Warning: Permanently added '10.128.0.172' (ED25519) to the list of known hosts.
executing program
[ 54.919704][ T4163] loop0: detected capacity change from 0 to 32768
[ 54.984462][ T4163] =======================================================
[ 54.984462][ T4163] WARNING: The mand mount option has been deprecated and
[ 54.984462][ T4163] and is ignored by this kernel. Remove the mand
[ 54.984462][ T4163] option from the mount to silence this warning.
[ 54.984462][ T4163] =======================================================
[ 55.053914][ T4163] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[ 55.070924][ T4163] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 55.087827][ T4163] OCFS2: ERROR (device loop0): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #0 has bad signature �������
[ 55.103558][ T4163] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[ 55.113420][ T4163] OCFS2: File system is now read-only.
[ 55.118890][ T4163] (syz-executor830,4163,1):ocfs2_search_chain:1761 ERROR: status = -30
[ 55.127465][ T4163] (syz-executor830,4163,1):ocfs2_search_chain:1871 ERROR: status = -30
[ 55.135766][ T4163] (syz-executor830,4163,1):ocfs2_claim_suballoc_bits:1940 ERROR: status = -30
[ 55.144688][ T4163] (syz-executor830,4163,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30
[ 55.153587][ T4163] (syz-executor830,4163,1):__ocfs2_claim_clusters:2355 ERROR: status = -30
[ 55.162170][ T4163] (syz-executor830,4163,1):__ocfs2_claim_clusters:2363 ERROR: status = -30
[ 55.170826][ T4163] (syz-executor830,4163,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -30
[ 55.179969][ T4163] (syz-executor830,4163,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -30
[ 55.189124][ T4163] (syz-executor830,4163,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -30
[ 55.198579][ T4163] (syz-executor830,4163,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -30
[ 55.208015][ T4163] (syz-executor830,4163,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -30
[ 55.217248][ T4163] (syz-executor830,4163,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -30
[ 55.226649][ T4163] (syz-executor830,4163,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -30
[ 55.236269][ T4163] (syz-executor830,4163,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -30
[ 55.245869][ T4163] (syz-executor830,4163,1):ocfs2_mknod:357 ERROR: status = -30
[ 55.253961][ T4163] (syz-executor830,4163,1):ocfs2_mknod:502 ERROR: status = -30
[ 55.261633][ T4163] (syz-executor830,4163,1):ocfs2_mkdir:659 ERROR: status = -30
[ 55.282052][ T4162] ocfs2: Unmounting device (7,0) on (node local)
executing program
[ 55.543053][ T4168] loop0: detected capacity change from 0 to 32768
[ 55.627846][ T4168] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[ 55.641531][ T4168] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 55.654185][ T4168] ==================================================================
[ 55.662441][ T4168] BUG: KASAN: use-after-free in ocfs2_claim_suballoc_bits+0xfb5/0x24b0
[ 55.670701][ T4168] Read of size 4 at addr ffff88806ea58000 by task syz-executor830/4168
[ 55.678933][ T4168]
