Warning: Permanently added '10.128.1.69' (ED25519) to the list of known hosts.
2025/04/12 08:45:48 ignoring optional flag "sandboxArg"="0"
2025/04/12 08:45:49 parsed 1 programs
[  119.412239][ T6056] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  122.462854][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.471631][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.498935][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.507159][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.916544][ T5922] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  123.925536][ T5922] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  123.934930][ T5922] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  123.943991][ T5922] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  123.952496][ T5922] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  124.682803][ T6136] chnl_net:caif_netlink_parms(): no params data found
[  124.759564][ T6136] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.766777][ T6136] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.774208][ T6136] bridge_slave_0: entered allmulticast mode
[  124.781405][ T6136] bridge_slave_0: entered promiscuous mode
[  124.792464][ T6136] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.799987][ T6136] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.807273][ T6136] bridge_slave_1: entered allmulticast mode
[  124.815623][ T6136] bridge_slave_1: entered promiscuous mode
[  124.845893][ T6136] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  124.857599][ T6136] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  124.893272][ T6136] team0: Port device team_slave_0 added
[  124.901727][ T6136] team0: Port device team_slave_1 added
[  124.935822][ T6136] batman_adv: batadv0: Adding interface: batadv_slave_0
[  124.943128][ T6136] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  124.970053][ T6136] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  124.982095][ T6136] batman_adv: batadv0: Adding interface: batadv_slave_1
[  124.990370][ T6136] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  125.016637][ T6136] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  125.058364][ T6136] hsr_slave_0: entered promiscuous mode
[  125.064782][ T6136] hsr_slave_1: entered promiscuous mode
[  125.173968][ T6136] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.252662][ T6136] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.301545][ T6136] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.373417][ T6136] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.533590][ T6136] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  125.546251][ T6136] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  125.556088][ T6136] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  125.566041][ T6136] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  125.640133][ T6136] 8021q: adding VLAN 0 to HW filter on device bond0
[  125.662585][ T6136] 8021q: adding VLAN 0 to HW filter on device team0
[  125.676129][   T63] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.683392][   T63] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.698708][ T1343] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.705928][ T1343] bridge0: port 2(bridge_slave_1) entered forwarding state
[  125.853843][ T6136] 8021q: adding VLAN 0 to HW filter on device batadv0
[  125.894554][ T6136] veth0_vlan: entered promiscuous mode
[  125.904740][ T6136] veth1_vlan: entered promiscuous mode
[  125.935108][ T6136] veth0_macvtap: entered promiscuous mode
[  125.946297][ T6136] veth1_macvtap: entered promiscuous mode
[  125.964352][ T6136] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.975372][ T6136] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.987304][ T6136] batman_adv: batadv0: Interface activated: batadv_slave_0
[  126.001662][ T6136] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  126.013051][ T6136] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.024599][ T6136] batman_adv: batadv0: Interface activated: batadv_slave_1
