Warning: Permanently added '10.128.1.179' (ED25519) to the list of known hosts. executing program [ 45.943148][ T4021] loop0: detected capacity change from 0 to 32768 [ 46.029023][ T4021] read_mapping_page failed! [ 46.030263][ T4021] ERROR: (device loop0): txAbort: [ 46.030263][ T4021] [ 46.032939][ T4021] ERROR: (device loop0): remounting filesystem as read-only [ 46.045715][ T4020] BUG: spinlock bad magic on CPU#0, syz-executor301/4020 [ 46.047487][ T4020] lock: 0xffff0000dd6a4aa8, .magic: ffff8000, .owner: €RjÝ/0, .owner_cpu: 512 [ 46.049731][ T4020] CPU: 0 PID: 4020 Comm: syz-executor301 Not tainted 5.15.178-syzkaller #0 [ 46.051911][ T4020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 46.054474][ T4020] Call trace: [ 46.055297][ T4020] dump_backtrace+0x0/0x530 [ 46.056422][ T4020] show_stack+0x2c/0x3c [ 46.057475][ T4020] dump_stack_lvl+0x108/0x170 [ 46.058672][ T4020] dump_stack+0x1c/0x58 [ 46.059738][ T4020] spin_bug+0x124/0x240 [ 46.060791][ T4020] do_raw_spin_lock+0x200/0x35c [ 46.062026][ T4020] _raw_spin_lock_irqsave+0xcc/0x14c [ 46.063384][ T4020] __wake_up+0xe8/0x1a0 [ 46.064450][ T4020] release_metapage+0x17c/0x918 [ 46.065697][ T4020] xtTruncate+0xc90/0x2b10 [ 46.066828][ T4020] jfs_free_zero_link+0x374/0x598 [ 46.068102][ T4020] jfs_evict_inode+0x308/0x408 [ 46.069308][ T4020] evict+0x418/0x894 [ 46.070281][ T4020] iput+0x744/0x824 [ 46.071263][ T4020] dentry_unlink_inode+0x37c/0x4bc [ 46.072583][ T4020] __dentry_kill+0x324/0x5e4 [ 46.073752][ T4020] shrink_dentry_list+0x41c/0x850 [ 46.075041][ T4020] shrink_dcache_parent+0xbc/0x434 [ 46.076373][ T4020] do_one_tree+0x30/0xfc [ 46.077470][ T4020] shrink_dcache_for_umount+0x80/0x12c [ 46.078890][ T4020] generic_shutdown_super+0x68/0x2f0 [ 46.080258][ T4020] kill_block_super+0x70/0xdc [ 46.081446][ T4020] deactivate_locked_super+0xb8/0x13c [ 46.082839][ T4020] deactivate_super+0x108/0x128 [ 46.084089][ T4020] cleanup_mnt+0x3c0/0x474 [ 46.085220][ T4020] __cleanup_mnt+0x20/0x30 [ 46.086358][ T4020] task_work_run+0x130/0x1e4 [ 46.087547][ T4020] do_notify_resume+0x262c/0x32b8 [ 46.088833][ T4020] el0_svc+0xfc/0x1f0 [ 46.089865][ T4020] el0t_64_sync_handler+0x84/0xe4 [ 46.091165][ T4020] el0t_64_sync+0x1a0/0x1a4 [ 46.092326][ T4020] ================================================================================ [ 46.094718][ T4020] UBSAN: array-index-out-of-bounds in kernel/locking/qspinlock.c:130:9 [ 46.096862][ T4020] index 1150 is out of range for type 'unsigned long[8]' [ 46.098683][ T4020] CPU: 0 PID: 4020 Comm: syz-executor301 Not tainted 5.15.178-syzkaller #0 [ 46.100896][ T4020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 46.103485][ T4020] Call trace: [ 46.104330][ T4020] dump_backtrace+0x0/0x530 [ 46.105486][ T4020] show_stack+0x2c/0x3c [ 46.106575][ T4020] dump_stack_lvl+0x108/0x170 [ 46.107783][ T4020] dump_stack+0x1c/0x58 [ 46.108865][ T4020] __ubsan_handle_out_of_bounds+0x108/0x15c [ 46.110369][ T4020] queued_spin_lock_slowpath+0x854/0x938 [ 46.111824][ T4020] do_raw_spin_lock+0x334/0x35c [ 46.113054][ T4020] _raw_spin_lock_irqsave+0xcc/0x14c [ 46.114426][ T4020] __wake_up+0xe8/0x1a0 [ 46.115503][ T4020] release_metapage+0x17c/0x918 [ 46.116763][ T4020] xtTruncate+0xc90/0x2b10 [ 46.117893][ T4020] jfs_free_zero_link+0x374/0x598 [ 46.119183][ T4020] jfs_evict_inode+0x308/0x408 [ 46.120397][ T4020] evict+0x418/0x894 [ 46.121396][ T4020] iput+0x744/0x824 [ 46.122371][ T4020] dentry_unlink_inode+0x37c/0x4bc [ 46.123667][ T4020] __dentry_kill+0x324/0x5e4 [ 46.124847][ T4020] shrink_dentry_list+0x41c/0x850 [ 46.126142][ T4020] shrink_dcache_parent+0xbc/0x434 [ 46.127453][ T4020] do_one_tree+0x30/0xfc [ 46.128549][ T4020] shrink_dcache_for_umount+0x80/0x12c [ 46.129946][ T4020] generic_shutdown_super+0x68/0x2f0 [ 46.131291][ T4020] kill_block_super+0x70/0xdc [ 46.132483][ T4020] deactivate_locked_super+0xb8/0x13c [ 46.133867][ T4020] deactivate_super+0x108/0x128 [ 46.135093][ T4020] cleanup_mnt+0x3c0/0x474 [ 46.136242][ T4020] __cleanup_mnt+0x20/0x30 [ 46.137374][ T4020] task_work_run+0x130/0x1e4 [ 46.138573][ T4020] do_notify_resume+0x262c/0x32b8 [ 46.139856][ T4020] el0_svc+0xfc/0x1f0 [ 46.140875][ T4020] el0t_64_sync_handler+0x84/0xe4 [ 46.142173][ T4020] el0t_64_sync+0x1a0/0x1a4 [ 46.143334][ T4020] ================================================================================ [ 46.145724][ T4020] ================================================================== [ 46.147805][ T4020] BUG: KASAN: use-after-free in queued_spin_lock_slowpath+0x364/0x938 [ 46.149896][ T4020] Write of size 8 at addr ffff000027884e90 by task syz-executor301/4020 [ 46.152030][ T4020] [ 46.152629][ T4020] CPU: 0 PID: 4020 Comm: syz-executor301 Not tainted 5.15.178-syzkaller #0 [ 46.154831][ T4020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 46.157423][ T4020] Call trace: [ 46.158256][ T4020] dump_backtrace+0x0/0x530 [ 46.159405][ T4020] show_stack+0x2c/0x3c [ 46.160475][ T4020] dump_stack_lvl+0x108/0x170 [ 46.161677][ T4020] print_address_description+0x7c/0x3f0 [ 46.163114][ T4020] kasan_report+0x174/0x1e4 [ 46.164264][ T4020] __asan_report_store8_noabort+0x44/0x50 [ 46.165743][ T4020] queued_spin_lock_slowpath+0x364/0x938 [ 46.167200][ T4020] do_raw_spin_lock+0x334/0x35c [ 46.168445][ T4020] _raw_spin_lock_irqsave+0xcc/0x14c [ 46.169822][ T4020] __wake_up+0xe8/0x1a0 [ 46.170896][ T4020] release_metapage+0x17c/0x918 [ 46.172142][ T4020] xtTruncate+0xc90/0x2b10 [ 46.173280][ T4020] jfs_free_zero_link+0x374/0x598 [ 46.174591][ T4020] jfs_evict_inode+0x308/0x408 [ 46.175806][ T4020] evict+0x418/0x894 [ 46.176795][ T4020] iput+0x744/0x824 [ 46.177784][ T4020] dentry_unlink_inode+0x37c/0x4bc [ 46.179106][ T4020] __dentry_kill+0x324/0x5e4 [ 46.180290][ T4020] shrink_dentry_list+0x41c/0x850 [ 46.181601][ T4020] shrink_dcache_parent+0xbc/0x434 [ 46.182914][ T4020] do_one_tree+0x30/0xfc [ 46.184002][ T4020] shrink_dcache_for_umount+0x80/0x12c [ 46.185414][ T4020] generic_shutdown_super+0x68/0x2f0 [ 46.186783][ T4020] kill_block_super+0x70/0xdc [ 46.187993][ T4020] deactivate_locked_super+0xb8/0x13c [ 46.189363][ T4020] deactivate_super+0x108/0x128 [ 46.190603][ T4020] cleanup_mnt+0x3c0/0x474 [ 46.191754][ T4020] __cleanup_mnt+0x20/0x30 [ 46.192897][ T4020] task_work_run+0x130/0x1e4 [ 46.194065][ T4020] do_notify_resume+0x262c/0x32b8 [ 46.195353][ T4020] el0_svc+0xfc/0x1f0 [ 46.196386][ T4020] el0t_64_sync_handler+0x84/0xe4 [ 46.197688][ T4020] el0t_64_sync+0x1a0/0x1a4 [ 46.198853][ T4020] [ 46.199439][ T4020] The buggy address belongs to the page: [ 46.200892][ T4020] page:0000000029149eeb refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x67884 [ 46.203528][ T4020] flags: 0x1ffc00000000000(node=0|zone=0|lastcpupid=0x7ff) [ 46.205390][ T4020] raw: 01ffc00000000000 fffffc00009e2108 fffffc00009e2108 0000000000000000 [ 46.207609][ T4020] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 46.209842][ T4020] page dumped because: kasan: bad access detected [ 46.211483][ T4020] [ 46.212073][ T4020] Memory state around the buggy address: [ 46.213534][ T4020] ffff000027884d80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 46.215613][ T4020] ffff000027884e00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 46.217696][ T4020] >ffff000027884e80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 46.219778][ T4020] ^ [ 46.220947][ T4020] ffff000027884f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 46.223031][ T4020] ffff000027884f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 46.225097][ T4020] ==================================================================