[ 55.681282][ T4168] CPU: 1 PID: 4168 Comm: syz-executor830 Not tainted 5.15.179-syzkaller #0
[ 55.689869][ T4168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 55.699926][ T4168] Call Trace:
[ 55.703204][ T4168]
[ 55.706139][ T4168] dump_stack_lvl+0x1e3/0x2d0
[ 55.710829][ T4168] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 55.716473][ T4168] ? _printk+0xd1/0x120
[ 55.720628][ T4168] ? __wake_up_klogd+0xcc/0x100
[ 55.725563][ T4168] ? panic+0x860/0x860
[ 55.729624][ T4168] ? _raw_spin_lock_irqsave+0xdd/0x120
[ 55.735080][ T4168] print_address_description+0x63/0x3b0
[ 55.740623][ T4168] ? ocfs2_claim_suballoc_bits+0xfb5/0x24b0
[ 55.746511][ T4168] kasan_report+0x16b/0x1c0
[ 55.751101][ T4168] ? ocfs2_claim_suballoc_bits+0xfb5/0x24b0
[ 55.756996][ T4168] ocfs2_claim_suballoc_bits+0xfb5/0x24b0
[ 55.762753][ T4168] ? ocfs2_claim_metadata+0x560/0x560
[ 55.768192][ T4168] ? jbd2_journal_dirty_metadata+0x6d8/0xbf0
[ 55.774181][ T4168] ? __lock_acquire+0x1ff0/0x1ff0
[ 55.779348][ T4168] ? __jbd2_journal_temp_unlink_buffer+0x3fb/0x4d0
[ 55.785894][ T4168] __ocfs2_claim_clusters+0x327/0xa30
[ 55.791318][ T4168] ? _raw_spin_unlock+0x24/0x40
[ 55.796188][ T4168] ? ocfs2_which_cluster_group+0x1e0/0x1e0
[ 55.802040][ T4168] ? ocfs2_shutdown_local_alloc+0xa90/0xa90
[ 55.807941][ T4168] ? __kmalloc_track_caller+0x166/0x300
[ 55.813494][ T4168] ? ocfs2_reserve_local_alloc_bits+0xd1f/0x27a0
[ 55.819831][ T4168] ? kmemdup+0x3c/0x50
[ 55.823918][ T4168] ? ocfs2_claim_clusters+0x2a/0xb0
[ 55.829138][ T4168] ocfs2_reserve_local_alloc_bits+0x1411/0x27a0
[ 55.835403][ T4168] ? ocfs2_complete_local_alloc_recovery+0x620/0x620
[ 55.842094][ T4168] ? read_lock_is_recursive+0x10/0x10
[ 55.847464][ T4168] ? ocfs2_alloc_should_use_local+0x13a/0x2e0
[ 55.853528][ T4168] ? __lock_acquire+0x1ff0/0x1ff0
[ 55.858557][ T4168] ? do_raw_spin_lock+0x14a/0x370
[ 55.863620][ T4168] ? do_raw_spin_unlock+0x137/0x8b0
[ 55.868833][ T4168] ? _raw_spin_unlock+0x24/0x40
[ 55.873693][ T4168] ? ocfs2_alloc_should_use_local+0x13a/0x2e0
[ 55.879793][ T4168] ocfs2_reserve_clusters_with_limit+0x1b4/0xb50
[ 55.886137][ T4168] ? ocfs2_reserve_new_metadata_blocks+0x113/0x9b0
[ 55.892646][ T4168] ? ocfs2_reserve_clusters+0x30/0x30
[ 55.898284][ T4168] ? ocfs2_reserve_new_metadata_blocks+0x546/0x9b0
[ 55.904798][ T4168] ? ocfs2_init_steal_slots+0x150/0x150
[ 55.910348][ T4168] ? ocfs2_calc_security_init+0x610/0x610
[ 55.916062][ T4168] ? validate_chain+0x112/0x5930
[ 55.921001][ T4168] ? ocfs2_init_security_get+0x9a/0x190
[ 55.926547][ T4168] ocfs2_mknod+0x1535/0x2cd0
[ 55.931155][ T4168] ? ocfs2_mkdir+0x430/0x430
[ 55.935739][ T4168] ? mark_lock+0x98/0x340
[ 55.940067][ T4168] ? __lock_acquire+0x1295/0x1ff0
[ 55.945096][ T4168] ? mark_lock+0x98/0x340
[ 55.949462][ T4168] ? read_lock_is_recursive+0x10/0x10
[ 55.954854][ T4168] ? ocfs2_inode_unlock_tracker+0x236/0x2a0
[ 55.960759][ T4168] ? __lock_acquire+0x1ff0/0x1ff0
[ 55.965779][ T4168] ? do_raw_spin_lock+0x14a/0x370
[ 55.970821][ T4168] ? do_raw_spin_unlock+0x137/0x8b0
[ 55.976013][ T4168] ? privileged_wrt_inode_uidgid+0x210/0x260
[ 55.981993][ T4168] ? _raw_spin_unlock+0x24/0x40
[ 55.986848][ T4168] ? put_pid+0xd8/0x120
