  kasan_set_track+0x4b/0x70
[   73.318058][ T4244]  kasan_save_free_info+0x27/0x40
[   73.323082][ T4244]  ____kasan_slab_free+0xd6/0x120
[   73.328103][ T4244]  __kmem_cache_free+0x25c/0x3c0
[   73.333040][ T4244]  ocfs2_local_free_info+0x813/0x990
[   73.338325][ T4244]  dquot_disable+0x110f/0x1c50
[   73.343110][ T4244]  ocfs2_susp_quotas+0x247/0x340
[   73.348046][ T4244]  ocfs2_remount+0x56e/0xc30
[   73.352651][ T4244]  reconfigure_super+0x43a/0x870
[   73.357588][ T4244]  path_mount+0xe69/0x1090
[   73.362027][ T4244]  __se_sys_mount+0x2d5/0x3c0
[   73.366788][ T4244]  do_syscall_64+0x3b/0xb0
[   73.371233][ T4244]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   73.377247][ T4244] 
[   73.379567][ T4244] The buggy address belongs to the object at ffff888030c72000
[   73.379567][ T4244]  which belongs to the cache kmalloc-1k of size 1024
[   73.393639][ T4244] The buggy address is located 40 bytes inside of
[   73.393639][ T4244]  1024-byte region [ffff888030c72000, ffff888030c72400)
[   73.407011][ T4244] 
[   73.409345][ T4244] The buggy address belongs to the physical page:
[   73.415778][ T4244] page:ffffea0000c31c00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x30c70
[   73.425950][ T4244] head:ffffea0000c31c00 order:3 compound_mapcount:0 compound_pincount:0
[   73.434286][ T4244] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[   73.442295][ T4244] raw: 00fff00000010200 0000000000000000 dead000000000001 ffff888017c41dc0
[   73.450876][ T4244] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   73.459450][ T4244] page dumped because: kasan: bad access detected
[   73.465890][ T4244] page_owner tracks the page as allocated
[   73.471596][ T4244] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3967, tgid 3967 (dhcpcd-run-hook), ts 46889846391, free_ts 46879205515
[   73.493306][ T4244]  post_alloc_hook+0x18d/0x1b0
[   73.498078][ T4244]  get_page_from_freelist+0x3731/0x38d0
[   73.503644][ T4244]  __alloc_pages+0x28d/0x770
[   73.508345][ T4244]  alloc_slab_page+0x6a/0x150
[   73.513021][ T4244]  new_slab+0x84/0x2d0
[   73.517092][ T4244]  ___slab_alloc+0xc20/0x1270
[   73.521775][ T4244]  __kmem_cache_alloc_node+0x19f/0x260
[   73.527237][ T4244]  __kmalloc+0xa1/0x230
[   73.531386][ T4244]  load_elf_binary+0x2ec/0x2720
[   73.536236][ T4244]  bprm_execve+0x96a/0x18a0
[   73.540731][ T4244]  do_execveat_common+0x580/0x720
[   73.545747][ T4244]  __x64_sys_execve+0x8e/0xa0
[   73.550528][ T4244]  do_syscall_64+0x3b/0xb0
[   73.554948][ T4244]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   73.560844][ T4244] page last free stack trace:
[   73.565502][ T4244]  free_unref_page_prepare+0x12a6/0x15b0
[   73.571132][ T4244]  free_unref_page+0x33/0x3e0
[   73.575802][ T4244]  __unfreeze_partials+0x1b7/0x210
[   73.580914][ T4244]  put_cpu_partial+0x17b/0x250
[   73.585691][ T4244]  qlist_free_all+0x76/0xe0
[   73.590213][ T4244]  kasan_quarantine_reduce+0x156/0x170
[   73.595682][ T4244]  __kasan_slab_alloc+0x1f/0x70
[   73.600563][ T4244]  slab_post_alloc_hook+0x52/0x3a0
[   73.605683][ T4244]  kmem_cache_alloc+0x10c/0x2d0
[   73.610541][ T4244]  getname_flags+0xb8/0x4f0
[   73.615077][ T4244]  __x64_sys_newfstatat+0x130/0x1e0
[   73.620279][ T4244]  do_syscall_64+0x3b/0xb0
[   73.624701][ T4244]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   73.630600][ T4244] 
[   73.632915][ T4244] Memory state around the buggy address:
[   73.638541][ T4244]  ffff888030c71f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   73.646617][ T4244]  ffff888030c71f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   73.654686][ T4244] >ffff888030c72000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   73.662735][ T4244]                                   ^
