[  138.200464][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[  138.204078][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
Warning: Permanently added '[localhost]:62103' (ED25519) to the list of known hosts.
2025/06/13 18:57:34 ignoring optional flag "sandboxArg"="0"
2025/06/13 18:57:35 parsed 1 programs
[  147.580291][ T5632] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  153.081373][ T4678] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  153.087659][ T4678] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  153.093088][ T4678] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  153.097824][ T4678] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  153.102471][ T4678] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  153.703431][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  153.707098][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  153.744698][ T1035] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  153.748764][ T1035] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  155.068065][ T5694] chnl_net:caif_netlink_parms(): no params data found
[  155.136676][ T5694] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.140736][ T5694] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.144270][ T5694] bridge_slave_0: entered allmulticast mode
[  155.148361][ T5694] bridge_slave_0: entered promiscuous mode
[  155.154699][ T5694] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.158485][ T5694] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.162495][ T5694] bridge_slave_1: entered allmulticast mode
[  155.166362][ T5694] bridge_slave_1: entered promiscuous mode
[  155.192349][ T5694] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  155.200269][ T5694] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  155.242519][ T5694] team0: Port device team_slave_0 added
[  155.248186][ T5694] team0: Port device team_slave_1 added
[  155.271371][ T5694] batman_adv: batadv0: Adding interface: batadv_slave_0
[  155.275082][ T5694] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  155.287735][ T5694] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  155.295933][ T5694] batman_adv: batadv0: Adding interface: batadv_slave_1
[  155.299082][ T5694] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  155.312821][ T5694] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  155.351526][ T5694] hsr_slave_0: entered promiscuous mode
[  155.355536][ T5694] hsr_slave_1: entered promiscuous mode
[  156.057937][ T5694] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  156.082817][ T5694] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  156.101998][ T5694] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  156.109631][ T5694] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  156.282780][ T5694] 8021q: adding VLAN 0 to HW filter on device bond0
[  156.315084][ T5694] 8021q: adding VLAN 0 to HW filter on device team0
[  156.348554][ T1035] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.352389][ T1035] bridge0: port 1(bridge_slave_0) entered forwarding state
[  156.375739][ T1035] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.379531][ T1035] bridge0: port 2(bridge_slave_1) entered forwarding state
[  156.453831][ T5694] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  156.795382][ T5694] 8021q: adding VLAN 0 to HW filter on device batadv0
[  156.875335][ T5694] veth0_vlan: entered promiscuous mode
[  156.897768][ T5694] veth1_vlan: entered promiscuous mode
[  156.960691][ T5694] veth0_macvtap: entered promiscuous mode
[  156.981410][ T5694] veth1_macvtap: entered promiscuous mode
[  157.013907][ T5694] batman_adv: batadv0: Interface activated: batadv_slave_0
[  157.033622][ T5694] batman_adv: batadv0: Interface activated: batadv_slave_1
[  157.058730][ T5694] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  157.067824][ T5694] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  157.075621][ T5694] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  157.082276][ T5694] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  157.443379][ T1035] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.566858][ T1035] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.683573][ T1035] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.393013][ T1035] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.952563][ T1035] bridge_slave_1: left allmulticast mode
[  159.966040][ T1035] bridge_slave_1: left promiscuous mode
[  159.969464][ T1035] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.018176][ T1035] bridge_slave_0: left allmulticast mode
[  160.027309][ T1035] bridge_slave_0: left promiscuous mode
[  160.040108][ T1035] bridge0: port 1(bridge_slave_0) entered disabled state
2025/06/13 18:57:53 executed programs: 0
