Warning: Permanently added '10.128.10.39' (ED25519) to the list of known hosts.
2024/11/26 08:02:02 ignoring optional flag "sandboxArg"="0"
2024/11/26 08:02:02 parsed 1 programs
[  103.827480][ T6275] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  107.500448][ T2884] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.513356][ T2884] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.547259][ T2884] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.555448][ T2884] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.720563][ T6325] chnl_net:caif_netlink_parms(): no params data found
[  107.762491][ T6325] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.770679][ T6325] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.778273][ T6325] bridge_slave_0: entered allmulticast mode
[  107.785826][ T6325] bridge_slave_0: entered promiscuous mode
[  107.794725][ T6325] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.802218][ T6325] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.810059][ T6325] bridge_slave_1: entered allmulticast mode
[  107.817115][ T6325] bridge_slave_1: entered promiscuous mode
[  107.852264][ T6325] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  107.866830][ T6325] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  107.910481][ T6325] team0: Port device team_slave_0 added
[  107.919093][ T6325] team0: Port device team_slave_1 added
[  107.943938][ T6325] batman_adv: batadv0: Adding interface: batadv_slave_0
[  107.951355][ T6325] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.977712][ T6325] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  107.992604][ T6325] batman_adv: batadv0: Adding interface: batadv_slave_1
[  108.000610][ T6325] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.026927][ T6325] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  108.058360][ T6325] hsr_slave_0: entered promiscuous mode
[  108.064947][ T6325] hsr_slave_1: entered promiscuous mode
[  108.576022][ T6325] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  108.586171][ T6325] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  108.597806][ T6325] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  108.607328][ T6325] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  108.674415][ T6325] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.693482][ T6325] 8021q: adding VLAN 0 to HW filter on device team0
[  108.709455][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.716652][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  108.727326][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.734630][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  108.928215][ T6325] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.972002][ T6325] veth0_vlan: entered promiscuous mode
[  108.987479][ T6325] veth1_vlan: entered promiscuous mode
[  109.021896][ T6325] veth0_macvtap: entered promiscuous mode
[  109.033278][ T6325] veth1_macvtap: entered promiscuous mode
[  109.058653][ T6325] batman_adv: batadv0: Interface activated: batadv_slave_0
[  109.073410][ T6325] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.088698][ T6325] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.099334][ T6325] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.108830][ T6325] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.118912][ T6325] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.267635][ T2884] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.375202][ T2884] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.475283][ T2884] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.563242][ T2884] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.740143][ T5140] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  110.752157][ T5140] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  110.760485][ T5140] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  110.770478][ T5140] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  110.802020][ T5140] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  110.811238][ T5140] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2024/11/26 08:02:13 executed programs: 0
