Warning: Permanently added '[localhost]:63076' (ED25519) to the list of known hosts.
2025/02/09 07:43:09 ignoring optional flag "sandboxArg"="0"
2025/02/09 07:43:09 ignoring optional flag "type"="qemu"
2025/02/09 07:43:09 parsed 1 programs
[ 122.481351][ T5590] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 126.722242][ T5628] chnl_net:caif_netlink_parms(): no params data found
[ 126.770570][ T5628] bridge0: port 1(bridge_slave_0) entered blocking state
[ 126.774037][ T5628] bridge0: port 1(bridge_slave_0) entered disabled state
[ 126.778592][ T5628] bridge_slave_0: entered allmulticast mode
[ 126.782479][ T5628] bridge_slave_0: entered promiscuous mode
[ 126.788533][ T5628] bridge0: port 2(bridge_slave_1) entered blocking state
[ 126.791888][ T5628] bridge0: port 2(bridge_slave_1) entered disabled state
[ 126.794890][ T5628] bridge_slave_1: entered allmulticast mode
[ 126.798625][ T5628] bridge_slave_1: entered promiscuous mode
[ 126.817615][ T5628] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 126.824216][ T5628] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 126.843946][ T5628] team0: Port device team_slave_0 added
[ 126.851189][ T5628] team0: Port device team_slave_1 added
[ 126.865427][ T5628] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 126.869296][ T5628] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 126.880578][ T5628] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 126.887807][ T5628] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 126.890610][ T5628] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 126.902542][ T5628] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 126.932425][ T5628] hsr_slave_0: entered promiscuous mode
[ 126.935438][ T5628] hsr_slave_1: entered promiscuous mode
[ 127.549213][ T5628] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 127.571320][ T5628] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 127.578485][ T5628] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 127.588587][ T5628] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 127.629131][ T5628] bridge0: port 2(bridge_slave_1) entered blocking state
[ 127.632449][ T5628] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 127.635561][ T5628] bridge0: port 1(bridge_slave_0) entered blocking state
[ 127.638477][ T5628] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 127.735521][ T46] bridge0: port 1(bridge_slave_0) entered disabled state
[ 127.743360][ T46] bridge0: port 2(bridge_slave_1) entered disabled state
[ 127.778560][ T5628] 8021q: adding VLAN 0 to HW filter on device bond0
[ 127.814215][ T5628] 8021q: adding VLAN 0 to HW filter on device team0
[ 127.849808][ T1039] bridge0: port 1(bridge_slave_0) entered blocking state
[ 127.853307][ T1039] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 127.867066][ T1039] bridge0: port 2(bridge_slave_1) entered blocking state
[ 127.870653][ T1039] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 128.181897][ T5628] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 128.244891][ T5628] veth0_vlan: entered promiscuous mode
[ 128.270295][ T5628] veth1_vlan: entered promiscuous mode
[ 128.309986][ T5628] veth0_macvtap: entered promiscuous mode
[ 128.314578][ T5628] veth1_macvtap: entered promiscuous mode
[ 128.352214][ T5628] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 128.369269][ T5628] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 128.385000][ T5628] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 128.397266][ T5628] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 128.400996][ T5628] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 128.404928][ T5628] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 128.758580][ T46] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 128.867633][ T46] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 128.947384][ T46] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 129.049630][ T46] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 130.698384][ T46] bridge_slave_1: left allmulticast mode
[ 130.701061][ T46] bridge_slave_1: left promiscuous mode
[ 130.703766][ T46] bridge0: port 2(bridge_slave_1) entered disabled state
[ 130.741486][ T46] bridge_slave_0: left allmulticast mode
[ 130.744441][ T46] bridge_slave_0: left promiscuous mode
[ 130.777083][ T46] bridge0: port 1(bridge_slave_0) entered disabled state
[ 131.059570][ T48] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 131.068412][ T48] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 131.073841][ T48] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 131.081150][ T48] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 131.086852][ T48] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 131.090300][ T48] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 131.648665][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 131.654333][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 131.672451][ T46] bond0 (unregistering): Released all slaves
[ 131.776702][ T46] hsr_slave_0: left promiscuous mode
[ 131.779545][ T46] hsr_slave_1: left promiscuous mode