[  126.036732][ T6136] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  126.046289][ T6136] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  126.055440][ T6136] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  126.064399][ T6136] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/04/12 08:46:00 executed programs: 0
[  126.755327][ T5922] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  126.764028][ T5922] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  126.772588][ T5922] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  126.781522][ T5922] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  126.790961][ T5922] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  126.957965][ T6156] chnl_net:caif_netlink_parms(): no params data found
[  127.037494][ T6156] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.045418][ T6156] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.053316][ T6156] bridge_slave_0: entered allmulticast mode
[  127.061533][ T6156] bridge_slave_0: entered promiscuous mode
[  127.070672][ T6156] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.078083][ T6156] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.085405][ T6156] bridge_slave_1: entered allmulticast mode
[  127.092917][ T6156] bridge_slave_1: entered promiscuous mode
[  127.130551][ T6156] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  127.143640][ T6156] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  127.181392][ T6156] team0: Port device team_slave_0 added
[  127.191479][ T6156] team0: Port device team_slave_1 added
[  127.225895][ T6156] batman_adv: batadv0: Adding interface: batadv_slave_0
[  127.233054][ T6156] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  127.259927][ T6156] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  127.274556][ T6156] batman_adv: batadv0: Adding interface: batadv_slave_1
[  127.282507][ T6156] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  127.308567][ T6156] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  127.363549][ T6156] hsr_slave_0: entered promiscuous mode
[  127.370048][ T6156] hsr_slave_1: entered promiscuous mode
[  127.376304][ T6156] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  127.384766][ T6156] Cannot create hsr debugfs directory
[  127.513604][ T6156] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.829290][ T5140] Bluetooth: hci0: command tx timeout
[  128.943984][ T6156] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.418180][ T6156] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.491264][ T6156] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.587951][ T6156] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  129.598770][ T6156] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  129.609458][ T6156] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  129.620946][ T6156] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  129.688618][ T6156] 8021q: adding VLAN 0 to HW filter on device bond0
[  129.712395][ T6156] 8021q: adding VLAN 0 to HW filter on device team0
[  129.725458][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.732657][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  129.747438][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.754629][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  129.914544][ T6156] 8021q: adding VLAN 0 to HW filter on device batadv0
[  129.956388][ T6156] veth0_vlan: entered promiscuous mode
[  129.967298][ T6156] veth1_vlan: entered promiscuous mode
[  129.995740][ T6156] veth0_macvtap: entered promiscuous mode
[  130.005411][ T6156] veth1_macvtap: entered promiscuous mode
[  130.024220][ T6156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  130.035747][ T6156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.045952][ T6156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  130.056493][ T6156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.068451][ T6156] batman_adv: batadv0: Interface activated: batadv_slave_0
