Warning: Permanently added '[localhost]:37171' (ED25519) to the list of known hosts.
2025/05/17 15:54:57 ignoring optional flag "sandboxArg"="0"
2025/05/17 15:54:57 ignoring optional flag "type"="qemu"
2025/05/17 15:54:57 parsed 1 programs
[  125.692882][ T5655] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  130.717244][ T5708] chnl_net:caif_netlink_parms(): no params data found
[  130.777655][ T5708] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.780758][ T5708] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.784364][ T5708] bridge_slave_0: entered allmulticast mode
[  130.788094][ T5708] bridge_slave_0: entered promiscuous mode
[  130.792865][ T5708] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.795996][ T5708] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.799233][ T5708] bridge_slave_1: entered allmulticast mode
[  130.804868][ T5708] bridge_slave_1: entered promiscuous mode
[  130.826834][ T5708] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  130.836253][ T5708] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  130.860519][ T5708] team0: Port device team_slave_0 added
[  130.866303][ T5708] team0: Port device team_slave_1 added
[  130.885326][ T5708] batman_adv: batadv0: Adding interface: batadv_slave_0
[  130.888296][ T5708] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.899353][ T5708] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  130.905815][ T5708] batman_adv: batadv0: Adding interface: batadv_slave_1
[  130.908762][ T5708] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.920779][ T5708] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  130.955067][ T5708] hsr_slave_0: entered promiscuous mode
[  130.958412][ T5708] hsr_slave_1: entered promiscuous mode
[  131.583315][ T5708] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  131.597202][ T5708] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  131.609720][ T5708] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  131.625436][ T5708] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  131.763349][ T5708] 8021q: adding VLAN 0 to HW filter on device bond0
[  131.796000][ T5708] 8021q: adding VLAN 0 to HW filter on device team0
[  131.814254][ T1041] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.817858][ T1041] bridge0: port 1(bridge_slave_0) entered forwarding state
[  131.840823][ T1033] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.844271][ T1033] bridge0: port 2(bridge_slave_1) entered forwarding state
[  132.173302][ T5708] 8021q: adding VLAN 0 to HW filter on device batadv0
[  132.238311][ T5708] veth0_vlan: entered promiscuous mode
[  132.257084][ T5708] veth1_vlan: entered promiscuous mode
[  132.305769][ T5708] veth0_macvtap: entered promiscuous mode
[  132.323245][ T5708] veth1_macvtap: entered promiscuous mode
[  132.350996][ T5708] batman_adv: batadv0: Interface activated: batadv_slave_0
[  132.373764][ T5708] batman_adv: batadv0: Interface activated: batadv_slave_1
[  132.378545][ T5708] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  132.392416][ T5708] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  132.396145][ T5708] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  132.399947][ T5708] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  132.587413][   T49] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  132.590927][   T49] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  132.595956][   T49] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  132.600028][   T49] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  132.604080][   T49] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  132.639223][ T1041] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.719803][ T1041] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.809779][ T1041] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.894031][ T1041] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.776932][ T1033] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  133.780459][ T1033] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  133.848541][ T1033] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  133.853239][ T1033] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/05/17 15:55:10 executed programs: 0
