Warning: Permanently added '10.128.1.151' (ED25519) to the list of known hosts.
2025/06/26 21:46:03 ignoring optional flag "sandboxArg"="0"
2025/06/26 21:46:04 parsed 1 programs
[  112.709752][ T6259] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  115.154449][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  115.162810][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  115.170868][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  115.180097][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  115.187875][   T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  116.511797][ T1095] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.521118][ T1095] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.544917][ T1095] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.553113][ T1095] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.861078][ T6339] chnl_net:caif_netlink_parms(): no params data found
[  117.929708][ T6339] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.937306][ T6339] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.944537][ T6339] bridge_slave_0: entered allmulticast mode
[  117.952854][ T6339] bridge_slave_0: entered promiscuous mode
[  117.965316][ T6339] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.972652][ T6339] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.979883][ T6339] bridge_slave_1: entered allmulticast mode
[  117.986923][ T6339] bridge_slave_1: entered promiscuous mode
[  118.016939][ T6339] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  118.028610][ T6339] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  118.066672][ T6339] team0: Port device team_slave_0 added
[  118.075401][ T6339] team0: Port device team_slave_1 added
[  118.101987][ T6339] batman_adv: batadv0: Adding interface: batadv_slave_0
[  118.109824][ T6339] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  118.135965][ T6339] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  118.148571][ T6339] batman_adv: batadv0: Adding interface: batadv_slave_1
[  118.155529][ T6339] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  118.181964][ T6339] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  118.219803][ T6339] hsr_slave_0: entered promiscuous mode
[  118.226393][ T6339] hsr_slave_1: entered promiscuous mode
[  118.752907][ T6339] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  118.769535][ T6339] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  118.781886][ T6339] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  118.793046][ T6339] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  118.901702][ T6339] 8021q: adding VLAN 0 to HW filter on device bond0
[  118.949504][ T6339] 8021q: adding VLAN 0 to HW filter on device team0
[  118.982604][ T3475] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.989812][ T3475] bridge0: port 1(bridge_slave_0) entered forwarding state
[  119.029369][ T3475] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.036710][ T3475] bridge0: port 2(bridge_slave_1) entered forwarding state
[  119.109660][ T6339] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  119.376434][ T6339] 8021q: adding VLAN 0 to HW filter on device batadv0
[  119.440183][ T6339] veth0_vlan: entered promiscuous mode
[  119.454927][ T6339] veth1_vlan: entered promiscuous mode
[  119.498274][ T6339] veth0_macvtap: entered promiscuous mode
[  119.510082][ T6339] veth1_macvtap: entered promiscuous mode
[  119.533889][ T6339] batman_adv: batadv0: Interface activated: batadv_slave_0
[  119.552987][ T6339] batman_adv: batadv0: Interface activated: batadv_slave_1
[  119.566676][ T6339] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  119.577748][ T6339] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  119.586607][ T6339] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  119.595436][ T6339] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/06/26 21:46:15 executed programs: 0
[  119.772558][ T5142] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  119.783421][ T5142] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  119.803236][ T5142] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  119.813593][   T49] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.828644][ T5142] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  119.839316][ T5142] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  119.894273][   T49] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.961737][   T49] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.039861][   T49] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.200541][ T6395] chnl_net:caif_netlink_parms(): no params data found
[  120.319199][ T6395] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.327230][ T6395] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.335517][ T6395] bridge_slave_0: entered allmulticast mode
[  120.344527][ T6395] bridge_slave_0: entered promiscuous mode