[  111.105822][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  111.115857][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  111.124355][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  111.133435][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  111.143732][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  111.151695][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  111.329599][ T6481] chnl_net:caif_netlink_parms(): no params data found
[  111.441434][ T6481] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.450177][ T6481] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.459273][ T6481] bridge_slave_0: entered allmulticast mode
[  111.468410][ T6481] bridge_slave_0: entered promiscuous mode
[  111.478142][ T6481] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.486872][ T6481] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.495708][ T6481] bridge_slave_1: entered allmulticast mode
[  111.502744][ T6481] bridge_slave_1: entered promiscuous mode
[  111.539250][ T6481] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  111.552534][ T6481] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  111.592722][ T6481] team0: Port device team_slave_0 added
[  111.602724][ T6481] team0: Port device team_slave_1 added
[  111.635685][ T6481] batman_adv: batadv0: Adding interface: batadv_slave_0
[  111.642696][ T6481] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.672125][ T6481] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  111.688071][ T6481] batman_adv: batadv0: Adding interface: batadv_slave_1
[  111.695528][ T6481] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.725079][ T6481] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  111.773486][ T6481] hsr_slave_0: entered promiscuous mode
[  111.781344][ T6481] hsr_slave_1: entered promiscuous mode
[  111.789396][ T6481] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  111.799051][ T6481] Cannot create hsr debugfs directory
[  112.245045][ T2884] bridge_slave_1: left allmulticast mode
[  112.254613][ T2884] bridge_slave_1: left promiscuous mode
[  112.260387][ T2884] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.271465][ T2884] bridge_slave_0: left allmulticast mode
[  112.278541][ T2884] bridge_slave_0: left promiscuous mode
[  112.286015][ T2884] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.619376][ T2884] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  112.630039][ T2884] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  112.640274][ T2884] bond0 (unregistering): Released all slaves
[  112.747886][ T2884] hsr_slave_0: left promiscuous mode
[  112.754796][ T2884] hsr_slave_1: left promiscuous mode
[  112.760853][ T2884] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  112.777567][ T2884] batman_adv: batadv0: Removing interface: batadv_slave_0
[  112.788698][ T2884] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  112.801979][ T2884] batman_adv: batadv0: Removing interface: batadv_slave_1
[  112.823277][ T2884] veth1_macvtap: left promiscuous mode
[  112.831112][ T2884] veth0_macvtap: left promiscuous mode
[  112.838905][ T2884] veth1_vlan: left promiscuous mode
[  112.845555][ T2884] veth0_vlan: left promiscuous mode
[  113.185760][   T54] Bluetooth: hci1: command tx timeout
[  113.297414][ T2884] team0 (unregistering): Port device team_slave_1 removed
[  113.336936][ T2884] team0 (unregistering): Port device team_slave_0 removed
[  113.955095][ T6481] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  113.973390][ T6481] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  113.992689][ T6481] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  114.015225][ T6481] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  114.288900][ T6481] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.315563][ T6481] 8021q: adding VLAN 0 to HW filter on device team0
[  114.345631][  T187] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.352860][  T187] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.400285][  T187] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.407480][  T187] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.478385][ T6481] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  114.495040][ T6481] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  114.721509][ T6481] 8021q: adding VLAN 0 to HW filter on device batadv0
[  114.802463][ T6481] veth0_vlan: entered promiscuous mode
[  114.816505][ T6481] veth1_vlan: entered promiscuous mode
[  114.841973][ T6481] veth0_macvtap: entered promiscuous mode
[  114.857468][ T6481] veth1_macvtap: entered promiscuous mode
