Warning: Permanently added '10.128.0.250' (ED25519) to the list of known hosts.
2025/01/31 10:22:11 ignoring optional flag "sandboxArg"="0"
2025/01/31 10:22:12 parsed 1 programs
[  101.144766][ T6248] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  103.612433][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  103.621564][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  103.629635][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  103.638618][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  103.646980][   T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  103.655438][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  105.301112][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.310909][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.332689][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.340716][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.332356][ T6335] chnl_net:caif_netlink_parms(): no params data found
[  106.384088][ T6335] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.391259][ T6335] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.399291][ T6335] bridge_slave_0: entered allmulticast mode
[  106.405996][ T6335] bridge_slave_0: entered promiscuous mode
[  106.413355][ T6335] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.420910][ T6335] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.429281][ T6335] bridge_slave_1: entered allmulticast mode
[  106.436808][ T6335] bridge_slave_1: entered promiscuous mode
[  106.462684][ T6335] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  106.476336][ T6335] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  106.500808][ T6335] team0: Port device team_slave_0 added
[  106.508436][ T6335] team0: Port device team_slave_1 added
[  106.525794][ T6335] batman_adv: batadv0: Adding interface: batadv_slave_0
[  106.532787][ T6335] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  106.559349][ T6335] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  106.571899][ T6335] batman_adv: batadv0: Adding interface: batadv_slave_1
[  106.579290][ T6335] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  106.606958][ T6335] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  106.652197][ T6335] hsr_slave_0: entered promiscuous mode
[  106.659428][ T6335] hsr_slave_1: entered promiscuous mode
[  107.163249][ T6335] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  107.181234][ T6335] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  107.193301][ T6335] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  107.208103][ T6335] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  107.236126][ T6335] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.243288][ T6335] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.250861][ T6335] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.258044][ T6335] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.324994][ T6335] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.342575][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.352850][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.374032][ T6335] 8021q: adding VLAN 0 to HW filter on device team0
[  107.387026][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.394229][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.441265][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.448456][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.608517][ T6335] 8021q: adding VLAN 0 to HW filter on device batadv0
[  107.647590][ T6335] veth0_vlan: entered promiscuous mode
[  107.659977][ T6335] veth1_vlan: entered promiscuous mode
[  107.687635][ T6335] veth0_macvtap: entered promiscuous mode
[  107.698600][ T6335] veth1_macvtap: entered promiscuous mode
[  107.717025][ T6335] batman_adv: batadv0: Interface activated: batadv_slave_0
[  107.731195][ T6335] batman_adv: batadv0: Interface activated: batadv_slave_1