[  120.356453][ T6395] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.363716][ T6395] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.372125][ T6395] bridge_slave_1: entered allmulticast mode
[  120.380871][ T6395] bridge_slave_1: entered promiscuous mode
[  120.431660][ T6395] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  120.446805][ T6395] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  120.487004][ T6395] team0: Port device team_slave_0 added
[  120.495373][ T6395] team0: Port device team_slave_1 added
[  120.530078][ T6395] batman_adv: batadv0: Adding interface: batadv_slave_0
[  120.537252][ T6395] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  120.563653][ T6395] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  120.577353][ T6395] batman_adv: batadv0: Adding interface: batadv_slave_1
[  120.584308][ T6395] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  120.610556][ T6395] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  120.692099][ T6395] hsr_slave_0: entered promiscuous mode
[  120.700734][ T6395] hsr_slave_1: entered promiscuous mode
[  120.708069][ T6395] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  120.718367][ T6395] Cannot create hsr debugfs directory
[  121.865990][   T51] Bluetooth: hci0: command tx timeout
[  122.302281][   T49] bridge_slave_1: left allmulticast mode
[  122.311879][   T49] bridge_slave_1: left promiscuous mode
[  122.319626][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  122.330140][   T49] bridge_slave_0: left allmulticast mode
[  122.337773][   T49] bridge_slave_0: left promiscuous mode
[  122.343842][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.661508][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  122.674881][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  122.688140][   T49] bond0 (unregistering): Released all slaves
[  122.793965][   T49] hsr_slave_0: left promiscuous mode
[  122.801660][   T49] hsr_slave_1: left promiscuous mode
[  122.809243][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  122.816730][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  122.824717][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  122.833687][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  122.855108][   T49] veth1_macvtap: left promiscuous mode
[  122.860789][   T49] veth0_macvtap: left promiscuous mode
[  122.868650][   T49] veth1_vlan: left promiscuous mode
[  122.874037][   T49] veth0_vlan: left promiscuous mode
[  123.229129][   T49] team0 (unregistering): Port device team_slave_1 removed
[  123.262330][   T49] team0 (unregistering): Port device team_slave_0 removed
[  123.852122][ T6395] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  123.870329][ T6395] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  123.890157][ T6395] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  123.912537][ T6395] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  123.946637][   T51] Bluetooth: hci0: command tx timeout
[  124.033220][ T6395] 8021q: adding VLAN 0 to HW filter on device bond0
[  124.054721][ T6395] 8021q: adding VLAN 0 to HW filter on device team0
[  124.068884][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.076070][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  124.090369][ T1095] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.097714][ T1095] bridge0: port 2(bridge_slave_1) entered forwarding state
[  124.374841][ T6395] 8021q: adding VLAN 0 to HW filter on device batadv0
[  124.428957][ T6395] veth0_vlan: entered promiscuous mode
[  124.451117][ T6395] veth1_vlan: entered promiscuous mode
[  124.492371][ T6395] veth0_macvtap: entered promiscuous mode
[  124.503566][ T6395] veth1_macvtap: entered promiscuous mode
[  124.523572][ T6395] batman_adv: batadv0: Interface activated: batadv_slave_0
[  124.538296][ T6395] batman_adv: batadv0: Interface activated: batadv_slave_1
[  124.559050][ T6395] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  124.568705][ T6395] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  124.580809][ T6395] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  124.589689][ T6395] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  124.676791][ T3483] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.684886][ T3483] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/06/26 21:46:20 executed programs: 2
[  124.728652][ T3530] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.739784][ T3530] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.076673][ T6558] loop0: detected capacity change from 0 to 32768
[  125.094251][ T6558] =======================================================
[  125.094251][ T6558] WARNING: The mand mount option has been deprecated and
[  125.094251][ T6558]          and is ignored by this kernel. Remove the mand
[  125.094251][ T6558]          option from the mount to silence this warning.
