[  137.877468][ T1307] ieee802154 phy0 wpan0: encryption failed: -22
[  137.880360][ T1307] ieee802154 phy1 wpan1: encryption failed: -22
Warning: Permanently added '[localhost]:56940' (ED25519) to the list of known hosts.
2024/08/19 03:16:08 ignoring optional flag "sandboxArg"="0"
2024/08/19 03:16:09 parsed 1 programs
[  157.691446][ T5364] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  163.233163][ T1144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  163.236292][ T1144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  163.282747][ T1037] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  163.285777][ T1037] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  165.751016][ T5395] chnl_net:caif_netlink_parms(): no params data found
[  165.855882][ T5395] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.859413][ T5395] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.862657][ T5395] bridge_slave_0: entered allmulticast mode
[  165.871461][ T5395] bridge_slave_0: entered promiscuous mode
[  165.882282][ T5395] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.885042][ T5395] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.887883][ T5395] bridge_slave_1: entered allmulticast mode
[  165.901270][ T5395] bridge_slave_1: entered promiscuous mode
[  165.938143][ T5395] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  165.952689][ T5395] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  165.992281][ T5395] team0: Port device team_slave_0 added
[  165.996465][ T5395] team0: Port device team_slave_1 added
[  166.033207][ T5395] batman_adv: batadv0: Adding interface: batadv_slave_0
[  166.035925][ T5395] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.060361][ T5395] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  166.066208][ T5395] batman_adv: batadv0: Adding interface: batadv_slave_1
[  166.068837][ T5395] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.100834][ T5395] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  166.144384][ T5395] hsr_slave_0: entered promiscuous mode
[  166.147174][ T5395] hsr_slave_1: entered promiscuous mode
[  166.861900][ T5395] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  166.892243][ T5395] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  166.904187][ T5395] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  166.931247][ T5395] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  167.086552][ T5395] 8021q: adding VLAN 0 to HW filter on device bond0
[  167.124700][ T5395] 8021q: adding VLAN 0 to HW filter on device team0
[  167.155391][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.158237][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[  167.163336][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.165896][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[  167.522902][ T5395] 8021q: adding VLAN 0 to HW filter on device batadv0
[  167.596345][ T5395] veth0_vlan: entered promiscuous mode
[  167.634442][ T5395] veth1_vlan: entered promiscuous mode
[  167.703882][ T5395] veth0_macvtap: entered promiscuous mode
[  167.708706][ T5395] veth1_macvtap: entered promiscuous mode
[  167.755006][ T5395] batman_adv: batadv0: Interface activated: batadv_slave_0
[  167.794841][ T5395] batman_adv: batadv0: Interface activated: batadv_slave_1
[  167.813203][ T5395] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  167.816526][ T5395] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  167.819711][ T5395] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  167.851271][ T5395] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  168.123874][   T30] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.234434][   T30] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.312458][   T30] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.398637][   T30] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.792019][ T4527] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  170.796037][ T4527] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  170.799211][ T4527] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  170.803763][ T4527] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  170.806804][ T4527] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  170.809733][ T4527] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2024/08/19 03:16:32 executed programs: 0