[  114.877412][ T6481] batman_adv: batadv0: Interface activated: batadv_slave_0
[  114.893126][ T6481] batman_adv: batadv0: Interface activated: batadv_slave_1
[  114.909943][ T6481] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  114.919866][ T6481] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  114.928917][ T6481] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  114.938038][ T6481] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  115.009574][ T2884] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  115.023003][ T2884] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  115.048107][ T2884] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  115.058657][ T2884] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  115.149006][ T6652] loop0: detected capacity change from 0 to 2048
[  115.208993][ T6656] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  115.246657][ T6652] ==================================================================
[  115.254775][ T6652] BUG: KASAN: slab-out-of-bounds in ovl_inode_upper+0x36/0x80
[  115.262280][ T6652] Read of size 8 at addr ffff8880728b3f40 by task syz.0.15/6652
[  115.264585][   T54] Bluetooth: hci1: command tx timeout
[  115.269919][ T6652] 
[  115.269954][ T6652] CPU: 0 UID: 0 PID: 6652 Comm: syz.0.15 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[  115.287821][ T6652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  115.298131][ T6652] Call Trace:
[  115.301541][ T6652]  <TASK>
[  115.304583][ T6652]  dump_stack_lvl+0x241/0x360
[  115.309297][ T6652]  ? __pfx_dump_stack_lvl+0x10/0x10
[  115.314525][ T6652]  ? __pfx__printk+0x10/0x10
[  115.319157][ T6652]  ? _printk+0xd5/0x120
[  115.323347][ T6652]  ? __virt_addr_valid+0x183/0x530
[  115.328489][ T6652]  ? __virt_addr_valid+0x183/0x530
[  115.333633][ T6652]  print_report+0x169/0x550
[  115.338167][ T6652]  ? __virt_addr_valid+0x183/0x530
[  115.343306][ T6652]  ? __virt_addr_valid+0x183/0x530
[  115.348440][ T6652]  ? __virt_addr_valid+0x45f/0x530
[  115.353576][ T6652]  ? __phys_addr+0xba/0x170
[  115.358103][ T6652]  ? ovl_inode_upper+0x36/0x80
[  115.362925][ T6652]  kasan_report+0x143/0x180
[  115.367460][ T6652]  ? ovl_inode_upper+0x36/0x80
[  115.372343][ T6652]  ovl_inode_upper+0x36/0x80
[  115.377047][ T6652]  ovl_file_accessed+0x7e/0x370
[  115.381944][ T6652]  ? __pfx_ovl_file_accessed+0x10/0x10
[  115.387521][ T6652]  backing_file_mmap+0x1f8/0x260
[  115.392489][ T6652]  ovl_mmap+0x1c9/0x220
[  115.396756][ T6652]  ? __pfx_ovl_mmap+0x10/0x10
[  115.401464][ T6652]  ? __pfx_ovl_file_accessed+0x10/0x10
[  115.406950][ T6652]  ? __mmap_region+0x2014/0x2cd0
[  115.412004][ T6652]  ? kasan_check_range+0x86/0x290
[  115.417063][ T6652]  __mmap_region+0x2204/0x2cd0
[  115.421960][ T6652]  ? __pfx___mmap_region+0x10/0x10
[  115.427124][ T6652]  ? arch_get_unmapped_area_topdown+0x28e/0xc50
[  115.433493][ T6652]  ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10
[  115.440110][ T6652]  ? cap_mmap_addr+0x163/0x2c0
[  115.445012][ T6652]  mmap_region+0x1d0/0x2c0
[  115.449460][ T6652]  ? security_mmap_addr+0x6f/0x250
[  115.454600][ T6652]  do_mmap+0x8f0/0x1000
[  115.458787][ T6652]  ? __pfx_do_mmap+0x10/0x10
[  115.463408][ T6652]  ? __pfx_down_write_killable+0x10/0x10
[  115.469070][ T6652]  ? common_file_perm+0x1a6/0x210
[  115.474128][ T6652]  vm_mmap_pgoff+0x1dd/0x3d0
[  115.478925][ T6652]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  115.484069][ T6652]  ? __fget_files+0x2a/0x410
[  115.488701][ T6652]  ? __fget_files+0x395/0x410
[  115.493407][ T6652]  ? __fget_files+0x2a/0x410
[  115.498027][ T6652]  ksys_mmap_pgoff+0x4eb/0x720
[  115.502909][ T6652]  ? __x64_sys_mmap+0x7f/0x140
[  115.507787][ T6652]  do_syscall_64+0xf3/0x230
[  115.512416][ T6652]  ? clear_bhb_loop+0x35/0x90
[  115.517136][ T6652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.523152][ T6652] RIP: 0033:0x7f111e37e819
[  115.527618][ T6652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.547336][ T6652] RSP: 002b:00007f111f22f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  115.555869][ T6652] RAX: ffffffffffffffda RBX: 00007f111e535fa0 RCX: 00007f111e37e819
[  115.563890][ T6652] RDX: 0000000000000000 RSI: 0000000000004000 RDI: 0000000020ffc000
[  115.572320][ T6652] RBP: 00007f111e3f175e R08: 0000000000000005 R09: 0000000000000000
