Warning: Permanently added '[localhost]:12814' (ED25519) to the list of known hosts.
2025/02/09 08:01:19 ignoring optional flag "sandboxArg"="0"
2025/02/09 08:01:19 ignoring optional flag "type"="qemu"
2025/02/09 08:01:20 parsed 1 programs
[  123.362063][ T5611] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  126.285598][ T1032] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.289117][ T1032] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.318039][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.321254][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  127.959405][ T5656] chnl_net:caif_netlink_parms(): no params data found
[  128.000227][ T5656] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.003152][ T5656] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.007846][ T5656] bridge_slave_0: entered allmulticast mode
[  128.011435][ T5656] bridge_slave_0: entered promiscuous mode
[  128.017181][ T5656] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.020122][ T5656] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.023143][ T5656] bridge_slave_1: entered allmulticast mode
[  128.027819][ T5656] bridge_slave_1: entered promiscuous mode
[  128.047831][ T5656] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  128.052554][ T5656] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  128.071775][ T5656] team0: Port device team_slave_0 added
[  128.076199][ T5656] team0: Port device team_slave_1 added
[  128.090416][ T5656] batman_adv: batadv0: Adding interface: batadv_slave_0
[  128.094041][ T5656] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.106803][ T5656] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  128.112441][ T5656] batman_adv: batadv0: Adding interface: batadv_slave_1
[  128.116102][ T5656] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.128310][ T5656] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  128.152753][ T5656] hsr_slave_0: entered promiscuous mode
[  128.156056][ T5656] hsr_slave_1: entered promiscuous mode
[  128.747554][ T5656] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  128.759547][ T5656] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  128.786229][ T5656] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  128.791934][ T5656] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  128.903553][ T5656] 8021q: adding VLAN 0 to HW filter on device bond0
[  128.929978][ T5656] 8021q: adding VLAN 0 to HW filter on device team0
[  128.949633][ T1032] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.953214][ T1032] bridge0: port 1(bridge_slave_0) entered forwarding state
[  128.983147][ T1032] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.986853][ T1032] bridge0: port 2(bridge_slave_1) entered forwarding state
[  129.048945][ T5656] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  129.287884][ T5656] 8021q: adding VLAN 0 to HW filter on device batadv0
[  129.342712][ T5656] veth0_vlan: entered promiscuous mode
[  129.361690][ T5656] veth1_vlan: entered promiscuous mode
[  129.417173][ T5656] veth0_macvtap: entered promiscuous mode
[  129.429856][ T5656] veth1_macvtap: entered promiscuous mode
[  129.457393][ T5656] batman_adv: batadv0: Interface activated: batadv_slave_0
[  129.472621][ T5656] batman_adv: batadv0: Interface activated: batadv_slave_1
[  129.487570][ T5656] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  129.490964][ T5656] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  129.505897][ T5656] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  129.510366][ T5656] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  129.810223][ T1088] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.897320][ T1088] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.964179][ T1088] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.117084][ T1088] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.164622][ T5407] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  130.174865][ T5407] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  130.181077][ T5407] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  130.184778][ T5407] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  130.189321][ T5407] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  130.192680][ T5407] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  132.150488][ T1088] bridge_slave_1: left allmulticast mode
[  132.153092][ T1088] bridge_slave_1: left promiscuous mode
[  132.170713][ T1088] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.198258][ T1088] bridge_slave_0: left allmulticast mode
[  132.200517][ T1088] bridge_slave_0: left promiscuous mode
[  132.203081][ T1088] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.761672][ T1088] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  132.767112][ T1088] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  132.773124][ T1088] bond0 (unregistering): Released all slaves
