Warning: Permanently added '10.128.1.249' (ED25519) to the list of known hosts.
2025/07/07 04:34:54 ignoring optional flag "sandboxArg"="0"
2025/07/07 04:34:55 parsed 1 programs
[ 132.126886][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 132.133547][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 135.624540][ T6413] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 138.822147][ T6428] chnl_net:caif_netlink_parms(): no params data found
[ 138.925893][ T6428] bridge0: port 1(bridge_slave_0) entered blocking state
[ 138.933174][ T6428] bridge0: port 1(bridge_slave_0) entered disabled state
[ 138.940293][ T6428] bridge_slave_0: entered allmulticast mode
[ 138.948516][ T6428] bridge_slave_0: entered promiscuous mode
[ 138.957407][ T6428] bridge0: port 2(bridge_slave_1) entered blocking state
[ 138.964909][ T6428] bridge0: port 2(bridge_slave_1) entered disabled state
[ 138.972110][ T6428] bridge_slave_1: entered allmulticast mode
[ 138.979581][ T6428] bridge_slave_1: entered promiscuous mode
[ 139.018497][ T6428] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 139.031086][ T6428] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 139.072472][ T6428] team0: Port device team_slave_0 added
[ 139.080873][ T6428] team0: Port device team_slave_1 added
[ 139.112114][ T6428] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 139.119144][ T6428] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 139.147109][ T6428] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 139.162058][ T6428] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 139.169251][ T6428] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 139.195351][ T6428] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 139.249515][ T6428] hsr_slave_0: entered promiscuous mode
[ 139.256207][ T6428] hsr_slave_1: entered promiscuous mode
[ 139.856922][ T6428] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 139.869444][ T6428] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 139.888565][ T6428] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 139.903445][ T6428] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 140.004530][ T6428] 8021q: adding VLAN 0 to HW filter on device bond0
[ 140.031632][ T6428] 8021q: adding VLAN 0 to HW filter on device team0
[ 140.049786][ T1101] bridge0: port 1(bridge_slave_0) entered blocking state
[ 140.056997][ T1101] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 140.073713][ T1101] bridge0: port 2(bridge_slave_1) entered blocking state
[ 140.080834][ T1101] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 140.139587][ T6428] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 140.395088][ T6428] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 140.458295][ T6428] veth0_vlan: entered promiscuous mode
[ 140.474731][ T6428] veth1_vlan: entered promiscuous mode
[ 140.516466][ T6428] veth0_macvtap: entered promiscuous mode
[ 140.532244][ T6428] veth1_macvtap: entered promiscuous mode
[ 140.562234][ T6428] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 140.585635][ T6428] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 140.600497][ T6428] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 140.611439][ T6428] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 140.620540][ T6428] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 140.630878][ T6428] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 140.824221][ T59] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 140.887515][ T59] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 140.965180][ T59] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 141.025647][ T59] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 141.414348][ T5902] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 141.423885][ T5902] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 141.431714][ T5902] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 141.439936][ T5902] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 141.450123][ T5902] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 143.230610][ T59] bridge_slave_1: left allmulticast mode
[ 143.242428][ T59] bridge_slave_1: left promiscuous mode