[  171.252033][ T5136] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  171.256245][ T5136] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  171.259503][ T5136] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  171.264639][ T5136] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  171.268316][ T5136] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  171.271878][ T5136] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  171.723952][ T5513] chnl_net:caif_netlink_parms(): no params data found
[  171.893249][ T5513] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.896276][ T5513] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.899172][ T5513] bridge_slave_0: entered allmulticast mode
[  171.921489][ T5513] bridge_slave_0: entered promiscuous mode
[  171.932593][ T5513] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.935452][ T5513] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.938325][ T5513] bridge_slave_1: entered allmulticast mode
[  171.962235][ T5513] bridge_slave_1: entered promiscuous mode
[  172.026936][ T5513] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  172.053627][ T5513] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  172.099600][ T5513] team0: Port device team_slave_0 added
[  172.134488][ T5513] team0: Port device team_slave_1 added
[  172.193579][ T5513] batman_adv: batadv0: Adding interface: batadv_slave_0
[  172.196382][ T5513] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.241357][ T5513] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  172.261259][ T5513] batman_adv: batadv0: Adding interface: batadv_slave_1
[  172.264017][ T5513] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.306229][ T5513] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  172.484228][ T5513] hsr_slave_0: entered promiscuous mode
[  172.513534][ T5513] hsr_slave_1: entered promiscuous mode
[  172.516219][ T5513] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  172.518935][ T5513] Cannot create hsr debugfs directory
[  172.531856][   T30] bridge_slave_1: left allmulticast mode
[  172.533972][   T30] bridge_slave_1: left promiscuous mode
[  172.536229][   T30] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.552872][   T30] bridge_slave_0: left allmulticast mode
[  172.555011][   T30] bridge_slave_0: left promiscuous mode
[  172.557132][   T30] bridge0: port 1(bridge_slave_0) entered disabled state
[  173.183427][   T30] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  173.213665][   T30] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  173.221205][   T30] bond0 (unregistering): Released all slaves
[  173.320713][ T5136] Bluetooth: hci0: command tx timeout
[  173.545904][   T30] hsr_slave_0: left promiscuous mode
[  173.552623][   T30] hsr_slave_1: left promiscuous mode
[  173.555238][   T30] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  173.558011][   T30] batman_adv: batadv0: Removing interface: batadv_slave_0
[  173.571687][   T30] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  173.574649][   T30] batman_adv: batadv0: Removing interface: batadv_slave_1
[  173.596998][   T30] veth1_macvtap: left promiscuous mode
[  173.599168][   T30] veth0_macvtap: left promiscuous mode
[  173.603406][   T30] veth1_vlan: left promiscuous mode
[  173.605506][   T30] veth0_vlan: left promiscuous mode
[  174.015295][   T30] team0 (unregistering): Port device team_slave_1 removed
[  174.042712][   T30] team0 (unregistering): Port device team_slave_0 removed
[  174.892944][ T5513] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  174.934492][ T5513] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  175.394318][ T5136] Bluetooth: hci0: command tx timeout
[  175.552851][ T5513] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  175.567349][ T5513] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  175.799020][ T5513] 8021q: adding VLAN 0 to HW filter on device bond0
[  175.917354][ T5513] 8021q: adding VLAN 0 to HW filter on device team0
[  175.951847][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.954654][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state