[  130.084374][ T6156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  130.094966][ T6156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.105388][ T6156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  130.117322][ T6156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.128635][ T6156] batman_adv: batadv0: Interface activated: batadv_slave_1
[  130.142391][ T6156] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  130.151362][ T6156] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  130.160901][ T6156] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  130.170934][ T6156] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  130.235456][ T1343] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.248335][ T1343] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.277072][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.286464][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.513056][ T6170] loop0: detected capacity change from 0 to 32768
[  130.521475][ T6170] =======================================================
[  130.521475][ T6170] WARNING: The mand mount option has been deprecated and
[  130.521475][ T6170]          and is ignored by this kernel. Remove the mand
[  130.521475][ T6170]          option from the mount to silence this warning.
[  130.521475][ T6170] =======================================================
[  130.577068][ T6170] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  130.592688][ T6170] (syz.0.16,6170,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=26105, inode=0, rec_len=0, name_len=0
[  130.625259][ T6156] ocfs2: Unmounting device (7,0) on (node local)
[  130.881208][ T6174] loop0: detected capacity change from 0 to 32768
[  130.909395][ T5140] Bluetooth: hci0: command tx timeout
[  130.924831][ T6174] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  130.940741][ T6174] (syz.0.17,6174,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=26105, inode=0, rec_len=0, name_len=0
[  130.966671][ T6156] ocfs2: Unmounting device (7,0) on (node local)
[  131.242720][ T6178] loop0: detected capacity change from 0 to 32768
[  131.275204][ T6178] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  131.291246][ T6178] (syz.0.18,6178,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=26105, inode=3221303070, rec_len=0, name_len=0
[  131.322792][ T6156] ocfs2: Unmounting device (7,0) on (node local)
[  131.594052][ T6182] loop0: detected capacity change from 0 to 32768
[  131.641627][ T6182] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  131.653151][ T6182] (syz.0.19,6182,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=26105, inode=0, rec_len=0, name_len=0
[  131.677035][ T6156] ocfs2: Unmounting device (7,0) on (node local)
[  131.945117][ T6186] loop0: detected capacity change from 0 to 32768
[  131.978087][ T6186] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
2025/04/12 08:46:05 executed programs: 7
[  131.990470][ T6186] (syz.0.20,6186,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=26105, inode=0, rec_len=0, name_len=0
[  132.016769][ T6156] ocfs2: Unmounting device (7,0) on (node local)
[  132.287786][ T6190] loop0: detected capacity change from 0 to 32768
[  132.335318][ T6190] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  132.348729][ T6190] ==================================================================
[  132.357169][ T6190] BUG: KASAN: use-after-free in ocfs2_dir_foreach_blk+0x1344/0x1b30
[  132.365300][ T6190] Read of size 2 at addr ffff88805da5b8c9 by task syz.0.21/6190
[  132.373010][ T6190] 
[  132.375339][ T6190] CPU: 0 UID: 0 PID: 6190 Comm: syz.0.21 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  132.375352][ T6190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  132.375361][ T6190] Call Trace:
[  132.375366][ T6190]  <TASK>
[  132.375371][ T6190]  dump_stack_lvl+0x241/0x360
[  132.375388][ T6190]  ? __pfx_dump_stack_lvl+0x10/0x10
[  132.375400][ T6190]  ? __virt_addr_valid+0x183/0x530
[  132.375412][ T6190]  ? rcu_is_watching+0x15/0xb0
[  132.375423][ T6190]  ? __virt_addr_valid+0x183/0x530
[  132.375433][ T6190]  ? lock_release+0x4e/0x3e0
[  132.375443][ T6190]  ? __virt_addr_valid+0x183/0x530
[  132.375453][ T6190]  ? __virt_addr_valid+0x183/0x530
[  132.375464][ T6190]  print_report+0x16e/0x5b0