[ 143.248299][ T59] bridge0: port 2(bridge_slave_1) entered disabled state
[ 143.294766][ T59] bridge_slave_0: left allmulticast mode
[ 143.300459][ T59] bridge_slave_0: left promiscuous mode
[ 143.322700][ T59] bridge0: port 1(bridge_slave_0) entered disabled state
[ 143.777626][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 143.790811][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 143.803623][ T59] bond0 (unregistering): Released all slaves
[ 143.935070][ T59] hsr_slave_0: left promiscuous mode
[ 143.946041][ T59] hsr_slave_1: left promiscuous mode
[ 143.957547][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 143.983026][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 144.010526][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 144.026969][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 144.070266][ T59] veth1_macvtap: left promiscuous mode
[ 144.094839][ T59] veth0_macvtap: left promiscuous mode
[ 144.100508][ T59] veth1_vlan: left promiscuous mode
[ 144.134686][ T59] veth0_vlan: left promiscuous mode
[ 144.656056][ T59] team0 (unregistering): Port device team_slave_1 removed
[ 144.686054][ T59] team0 (unregistering): Port device team_slave_0 removed
[ 145.252134][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 145.264232][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 145.318170][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 145.326814][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/07/07 04:35:13 executed programs: 0
[ 148.183820][ T5902] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 148.192205][ T5902] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 148.201387][ T5902] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 148.209707][ T5902] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 148.218105][ T5902] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 148.538432][ T6665] chnl_net:caif_netlink_parms(): no params data found
[ 148.665584][ T6665] bridge0: port 1(bridge_slave_0) entered blocking state
[ 148.672898][ T6665] bridge0: port 1(bridge_slave_0) entered disabled state
[ 148.680042][ T6665] bridge_slave_0: entered allmulticast mode
[ 148.688502][ T6665] bridge_slave_0: entered promiscuous mode
[ 148.697192][ T6665] bridge0: port 2(bridge_slave_1) entered blocking state
[ 148.706796][ T6665] bridge0: port 2(bridge_slave_1) entered disabled state
[ 148.714340][ T6665] bridge_slave_1: entered allmulticast mode
[ 148.722169][ T6665] bridge_slave_1: entered promiscuous mode
[ 148.781600][ T6665] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 148.797692][ T6665] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 148.845858][ T6665] team0: Port device team_slave_0 added
[ 148.855012][ T6665] team0: Port device team_slave_1 added
[ 148.898002][ T6665] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 148.905080][ T6665] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 148.933225][ T6665] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 148.946230][ T6665] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 148.954257][ T6665] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 148.981067][ T6665] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 149.045228][ T6665] hsr_slave_0: entered promiscuous mode
[ 149.052071][ T6665] hsr_slave_1: entered promiscuous mode
[ 149.526924][ T6665] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 149.538908][ T6665] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 149.556265][ T6665] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 149.569748][ T6665] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 149.680282][ T6665] 8021q: adding VLAN 0 to HW filter on device bond0
[ 149.704541][ T6665] 8021q: adding VLAN 0 to HW filter on device team0
[ 149.719294][ T59] bridge0: port 1(bridge_slave_0) entered blocking state
[ 149.726481][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 149.741531][ T49] bridge0: port 2(bridge_slave_1) entered blocking state
[ 149.748689][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 150.026498][ T6665] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 150.090547][ T6665] veth0_vlan: entered promiscuous mode
[ 150.107671][ T6665] veth1_vlan: entered promiscuous mode
