./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3994148828 <...> Warning: Permanently added '10.128.1.68' (ED25519) to the list of known hosts. execve("./syz-executor3994148828", ["./syz-executor3994148828"], 0x7ffc5cc2c660 /* 10 vars */) = 0 brk(NULL) = 0x55558ccc4000 brk(0x55558ccc4d00) = 0x55558ccc4d00 arch_prctl(ARCH_SET_FS, 0x55558ccc4380) = 0 set_tid_address(0x55558ccc4650) = 5838 set_robust_list(0x55558ccc4660, 24) = 0 rseq(0x55558ccc4ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3994148828", 4096) = 28 getrandom("\xcc\xac\xb6\xff\x93\x6d\xa4\x02", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55558ccc4d00 brk(0x55558cce5d00) = 0x55558cce5d00 brk(0x55558cce6000) = 0x55558cce6000 mprotect(0x7faac53ca000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5840 attached , child_tidptr=0x55558ccc4650) = 5840 [pid 5840] set_robust_list(0x55558ccc4660, 24) = 0 [pid 5840] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5840] setpgid(0, 0) = 0 [pid 5840] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5840] write(3, "1000", 4) = 4 [pid 5840] close(3) = 0 executing program [pid 5840] write(1, "executing program\n", 18) = 18 [pid 5840] memfd_create("syzkaller", 0) = 3 [pid 5840] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faabce00000 [pid 5840] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5840] munmap(0x7faabce00000, 138412032) = 0 [pid 5840] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5840] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5840] close(3) = 0 [pid 5840] close(4) = 0 [pid 5840] mkdir("./file1", 0777) = 0 [ 76.658392][ T5840] loop0: detected capacity change from 0 to 32768 [ 76.700918][ T5840] OCFS2: ERROR (device loop0): int __ocfs2_find_path(struct ocfs2_caching_info *, struct ocfs2_extent_list *, u32, path_insert_t *, void *): Owner 66 has bad blkno in extent list at depth 65533 (index 52) [ 76.721399][ T5840] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 76.731629][ T5840] OCFS2: File system is now read-only. [ 76.737581][ T5840] (syz-executor399,5840,0):ocfs2_find_leaf:1940 ERROR: status = -30 [ 76.745647][ T5840] (syz-executor399,5840,0):ocfs2_get_clusters_nocache:421 ERROR: status = -30 [ 76.754523][ T5840] (syz-executor399,5840,0):ocfs2_get_clusters:624 ERROR: status = -30 [ 76.762761][ T5840] (syz-executor399,5840,0):ocfs2_extent_map_get_blocks:671 ERROR: status = -30 [ 76.771788][ T5840] (syz-executor399,5840,0):ocfs2_read_virt_blocks:987 ERROR: status = -30 [ 76.780528][ T5840] (syz-executor399,5840,0):ocfs2_read_dir_block:511 ERROR: status = -30 [ 76.789334][ T5840] (syz-executor399,5840,0):ocfs2_init_global_system_inodes:461 ERROR: status = -30 [pid 5840] mount("/dev/loop0", "./file1", "ocfs2", MS_STRICTATIME, "acl,heartbeat=none,errors=remount-ro,coherency=full,coherency=full,localflocks,intr,noacl,") = -1 EROFS (Read-only file system) [pid 5840] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5840] ioctl(3, LOOP_CLR_FD) = 0 [ 76.798816][ T5840] (syz-executor399,5840,0):ocfs2_init_global_system_inodes:463 