[ 131.789250][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 131.792842][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 131.809052][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 131.812285][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 131.832146][ T46] veth1_macvtap: left promiscuous mode
[ 131.834438][ T46] veth0_macvtap: left promiscuous mode
[ 131.847482][ T46] veth1_vlan: left promiscuous mode
[ 131.849672][ T46] veth0_vlan: left promiscuous mode
[ 132.481167][ T46] team0 (unregistering): Port device team_slave_1 removed
[ 132.517577][ T46] team0 (unregistering): Port device team_slave_0 removed
[ 133.542800][ T1039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 133.563488][ T1039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 133.645324][ T1077] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 133.649398][ T1077] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/02/09 07:43:26 executed programs: 0
[ 134.932471][ T4665] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 134.939526][ T4665] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 134.944863][ T4665] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 134.950016][ T4665] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 134.955147][ T4665] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 134.959292][ T4665] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 135.269019][ T5806] chnl_net:caif_netlink_parms(): no params data found
[ 135.350316][ T5806] bridge0: port 1(bridge_slave_0) entered blocking state
[ 135.354079][ T5806] bridge0: port 1(bridge_slave_0) entered disabled state
[ 135.366423][ T5806] bridge_slave_0: entered allmulticast mode
[ 135.370126][ T5806] bridge_slave_0: entered promiscuous mode
[ 135.387570][ T5806] bridge0: port 2(bridge_slave_1) entered blocking state
[ 135.390410][ T5806] bridge0: port 2(bridge_slave_1) entered disabled state
[ 135.393322][ T5806] bridge_slave_1: entered allmulticast mode
[ 135.406667][ T5806] bridge_slave_1: entered promiscuous mode
[ 135.447079][ T5806] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 135.453344][ T5806] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 135.517214][ T5806] team0: Port device team_slave_0 added
[ 135.522427][ T5806] team0: Port device team_slave_1 added
[ 135.558854][ T5806] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 135.562048][ T5806] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 135.595841][ T5806] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 135.608553][ T5806] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 135.611470][ T5806] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 135.636350][ T5806] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 135.707916][ T5806] hsr_slave_0: entered promiscuous mode
[ 135.711050][ T5806] hsr_slave_1: entered promiscuous mode
[ 136.115094][ T5806] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 136.142507][ T5806] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 136.157426][ T5806] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 136.169852][ T5806] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 136.296734][ T5806] 8021q: adding VLAN 0 to HW filter on device bond0
[ 136.314312][ T5806] 8021q: adding VLAN 0 to HW filter on device team0
[ 136.339394][ T1039] bridge0: port 1(bridge_slave_0) entered blocking state
[ 136.342572][ T1039] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 136.364287][ T1039] bridge0: port 2(bridge_slave_1) entered blocking state
[ 136.368432][ T1039] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 136.429089][ T5806] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 136.658146][ T5806] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 136.711429][ T5806] veth0_vlan: entered promiscuous mode
[ 136.720244][ T5806] veth1_vlan: entered promiscuous mode
[ 136.744750][ T5806] veth0_macvtap: entered promiscuous mode
[ 136.751781][ T5806] veth1_macvtap: entered promiscuous mode
[ 136.764932][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 136.774415][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 136.783808][ T5806] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 136.788527][ T5806] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 136.792099][ T5806] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 136.799507][ T5806] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 136.870492][ T1039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 136.873678][ T1039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 136.902561][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 136.907637][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 137.006167][ T4665] Bluetooth: hci0: command tx timeout
[ 137.191478][ T5849] loop0: detected capacity change from 0 to 32768
[ 137.197571][ T5849] =======================================================
[ 137.197571][ T5849] WARNING: The mand mount option has been deprecated and
[ 137.197571][ T5849] and is ignored by this kernel. Remove the mand
[ 137.197571][ T5849] option from the mount to silence this warning.