[ 150.149433][ T6665] veth0_macvtap: entered promiscuous mode
[ 150.161897][ T6665] veth1_macvtap: entered promiscuous mode
[ 150.189730][ T6665] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 150.207548][ T6665] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 150.219350][ T6665] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 150.228556][ T6665] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 150.238538][ T6665] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 150.247675][ T6665] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 150.282412][ T5902] Bluetooth: hci0: command tx timeout
[ 150.346688][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 150.360527][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 150.394295][ T3483] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 150.402135][ T3483] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 150.789086][ T6736] loop0: detected capacity change from 0 to 32768
[ 150.798393][ T6736] =======================================================
[ 150.798393][ T6736] WARNING: The mand mount option has been deprecated and
[ 150.798393][ T6736] and is ignored by this kernel. Remove the mand
[ 150.798393][ T6736] option from the mount to silence this warning.
[ 150.798393][ T6736] =======================================================
[ 150.904498][ T6736] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 150.937344][ T6736] (syz.0.16,6736,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=26105, inode=0, rec_len=0, name_len=0
[ 151.033675][ T6665] ocfs2: Unmounting device (7,0) on (node local)
[ 151.481417][ T6753] loop0: detected capacity change from 0 to 32768
[ 151.522009][ T6753] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 151.540846][ T6753] (syz.0.17,6753,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=26105, inode=0, rec_len=0, name_len=0
[ 151.596023][ T6665] ocfs2: Unmounting device (7,0) on (node local)
[ 152.029559][ T6766] loop0: detected capacity change from 0 to 32768
[ 152.074724][ T6766] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 152.090959][ T6766] (syz.0.18,6766,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=26105, inode=0, rec_len=0, name_len=0
[ 152.159257][ T6665] ocfs2: Unmounting device (7,0) on (node local)
[ 152.363430][ T5902] Bluetooth: hci0: command tx timeout
[ 152.640079][ T6780] loop0: detected capacity change from 0 to 32768
[ 152.739381][ T6780] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 152.766168][ T6780] ==================================================================
[ 152.774275][ T6780] BUG: KASAN: use-after-free in ocfs2_dir_foreach_blk+0x1149/0x18a0
[ 152.782273][ T6780] Read of size 2 at addr ffff888065d7b8c9 by task syz.0.19/6780
[ 152.790419][ T6780]
[ 152.792738][ T6780] CPU: 1 UID: 0 PID: 6780 Comm: syz.0.19 Not tainted 6.16.0-rc5-syzkaller-gd7b8f8e20813 #0 PREEMPT(full)
[ 152.792763][ T6780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 152.792776][ T6780] Call Trace:
[ 152.792784][ T6780]
[ 152.792792][ T6780] dump_stack_lvl+0x189/0x250
[ 152.792823][ T6780] ? srso_alias_return_thunk+0x5/0xfbef5
[ 152.792847][ T6780] ? srso_alias_return_thunk+0x5/0xfbef5
[ 152.792871][ T6780] ? __kasan_check_byte+0x12/0x40
[ 152.792897][ T6780] ? __pfx_dump_stack_lvl+0x10/0x10
[ 152.792920][ T6780] ? srso_alias_return_thunk+0x5/0xfbef5
[ 152.792944][ T6780] ? rcu_is_watching+0x15/0xb0
[ 152.792969][ T6780] ? srso_alias_return_thunk+0x5/0xfbef5
[ 152.792992][ T6780] ? lock_release+0x4b/0x3e0
[ 152.793015][ T6780] ? __virt_addr_valid+0x1c8/0x5c0
[ 152.793043][ T6780] ? srso_alias_return_thunk+0x5/0xfbef5
[ 152.793066][ T6780] ? __virt_addr_valid+0x4a5/0x5c0
[ 152.793094][ T6780] print_report+0xd2/0x2b0
[ 152.793114][ T6780] ? ocfs2_dir_foreach_blk+0x1149/0x18a0
[ 152.793134][ T6780] kasan_report+0x118/0x150
[ 152.793159][ T6780] ? ocfs2_read_inode_block+0x11d/0x190
[ 152.793191][ T6780] ? ocfs2_dir_foreach_blk+0x1149/0x18a0
[ 152.793216][ T6780] ocfs2_dir_foreach_blk+0x1149/0x18a0
[ 152.793240][ T6780] ? srso_alias_return_thunk+0x5/0xfbef5
[ 152.793266][ T6780] ? srso_alias_return_thunk+0x5/0xfbef5
[ 152.793290][ T6780] ? _raw_spin_unlock+0x28/0x50