[  132.870389][ T1088] hsr_slave_0: left promiscuous mode
[  132.873088][ T1088] hsr_slave_1: left promiscuous mode
[  132.882550][ T1088] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  132.892731][ T1088] batman_adv: batadv0: Removing interface: batadv_slave_0
[  132.902546][ T1088] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  132.915489][ T1088] batman_adv: batadv0: Removing interface: batadv_slave_1
[  132.923979][ T1088] veth1_macvtap: left promiscuous mode
[  132.935468][ T1088] veth0_macvtap: left promiscuous mode
[  132.938638][ T1088] veth1_vlan: left promiscuous mode
[  132.941203][ T1088] veth0_vlan: left promiscuous mode
[  133.517341][ T1088] team0 (unregistering): Port device team_slave_1 removed
[  133.566847][ T1088] team0 (unregistering): Port device team_slave_0 removed
2025/02/09 08:01:35 executed programs: 0
[  134.452005][ T4665] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  134.457205][ T4665] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  134.462103][ T4665] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  134.467345][ T4665] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  134.470460][ T4665] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  134.473706][ T4665] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  135.124294][ T5806] chnl_net:caif_netlink_parms(): no params data found
[  135.291079][ T5806] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.294562][ T5806] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.305963][ T5806] bridge_slave_0: entered allmulticast mode
[  135.316822][ T5806] bridge_slave_0: entered promiscuous mode
[  135.334475][ T5806] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.347470][ T5806] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.351324][ T5806] bridge_slave_1: entered allmulticast mode
[  135.371317][ T5806] bridge_slave_1: entered promiscuous mode
[  135.418168][ T5806] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  135.423485][ T5806] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  135.478557][ T5806] team0: Port device team_slave_0 added
[  135.483112][ T5806] team0: Port device team_slave_1 added
[  135.517775][ T5806] batman_adv: batadv0: Adding interface: batadv_slave_0
[  135.520633][ T5806] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  135.546468][ T5806] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  135.556104][ T5806] batman_adv: batadv0: Adding interface: batadv_slave_1
[  135.566850][ T5806] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  135.595081][ T5806] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  135.656690][ T5806] hsr_slave_0: entered promiscuous mode
[  135.659735][ T5806] hsr_slave_1: entered promiscuous mode
[  136.071529][ T5806] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  136.098637][ T5806] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  136.114390][ T5806] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  136.127926][ T5806] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  136.266323][ T5806] 8021q: adding VLAN 0 to HW filter on device bond0
[  136.290621][ T5806] 8021q: adding VLAN 0 to HW filter on device team0
[  136.313307][ T1032] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.316927][ T1032] bridge0: port 1(bridge_slave_0) entered forwarding state
[  136.328763][ T1032] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.332412][ T1032] bridge0: port 2(bridge_slave_1) entered forwarding state
[  136.566363][ T4665] Bluetooth: hci0: command tx timeout
[  136.656467][ T5806] 8021q: adding VLAN 0 to HW filter on device batadv0
[  136.714115][ T5806] veth0_vlan: entered promiscuous mode
[  136.729817][ T5806] veth1_vlan: entered promiscuous mode
[  136.772456][ T5806] veth0_macvtap: entered promiscuous mode
[  136.791543][ T5806] veth1_macvtap: entered promiscuous mode
[  136.824658][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_0
[  136.843507][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_1
[  136.851424][ T5806] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  136.857110][ T5806] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  136.862085][ T5806] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  136.867507][ T5806] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  136.930938][ T1034] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  136.934193][ T1034] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  136.962717][ T1032] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  136.969035][ T1032] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.239199][ T5857] loop0: detected capacity change from 0 to 32768
[  137.246586][ T5857] =======================================================
[  137.246586][ T5857] WARNING: The mand mount option has been deprecated and
[  137.246586][ T5857]          and is ignored by this kernel. Remove the mand
[  137.246586][ T5857]          option from the mount to silence this warning.