[  175.973536][ T1033] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.976239][ T1033] bridge0: port 2(bridge_slave_1) entered forwarding state
[  176.062102][ T5513] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  176.333544][ T5513] 8021q: adding VLAN 0 to HW filter on device batadv0
[  176.391518][ T5513] veth0_vlan: entered promiscuous mode
[  176.413035][ T5513] veth1_vlan: entered promiscuous mode
[  176.452008][ T5513] veth0_macvtap: entered promiscuous mode
[  176.465263][ T5513] veth1_macvtap: entered promiscuous mode
[  176.491632][ T5513] batman_adv: batadv0: Interface activated: batadv_slave_0
[  176.516180][ T5513] batman_adv: batadv0: Interface activated: batadv_slave_1
[  176.528440][ T5513] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  176.548820][ T5513] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  176.554421][ T5513] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  176.557595][ T5513] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  176.711554][   T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  176.714723][   T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  176.785219][ T1033] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  176.788221][ T1033] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2024/08/19 03:16:37 executed programs: 2
[  177.472797][ T5136] Bluetooth: hci0: command tx timeout
[  177.517488][ T5577] loop0: detected capacity change from 0 to 32768
[  177.740126][ T5577] ==================================================================
[  177.743825][ T5577] BUG: KASAN: slab-out-of-bounds in bch2_dev_journal_init+0x764/0xa40
[  177.747002][ T5577] Write of size 8 at addr ffff888011d03eb0 by task syz.0.15/5577
[  177.750899][ T5577] 
[  177.751748][ T5577] CPU: 0 UID: 0 PID: 5577 Comm: syz.0.15 Not tainted 6.11.0-rc3-syzkaller-00338-gc3f2d783a459-dirty #0
[  177.755756][ T5577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  177.759691][ T5577] Call Trace:
[  177.760998][ T5577]  <TASK>
[  177.762133][ T5577]  dump_stack_lvl+0x241/0x360
[  177.764008][ T5577]  ? __pfx_dump_stack_lvl+0x10/0x10
[  177.765990][ T5577]  ? __pfx__printk+0x10/0x10
[  177.767773][ T5577]  ? _printk+0xd5/0x120
[  177.769369][ T5577]  ? __virt_addr_valid+0x183/0x530
[  177.771321][ T5577]  ? __virt_addr_valid+0x183/0x530
[  177.773192][ T5577]  print_report+0x169/0x550
[  177.774885][ T5577]  ? __virt_addr_valid+0x183/0x530
[  177.776706][ T5577]  ? __virt_addr_valid+0x183/0x530
[  177.778470][ T5577]  ? __virt_addr_valid+0x45f/0x530
[  177.780329][ T5577]  ? __phys_addr+0xba/0x170
[  177.782100][ T5577]  ? bch2_dev_journal_init+0x764/0xa40
[  177.784038][ T5577]  kasan_report+0x143/0x180
[  177.785611][ T5577]  ? bch2_dev_journal_init+0x764/0xa40
[  177.787494][ T5577]  bch2_dev_journal_init+0x764/0xa40
[  177.789424][ T5577]  __bch2_dev_attach_bdev+0x217/0x340
[  177.791361][ T5577]  bch2_dev_attach_bdev+0x2a8/0x6f0
[  177.793099][ T5577]  ? __pfx_bch2_dev_attach_bdev+0x10/0x10
[  177.795299][ T5577]  ? down_write+0x18c/0x220
[  177.796891][ T5577]  ? __pfx_down_write+0x10/0x10
[  177.798927][ T5577]  ? bch2_fs_open+0x330/0xdf0
[  177.800642][ T5577]  bch2_fs_open+0x97c/0xdf0
[  177.802227][ T5577]  ? __pfx_bch2_fs_open+0x10/0x10
[  177.803959][ T5577]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  177.806129][ T5577]  ? __pfx_bch2_test_super+0x10/0x10
[  177.807987][ T5577]  ? sget+0x2b8/0x620
[  177.809366][ T5577]  ? __pfx_bch2_noset_super+0x10/0x10
[  177.811267][ T5577]  bch2_fs_get_tree+0x731/0x1700
[  177.813034][ T5577]  ? __pfx_bch2_fs_get_tree+0x10/0x10
[  177.815150][ T5577]  ? generic_parse_monolithic+0x387/0x400
[  177.817342][ T5577]  ? apparmor_capable+0x13b/0x1b0
[  177.819304][ T5577]  ? bpf_lsm_capable+0x9/0x10
[  177.821126][ T5577]  vfs_get_tree+0x90/0x2a0
[  177.822958][ T5577]  do_new_mount+0x2be/0xb40
[  177.824792][ T5577]  ? __pfx_do_new_mount+0x10/0x10
[  177.826723][ T5577]  __se_sys_mount+0x2d6/0x3c0
[  177.828522][ T5577]  ? __pfx___se_sys_mount+0x10/0x10
[  177.830486][ T5577]  ? do_syscall_64+0x100/0x230
[  177.832329][ T5577]  ? __x64_sys_mount+0x20/0xc0
[  177.834050][ T5577]  do_syscall_64+0xf3/0x230
[  177.835730][ T5577]  ? clear_bhb_loop+0x35/0x90
[  177.837496][ T5577]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.839659][ T5577] RIP: 0033:0x7fe33a17b0ba