[ 137.197571][ T5849] =======================================================
[ 137.274730][ T5849] JBD2: Ignoring recovery information on journal
[ 137.312863][ T5849] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 137.341644][ T24] audit: type=1804 audit(1739087009.362:2): pid=5849 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.15" name="/newroot/0/file1/bus" dev="loop0" ino=17058 res=1 errno=0
[ 137.359917][ T5849] ==================================================================
[ 137.364172][ T5849] BUG: KASAN: slab-out-of-bounds in ocfs2_claim_suballoc_bits+0x1099/0x2560
[ 137.367900][ T5849] Read of size 4 at addr ffff8880390a5050 by task syz.0.15/5849
[ 137.372185][ T5849]
[ 137.373200][ T5849] CPU: 0 UID: 0 PID: 5849 Comm: syz.0.15 Not tainted 6.14.0-rc1-syzkaller-g9946eaf552b1 #0
[ 137.373217][ T5849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 137.373225][ T5849] Call Trace:
[ 137.373233][ T5849]
[ 137.373240][ T5849] dump_stack_lvl+0x241/0x360
[ 137.373257][ T5849] ? __pfx_dump_stack_lvl+0x10/0x10
[ 137.373267][ T5849] ? __pfx__printk+0x10/0x10
[ 137.373283][ T5849] ? _printk+0xd5/0x120
[ 137.373296][ T5849] ? __virt_addr_valid+0x183/0x530
[ 137.373311][ T5849] ? __virt_addr_valid+0x183/0x530
[ 137.373325][ T5849] print_report+0x169/0x550
[ 137.373340][ T5849] ? __virt_addr_valid+0x183/0x530
[ 137.373353][ T5849] ? __virt_addr_valid+0x183/0x530
[ 137.373365][ T5849] ? __virt_addr_valid+0x45f/0x530
[ 137.373377][ T5849] ? __phys_addr+0xba/0x170
[ 137.373391][ T5849] ? ocfs2_claim_suballoc_bits+0x1099/0x2560
[ 137.373403][ T5849] kasan_report+0x143/0x180
[ 137.373419][ T5849] ? ocfs2_claim_suballoc_bits+0x1099/0x2560
[ 137.373431][ T5849] ocfs2_claim_suballoc_bits+0x1099/0x2560
[ 137.373445][ T5849] ? __pfx_ocfs2_claim_suballoc_bits+0x10/0x10
[ 137.373452][ T5849] ? __mutex_unlock_slowpath+0x227/0x800
[ 137.373512][ T5849] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 137.373525][ T5849] ? jbd2_write_access_granted+0x71/0x310
[ 137.373539][ T5849] ? jbd2_write_access_granted+0x2f8/0x310
[ 137.373552][ T5849] ? jbd2_write_access_granted+0x71/0x310
[ 137.373568][ T5849] ocfs2_claim_metadata+0x16d/0x580
[ 137.373579][ T5849] ? jbd2__journal_start+0x3b8/0x5d0
[ 137.373594][ T5849] ? __pfx_ocfs2_claim_metadata+0x10/0x10
[ 137.373605][ T5849] ? __lock_acquire+0x1397/0x2100
[ 137.373616][ T5849] ? __pfx_ocfs2_start_trans+0x10/0x10
[ 137.373624][ T5849] ? ocfs2_metadata_cache_get_super+0x43/0x80
[ 137.373635][ T5849] ? ocfs2_inode_cache_get_super+0xd/0x40
[ 137.373642][ T5849] ocfs2_create_refcount_tree+0x699/0x15f0
[ 137.373652][ T5849] ? __pfx_ocfs2_create_refcount_tree+0x10/0x10
[ 137.373659][ T5849] ? __pfx_lock_release+0x10/0x10
[ 137.373667][ T5849] ? xas_find+0x213/0x960
[ 137.373676][ T5849] ? find_get_entries+0x1b9/0x900
[ 137.373687][ T5849] ? find_get_entries+0x7c9/0x900
[ 137.373697][ T5849] ? find_get_entries+0x1b9/0x900
[ 137.373708][ T5849] ? __pfx_find_get_entries+0x10/0x10
[ 137.373719][ T5849] ocfs2_reflink_remap_blocks+0x2f6/0x1f30
[ 137.373736][ T5849] ? __pfx_ocfs2_reflink_remap_blocks+0x10/0x10
[ 137.373747][ T5849] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 137.373774][ T5849] ? down_write+0x18c/0x220
[ 137.373782][ T5849] ? __pfx_down_write+0x10/0x10
[ 137.373790][ T5849] ? generic_remap_file_range_prep+0x3e/0x60
[ 137.373801][ T5849] ocfs2_remap_file_range+0x5fa/0x8d0