[  137.246586][ T5857] =======================================================
[  137.318184][ T5857] JBD2: Ignoring recovery information on journal
[  137.349516][ T5857] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  137.381280][   T24] audit: type=1804 audit(1739088098.412:2): pid=5857 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.15" name="/newroot/0/file1/bus" dev="loop0" ino=17058 res=1 errno=0
[  137.396284][ T5857] ==================================================================
[  137.399578][ T5857] BUG: KASAN: slab-use-after-free in ocfs2_claim_suballoc_bits+0x10d3/0x2560
[  137.402951][ T5857] Read of size 4 at addr ffff8880441ee000 by task syz.0.15/5857
[  137.407082][ T5857] 
[  137.408202][ T5857] CPU: 0 UID: 0 PID: 5857 Comm: syz.0.15 Not tainted 6.14.0-rc1-syzkaller-g9946eaf552b1 #0
[  137.408220][ T5857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  137.408228][ T5857] Call Trace:
[  137.408237][ T5857]  <TASK>
[  137.408244][ T5857]  dump_stack_lvl+0x241/0x360
[  137.408264][ T5857]  ? __pfx_dump_stack_lvl+0x10/0x10
[  137.408283][ T5857]  ? __pfx__printk+0x10/0x10
[  137.408301][ T5857]  ? _printk+0xd5/0x120
[  137.408316][ T5857]  ? __virt_addr_valid+0x183/0x530
[  137.408335][ T5857]  ? __virt_addr_valid+0x183/0x530
[  137.408384][ T5857]  print_report+0x169/0x550
[  137.408405][ T5857]  ? __virt_addr_valid+0x183/0x530
[  137.408421][ T5857]  ? __virt_addr_valid+0x183/0x530
[  137.408437][ T5857]  ? __virt_addr_valid+0x45f/0x530
[  137.408453][ T5857]  ? __phys_addr+0xba/0x170
[  137.408470][ T5857]  ? ocfs2_claim_suballoc_bits+0x10d3/0x2560
[  137.408485][ T5857]  kasan_report+0x143/0x180
[  137.408504][ T5857]  ? ocfs2_claim_suballoc_bits+0x10d3/0x2560
[  137.408519][ T5857]  ocfs2_claim_suballoc_bits+0x10d3/0x2560
[  137.408534][ T5857]  ? __pfx_ocfs2_claim_suballoc_bits+0x10/0x10
[  137.408550][ T5857]  ? __mutex_unlock_slowpath+0x227/0x800
[  137.408569][ T5857]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  137.408586][ T5857]  ? jbd2_write_access_granted+0x71/0x310
[  137.408605][ T5857]  ? jbd2_write_access_granted+0x2f8/0x310
[  137.408623][ T5857]  ? jbd2_write_access_granted+0x71/0x310
[  137.408643][ T5857]  ocfs2_claim_metadata+0x16d/0x580
[  137.408656][ T5857]  ? jbd2__journal_start+0x3b8/0x5d0
[  137.408671][ T5857]  ? __pfx_ocfs2_claim_metadata+0x10/0x10
[  137.408679][ T5857]  ? __lock_acquire+0x1397/0x2100
[  137.408690][ T5857]  ? __pfx_ocfs2_start_trans+0x10/0x10
[  137.408699][ T5857]  ? ocfs2_metadata_cache_get_super+0x43/0x80
[  137.408712][ T5857]  ? ocfs2_inode_cache_get_super+0xd/0x40
[  137.408720][ T5857]  ocfs2_create_refcount_tree+0x699/0x15f0
[  137.408732][ T5857]  ? __pfx_ocfs2_create_refcount_tree+0x10/0x10
[  137.408746][ T5857]  ? __pfx_lock_release+0x10/0x10
[  137.408756][ T5857]  ? xas_find+0x213/0x960
[  137.408767][ T5857]  ? find_get_entries+0x1b9/0x900
[  137.408780][ T5857]  ? find_get_entries+0x7c9/0x900
[  137.408792][ T5857]  ? find_get_entries+0x1b9/0x900
[  137.408806][ T5857]  ? __pfx_find_get_entries+0x10/0x10