[  160.616144][ T5374] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  160.621479][ T5374] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  160.625853][ T5374] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  160.631583][ T5374] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  160.635369][ T5374] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  160.806347][ T1035] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  160.812964][ T1035] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  160.830907][ T1035] bond0 (unregistering): Released all slaves
[  160.998048][ T1035] hsr_slave_0: left promiscuous mode
[  161.021111][ T1035] hsr_slave_1: left promiscuous mode
[  161.031357][ T1035] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  161.034940][ T1035] batman_adv: batadv0: Removing interface: batadv_slave_0
[  161.061537][ T1035] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  161.064956][ T1035] batman_adv: batadv0: Removing interface: batadv_slave_1
[  161.105354][ T1035] veth1_macvtap: left promiscuous mode
[  161.108191][ T1035] veth0_macvtap: left promiscuous mode
[  161.130784][ T1035] veth1_vlan: left promiscuous mode
[  161.133594][ T1035] veth0_vlan: left promiscuous mode
[  161.875825][ T1035] team0 (unregistering): Port device team_slave_1 removed
[  161.918728][ T1035] team0 (unregistering): Port device team_slave_0 removed
[  162.649528][ T5790] chnl_net:caif_netlink_parms(): no params data found
[  162.675855][ T5374] Bluetooth: hci0: command tx timeout
[  163.154716][ T5790] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.169753][ T5790] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.182860][ T5790] bridge_slave_0: entered allmulticast mode
[  163.201364][ T5790] bridge_slave_0: entered promiscuous mode
[  163.211654][ T5790] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.215145][ T5790] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.218436][ T5790] bridge_slave_1: entered allmulticast mode
[  163.265372][ T5790] bridge_slave_1: entered promiscuous mode
[  163.397327][ T5790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  163.435408][ T5790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  163.523726][ T5790] team0: Port device team_slave_0 added
[  163.544971][ T5790] team0: Port device team_slave_1 added
[  163.622139][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_0
[  163.625389][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  163.655905][ T5790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  163.683125][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_1
[  163.687247][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  163.722160][ T5790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  163.782799][ T5790] hsr_slave_0: entered promiscuous mode
[  163.795135][ T5790] hsr_slave_1: entered promiscuous mode
[  164.366211][ T5790] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  164.383494][ T5790] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  164.396454][ T5790] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  164.413473][ T5790] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  164.601421][ T5790] 8021q: adding VLAN 0 to HW filter on device bond0
[  164.642424][ T5790] 8021q: adding VLAN 0 to HW filter on device team0
[  164.652712][ T1035] bridge0: port 1(bridge_slave_0) entered blocking state
[  164.656640][ T1035] bridge0: port 1(bridge_slave_0) entered forwarding state
[  164.683623][ T1035] bridge0: port 2(bridge_slave_1) entered blocking state
[  164.687422][ T1035] bridge0: port 2(bridge_slave_1) entered forwarding state
[  164.752294][ T5374] Bluetooth: hci0: command tx timeout
[  165.083987][ T5790] 8021q: adding VLAN 0 to HW filter on device batadv0
[  165.164825][ T5790] veth0_vlan: entered promiscuous mode
[  165.185269][ T5790] veth1_vlan: entered promiscuous mode
[  165.265242][ T5790] veth0_macvtap: entered promiscuous mode
[  165.292436][ T5790] veth1_macvtap: entered promiscuous mode
[  165.321222][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_0
[  165.342208][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_1
[  165.363591][ T5790] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  165.367651][ T5790] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  165.380579][ T5790] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  165.384441][ T5790] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  165.545078][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  165.548616][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  165.607817][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  165.614529][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/06/13 18:57:58 executed programs: 2
[  166.195830][ T5868] loop0: detected capacity change from 0 to 32768
[  166.222944][ T5868] =======================================================
[  166.222944][ T5868] WARNING: The mand mount option has been deprecated and
[  166.222944][ T5868]          and is ignored by this kernel. Remove the mand
[  166.222944][ T5868]          option from the mount to silence this warning.