[  107.744424][ T6335] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  107.753412][ T6335] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  107.764623][ T6335] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  107.773380][ T6335] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.952260][ T1089] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.038933][ T1089] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/01/31 10:22:22 executed programs: 0
[  108.116705][ T1089] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.193346][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  108.205604][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  108.215110][ T1089] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.217089][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  108.237965][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  108.246334][   T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  108.254928][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  108.423315][ T6412] chnl_net:caif_netlink_parms(): no params data found
[  108.540196][ T6412] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.547880][ T6412] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.555552][ T6412] bridge_slave_0: entered allmulticast mode
[  108.562623][ T6412] bridge_slave_0: entered promiscuous mode
[  108.573106][ T6412] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.581429][ T6412] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.589182][ T6412] bridge_slave_1: entered allmulticast mode
[  108.596943][ T6412] bridge_slave_1: entered promiscuous mode
[  108.635624][ T6412] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  108.647515][ T6412] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  108.688314][ T6412] team0: Port device team_slave_0 added
[  108.696399][ T6412] team0: Port device team_slave_1 added
[  108.731806][ T6412] batman_adv: batadv0: Adding interface: batadv_slave_0
[  108.739008][ T6412] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.765900][ T6412] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  108.778728][ T6412] batman_adv: batadv0: Adding interface: batadv_slave_1
[  108.788083][ T6412] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.815216][ T6412] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  108.856542][ T6412] hsr_slave_0: entered promiscuous mode
[  108.864628][ T6412] hsr_slave_1: entered promiscuous mode
[  108.871017][ T6412] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  108.880150][ T6412] Cannot create hsr debugfs directory
[  110.304240][ T5138] Bluetooth: hci0: command tx timeout
[  110.743035][ T1089] bridge_slave_1: left allmulticast mode
[  110.751146][ T1089] bridge_slave_1: left promiscuous mode
[  110.758020][ T1089] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.770362][ T1089] bridge_slave_0: left allmulticast mode
[  110.781413][ T1089] bridge_slave_0: left promiscuous mode
[  110.787976][ T1089] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.154431][ T1089] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  111.185903][ T1089] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  111.205154][ T1089] bond0 (unregistering): Released all slaves
[  111.363891][ T1089] hsr_slave_0: left promiscuous mode
[  111.377021][ T1089] hsr_slave_1: left promiscuous mode
[  111.399282][ T1089] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  111.407163][ T1089] batman_adv: batadv0: Removing interface: batadv_slave_0
[  111.417463][ T1089] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  111.425357][ T1089] batman_adv: batadv0: Removing interface: batadv_slave_1
[  111.440860][ T1089] veth1_macvtap: left promiscuous mode
[  111.448366][ T1089] veth0_macvtap: left promiscuous mode
[  111.454314][ T1089] veth1_vlan: left promiscuous mode
[  111.459632][ T1089] veth0_vlan: left promiscuous mode