[  177.841278][ T5577] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 7e 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  177.848237][ T5577] RSP: 002b:00007fe339bfee68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  177.851337][ T5577] RAX: ffffffffffffffda RBX: 00007fe339bfeef0 RCX: 00007fe33a17b0ba
[  177.854338][ T5577] RDX: 00000000200058c0 RSI: 0000000020005900 RDI: 00007fe339bfeeb0
[  177.857372][ T5577] RBP: 00000000200058c0 R08: 00007fe339bfeef0 R09: 0000000000000000
[  177.860475][ T5577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020005900
[  177.863538][ T5577] R13: 00007fe339bfeeb0 R14: 00000000000058ad R15: 0000000020005940
[  177.866561][ T5577]  </TASK>
[  177.867769][ T5577] 
[  177.868708][ T5577] Allocated by task 5577:
[  177.870379][ T5577]  kasan_save_track+0x3f/0x80
[  177.872191][ T5577]  __kasan_kmalloc+0x98/0xb0
[  177.874171][ T5577]  __kmalloc_noprof+0x1fc/0x400
[  177.876089][ T5577]  bch2_dev_journal_init+0x603/0xa40
[  177.878073][ T5577]  __bch2_dev_attach_bdev+0x217/0x340
[  177.880179][ T5577]  bch2_dev_attach_bdev+0x2a8/0x6f0
[  177.882210][ T5577]  bch2_fs_open+0x97c/0xdf0
[  177.883959][ T5577]  bch2_fs_get_tree+0x731/0x1700
[  177.885863][ T5577]  vfs_get_tree+0x90/0x2a0
[  177.887529][ T5577]  do_new_mount+0x2be/0xb40
[  177.889218][ T5577]  __se_sys_mount+0x2d6/0x3c0
[  177.890946][ T5577]  do_syscall_64+0xf3/0x230
[  177.892501][ T5577]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.894608][ T5577] 
[  177.895534][ T5577] The buggy address belongs to the object at ffff888011d03e80
[  177.895534][ T5577]  which belongs to the cache kmalloc-64 of size 64
[  177.900724][ T5577] The buggy address is located 0 bytes to the right of
[  177.900724][ T5577]  allocated 48-byte region [ffff888011d03e80, ffff888011d03eb0)
[  177.906446][ T5577] 
[  177.907575][ T5577] The buggy address belongs to the physical page:
[  177.910415][ T5577] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11d03
[  177.914136][ T5577] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  177.916906][ T5577] page_type: 0xfdffffff(slab)
[  177.918988][ T5577] raw: 00fff00000000000 ffff8880158418c0 ffffea0000789500 dead000000000002
[  177.922366][ T5577] raw: 0000000000000000 0000000080200020 00000001fdffffff 0000000000000000
[  177.926046][ T5577] page dumped because: kasan: bad access detected
[  177.928421][ T5577] page_owner tracks the page as allocated
[  177.930580][ T5577] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 4804, tgid 4804 (dhcpcd), ts 56130662227, free_ts 56111810071
[  177.937428][ T5577]  post_alloc_hook+0x1f3/0x230
[  177.939291][ T5577]  get_page_from_freelist+0x2e4c/0x2f10
[  177.941320][ T5577]  __alloc_pages_noprof+0x256/0x6c0
[  177.943278][ T5577]  alloc_slab_page+0x5f/0x120
[  177.945249][ T5577]  allocate_slab+0x5a/0x2f0
[  177.947220][ T5577]  ___slab_alloc+0xcd1/0x14b0
[  177.949283][ T5577]  __slab_alloc+0x58/0xa0
[  177.951214][ T5577]  __kmalloc_cache_noprof+0x1d5/0x2c0
[  177.953586][ T5577]  e1000e_setup_rx_resources+0x13b/0x4a0
[  177.955708][ T5577]  e1000e_open+0x1bd/0x9a0
[  177.957391][ T5577]  __dev_open+0x2d3/0x450
[  177.959019][ T5577]  __dev_change_flags+0x1e2/0x6f0
[  177.960970][ T5577]  dev_change_flags+0x8b/0x1a0
[  177.962811][ T5577]  devinet_ioctl+0xab8/0x1bc0
[  177.964632][ T5577]  inet_ioctl+0x3d7/0x4f0
[  177.966316][ T5577]  sock_do_ioctl+0x158/0x460
[  177.968063][ T5577] page last free pid 4886 tgid 4886 stack trace:
[  177.970386][ T5577]  free_unref_folios+0x103a/0x1b00
[  177.972552][ T5577]  folios_put_refs+0x76e/0x860
[  177.974403][ T5577]  free_pages_and_swap_cache+0x5c8/0x690
[  177.976520][ T5577]  tlb_flush_mmu+0x3a3/0x680
[  177.978270][ T5577]  tlb_finish_mmu+0xd4/0x200
[  177.980023][ T5577]  exit_mmap+0x44f/0xc80
[  177.981680][ T5577]  __mmput+0x115/0x390
[  177.983308][ T5577]  exec_mmap+0x680/0x710
[  177.984974][ T5577]  begin_new_exec+0x12c6/0x2050
[  177.986923][ T5577]  load_elf_binary+0x969/0x2680
[  177.988855][ T5577]  bprm_execve+0xaf8/0x1770
[  177.990614][ T5577]  do_execveat_common+0x55f/0x6f0
[  177.992509][ T5577]  __x64_sys_execve+0x92/0xb0
[  177.994256][ T5577]  do_syscall_64+0xf3/0x230
[  177.995997][ T5577]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.998266][ T5577] 
