Warning: Permanently added '10.128.1.117' (ED25519) to the list of known hosts.
executing program
[ 62.928710][ T4162] loop0: detected capacity change from 0 to 32768
[ 63.035397][ T4162] (syz-executor348,4162,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 63.051270][ T4162] (syz-executor348,4162,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 63.072369][ T4162] (syz-executor348,4162,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC.
[ 63.089370][ T4162] JBD2: Ignoring recovery information on journal
[ 63.118373][ T4162] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 63.158344][ T4162] ==================================================================
[ 63.166595][ T4162] BUG: KASAN: use-after-free in ocfs2_lock_global_qf+0xb4/0x2a0
[ 63.174284][ T4162] Read of size 8 at addr ffff888146fa4828 by task syz-executor348/4162
[ 63.182615][ T4162]
[ 63.184962][ T4162] CPU: 0 PID: 4162 Comm: syz-executor348 Not tainted 5.15.176-syzkaller #0
[ 63.193626][ T4162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 63.203686][ T4162] Call Trace:
[ 63.206963][ T4162]
[ 63.209883][ T4162] dump_stack_lvl+0x1e3/0x2d0
[ 63.214568][ T4162] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 63.220281][ T4162] ? _printk+0xd1/0x120
[ 63.224453][ T4162] ? __wake_up_klogd+0xcc/0x100
[ 63.229302][ T4162] ? panic+0x860/0x860
[ 63.233377][ T4162] ? _raw_spin_lock_irqsave+0xdd/0x120
[ 63.238861][ T4162] print_address_description+0x63/0x3b0
[ 63.244405][ T4162] ? ocfs2_lock_global_qf+0xb4/0x2a0
[ 63.249688][ T4162] kasan_report+0x16b/0x1c0
[ 63.254187][ T4162] ? ocfs2_lock_global_qf+0xb4/0x2a0
[ 63.259477][ T4162] ocfs2_lock_global_qf+0xb4/0x2a0
[ 63.264610][ T4162] ? lock_buffer+0x80/0x80
[ 63.269047][ T4162] ocfs2_get_next_id+0x21c/0x710
[ 63.274155][ T4162] ? ocfs2_write_info+0x3a0/0x3a0
[ 63.279190][ T4162] ? from_kgid+0x1a3/0x730
[ 63.283744][ T4162] ? make_kgid+0x6f0/0x6f0
[ 63.288179][ T4162] dquot_get_next_dqblk+0x6e/0x3a0
[ 63.293335][ T4162] quota_getnextquota+0x2bc/0x6b0
[ 63.298374][ T4162] ? quota_getquota+0x6d0/0x6d0
[ 63.303226][ T4162] ? read_lock_is_recursive+0x10/0x10
[ 63.308674][ T4162] ? bpf_lsm_capable+0x5/0x10
[ 63.313363][ T4162] ? security_capable+0x86/0xb0
[ 63.318221][ T4162] ? bpf_lsm_quotactl+0x5/0x10
[ 63.322986][ T4162] ? security_quotactl+0x86/0xb0
[ 63.327921][ T4162] ? do_quotactl+0x508/0x6c0
[ 63.332512][ T4162] __se_sys_quotactl+0x2b1/0x770
[ 63.337446][ T4162] ? __lock_acquire+0x1ff0/0x1ff0
[ 63.342515][ T4162] ? __x64_sys_quotactl+0xa0/0xa0
[ 63.347531][ T4162] ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 63.353539][ T4162] ? print_irqtrace_events+0x210/0x210
[ 63.359089][ T4162] ? vtime_user_exit+0x2d1/0x400
[ 63.364030][ T4162] ? syscall_enter_from_user_mode+0x2e/0x240
[ 63.370105][ T4162] ? lockdep_hardirqs_on+0x94/0x130
[ 63.375308][ T4162] ? syscall_enter_from_user_mode+0x2e/0x240
[ 63.381404][ T4162] do_syscall_64+0x3b/0xb0
[ 63.385821][ T4162] ? clear_bhb_loop+0x15/0x70
[ 63.390573][ T4162] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 63.396478][ T4162] RIP: 0033:0x7f9ff2699b99
[ 63.400904][ T4162] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 63.420600][ T4162] RSP: 002b:00007ffddeec7a58 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[ 63.429042][ T4162] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9ff2699b99
[ 63.437008][ T4162] RDX: 000000000000ee01 RSI: 00000000200080c0 RDI: ffffffff80000901
[ 63.444976][ T4162] RBP: 00007f9ff27115f0 R08: 0000000020000c40 R09: 0000555565bbd4c0
[ 63.452954][ T4162] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffddeec7a80
[ 63.461091][ T4162] R13: 00007ffddeec7ca8 R14: 431bde82d7b634db R15: 00007f9ff26e203b
[ 63.469084][ T4162]
[ 63.472105][ T4162]
