Warning: Permanently added '10.128.1.154' (ED25519) to the list of known hosts.
Setting up swapspace version 1, size = 127995904 bytes
[   46.476144][ T4017] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SSFS
[   46.560737][ T4021] chnl_net:caif_netlink_parms(): no params data found
[   46.598542][ T4021] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.600260][ T4021] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.602711][ T4021] device bridge_slave_0 entered promiscuous mode
[   46.606637][ T4021] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.608256][ T4021] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.610140][ T4021] device bridge_slave_1 entered promiscuous mode
[   46.625964][ T4021] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.629877][ T4021] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.644220][ T4021] team0: Port device team_slave_0 added
[   46.648134][ T4021] team0: Port device team_slave_1 added
[   46.660704][ T4021] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.662391][ T4021] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.667801][ T4021] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.672158][ T4021] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.673701][ T4021] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.679092][ T4021] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.774090][ T4021] device hsr_slave_0 entered promiscuous mode
[   46.822095][ T4021] device hsr_slave_1 entered promiscuous mode
[   46.945832][ T4021] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   46.994575][ T4021] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   47.036218][ T4021] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   47.084067][ T4021] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   47.138292][ T4021] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.139991][ T4021] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.142138][ T4021] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.143655][ T4021] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.183669][ T4021] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.190447][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   47.195715][  T136] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.198835][  T136] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.201405][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   47.213461][ T4021] 8021q: adding VLAN 0 to HW filter on device team0
[   47.221220][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   47.224321][  T136] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.225913][  T136] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.230325][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   47.234172][  T136] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.235763][  T136] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.248118][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   47.250446][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   47.258276][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   47.264824][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   47.269904][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   47.277285][ T4021] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   47.289384][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   47.291129][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   47.299032][ T4021] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.313293][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   47.326215][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   47.329034][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   47.331144][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   47.335474][ T4021] device veth0_vlan entered promiscuous mode
[   47.341188][ T4021] device veth1_vlan entered promiscuous mode
[   47.356289][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   47.358675][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   47.360920][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   47.366521][ T4021] device veth0_macvtap entered promiscuous mode
[   47.370593][ T4021] device veth1_macvtap entered promiscuous mode
[   47.382894][ T4021] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.384743][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   47.387664][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   47.393152][ T4021] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.395328][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   47.399902][ T4021] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.402896][ T4021] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.404723][ T4021] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.406507][ T4021] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
executing program