[  166.222944][ T5868] =======================================================
[  166.345457][ T5868] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  166.402563][ T5790] ==================================================================
[  166.406152][ T5790] BUG: KASAN: slab-use-after-free in __ocfs2_flush_truncate_log+0x7c7/0x10e0
[  166.410382][ T5790] Read of size 4 at addr ffff8880360d0ac0 by task syz-executor/5790
[  166.416271][ T5790] 
[  166.417557][ T5790] CPU: 0 UID: 0 PID: 5790 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-g02adc1490e6d #0 PREEMPT(full) 
[  166.417572][ T5790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  166.417579][ T5790] Call Trace:
[  166.417587][ T5790]  <TASK>
[  166.417593][ T5790]  dump_stack_lvl+0x189/0x250
[  166.417616][ T5790]  ? __virt_addr_valid+0x1c8/0x5c0
[  166.417659][ T5790]  ? rcu_is_watching+0x15/0xb0
[  166.417676][ T5790]  ? __kasan_check_byte+0x12/0x40
[  166.417708][ T5790]  ? __pfx_dump_stack_lvl+0x10/0x10
[  166.417722][ T5790]  ? rcu_is_watching+0x15/0xb0
[  166.417736][ T5790]  ? lock_release+0x4b/0x3e0
[  166.417752][ T5790]  ? __virt_addr_valid+0x1c8/0x5c0
[  166.417761][ T5790]  ? __virt_addr_valid+0x4a5/0x5c0
[  166.417771][ T5790]  print_report+0xd2/0x2b0
[  166.417785][ T5790]  ? __ocfs2_flush_truncate_log+0x7c7/0x10e0
[  166.417800][ T5790]  kasan_report+0x118/0x150
[  166.417811][ T5790]  ? __ocfs2_flush_truncate_log+0x7c7/0x10e0
[  166.417826][ T5790]  __ocfs2_flush_truncate_log+0x7c7/0x10e0
[  166.417842][ T5790]  ? __pfx___ocfs2_flush_truncate_log+0x10/0x10
[  166.417854][ T5790]  ? ocfs2_flush_truncate_log+0x47/0x70
[  166.417869][ T5790]  ? __lock_acquire+0xab9/0xd20
[  166.417884][ T5790]  ? down_write+0x162/0x1f0
[  166.417942][ T5790]  ? __pfx_down_write+0x10/0x10
[  166.417954][ T5790]  ocfs2_flush_truncate_log+0x4f/0x70
[  166.417966][ T5790]  ocfs2_sync_fs+0x116/0x310
[  166.417977][ T5790]  ? __pfx_ocfs2_sync_fs+0x10/0x10
[  166.417987][ T5790]  ? __pfx___writeback_inodes_sb_nr+0x10/0x10
[  166.418017][ T5790]  ? __dentry_kill+0x53d/0x660
[  166.418030][ T5790]  ? get_nr_dirty_inodes+0x1c4/0x210
[  166.418042][ T5790]  sync_filesystem+0x1cc/0x230
[  166.418056][ T5790]  generic_shutdown_super+0x6f/0x2c0
[  166.418070][ T5790]  kill_block_super+0x44/0x90
[  166.418081][ T5790]  deactivate_locked_super+0xb9/0x130
[  166.418095][ T5790]  cleanup_mnt+0x425/0x4c0
[  166.418110][ T5790]  ? lockdep_hardirqs_on+0x9c/0x150
[  166.418125][ T5790]  task_work_run+0x1d1/0x260
[  166.418138][ T5790]  ? __pfx_task_work_run+0x10/0x10
[  166.418150][ T5790]  ? __x64_sys_umount+0x122/0x160
[  166.418161][ T5790]  ? exit_to_user_mode_loop+0x40/0x110
[  166.418176][ T5790]  exit_to_user_mode_loop+0xec/0x110
[  166.418190][ T5790]  do_syscall_64+0x2bd/0x3b0
[  166.418205][ T5790]  ? lockdep_hardirqs_on+0x9c/0x150
[  166.418218][ T5790]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.418228][ T5790]  ? clear_bhb_loop+0x60/0xb0
[  166.418240][ T5790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.418250][ T5790] RIP: 0033:0x7f4ff1b87057
[  166.418262][ T5790] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  166.418271][ T5790] RSP: 002b:00007ffccdd5d8a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  166.418283][ T5790] RAX: 0000000000000000 RBX: 00007f4ff1c01894 RCX: 00007f4ff1b87057