[  125.094251][ T6558] =======================================================
[  125.196362][ T6558] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  125.223915][ T6558] ==================================================================
[  125.232013][ T6558] BUG: KASAN: use-after-free in ocfs2_reserve_suballoc_bits+0xdd0/0x4640
[  125.240441][ T6558] Read of size 4 at addr ffff8880714f3004 by task syz.0.15/6558
[  125.248058][ T6558] 
[  125.250395][ T6558] CPU: 0 UID: 0 PID: 6558 Comm: syz.0.15 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(full) 
[  125.250412][ T6558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  125.250423][ T6558] Call Trace:
[  125.250431][ T6558]  <TASK>
[  125.250437][ T6558]  dump_stack_lvl+0x189/0x250
[  125.250460][ T6558]  ? __virt_addr_valid+0x1c8/0x5c0
[  125.250472][ T6558]  ? rcu_is_watching+0x15/0xb0
[  125.250491][ T6558]  ? __kasan_check_byte+0x12/0x40
[  125.250507][ T6558]  ? __pfx_dump_stack_lvl+0x10/0x10
[  125.250524][ T6558]  ? rcu_is_watching+0x15/0xb0
[  125.250540][ T6558]  ? lock_release+0x4b/0x3e0
[  125.250558][ T6558]  ? __virt_addr_valid+0x1c8/0x5c0
[  125.250570][ T6558]  ? __virt_addr_valid+0x4a5/0x5c0
[  125.250582][ T6558]  print_report+0xd2/0x2b0
[  125.250597][ T6558]  ? ocfs2_reserve_suballoc_bits+0xdd0/0x4640
[  125.250614][ T6558]  kasan_report+0x118/0x150
[  125.250630][ T6558]  ? ocfs2_reserve_suballoc_bits+0xdd0/0x4640
[  125.250649][ T6558]  ocfs2_reserve_suballoc_bits+0xdd0/0x4640
[  125.250671][ T6558]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  125.250688][ T6558]  ? lockdep_hardirqs_on+0x9c/0x150
[  125.250706][ T6558]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  125.250727][ T6558]  ? __pfx_ocfs2_reserve_suballoc_bits+0x10/0x10
[  125.250745][ T6558]  ? stack_depot_save_flags+0x429/0x900
[  125.250763][ T6558]  ? kasan_save_track+0x4f/0x80
[  125.250776][ T6558]  ? kasan_save_track+0x3e/0x80
[  125.250787][ T6558]  ? __kasan_kmalloc+0x93/0xb0
[  125.250800][ T6558]  ? __kmalloc_cache_noprof+0x230/0x3d0
[  125.250815][ T6558]  ? ocfs2_reserve_new_metadata_blocks+0x113/0x940
[  125.250832][ T6558]  ? ocfs2_mknod+0xe08/0x2050
[  125.250847][ T6558]  ? ocfs2_create+0x1a5/0x440
[  125.250860][ T6558]  ? path_openat+0x14f4/0x3830
[  125.250873][ T6558]  ? do_filp_open+0x1fa/0x410
[  125.250884][ T6558]  ? do_sys_openat2+0x121/0x1c0
[  125.250901][ T6558]  ? __x64_sys_open+0x11e/0x150
[  125.250918][ T6558]  ? do_syscall_64+0xfa/0x3b0
[  125.250936][ T6558]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.250962][ T6558]  ? __kasan_kmalloc+0x93/0xb0
[  125.250977][ T6558]  ? ocfs2_reserve_new_metadata_blocks+0x113/0x940
[  125.250995][ T6558]  ocfs2_reserve_new_metadata_blocks+0x403/0x940
[  125.251014][ T6558]  ? __pfx_ocfs2_reserve_new_metadata_blocks+0x10/0x10
[  125.251034][ T6558]  ? __pfx_ocfs2_calc_xattr_init+0x10/0x10
[  125.251054][ T6558]  ? ocfs2_init_security_get+0x132/0x1a0
[  125.251067][ T6558]  ocfs2_mknod+0xe08/0x2050
[  125.251087][ T6558]  ? __pfx_ocfs2_mknod+0x10/0x10
[  125.251102][ T6558]  ? __pfx_ocfs2_find_entry+0x10/0x10
[  125.251115][ T6558]  ? __lock_acquire+0xab9/0xd20
[  125.251137][ T6558]  ? look_up_lock_class+0x74/0x170
[  125.251154][ T6558]  ? register_lock_class+0x51/0x320
[  125.251171][ T6558]  ? __lock_acquire+0xab9/0xd20
[  125.251188][ T6558]  ? __lock_acquire+0xab9/0xd20
[  125.251206][ T6558]  ? do_raw_spin_lock+0x121/0x290