[  134.216535][   T49] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  134.221015][   T49] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  134.228362][   T49] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  134.235538][   T49] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  134.239860][   T49] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  134.567511][ T5790] chnl_net:caif_netlink_parms(): no params data found
[  134.775582][ T5790] bridge0: port 1(bridge_slave_0) entered blocking state
[  134.778718][ T5790] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.792852][ T5790] bridge_slave_0: entered allmulticast mode
[  134.801931][ T5790] bridge_slave_0: entered promiscuous mode
[  134.814357][ T1041] bridge_slave_1: left allmulticast mode
[  134.816897][ T1041] bridge_slave_1: left promiscuous mode
[  134.819441][ T1041] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.833181][ T1041] bridge_slave_0: left allmulticast mode
[  134.835549][ T1041] bridge_slave_0: left promiscuous mode
[  134.838048][ T1041] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.119607][ T1041] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  135.125954][ T1041] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  135.130881][ T1041] bond0 (unregistering): Released all slaves
[  135.140863][ T5790] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.144778][ T5790] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.147907][ T5790] bridge_slave_1: entered allmulticast mode
[  135.166022][ T5790] bridge_slave_1: entered promiscuous mode
[  135.194456][ T1041] hsr_slave_0: left promiscuous mode
[  135.200311][ T1041] hsr_slave_1: left promiscuous mode
[  135.204634][ T1041] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  135.208688][ T1041] batman_adv: batadv0: Removing interface: batadv_slave_0
[  135.215203][ T1041] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  135.218442][ T1041] batman_adv: batadv0: Removing interface: batadv_slave_1
[  135.228358][ T1041] veth1_macvtap: left promiscuous mode
[  135.230734][ T1041] veth0_macvtap: left promiscuous mode
[  135.235082][ T1041] veth1_vlan: left promiscuous mode
[  135.237407][ T1041] veth0_vlan: left promiscuous mode
[  135.494448][ T1041] team0 (unregistering): Port device team_slave_1 removed
[  135.519467][ T1041] team0 (unregistering): Port device team_slave_0 removed
[  135.806891][ T5790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  135.829603][ T5790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  135.942269][ T5790] team0: Port device team_slave_0 added
[  135.952908][ T5790] team0: Port device team_slave_1 added
[  136.004001][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_0
[  136.007051][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  136.040596][ T5790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  136.058490][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_1
[  136.071986][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  136.100989][ T5790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  136.311208][   T49] Bluetooth: hci0: command tx timeout
[  136.427224][ T5790] hsr_slave_0: entered promiscuous mode
[  136.455285][ T5790] hsr_slave_1: entered promiscuous mode
[  137.144343][ T5790] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  137.162955][ T5790] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  137.174961][ T5790] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  137.186858][ T5790] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  137.320148][ T5790] 8021q: adding VLAN 0 to HW filter on device bond0
[  137.353391][ T5790] 8021q: adding VLAN 0 to HW filter on device team0
[  137.377828][ T1041] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.381772][ T1041] bridge0: port 1(bridge_slave_0) entered forwarding state
[  137.413362][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.416369][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.708790][ T5790] 8021q: adding VLAN 0 to HW filter on device batadv0
[  137.775478][ T5790] veth0_vlan: entered promiscuous mode
[  137.804761][ T5790] veth1_vlan: entered promiscuous mode
[  137.847793][ T5790] veth0_macvtap: entered promiscuous mode
[  137.874518][ T5790] veth1_macvtap: entered promiscuous mode
[  137.908330][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_0
[  137.922810][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  137.925649][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  137.939138][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_1