[ 63.474421][ T4162] Allocated by task 4162:
[ 63.478738][ T4162] ____kasan_kmalloc+0xba/0xf0
[ 63.483519][ T4162] kmem_cache_alloc_trace+0x143/0x290
[ 63.488890][ T4162] ocfs2_local_read_info+0x1ea/0x19e0
[ 63.494255][ T4162] dquot_load_quota_sb+0x754/0xb90
[ 63.499389][ T4162] dquot_load_quota_inode+0x318/0x600
[ 63.504752][ T4162] ocfs2_enable_quotas+0x221/0x440
[ 63.510031][ T4162] ocfs2_fill_super+0x4423/0x5890
[ 63.515084][ T4162] mount_bdev+0x2c9/0x3f0
[ 63.519406][ T4162] legacy_get_tree+0xeb/0x180
[ 63.524507][ T4162] vfs_get_tree+0x88/0x270
[ 63.528914][ T4162] do_new_mount+0x2ba/0xb40
[ 63.533413][ T4162] __se_sys_mount+0x2d5/0x3c0
[ 63.538099][ T4162] do_syscall_64+0x3b/0xb0
[ 63.542506][ T4162] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 63.548573][ T4162]
[ 63.550891][ T4162] Freed by task 4162:
[ 63.554853][ T4162] kasan_set_track+0x4b/0x80
[ 63.559443][ T4162] kasan_set_free_info+0x1f/0x40
[ 63.564406][ T4162] ____kasan_slab_free+0xd8/0x120
[ 63.569455][ T4162] slab_free_freelist_hook+0xdd/0x160
[ 63.574916][ T4162] kfree+0xf1/0x270
[ 63.578718][ T4162] ocfs2_local_free_info+0x813/0x990
[ 63.584142][ T4162] dquot_disable+0x1111/0x1c60
[ 63.588921][ T4162] ocfs2_susp_quotas+0x247/0x340
[ 63.593855][ T4162] ocfs2_remount+0x56e/0xc30
[ 63.598472][ T4162] reconfigure_super+0x43a/0x870
[ 63.603471][ T4162] path_mount+0xceb/0x10a0
[ 63.607891][ T4162] __se_sys_mount+0x2d5/0x3c0
[ 63.612664][ T4162] do_syscall_64+0x3b/0xb0
[ 63.617087][ T4162] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 63.622985][ T4162]
[ 63.625333][ T4162] The buggy address belongs to the object at ffff888146fa4800
[ 63.625333][ T4162] which belongs to the cache kmalloc-1k of size 1024
[ 63.639588][ T4162] The buggy address is located 40 bytes inside of
[ 63.639588][ T4162] 1024-byte region [ffff888146fa4800, ffff888146fa4c00)
[ 63.652880][ T4162] The buggy address belongs to the page:
[ 63.658530][ T4162] page:ffffea00051be800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x146fa0
[ 63.668769][ T4162] head:ffffea00051be800 order:3 compound_mapcount:0 compound_pincount:0
[ 63.677317][ T4162] flags: 0x57ff00000010200(slab|head|node=1|zone=2|lastcpupid=0x7ff)
[ 63.685401][ T4162] raw: 057ff00000010200 ffffea000511fe00 0000000400000004 ffff888017441dc0
[ 63.694220][ T4162] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 63.702812][ T4162] page dumped because: kasan: bad access detected
[ 63.709239][ T4162] page_owner tracks the page as allocated
[ 63.714946][ T4162] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, ts 8152103999, free_ts 0
[ 63.732844][ T4162] get_page_from_freelist+0x3b78/0x3d40
[ 63.738398][ T4162] __alloc_pages+0x272/0x700
[ 63.742990][ T4162] alloc_page_interleave+0x22/0x1c0
[ 63.748178][ T4162] new_slab+0xbb/0x4b0
[ 63.752262][ T4162] ___slab_alloc+0x6f6/0xe10
[ 63.756866][ T4162] __kmalloc+0x1c9/0x300
[ 63.761219][ T4162] blk_stat_alloc_callback+0x95/0x230
[ 63.766596][ T4162] blk_mq_init_allocated_queue+0x86/0x17a0
[ 63.772637][ T4162] __blk_mq_alloc_disk+0x82/0x160
[ 63.777754][ T4162] loop_add+0x28f/0x880
[ 63.781971][ T4162] loop_init+0x172/0x230
[ 63.786207][ T4162] do_one_initcall+0x22b/0x7a0
[ 63.790964][ T4162] do_initcall_level+0x157/0x210
[ 63.795898][ T4162] do_initcalls+0x49/0x90
[ 63.800220][ T4162] kernel_init_freeable+0x425/0x5c0
[ 63.805443][ T4162] kernel_init+0x19/0x290
[ 63.809768][ T4162] page_owner free stack trace missing
[ 63.815121][ T4162]
[ 63.817482][ T4162] Memory state around the buggy address:
[ 63.823113][ T4162] ffff888146fa4700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 63.831222][ T4162] ffff888146fa4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 63.839360][ T4162] >ffff888146fa4800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 63.847435][ T4162] ^