[  125.251222][ T6558]  ? do_raw_spin_unlock+0x122/0x240
[  125.251241][ T6558]  ? rcu_is_watching+0x15/0xb0
[  125.251258][ T6558]  ? ocfs2_lookup+0x4a0/0x990
[  125.251274][ T6558]  ocfs2_create+0x1a5/0x440
[  125.251289][ T6558]  ? __pfx_ocfs2_lookup+0x10/0x10
[  125.251305][ T6558]  ? __pfx_ocfs2_create+0x10/0x10
[  125.251319][ T6558]  ? HAS_UNMAPPED_ID+0x11a/0x180
[  125.251337][ T6558]  ? bpf_lsm_inode_create+0x9/0x20
[  125.251352][ T6558]  ? __pfx_ocfs2_create+0x10/0x10
[  125.251366][ T6558]  path_openat+0x14f4/0x3830
[  125.251389][ T6558]  ? __pfx_path_openat+0x10/0x10
[  125.251400][ T6558]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.251419][ T6558]  do_filp_open+0x1fa/0x410
[  125.251430][ T6558]  ? __lock_acquire+0xab9/0xd20
[  125.251446][ T6558]  ? __pfx_do_filp_open+0x10/0x10
[  125.251465][ T6558]  ? _raw_spin_unlock+0x28/0x50
[  125.251479][ T6558]  ? alloc_fd+0x64c/0x6c0
[  125.251498][ T6558]  do_sys_openat2+0x121/0x1c0
[  125.251516][ T6558]  ? __se_sys_futex+0x36f/0x400
[  125.251529][ T6558]  ? __pfx_do_sys_openat2+0x10/0x10
[  125.251549][ T6558]  ? rcu_is_watching+0x15/0xb0
[  125.251567][ T6558]  __x64_sys_open+0x11e/0x150
[  125.251585][ T6558]  do_syscall_64+0xfa/0x3b0
[  125.251602][ T6558]  ? lockdep_hardirqs_on+0x9c/0x150
[  125.251618][ T6558]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.251631][ T6558]  ? clear_bhb_loop+0x60/0xb0
[  125.251645][ T6558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.251657][ T6558] RIP: 0033:0x7f52b4b7dff9
[  125.251673][ T6558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.251684][ T6558] RSP: 002b:00007f52b58bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  125.251698][ T6558] RAX: ffffffffffffffda RBX: 00007f52b4d35f80 RCX: 00007f52b4b7dff9
[  125.251708][ T6558] RDX: 0000000000000000 RSI: 0000000004008040 RDI: 0000000020000200
[  125.251717][ T6558] RBP: 00007f52b4bf0296 R08: 0000000000000000 R09: 0000000000000000
[  125.251725][ T6558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  125.251733][ T6558] R13: 0000000000000000 R14: 00007f52b4d35f80 R15: 00007fffd6688b08
[  125.251747][ T6558]  </TASK>
[  125.251752][ T6558] 
[  125.737697][ T6558] The buggy address belongs to the physical page:
[  125.744097][ T6558] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x7f6f91029 pfn:0x714f3
[  125.753563][ T6558] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  125.760673][ T6558] raw: 00fff00000000000 ffffea0001c53d08 ffffea0001948508 0000000000000000
[  125.769251][ T6558] raw: 00000007f6f91029 0000000000000000 00000000ffffffff 0000000000000000
[  125.777819][ T6558] page dumped because: kasan: bad access detected
[  125.784234][ T6558] page_owner tracks the page as freed
[  125.789587][ T6558] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|__GFP_COMP), pid 6490, tgid 6490 (udevd), ts 125155132217, free_ts 125200272870
[  125.807815][ T6558]  post_alloc_hook+0x240/0x2a0
[  125.812573][ T6558]  get_page_from_freelist+0x21d5/0x22b0
[  125.818108][ T6558]  __alloc_frozen_pages_noprof+0x181/0x370
[  125.823990][ T6558]  alloc_pages_mpol+0x232/0x4a0
[  125.828829][ T6558]  vma_alloc_folio_noprof+0xe4/0x200
[  125.834189][ T6558]  folio_prealloc+0x30/0x180
[  125.838879][ T6558]  __handle_mm_fault+0x2c88/0x5620
[  125.843974][ T6558]  handle_mm_fault+0x2d5/0x7f0
[  125.848722][ T6558]  do_user_addr_fault+0x764/0x1390
[  125.853829][ T6558]  exc_page_fault+0x76/0xf0
[  125.858339][ T6558]  asm_exc_page_fault+0x26/0x30