[  137.956507][ T5790] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  137.972348][ T5790] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  137.976144][ T5790] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  137.980127][ T5790] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  138.114984][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  138.118493][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  138.178746][ T1041] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  138.185488][ T1041] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  138.391307][   T49] Bluetooth: hci0: command tx timeout
[  138.646486][ T5849] loop0: detected capacity change from 0 to 32768
[  138.675721][ T5849] =======================================================
[  138.675721][ T5849] WARNING: The mand mount option has been deprecated and
[  138.675721][ T5849]          and is ignored by this kernel. Remove the mand
[  138.675721][ T5849]          option from the mount to silence this warning.
[  138.675721][ T5849] =======================================================
[  138.802964][ T5849] JBD2: Ignoring recovery information on journal
[  138.859194][ T5849] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  138.898695][   T25] audit: type=1804 audit(1747497315.317:2): pid=5849 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.15" name="/newroot/0/file1/bus" dev="loop0" ino=17058 res=1 errno=0
[  138.922206][ T5849] ==================================================================
[  138.925666][ T5849] BUG: KASAN: use-after-free in ocfs2_claim_suballoc_bits+0x8b2/0x2450
[  138.929313][ T5849] Read of size 4 at addr ffff88805663b000 by task syz.0.15/5849
[  138.933535][ T5849] 
[  138.934617][ T5849] CPU: 0 UID: 0 PID: 5849 Comm: syz.0.15 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(full) 
[  138.934632][ T5849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  138.934639][ T5849] Call Trace:
[  138.934645][ T5849]  <TASK>
[  138.934650][ T5849]  dump_stack_lvl+0x189/0x250
[  138.934669][ T5849]  ? __virt_addr_valid+0x18c/0x540
[  138.934683][ T5849]  ? rcu_is_watching+0x15/0xb0
[  138.934692][ T5849]  ? __kasan_check_byte+0x12/0x40
[  138.934706][ T5849]  ? __pfx_dump_stack_lvl+0x10/0x10
[  138.934721][ T5849]  ? rcu_is_watching+0x15/0xb0
[  138.934730][ T5849]  ? lock_release+0x4b/0x3e0
[  138.934745][ T5849]  ? __virt_addr_valid+0x18c/0x540
[  138.934758][ T5849]  ? __virt_addr_valid+0x469/0x540
[  138.934772][ T5849]  print_report+0xb4/0x290
[  138.934786][ T5849]  ? ocfs2_claim_suballoc_bits+0x8b2/0x2450
[  138.934802][ T5849]  kasan_report+0x118/0x150
[  138.934816][ T5849]  ? ocfs2_claim_suballoc_bits+0x8b2/0x2450
[  138.934828][ T5849]  ocfs2_claim_suballoc_bits+0x8b2/0x2450
[  138.934846][ T5849]  ? __pfx_ocfs2_claim_suballoc_bits+0x10/0x10
[  138.934857][ T5849]  ? __ocfs2_journal_access+0x621/0x820
[  138.934873][ T5849]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  138.934940][ T5849]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  138.934953][ T5849]  ? jbd2_write_access_granted+0x69/0x310
[  138.934965][ T5849]  ? jbd2_write_access_granted+0x69/0x310
[  138.934978][ T5849]  ocfs2_claim_metadata+0x178/0x4c0
[  138.934994][ T5849]  ? __pfx_ocfs2_claim_metadata+0x10/0x10
[  138.935009][ T5849]  ? __pfx_ocfs2_start_trans+0x10/0x10
[  138.935025][ T5849]  ? ocfs2_metadata_cache_get_super+0x43/0x80
[  138.935040][ T5849]  ? ocfs2_inode_cache_get_super+0xd/0x40
[  138.935054][ T5849]  ocfs2_create_refcount_tree+0x54f/0x1250
[  138.935073][ T5849]  ? __pfx_ocfs2_create_refcount_tree+0x10/0x10
[  138.935085][ T5849]  ? find_get_entries+0x688/0x7f0
[  138.935094][ T5849]  ? find_get_entries+0xfe/0x7f0
[  138.935101][ T5849]  ? __pfx_find_get_entries+0x10/0x10
[  138.935108][ T5849]  ? __filemap_get_folio+0x9a6/0xaf0
[  138.935115][ T5849]  ? seqcount_lockdep_reader_access+0x123/0x1c0
[  138.935124][ T5849]  ocfs2_reflink_remap_blocks+0x2ea/0x1930
[  138.935136][ T5849]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  138.935145][ T5849]  ? __pfx_ocfs2_reflink_remap_blocks+0x10/0x10
[  138.935160][ T5849]  ? __lock_acquire+0xaac/0xd20
[  138.935172][ T5849]  ? down_write+0x162/0x1f0
[  138.935182][ T5849]  ? __pfx_down_write+0x10/0x10