[  137.408821][ T5857]  ocfs2_reflink_remap_blocks+0x2f6/0x1f30
[  137.408842][ T5857]  ? __pfx_ocfs2_reflink_remap_blocks+0x10/0x10
[  137.408857][ T5857]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  137.408882][ T5857]  ? down_write+0x18c/0x220
[  137.408895][ T5857]  ? __pfx_down_write+0x10/0x10
[  137.408911][ T5857]  ? generic_remap_file_range_prep+0x3e/0x60
[  137.408928][ T5857]  ocfs2_remap_file_range+0x5fa/0x8d0
[  137.408951][ T5857]  ? __pfx_ocfs2_remap_file_range+0x10/0x10
[  137.408970][ T5857]  ? rcu_read_lock_any_held+0xb7/0x160
[  137.408985][ T5857]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  137.408995][ T5857]  ? __pfx_ocfs2_remap_file_range+0x10/0x10
[  137.409006][ T5857]  vfs_copy_file_range+0xc07/0x14f0
[  137.409018][ T5857]  ? __pfx_vfs_copy_file_range+0x10/0x10
[  137.409025][ T5857]  ? __fget_files+0x395/0x410
[  137.409036][ T5857]  ? __might_fault+0xaa/0x120
[  137.409052][ T5857]  __se_sys_copy_file_range+0x3fa/0x600
[  137.409067][ T5857]  ? __pfx___se_sys_copy_file_range+0x10/0x10
[  137.409080][ T5857]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  137.409097][ T5857]  ? do_syscall_64+0x100/0x230
[  137.409113][ T5857]  ? __x64_sys_copy_file_range+0x21/0xf0
[  137.409126][ T5857]  do_syscall_64+0xf3/0x230
[  137.409143][ T5857]  ? clear_bhb_loop+0x35/0x90
[  137.409162][ T5857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.409179][ T5857] RIP: 0033:0x7f4734979e79
[  137.409191][ T5857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.409198][ T5857] RSP: 002b:00007f47347f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000146
[  137.409208][ T5857] RAX: ffffffffffffffda RBX: 00007f4734b15f80 RCX: 00007f4734979e79
[  137.409214][ T5857] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000006
[  137.409219][ T5857] RBP: 00007f47349e7916 R08: 0000000000000006 R09: 0000000000000000
[  137.409223][ T5857] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000
[  137.409228][ T5857] R13: 0000000000000000 R14: 00007f4734b15f80 R15: 00007ffd27e32428
[  137.409236][ T5857]  </TASK>
[  137.409239][ T5857] 
[  137.588146][ T5857] Allocated by task 5021:
[  137.589780][ T5857]  kasan_save_track+0x3f/0x80
[  137.591883][ T5857]  __kasan_kmalloc+0x98/0xb0
[  137.593800][ T5857]  __kmalloc_node_track_caller_noprof+0x28b/0x4c0
[  137.596110][ T5857]  kmalloc_reserve+0x111/0x2a0
[  137.598043][ T5857]  __alloc_skb+0x1f3/0x440
[  137.600181][ T5857]  alloc_skb_with_frags+0xc3/0x820
[  137.602497][ T5857]  sock_alloc_send_pskb+0x91a/0xa60
[  137.604684][ T5857]  unix_dgram_sendmsg+0x5f1/0x1df0
[  137.606938][ T5857]  __sock_sendmsg+0x221/0x270
[  137.608940][ T5857]  sock_write_iter+0x2d7/0x3f0
[  137.610738][ T5857]  do_iter_readv_writev+0x71a/0x9d0
[  137.612693][ T5857]  vfs_writev+0x38b/0xbc0
[  137.614508][ T5857]  do_writev+0x1b6/0x360
[  137.616603][ T5857]  do_syscall_64+0xf3/0x230
[  137.618860][ T5857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.621224][ T5857] 
[  137.622188][ T5857] Freed by task 5022:
[  137.623774][ T5857]  kasan_save_track+0x3f/0x80
