./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3866817464 <...> Warning: Permanently added '10.128.1.223' (ED25519) to the list of known hosts. execve("./syz-executor3866817464", ["./syz-executor3866817464"], 0x7fff754a00b0 /* 10 vars */) = 0 brk(NULL) = 0x555561a18000 brk(0x555561a18d00) = 0x555561a18d00 arch_prctl(ARCH_SET_FS, 0x555561a18380) = 0 set_tid_address(0x555561a18650) = 5828 set_robust_list(0x555561a18660, 24) = 0 rseq(0x555561a18ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3866817464", 4096) = 28 getrandom("\xdc\xf2\xaa\xce\x68\xde\xb9\x4f", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555561a18d00 brk(0x555561a39d00) = 0x555561a39d00 brk(0x555561a3a000) = 0x555561a3a000 mprotect(0x7f8bd9f30000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5829 attached [pid 5829] set_robust_list(0x555561a18660, 24) = 0 [pid 5829] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] <... clone resumed>, child_tidptr=0x555561a18650) = 5829 [pid 5829] <... prctl resumed>) = 0 [pid 5829] setpgid(0, 0) = 0 [pid 5829] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5829] write(3, "1000", 4) = 4 [pid 5829] close(3) = 0 [pid 5829] write(1, "executing program\n", 18executing program ) = 18 [pid 5829] memfd_create("syzkaller", 0) = 3 [pid 5829] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8bd1a00000 [pid 5829] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5829] munmap(0x7f8bd1a00000, 138412032) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5829] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5829] close(3) = 0 [pid 5829] close(4) = 0 [pid 5829] mkdir("./file1", 0777) = 0 [ 75.929307][ T5829] loop0: detected capacity change from 0 to 32768 [ 75.961529][ T5829] OCFS2: ERROR (device loop0): int ocfs2_validate_extent_block(struct super_block *, struct buffer_head *): Extent block #49 has bad signature [ 75.976497][ T5829] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 75.986940][ T5829] OCFS2: File system is now read-only. [ 75.992875][ T5829] (syz-executor386,5829,0):__ocfs2_find_path:1844 ERROR: status = -30 [ 76.001280][ T5829] (syz-executor386,5829,0):ocfs2_find_leaf:1940 ERROR: status = -30 [ 76.009294][ T5829] (syz-executor386,5829,0):ocfs2_get_clusters_nocache:421 ERROR: status = -30 [ 76.018247][ T5829] (syz-executor386,5829,0):ocfs2_get_clusters:624 ERROR: status = -30 [ 76.026487][ T5829] (syz-executor386,5829,0):ocfs2_extent_map_get_blocks:671 ERROR: status = -30 [ 76.035553][ T5829] (syz-executor386,5829,0):ocfs2_read_virt_blocks:987 ERROR: status = -30 [ 76.044256][ T5829] (syz-executor386,5829,0):ocfs2_read_dir_block:511 ERROR: status = -30 [ 76.053088][ T5829] (syz-executor386,5829,0):ocfs2_init_global_system_inodes:461 ERROR: status = -30 [ 76.062728][ T5829] (syz-executor386,5829,0):ocfs2_init_global_system_inodes:463 ERROR: Unable to load system inode 1, possibly corrupt fs? [pid 5829] mount("/dev/loop0", "./file1", "ocfs2", MS_STRICTATIME, "acl,heartbeat=none,errors=remount-ro,coherency=full,coherency=full,localflocks,intr,noacl,") = -1 EROFS (Read-only file