[  138.935192][ T5849]  ? generic_remap_file_range_prep+0x3e/0x60
[  138.935200][ T5849]  ocfs2_remap_file_range+0x4b7/0x730
[  138.935210][ T5849]  ? __pfx_ocfs2_remap_file_range+0x10/0x10
[  138.935218][ T5849]  ? rcu_read_lock_any_held+0xb3/0x120
[  138.935225][ T5849]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  138.935233][ T5849]  ? __pfx_ocfs2_remap_file_range+0x10/0x10
[  138.935241][ T5849]  vfs_copy_file_range+0xd53/0x1310
[  138.935253][ T5849]  ? __pfx_vfs_copy_file_range+0x10/0x10
[  138.935265][ T5849]  __se_sys_copy_file_range+0x319/0x460
[  138.935275][ T5849]  ? __pfx___se_sys_copy_file_range+0x10/0x10
[  138.935286][ T5849]  ? __x64_sys_copy_file_range+0x21/0xf0
[  138.935296][ T5849]  do_syscall_64+0xf6/0x210
[  138.935306][ T5849]  ? clear_bhb_loop+0x60/0xb0
[  138.935316][ T5849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.935327][ T5849] RIP: 0033:0x7fc48d579e79
[  138.935339][ T5849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.935348][ T5849] RSP: 002b:00007fc48e289038 EFLAGS: 00000246 ORIG_RAX: 0000000000000146
[  138.935360][ T5849] RAX: ffffffffffffffda RBX: 00007fc48d715f80 RCX: 00007fc48d579e79
[  138.935365][ T5849] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000006
[  138.935369][ T5849] RBP: 00007fc48d5e7916 R08: 0000000000000006 R09: 0000000000000000
[  138.935374][ T5849] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000
[  138.935378][ T5849] R13: 0000000000000000 R14: 00007fc48d715f80 R15: 00007fff5e2f2e78
[  138.935389][ T5849]  </TASK>
[  138.935393][ T5849] 
[  139.104125][ T5849] The buggy address belongs to the physical page:
[  139.106891][ T5849] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x5f pfn:0x5663b
[  139.110488][ T5849] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  139.113433][ T5849] raw: 04fff00000000000 ffffea0001599008 ffffea00015990c8 0000000000000000
[  139.117036][ T5849] raw: 000000000000005f 0000000000000000 00000000ffffffff 0000000000000000
[  139.120601][ T5849] page dumped because: kasan: bad access detected
[  139.123279][ T5849] page_owner tracks the page as freed
[  139.125554][ T5849] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 5857, tgid 5857 (rm), ts 138838352422, free_ts 138849693670
[  139.132691][ T5849]  post_alloc_hook+0x1d8/0x230
[  139.134818][ T5849]  get_page_from_freelist+0x21ce/0x22b0
[  139.137327][ T5849]  __alloc_frozen_pages_noprof+0x181/0x370
[  139.139866][ T5849]  alloc_pages_mpol+0x232/0x4a0
[  139.141861][ T5849]  vma_alloc_folio_noprof+0xe4/0x200
[  139.144079][ T5849]  folio_prealloc+0x30/0x180
[  139.145949][ T5849]  do_wp_page+0x123a/0x5760
[  139.147825][ T5849]  __handle_mm_fault+0x1028/0x5380
[  139.150071][ T5849]  handle_mm_fault+0x3f6/0x8c0
[  139.152200][ T5849]  do_user_addr_fault+0xa81/0x1390
[  139.154298][ T5849]  exc_page_fault+0x68/0x110
[  139.156217][ T5849]  asm_exc_page_fault+0x26/0x30
[  139.158332][ T5849] page last free pid 5857 tgid 5857 stack trace:
[  139.160975][ T5849]  free_unref_folios+0xb81/0x14a0
[  139.163211][ T5849]  folios_put_refs+0x559/0x640
[  139.165279][ T5849]  free_pages_and_swap_cache+0x277/0x520
[  139.167758][ T5849]  tlb_flush_mmu+0x3a0/0x680
[  139.169772][ T5849]  tlb_finish_mmu+0xc3/0x1d0
[  139.171740][ T5849]  exit_mmap+0x474/0xba0
[  139.173571][ T5849]  __mmput+0x118/0x420
[  139.175438][ T5849]  exit_mm+0x1da/0x2c0
[  139.177336][ T5849]  do_exit+0x859/0x2550
[  139.179294][ T5849]  do_group_exit+0x21c/0x2d0
[  139.181376][ T5849]  __x64_sys_exit_group+0x3f/0x40
[  139.183633][ T5849]  x64_sys_call+0x21ba/0x21c0
[  139.185680][ T5849]  do_syscall_64+0xf6/0x210
[  139.187706][ T5849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.190295][ T5849] 
[  139.191384][ T5849] Memory state around the buggy address:
[  139.193793][ T5849]  ffff88805663af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  139.197198][ T5849]  ffff88805663af80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  139.200648][ T5849] >ffff88805663b000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  139.204157][ T5849]                    ^
[  139.205953][ T5849]  ffff88805663b080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  139.209300][ T5849]  ffff88805663b100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  139.212726][ T5849] ==================================================================