[ 55.991000][ T4168] ? ocfs2_permission+0xfb/0x1b0
[ 55.995939][ T4168] ocfs2_mkdir+0x194/0x430
[ 56.000357][ T4168] ? ocfs2_symlink+0x2e20/0x2e20
[ 56.005313][ T4168] ? HAS_UNMAPPED_ID+0x1ef/0x240
[ 56.010266][ T4168] ? inode_permission+0xf7/0x450
[ 56.015228][ T4168] ? ocfs2_getattr+0x380/0x380
[ 56.019997][ T4168] ? bpf_lsm_inode_mkdir+0x5/0x10
[ 56.025017][ T4168] ? security_inode_mkdir+0xb4/0x100
[ 56.030317][ T4168] vfs_mkdir+0x3b6/0x590
[ 56.034562][ T4168] do_mkdirat+0x260/0x520
[ 56.038885][ T4168] ? vfs_mkdir+0x590/0x590
[ 56.043294][ T4168] ? getname_flags+0x1ec/0x4e0
[ 56.048059][ T4168] __x64_sys_mkdirat+0x85/0x90
[ 56.052821][ T4168] do_syscall_64+0x3b/0xb0
[ 56.057250][ T4168] ? clear_bhb_loop+0x15/0x70
[ 56.061923][ T4168] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 56.067813][ T4168] RIP: 0033:0x7f94713cb129
[ 56.072223][ T4168] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 56.091845][ T4168] RSP: 002b:00007ffd77634438 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 56.100288][ T4168] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f94713cb129
[ 56.108267][ T4168] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 00000000ffffff9c
[ 56.116254][ T4168] RBP: 0000000000000004 R08: 0000000000004458 R09: 0000000000000000
[ 56.124224][ T4168] R10: 00007ffd776344d0 R11: 0000000000000246 R12: 0000000001000000
[ 56.132195][ T4168] R13: 00007ffd776344d0 R14: 0000200000000240 R15: 0000000000000003
[ 56.140176][ T4168]
[ 56.143192][ T4168]
[ 56.145526][ T4168] The buggy address belongs to the page:
[ 56.151148][ T4168] page:ffffea0001ba9600 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6ea58
[ 56.161324][ T4168] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 56.168554][ T4168] raw: 00fff00000000000 ffffea0001ba9648 ffffea0001ba95c8 0000000000000000
[ 56.177282][ T4168] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[ 56.185862][ T4168] page dumped because: kasan: bad access detected
[ 56.192277][ T4168] page_owner tracks the page as freed
[ 56.197635][ T4168] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100cca(GFP_HIGHUSER_MOVABLE), pid 4163, ts 54889812237, free_ts 55378275758
[ 56.212212][ T4168] get_page_from_freelist+0x3b78/0x3d40
[ 56.217760][ T4168] __alloc_pages+0x272/0x700
[ 56.222438][ T4168] alloc_pages_vma+0x39a/0x800
[ 56.227222][ T4168] shmem_alloc_and_acct_page+0x4d1/0xd10
[ 56.232857][ T4168] shmem_getpage_gfp+0x17b1/0x3190
[ 56.237974][ T4168] shmem_write_begin+0xce/0x1a0
[ 56.242827][ T4168] generic_perform_write+0x2bf/0x5b0
[ 56.248127][ T4168] __generic_file_write_iter+0x243/0x4f0
[ 56.253758][ T4168] generic_file_write_iter+0xa7/0x1b0
[ 56.259126][ T4168] vfs_write+0xacd/0xe50
[ 56.263368][ T4168] ksys_write+0x1a2/0x2c0
[ 56.267695][ T4168] do_syscall_64+0x3b/0xb0
[ 56.272101][ T4168] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 56.277984][ T4168] page last free stack trace:
[ 56.282646][ T4168] free_unref_page_prepare+0xc34/0xcf0
[ 56.288099][ T4168] free_unref_page_list+0x1f7/0x8e0
[ 56.293291][ T4168] release_pages+0x1bb9/0x1f40
[ 56.298048][ T4168] __pagevec_release+0x80/0xf0
[ 56.302806][ T4168] shmem_undo_range+0x67a/0x1b50
[ 56.307748][ T4168] shmem_evict_inode+0x21b/0xa00