[  111.788858][ T1089] team0 (unregistering): Port device team_slave_1 removed
[  111.818601][ T1089] team0 (unregistering): Port device team_slave_0 removed
[  112.205126][ T6412] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  112.221218][ T6412] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  112.232566][ T6412] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  112.258123][ T6412] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  112.375643][ T6412] 8021q: adding VLAN 0 to HW filter on device bond0
[  112.383666][ T5138] Bluetooth: hci0: command tx timeout
[  112.421852][ T6412] 8021q: adding VLAN 0 to HW filter on device team0
[  112.437307][ T1089] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.444494][ T1089] bridge0: port 1(bridge_slave_0) entered forwarding state
[  112.468425][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.475722][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  112.696875][ T6412] 8021q: adding VLAN 0 to HW filter on device batadv0
[  112.737021][ T6412] veth0_vlan: entered promiscuous mode
[  112.749214][ T6412] veth1_vlan: entered promiscuous mode
[  112.779095][ T6412] veth0_macvtap: entered promiscuous mode
[  112.790060][ T6412] veth1_macvtap: entered promiscuous mode
[  112.808630][ T6412] batman_adv: batadv0: Interface activated: batadv_slave_0
[  112.825746][ T6412] batman_adv: batadv0: Interface activated: batadv_slave_1
[  112.839535][ T6412] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  112.849594][ T6412] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  112.860767][ T6412] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  112.870499][ T6412] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  112.941144][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.953463][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.981896][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.990348][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  113.395097][ T6629] loop0: detected capacity change from 0 to 32768
[  113.427507][ T6629] ==================================================================
[  113.435636][ T6629] BUG: KASAN: use-after-free in __ocfs2_find_path+0x203/0x7e0
[  113.443136][ T6629] Read of size 4 at addr ffff888061517000 by task syz.0.15/6629
[  113.450779][ T6629] 
[  113.453146][ T6629] CPU: 0 UID: 0 PID: 6629 Comm: syz.0.15 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  113.453167][ T6629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  113.453180][ T6629] Call Trace:
[  113.453188][ T6629]  <TASK>
[  113.453194][ T6629]  dump_stack_lvl+0x241/0x360
[  113.453223][ T6629]  ? __pfx_dump_stack_lvl+0x10/0x10
[  113.453246][ T6629]  ? __pfx__printk+0x10/0x10
[  113.453268][ T6629]  ? _printk+0xd5/0x120
[  113.453288][ T6629]  ? __virt_addr_valid+0x183/0x530
[  113.453309][ T6629]  ? __virt_addr_valid+0x183/0x530
[  113.453330][ T6629]  print_report+0x169/0x550
[  113.453348][ T6629]  ? __virt_addr_valid+0x183/0x530
[  113.453367][ T6629]  ? __virt_addr_valid+0x183/0x530
[  113.453386][ T6629]  ? __virt_addr_valid+0x45f/0x530
[  113.453406][ T6629]  ? __phys_addr+0xba/0x170
[  113.453433][ T6629]  ? __ocfs2_find_path+0x203/0x7e0
[  113.453451][ T6629]  kasan_report+0x143/0x180
[  113.453470][ T6629]  ? __ocfs2_find_path+0x203/0x7e0
[  113.453490][ T6629]  __ocfs2_find_path+0x203/0x7e0
[  113.453512][ T6629]  ? __pfx_find_leaf_ins+0x10/0x10
[  113.453530][ T6629]  ? __pfx___ocfs2_find_path+0x10/0x10
[  113.453549][ T6629]  ? __pfx_ocfs2_validate_inode_block+0x10/0x10
[  113.453569][ T6629]  ocfs2_find_leaf+0xcf/0x230
[  113.453588][ T6629]  ? __pfx_ocfs2_find_leaf+0x10/0x10
[  113.453611][ T6629]  ocfs2_get_clusters_nocache+0x1b6/0xca0
[  113.453640][ T6629]  ? __pfx_ocfs2_get_clusters_nocache+0x10/0x10
[  113.453664][ T6629]  ? ocfs2_read_inode_block+0x14c/0x1e0
[  113.453683][ T6629]  ? __pfx_ocfs2_read_inode_block+0x10/0x10
[  113.453702][ T6629]  ? do_raw_spin_unlock+0x13c/0x8b0