[ 137.373814][ T5849] ? __pfx_ocfs2_remap_file_range+0x10/0x10
[ 137.373828][ T5849] ? rcu_read_lock_any_held+0xb7/0x160
[ 137.373839][ T5849] ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 137.373851][ T5849] ? __pfx_ocfs2_remap_file_range+0x10/0x10
[ 137.373865][ T5849] vfs_copy_file_range+0xc07/0x14f0
[ 137.373880][ T5849] ? __pfx_vfs_copy_file_range+0x10/0x10
[ 137.373889][ T5849] ? __fget_files+0x395/0x410
[ 137.373899][ T5849] ? __might_fault+0xaa/0x120
[ 137.373912][ T5849] __se_sys_copy_file_range+0x3fa/0x600
[ 137.373923][ T5849] ? __pfx___se_sys_copy_file_range+0x10/0x10
[ 137.373933][ T5849] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 137.373946][ T5849] ? do_syscall_64+0x100/0x230
[ 137.373961][ T5849] ? __x64_sys_copy_file_range+0x21/0xf0
[ 137.373972][ T5849] do_syscall_64+0xf3/0x230
[ 137.373984][ T5849] ? clear_bhb_loop+0x35/0x90
[ 137.374000][ T5849] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 137.374014][ T5849] RIP: 0033:0x7f5aee979e79
[ 137.374026][ T5849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 137.374034][ T5849] RSP: 002b:00007f5aedbfe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000146
[ 137.374047][ T5849] RAX: ffffffffffffffda RBX: 00007f5aeeb15f80 RCX: 00007f5aee979e79
[ 137.374055][ T5849] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000006
[ 137.374061][ T5849] RBP: 00007f5aee9e7916 R08: 0000000000000006 R09: 0000000000000000
[ 137.374068][ T5849] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000
[ 137.374074][ T5849] R13: 0000000000000000 R14: 00007f5aeeb15f80 R15: 00007ffc5b0eecb8
[ 137.374083][ T5849]
[ 137.374087][ T5849]
[ 137.552621][ T5849] Allocated by task 4734:
[ 137.554482][ T5849] kasan_save_track+0x3f/0x80
[ 137.556652][ T5849] __kasan_slab_alloc+0x66/0x80
[ 137.558689][ T5849] kmem_cache_alloc_noprof+0x1d9/0x380
[ 137.560949][ T5849] security_inode_alloc+0x37/0x310
[ 137.562973][ T5849] inode_init_always_gfp+0xa0f/0xd90
[ 137.565188][ T5849] alloc_inode+0x9f/0x1a0
[ 137.567204][ T5849] iget_locked+0xf1/0x5a0
[ 137.569217][ T5849] kernfs_get_inode+0x51/0x760
[ 137.571373][ T5849] kernfs_iop_lookup+0x266/0x390
[ 137.573335][ T5849] __lookup_slow+0x296/0x400
[ 137.575078][ T5849] lookup_slow+0x53/0x70
[ 137.576700][ T5849] walk_component+0x2e1/0x410
[ 137.578491][ T5849] path_lookupat+0x16f/0x450
[ 137.580300][ T5849] filename_lookup+0x2a3/0x670
[ 137.582711][ T5849] do_readlinkat+0xf0/0x3a0
[ 137.584986][ T5849] __x64_sys_readlink+0x7f/0x90
[ 137.587087][ T5849] do_syscall_64+0xf3/0x230
[ 137.589097][ T5849] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 137.591491][ T5849]
[ 137.592470][ T5849] The buggy address belongs to the object at ffff8880390a5000
[ 137.592470][ T5849] which belongs to the cache lsm_inode_cache of size 80
[ 137.598498][ T5849] The buggy address is located 0 bytes to the right of
[ 137.598498][ T5849] allocated 80-byte region [ffff8880390a5000, ffff8880390a5050)
[ 137.605009][ T5849]
[ 137.605984][ T5849] The buggy address belongs to the physical page:
[ 137.608706][ T5849] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x390a5
[ 137.612439][ T5849] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 137.615676][ T5849] page_type: f5(slab)
[ 137.617573][ T5849] raw: 04fff00000000000 ffff88801be873c0 ffffea000101b0c0 0000000000000004
[ 137.621614][ T5849] raw: 0000000000000000 0000000000240024 00000000f5000000 0000000000000000