[  166.418290][ T5790] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffccdd5d960
[  166.418295][ T5790] RBP: 00007ffccdd5d960 R08: 0000000000000000 R09: 0000000000000000
[  166.418301][ T5790] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffccdd5e9e0
[  166.418309][ T5790] R13: 00007f4ff1c01894 R14: 00007ffccdd5ea20 R15: 0000000000000001
[  166.418320][ T5790]  </TASK>
[  166.418324][ T5790] 
[  166.568877][ T5790] Allocated by task 5790:
[  166.571146][ T5790]  kasan_save_track+0x3e/0x80
[  166.573889][ T5790]  __kasan_kmalloc+0x93/0xb0
[  166.576138][ T5790]  __kmalloc_noprof+0x27a/0x4f0
[  166.578224][ T5790]  tomoyo_realpath_from_path+0xe3/0x5d0
[  166.580815][ T5790]  tomoyo_check_open_permission+0x1c1/0x3b0
[  166.583716][ T5790]  security_file_open+0xb1/0x270
[  166.586243][ T5790]  do_dentry_open+0x35e/0x1970
[  166.588579][ T5790]  vfs_open+0x3b/0x340
[  166.590499][ T5790]  path_openat+0x2ee5/0x3830
[  166.592579][ T5790]  do_filp_open+0x1fa/0x410
[  166.594821][ T5790]  do_sys_openat2+0x121/0x1c0
[  166.597286][ T5790]  __x64_sys_openat+0x138/0x170
[  166.600072][ T5790]  do_syscall_64+0xfa/0x3b0
[  166.602228][ T5790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.604790][ T5790] 
[  166.606042][ T5790] Freed by task 5790:
[  166.607829][ T5790]  kasan_save_track+0x3e/0x80
[  166.609926][ T5790]  kasan_save_free_info+0x46/0x50
[  166.612192][ T5790]  __kasan_slab_free+0x62/0x70
[  166.614187][ T5790]  kfree+0x18e/0x440
[  166.616007][ T5790]  tomoyo_realpath_from_path+0x598/0x5d0
[  166.618560][ T5790]  tomoyo_check_open_permission+0x1c1/0x3b0
[  166.621197][ T5790]  security_file_open+0xb1/0x270
[  166.623403][ T5790]  do_dentry_open+0x35e/0x1970
[  166.625565][ T5790]  vfs_open+0x3b/0x340
[  166.627376][ T5790]  path_openat+0x2ee5/0x3830
[  166.629418][ T5790]  do_filp_open+0x1fa/0x410
[  166.631493][ T5790]  do_sys_openat2+0x121/0x1c0
[  166.633591][ T5790]  __x64_sys_openat+0x138/0x170
[  166.635886][ T5790]  do_syscall_64+0xfa/0x3b0
[  166.637874][ T5790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.640554][ T5790] 
[  166.641634][ T5790] The buggy address belongs to the object at ffff8880360d0000
[  166.641634][ T5790]  which belongs to the cache kmalloc-4k of size 4096
[  166.647622][ T5790] The buggy address is located 2752 bytes inside of
[  166.647622][ T5790]  freed 4096-byte region [ffff8880360d0000, ffff8880360d1000)
[  166.653591][ T5790] 
[  166.654705][ T5790] The buggy address belongs to the physical page:
[  166.657511][ T5790] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x360d0
[  166.661689][ T5790] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  166.665607][ T5790] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  166.668957][ T5790] page_type: f5(slab)
[  166.670765][ T5790] raw: 04fff00000000040 ffff88801a442140 dead000000000100 dead000000000122
[  166.674945][ T5790] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  166.679006][ T5790] head: 04fff00000000040 ffff88801a442140 dead000000000100 dead000000000122
[  166.682761][ T5790] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  166.687054][ T5790] head: 04fff00000000003 ffffea0000d83401 00000000ffffffff 00000000ffffffff