[  113.453722][ T6629]  ocfs2_get_clusters+0x5bd/0xbd0
[  113.453749][ T6629]  ? __pfx_ocfs2_get_clusters+0x10/0x10
[  113.453772][ T6629]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  113.453790][ T6629]  ? __pfx_lock_acquire+0x10/0x10
[  113.453807][ T6629]  ? unwind_get_return_address+0x4d/0x90
[  113.453828][ T6629]  ? arch_stack_walk+0xfd/0x150
[  113.453853][ T6629]  ocfs2_extent_map_get_blocks+0x24c/0x7d0
[  113.453880][ T6629]  ? __pfx_ocfs2_extent_map_get_blocks+0x10/0x10
[  113.453903][ T6629]  ? __pfx_check_noncircular+0x10/0x10
[  113.453928][ T6629]  ocfs2_read_virt_blocks+0x313/0xb10
[  113.453953][ T6629]  ? __pfx_ocfs2_validate_dir_block+0x10/0x10
[  113.453979][ T6629]  ? __pfx_ocfs2_read_virt_blocks+0x10/0x10
[  113.454011][ T6629]  ocfs2_find_entry+0x433/0x2570
[  113.454039][ T6629]  ? __pfx_ocfs2_find_entry+0x10/0x10
[  113.454064][ T6629]  ? mark_lock+0x2ae/0x360
[  113.454085][ T6629]  ? __lock_acquire+0x1397/0x2100
[  113.454116][ T6629]  ? format_decode+0x56c/0xca0
[  113.454131][ T6629]  ? string+0x270/0x2b0
[  113.454145][ T6629]  ? widen_string+0x3a/0x300
[  113.454160][ T6629]  ? string+0x270/0x2b0
[  113.454175][ T6629]  ? vsnprintf+0x1152/0x1220
[  113.454197][ T6629]  ocfs2_find_files_on_disk+0xff/0x360
[  113.454221][ T6629]  ocfs2_lookup_ino_from_name+0xb1/0x1e0
[  113.454244][ T6629]  ? __pfx_ocfs2_lookup_ino_from_name+0x10/0x10
[  113.454268][ T6629]  ? kasan_save_track+0x51/0x80
[  113.454283][ T6629]  ? kasan_save_track+0x3f/0x80
[  113.454297][ T6629]  ? __kasan_kmalloc+0x98/0xb0
[  113.454313][ T6629]  ? ocfs2_new_dlm_debug+0x97/0x200
[  113.454334][ T6629]  ocfs2_get_system_file_inode+0x305/0x7b0
[  113.454355][ T6629]  ? __pfx_ocfs2_get_system_file_inode+0x10/0x10
[  113.454382][ T6629]  ocfs2_init_global_system_inodes+0x32c/0x730
[  113.454402][ T6629]  ? __pfx_ocfs2_init_global_system_inodes+0x10/0x10
[  113.454425][ T6629]  ? __kmalloc_cache_noprof+0x243/0x390
[  113.454444][ T6629]  ? ocfs2_new_dlm_debug+0x97/0x200
[  113.454465][ T6629]  ? ocfs2_new_dlm_debug+0xb5/0x200
[  113.454483][ T6629]  ? __pfx_ocfs2_new_dlm_debug+0x10/0x10
[  113.454502][ T6629]  ? rcu_is_watching+0x15/0xb0
[  113.454524][ T6629]  ? trace_ocfs2_initialize_super+0x9e/0x230
[  113.454540][ T6629]  ocfs2_fill_super+0x4b69/0x7200
[  113.454567][ T6629]  ? __pfx_ocfs2_fill_super+0x10/0x10
[  113.454589][ T6629]  ? __pfx_check_noncircular+0x10/0x10
[  113.454612][ T6629]  ? lockdep_unlock+0x16a/0x300
[  113.454628][ T6629]  ? __pfx_lockdep_unlock+0x10/0x10
[  113.454648][ T6629]  ? validate_chain+0x15c0/0x5920
[  113.454678][ T6629]  ? __pfx_validate_chain+0x10/0x10
[  113.454700][ T6629]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  113.454720][ T6629]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  113.454741][ T6629]  ? lockdep_hardirqs_on+0x99/0x150
[  113.454764][ T6629]  ? validate_chain+0x11e/0x5920
[  113.454785][ T6629]  ? mark_lock+0x9a/0x360
[  113.454811][ T6629]  ? __pfx_validate_chain+0x10/0x10
[  113.454838][ T6629]  ? string+0x270/0x2b0
[  113.454851][ T6629]  ? widen_string+0x3a/0x300
[  113.454866][ T6629]  ? string+0x270/0x2b0
[  113.454881][ T6629]  ? bdev_name+0x2a2/0x3b0
[  113.454898][ T6629]  ? pointer+0x764/0x1210
[  113.454911][ T6629]  ? bdev_open+0x882/0xc50
[  113.454928][ T6629]  ? __pfx_lock_release+0x10/0x10
[  113.454945][ T6629]  ? __pfx_pointer+0x10/0x10
[  113.454957][ T6629]  ? mark_lock+0x9a/0x360
[  113.454976][ T6629]  ? format_decode+0x56c/0xca0
[  113.454991][ T6629]  ? vsnprintf+0x1152/0x1220
[  113.455013][ T6629]  ? snprintf+0xda/0x120
[  113.455027][ T6629]  ? __pfx_lock_release+0x10/0x10
[  113.455043][ T6629]  ? do_raw_spin_lock+0x14f/0x370
[  113.455058][ T6629]  ? __pfx_snprintf+0x10/0x10
[  113.455072][ T6629]  ? set_blocksize+0x1fc/0x360
[  113.455089][ T6629]  ? sb_set_blocksize+0x98/0xf0
[  113.455107][ T6629]  ? setup_bdev_super+0x4e6/0x5d0