[ 137.624834][ T5849] page dumped because: kasan: bad access detected
[ 137.627355][ T5849] page_owner tracks the page as allocated
[ 137.629474][ T5849] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 4734, tgid 4734 (udevd), ts 40859113834, free_ts 40856591189
[ 137.637891][ T5849] post_alloc_hook+0x1f4/0x240
[ 137.639870][ T5849] get_page_from_freelist+0x365c/0x37a0
[ 137.642218][ T5849] __alloc_frozen_pages_noprof+0x292/0x710
[ 137.645067][ T5849] alloc_pages_mpol+0x311/0x660
[ 137.647288][ T5849] allocate_slab+0x8f/0x3a0
[ 137.649376][ T5849] ___slab_alloc+0xc27/0x14a0
[ 137.651597][ T5849] __slab_alloc+0x58/0xa0
[ 137.653342][ T5849] kmem_cache_alloc_noprof+0x268/0x380
[ 137.655697][ T5849] security_inode_alloc+0x37/0x310
[ 137.658023][ T5849] inode_init_always_gfp+0xa0f/0xd90
[ 137.660513][ T5849] alloc_inode+0x9f/0x1a0
[ 137.662851][ T5849] iget_locked+0xf1/0x5a0
[ 137.665410][ T5849] kernfs_get_inode+0x51/0x760
[ 137.668027][ T5849] kernfs_iop_lookup+0x266/0x390
[ 137.670520][ T5849] __lookup_slow+0x296/0x400
[ 137.672621][ T5849] lookup_slow+0x53/0x70
[ 137.674470][ T5849] page last free pid 4734 tgid 4734 stack trace:
[ 137.677481][ T5849] free_frozen_pages+0xe0d/0x10e0
[ 137.679979][ T5849] free_pipe_info+0x300/0x390
[ 137.682582][ T5849] pipe_release+0x245/0x320
[ 137.685277][ T5849] __fput+0x3e9/0x9f0
[ 137.687426][ T5849] __x64_sys_close+0x7f/0x110
[ 137.689531][ T5849] do_syscall_64+0xf3/0x230
[ 137.691414][ T5849] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 137.693743][ T5849]
[ 137.694695][ T5849] Memory state around the buggy address:
[ 137.697031][ T5849] ffff8880390a4f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 137.701477][ T5849] ffff8880390a4f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 137.704994][ T5849] >ffff8880390a5000: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc 00 00
[ 137.708115][ T5849] ^
[ 137.710632][ T5849] ffff8880390a5080: 00 00 00 00 00 00 00 00 fc fc fc fc 00 00 00 00
[ 137.713852][ T5849] ffff8880390a5100: 00 00 00 00 00 00 fc fc fc fc 00 00 00 00 00 00
[ 137.717177][ T5849] ==================================================================
[ 137.757062][ T5849] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 137.759960][ T5849] CPU: 0 UID: 0 PID: 5849 Comm: syz.0.15 Not tainted 6.14.0-rc1-syzkaller-g9946eaf552b1 #0
[ 137.764532][ T5849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 137.769452][ T5849] Call Trace:
[ 137.771078][ T5849]
[ 137.772257][ T5849] dump_stack_lvl+0x241/0x360
[ 137.774150][ T5849] ? __pfx_dump_stack_lvl+0x10/0x10
[ 137.776048][ T5849] ? __pfx__printk+0x10/0x10
[ 137.777820][ T5849] ? preempt_schedule+0xe1/0xf0
[ 137.779901][ T5849] ? vscnprintf+0x5d/0x90
[ 137.781817][ T5849] panic+0x349/0x880
[ 137.783682][ T5849] ? check_panic_on_warn+0x21/0xb0
[ 137.785934][ T5849] ? __pfx_panic+0x10/0x10
[ 137.787689][ T5849] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 137.789925][ T5849] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 137.792346][ T5849] ? print_report+0x502/0x550
[ 137.794344][ T5849] check_panic_on_warn+0x86/0xb0
[ 137.796512][ T5849] ? ocfs2_claim_suballoc_bits+0x1099/0x2560
[ 137.799292][ T5849] end_report+0x77/0x160
[ 137.801050][ T5849] kasan_report+0x154/0x180
[ 137.802933][ T5849] ? ocfs2_claim_suballoc_bits+0x1099/0x2560
[ 137.805383][ T5849] ocfs2_claim_suballoc_bits+0x1099/0x2560