system) [pid 5829] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5829] ioctl(3, LOOP_CLR_FD) = 0 [ 76.062762][ T5829] (syz-executor386,5829,0):ocfs2_init_global_system_inodes:472 ERROR: status = -30 [ 76.084855][ T5829] (syz-executor386,5829,0):ocfs2_initialize_super:2250 ERROR: status = -30 [ 76.093592][ T5829] (syz-executor386,5829,0):ocfs2_fill_super:1178 ERROR: status = -30 [pid 5829] close(3) = 0 [pid 5829] exit_group(0) = ? [pid 5829] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5829, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=39 /* 0.39 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5831 attached [pid 5831] set_robust_list(0x555561a18660, 24 [pid 5828] <... clone resumed>, child_tidptr=0x555561a18650) = 5831 [pid 5831] <... set_robust_list resumed>) = 0 [pid 5831] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5831] setpgid(0, 0) = 0 [pid 5831] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5831] write(3, "1000", 4) = 4 [pid 5831] close(3) = 0 executing program [pid 5831] write(1, "executing program\n", 18) = 18 [pid 5831] memfd_create("syzkaller", 0) = 3 [pid 5831] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8bd1a00000 [pid 5831] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5831] munmap(0x7f8bd1a00000, 138412032) = 0 [pid 5831] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5831] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5831] close(3) = 0 [pid 5831] close(4) = 0 [pid 5831] mkdir("./file1", 0777) = -1 EEXIST (File exists) [ 76.492475][ T5831] loop0: detected capacity change from 0 to 32768 [ 76.526261][ T5831] ================================================================== [ 76.534566][ T5831] BUG: KASAN: use-after-free in __ocfs2_find_path+0x203/0x7e0 [ 76.542117][ T5831] Read of size 4 at addr ffff888072592000 by task syz-executor386/5831 [ 76.550370][ T5831] [ 76.552711][ T5831] CPU: 0 UID: 0 PID: 5831 Comm: syz-executor386 Not tainted 6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0 [ 76.563816][ T5831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 76.573903][ T5831] Call Trace: [ 76.577184][ T5831] [ 76.580110][ T5831] dump_stack_lvl+0x241/0x360 [ 76.584821][ T5831] ? __pfx_dump_stack_lvl+0x10/0x10 [ 76.590022][ T5831] ? __pfx__printk+0x10/0x10 [ 76.594625][ T5831] ? _printk+0xd5/0x120 [ 76.598798][ T5831] ? __virt_addr_valid+0x183/0x530 [ 76.603908][ T5831] ? __virt_addr_valid+0x183/0x530 [ 76.609016][ T5831] print_report+0x169/0x550 [ 76.613526][ T5831] ? __virt_addr_valid+0x183/0x530 [ 76.618633][ T5831] ? __virt_addr_valid+0x183/0x530 [ 76.623765][ T5831] ? __virt_addr_valid+0x45f/0x530 [ 76.628874][ T5831] ? __phys_addr+0xba/0x170 [ 76.633407][ T5831] ? __ocfs2_find_path+0x203/0x7e0 [ 76.638531][ T5831] kasan_report+0x143/0x180 [ 76.643051][ T5831] ? __ocfs2_find_path+0x203/0x7e0 [ 76.648207][ T5831] __ocfs2_find_path+0x203/0x7e0 [ 76.653177][ T5831] ? __pfx_find_leaf_ins+0x10/0x10 [ 76.658291][ T5831] ? __pfx___ocfs2_find_path+0x10/0x10 [ 76.663862][ T5831] ? __pfx_ocfs2_validate_inode_block+0x10/0x10 [ 76.670124][ T5831] ocfs2_find_leaf+0xcf/0x230 [ 76.674851][ T5831] ? __pfx_ocfs2_find_leaf+0x10/0x10 [ 76.680160][ T5831] ? __pfx_ocfs2_validate_inode_block+0x10/0x10 [ 76.686412][ T5831] ocfs2_get_clusters_nocache+0x1ad/0xbf0 [ 76.692137][ T5831] ? __pfx_ocfs2_get_clusters_nocache+0x10/0x10 [ 76.698381][ T5831] ? ocfs2_read_inode_block+0x14c/0x1e0 [ 76.703934][ T5831] ? __pfx_ocfs2_read_inode_block+0x10/0x10 [ 76.709940][ T5831] ? do_raw_spin_unlock+0x13c/0x8b0 [ 76.715163][ T5831] ocfs2_get_clusters+0x5bd/0xbd0 [ 76.720194][ T5831] ? __pfx_ocfs2_get_clusters+0x10/0x10 [ 76.725742][ T5831] ? mark_lock+0x9a/0x360 [ 76.730134][ T5831] ? __pfx_lock_acquire+0x10/0x10 [ 76.735173][ T5831] ? validate_chain+0x11e/0x5920 [ 76.740116][ T5831] ocfs2_extent_map_get_blocks+0x24c/0x7d0 [ 76.745927][ T5831] ? __pfx_ocfs2_extent_map_get_blocks+0x10/0x10 [ 76.752262][ T5831] ocfs2_read_virt_blocks+0x313/0xb20 [ 76.757638][ T5831] ? do_raw_spin_unlock+0x13c/0x8b0 [ 76.762842][ T5831] ? __pfx_ocfs2_validate_dir_block+0x10/0x10 [ 76.768926][ T5831] ? __pfx_ocfs2_read_virt_blocks+0x10/0x10 [ 76.774843][ T5831] ? __lock_acquire+0x1384/0x2050 [ 76.779892][ T5831] ? __pfx_validate_chain+0x10/0x10 [ 76.785094][ T5831] ocfs2_find_entry+0x43b/0x2780 [ 76.790065][ T5831] ? __pfx_ocfs2_find_entry+0x10/0x10 [ 76.795463][ T5831] ? __asan_memset+0x23/0x50 [ 76.800054][ T5831] ? lockdep_init_map_type+0xa1/0x910 [ 76.805434][ T5831] ? __pfx_register_lock_class+0x10/0x10 [ 76.811105][ T5831] ? mark_lock+0x9a/0x360 [ 76.815466][ T5831] ? __lock_acquire+0x1384/0x2050 [ 76.820527][ T5831] ? format_decode+0xc5f/0x1bb0 [ 76.825402][ T5831] ? __pfx_format_decode+0x10/0x10 [ 76.830530][ T5831] ? string+0x26a/0x2b0 [ 76.834707][ T5831] ? widen_string+0x3a/0x310 [ 76.839309][ T5831] ? string+0x26a/0x2b0 [ 76.843477][ T5831] ? vsnprintf+0x1ccd/0x1da0 [ 76.848086][ T5831] ocfs2_find_files_on_disk+0xff/0x360 [ 76.853570][ T5831] ocfs2_lookup_ino_from_name+0xb1/0x1e0 [ 76.859232][ T5831] ? __pfx_ocfs2_lookup_ino_from_name+0x10/0x10 [ 76.865484][ T5831] ? kasan_save_track+0x51/0x80 [ 76.870337][ T5831] ? kasan_save_track+0x3f/0x80 [ 76.875212][ T5831] ? __kasan_kmalloc+0x98/0xb0 [ 76.879986][ T5831] ? ocfs2_new_dlm_debug+0x97/0x200 [ 76.885189][ T5831] ocfs2_get_system_file_inode+0x305/0x7b0 [ 76.891011][ T5831] ? __pfx_ocfs2_get_system_file_inode+0x10/0x10 [ 76.897378][ T5831] ocfs2_init_global_system_inodes+0x32c/0x730 [ 76.903554][ T5831] ? __pfx_ocfs2_init_global_system_inodes+0x10/0x10 [ 76.910226][ T5831] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 76.915773][ T5831] ? ocfs2_new_dlm_debug+0xb5/0x200 [ 76.920974][ T5831] ? __pfx_ocfs2_new_dlm_debug+0x10/0x10 [ 76.926629][ T5831] ? rcu_is_watching+0x15/0xb0 [ 76.931404][ T5831] ? trace_ocfs2_initialize_super+0x9e/0x230 [ 76.937404][ T5831] ocfs2_fill_super+0x2f47/0x5750 [ 76.942451][ T5831] ? __pfx_ocfs2_fill_super+0x10/0x10 [ 76.947817][ T5831] ? __pfx_validate_chain+0x10/0x10 [ 76.953016][ T5831] ? __pfx_validate_chain+0x10/0x10 [ 76.958229][ T5831] ? preempt_count_add+0x93/0x190 [ 76.963276][ T5831] ? __pfx_validate_chain+0x10/0x10 [ 76.968475][ T5831] ? mark_lock+0x9a/0x360 [ 76.972802][ T5831] ? __lock_acquire+0x1384/0x2050 [ 76.977829][ T5831] ? validate_chain+0x11e/0x5920 [ 76.982798][ T5831] ? __lock_acquire+0x1384/0x2050 [ 76.987837][ T5831] ? __pfx_validate_chain+0x10/0x10 [ 76.993048][ T5831] ? string+0x26a/0x2b0 [ 76.997210][ T5831] ? widen_string+0x3a/0x310 [ 77.001815][ T5831] ? string+0x26a/0x2b0 [ 77.005982][ T5831] ? bdev_name+0x2b1/0x3c0 [ 77.010405][ T5831] ? pointer+0x703/0x1210 [ 77.014748][ T5831] ? __pfx_pointer+0x10/0x10 [ 77.019345][ T5831] ? __pfx_format_decode+0x10/0x10 [ 77.024475][ T5831] ? __lock_acquire+0x1384/0x2050 [ 77.029505][ T5831] ? vsnprintf+0x1ccd/0x1da0 [ 77.034117][ T5831] ? snprintf+0xda/0x120 [ 77.038450][ T5831] ? __pfx_lock_release+0x10/0x10 [ 77.043482][ T5831] ? do_raw_spin_lock+0x14f/0x370 [ 77.048669][ T5831] ? __pfx_snprintf+0x10/0x10 [ 77.053361][ T5831] ? set_blocksize+0x1f9/0x360 [ 77.058126][ T5831] ? sb_set_blocksize+0x98/0xf0 [ 77.062983][ T5831] ? setup_bdev_super+0x4e6/0x5d0 [ 77.068088][ T5831] mount_bdev+0x20a/0x2d0 [ 77.072460][ T5831] ? __pfx_ocfs2_fill_super+0x10/0x10 [ 77.077836][ T5831] ? __pfx_mount_bdev+0x10/0x10 [ 77.082699][ T5831] ? vfs_parse_fs_string+0x190/0x230 [ 77.087995][ T5831] ? __pfx_vfs_parse_fs_string+0x10/0x10 [ 77.093647][ T5831] legacy_get_tree+0xee/0x190 [ 77.098332][ T5831] ? __pfx_ocfs2_mount+0x10/0x10 [ 77.103272][ T5831] vfs_get_tree+0x90/0x2b0 [ 77.107734][ T5831] do_new_mount+0x2be/0xb40 [ 77.112253][ T5831] ? __pfx_do_new_mount+0x10/0x10 [ 77.117288][ T5831] __se_sys_mount+0x2d6/0x3c0 [ 77.121975][ T5831] ? __pfx___se_sys_mount+0x10/0x10 [ 77.127186][ T5831] ? do_syscall_64+0x100/0x230 [ 77.131956][ T5831] ? __x64_sys_mount+0x20/0xc0 [ 77.136810][ T5831] do_syscall_64+0xf3/0x230 [ 77.141482][ T5831] ? clear_bhb_loop+0x35/0x90 [ 77.146171][ T5831] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.152079][ T5831] RIP: 0033:0x7f8bd9eb9dea [ 77.156536][ T5831] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 77.176162][ T5831] RSP: 002b:00007fff38281748 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5 [ 77.184574][ T5831] RAX: ffffffffffffffda RBX: 00007fff38281760 RCX: 00007f8bd9eb9dea [ 77.192545][ T5831] RDX: 0000000020004440 RSI: 0000000020000780 RDI: 00007fff38281760 [ 77.200520][ T5831] RBP: 0000000000000004 R08: 00007fff382817a0 R09: 0000000000004444 [ 77.208488][ T5831] R10: 0000000001000000 R11: 0000000000000282 R12: 0000000001000000 [ 77.216454][ T5831] R13: 00007fff382817a0 R14: 0000000000000003 R15: 0000000001000000 [ 77.224425][ T5831] [ 77.227450][ T5831] [ 77.229805][ T5831] The buggy address belongs to the physical page: [ 77.236224][ T5831] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x7f8bd1a50 pfn:0x72592 [ 77.245692][ T5831] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 77.252803][ T5831] raw: 00fff00000000000 ffffea0001c964c8 ffffea0001c844c8 0000000000000000 [ 77.261378][ T5831] raw: 00000007f8bd1a50 0000000000000000 00000000ffffffff 0000000000000000 [ 77.269949][ T5831] page dumped because: kasan: bad access