[  113.455124][ T6629]  get_tree_bdev_flags+0x48c/0x5c0
[  113.455141][ T6629]  ? __pfx_ocfs2_fill_super+0x10/0x10
[  113.455186][ T6629]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  113.455202][ T6629]  ? cap_capable+0x139/0x450
[  113.455220][ T6629]  ? safesetid_security_capable+0xb2/0x1d0
[  113.455242][ T6629]  vfs_get_tree+0x90/0x2b0
[  113.455259][ T6629]  do_new_mount+0x2be/0xb40
[  113.455279][ T6629]  ? __pfx_do_new_mount+0x10/0x10
[  113.455300][ T6629]  __se_sys_mount+0x2d6/0x3c0
[  113.455320][ T6629]  ? __pfx___se_sys_mount+0x10/0x10
[  113.455338][ T6629]  ? exc_page_fault+0x590/0x8b0
[  113.455355][ T6629]  ? __x64_sys_mount+0x20/0xc0
[  113.455373][ T6629]  do_syscall_64+0xf3/0x230
[  113.455391][ T6629]  ? clear_bhb_loop+0x35/0x90
[  113.455412][ T6629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.455439][ T6629] RIP: 0033:0x7f779e57ffba
[  113.455465][ T6629] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.455477][ T6629] RSP: 002b:00007f779f437e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  113.455494][ T6629] RAX: ffffffffffffffda RBX: 00007f779f437ef0 RCX: 00007f779e57ffba
[  113.455505][ T6629] RDX: 0000000020004440 RSI: 0000000020000780 RDI: 00007f779f437eb0
[  113.455514][ T6629] RBP: 0000000020004440 R08: 00007f779f437ef0 R09: 0000000001000000
[  113.455525][ T6629] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000020000780
[  113.455535][ T6629] R13: 00007f779f437eb0 R14: 000000000000444a R15: 00000000200005c0
[  113.455550][ T6629]  </TASK>
[  113.455556][ T6629] 
[  114.117341][ T6629] The buggy address belongs to the physical page:
[  114.123751][ T6629] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x61517
[  114.132506][ T6629] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  114.139694][ T6629] raw: 00fff00000000000 ffffea0001854608 ffff8880b8644870 0000000000000000
[  114.148304][ T6629] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  114.156875][ T6629] page dumped because: kasan: bad access detected
[  114.163372][ T6629] page_owner tracks the page as freed
[  114.168824][ T6629] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xcc0(GFP_KERNEL), pid 1, tgid 1 (swapper/0), ts 16694532296, free_ts 17577414073
[  114.183828][ T6629]  post_alloc_hook+0x1f4/0x240
[  114.188676][ T6629]  split_free_pages+0xe1/0x2d0
[  114.193519][ T6629]  alloc_contig_range_noprof+0x10eb/0x1770
[  114.199330][ T6629]  alloc_contig_pages_noprof+0x4b3/0x5c0
[  114.204954][ T6629]  debug_vm_pgtable_alloc_huge_page+0xaf/0x100
[  114.211217][ T6629]  init_args+0x83b/0xb20
[  114.215459][ T6629]  debug_vm_pgtable+0xe0/0x550
[  114.220220][ T6629]  do_one_initcall+0x248/0x870
[  114.224984][ T6629]  do_initcall_level+0x157/0x210
[  114.229906][ T6629]  do_initcalls+0x3f/0x80
[  114.234227][ T6629]  kernel_init_freeable+0x435/0x5d0
[  114.239417][ T6629]  kernel_init+0x1d/0x2b0
[  114.243736][ T6629]  ret_from_fork+0x4b/0x80
[  114.248171][ T6629]  ret_from_fork_asm+0x1a/0x30
[  114.252921][ T6629] page last free pid 1 tgid 1 stack trace:
[  114.258707][ T6629]  free_frozen_pages+0xe04/0x10e0
[  114.263723][ T6629]  free_contig_range+0x14c/0x430
[  114.268655][ T6629]  destroy_args+0x94/0x4b0
[  114.273056][ T6629]  debug_vm_pgtable+0x4be/0x550
[  114.277982][ T6629]  do_one_initcall+0x248/0x870
[  114.282736][ T6629]  do_initcall_level+0x157/0x210
[  114.287657][ T6629]  do_initcalls+0x3f/0x80
[  114.291978][ T6629]  kernel_init_freeable+0x435/0x5d0
[  114.297287][ T6629]  kernel_init+0x1d/0x2b0
[  114.301607][ T6629]  ret_from_fork+0x4b/0x80
[  114.306015][ T6629]  ret_from_fork_asm+0x1a/0x30
[  114.310775][ T6629] 
[  114.313092][ T6629] Memory state around the buggy address:
[  114.318706][ T6629]  ffff888061516f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  114.326755][ T6629]  ffff888061516f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  114.334802][ T6629] >ffff888061517000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  114.342852][ T6629]                    ^
