Warning: Permanently added '10.128.0.181' (ED25519) to the list of known hosts. executing program [ 44.682128][ T4019] loop0: detected capacity change from 0 to 32768 [ 44.805419][ T4019] [ 44.805419][ T4019] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 44.805419][ T4019] [ 44.812108][ T4019] [ 44.812108][ T4019] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 44.812108][ T4019] [ 44.814989][ T4019] [ 44.814989][ T4019] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 44.814989][ T4019] [ 44.817670][ T4019] [ 44.817670][ T4019] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 44.817670][ T4019] [ 44.821577][ T4019] [ 44.821577][ T4019] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 44.821577][ T4019] [ 44.831596][ T241] [ 44.831596][ T241] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 44.831596][ T241] [ 44.834928][ T4019] ================================================================================ [ 44.837362][ T4019] UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dtree.c:2945:28 [ 44.839408][ T4019] index -128 is out of range for type 'struct dtslot[128]' [ 44.842117][ T4019] CPU: 0 PID: 4019 Comm: syz-executor179 Not tainted 5.15.178-syzkaller #0 [ 44.844488][ T4019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 44.847050][ T4019] Call trace: [ 44.847908][ T4019] dump_backtrace+0x0/0x530 [ 44.849201][ T4019] show_stack+0x2c/0x3c [ 44.850224][ T4019] dump_stack_lvl+0x108/0x170 [ 44.851448][ T4019] dump_stack+0x1c/0x58 [ 44.852522][ T4019] __ubsan_handle_out_of_bounds+0x108/0x15c [ 44.854037][ T4019] add_missing_indices+0x6e8/0xaa8 [ 44.855473][ T4019] jfs_readdir+0x1948/0x3030 [ 44.856731][ T4019] iterate_dir+0x1f4/0x4ec [ 44.857852][ T4019] __arm64_sys_getdents64+0x1c4/0x4c4 [ 44.859363][ T4019] invoke_syscall+0x98/0x2b8 [ 44.860594][ T4019] el0_svc_common+0x138/0x258 [ 44.861954][ T4019] do_el0_svc+0x58/0x14c [ 44.863155][ T4019] el0_svc+0x7c/0x1f0 [ 44.864357][ T4019] el0t_64_sync_handler+0x84/0xe4 [ 44.865693][ T4019] el0t_64_sync+0x1a0/0x1a4 [ 44.867468][ T4019] ================================================================================ [ 44.870046][ T4019] ================================================================== [ 44.872211][ T4019] BUG: KASAN: slab-out-of-bounds in diWrite+0xb48/0x1604 [ 44.873968][ T4019] Read of size 32 at addr ffff0000d472c130 by task syz-executor179/4019 [ 44.876108][ T4019] [ 44.876708][ T4019] CPU: 0 PID: 4019 Comm: syz-executor179 Not tainted 5.15.178-syzkaller #0 [ 44.878949][ T4019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 44.881631][ T4019] Call trace: [ 44.882495][ T4019] dump_backtrace+0x0/0x530 [ 44.883683][ T4019] show_stack+0x2c/0x3c [ 44.884773][ T4019] dump_stack_lvl+0x108/0x170 [ 44.885967][ T4019] print_address_description+0x7c/0x3f0 [ 44.887457][ T4019] kasan_report+0x174/0x1e4 [ 44.888596][ T4019] kasan_check_range+0x274/0x2b4 [ 44.889921][ T4019] memcpy+0x90/0xe8 [ 44.890914][ T4019] diWrite+0xb48/0x1604 [ 44.892003][ T4019] txCommit+0x754/0x55b0 [ 44.893139][ T4019] add_missing_indices+0x764/0xaa8 [ 44.894428][ T4019] jfs_readdir+0x1948/0x3030 [ 44.895583][ T4019] iterate_dir+0x1f4/0x4ec [ 44.896746][ T4019] __arm64_sys_getdents64+0x1c4/0x4c4 [ 44.897984][ T4019] invoke_syscall+0x98/0x2b8 [ 44.899208][ T4019] el0_svc_common+0x138/0x258 [ 44.900414][ T4019] do_el0_svc+0x58/0x14c [ 44.901509][ T4019] el0_svc+0x7c/0x1f0 [ 44.902554][ T4019] el0t_64_sync_handler+0x84/0xe4 [ 44.903827][ T4019] el0t_64_sync+0x1a0/0x1a4 [ 44.904994][ T4019] [ 44.905603][ T4019] Allocated by task 0: [ 44.906590][ T4019] (stack is not available) [ 44.907831][ T4019] [ 44.908484][ T4019] The buggy address belongs to the object at ffff0000d472c0c0 [ 44.908484][ T4019] which belongs to the cache jfs_ip of size 2240 [ 44.912294][ T4019] The buggy address is located 112 bytes inside of [ 44.912294][ T4019] 2240-byte region [ffff0000d472c0c0, ffff0000d472c980) [ 44.915638][ T4019] The buggy address belongs to the page: [ 44.917158][ T4019] page:00000000c86e30d4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x114728 [ 44.919903][ T4019] head:00000000c86e30d4 order:3 compound_mapcount:0 compound_pincount:0 [ 44.922111][ T4019] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff) [ 44.924281][ T4019] raw: 05ffc00000010200 0000000000000000 dead000000000122 ffff0000c6904000 [ 44.926409][ T4019] raw: 0000000000000000 00000000800d000d 00000001ffffffff 0000000000000000 [ 44.928650][ T4019] page dumped because: kasan: bad access detected [ 44.930472][ T4019] [ 44.931079][ T4019] Memory state around the buggy address: [ 44.932563][ T4019] ffff0000d472c000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 44.934745][ T4019] ffff0000d472c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 44.937029][ T4019] >ffff0000d472c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 44.939264][ T4019] ^ [ 44.940792][ T4019] ffff0000d472c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 44.942937][ T4019] ffff0000d472c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 44.945156][ T4019] ================================================================== [ 44.947268][ T4019] Disabling lock debugging due to kernel taint [ 44.949071][ T4019] [ 44.949071][ T4019] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 44.949071][ T4019] [ 44.949093][ T4019] [ 44.949093][ T4019] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 44.949093][ T4019] [ 44.949106][ T4019] [ 44.949106][ T4019] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 44.949106][ T4019] [ 44.956946][ T4019] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 0 [ 44.956946][ T4019] [ 44.957208][ T241] [ 44.957208][ T241] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 44.957208][ T241] [ 44.960135][ T4019] ERROR: (device loop0): remounting filesystem as read-only [ 44.964390][ T4019] JFS: Invalid stbl[1] = -128 for inode 2, block = 0