detected [ 77.276354][ T5831] page_owner tracks the page as freed [ 77.281733][ T5831] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 5831, tgid 5831 (syz-executor386), ts 76292545624, free_ts 76475474079 [ 77.300655][ T5831] post_alloc_hook+0x1f3/0x230 [ 77.305424][ T5831] get_page_from_freelist+0x3039/0x3180 [ 77.310968][ T5831] __alloc_pages_noprof+0x292/0x710 [ 77.316174][ T5831] alloc_pages_mpol_noprof+0x3e8/0x680 [ 77.321635][ T5831] vma_alloc_folio_noprof+0x12e/0x230 [ 77.327000][ T5831] folio_prealloc+0x31/0x170 [ 77.331590][ T5831] handle_pte_fault+0x24dd/0x6800 [ 77.336614][ T5831] handle_mm_fault+0x1053/0x1ad0 [ 77.341547][ T5831] exc_page_fault+0x459/0x8c0 [ 77.346217][ T5831] asm_exc_page_fault+0x26/0x30 [ 77.351077][ T5831] page last free pid 5831 tgid 5831 stack trace: [ 77.357431][ T5831] free_unref_folios+0xee2/0x18a0 [ 77.362453][ T5831] folios_put_refs+0x76c/0x860 [ 77.367210][ T5831] free_pages_and_swap_cache+0x5c8/0x690 [ 77.372839][ T5831] tlb_flush_mmu+0x3a3/0x680 [ 77.377435][ T5831] tlb_finish_mmu+0xd4/0x200 [ 77.382036][ T5831] vms_clear_ptes+0x437/0x530 [ 77.386730][ T5831] vms_complete_munmap_vmas+0x208/0x910 [ 77.392277][ T5831] do_vmi_align_munmap+0x613/0x730 [ 77.397378][ T5831] do_vmi_munmap+0x24e/0x2d0 [ 77.401958][ T5831] __vm_munmap+0x24c/0x480 [ 77.406368][ T5831] __x64_sys_munmap+0x60/0x70 [ 77.411073][ T5831] do_syscall_64+0xf3/0x230 [ 77.415599][ T5831] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.421488][ T5831] [ 77.423820][ T5831] Memory state around the buggy address: [ 77.429439][ T5831] ffff888072591f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 77.437498][ T5831] ffff888072591f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 77.445552][ T5831] >ffff888072592000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 77.453602][ T5831] ^ [ 77.457658][ T5831] ffff888072592080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 77.465710][ T5831] ffff888072592100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 77.473778][ T5831] ================================================================== [ 77.482351][ T5831] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 77.489561][ T5831] CPU: 0 UID: 0 PID: 5831 Comm: syz-executor386 Not tainted 6.12.0-rc5-syzkaller-00005-ge42b1a9a2557 #0 [ 77.500671][ T5831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 77.510726][ T5831] Call Trace: [ 77.514009][ T5831] [ 77.516942][ T5831] dump_stack_lvl+0x241/0x360 [ 77.521631][ T5831] ? __pfx_dump_stack_lvl+0x10/0x10 [ 77.526836][ T5831] ? __pfx__printk+0x10/0x10 [ 77.531432][ T5831] ? preempt_schedule+0xe1/0xf0 [ 77.536285][ T5831] ? vscnprintf+0x5d/0x90 [ 77.540626][ T5831] panic+0x349/0x880 [ 77.544527][ T5831] ? check_panic_on_warn+0x21/0xb0 [ 77.549643][ T5831] ? __pfx_panic+0x10/0x10 [ 77.554089][ T5831] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 77.560081][ T5831] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 77.566426][ T5831] ? print_report+0x502/0x550 [ 77.571117][ T5831] check_panic_on_warn+0x86/0xb0 [ 77.576064][ T5831] ? __ocfs2_find_path+0x203/0x7e0 [ 77.581185][ T5831] end_report+0x77/0x160 [ 77.585450][ T5831] kasan_report+0x154/0x180 [ 77.589960][ T5831] ? __ocfs2_find_path+0x203/0x7e0 [ 77.595080][ T5831] __ocfs2_find_path+0x203/0x7e0 [ 77.600475][ T5831] ? __pfx_find_leaf_ins+0x10/0x10 [ 77.605594][ T5831] ? __pfx___ocfs2_find_path+0x10/0x10 [ 77.611083][ T5831] ? __pfx_ocfs2_validate_inode_block+0x10/0x10 [ 77.617339][ T5831] ocfs2_find_leaf+0xcf/0x230 [ 77.622028][ T5831] ? __pfx_ocfs2_find_leaf+0x10/0x10 [ 77.627501][ T5831] ? __pfx_ocfs2_validate_inode_block+0x10/0x10 [ 77.633752][ T5831] ocfs2_get_clusters_nocache+0x1ad/0xbf0 [ 77.639481][ T5831] ? __pfx_ocfs2_get_clusters_nocache+0x10/0x10 [ 77.645727][ T5831] ? ocfs2_read_inode_block+0x14c/0x1e0 [ 77.651282][ T5831] ? __pfx_ocfs2_read_inode_block+0x10/0x10 [ 77.657182][ T5831] ? do_raw_spin_unlock+0x13c/0x8b0 [ 77.662400][ T5831] ocfs2_get_clusters+0x5bd/0xbd0 [ 77.667431][ T5831] ? __pfx_ocfs2_get_clusters+0x10/0x10 [ 77.673011][ T5831] ? mark_lock+0x9a/0x360 [ 77.677350][ T5831] ? __pfx_lock_acquire+0x10/0x10 [ 77.682382][ T5831] ? validate_chain+0x11e/0x5920 [ 77.687325][ T5831] ocfs2_extent_map_get_blocks+0x24c/0x7d0 [ 77.693136][ T5831] ? __pfx_ocfs2_extent_map_get_blocks+0x10/0x10 [ 77.699481][ T5831] ocfs2_read_virt_blocks+0x313/0xb20 [ 77.704948][ T5831] ? do_raw_spin_unlock+0x13c/0x8b0 [ 77.710156][ T5831] ? __pfx_ocfs2_validate_dir_block+0x10/0x10 [ 77.716226][ T5831] ? __pfx_ocfs2_read_virt_blocks+0x10/0x10 [ 77.722126][ T5831] ? __lock_acquire+0x1384/0x2050 [ 77.727157][ T5831] ? __pfx_validate_chain+0x10/0x10 [ 77.732361][ T5831] ocfs2_find_entry+0x43b/0x2780 [ 77.737313][ T5831] ? __pfx_ocfs2_find_entry+0x10/0x10 [ 77.742691][ T5831] ? __asan_memset+0x23/0x50 [ 77.747314][ T5831] ? lockdep_init_map_type+0xa1/0x910 [ 77.752710][ T5831] ? __pfx_register_lock_class+0x10/0x10 [ 77.758380][ T5831] ? mark_lock+0x9a/0x360 [ 77.762723][ T5831] ? __lock_acquire+0x1384/0x2050 [ 77.767760][ T5831] ? format_decode+0xc5f/0x1bb0 [ 77.772620][ T5831] ? __pfx_format_decode+0x10/0x10 [ 77.777737][ T5831] ? string+0x26a/0x2b0 [ 77.781900][ T5831] ? widen_string+0x3a/0x310 [ 77.786506][ T5831] ? string+0x26a/0x2b0 [ 77.790669][ T5831] ? vsnprintf+0x1ccd/0x1da0 [ 77.795268][ T5831] ocfs2_find_files_on_disk+0xff/0x360 [ 77.800743][ T5831] ocfs2_lookup_ino_from_name+0xb1/0x1e0 [ 77.806386][ T5831] ? __pfx_ocfs2_lookup_ino_from_name+0x10/0x10 [ 77.812635][ T5831] ? kasan_save_track+0x51/0x80 [ 77.817491][ T5831] ? kasan_save_track+0x3f/0x80 [ 77.822348][ T5831] ? __kasan_kmalloc+0x98/0xb0 [ 77.827116][ T5831] ? ocfs2_new_dlm_debug+0x97/0x200 [ 77.832314][ T5831] ocfs2_get_system_file_inode+0x305/0x7b0 [ 77.838122][ T5831] ? __pfx_ocfs2_get_system_file_inode+0x10/0x10 [ 77.844463][ T5831] ocfs2_init_global_system_inodes+0x32c/0x730 [ 77.850625][ T5831] ? __pfx_ocfs2_init_global_system_inodes+0x10/0x10 [ 77.857293][ T5831] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 77.862839][ T5831] ? ocfs2_new_dlm_debug+0xb5/0x200 [ 77.868054][ T5831] ? __pfx_ocfs2_new_dlm_debug+0x10/0x10 [ 77.873692][ T5831] ? rcu_is_watching+0x15/0xb0 [ 77.878457][ T5831] ? trace_ocfs2_initialize_super+0x9e/0x230 [ 77.884436][ T5831] ocfs2_fill_super+0x2f47/0x5750 [ 77.889465][ T5831] ? __pfx_ocfs2_fill_super+0x10/0x10 [ 77.894832][ T5831] ? __pfx_validate_chain+0x10/0x10 [ 77.900030][ T5831] ? __pfx_validate_chain+0x10/0x10 [ 77.905237][ T5831] ? preempt_count_add+0x93/0x190 [ 77.910264][ T5831] ? __pfx_validate_chain+0x10/0x10 [ 77.915462][ T5831] ? mark_lock+0x9a/0x360 [ 77.919789][ T5831] ? __lock_acquire+0x1384/0x2050 [ 77.924825][ T5831] ? validate_chain+0x11e/0x5920 [ 77.929769][ T5831] ? __lock_acquire+0x1384/0x2050 [ 77.934813][ T5831] ? __pfx_validate_chain+0x10/0x10 [ 77.940033][ T5831] ? string+0x26a/0x2b0 [ 77.944203][ T5831] ? widen_string+0x3a/0x310 [ 77.948803][ T5831] ? string+0x26a/0x2b0 [ 77.952973][ T5831] ? bdev_name+0x2b1/0x3c0 [ 77.957395][ T5831] ? pointer+0x703/0x1210 [ 77.961739][ T5831] ? __pfx_pointer+0x10/0x10 [ 77.966352][ T5831] ? __pfx_format_decode+0x10/0x10 [ 77.971478][ T5831] ? __lock_acquire+0x1384/0x2050 [ 77.976516][ T5831] ? vsnprintf+0x1ccd/0x1da0 [ 77.981128][ T5831] ? snprintf+0xda/0x120 [ 77.985380][ T5831] ? __pfx_lock_release+0x10/0x10 [ 77.990413][ T5831] ? do_raw_spin_lock+0x14f/0x370 [ 77.995443][ T5831] ? __pfx_snprintf+0x10/0x10 [ 78.000128][ T5831] ? set_blocksize+0x1f9/0x360 [ 78.004930][ T5831] ? sb_set_blocksize+0x98/0xf0 [ 78.009814][ T5831] ? setup_bdev_super+0x4e6/0x5d0 [ 78.014854][ T5831] mount_bdev+0x20a/0x2d0 [ 78.019198][ T5831] ? __pfx_ocfs2_fill_super+0x10/0x10 [ 78.024581][ T5831] ? __pfx_mount_bdev+0x10/0x10 [ 78.029444][ T5831] ? vfs_parse_fs_string+0x190/0x230 [ 78.034745][ T5831] ? __pfx_vfs_parse_fs_string+0x10/0x10 [ 78.040390][ T5831] legacy_get_tree+0xee/0x190 [ 78.045076][ T5831] ? __pfx_ocfs2_mount+0x10/0x10 [ 78.050015][ T5831] vfs_get_tree+0x90/0x2b0 [ 78.054442][ T5831] do_new_mount+0x2be/0xb40 [ 78.058956][ T5831] ? __pfx_do_new_mount+0x10/0x10 [ 78.063997][ T5831] __se_sys_mount+0x2d6/0x3c0 [ 78.068708][ T5831] ? __pfx___se_sys_mount+0x10/0x10 [ 78.073937][ T5831] ? do_syscall_64+0x100/0x230 [ 78.078721][ T5831] ? __x64_sys_mount+0x20/0xc0 [ 78.083506][ T5831] do_syscall_64+0xf3/0x230 [ 78.088020][ T5831] ? clear_bhb_loop+0x35/0x90 [ 78.092703][ T5831] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.098607][ T5831] RIP: 0033:0x7f8bd9eb9dea [ 78.103027][ T5831] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 78.122636][ T5831] RSP: 002b:00007fff38281748 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5 [ 78.131060][ T5831] RAX: ffffffffffffffda RBX: 00007fff38281760 RCX: 00007f8bd9eb9dea [ 78.139032][ T5831] RDX: 0000000020004440 RSI: 0000000020000780 RDI: 00007fff38281760 [ 78.147007][ T5831] RBP: 0000000000000004 R08: 00007fff382817a0 R09: 0000000000004444 [ 78.154977][ T5831] R10: 0000000001000000 R11: 0000000000000282 R12: 0000000001000000 [ 78.162945][ T5831] R13: 00007fff382817a0 R14: 0000000000000003 R15: 0000000001000000 [ 78.170920][ T5831] [ 78.174284][ T5831] Kernel Offset: disabled [ 78.178614][ T5831] Rebooting in 86400 seconds..