[  137.625659][ T5857]  kasan_save_free_info+0x40/0x50
[  137.627698][ T5857]  __kasan_slab_free+0x59/0x70
[  137.629750][ T5857]  kfree+0x196/0x430
[  137.631479][ T5857]  skb_release_data+0x6a0/0x8a0
[  137.633415][ T5857]  consume_skb+0x9f/0xf0
[  137.635223][ T5857]  __unix_dgram_recvmsg+0xcea/0x12f0
[  137.637226][ T5857]  sock_recvmsg+0x22f/0x280
[  137.638981][ T5857]  sock_read_iter+0x2c4/0x3d0
[  137.640898][ T5857]  vfs_read+0x975/0xb40
[  137.642497][ T5857]  ksys_read+0x18f/0x2b0
[  137.644192][ T5857]  do_syscall_64+0xf3/0x230
[  137.645980][ T5857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.648457][ T5857] 
[  137.649512][ T5857] The buggy address belongs to the object at ffff8880441ee000
[  137.649512][ T5857]  which belongs to the cache kmalloc-cg-512 of size 512
[  137.655247][ T5857] The buggy address is located 0 bytes inside of
[  137.655247][ T5857]  freed 512-byte region [ffff8880441ee000, ffff8880441ee200)
[  137.660196][ T5857] 
[  137.661285][ T5857] The buggy address belongs to the physical page:
[  137.664211][ T5857] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x441ee
[  137.667955][ T5857] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  137.671133][ T5857] memcg:ffff888043504401
[  137.672874][ T5857] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  137.675831][ T5857] page_type: f5(slab)
[  137.677600][ T5857] raw: 04fff00000000040 ffff88801ac4f140 dead000000000122 0000000000000000
[  137.681504][ T5857] raw: 0000000000000000 0000000000080008 00000000f5000000 ffff888043504401
[  137.684682][ T5857] head: 04fff00000000040 ffff88801ac4f140 dead000000000122 0000000000000000
[  137.687916][ T5857] head: 0000000000000000 0000000000080008 00000000f5000000 ffff888043504401
[  137.691512][ T5857] head: 04fff00000000001 ffffea0001107b81 ffffffffffffffff 0000000000000000
[  137.695309][ T5857] head: ffff888000000002 0000000000000000 00000000ffffffff 0000000000000000
[  137.698587][ T5857] page dumped because: kasan: bad access detected
[  137.700996][ T5857] page_owner tracks the page as allocated
[  137.703170][ T5857] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5021, tgid 5021 (dhcpcd), ts 136847691780, free_ts 135993834576
[  137.712520][ T5857]  post_alloc_hook+0x1f4/0x240
[  137.714468][ T5857]  get_page_from_freelist+0x365c/0x37a0
[  137.716486][ T5857]  __alloc_frozen_pages_noprof+0x292/0x710
[  137.718516][ T5857]  alloc_pages_mpol+0x311/0x660
[  137.720302][ T5857]  allocate_slab+0x8f/0x3a0
[  137.722058][ T5857]  ___slab_alloc+0xc27/0x14a0
[  137.723912][ T5857]  __slab_alloc+0x58/0xa0
[  137.725713][ T5857]  __kmalloc_node_track_caller_noprof+0x2e9/0x4c0
[  137.728608][ T5857]  kmalloc_reserve+0x111/0x2a0
[  137.730959][ T5857]  __alloc_skb+0x1f3/0x440
[  137.733110][ T5857]  alloc_skb_with_frags+0xc3/0x820
[  137.735247][ T5857]  sock_alloc_send_pskb+0x91a/0xa60
[  137.737215][ T5857]  unix_dgram_sendmsg+0x5f1/0x1df0
[  137.739010][ T5857]  __sock_sendmsg+0x221/0x270
[  137.740779][ T5857]  sock_write_iter+0x2d7/0x3f0