[  132.375478][ T6190]  ? __virt_addr_valid+0x183/0x530
[  132.375488][ T6190]  ? __virt_addr_valid+0x183/0x530
[  132.375498][ T6190]  ? __virt_addr_valid+0x45f/0x530
[  132.375509][ T6190]  ? __phys_addr+0xba/0x170
[  132.375519][ T6190]  ? ocfs2_dir_foreach_blk+0x1344/0x1b30
[  132.375538][ T6190]  kasan_report+0x143/0x180
[  132.375546][ T6190]  ? ocfs2_dir_foreach_blk+0x1344/0x1b30
[  132.375560][ T6190]  ocfs2_dir_foreach_blk+0x1344/0x1b30
[  132.375573][ T6190]  ? do_raw_spin_unlock+0x13c/0x8b0
[  132.375586][ T6190]  ? _raw_spin_unlock+0x28/0x50
[  132.375597][ T6190]  ? __pfx_ocfs2_dir_foreach_blk+0x10/0x10
[  132.375609][ T6190]  ? ocfs2_inode_lock_atime+0x283/0x5f0
[  132.375622][ T6190]  ? __pfx_ocfs2_inode_lock_atime+0x10/0x10
[  132.375635][ T6190]  ocfs2_readdir+0x2b1/0x5e0
[  132.375647][ T6190]  ? __pfx_ocfs2_readdir+0x10/0x10
[  132.375658][ T6190]  ? down_write+0x18d/0x220
[  132.375670][ T6190]  ? __pfx_down_write+0x10/0x10
[  132.375681][ T6190]  ? wrap_directory_iterator+0x52/0xd0
[  132.375695][ T6190]  ? __pfx_ocfs2_readdir+0x10/0x10
[  132.375707][ T6190]  wrap_directory_iterator+0x91/0xd0
[  132.375720][ T6190]  iterate_dir+0x5a9/0x760
[  132.375733][ T6190]  __se_sys_getdents+0x1ff/0x4e0
[  132.375747][ T6190]  ? __pfx___se_sys_getdents+0x10/0x10
[  132.375759][ T6190]  ? __pfx_filldir+0x10/0x10
[  132.375774][ T6190]  ? do_syscall_64+0xb6/0x230
[  132.375788][ T6190]  do_syscall_64+0xf3/0x230
[  132.375799][ T6190]  ? clear_bhb_loop+0x45/0xa0
[  132.375808][ T6190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.375821][ T6190] RIP: 0033:0x7f5cb4b8cda9
[  132.375834][ T6190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.375841][ T6190] RSP: 002b:00007f5cb5912038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[  132.375853][ T6190] RAX: ffffffffffffffda RBX: 00007f5cb4da5fa0 RCX: 00007f5cb4b8cda9
[  132.375860][ T6190] RDX: 0000000000000054 RSI: 0000000000000000 RDI: 0000000000000004
[  132.375865][ T6190] RBP: 00007f5cb4c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  132.375871][ T6190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  132.375876][ T6190] R13: 0000000000000000 R14: 00007f5cb4da5fa0 R15: 00007ffe6d8020c8
[  132.375886][ T6190]  </TASK>
[  132.375889][ T6190] 
[  132.669410][ T6190] The buggy address belongs to the physical page:
[  132.675833][ T6190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xd31 pfn:0x5da5b
[  132.684873][ T6190] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  132.692004][ T6190] raw: 00fff00000000000 ffffea0001769708 ffffea0001769688 0000000000000000
[  132.700596][ T6190] raw: 0000000000000d31 0000000000000000 00000000ffffffff 0000000000000000
[  132.709176][ T6190] page dumped because: kasan: bad access detected
[  132.715758][ T6190] page_owner tracks the page as freed
[  132.721120][ T6190] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 6186, tgid 6185 (syz.0.20), ts 131925688353, free_ts 132115154378
[  132.738668][ T6190]  post_alloc_hook+0x1f4/0x240
[  132.743473][ T6190]  get_page_from_freelist+0x351d/0x36b0
[  132.749206][ T6190]  __alloc_frozen_pages_noprof+0x211/0x5b0
[  132.755223][ T6190]  alloc_pages_mpol+0x339/0x690
[  132.760081][ T6190]  folio_alloc_mpol_noprof+0x36/0x70
[  132.765558][ T6190]  shmem_alloc_and_add_folio+0x490/0x1070
[  132.771314][ T6190]  shmem_get_folio_gfp+0x655/0x1800
[  132.776520][ T6190]  shmem_write_begin+0x17e/0x3a0
[  132.781456][ T6190]  generic_perform_write+0x329/0xa10
[  132.786756][ T6190]  shmem_file_write_iter+0xf9/0x120
[  132.792050][ T6190]  vfs_write+0x70f/0xd10
[  132.796287][ T6190]  ksys_write+0x19d/0x2d0
[  132.800614][ T6190]  do_syscall_64+0xf3/0x230
[  132.805121][ T6190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.810997][ T6190] page last free pid 6156 tgid 6156 stack trace:
[  132.817300][ T6190]  free_unref_folios+0xdfd/0x17e0
[  132.822310][ T6190]  folios_put_refs+0x70a/0x800
[  132.827062][ T6190]  shmem_undo_range+0x595/0x1820
[  132.832071][ T6190]  shmem_evict_inode+0x29d/0xa80
[  132.836993][ T6190]  evict+0x4f9/0x9b0
[  132.840895][ T6190]  __dentry_kill+0x20d/0x630
