Warning: Permanently added '10.128.1.22' (ED25519) to the list of known hosts.
executing program
[   38.786208][ T4292] loop0: detected capacity change from 0 to 32768
[   38.809490][ T4292] ==================================================================
[   38.811174][ T4292] BUG: KASAN: slab-out-of-bounds in dtSearch+0x131c/0x1f34
[   38.812624][ T4292] Read of size 1 at addr ffff0000e444c058 by task syz-executor210/4292
[   38.814391][ T4292] 
[   38.814957][ T4292] CPU: 0 PID: 4292 Comm: syz-executor210 Not tainted 6.1.119-syzkaller #0
[   38.816786][ T4292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   38.818956][ T4292] Call trace:
[   38.819641][ T4292]  dump_backtrace+0x1c8/0x1f4
[   38.820682][ T4292]  show_stack+0x2c/0x3c
[   38.821578][ T4292]  dump_stack_lvl+0x108/0x170
[   38.822525][ T4292]  print_report+0x174/0x4c0
[   38.823456][ T4292]  kasan_report+0xd4/0x130
[   38.824329][ T4292]  __asan_report_load1_noabort+0x2c/0x38
[   38.825485][ T4292]  dtSearch+0x131c/0x1f34
[   38.826382][ T4292]  jfs_lookup+0x164/0x39c
[   38.827278][ T4292]  lookup_one_qstr_excl+0x108/0x230
[   38.828377][ T4292]  do_renameat2+0x558/0xe64
[   38.829450][ T4292]  __arm64_sys_renameat2+0xe0/0xfc
[   38.830576][ T4292]  invoke_syscall+0x98/0x2bc
[   38.831430][ T4292]  el0_svc_common+0x138/0x258
[   38.832460][ T4292]  do_el0_svc+0x58/0x13c
[   38.833373][ T4292]  el0_svc+0x58/0x168
[   38.834175][ T4292]  el0t_64_sync_handler+0x84/0xf0
[   38.835272][ T4292]  el0t_64_sync+0x18c/0x190
[   38.836229][ T4292] 
[   38.836698][ T4292] Allocated by task 4292:
[   38.837646][ T4292]  kasan_set_track+0x4c/0x80
[   38.838713][ T4292]  kasan_save_alloc_info+0x24/0x30
[   38.839816][ T4292]  __kasan_slab_alloc+0x74/0x8c
[   38.840868][ T4292]  slab_post_alloc_hook+0x74/0x458
[   38.841905][ T4292]  kmem_cache_alloc_lru+0x1ac/0x2f8
[   38.843061][ T4292]  jfs_alloc_inode+0x2c/0x68
[   38.843963][ T4292]  new_inode_pseudo+0x68/0x1d0
[   38.844951][ T4292]  new_inode+0x38/0x174
[   38.845840][ T4292]  ialloc+0x58/0x7c0
[   38.846646][ T4292]  jfs_create+0x190/0xa1c
[   38.847582][ T4292]  path_openat+0xeac/0x2548
[   38.848502][ T4292]  do_filp_open+0x1bc/0x3cc
[   38.849458][ T4292]  do_sys_openat2+0x128/0x3e0
[   38.850459][ T4292]  __arm64_sys_openat+0x1f0/0x240
[   38.851481][ T4292]  invoke_syscall+0x98/0x2bc
[   38.852439][ T4292]  el0_svc_common+0x138/0x258
[   38.853384][ T4292]  do_el0_svc+0x58/0x13c
[   38.854302][ T4292]  el0_svc+0x58/0x168
[   38.855128][ T4292]  el0t_64_sync_handler+0x84/0xf0
[   38.856086][ T4292]  el0t_64_sync+0x18c/0x190
[   38.856952][ T4292] 
[   38.857427][ T4292] The buggy address belongs to the object at ffff0000e444b780
[   38.857427][ T4292]  which belongs to the cache jfs_ip of size 2240
[   38.860251][ T4292] The buggy address is located 24 bytes to the right of
[   38.860251][ T4292]  2240-byte region [ffff0000e444b780, ffff0000e444c040)
[   38.863165][ T4292] 
[   38.863619][ T4292] The buggy address belongs to the physical page:
[   38.864946][ T4292] page:00000000b93e31dd refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x124448
[   38.867140][ T4292] head:00000000b93e31dd order:3 compound_mapcount:0 compound_pincount:0
[   38.868926][ T4292] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[   38.870658][ T4292] raw: 05ffc00000010200 0000000000000000 dead000000000122 ffff0000c6dbad80
[   38.872520][ T4292] raw: 0000000000000000 00000000800d000d 00000001ffffffff 0000000000000000
[   38.874278][ T4292] page dumped because: kasan: bad access detected
[   38.875612][ T4292] 
[   38.876113][ T4292] Memory state around the buggy address:
[   38.877262][ T4292]  ffff0000e444bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.879016][ T4292]  ffff0000e444bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.880603][ T4292] >ffff0000e444c000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   38.882128][ T4292]                                                     ^
[   38.883654][ T4292]  ffff0000e444c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   38.885219][ T4292]  ffff0000e444c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   38.886900][ T4292] ==================================================================
[   38.888852][ T4292] Disabling lock debugging due to kernel taint
[   38.890155][ T4292] ERROR: (device loop0): dtSearch: stack overrun!
[   38.890155][ T4292] 
[   38.892220][ T4292] ERROR: (device loop0): remounting filesystem as read-only
[   38.893560][ T4292] btstack dump:
[   38.894230][ T4292] bn = 0, index = 0
[   38.894942][ T4292] bn = 0, index = 0
[   38.895723][ T4292] bn = 0, index = 0
[   38.896436][ T4292] bn = 0, index = 0
[   38.897210][ T4292] bn = 0, index = 0
[   38.898115][ T4292] bn = 0, index = 0
[   38.898916][ T4292] bn = 0, index = 0
[   38.899610][ T4292] bn = 0, index = 0
[   38.900323][ T4292] jfs_lookup: dtSearch returned -5