[  137.742604][ T5857]  do_iter_readv_writev+0x71a/0x9d0
[  137.744580][ T5857] page last free pid 5838 tgid 5838 stack trace:
[  137.746913][ T5857]  free_frozen_pages+0xe0d/0x10e0
[  137.749130][ T5857]  __slab_free+0x2c2/0x380
[  137.751205][ T5857]  qlist_free_all+0x9a/0x140
[  137.753546][ T5857]  kasan_quarantine_reduce+0x14f/0x170
[  137.756205][ T5857]  __kasan_slab_alloc+0x23/0x80
[  137.758055][ T5857]  kmem_cache_alloc_noprof+0x1d9/0x380
[  137.760121][ T5857]  getname_flags+0xb7/0x540
[  137.761872][ T5857]  vfs_fstatat+0x3f/0x130
[  137.763553][ T5857]  __x64_sys_newfstatat+0x11d/0x1a0
[  137.765613][ T5857]  do_syscall_64+0xf3/0x230
[  137.767408][ T5857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.769662][ T5857] 
[  137.771191][ T5857] Memory state around the buggy address:
[  137.774258][ T5857]  ffff8880441edf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  137.777884][ T5857]  ffff8880441edf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  137.780751][ T5857] >ffff8880441ee000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  137.783747][ T5857]                    ^
[  137.785411][ T5857]  ffff8880441ee080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  137.788899][ T5857]  ffff8880441ee100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  137.792234][ T5857] ==================================================================
[  137.823188][ T5857] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  137.825985][ T5857] CPU: 0 UID: 0 PID: 5857 Comm: syz.0.15 Not tainted 6.14.0-rc1-syzkaller-g9946eaf552b1 #0
[  137.829945][ T5857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  137.834984][ T5857] Call Trace:
[  137.836610][ T5857]  <TASK>
[  137.837770][ T5857]  dump_stack_lvl+0x241/0x360
[  137.839579][ T5857]  ? __pfx_dump_stack_lvl+0x10/0x10
[  137.841496][ T5857]  ? __pfx__printk+0x10/0x10
[  137.843278][ T5857]  ? preempt_schedule+0xe1/0xf0
[  137.845039][ T5857]  ? vscnprintf+0x5d/0x90
[  137.846644][ T5857]  panic+0x349/0x880
[  137.848242][ T5857]  ? check_panic_on_warn+0x21/0xb0
[  137.850479][ T5857]  ? __pfx_panic+0x10/0x10
[  137.852552][ T5857]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  137.855385][ T5857]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  137.857992][ T5857]  ? print_report+0x502/0x550
[  137.859666][ T5857]  check_panic_on_warn+0x86/0xb0
[  137.861559][ T5857]  ? ocfs2_claim_suballoc_bits+0x10d3/0x2560
[  137.863725][ T5857]  end_report+0x77/0x160
[  137.865340][ T5857]  kasan_report+0x154/0x180
[  137.867115][ T5857]  ? ocfs2_claim_suballoc_bits+0x10d3/0x2560
[  137.869451][ T5857]  ocfs2_claim_suballoc_bits+0x10d3/0x2560
[  137.871787][ T5857]  ? __pfx_ocfs2_claim_suballoc_bits+0x10/0x10
[  137.874234][ T5857]  ? __mutex_unlock_slowpath+0x227/0x800
[  137.876033][ T5857]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  137.878162][ T5857]  ? jbd2_write_access_granted+0x71/0x310
[  137.880150][ T5857]  ? jbd2_write_access_granted+0x2f8/0x310
[  137.882389][ T5857]  ? jbd2_write_access_granted+0x71/0x310