[ 137.807772][ T5849] ? __pfx_ocfs2_claim_suballoc_bits+0x10/0x10
[ 137.810277][ T5849] ? __mutex_unlock_slowpath+0x227/0x800
[ 137.812692][ T5849] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 137.815176][ T5849] ? jbd2_write_access_granted+0x71/0x310
[ 137.817497][ T5849] ? jbd2_write_access_granted+0x2f8/0x310
[ 137.819785][ T5849] ? jbd2_write_access_granted+0x71/0x310
[ 137.822257][ T5849] ocfs2_claim_metadata+0x16d/0x580
[ 137.824651][ T5849] ? jbd2__journal_start+0x3b8/0x5d0
[ 137.826903][ T5849] ? __pfx_ocfs2_claim_metadata+0x10/0x10
[ 137.829143][ T5849] ? __lock_acquire+0x1397/0x2100
[ 137.831102][ T5849] ? __pfx_ocfs2_start_trans+0x10/0x10
[ 137.833225][ T5849] ? ocfs2_metadata_cache_get_super+0x43/0x80
[ 137.835674][ T5849] ? ocfs2_inode_cache_get_super+0xd/0x40
[ 137.838348][ T5849] ocfs2_create_refcount_tree+0x699/0x15f0
[ 137.840912][ T5849] ? __pfx_ocfs2_create_refcount_tree+0x10/0x10
[ 137.843402][ T5849] ? __pfx_lock_release+0x10/0x10
[ 137.845380][ T5849] ? xas_find+0x213/0x960
[ 137.847097][ T5849] ? find_get_entries+0x1b9/0x900
[ 137.849067][ T5849] ? find_get_entries+0x7c9/0x900
[ 137.851113][ T5849] ? find_get_entries+0x1b9/0x900
[ 137.853341][ T5849] ? __pfx_find_get_entries+0x10/0x10
[ 137.855664][ T5849] ocfs2_reflink_remap_blocks+0x2f6/0x1f30
[ 137.858056][ T5849] ? __pfx_ocfs2_reflink_remap_blocks+0x10/0x10
[ 137.860512][ T5849] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 137.862946][ T5849] ? down_write+0x18c/0x220
[ 137.864734][ T5849] ? __pfx_down_write+0x10/0x10
[ 137.866679][ T5849] ? generic_remap_file_range_prep+0x3e/0x60
[ 137.869396][ T5849] ocfs2_remap_file_range+0x5fa/0x8d0
[ 137.872115][ T5849] ? __pfx_ocfs2_remap_file_range+0x10/0x10
[ 137.874510][ T5849] ? rcu_read_lock_any_held+0xb7/0x160
[ 137.876623][ T5849] ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 137.878912][ T5849] ? __pfx_ocfs2_remap_file_range+0x10/0x10
[ 137.881153][ T5849] vfs_copy_file_range+0xc07/0x14f0
[ 137.883141][ T5849] ? __pfx_vfs_copy_file_range+0x10/0x10
[ 137.885447][ T5849] ? __fget_files+0x395/0x410
[ 137.887428][ T5849] ? __might_fault+0xaa/0x120
[ 137.889597][ T5849] __se_sys_copy_file_range+0x3fa/0x600
[ 137.891799][ T5849] ? __pfx___se_sys_copy_file_range+0x10/0x10
[ 137.894011][ T5849] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 137.896379][ T5849] ? do_syscall_64+0x100/0x230
[ 137.898240][ T5849] ? __x64_sys_copy_file_range+0x21/0xf0
[ 137.900561][ T5849] do_syscall_64+0xf3/0x230
[ 137.902554][ T5849] ? clear_bhb_loop+0x35/0x90
[ 137.904448][ T5849] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 137.906684][ T5849] RIP: 0033:0x7f5aee979e79
[ 137.908638][ T5849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 137.915919][ T5849] RSP: 002b:00007f5aedbfe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000146
[ 137.919083][ T5849] RAX: ffffffffffffffda RBX: 00007f5aeeb15f80 RCX: 00007f5aee979e79
[ 137.922067][ T5849] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000006
[ 137.925271][ T5849] RBP: 00007f5aee9e7916 R08: 0000000000000006 R09: 0000000000000000
[ 137.928927][ T5849] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000
[ 137.931906][ T5849] R13: 0000000000000000 R14: 00007f5aeeb15f80 R15: 00007ffc5b0eecb8
[ 137.934749][ T5849]
[ 137.936183][ T5849] Kernel Offset: disabled
[ 137.937988][ T5849] Rebooting in 86400 seconds..