[   47.610877][ T4021] loop0: detected capacity change from 0 to 32768
[   47.686834][ T4021] ==================================================================
[   47.688689][ T4021] BUG: KASAN: use-after-free in __ocfs2_find_path+0x1dc/0x6a8
[   47.690303][ T4021] Read of size 4 at addr ffff0000e31e2000 by task syz-executor172/4021
[   47.692210][ T4021] 
[   47.692737][ T4021] CPU: 0 PID: 4021 Comm: syz-executor172 Not tainted 5.15.167-syzkaller #0
[   47.694745][ T4021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   47.696965][ T4021] Call trace:
[   47.697692][ T4021]  dump_backtrace+0x0/0x530
[   47.698627][ T4021]  show_stack+0x2c/0x3c
[   47.699476][ T4021]  dump_stack_lvl+0x108/0x170
[   47.700594][ T4021]  print_address_description+0x7c/0x3f0
[   47.701991][ T4021]  kasan_report+0x174/0x1e4
[   47.703062][ T4021]  __asan_report_load4_noabort+0x44/0x50
[   47.704201][ T4021]  __ocfs2_find_path+0x1dc/0x6a8
[   47.705309][ T4021]  ocfs2_find_leaf+0xd0/0x218
[   47.706400][ T4021]  ocfs2_get_clusters_nocache+0x16c/0xa38
[   47.707676][ T4021]  ocfs2_get_clusters+0x448/0x964
[   47.708786][ T4021]  ocfs2_extent_map_get_blocks+0x1d8/0x650
[   47.709977][ T4021]  ocfs2_read_virt_blocks+0x2bc/0x960
[   47.711138][ T4021]  ocfs2_find_entry+0x3ac/0x2450
[   47.712153][ T4021]  ocfs2_find_files_on_disk+0x10c/0x3d0
[   47.713426][ T4021]  ocfs2_lookup_ino_from_name+0xb8/0x1d4
[   47.714659][ T4021]  ocfs2_get_system_file_inode+0x2c8/0x6b8
[   47.715913][ T4021]  ocfs2_init_global_system_inodes+0x2bc/0x618
[   47.717393][ T4021]  ocfs2_fill_super+0x394c/0x498c
[   47.718487][ T4021]  mount_bdev+0x274/0x370
[   47.719476][ T4021]  ocfs2_mount+0x44/0x58
[   47.720348][ T4021]  legacy_get_tree+0xd4/0x16c
[   47.721335][ T4021]  vfs_get_tree+0x90/0x274
[   47.722304][ T4021]  do_new_mount+0x278/0x8fc
[   47.723389][ T4021]  path_mount+0x594/0x101c
[   47.724347][ T4021]  __arm64_sys_mount+0x510/0x5e0
[   47.725329][ T4021]  invoke_syscall+0x98/0x2b8
[   47.726256][ T4021]  el0_svc_common+0x138/0x258
[   47.727233][ T4021]  do_el0_svc+0x58/0x14c
[   47.728142][ T4021]  el0_svc+0x7c/0x1f0
[   47.728945][ T4021]  el0t_64_sync_handler+0x84/0xe4
[   47.729980][ T4021]  el0t_64_sync+0x1a0/0x1a4
[   47.730896][ T4021] 
[   47.731443][ T4021] The buggy address belongs to the page:
[   47.732619][ T4021] page:0000000004f9000d refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x1231e2
[   47.734807][ T4021] flags: 0x5ffc00000000000(node=0|zone=2|lastcpupid=0x7ff)
[   47.736301][ T4021] raw: 05ffc00000000000 fffffc00038c78c8 ffff0001b41a6520 0000000000000000
[   47.738104][ T4021] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   47.740009][ T4021] page dumped because: kasan: bad access detected
[   47.741358][ T4021] 
[   47.741880][ T4021] Memory state around the buggy address:
[   47.743025][ T4021]  ffff0000e31e1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.744739][ T4021]  ffff0000e31e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.746462][ T4021] >ffff0000e31e2000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   47.748180][ T4021]                    ^
[   47.749099][ T4021]  ffff0000e31e2080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   47.750759][ T4021]  ffff0000e31e2100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   47.752402][ T4021] ==================================================================
[   47.754038][ T4021] Disabling lock debugging due to kernel taint
[   47.759783][ T4021] OCFS2: ERROR (device loop0): int __ocfs2_find_path(struct ocfs2_caching_info *, struct ocfs2_extent_list *, u32, path_insert_t *, void *): Owner 66 has bad blkno in extent list at depth 65533 (index 65534)
[   47.764662][ T4021] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[   47.766585][ T4021] OCFS2: File system is now read-only.
[   47.767911][ T4021] (syz-executor172,4021,0):ocfs2_find_leaf:1933 ERROR: status = -30
[   47.769553][ T4021] (syz-executor172,4021,0):ocfs2_get_clusters_nocache:421 ERROR: status = -30
[   47.771313][ T4021] (syz-executor172,4021,0):ocfs2_get_clusters:624 ERROR: status = -30
[   47.773402][ T4021] (syz-executor172,4021,0):ocfs2_extent_map_get_blocks:671 ERROR: status = -30
[   47.775277][ T4021] (syz-executor172,4021,0):ocfs2_read_virt_blocks:981 ERROR: status = -30
[   47.776981][ T4021] (syz-executor172,4021,0):ocfs2_read_dir_block:511 ERROR: status = -30
[   47.778869][ T4021] (syz-executor172,4021,0):ocfs2_init_global_system_inodes:462 ERROR: status = -30
[   47.780924][ T4021] (syz-executor172,4021,0):ocfs2_init_global_system_inodes:464 ERROR: Unable to load system inode 1, possibly corrupt fs?
[   47.780948][ T4021] (syz-executor172,4021,0):ocfs2_init_global_system_inodes:473 ERROR: status = -30
[   47.786052][ T4021] (syz-executor172,4021,0):ocfs2_initialize_super:2278 ERROR: status = -30
[   47.787927][ T4021] (syz-executor172,4021,0):ocfs2_fill_super:1177 ERROR: status = -30