ERROR: Unable to load system inode 1, possibly corrupt fs? [ 76.798848][ T5840] (syz-executor399,5840,0):ocfs2_init_global_system_inodes:472 ERROR: status = -30 [ 76.820950][ T5840] (syz-executor399,5840,0):ocfs2_initialize_super:2250 ERROR: status = -30 [ 76.829831][ T5840] (syz-executor399,5840,0):ocfs2_fill_super:1178 ERROR: status = -30 [pid 5840] close(3) = 0 [pid 5840] exit_group(0) = ? [pid 5840] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5840, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=32 /* 0.32 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5841 attached [pid 5841] set_robust_list(0x55558ccc4660, 24) = 0 [pid 5841] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5841] setpgid(0, 0) = 0 [pid 5841] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5841] write(3, "1000", 4) = 4 [pid 5841] close(3executing program ) = 0 [pid 5841] write(1, "executing program\n", 18) = 18 [pid 5841] memfd_create("syzkaller", 0 [pid 5838] <... clone resumed>, child_tidptr=0x55558ccc4650) = 5841 [pid 5841] <... memfd_create resumed>) = 3 [pid 5841] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faabce00000 [pid 5841] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5841] munmap(0x7faabce00000, 138412032) = 0 [pid 5841] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5841] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5841] close(3) = 0 [pid 5841] close(4) = 0 [pid 5841] mkdir("./file1", 0777) = -1 EEXIST (File exists) [ 77.201851][ T5841] loop0: detected capacity change from 0 to 32768 [ 77.234676][ T5841] ================================================================== [ 77.242807][ T5841] BUG: KASAN: use-after-free in __ocfs2_find_path+0x203/0x7e0 [ 77.250356][ T5841] Read of size 4 at addr ffff888071538000 by task syz-executor399/5841 [ 77.258628][ T5841] [ 77.260969][ T5841] CPU: 1 UID: 0 PID: 5841 Comm: syz-executor399 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0 [ 77.271724][ T5841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 77.281784][ T5841] Call Trace: [ 77.285060][ T5841] [ 77.287992][ T5841] dump_stack_lvl+0x241/0x360 [ 77.292718][ T5841] ? __pfx_dump_stack_lvl+0x10/0x10 [ 77.297927][ T5841] ? __pfx__printk+0x10/0x10 [ 77.302519][ T5841] ? _printk+0xd5/0x120 [ 77.306696][ T5841] ? __virt_addr_valid+0x183/0x530 [ 77.311817][ T5841] ? __virt_addr_valid+0x183/0x530 [ 77.316941][ T5841] print_report+0x169/0x550 [ 77.321451][ T5841] ? __virt_addr_valid+0x183/0x530 [ 77.326574][ T5841] ? __virt_addr_valid+0x183/0x530 [ 77.331705][ T5841] ? __virt_addr_valid+0x45f/0x530 [ 77.336825][ T5841] ? __phys_addr+0xba/0x170 [ 77.341347][ T5841] ? __ocfs2_find_path+0x203/0x7e0 [ 77.346465][ T5841] kasan_report+0x143/0x180 [ 77.350985][ T5841] ? __ocfs2_find_path+0x203/0x7e0 [ 77.356116][ T5841] __ocfs2_find_path+0x203/0x7e0 [ 77.361087][ T5841] ? __pfx_find_leaf_ins+0x10/0x10 [ 77.366208][ T5841] ? __pfx___ocfs2_find_path+0x10/0x10 [ 77.371691][ T5841] ? __pfx_ocfs2_validate_inode_block+0x10/0x10 [ 77.377940][ T5841] ocfs2_find_leaf+0xcf/0x230 [ 