[  115.580402][ T6652] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000
[  115.588401][ T6652] R13: 0000000000000000 R14: 00007f111e535fa0 R15: 00007ffc35013e98
[  115.596422][ T6652]  </TASK>
[  115.599472][ T6652] 
[  115.601806][ T6652] Allocated by task 6652:
[  115.606241][ T6652]  kasan_save_track+0x3f/0x80
[  115.610943][ T6652]  __kasan_slab_alloc+0x66/0x80
[  115.615821][ T6652]  kmem_cache_alloc_lru_noprof+0x1dd/0x390
[  115.621657][ T6652]  nilfs_alloc_inode+0x2e/0x110
[  115.626534][ T6652]  alloc_inode+0x65/0x1a0
[  115.630901][ T6652]  iget5_locked+0x4a/0xa0
[  115.635266][ T6652]  nilfs_iget+0x130/0x810
[  115.639619][ T6652]  nilfs_lookup+0x198/0x210
[  115.644150][ T6652]  __lookup_slow+0x28c/0x3f0
[  115.648781][ T6652]  lookup_one_unlocked+0x1a4/0x290
[  115.653916][ T6652]  ovl_lookup_single+0x200/0xbd0
[  115.658882][ T6652]  ovl_lookup_layer+0x417/0x510
[  115.663757][ T6652]  ovl_lookup+0xcf7/0x2a60
[  115.668193][ T6652]  path_openat+0x11a7/0x3590
[  115.672805][ T6652]  do_filp_open+0x27f/0x4e0
[  115.677328][ T6652]  do_sys_openat2+0x13e/0x1d0
[  115.682027][ T6652]  __x64_sys_open+0x225/0x270
[  115.686727][ T6652]  do_syscall_64+0xf3/0x230
[  115.691295][ T6652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.697224][ T6652] 
[  115.699563][ T6652] The buggy address belongs to the object at ffff8880728b3960
[  115.699563][ T6652]  which belongs to the cache nilfs2_inode_cache of size 1504
[  115.714508][ T6652] The buggy address is located 0 bytes to the right of
[  115.714508][ T6652]  allocated 1504-byte region [ffff8880728b3960, ffff8880728b3f40)
[  115.729370][ T6652] 
[  115.731979][ T6652] The buggy address belongs to the physical page:
[  115.738411][ T6652] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x728b0
[  115.747311][ T6652] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  115.755837][ T6652] memcg:ffff88807e515401
[  115.760183][ T6652] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  115.767843][ T6652] page_type: f5(slab)
[  115.772037][ T6652] raw: 00fff00000000040 ffff888140fa9140 dead000000000122 0000000000000000
[  115.780738][ T6652] raw: 0000000000000000 0000000080140014 00000001f5000000 ffff88807e515401
[  115.789351][ T6652] head: 00fff00000000040 ffff888140fa9140 dead000000000122 0000000000000000
[  115.798139][ T6652] head: 0000000000000000 0000000080140014 00000001f5000000 ffff88807e515401
[  115.806924][ T6652] head: 00fff00000000003 ffffea0001ca2c01 ffffffffffffffff 0000000000000000
[  115.815619][ T6652] head: 0000000700000008 0000000000000000 00000000ffffffff 0000000000000000
[  115.824308][ T6652] page dumped because: kasan: bad access detected
[  115.830747][ T6652] page_owner tracks the page as allocated
[  115.836487][ T6652] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_RECLAIMABLE), pid 6652, tgid 6651 (syz.0.15), ts 115182091449, free_ts 67917668748
[  115.858569][ T6652]  post_alloc_hook+0x1f3/0x230
[  115.863366][ T6652]  get_page_from_freelist+0x3649/0x3790
[  115.868943][ T6652]  __alloc_pages_noprof+0x292/0x710
[  115.874169][ T6652]  alloc_pages_mpol_noprof+0x3e8/0x680
[  115.879659][ T6652]  alloc_slab_page+0x6a/0x140
[  115.884444][ T6652]  allocate_slab+0x5a/0x2f0
[  115.888975][ T6652]  ___slab_alloc+0xcd1/0x14b0
[  115.893717][ T6652]  __slab_alloc+0x58/0xa0
[  115.898075][ T6652]  kmem_cache_alloc_lru_noprof+0x26c/0x390
[  115.903914][ T6652]  nilfs_alloc_inode+0x2e/0x110
[  115.908789][ T6652]  alloc_inode+0x65/0x1a0
[  115.913149][ T6652]  iget5_locked+0x4a/0xa0
[  115.917507][ T6652]  nilfs_iget_locked+0x113/0x160
[  115.922469][ T6652]  nilfs_dat_read+0xc3/0x320
[  115.927082][ T6652]  load_nilfs+0x56f/0x1090
[  115.931531][ T6652]  nilfs_fill_super+0x31e/0x720
[  115.936417][ T6652] page last free pid 5825 tgid 5825 stack trace:
[  115.942757][ T6652]  free_unref_folios+0xf37/0x1a20
[  115.947816][ T6652]  folios_put_refs+0x76c/0x860
[  115.952614][ T6652]  free_pages_and_swap_cache+0x2ea/0x690
[  115.958284][ T6652]  tlb_flush_mmu+0x3a3/0x680
[  115.962914][ T6652]  tlb_finish_mmu+0xd4/0x200
[  115.967540][ T6652]  vms_clear_ptes+0x437/0x530
[  115.972254][ T6652]  vms_complete_munmap_vmas+0x210/0x8f0
[  115.977831][ T6652]  do_vmi_align_munmap+0x5ef/0x6f0
[  115.982968][ T6652]  do_vmi_munmap+0x24e/0x2d0
[  115.987593][ T6652]  __vm_munmap+0x24c/0x480
[  115.992044][ T6652]  __x64_sys_munmap+0x60/0x70
[  115.996745][ T6652]  do_syscall_64+0xf3/0x230