[  125.863304][ T6558] page last free pid 6490 tgid 6490 stack trace:
[  125.869613][ T6558]  free_unref_folios+0xcd2/0x1570
[  125.874632][ T6558]  folios_put_refs+0x559/0x640
[  125.879385][ T6558]  free_pages_and_swap_cache+0x4be/0x520
[  125.885045][ T6558]  tlb_flush_mmu+0x3a0/0x680
[  125.889641][ T6558]  tlb_finish_mmu+0xc3/0x1d0
[  125.894228][ T6558]  vms_clear_ptes+0x42c/0x540
[  125.898897][ T6558]  vms_complete_munmap_vmas+0x206/0x8a0
[  125.904430][ T6558]  do_vmi_align_munmap+0x358/0x420
[  125.909532][ T6558]  do_vmi_munmap+0x253/0x2e0
[  125.914112][ T6558]  __vm_munmap+0x23b/0x3d0
[  125.918527][ T6558]  __x64_sys_munmap+0x60/0x70
[  125.923200][ T6558]  do_syscall_64+0xfa/0x3b0
[  125.927693][ T6558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.933576][ T6558] 
[  125.935889][ T6558] Memory state around the buggy address:
[  125.941506][ T6558]  ffff8880714f2f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  125.949556][ T6558]  ffff8880714f2f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  125.957610][ T6558] >ffff8880714f3000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  125.965696][ T6558]                    ^
[  125.969765][ T6558]  ffff8880714f3080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  125.977876][ T6558]  ffff8880714f3100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  125.985929][ T6558] ==================================================================
[  126.006804][ T6558] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  126.014136][ T6558] CPU: 1 UID: 0 PID: 6558 Comm: syz.0.15 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(full) 
[  126.025935][ T6558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  126.035990][ T6558] Call Trace:
[  126.039260][ T6558]  <TASK>
[  126.042182][ T6558]  dump_stack_lvl+0x99/0x250
[  126.046783][ T6558]  ? __asan_memcpy+0x40/0x70
[  126.051445][ T6558]  ? __pfx_dump_stack_lvl+0x10/0x10
[  126.056633][ T6558]  ? __pfx__printk+0x10/0x10
[  126.061218][ T6558]  panic+0x2db/0x790
[  126.065109][ T6558]  ? __pfx_panic+0x10/0x10
[  126.069535][ T6558]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  126.075421][ T6558]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  126.081845][ T6558]  ? print_memory_metadata+0x314/0x400
[  126.087295][ T6558]  ? ocfs2_reserve_suballoc_bits+0xdd0/0x4640
[  126.093359][ T6558]  check_panic_on_warn+0x89/0xb0
[  126.098378][ T6558]  ? ocfs2_reserve_suballoc_bits+0xdd0/0x4640
[  126.104531][ T6558]  end_report+0x78/0x160
[  126.108772][ T6558]  kasan_report+0x129/0x150
[  126.113354][ T6558]  ? ocfs2_reserve_suballoc_bits+0xdd0/0x4640
[  126.119418][ T6558]  ocfs2_reserve_suballoc_bits+0xdd0/0x4640
[  126.125312][ T6558]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  126.131203][ T6558]  ? lockdep_hardirqs_on+0x9c/0x150
[  126.136400][ T6558]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  126.142721][ T6558]  ? __pfx_ocfs2_reserve_suballoc_bits+0x10/0x10
[  126.149127][ T6558]  ? stack_depot_save_flags+0x429/0x900
[  126.154669][ T6558]  ? kasan_save_track+0x4f/0x80
[  126.159517][ T6558]  ? kasan_save_track+0x3e/0x80
[  126.164441][ T6558]  ? __kasan_kmalloc+0x93/0xb0
[  126.169195][ T6558]  ? __kmalloc_cache_noprof+0x230/0x3d0
[  126.174733][ T6558]  ? ocfs2_reserve_new_metadata_blocks+0x113/0x940
[  126.181341][ T6558]  ? ocfs2_mknod+0xe08/0x2050
[  126.186009][ T6558]  ? ocfs2_create+0x1a5/0x440