[  166.691100][ T5790] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  166.694817][ T5790] page dumped because: kasan: bad access detected
[  166.697987][ T5790] page_owner tracks the page as allocated
[  166.700934][ T5790] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 24586745576, free_ts 24480734853
[  166.710105][ T5790]  post_alloc_hook+0x240/0x2a0
[  166.712789][ T5790]  get_page_from_freelist+0x21e4/0x22c0
[  166.715550][ T5790]  __alloc_frozen_pages_noprof+0x181/0x370
[  166.718162][ T5790]  alloc_pages_mpol+0x232/0x4a0
[  166.720583][ T5790]  allocate_slab+0x8a/0x3b0
[  166.722901][ T5790]  ___slab_alloc+0xbfc/0x1480
[  166.725279][ T5790]  __kmalloc_cache_noprof+0x296/0x3d0
[  166.727964][ T5790]  kobject_uevent_env+0x27c/0x8c0
[  166.730173][ T5790]  device_add+0x557/0xb50
[  166.732177][ T5790]  __video_register_device+0x3c1b/0x4ae0
[  166.734906][ T5790]  vivid_create_devnodes+0x2157/0x2bf0
[  166.738064][ T5790]  vivid_probe+0x5035/0x7180
[  166.740240][ T5790]  platform_probe+0x148/0x1d0
[  166.742201][ T5790]  really_probe+0x26a/0x9a0
[  166.744153][ T5790]  __driver_probe_device+0x18c/0x2f0
[  166.746848][ T5790]  driver_probe_device+0x4f/0x430
[  166.749560][ T5790] page last free pid 1 tgid 1 stack trace:
[  166.752584][ T5790]  __free_frozen_pages+0xc71/0xe70
[  166.754920][ T5790]  __put_partials+0x161/0x1c0
[  166.757128][ T5790]  put_cpu_partial+0x17c/0x250
[  166.759338][ T5790]  __slab_free+0x2f7/0x400
[  166.761307][ T5790]  qlist_free_all+0x97/0x140
[  166.763431][ T5790]  kasan_quarantine_reduce+0x148/0x160
[  166.765874][ T5790]  __kasan_slab_alloc+0x22/0x80
[  166.768098][ T5790]  __kmalloc_node_noprof+0x21b/0x4e0
[  166.770459][ T5790]  __vmalloc_node_range_noprof+0x5a9/0x12f0
[  166.773150][ T5790]  vzalloc_noprof+0xb2/0xf0
[  166.775786][ T5790]  tpg_alloc+0x69/0x870
[  166.777747][ T5790]  vivid_probe+0x1b11/0x7180
[  166.779799][ T5790]  platform_probe+0x148/0x1d0
[  166.781882][ T5790]  really_probe+0x26a/0x9a0
[  166.783938][ T5790]  __driver_probe_device+0x18c/0x2f0
[  166.786402][ T5790]  driver_probe_device+0x4f/0x430
[  166.789037][ T5790] 
[  166.790206][ T5790] Memory state around the buggy address:
[  166.792694][ T5790]  ffff8880360d0980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  166.796249][ T5790]  ffff8880360d0a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  166.800234][ T5790] >ffff8880360d0a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  166.804354][ T5790]                                            ^
[  166.807180][ T5790]  ffff8880360d0b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  166.810726][ T5790]  ffff8880360d0b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  166.814189][ T5790] ==================================================================
[  166.870305][ T5374] Bluetooth: hci0: command tx timeout
[  167.002848][ T5790] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  167.006707][ T5790] CPU: 0 UID: 0 PID: 5790 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-g02adc1490e6d #0 PREEMPT(full) 
[  167.011851][ T5790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  167.017251][ T5790] Call Trace:
[  167.018928][ T5790]  <TASK>
