Warning: Permanently added '10.128.1.117' (ED25519) to the list of known hosts. executing program [ 43.448879][ T3965] loop0: detected capacity change from 0 to 512 [ 43.562411][ T3965] EXT4-fs (loop0): Unrecognized mount option "appraise" or missing value [ 43.829245][ T3965] loop0: detected capacity change from 0 to 32768 [ 43.913182][ T3965] gfs2: fsid=nobarrier: Trying to join cluster "lock_nolock", "nobarrier" [ 43.915389][ T3965] gfs2: fsid=nobarrier: Now mounting FS (format 0)... [ 43.924868][ T3965] gfs2: fsid=nobarrier.0: journal 0 mapped with 3 extents in 0ms [ 43.929881][ T7] gfs2: fsid=nobarrier.0: jid=0, already locked for use [ 43.931809][ T7] gfs2: fsid=nobarrier.0: jid=0: Looking at journal... [ 43.972545][ T7] gfs2: fsid=nobarrier.0: jid=0: Journal head lookup took 40ms [ 43.975766][ T7] gfs2: fsid=nobarrier.0: jid=0: Done [ 43.977238][ T3965] gfs2: fsid=nobarrier.0: first mount done, others may mount [ 44.059730][ T3965] gfs2: fsid=nobarrier.0: found 1 quota changes [ 44.074658][ T3965] ================================================================== [ 44.076805][ T3965] BUG: KASAN: stack-out-of-bounds in gfs2_file_buffered_write+0x4c8/0x874 [ 44.078969][ T3965] Read of size 8 at addr ffff80001c9c6fb0 by task syz-executor645/3965 [ 44.081052][ T3965] [ 44.081637][ T3965] CPU: 1 PID: 3965 Comm: syz-executor645 Not tainted 5.15.162-syzkaller #0 [ 44.083845][ T3965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 44.086309][ T3965] Call trace: [ 44.087179][ T3965] dump_backtrace+0x0/0x530 [ 44.088277][ T3965] show_stack+0x2c/0x3c [ 44.089264][ T3965] dump_stack_lvl+0x108/0x170 [ 44.090421][ T3965] print_address_description+0x7c/0x3f0 [ 44.091894][ T3965] kasan_report+0x174/0x1e4 [ 44.093003][ T3965] __asan_report_load8_noabort+0x44/0x50 [ 44.094396][ T3965] gfs2_file_buffered_write+0x4c8/0x874 [ 44.095815][ T3965] gfs2_file_write_iter+0x3b8/0xc80 [ 44.097215][ T3965] __kernel_write+0x488/0x8b0 [ 44.098377][ T3965] __dump_emit+0x200/0x338 [ 44.099480][ T3965] dump_emit+0x288/0x36c [ 44.100609][ T3965] elf_core_dump+0x2598/0x3640 [ 44.101800][ T3965] do_coredump+0x12c8/0x2890 [ 44.102944][ T3965] get_signal+0x3dc/0x1550 [ 44.104058][ T3965] do_notify_resume+0x320/0x32b8 [ 44.105323][ T3965] el0_da+0x118/0x20c [ 44.106320][ T3965] el0t_64_sync_handler+0xc0/0xe4 [ 44.107536][ T3965] el0t_64_sync+0x1a0/0x1a4 [ 44.108648][ T3965] [ 44.109246][ T3965] [ 44.109795][ T3965] addr ffff80001c9c6fb0 is located in stack of task syz-executor645/3965 at offset 48 in frame: [ 44.112405][ T3965] __kernel_write+0x0/0x8b0 [ 44.113574][ T3965] [ 44.114175][ T3965] this frame has 3 objects: [ 44.115316][ T3965] [32, 48) 'iov' [ 44.115326][ T3965] [64, 112) 'kiocb' [ 44.116186][ T3965] [144, 184) 'iter' [ 44.117145][ T3965] [ 44.118718][ T3965] Memory state around the buggy address: [ 44.120166][ T3965] ffff80001c9c6e80: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 [ 44.122145][ T3965] ffff80001c9c6f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 44.124085][ T3965] >ffff80001c9c6f80: f1 f1 f1 f1 00 00 f2 f2 00 00 00 00 00 00 f2 f2 [ 44.126071][ T3965] ^ [ 44.127484][ T3965] ffff80001c9c7000: f2 f2 00 00 00 00 00 f3 f3 f3 f3 f3 00 00 00 00 [ 44.129635][ T3965] ffff80001c9c7080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 44.131547][ T3965] ================================================================== [ 44.133458][ T3965] Disabling lock debugging due to kernel taint