[ 56.312677][ T4168] evict+0x529/0x930
[ 56.316586][ T4168] __dentry_kill+0x436/0x650
[ 56.321188][ T4168] dentry_kill+0xbb/0x290
[ 56.325517][ T4168] dput+0xd8/0x1a0
[ 56.329234][ T4168] __fput+0x636/0x8e0
[ 56.333208][ T4168] task_work_run+0x129/0x1a0
[ 56.337809][ T4168] exit_to_user_mode_loop+0x106/0x130
[ 56.343213][ T4168] exit_to_user_mode_prepare+0xb1/0x140
[ 56.348752][ T4168] syscall_exit_to_user_mode+0x5d/0x240
[ 56.354288][ T4168] do_syscall_64+0x47/0xb0
[ 56.358732][ T4168]
[ 56.361045][ T4168] Memory state around the buggy address:
[ 56.366660][ T4168] ffff88806ea57f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 56.374712][ T4168] ffff88806ea57f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 56.382803][ T4168] >ffff88806ea58000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 56.390880][ T4168] ^
[ 56.395120][ T4168] ffff88806ea58080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 56.403180][ T4168] ffff88806ea58100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 56.411238][ T4168] ==================================================================
[ 56.419291][ T4168] Disabling lock debugging due to kernel taint
[ 56.425659][ T4168] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 56.432864][ T4168] CPU: 1 PID: 4168 Comm: syz-executor830 Tainted: G B 5.15.179-syzkaller #0
[ 56.442852][ T4168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 56.452911][ T4168] Call Trace:
[ 56.456181][ T4168]
[ 56.459108][ T4168] dump_stack_lvl+0x1e3/0x2d0
[ 56.463789][ T4168] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 56.469445][ T4168] ? panic+0x860/0x860
[ 56.473506][ T4168] ? rcu_is_watching+0x11/0xa0
[ 56.478286][ T4168] ? preempt_schedule_common+0xa6/0xd0
[ 56.483744][ T4168] panic+0x318/0x860
[ 56.487631][ T4168] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 56.493778][ T4168] ? check_panic_on_warn+0x1d/0xa0
[ 56.498901][ T4168] ? fb_is_primary_device+0xd0/0xd0
[ 56.504097][ T4168] ? _raw_spin_unlock_irqrestore+0x128/0x130
[ 56.510077][ T4168] ? _raw_spin_unlock+0x40/0x40
[ 56.514938][ T4168] check_panic_on_warn+0x7e/0xa0
[ 56.519871][ T4168] ? ocfs2_claim_suballoc_bits+0xfb5/0x24b0
[ 56.525755][ T4168] end_report+0x6d/0xf0
[ 56.529902][ T4168] kasan_report+0x18e/0x1c0
[ 56.534397][ T4168] ? ocfs2_claim_suballoc_bits+0xfb5/0x24b0
[ 56.540285][ T4168] ocfs2_claim_suballoc_bits+0xfb5/0x24b0
[ 56.546025][ T4168] ? ocfs2_claim_metadata+0x560/0x560
[ 56.551395][ T4168] ? jbd2_journal_dirty_metadata+0x6d8/0xbf0
[ 56.557366][ T4168] ? __lock_acquire+0x1ff0/0x1ff0
[ 56.562383][ T4168] ? __jbd2_journal_temp_unlink_buffer+0x3fb/0x4d0
[ 56.568889][ T4168] __ocfs2_claim_clusters+0x327/0xa30
[ 56.574260][ T4168] ? _raw_spin_unlock+0x24/0x40
[ 56.579121][ T4168] ? ocfs2_which_cluster_group+0x1e0/0x1e0
[ 56.584923][ T4168] ? ocfs2_shutdown_local_alloc+0xa90/0xa90
[ 56.590807][ T4168] ? __kmalloc_track_caller+0x166/0x300
[ 56.596343][ T4168] ? ocfs2_reserve_local_alloc_bits+0xd1f/0x27a0
[ 56.602660][ T4168] ? kmemdup+0x3c/0x50
[ 56.606728][ T4168] ? ocfs2_claim_clusters+0x2a/0xb0
[ 56.611924][ T4168] ocfs2_reserve_local_alloc_bits+0x1411/0x27a0