[ 63.852815][ T4162] ffff888146fa4880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 63.860867][ T4162] ffff888146fa4900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 63.868916][ T4162] ==================================================================
[ 63.877067][ T4162] Disabling lock debugging due to kernel taint
[ 63.884271][ T4162] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 63.891487][ T4162] CPU: 1 PID: 4162 Comm: syz-executor348 Tainted: G B 5.15.176-syzkaller #0
[ 63.901472][ T4162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 63.911518][ T4162] Call Trace:
[ 63.914803][ T4162]
[ 63.917722][ T4162] dump_stack_lvl+0x1e3/0x2d0
[ 63.922390][ T4162] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 63.928014][ T4162] ? panic+0x860/0x860
[ 63.932074][ T4162] ? rcu_is_watching+0x11/0xa0
[ 63.936831][ T4162] ? preempt_schedule_common+0xa6/0xd0
[ 63.942301][ T4162] panic+0x318/0x860
[ 63.946204][ T4162] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 63.952351][ T4162] ? check_panic_on_warn+0x1d/0xa0
[ 63.957456][ T4162] ? fb_is_primary_device+0xd0/0xd0
[ 63.962761][ T4162] ? _raw_spin_unlock_irqrestore+0x128/0x130
[ 63.968762][ T4162] ? _raw_spin_unlock+0x40/0x40
[ 63.973601][ T4162] check_panic_on_warn+0x7e/0xa0
[ 63.978528][ T4162] ? ocfs2_lock_global_qf+0xb4/0x2a0
[ 63.983830][ T4162] end_report+0x6d/0xf0
[ 63.987978][ T4162] kasan_report+0x18e/0x1c0
[ 63.992490][ T4162] ? ocfs2_lock_global_qf+0xb4/0x2a0
[ 63.997774][ T4162] ocfs2_lock_global_qf+0xb4/0x2a0
[ 64.002985][ T4162] ? lock_buffer+0x80/0x80
[ 64.007396][ T4162] ocfs2_get_next_id+0x21c/0x710
[ 64.012336][ T4162] ? ocfs2_write_info+0x3a0/0x3a0
[ 64.017349][ T4162] ? from_kgid+0x1a3/0x730
[ 64.021755][ T4162] ? make_kgid+0x6f0/0x6f0
[ 64.026160][ T4162] dquot_get_next_dqblk+0x6e/0x3a0
[ 64.031263][ T4162] quota_getnextquota+0x2bc/0x6b0
[ 64.036282][ T4162] ? quota_getquota+0x6d0/0x6d0
[ 64.041121][ T4162] ? read_lock_is_recursive+0x10/0x10
[ 64.046487][ T4162] ? bpf_lsm_capable+0x5/0x10
[ 64.051156][ T4162] ? security_capable+0x86/0xb0
[ 64.056102][ T4162] ? bpf_lsm_quotactl+0x5/0x10
[ 64.060853][ T4162] ? security_quotactl+0x86/0xb0
[ 64.065782][ T4162] ? do_quotactl+0x508/0x6c0
[ 64.070366][ T4162] __se_sys_quotactl+0x2b1/0x770
[ 64.075300][ T4162] ? __lock_acquire+0x1ff0/0x1ff0
[ 64.080317][ T4162] ? __x64_sys_quotactl+0xa0/0xa0
[ 64.085329][ T4162] ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 64.091311][ T4162] ? print_irqtrace_events+0x210/0x210
[ 64.096755][ T4162] ? vtime_user_exit+0x2d1/0x400
[ 64.101686][ T4162] ? syscall_enter_from_user_mode+0x2e/0x240
[ 64.107656][ T4162] ? lockdep_hardirqs_on+0x94/0x130
[ 64.112842][ T4162] ? syscall_enter_from_user_mode+0x2e/0x240
[ 64.118808][ T4162] do_syscall_64+0x3b/0xb0
[ 64.123219][ T4162] ? clear_bhb_loop+0x15/0x70
[ 64.127897][ T4162] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 64.133786][ T4162] RIP: 0033:0x7f9ff2699b99
[ 64.138196][ T4162] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 64.157803][ T4162] RSP: 002b:00007ffddeec7a58 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[ 64.166206][ T4162] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9ff2699b99
[ 64.174170][ T4162] RDX: 000000000000ee01 RSI: 00000000200080c0 RDI: ffffffff80000901
[ 64.182729][ T4162] RBP: 00007f9ff27115f0 R08: 0000000020000c40 R09: 0000555565bbd4c0
[ 64.190699][ T4162] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffddeec7a80
[ 64.198667][ T4162] R13: 00007ffddeec7ca8 R14: 431bde82d7b634db R15: 00007f9ff26e203b
[ 64.206641][ T4162]
[ 64.209956][ T4162] Kernel Offset: disabled
[ 64.214425][ T4162] Rebooting in 86400 seconds..