BUG: unable to handle kernel NULL pointer dereference in jbd2

loop0: detected capacity change from 0 to 32768
ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
BUG: kernel NULL pointer dereference, address: 0000000000000011
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 5c837067 P4D 5c837067 PUD 797b1067 PMD 0 
Oops: Oops: 0000 [#1] PREEMPT SMP KASAN NOPTI
CPU: 0 UID: 0 PID: 6447 Comm: syz.0.119 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
RIP: 0010:___slab_alloc+0x27a/0x1880 mm/slub.c:3761
Code: 0b 49 83 7f 28 00 0f 85 de 07 00 00 4d 89 77 28 49 83 7c 24 10 00 0f 85 45 06 00 00 4d 8b 7c 24 18 4d 85 ff 0f 84 d2 06 00 00 <49> 8b 47 10 83 bd 68 ff ff ff ff 49 89 44 24 18 74 20 49 8b 07 48
RSP: 0018:ffffc900051beb50 EFLAGS: 00010002
RAX: 0000000000000000 RBX: 0000000000000202 RCX: ffffffff8169da5e
RDX: 0000000000000001 RSI: ffffffff81e3c118 RDI: 0000000000000000
RBP: ffffc900051bec30 R08: 0000000000000000 R09: fffffbfff2dc8198
R10: ffffffff96e40cc7 R11: 000000000000000a R12: ffffe8ffffc6c1a0
R13: ffff88814def1dc0 R14: ffff888030de3c00 R15: 0000000000000001
FS:  00007fd7c8bf66c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000011 CR3: 0000000032f1a000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 __slab_alloc.constprop.0+0x56/0xb0 mm/slub.c:3908
 __slab_alloc_node mm/slub.c:3961 [inline]
 slab_alloc_node mm/slub.c:4122 [inline]
 kmem_cache_alloc_noprof+0x2a7/0x2f0 mm/slub.c:4141
 jbd2_alloc+0xb5/0xd0 fs/jbd2/journal.c:2787
 jbd2_journal_get_undo_access+0x212/0x3f0 fs/jbd2/transaction.c:1395
 __ocfs2_journal_access+0x426/0x8b0 fs/ocfs2/journal.c:692
 ocfs2_block_group_set_bits+0x298/0x9b0 fs/ocfs2/suballoc.c:1387
 ocfs2_search_chain+0x1139/0x24b0 fs/ocfs2/suballoc.c:1900
 ocfs2_claim_suballoc_bits+0x800/0x2010 fs/ocfs2/suballoc.c:1985
 __ocfs2_claim_clusters+0x28e/0xa70 fs/ocfs2/suballoc.c:2395
 ocfs2_local_alloc_new_window fs/ocfs2/localalloc.c:1183 [inline]
 ocfs2_local_alloc_slide_window+0x90c/0x18f0 fs/ocfs2/localalloc.c:1312
 ocfs2_reserve_local_alloc_bits+0x4f4/0xc60 fs/ocfs2/localalloc.c:669
 ocfs2_reserve_clusters_with_limit+0x697/0xe80 fs/ocfs2/suballoc.c:1166
 ocfs2_reserve_clusters fs/ocfs2/suballoc.c:1227 [inline]
 ocfs2_lock_allocators+0x339/0x5f0 fs/ocfs2/suballoc.c:2746
 ocfs2_write_begin_nolock+0x2886/0x6ea0 fs/ocfs2/aops.c:1738
 ocfs2_write_begin+0x1cd/0x340 fs/ocfs2/aops.c:1902
 generic_perform_write+0x2bd/0x920 mm/filemap.c:4056
 __generic_file_write_iter+0x1f7/0x240 mm/filemap.c:4157
 ocfs2_file_write_iter+0xb70/0x20e0 fs/ocfs2/file.c:2467
 new_sync_write fs/read_write.c:586 [inline]
 vfs_write+0x5b1/0x1150 fs/read_write.c:679
 ksys_write+0x12b/0x250 fs/read_write.c:731
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fd7cad7e819
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fd7c8bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007fd7caf35fa0 RCX: 00007fd7cad7e819
RDX: 000000000208e24b RSI: 0000000020000000 RDI: 0000000000000004
RBP: 00007fd7cadf175e R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007fd7caf35fa0 R15: 00007ffec9a66ca8
 </TASK>
Modules linked in:
CR2: 0000000000000011
---[ end trace 0000000000000000 ]---
RIP: 0010:___slab_alloc+0x27a/0x1880 mm/slub.c:3761
Code: 0b 49 83 7f 28 00 0f 85 de 07 00 00 4d 89 77 28 49 83 7c 24 10 00 0f 85 45 06 00 00 4d 8b 7c 24 18 4d 85 ff 0f 84 d2 06 00 00 <49> 8b 47 10 83 bd 68 ff ff ff ff 49 89 44 24 18 74 20 49 8b 07 48
RSP: 0018:ffffc900051beb50 EFLAGS: 00010002
RAX: 0000000000000000 RBX: 0000000000000202 RCX: ffffffff8169da5e
RDX: 0000000000000001 RSI: ffffffff81e3c118 RDI: 0000000000000000
RBP: ffffc900051bec30 R08: 0000000000000000 R09: fffffbfff2dc8198
R10: ffffffff96e40cc7 R11: 000000000000000a R12: ffffe8ffffc6c1a0
R13: ffff88814def1dc0 R14: ffff888030de3c00 R15: 0000000000000001
FS:  00007fd7c8bf66c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000011 CR3: 0000000032f1a000 CR4: 0000000000350ef0
----------------
Code disassembly (best guess), 1 bytes skipped:
   0:	49 83 7f 28 00       	cmpq   $0x0,0x28(%r15)
   5:	0f 85 de 07 00 00    	jne    0x7e9
   b:	4d 89 77 28          	mov    %r14,0x28(%r15)
   f:	49 83 7c 24 10 00    	cmpq   $0x0,0x10(%r12)
  15:	0f 85 45 06 00 00    	jne    0x660
  1b:	4d 8b 7c 24 18       	mov    0x18(%r12),%r15
  20:	4d 85 ff             	test   %r15,%r15
  23:	0f 84 d2 06 00 00    	je     0x6fb
* 29:	49 8b 47 10          	mov    0x10(%r15),%rax <-- trapping instruction
  2d:	83 bd 68 ff ff ff ff 	cmpl   $0xffffffff,-0x98(%rbp)
  34:	49 89 44 24 18       	mov    %rax,0x18(%r12)
  39:	74 20                	je     0x5b
  3b:	49 8b 07             	mov    (%r15),%rax
  3e:	48                   	rex.W