[  132.845514][ T6190]  dput+0x19f/0x2b0
[  132.849445][ T6190]  __fput+0x60b/0x9f0
[  132.853499][ T6190]  task_work_run+0x251/0x310
[  132.858077][ T6190]  syscall_exit_to_user_mode+0x13f/0x340
[  132.863701][ T6190]  do_syscall_64+0x100/0x230
[  132.868308][ T6190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.874291][ T6190] 
[  132.876647][ T6190] Memory state around the buggy address:
[  132.882611][ T6190]  ffff88805da5b780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  132.890696][ T6190]  ffff88805da5b800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  132.898756][ T6190] >ffff88805da5b880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  132.906829][ T6190]                                               ^
[  132.913495][ T6190]  ffff88805da5b900: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  132.921569][ T6190]  ffff88805da5b980: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  132.929717][ T6190] ==================================================================
[  132.940977][ T6190] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  132.948197][ T6190] CPU: 0 UID: 0 PID: 6190 Comm: syz.0.21 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  132.960029][ T6190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  132.970278][ T6190] Call Trace:
[  132.973647][ T6190]  <TASK>
[  132.976856][ T6190]  dump_stack_lvl+0x241/0x360
[  132.981742][ T6190]  ? __pfx_dump_stack_lvl+0x10/0x10
[  132.986968][ T6190]  ? __pfx__printk+0x10/0x10
[  132.991906][ T6190]  ? vscnprintf+0x5d/0x90
[  132.996229][ T6190]  panic+0x349/0x880
[  133.000130][ T6190]  ? check_panic_on_warn+0x21/0xb0
[  133.005423][ T6190]  ? __pfx_panic+0x10/0x10
[  133.009848][ T6190]  ? _raw_spin_unlock_irqrestore+0x134/0x140
[  133.015814][ T6190]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  133.022214][ T6190]  ? print_report+0x519/0x5b0
[  133.026967][ T6190]  check_panic_on_warn+0x86/0xb0
[  133.031896][ T6190]  ? ocfs2_dir_foreach_blk+0x1344/0x1b30
[  133.037521][ T6190]  end_report+0x77/0x160
[  133.041853][ T6190]  kasan_report+0x154/0x180
[  133.046355][ T6190]  ? ocfs2_dir_foreach_blk+0x1344/0x1b30
[  133.051988][ T6190]  ocfs2_dir_foreach_blk+0x1344/0x1b30
[  133.057545][ T6190]  ? do_raw_spin_unlock+0x13c/0x8b0
[  133.062829][ T6190]  ? _raw_spin_unlock+0x28/0x50
[  133.067668][ T6190]  ? __pfx_ocfs2_dir_foreach_blk+0x10/0x10
[  133.073485][ T6190]  ? ocfs2_inode_lock_atime+0x283/0x5f0
[  133.079043][ T6190]  ? __pfx_ocfs2_inode_lock_atime+0x10/0x10
[  133.084968][ T6190]  ocfs2_readdir+0x2b1/0x5e0
[  133.089574][ T6190]  ? __pfx_ocfs2_readdir+0x10/0x10
[  133.094692][ T6190]  ? down_write+0x18d/0x220
[  133.099183][ T6190]  ? __pfx_down_write+0x10/0x10
[  133.104084][ T6190]  ? wrap_directory_iterator+0x52/0xd0
[  133.109638][ T6190]  ? __pfx_ocfs2_readdir+0x10/0x10
[  133.114933][ T6190]  wrap_directory_iterator+0x91/0xd0
[  133.120215][ T6190]  iterate_dir+0x5a9/0x760
[  133.124654][ T6190]  __se_sys_getdents+0x1ff/0x4e0
[  133.129586][ T6190]  ? __pfx___se_sys_getdents+0x10/0x10
[  133.135122][ T6190]  ? __pfx_filldir+0x10/0x10
[  133.139794][ T6190]  ? do_syscall_64+0xb6/0x230
[  133.144552][ T6190]  do_syscall_64+0xf3/0x230
[  133.149047][ T6190]  ? clear_bhb_loop+0x45/0xa0
[  133.153803][ T6190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.159683][ T6190] RIP: 0033:0x7f5cb4b8cda9
[  133.164086][ T6190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.183777][ T6190] RSP: 002b:00007f5cb5912038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[  133.192190][ T6190] RAX: ffffffffffffffda RBX: 00007f5cb4da5fa0 RCX: 00007f5cb4b8cda9
[  133.200170][ T6190] RDX: 0000000000000054 RSI: 0000000000000000 RDI: 0000000000000004
[  133.208227][ T6190] RBP: 00007f5cb4c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  133.216190][ T6190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  133.224152][ T6190] R13: 0000000000000000 R14: 00007f5cb4da5fa0 R15: 00007ffe6d8020c8
[  133.232122][ T6190]  </TASK>
[  133.235481][ T6190] Kernel Offset: disabled
[  133.239813][ T6190] Rebooting in 86400 seconds..