77.382621][ T5841] ? __pfx_ocfs2_find_leaf+0x10/0x10 [ 77.387911][ T5841] ? __pfx_ocfs2_validate_inode_block+0x10/0x10 [ 77.394157][ T5841] ocfs2_get_clusters_nocache+0x1ad/0xbf0 [ 77.399892][ T5841] ? __pfx_ocfs2_get_clusters_nocache+0x10/0x10 [ 77.406166][ T5841] ? ocfs2_read_inode_block+0x14c/0x1e0 [ 77.411716][ T5841] ? __pfx_ocfs2_read_inode_block+0x10/0x10 [ 77.417608][ T5841] ? do_raw_spin_unlock+0x13c/0x8b0 [ 77.422820][ T5841] ocfs2_get_clusters+0x5bd/0xbd0 [ 77.427856][ T5841] ? __pfx_ocfs2_get_clusters+0x10/0x10 [ 77.433398][ T5841] ? mark_lock+0x9a/0x360 [ 77.437728][ T5841] ? __pfx_lock_acquire+0x10/0x10 [ 77.442761][ T5841] ? validate_chain+0x11e/0x5920 [ 77.447715][ T5841] ocfs2_extent_map_get_blocks+0x24c/0x7d0 [ 77.453533][ T5841] ? __pfx_ocfs2_extent_map_get_blocks+0x10/0x10 [ 77.459857][ T5841] ocfs2_read_virt_blocks+0x313/0xb20 [ 77.465235][ T5841] ? __pfx_ocfs2_validate_dir_block+0x10/0x10 [ 77.471303][ T5841] ? __pfx_ocfs2_read_virt_blocks+0x10/0x10 [ 77.477193][ T5841] ? __pfx_validate_chain+0x10/0x10 [ 77.482387][ T5841] ? __pfx_validate_chain+0x10/0x10 [ 77.487588][ T5841] ocfs2_find_entry+0x43b/0x2780 [ 77.492524][ T5841] ? __pfx_ocfs2_find_entry+0x10/0x10 [ 77.497887][ T5841] ? __asan_memset+0x23/0x50 [ 77.502487][ T5841] ? __lock_acquire+0x1397/0x2100 [ 77.507605][ T5841] ? format_decode+0xc5f/0x1bb0 [ 77.512467][ T5841] ? __pfx_format_decode+0x10/0x10 [ 77.517573][ T5841] ? __mutex_trylock_common+0x183/0x2e0 [ 77.523137][ T5841] ? __pfx___might_resched+0x10/0x10 [ 77.528420][ T5841] ? string+0x26a/0x2b0 [ 77.532568][ T5841] ? widen_string+0x3a/0x310 [ 77.537167][ T5841] ? string+0x26a/0x2b0 [ 77.541317][ T5841] ? vsnprintf+0x1ccd/0x1da0 [ 77.545908][ T5841] ocfs2_find_files_on_disk+0xff/0x360 [ 77.551365][ T5841] ocfs2_lookup_ino_from_name+0xb1/0x1e0 [ 77.557075][ T5841] ? __pfx_ocfs2_lookup_ino_from_name+0x10/0x10 [ 77.563306][ T5841] ? kasan_save_track+0x51/0x80 [ 77.568147][ T5841] ? kasan_save_track+0x3f/0x80 [ 77.572998][ T5841] ? __kasan_kmalloc+0x98/0xb0 [ 77.577773][ T5841] ? ocfs2_new_dlm_debug+0x97/0x200 [ 77.582992][ T5841] ocfs2_get_system_file_inode+0x305/0x7b0 [ 77.588815][ T5841] ? __pfx_ocfs2_get_system_file_inode+0x10/0x10 [ 77.595153][ T5841] ocfs2_init_global_system_inodes+0x32c/0x730 [ 77.601342][ T5841] ? __pfx_ocfs2_init_global_system_inodes+0x10/0x10 [ 77.608019][ T5841] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 77.613567][ T5841] ? ocfs2_new_dlm_debug+0xb5/0x200 [ 77.618778][ T5841] ? __pfx_ocfs2_new_dlm_debug+0x10/0x10 [ 77.624409][ T5841] ? rcu_is_watching+0x15/0xb0 [ 77.629182][ T5841] ? trace_ocfs2_initialize_super+0x9e/0x230 [ 77.635184][ T5841] ocfs2_fill_super+0x2f5b/0x5760 [ 77.640270][ T5841] ? __pfx_ocfs2_fill_super+0x10/0x10 [ 77.645647][ T5841] ? __pfx_validate_chain+0x10/0x10 [ 77.650848][ T5841] ? unwind_next_frame+0x18e6/0x22d0 [ 77.656141][ T5841] ? __pfx_validate_chain+0x10/0x10 [ 77.661352][ T5841] ? preempt_count_add+0x93/0x190 [ 77.666474][ T5841] ? mark_lock+0x9a/0x360 [ 77.670805][ T5841] ? __lock_acquire+0x1397/0x2100 [ 77.675829][ T5841] ? validate_chain+0x11e/0x5920 [ 77.680784][ T5841] ? mark_lock+0x9a/0x360 [ 77.685126][ T5841] ? __pfx_validate_chain+0x10/0x10 [ 77.690342][ T5841] ? string+0x26a/0x2b0 [ 77.694492][ T5841] ? widen_string+0x3a/0x310 [ 77.699080][ T5841] ? string+0x26a/0x2b0 [ 77.703230][ T5841] ? bdev_name+0x2b1/0x3c0 [ 77.707646][ T5841] ? pointer+0x703/0x1210 [ 77.711971][ T5841] ? __pfx_pointer+0x10/0x10 [ 77.716559][ T5841] ? __pfx_format_decode+0x10/0x10 [ 77.721665][ T5841] ? __lock_acquire+0x1397/0x2100 [ 77.726697][ T5841] ? vsnprintf+0x1ccd/0x1da0 [ 77.731314][ T5841] ? snprintf+0xda/0x120 [ 77.735566][ T5841] ? __pfx_lock_release+0x10/0x10 [ 77.740599][ T5841] ? do_raw_spin_lock+0x14f/0x370 [ 77.745633][ T5841] ? __pfx_snprintf+0x10/0x10 [ 77.750326][ T5841] ? set_blocksize+0x1f9/0x360 [ 77.755093][ T5841] ? sb_set_blocksize+0x98/0xf0 [ 77.759947][ T5841] ? setup_bdev_super+0x4e6/0x5d0 [ 77.764968][ T5841] mount_bdev+0x20a/0x2d0 [ 77.769379][ T5841] ? __pfx_ocfs2_fill_super+0x10/0x10 [ 77.774834][ T5841] ? __pfx_mount_bdev+0x10/0x10 [ 77.779682][ T5841] ? vfs_parse_fs_string+0x190/0x230 [ 77.784976][ T5841] ? __pfx_vfs_parse_fs_string+0x10/0x10 [ 77.790641][ T5841] legacy_get_tree+0xee/0x190 [ 77.795329][ T5841] ? __pfx_ocfs2_mount+0x10/0x10 [ 77.800270][ T5841] vfs_get_tree+0x90/0x2b0 [ 77.804699][ T5841] do_new_mount+0x2be/0xb40 [ 77.809227][ T5841] ? __pfx_do_new_mount+0x10/0x10 [ 77.814254][ T5841] __se_sys_mount+0x2d6/0x3c0 [ 77.818932][ T5841] ? __pfx___se_sys_mount+0x10/0x10 [ 77.824127][ T5841] ? do_syscall_64+0x100/0x230 [ 77.828897][ T5841] ? __x64_sys_mount+0x20/0xc0 [ 77.833665][ T5841] do_syscall_64+0xf3/0x230 [ 77.838173][ T5841] ? clear_bhb_loop+0x35/0x90 [ 77.842858][ T5841] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.848765][ T5841] RIP: 0033:0x7faac5353dea [ 77.853201][ T5841] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 77.872837][ T5841] RSP: 002b:00007ffe4ce13ad8 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5 [ 77.881260][ T5841] RAX: ffffffffffffffda RBX: 00007ffe4ce13af0 RCX: 00007faac5353dea [ 77.889230][ T5841] RDX: 0000000020004440 RSI: 0000000020000780 RDI: 00007ffe4ce13af0 [ 77.897300][ T5841] RBP: 0000000000000004 R08: 00007ffe4ce13b30 R09: 0000000000004444 [ 77.905291][ T5841] R10: 0000000001000000 R11: 0000000000000282 R12: 0000000001000000 [ 77.913260][ T5841] R13: 00007ffe4ce13b30 R14: 0000000000000003 R15: 0000000001000000 [ 77.921237][ T5841] [ 77.924250][ T5841] [ 77.926569][ T5841] The buggy address belongs to the physical page: [ 77.932995][ T5841] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x71538 [ 77.941761][ T5841] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 77.948959][ T5841] page_type: f0(buddy) [ 77.953022][ T5841] raw: 00fff00000000000 ffff88813fffc590 ffff88813fffc590 0000000000000000 [ 77.961600][ T5841] raw: 0000000000000000 0000000000000000 00000000f0000000 0000000000000000 [ 77.970217][ T5841] page dumped because: kasan: bad access detected [ 77.976630][ T5841] page_owner tracks the page as