[  177.999218][ T5577] Memory state around the buggy address:
[  178.001375][ T5577]  ffff888011d03d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  178.004461][ T5577]  ffff888011d03e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  178.007565][ T5577] >ffff888011d03e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc
[  178.010646][ T5577]                                      ^
[  178.012909][ T5577]  ffff888011d03f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  178.016073][ T5577]  ffff888011d03f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc
[  178.019207][ T5577] ==================================================================
[  178.470408][ T5577] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  178.473031][ T5577] CPU: 0 UID: 0 PID: 5577 Comm: syz.0.15 Not tainted 6.11.0-rc3-syzkaller-00338-gc3f2d783a459-dirty #0
[  178.476976][ T5577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  178.480790][ T5577] Call Trace:
[  178.482137][ T5577]  <TASK>
[  178.483260][ T5577]  dump_stack_lvl+0x241/0x360
[  178.485042][ T5577]  ? __pfx_dump_stack_lvl+0x10/0x10
[  178.487005][ T5577]  ? __pfx__printk+0x10/0x10
[  178.488766][ T5577]  ? preempt_schedule+0xe1/0xf0
[  178.490648][ T5577]  ? vscnprintf+0x5d/0x90
[  178.492296][ T5577]  panic+0x349/0x860
[  178.493845][ T5577]  ? check_panic_on_warn+0x21/0xb0
[  178.495736][ T5577]  ? __pfx_panic+0x10/0x10
[  178.497343][ T5577]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  178.499484][ T5577]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  178.501692][ T5577]  ? print_report+0x502/0x550
[  178.503411][ T5577]  check_panic_on_warn+0x86/0xb0
[  178.505399][ T5577]  ? bch2_dev_journal_init+0x764/0xa40
[  178.507517][ T5577]  end_report+0x77/0x160
[  178.509174][ T5577]  kasan_report+0x154/0x180
[  178.510906][ T5577]  ? bch2_dev_journal_init+0x764/0xa40
[  178.513033][ T5577]  bch2_dev_journal_init+0x764/0xa40
[  178.515088][ T5577]  __bch2_dev_attach_bdev+0x217/0x340
[  178.517135][ T5577]  bch2_dev_attach_bdev+0x2a8/0x6f0
[  178.519102][ T5577]  ? __pfx_bch2_dev_attach_bdev+0x10/0x10
[  178.521291][ T5577]  ? down_write+0x18c/0x220
[  178.523090][ T5577]  ? __pfx_down_write+0x10/0x10
[  178.524973][ T5577]  ? bch2_fs_open+0x330/0xdf0
[  178.526800][ T5577]  bch2_fs_open+0x97c/0xdf0
[  178.528581][ T5577]  ? __pfx_bch2_fs_open+0x10/0x10
[  178.530525][ T5577]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  178.533019][ T5577]  ? __pfx_bch2_test_super+0x10/0x10
[  178.535085][ T5577]  ? sget+0x2b8/0x620
[  178.536639][ T5577]  ? __pfx_bch2_noset_super+0x10/0x10
[  178.538708][ T5577]  bch2_fs_get_tree+0x731/0x1700
[  178.540637][ T5577]  ? __pfx_bch2_fs_get_tree+0x10/0x10
[  178.542747][ T5577]  ? generic_parse_monolithic+0x387/0x400
[  178.544975][ T5577]  ? apparmor_capable+0x13b/0x1b0
[  178.546991][ T5577]  ? bpf_lsm_capable+0x9/0x10
[  178.548831][ T5577]  vfs_get_tree+0x90/0x2a0
[  178.550576][ T5577]  do_new_mount+0x2be/0xb40
[  178.552357][ T5577]  ? __pfx_do_new_mount+0x10/0x10
[  178.554301][ T5577]  __se_sys_mount+0x2d6/0x3c0
[  178.556013][ T5577]  ? __pfx___se_sys_mount+0x10/0x10
[  178.557847][ T5577]  ? do_syscall_64+0x100/0x230
[  178.559558][ T5577]  ? __x64_sys_mount+0x20/0xc0
[  178.561258][ T5577]  do_syscall_64+0xf3/0x230
[  178.562930][ T5577]  ? clear_bhb_loop+0x35/0x90
[  178.564679][ T5577]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.566900][ T5577] RIP: 0033:0x7fe33a17b0ba
[  178.568618][ T5577] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 7e 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.575920][ T5577] RSP: 002b:00007fe339bfee68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  178.579187][ T5577] RAX: ffffffffffffffda RBX: 00007fe339bfeef0 RCX: 00007fe33a17b0ba
[  178.582208][ T5577] RDX: 00000000200058c0 RSI: 0000000020005900 RDI: 00007fe339bfeeb0
[  178.585238][ T5577] RBP: 00000000200058c0 R08: 00007fe339bfeef0 R09: 0000000000000000
[  178.588288][ T5577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020005900
[  178.591374][ T5577] R13: 00007fe339bfeeb0 R14: 00000000000058ad R15: 0000000020005940
[  178.594447][ T5577]  </TASK>
[  178.595945][ T5577] Kernel Offset: disabled
[  178.597609][ T5577] Rebooting in 86400 seconds..