[ 56.618169][ T4168] ? ocfs2_complete_local_alloc_recovery+0x620/0x620
[ 56.624847][ T4168] ? read_lock_is_recursive+0x10/0x10
[ 56.630211][ T4168] ? ocfs2_alloc_should_use_local+0x13a/0x2e0
[ 56.636271][ T4168] ? __lock_acquire+0x1ff0/0x1ff0
[ 56.641294][ T4168] ? do_raw_spin_lock+0x14a/0x370
[ 56.646324][ T4168] ? do_raw_spin_unlock+0x137/0x8b0
[ 56.651523][ T4168] ? _raw_spin_unlock+0x24/0x40
[ 56.656379][ T4168] ? ocfs2_alloc_should_use_local+0x13a/0x2e0
[ 56.662621][ T4168] ocfs2_reserve_clusters_with_limit+0x1b4/0xb50
[ 56.668948][ T4168] ? ocfs2_reserve_new_metadata_blocks+0x113/0x9b0
[ 56.675535][ T4168] ? ocfs2_reserve_clusters+0x30/0x30
[ 56.680902][ T4168] ? ocfs2_reserve_new_metadata_blocks+0x546/0x9b0
[ 56.687407][ T4168] ? ocfs2_init_steal_slots+0x150/0x150
[ 56.692976][ T4168] ? ocfs2_calc_security_init+0x610/0x610
[ 56.698693][ T4168] ? validate_chain+0x112/0x5930
[ 56.703621][ T4168] ? ocfs2_init_security_get+0x9a/0x190
[ 56.709160][ T4168] ocfs2_mknod+0x1535/0x2cd0
[ 56.713768][ T4168] ? ocfs2_mkdir+0x430/0x430
[ 56.718348][ T4168] ? mark_lock+0x98/0x340
[ 56.722669][ T4168] ? __lock_acquire+0x1295/0x1ff0
[ 56.727704][ T4168] ? mark_lock+0x98/0x340
[ 56.732301][ T4168] ? read_lock_is_recursive+0x10/0x10
[ 56.737842][ T4168] ? ocfs2_inode_unlock_tracker+0x236/0x2a0
[ 56.743772][ T4168] ? __lock_acquire+0x1ff0/0x1ff0
[ 56.748799][ T4168] ? do_raw_spin_lock+0x14a/0x370
[ 56.753824][ T4168] ? do_raw_spin_unlock+0x137/0x8b0
[ 56.759020][ T4168] ? privileged_wrt_inode_uidgid+0x210/0x260
[ 56.765003][ T4168] ? _raw_spin_unlock+0x24/0x40
[ 56.769864][ T4168] ? put_pid+0xd8/0x120
[ 56.774034][ T4168] ? ocfs2_permission+0xfb/0x1b0
[ 56.778969][ T4168] ocfs2_mkdir+0x194/0x430
[ 56.783379][ T4168] ? ocfs2_symlink+0x2e20/0x2e20
[ 56.788313][ T4168] ? HAS_UNMAPPED_ID+0x1ef/0x240
[ 56.793260][ T4168] ? inode_permission+0xf7/0x450
[ 56.798329][ T4168] ? ocfs2_getattr+0x380/0x380
[ 56.803101][ T4168] ? bpf_lsm_inode_mkdir+0x5/0x10
[ 56.808129][ T4168] ? security_inode_mkdir+0xb4/0x100
[ 56.813447][ T4168] vfs_mkdir+0x3b6/0x590
[ 56.817689][ T4168] do_mkdirat+0x260/0x520
[ 56.822010][ T4168] ? vfs_mkdir+0x590/0x590
[ 56.826417][ T4168] ? getname_flags+0x1ec/0x4e0
[ 56.831178][ T4168] __x64_sys_mkdirat+0x85/0x90
[ 56.835944][ T4168] do_syscall_64+0x3b/0xb0
[ 56.840354][ T4168] ? clear_bhb_loop+0x15/0x70
[ 56.845021][ T4168] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 56.850909][ T4168] RIP: 0033:0x7f94713cb129
[ 56.855320][ T4168] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 56.874920][ T4168] RSP: 002b:00007ffd77634438 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 56.883331][ T4168] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f94713cb129
[ 56.891359][ T4168] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 00000000ffffff9c
[ 56.899336][ T4168] RBP: 0000000000000004 R08: 0000000000004458 R09: 0000000000000000
[ 56.907378][ T4168] R10: 00007ffd776344d0 R11: 0000000000000246 R12: 0000000001000000
[ 56.915383][ T4168] R13: 00007ffd776344d0 R14: 0000200000000240 R15: 0000000000000003
[ 56.923489][ T4168]
[ 56.926860][ T4168] Kernel Offset: disabled
[ 56.931199][ T4168] Rebooting in 86400 seconds..