[ 152.793321][ T6780] ? __pfx_ocfs2_dir_foreach_blk+0x10/0x10
[ 152.793342][ T6780] ? srso_alias_return_thunk+0x5/0xfbef5
[ 152.793366][ T6780] ? ocfs2_inode_lock_atime+0x232/0x4e0
[ 152.793396][ T6780] ? __pfx_ocfs2_inode_lock_atime+0x10/0x10
[ 152.793428][ T6780] ? srso_alias_return_thunk+0x5/0xfbef5
[ 152.793456][ T6780] ocfs2_readdir+0x254/0x4c0
[ 152.793477][ T6780] ? __pfx_ocfs2_readdir+0x10/0x10
[ 152.793496][ T6780] ? down_write+0x162/0x1f0
[ 152.793517][ T6780] ? __pfx_down_write+0x10/0x10
[ 152.793542][ T6780] ? __pfx_ocfs2_readdir+0x10/0x10
[ 152.793563][ T6780] wrap_directory_iterator+0x96/0xe0
[ 152.793587][ T6780] iterate_dir+0x5af/0x770
[ 152.793612][ T6780] __se_sys_getdents+0xe4/0x250
[ 152.793635][ T6780] ? __pfx___se_sys_getdents+0x10/0x10
[ 152.793657][ T6780] ? __pfx_filldir+0x10/0x10
[ 152.793680][ T6780] ? srso_alias_return_thunk+0x5/0xfbef5
[ 152.793704][ T6780] ? rcu_is_watching+0x15/0xb0
[ 152.793730][ T6780] ? do_syscall_64+0xbe/0x3b0
[ 152.793752][ T6780] do_syscall_64+0xfa/0x3b0
[ 152.793771][ T6780] ? lockdep_hardirqs_on+0x9c/0x150
[ 152.793807][ T6780] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 152.793827][ T6780] ? srso_alias_return_thunk+0x5/0xfbef5
[ 152.793850][ T6780] ? exc_page_fault+0x9f/0xf0
[ 152.793882][ T6780] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 152.793902][ T6780] RIP: 0033:0x7f56cf18cda9
[ 152.793918][ T6780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 152.793935][ T6780] RSP: 002b:00007f56cff49038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[ 152.793956][ T6780] RAX: ffffffffffffffda RBX: 00007f56cf3a5fa0 RCX: 00007f56cf18cda9
[ 152.793971][ T6780] RDX: 0000000000000054 RSI: 0000000000000000 RDI: 0000000000000004
[ 152.793984][ T6780] RBP: 00007f56cf20e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 152.793997][ T6780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 152.794009][ T6780] R13: 0000000000000000 R14: 00007f56cf3a5fa0 R15: 00007ffe392f2df8
[ 152.794032][ T6780]
[ 152.794040][ T6780]
[ 153.132510][ T6780] The buggy address belongs to the physical page:
[ 153.138933][ T6780] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x7f4e2e296 pfn:0x65d7b
[ 153.148380][ T6780] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 153.155518][ T6780] raw: 00fff00000000000 ffffea0001d4e648 ffffea0001975e88 0000000000000000
[ 153.164101][ T6780] raw: 00000007f4e2e296 0000000000000000 00000000ffffffff 0000000000000000
[ 153.172674][ T6780] page dumped because: kasan: bad access detected
[ 153.179103][ T6780] page_owner tracks the page as freed
[ 153.184455][ T6780] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|__GFP_COMP), pid 6559, tgid 6559 (udevd), ts 152707345699, free_ts 152728712836
[ 153.202687][ T6780] post_alloc_hook+0x240/0x2a0
[ 153.207485][ T6780] get_page_from_freelist+0x21e4/0x22c0
[ 153.213036][ T6780] __alloc_frozen_pages_noprof+0x181/0x370
[ 153.218850][ T6780] alloc_pages_mpol+0x232/0x4a0
[ 153.223700][ T6780] vma_alloc_folio_noprof+0xe4/0x200
[ 153.228993][ T6780] folio_prealloc+0x30/0x180
[ 153.233588][ T6780] __handle_mm_fault+0x2c88/0x5620
[ 153.238698][ T6780] handle_mm_fault+0x40a/0x8e0
[ 153.243464][ T6780] do_user_addr_fault+0x764/0x1390
[ 153.248655][ T6780] exc_page_fault+0x76/0xf0
[ 153.253181][ T6780] asm_exc_page_fault+0x26/0x30
[ 153.258023][ T6780] page last free pid 6559 tgid 6559 stack trace:
[ 153.264337][ T6780] free_unref_folios+0xc66/0x14d0
[ 153.269361][ T6780] folios_put_refs+0x559/0x640
[ 153.274130][ T6780] free_pages_and_swap_cache+0x4be/0x520
[ 153.279769][ T6780] tlb_flush_mmu+0x3a0/0x680
[ 153.284365][ T6780] tlb_finish_mmu+0xc3/0x1d0
[ 153.288967][ T6780] vms_clear_ptes+0x42c/0x540
[ 153.293640][ T6780] vms_complete_munmap_vmas+0x206/0x8a0
[ 153.299177][ T6780] do_vmi_align_munmap+0x358/0x420
[ 153.304282][ T6780] do_vmi_munmap+0x253/0x2e0
[ 153.308864][ T6780] __vm_munmap+0x23b/0x3d0
[ 153.313272][ T6780] __x64_sys_munmap+0x60/0x70
[ 153.317943][ T6780] do_syscall_64+0xfa/0x3b0
[ 153.322440][ T6780] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 153.328329][ T6780]
[ 153.330650][ T6780] Memory state around the buggy address:
[ 153.336268][ T6780] ffff888065d7b780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 153.344322][ T6780] ffff888065d7b800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 153.352377][ T6780] >ffff888065d7b880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 153.360430][ T6780] ^
[ 153.366841][ T6780] ffff888065d7b900: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 153.374898][ T6780] ffff888065d7b980: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 153.382950][ T6780] ==================================================================
[ 153.397723][ T6780] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 153.404940][ T6780] CPU: 0 UID: 0 PID: 6780 Comm: syz.0.19 Not tainted 6.16.0-rc5-syzkaller-gd7b8f8e20813 #0 PREEMPT(full)
[ 153.416226][ T6780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 153.426282][ T6780] Call Trace:
[ 153.429566][ T6780]
[ 153.432490][ T6780] dump_stack_lvl+0x99/0x250
[ 153.437089][ T6780] ? __asan_memcpy+0x40/0x70
[ 153.441674][ T6780] ? __pfx_dump_stack_lvl+0x10/0x10
[ 153.446873][ T6780] ? __pfx__printk+0x10/0x10
[ 153.451468][ T6780] ? srso_alias_return_thunk+0x5/0xfbef5
[ 153.457102][ T6780] panic+0x2db/0x790
[ 153.461005][ T6780] ? __pfx_panic+0x10/0x10
[ 153.465419][ T6780] ? srso_alias_return_thunk+0x5/0xfbef5
[ 153.471052][ T6780] ? srso_alias_return_thunk+0x5/0xfbef5
[ 153.476684][ T6780] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 153.482607][ T6780] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 153.488940][ T6780] ? print_memory_metadata+0x314/0x400
[ 153.494395][ T6780] ? ocfs2_dir_foreach_blk+0x1149/0x18a0
[ 153.500022][ T6780] check_panic_on_warn+0x89/0xb0
[ 153.504969][ T6780] ? ocfs2_dir_foreach_blk+0x1149/0x18a0
[ 153.510857][ T6780] end_report+0x78/0x160
[ 153.515101][ T6780] kasan_report+0x129/0x150
[ 153.519604][ T6780] ? ocfs2_read_inode_block+0x11d/0x190
[ 153.525242][ T6780] ? ocfs2_dir_foreach_blk+0x1149/0x18a0
[ 153.530874][ T6780] ocfs2_dir_foreach_blk+0x1149/0x18a0
[ 153.536330][ T6780] ? srso_alias_return_thunk+0x5/0xfbef5
[ 153.542158][ T6780] ? srso_alias_return_thunk+0x5/0xfbef5
[ 153.547791][ T6780] ? _raw_spin_unlock+0x28/0x50
[ 153.552651][ T6780] ? __pfx_ocfs2_dir_foreach_blk+0x10/0x10
[ 153.558455][ T6780] ? srso_alias_return_thunk+0x5/0xfbef5
[ 153.564088][ T6780] ? ocfs2_inode_lock_atime+0x232/0x4e0
[ 153.569644][ T6780] ? __pfx_ocfs2_inode_lock_atime+0x10/0x10
[ 153.575551][ T6780] ? srso_alias_return_thunk+0x5/0xfbef5
[ 153.581194][ T6780] ocfs2_readdir+0x254/0x4c0
[ 153.585783][ T6780] ? __pfx_ocfs2_readdir+0x10/0x10
[ 153.590889][ T6780] ? down_write+0x162/0x1f0
[ 153.595389][ T6780] ? __pfx_down_write+0x10/0x10
[ 153.600240][ T6780] ? __pfx_ocfs2_readdir+0x10/0x10
[ 153.605698][ T6780] wrap_directory_iterator+0x96/0xe0
[ 153.610984][ T6780] iterate_dir+0x5af/0x770
[ 153.615401][ T6780] __se_sys_getdents+0xe4/0x250
[ 153.620338][ T6780] ? __pfx___se_sys_getdents+0x10/0x10
[ 153.625794][ T6780] ? __pfx_filldir+0x10/0x10
[ 153.630384][ T6780] ? srso_alias_return_thunk+0x5/0xfbef5
[ 153.636018][ T6780] ? rcu_is_watching+0x15/0xb0
[ 153.640785][ T6780] ? do_syscall_64+0xbe/0x3b0
[ 153.645461][ T6780] do_syscall_64+0xfa/0x3b0
[ 153.649963][ T6780] ? lockdep_hardirqs_on+0x9c/0x150
[ 153.655173][ T6780] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 153.661234][ T6780] ? srso_alias_return_thunk+0x5/0xfbef5
[ 153.666866][ T6780] ? exc_page_fault+0x9f/0xf0
[ 153.671549][ T6780] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 153.677473][ T6780] RIP: 0033:0x7f56cf18cda9
[ 153.681882][ T6780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 153.701490][ T6780] RSP: 002b:00007f56cff49038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[ 153.709908][ T6780] RAX: ffffffffffffffda RBX: 00007f56cf3a5fa0 RCX: 00007f56cf18cda9
[ 153.717879][ T6780] RDX: 0000000000000054 RSI: 0000000000000000 RDI: 0000000000000004
[ 153.725847][ T6780] RBP: 00007f56cf20e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 153.733842][ T6780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 153.741803][ T6780] R13: 0000000000000000 R14: 00007f56cf3a5fa0 R15: 00007ffe392f2df8
[ 153.749785][ T6780]
[ 153.753029][ T6780] Kernel Offset: disabled
[ 153.757347][ T6780] Rebooting in 86400 seconds..