[  126.190673][ T6558]  ? path_openat+0x14f4/0x3830
[  126.195424][ T6558]  ? do_filp_open+0x1fa/0x410
[  126.200088][ T6558]  ? do_sys_openat2+0x121/0x1c0
[  126.205020][ T6558]  ? __x64_sys_open+0x11e/0x150
[  126.210034][ T6558]  ? do_syscall_64+0xfa/0x3b0
[  126.214711][ T6558]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.220895][ T6558]  ? __kasan_kmalloc+0x93/0xb0
[  126.225649][ T6558]  ? ocfs2_reserve_new_metadata_blocks+0x113/0x940
[  126.232175][ T6558]  ocfs2_reserve_new_metadata_blocks+0x403/0x940
[  126.238501][ T6558]  ? __pfx_ocfs2_reserve_new_metadata_blocks+0x10/0x10
[  126.245345][ T6558]  ? __pfx_ocfs2_calc_xattr_init+0x10/0x10
[  126.251151][ T6558]  ? ocfs2_init_security_get+0x132/0x1a0
[  126.256775][ T6558]  ocfs2_mknod+0xe08/0x2050
[  126.261294][ T6558]  ? __pfx_ocfs2_mknod+0x10/0x10
[  126.266224][ T6558]  ? __pfx_ocfs2_find_entry+0x10/0x10
[  126.271592][ T6558]  ? __lock_acquire+0xab9/0xd20
[  126.276443][ T6558]  ? look_up_lock_class+0x74/0x170
[  126.281552][ T6558]  ? register_lock_class+0x51/0x320
[  126.286830][ T6558]  ? __lock_acquire+0xab9/0xd20
[  126.291686][ T6558]  ? __lock_acquire+0xab9/0xd20
[  126.296529][ T6558]  ? do_raw_spin_lock+0x121/0x290
[  126.301549][ T6558]  ? do_raw_spin_unlock+0x122/0x240
[  126.306753][ T6558]  ? rcu_is_watching+0x15/0xb0
[  126.311618][ T6558]  ? ocfs2_lookup+0x4a0/0x990
[  126.316300][ T6558]  ocfs2_create+0x1a5/0x440
[  126.320801][ T6558]  ? __pfx_ocfs2_lookup+0x10/0x10
[  126.325817][ T6558]  ? __pfx_ocfs2_create+0x10/0x10
[  126.330832][ T6558]  ? HAS_UNMAPPED_ID+0x11a/0x180
[  126.335764][ T6558]  ? bpf_lsm_inode_create+0x9/0x20
[  126.340868][ T6558]  ? __pfx_ocfs2_create+0x10/0x10
[  126.345884][ T6558]  path_openat+0x14f4/0x3830
[  126.350472][ T6558]  ? __pfx_path_openat+0x10/0x10
[  126.355391][ T6558]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.361974][ T6558]  do_filp_open+0x1fa/0x410
[  126.366466][ T6558]  ? __lock_acquire+0xab9/0xd20
[  126.371419][ T6558]  ? __pfx_do_filp_open+0x10/0x10
[  126.376542][ T6558]  ? _raw_spin_unlock+0x28/0x50
[  126.381397][ T6558]  ? alloc_fd+0x64c/0x6c0
[  126.385734][ T6558]  do_sys_openat2+0x121/0x1c0
[  126.390431][ T6558]  ? __se_sys_futex+0x36f/0x400
[  126.395305][ T6558]  ? __pfx_do_sys_openat2+0x10/0x10
[  126.400697][ T6558]  ? rcu_is_watching+0x15/0xb0
[  126.405456][ T6558]  __x64_sys_open+0x11e/0x150
[  126.410129][ T6558]  do_syscall_64+0xfa/0x3b0
[  126.414634][ T6558]  ? lockdep_hardirqs_on+0x9c/0x150
[  126.419842][ T6558]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.425932][ T6558]  ? clear_bhb_loop+0x60/0xb0
[  126.430623][ T6558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.436512][ T6558] RIP: 0033:0x7f52b4b7dff9
[  126.440921][ T6558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.460701][ T6558] RSP: 002b:00007f52b58bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  126.469196][ T6558] RAX: ffffffffffffffda RBX: 00007f52b4d35f80 RCX: 00007f52b4b7dff9
[  126.477274][ T6558] RDX: 0000000000000000 RSI: 0000000004008040 RDI: 0000000020000200
[  126.485260][ T6558] RBP: 00007f52b4bf0296 R08: 0000000000000000 R09: 0000000000000000
[  126.493227][ T6558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  126.501187][ T6558] R13: 0000000000000000 R14: 00007f52b4d35f80 R15: 00007fffd6688b08
[  126.509165][ T6558]  </TASK>
[  126.512419][ T6558] Kernel Offset: disabled
[  126.516747][ T6558] Rebooting in 86400 seconds..