[  137.884876][ T5857]  ocfs2_claim_metadata+0x16d/0x580
[  137.887255][ T5857]  ? jbd2__journal_start+0x3b8/0x5d0
[  137.889509][ T5857]  ? __pfx_ocfs2_claim_metadata+0x10/0x10
[  137.891695][ T5857]  ? __lock_acquire+0x1397/0x2100
[  137.893656][ T5857]  ? __pfx_ocfs2_start_trans+0x10/0x10
[  137.895748][ T5857]  ? ocfs2_metadata_cache_get_super+0x43/0x80
[  137.898234][ T5857]  ? ocfs2_inode_cache_get_super+0xd/0x40
[  137.900925][ T5857]  ocfs2_create_refcount_tree+0x699/0x15f0
[  137.903432][ T5857]  ? __pfx_ocfs2_create_refcount_tree+0x10/0x10
[  137.905760][ T5857]  ? __pfx_lock_release+0x10/0x10
[  137.907625][ T5857]  ? xas_find+0x213/0x960
[  137.909296][ T5857]  ? find_get_entries+0x1b9/0x900
[  137.911352][ T5857]  ? find_get_entries+0x7c9/0x900
[  137.913622][ T5857]  ? find_get_entries+0x1b9/0x900
[  137.915959][ T5857]  ? __pfx_find_get_entries+0x10/0x10
[  137.918340][ T5857]  ocfs2_reflink_remap_blocks+0x2f6/0x1f30
[  137.920531][ T5857]  ? __pfx_ocfs2_reflink_remap_blocks+0x10/0x10
[  137.922897][ T5857]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  137.925233][ T5857]  ? down_write+0x18c/0x220
[  137.926946][ T5857]  ? __pfx_down_write+0x10/0x10
[  137.929006][ T5857]  ? generic_remap_file_range_prep+0x3e/0x60
[  137.931732][ T5857]  ocfs2_remap_file_range+0x5fa/0x8d0
[  137.934470][ T5857]  ? __pfx_ocfs2_remap_file_range+0x10/0x10
[  137.936745][ T5857]  ? rcu_read_lock_any_held+0xb7/0x160
[  137.938772][ T5857]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  137.940925][ T5857]  ? __pfx_ocfs2_remap_file_range+0x10/0x10
[  137.943080][ T5857]  vfs_copy_file_range+0xc07/0x14f0
[  137.945134][ T5857]  ? __pfx_vfs_copy_file_range+0x10/0x10
[  137.947444][ T5857]  ? __fget_files+0x395/0x410
[  137.949967][ T5857]  ? __might_fault+0xaa/0x120
[  137.952636][ T5857]  __se_sys_copy_file_range+0x3fa/0x600
[  137.955275][ T5857]  ? __pfx___se_sys_copy_file_range+0x10/0x10
[  137.957690][ T5857]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  137.960230][ T5857]  ? do_syscall_64+0x100/0x230
[  137.961963][ T5857]  ? __x64_sys_copy_file_range+0x21/0xf0
[  137.964041][ T5857]  do_syscall_64+0xf3/0x230
[  137.965705][ T5857]  ? clear_bhb_loop+0x35/0x90
[  137.967371][ T5857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.969473][ T5857] RIP: 0033:0x7f4734979e79
[  137.971102][ T5857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.978691][ T5857] RSP: 002b:00007f47347f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000146
[  137.981613][ T5857] RAX: ffffffffffffffda RBX: 00007f4734b15f80 RCX: 00007f4734979e79
[  137.984733][ T5857] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000006
[  137.988131][ T5857] RBP: 00007f47349e7916 R08: 0000000000000006 R09: 0000000000000000
[  137.991907][ T5857] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000
[  137.995671][ T5857] R13: 0000000000000000 R14: 00007f4734b15f80 R15: 00007ffd27e32428
[  137.998636][ T5857]  </TASK>
[  137.999965][ T5857] Kernel Offset: disabled
[  138.001583][ T5857] Rebooting in 86400 seconds..