freed [ 77.981987][ T5841] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 5839, tgid 5839 (udevd), ts 77247450455, free_ts 77249677157 [ 77.999086][ T5841] post_alloc_hook+0x1f3/0x230 [ 78.003864][ T5841] get_page_from_freelist+0x363e/0x3790 [ 78.009405][ T5841] __alloc_pages_noprof+0x292/0x710 [ 78.014614][ T5841] alloc_pages_mpol_noprof+0x3e8/0x680 [ 78.020069][ T5841] folio_alloc_mpol_noprof+0x36/0x50 [ 78.025349][ T5841] shmem_alloc_and_add_folio+0x49b/0x13d0 [ 78.031060][ T5841] shmem_get_folio_gfp+0x5a9/0x20a0 [ 78.036253][ T5841] shmem_write_begin+0x17e/0x460 [ 78.041208][ T5841] generic_perform_write+0x344/0x6d0 [ 78.046492][ T5841] shmem_file_write_iter+0xf9/0x120 [ 78.051717][ T5841] vfs_write+0xaeb/0xd30 [ 78.055969][ T5841] ksys_write+0x18f/0x2b0 [ 78.060298][ T5841] do_syscall_64+0xf3/0x230 [ 78.064807][ T5841] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.070710][ T5841] page last free pid 5839 tgid 5839 stack trace: [ 78.077030][ T5841] free_unref_folios+0xf21/0x1a10 [ 78.082072][ T5841] folios_put_refs+0x76c/0x860 [ 78.086845][ T5841] shmem_undo_range+0x64c/0x1cf0 [ 78.091783][ T5841] shmem_evict_inode+0x29b/0xa80 [ 78.096720][ T5841] evict+0x4e8/0x9a0 [ 78.100611][ T5841] __dentry_kill+0x20d/0x630 [ 78.105376][ T5841] dput+0x19f/0x2b0 [ 78.109201][ T5841] do_renameat2+0xda1/0x13f0 [ 78.113785][ T5841] __x64_sys_rename+0x82/0x90 [ 78.118460][ T5841] do_syscall_64+0xf3/0x230 [ 78.122963][ T5841] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.128856][ T5841] [ 78.131173][ T5841] Memory state around the buggy address: [ 78.136793][ T5841] ffff888071537f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 78.144844][ T5841] ffff888071537f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 78.152896][ T5841] >ffff888071538000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 78.160964][ T5841] ^ [ 78.165020][ T5841] ffff888071538080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 78.173071][ T5841] ffff888071538100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 78.181121][ T5841] ================================================================== [ 78.189616][ T5841] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 78.196831][ T5841] CPU: 1 UID: 0 PID: 5841 Comm: syz-executor399 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0 [ 78.207722][ T5841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 78.217781][ T5841] Call Trace: [ 78.221069][ T5841] [ 78.224008][ T5841] dump_stack_lvl+0x241/0x360 [ 78.228706][ T5841] ? __pfx_dump_stack_lvl+0x10/0x10 [ 78.233914][ T5841] ? __pfx__printk+0x10/0x10 [ 78.238548][ T5841] ? preempt_schedule+0xe1/0xf0 [ 78.243426][ T5841] ? vscnprintf+0x5d/0x90 [ 78.247760][ T5841] panic+0x349/0x880 [ 78.251666][ T5841] ? check_panic_on_warn+0x21/0xb0 [ 78.256781][ T5841] ? __pfx_panic+0x10/0x10 [ 78.261210][ T5841] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 78.267198][ T5841] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 78.273532][ T5841] ? print_report+0x502/0x550 [ 78.278217][ T5841] check_panic_on_warn+0x86/0xb0 [ 78.283165][ T5841] ? __ocfs2_find_path+0x203/0x7e0 [ 78.288287][ T5841] end_report+0x77/0x160 [ 78.292541][ T5841] kasan_report+0x154/0x180 [ 78.297061][ T5841] ? __ocfs2_find_path+0x203/0x7e0 [ 78.302186][ T5841] __ocfs2_find_path+0x203/0x7e0 [ 78.307140][ T5841] ? __pfx_find_leaf_ins+0x10/0x10 [ 78.312262][ T5841] ? __pfx___ocfs2_find_path+0x10/0x10 [ 78.317732][ T5841] ? __pfx_ocfs2_validate_inode_block+0x10/0x10 [ 78.323985][ T5841] ocfs2_find_leaf+0xcf/0x230 [ 78.328695][ T5841] ? __pfx_ocfs2_find_leaf+0x10/0x10 [ 78.333988][ T5841] ? __pfx_ocfs2_validate_inode_block+0x10/0x10 [ 78.340247][ T5841] ocfs2_get_clusters_nocache+0x1ad/0xbf0 [ 78.345973][ T5841] ? __pfx_ocfs2_get_clusters_nocache+0x10/0x10 [ 78.352226][ T5841] ? ocfs2_read_inode_block+0x14c/0x1e0 [ 78.357796][ T5841] ? __pfx_ocfs2_read_inode_block+0x10/0x10 [ 78.363712][ T5841] ? do_raw_spin_unlock+0x13c/0x8b0 [ 78.368922][ T5841] ocfs2_get_clusters+0x5bd/0xbd0 [ 78.373955][ T5841] ? __pfx_ocfs2_get_clusters+0x10/0x10 [ 78.379505][ T5841] ? mark_lock+0x9a/0x360 [ 78.383858][ T5841] ? __pfx_lock_acquire+0x10/0x10 [ 78.388887][ T5841] ? validate_chain+0x11e/0x5920 [ 78.393834][ T5841] ocfs2_extent_map_get_blocks+0x24c/0x7d0 [ 78.399655][ T5841] ? __pfx_ocfs2_extent_map_get_blocks+0x10/0x10 [ 78.405991][ T5841] ocfs2_read_virt_blocks+0x313/0xb20 [ 78.411370][ T5841] ? __pfx_ocfs2_validate_dir_block+0x10/0x10 [ 78.417449][ T5841] ? __pfx_ocfs2_read_virt_blocks+0x10/0x10 [ 78.423353][ T5841] ? __pfx_validate_chain+0x10/0x10 [ 78.428559][ T5841] ? __pfx_validate_chain+0x10/0x10 [ 78.433765][ T5841] ocfs2_find_entry+0x43b/0x2780 [ 78.438710][ T5841] ? __pfx_ocfs2_find_entry+0x10/0x10 [ 78.444087][ T5841] ? __asan_memset+0x23/0x50 [ 78.448697][ T5841] ? __lock_acquire+0x1397/0x2100 [ 78.453732][ T5841] ? format_decode+0xc5f/0x1bb0 [ 78.458591][ T5841] ? __pfx_format_decode+0x10/0x10 [ 78.463701][ T5841] ? __mutex_trylock_common+0x183/0x2e0 [ 78.469251][ T5841] ? __pfx___might_resched+0x10/0x10 [ 78.474545][ T5841] ? string+0x26a/0x2b0 [ 78.478703][ T5841] ? widen_string+0x3a/0x310 [ 78.483294][ T5841] ? string+0x26a/0x2b0 [ 78.487452][ T5841] ? vsnprintf+0x1ccd/0x1da0 [ 78.492044][ T5841] ocfs2_find_files_on_disk+0xff/0x360 [ 78.497520][ T5841] ocfs2_lookup_ino_from_name+0xb1/0x1e0 [ 78.503171][ T5841] ? __pfx_ocfs2_lookup_ino_from_name+0x10/0x10 [ 78.509415][ T5841] ? kasan_save_track+0x51/0x80 [ 78.514288][ T5841] ? kasan_save_track+0x3f/0x80 [ 78.519140][ T5841] ? __kasan_kmalloc+0x98/0xb0 [ 78.523906][ T5841] ? ocfs2_new_dlm_debug+0x97/0x200 [ 78.529129][ T5841] ocfs2_get_system_file_inode+0x305/0x7b0 [ 78.534944][ T5841] ? __pfx_ocfs2_get_system_file_inode+0x10/0x10 [ 78.541286][ T5841] ocfs2_init_global_system_inodes+0x32c/0x730 [ 78.547449][ T5841] ? __pfx_ocfs2_init_global_system_inodes+0x10/0x10 [ 78.554138][ T5841] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 78.559696][ T5841] ? ocfs2_new_dlm_debug+0xb5/0x200 [ 78.564923][ T5841] ? __pfx_ocfs2_new_dlm_debug+0x10/0x10 [ 78.570585][ T5841] ? rcu_is_watching+0x15/0xb0 [ 78.575361][ T5841] ? trace_ocfs2_initialize_super+0x9e/0x230 [ 78.581351][ T5841] ocfs2_fill_super+0x2f5b/0x5760 [ 78.586392][ T5841] ? __pfx_ocfs2_fill_super+0x10/0x10 [ 78.591768][ T5841] ? __pfx_validate_chain+0x10/0x10 [ 78.596980][ T5841] ? unwind_next_frame+0x18e6/0x22d0 [ 78.602274][ T5841] ? __pfx_validate_chain+0x10/0x10 [ 78.607486][ T5841] ? preempt_count_add+0x93/0x190 [ 78.612525][ T5841] ? mark_lock+0x9a/0x360 [ 78.616860][ T5841] ? __lock_acquire+0x1397/0x2100 [ 78.621891][ T5841] ? validate_chain+0x11e/0x5920 [ 78.626834][ T5841] ? mark_lock+0x9a/0x360 [ 78.631175][ T5841] ? __pfx_validate_chain+0x10/0x10 [ 78.636387][ T5841] ? string+0x26a/0x2b0 [ 78.640549][ T5841] ? widen_string+0x3a/0x310 [ 78.645145][ T5841] ? string+0x26a/0x2b0 [ 78.649303][ T5841] ? bdev_name+0x2b1/0x3c0 [ 78.653724][ T5841] ? pointer+0x703/0x1210 [ 78.658055][ T5841] ? __pfx_pointer+0x10/0x10 [ 78.662648][ T5841] ? __pfx_format_decode+0x10/0x10 [ 78.667763][ T5841] ? __lock_acquire+0x1397/0x2100 [ 78.672793][ T5841] ? vsnprintf+0x1ccd/0x1da0 [ 78.677395][ T5841] ? snprintf+0xda/0x120 [ 78.681639][ T5841] ? __pfx_lock_release+0x10/0x10 [ 78.686665][ T5841] ? do_raw_spin_lock+0x14f/0x370 [ 78.691717][ T5841] ? __pfx_snprintf+0x10/0x10 [ 78.696410][ T5841] ? set_blocksize+0x1f9/0x360 [ 78.701189][ T5841] ? sb_set_blocksize+0x98/0xf0 [ 78.706052][ T5841] ? setup_bdev_super+0x4e6/0x5d0 [ 78.711095][ T5841] mount_bdev+0x20a/0x2d0 [ 78.715429][ T5841] ? __pfx_ocfs2_fill_super+0x10/0x10 [ 78.720803][ T5841] ? __pfx_mount_bdev+0x10/0x10 [ 78.725660][ T5841] ? vfs_parse_fs_string+0x190/0x230 [ 78.730954][ T5841] ? __pfx_vfs_parse_fs_string+0x10/0x10 [ 78.736605][ T5841] legacy_get_tree+0xee/0x190 [ 78.741298][ T5841] ? __pfx_ocfs2_mount+0x10/0x10 [ 78.746240][ T5841] vfs_get_tree+0x90/0x2b0 [ 78.750661][ T5841] do_new_mount+0x2be/0xb40 [ 78.755197][ T5841] ? __pfx_do_new_mount+0x10/0x10 [ 78.760253][ T5841] __se_sys_mount+0x2d6/0x3c0 [ 78.764958][ T5841] ? __pfx___se_sys_mount+0x10/0x10 [ 78.770182][ T5841] ? do_syscall_64+0x100/0x230 [ 78.774976][ T5841] ? __x64_sys_mount+0x20/0xc0 [ 78.779757][ T5841] do_syscall_64+0xf3/0x230 [ 78.784277][ T5841] ? clear_bhb_loop+0x35/0x90 [ 78.788976][ T5841] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.794928][ T5841] RIP: 0033:0x7faac5353dea [ 78.799358][ T5841] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 78.818985][ T5841] RSP: 002b:00007ffe4ce13ad8 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5 [ 78.827411][ T5841] RAX: ffffffffffffffda RBX: 00007ffe4ce13af0 RCX: 00007faac5353dea [ 78.835390][ T5841] RDX: 0000000020004440 RSI: 0000000020000780 RDI: 00007ffe4ce13af0 [ 78.843361][ T5841] RBP: 0000000000000004 R08: 00007ffe4ce13b30 R09: 0000000000004444 [ 78.851334][ T5841] R10: 0000000001000000 R11: 0000000000000282 R12: 0000000001000000 [ 78.859311][ T5841] R13: 00007ffe4ce13b30 R14: 0000000000000003 R15: 0000000001000000 [ 78.867291][ T5841] [ 78.870655][ T5841] Kernel Offset: disabled [ 78.875000][ T5841] Rebooting in 86400 seconds..