[  139.310086][ T5849] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  139.313441][ T5849] CPU: 0 UID: 0 PID: 5849 Comm: syz.0.15 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(full) 
[  139.318492][ T5849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  139.323371][ T5849] Call Trace:
[  139.324869][ T5849]  <TASK>
[  139.326227][ T5849]  dump_stack_lvl+0x99/0x250
[  139.328372][ T5849]  ? __asan_memcpy+0x40/0x70
[  139.330447][ T5849]  ? __pfx_dump_stack_lvl+0x10/0x10
[  139.332806][ T5849]  ? __pfx__printk+0x10/0x10
[  139.334914][ T5849]  panic+0x2db/0x790
[  139.336759][ T5849]  ? __pfx_panic+0x10/0x10
[  139.338794][ T5849]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  139.341454][ T5849]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  139.344280][ T5849]  ? print_memory_metadata+0x314/0x400
[  139.346733][ T5849]  ? ocfs2_claim_suballoc_bits+0x8b2/0x2450
[  139.349349][ T5849]  check_panic_on_warn+0x89/0xb0
[  139.351455][ T5849]  ? ocfs2_claim_suballoc_bits+0x8b2/0x2450
[  139.354045][ T5849]  end_report+0x78/0x160
[  139.355983][ T5849]  kasan_report+0x129/0x150
[  139.358038][ T5849]  ? ocfs2_claim_suballoc_bits+0x8b2/0x2450
[  139.360707][ T5849]  ocfs2_claim_suballoc_bits+0x8b2/0x2450
[  139.363283][ T5849]  ? __pfx_ocfs2_claim_suballoc_bits+0x10/0x10
[  139.366019][ T5849]  ? __ocfs2_journal_access+0x621/0x820
[  139.368598][ T5849]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  139.371241][ T5849]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  139.373953][ T5849]  ? jbd2_write_access_granted+0x69/0x310
[  139.376595][ T5849]  ? jbd2_write_access_granted+0x69/0x310
[  139.379105][ T5849]  ocfs2_claim_metadata+0x178/0x4c0
[  139.381403][ T5849]  ? __pfx_ocfs2_claim_metadata+0x10/0x10
[  139.383957][ T5849]  ? __pfx_ocfs2_start_trans+0x10/0x10
[  139.386400][ T5849]  ? ocfs2_metadata_cache_get_super+0x43/0x80
[  139.389097][ T5849]  ? ocfs2_inode_cache_get_super+0xd/0x40
[  139.391593][ T5849]  ocfs2_create_refcount_tree+0x54f/0x1250
[  139.394201][ T5849]  ? __pfx_ocfs2_create_refcount_tree+0x10/0x10
[  139.396982][ T5849]  ? find_get_entries+0x688/0x7f0
[  139.399479][ T5849]  ? find_get_entries+0xfe/0x7f0
[  139.401689][ T5849]  ? __pfx_find_get_entries+0x10/0x10
[  139.404048][ T5849]  ? __filemap_get_folio+0x9a6/0xaf0
[  139.406297][ T5849]  ? seqcount_lockdep_reader_access+0x123/0x1c0
[  139.408804][ T5849]  ocfs2_reflink_remap_blocks+0x2ea/0x1930
[  139.411364][ T5849]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  139.414104][ T5849]  ? __pfx_ocfs2_reflink_remap_blocks+0x10/0x10
[  139.416823][ T5849]  ? __lock_acquire+0xaac/0xd20
[  139.419066][ T5849]  ? down_write+0x162/0x1f0
[  139.421137][ T5849]  ? __pfx_down_write+0x10/0x10
[  139.423435][ T5849]  ? generic_remap_file_range_prep+0x3e/0x60
[  139.426016][ T5849]  ocfs2_remap_file_range+0x4b7/0x730
[  139.428453][ T5849]  ? __pfx_ocfs2_remap_file_range+0x10/0x10
[  139.431253][ T5849]  ? rcu_read_lock_any_held+0xb3/0x120
[  139.433731][ T5849]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  139.436293][ T5849]  ? __pfx_ocfs2_remap_file_range+0x10/0x10
[  139.438977][ T5849]  vfs_copy_file_range+0xd53/0x1310
[  139.441322][ T5849]  ? __pfx_vfs_copy_file_range+0x10/0x10
[  139.443805][ T5849]  __se_sys_copy_file_range+0x319/0x460
[  139.446382][ T5849]  ? __pfx___se_sys_copy_file_range+0x10/0x10
[  139.449180][ T5849]  ? __x64_sys_copy_file_range+0x21/0xf0
[  139.451728][ T5849]  do_syscall_64+0xf6/0x210
[  139.453758][ T5849]  ? clear_bhb_loop+0x60/0xb0
[  139.455867][ T5849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.458423][ T5849] RIP: 0033:0x7fc48d579e79
[  139.460396][ T5849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.468794][ T5849] RSP: 002b:00007fc48e289038 EFLAGS: 00000246 ORIG_RAX: 0000000000000146
[  139.472427][ T5849] RAX: ffffffffffffffda RBX: 00007fc48d715f80 RCX: 00007fc48d579e79
[  139.476008][ T5849] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000006
[  139.479480][ T5849] RBP: 00007fc48d5e7916 R08: 0000000000000006 R09: 0000000000000000
[  139.482982][ T5849] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000
[  139.486415][ T5849] R13: 0000000000000000 R14: 00007fc48d715f80 R15: 00007fff5e2f2e78
[  139.489935][ T5849]  </TASK>
[  139.491577][ T5849] Kernel Offset: disabled
[  139.493485][ T5849] Rebooting in 86400 seconds..