================================================================================
UBSAN: shift-out-of-bounds in fs/ocfs2/super.c:2368:4
shift exponent 16777486 is too large for 32-bit type 'int'
CPU: 0 PID: 4403 Comm: syz.1.6 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
Call trace:
 dump_backtrace+0x1c0/0x1ec arch/arm64/kernel/stacktrace.c:158
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:165
 __dump_stack+0x30/0x40 lib/dump_stack.c:88
 dump_stack_lvl+0xf4/0x15c lib/dump_stack.c:106
 dump_stack+0x1c/0x5c lib/dump_stack.c:113
 ubsan_epilogue+0x14/0x48 lib/ubsan.c:151
 __ubsan_handle_shift_out_of_bounds+0x2b0/0x348 lib/ubsan.c:321
 ocfs2_verify_volume fs/ocfs2/super.c:2368 [inline]
 ocfs2_sb_probe fs/ocfs2/super.c:792 [inline]
 ocfs2_fill_super+0xc5c/0x436c fs/ocfs2/super.c:988
 mount_bdev+0x264/0x358 fs/super.c:1443
 ocfs2_mount+0x44/0x58 fs/ocfs2/super.c:1186
 legacy_get_tree+0xd4/0x16c fs/fs_context.c:632
 vfs_get_tree+0x90/0x274 fs/super.c:1573
 do_new_mount+0x228/0x810 fs/namespace.c:3078
 path_mount+0x5bc/0xe80 fs/namespace.c:3408
 do_mount fs/namespace.c:3421 [inline]
 __do_sys_mount fs/namespace.c:3629 [inline]
 __se_sys_mount fs/namespace.c:3606 [inline]
 __arm64_sys_mount+0x49c/0x59c fs/namespace.c:3606
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2b4 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x130 arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x128 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
================================================================================
(syz.1.6,4403,0):ocfs2_verify_volume:2369 ERROR: bad cluster size found: 16384
(syz.1.6,4403,0):ocfs2_verify_volume:2388 ERROR: status = -22
(syz.1.6,4403,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
(syz.1.6,4403,0):ocfs2_fill_super:1176 ERROR: status = -22
loop1: detected capacity change from 0 to 512
Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.6: Failed to acquire dquot type 0
Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.6: Failed to acquire dquot type 0
Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.6: Failed to acquire dquot type 0
EXT4-fs (loop1): 1 orphan inode deleted
EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.