[   73.668098][ T4244]  ffff888030c72080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   73.676155][ T4244]  ffff888030c72100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   73.684207][ T4244] ==================================================================
[   73.692575][ T4244] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   73.699792][ T4244] CPU: 1 PID: 4244 Comm: syz-executor216 Not tainted 6.1.124-syzkaller #0
[   73.708297][ T4244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   73.718363][ T4244] Call Trace:
[   73.721646][ T4244]  <TASK>
[   73.724583][ T4244]  dump_stack_lvl+0x1e3/0x2cb
[   73.729275][ T4244]  ? nf_tcp_handle_invalid+0x642/0x642
[   73.734748][ T4244]  ? panic+0x764/0x764
[   73.738824][ T4244]  ? preempt_schedule_common+0xa6/0xd0
[   73.744288][ T4244]  ? vscnprintf+0x59/0x80
[   73.748638][ T4244]  panic+0x318/0x764
[   73.752541][ T4244]  ? check_panic_on_warn+0x1d/0xa0
[   73.757660][ T4244]  ? memcpy_page_flushcache+0xfc/0xfc
[   73.763040][ T4244]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   73.769059][ T4244]  ? _raw_spin_unlock+0x40/0x40
[   73.773930][ T4244]  ? print_report+0x4a3/0x4f0
[   73.778614][ T4244]  check_panic_on_warn+0x7e/0xa0
[   73.783558][ T4244]  ? ocfs2_lock_global_qf+0xb4/0x2a0
[   73.788944][ T4244]  end_report+0x66/0x110
[   73.793187][ T4244]  kasan_report+0x143/0x160
[   73.797693][ T4244]  ? ocfs2_lock_global_qf+0xb4/0x2a0
[   73.802986][ T4244]  ocfs2_lock_global_qf+0xb4/0x2a0
[   73.808107][ T4244]  ? lock_buffer+0x80/0x80
[   73.812536][ T4244]  ocfs2_get_next_id+0x24d/0x7a0
[   73.817484][ T4244]  ? ocfs2_write_info+0x3a0/0x3a0
[   73.822519][ T4244]  ? from_kgid+0x1a3/0x730
[   73.826944][ T4244]  ? make_kgid+0x6f0/0x6f0
[   73.831374][ T4244]  dquot_get_next_dqblk+0x6e/0x3a0
[   73.836502][ T4244]  quota_getnextquota+0x2bc/0x6b0
[   73.841606][ T4244]  ? quota_getquota+0x6e0/0x6e0
[   73.846655][ T4244]  ? down_read+0x825/0xa30
[   73.851192][ T4244]  ? bpf_lsm_capable+0x5/0x10
[   73.855879][ T4244]  ? security_capable+0x86/0xb0
[   73.860748][ T4244]  ? bpf_lsm_quotactl+0x5/0x10
[   73.865532][ T4244]  ? security_quotactl+0x86/0xb0
[   73.870484][ T4244]  ? do_quotactl+0x508/0x6c0
[   73.875080][ T4244]  __se_sys_quotactl+0x2b1/0x770
[   73.880034][ T4244]  ? __x64_sys_quotactl+0xa0/0xa0
[   73.885068][ T4244]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   73.891058][ T4244]  ? print_irqtrace_events+0x210/0x210
[   73.896525][ T4244]  ? print_irqtrace_events+0x210/0x210
[   73.901996][ T4244]  ? syscall_enter_from_user_mode+0x2e/0x230
[   73.907993][ T4244]  ? lockdep_hardirqs_on+0x94/0x130
[   73.913201][ T4244]  ? syscall_enter_from_user_mode+0x2e/0x230
[   73.919189][ T4244]  do_syscall_64+0x3b/0xb0
[   73.923645][ T4244]  ? clear_bhb_loop+0x45/0xa0
[   73.928326][ T4244]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   73.934228][ T4244] RIP: 0033:0x7fd9f11f7839
[   73.938645][ T4244] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   73.958254][ T4244] RSP: 002b:00007ffdfa66c0f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[   73.966682][ T4244] RAX: ffffffffffffffda RBX: 00007ffdfa66c2d8 RCX: 00007fd9f11f7839
[   73.974671][ T4244] RDX: 000000000000ee01 RSI: 00000000200080c0 RDI: ffffffff80000901
[   73.982670][ T4244] RBP: 00007fd9f126f610 R08: 0000000020000c40 R09: 0000000000000000
[   73.990656][ T4244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.998634][ T4244] R13: 00007ffdfa66c2c8 R14: 0000000000000001 R15: 0000000000000001
[   74.006624][ T4244]  </TASK>
[   74.009993][ T4244] Kernel Offset: disabled
[   74.014323][ T4244] Rebooting in 86400 seconds..