[  116.001277][ T6652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.007203][ T6652] 
[  116.009544][ T6652] Memory state around the buggy address:
[  116.015198][ T6652]  ffff8880728b3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  116.023279][ T6652]  ffff8880728b3e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  116.031360][ T6652] >ffff8880728b3f00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  116.039532][ T6652]                                            ^
[  116.045712][ T6652]  ffff8880728b3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  116.053796][ T6652]  ffff8880728b4000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  116.061900][ T6652] ==================================================================
[  116.082533][ T6652] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  116.089871][ T6652] CPU: 0 UID: 0 PID: 6652 Comm: syz.0.15 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0
[  116.100055][ T6652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  116.110213][ T6652] Call Trace:
[  116.113682][ T6652]  <TASK>
[  116.116726][ T6652]  dump_stack_lvl+0x241/0x360
[  116.121443][ T6652]  ? __pfx_dump_stack_lvl+0x10/0x10
[  116.126681][ T6652]  ? __pfx__printk+0x10/0x10
[  116.131311][ T6652]  ? preempt_schedule+0xe1/0xf0
[  116.136217][ T6652]  ? vscnprintf+0x5d/0x90
[  116.140617][ T6652]  panic+0x349/0x880
[  116.144552][ T6652]  ? check_panic_on_warn+0x21/0xb0
[  116.149692][ T6652]  ? __pfx_panic+0x10/0x10
[  116.154228][ T6652]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  116.160254][ T6652]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  116.166700][ T6652]  ? print_report+0x502/0x550
[  116.171671][ T6652]  check_panic_on_warn+0x86/0xb0
[  116.176640][ T6652]  ? ovl_inode_upper+0x36/0x80
[  116.181445][ T6652]  end_report+0x77/0x160
[  116.185727][ T6652]  kasan_report+0x154/0x180
[  116.190247][ T6652]  ? ovl_inode_upper+0x36/0x80
[  116.195014][ T6652]  ovl_inode_upper+0x36/0x80
[  116.199629][ T6652]  ovl_file_accessed+0x7e/0x370
[  116.204495][ T6652]  ? __pfx_ovl_file_accessed+0x10/0x10
[  116.209959][ T6652]  backing_file_mmap+0x1f8/0x260
[  116.214905][ T6652]  ovl_mmap+0x1c9/0x220
[  116.219056][ T6652]  ? __pfx_ovl_mmap+0x10/0x10
[  116.223739][ T6652]  ? __pfx_ovl_file_accessed+0x10/0x10
[  116.229226][ T6652]  ? __mmap_region+0x2014/0x2cd0
[  116.234281][ T6652]  ? kasan_check_range+0x86/0x290
[  116.239331][ T6652]  __mmap_region+0x2204/0x2cd0
[  116.244107][ T6652]  ? __pfx___mmap_region+0x10/0x10
[  116.249321][ T6652]  ? arch_get_unmapped_area_topdown+0x28e/0xc50
[  116.255651][ T6652]  ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10
[  116.262239][ T6652]  ? cap_mmap_addr+0x163/0x2c0
[  116.266998][ T6652]  mmap_region+0x1d0/0x2c0
[  116.271424][ T6652]  ? security_mmap_addr+0x6f/0x250
[  116.276529][ T6652]  do_mmap+0x8f0/0x1000
[  116.280718][ T6652]  ? __pfx_do_mmap+0x10/0x10
[  116.285337][ T6652]  ? __pfx_down_write_killable+0x10/0x10
[  116.291084][ T6652]  ? common_file_perm+0x1a6/0x210
[  116.296300][ T6652]  vm_mmap_pgoff+0x1dd/0x3d0
[  116.300901][ T6652]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  116.306007][ T6652]  ? __fget_files+0x2a/0x410
[  116.310629][ T6652]  ? __fget_files+0x395/0x410
[  116.315325][ T6652]  ? __fget_files+0x2a/0x410
[  116.319930][ T6652]  ksys_mmap_pgoff+0x4eb/0x720
[  116.324707][ T6652]  ? __x64_sys_mmap+0x7f/0x140
[  116.329476][ T6652]  do_syscall_64+0xf3/0x230
[  116.334000][ T6652]  ? clear_bhb_loop+0x35/0x90
[  116.338677][ T6652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.344576][ T6652] RIP: 0033:0x7f111e37e819
[  116.349166][ T6652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.368806][ T6652] RSP: 002b:00007f111f22f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  116.377228][ T6652] RAX: ffffffffffffffda RBX: 00007f111e535fa0 RCX: 00007f111e37e819
[  116.385194][ T6652] RDX: 0000000000000000 RSI: 0000000000004000 RDI: 0000000020ffc000
[  116.393159][ T6652] RBP: 00007f111e3f175e R08: 0000000000000005 R09: 0000000000000000
[  116.401406][ T6652] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000
[  116.409384][ T6652] R13: 0000000000000000 R14: 00007f111e535fa0 R15: 00007ffc35013e98
[  116.417356][ T6652]  </TASK>
[  116.420789][ T6652] Kernel Offset: disabled
[  116.425298][ T6652] Rebooting in 86400 seconds..