[  167.020457][ T5790]  dump_stack_lvl+0x99/0x250
[  167.022604][ T5790]  ? __asan_memcpy+0x40/0x70
[  167.024718][ T5790]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.027527][ T5790]  ? __pfx__printk+0x10/0x10
[  167.029973][ T5790]  panic+0x2db/0x790
[  167.031856][ T5790]  ? __pfx_panic+0x10/0x10
[  167.033826][ T5790]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  167.036474][ T5790]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  167.039418][ T5790]  ? print_memory_metadata+0x314/0x400
[  167.042443][ T5790]  ? __ocfs2_flush_truncate_log+0x7c7/0x10e0
[  167.045571][ T5790]  check_panic_on_warn+0x89/0xb0
[  167.048042][ T5790]  ? __ocfs2_flush_truncate_log+0x7c7/0x10e0
[  167.050807][ T5790]  end_report+0x78/0x160
[  167.052787][ T5790]  kasan_report+0x129/0x150
[  167.054918][ T5790]  ? __ocfs2_flush_truncate_log+0x7c7/0x10e0
[  167.057516][ T5790]  __ocfs2_flush_truncate_log+0x7c7/0x10e0
[  167.060589][ T5790]  ? __pfx___ocfs2_flush_truncate_log+0x10/0x10
[  167.063488][ T5790]  ? ocfs2_flush_truncate_log+0x47/0x70
[  167.066029][ T5790]  ? __lock_acquire+0xab9/0xd20
[  167.068288][ T5790]  ? down_write+0x162/0x1f0
[  167.070622][ T5790]  ? __pfx_down_write+0x10/0x10
[  167.073212][ T5790]  ocfs2_flush_truncate_log+0x4f/0x70
[  167.075999][ T5790]  ocfs2_sync_fs+0x116/0x310
[  167.078077][ T5790]  ? __pfx_ocfs2_sync_fs+0x10/0x10
[  167.080355][ T5790]  ? __pfx___writeback_inodes_sb_nr+0x10/0x10
[  167.083211][ T5790]  ? __dentry_kill+0x53d/0x660
[  167.085771][ T5790]  ? get_nr_dirty_inodes+0x1c4/0x210
[  167.088605][ T5790]  sync_filesystem+0x1cc/0x230
[  167.090772][ T5790]  generic_shutdown_super+0x6f/0x2c0
[  167.093096][ T5790]  kill_block_super+0x44/0x90
[  167.095355][ T5790]  deactivate_locked_super+0xb9/0x130
[  167.097959][ T5790]  cleanup_mnt+0x425/0x4c0
[  167.100445][ T5790]  ? lockdep_hardirqs_on+0x9c/0x150
[  167.103007][ T5790]  task_work_run+0x1d1/0x260
[  167.105085][ T5790]  ? __pfx_task_work_run+0x10/0x10
[  167.107378][ T5790]  ? __x64_sys_umount+0x122/0x160
[  167.109653][ T5790]  ? exit_to_user_mode_loop+0x40/0x110
[  167.112189][ T5790]  exit_to_user_mode_loop+0xec/0x110
[  167.114956][ T5790]  do_syscall_64+0x2bd/0x3b0
[  167.117381][ T5790]  ? lockdep_hardirqs_on+0x9c/0x150
[  167.119693][ T5790]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.122373][ T5790]  ? clear_bhb_loop+0x60/0xb0
[  167.124636][ T5790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.127743][ T5790] RIP: 0033:0x7f4ff1b87057
[  167.129920][ T5790] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  167.138391][ T5790] RSP: 002b:00007ffccdd5d8a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  167.142003][ T5790] RAX: 0000000000000000 RBX: 00007f4ff1c01894 RCX: 00007f4ff1b87057
[  167.145514][ T5790] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffccdd5d960
[  167.149045][ T5790] RBP: 00007ffccdd5d960 R08: 0000000000000000 R09: 0000000000000000
[  167.152603][ T5790] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffccdd5e9e0
[  167.156218][ T5790] R13: 00007f4ff1c01894 R14: 00007ffccdd5ea20 R15: 0000000000000001
[  167.159732][ T5790]  </TASK>
[  167.161484][ T5790] Kernel Offset: disabled
[  167.163432][ T5790] Rebooting in 86400 seconds..