[  114.346992][ T6629]  ffff888061517080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  114.355037][ T6629]  ffff888061517100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  114.363077][ T6629] ==================================================================
[  114.383977][ T6629] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  114.391222][ T6629] CPU: 1 UID: 0 PID: 6629 Comm: syz.0.15 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  114.401479][ T6629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  114.411742][ T6629] Call Trace:
[  114.415039][ T6629]  <TASK>
[  114.418395][ T6629]  dump_stack_lvl+0x241/0x360
[  114.423111][ T6629]  ? __pfx_dump_stack_lvl+0x10/0x10
[  114.428343][ T6629]  ? __pfx__printk+0x10/0x10
[  114.433044][ T6629]  ? preempt_schedule+0xe1/0xf0
[  114.437922][ T6629]  ? vscnprintf+0x5d/0x90
[  114.442268][ T6629]  panic+0x349/0x880
[  114.446186][ T6629]  ? check_panic_on_warn+0x21/0xb0
[  114.451342][ T6629]  ? __pfx_panic+0x10/0x10
[  114.455756][ T6629]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  114.461728][ T6629]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  114.468043][ T6629]  ? print_report+0x502/0x550
[  114.472720][ T6629]  check_panic_on_warn+0x86/0xb0
[  114.477665][ T6629]  ? __ocfs2_find_path+0x203/0x7e0
[  114.482790][ T6629]  end_report+0x77/0x160
[  114.487223][ T6629]  kasan_report+0x154/0x180
[  114.492013][ T6629]  ? __ocfs2_find_path+0x203/0x7e0
[  114.497150][ T6629]  __ocfs2_find_path+0x203/0x7e0
[  114.502169][ T6629]  ? __pfx_find_leaf_ins+0x10/0x10
[  114.507273][ T6629]  ? __pfx___ocfs2_find_path+0x10/0x10
[  114.512753][ T6629]  ? __pfx_ocfs2_validate_inode_block+0x10/0x10
[  114.518989][ T6629]  ocfs2_find_leaf+0xcf/0x230
[  114.523693][ T6629]  ? __pfx_ocfs2_find_leaf+0x10/0x10
[  114.528988][ T6629]  ocfs2_get_clusters_nocache+0x1b6/0xca0
[  114.534715][ T6629]  ? __pfx_ocfs2_get_clusters_nocache+0x10/0x10
[  114.541054][ T6629]  ? ocfs2_read_inode_block+0x14c/0x1e0
[  114.546595][ T6629]  ? __pfx_ocfs2_read_inode_block+0x10/0x10
[  114.552478][ T6629]  ? do_raw_spin_unlock+0x13c/0x8b0
[  114.557669][ T6629]  ocfs2_get_clusters+0x5bd/0xbd0
[  114.562692][ T6629]  ? __pfx_ocfs2_get_clusters+0x10/0x10
[  114.568232][ T6629]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  114.574381][ T6629]  ? __pfx_lock_acquire+0x10/0x10
[  114.579408][ T6629]  ? unwind_get_return_address+0x4d/0x90
[  114.585205][ T6629]  ? arch_stack_walk+0xfd/0x150
[  114.590050][ T6629]  ocfs2_extent_map_get_blocks+0x24c/0x7d0
[  114.595867][ T6629]  ? __pfx_ocfs2_extent_map_get_blocks+0x10/0x10
[  114.602189][ T6629]  ? __pfx_check_noncircular+0x10/0x10
[  114.607651][ T6629]  ocfs2_read_virt_blocks+0x313/0xb10
[  114.613027][ T6629]  ? __pfx_ocfs2_validate_dir_block+0x10/0x10
[  114.619089][ T6629]  ? __pfx_ocfs2_read_virt_blocks+0x10/0x10
[  114.625069][ T6629]  ocfs2_find_entry+0x433/0x2570
[  114.630177][ T6629]  ? __pfx_ocfs2_find_entry+0x10/0x10
[  114.635544][ T6629]  ? mark_lock+0x2ae/0x360
[  114.639956][ T6629]  ? __lock_acquire+0x1397/0x2100
[  114.644979][ T6629]  ? format_decode+0x56c/0xca0
[  114.649789][ T6629]  ? string+0x270/0x2b0
[  114.653984][ T6629]  ? widen_string+0x3a/0x300
[  114.658595][ T6629]  ? string+0x270/0x2b0
[  114.662771][ T6629]  ? vsnprintf+0x1152/0x1220
[  114.667376][ T6629]  ocfs2_find_files_on_disk+0xff/0x360
[  114.672920][ T6629]  ocfs2_lookup_ino_from_name+0xb1/0x1e0
[  114.678550][ T6629]  ? __pfx_ocfs2_lookup_ino_from_name+0x10/0x10
[  114.684789][ T6629]  ? kasan_save_track+0x51/0x80
[  114.689627][ T6629]  ? kasan_save_track+0x3f/0x80
[  114.694464][ T6629]  ? __kasan_kmalloc+0x98/0xb0
[  114.699238][ T6629]  ? ocfs2_new_dlm_debug+0x97/0x200
[  114.704534][ T6629]  ocfs2_get_system_file_inode+0x305/0x7b0
[  114.710518][ T6629]  ? __pfx_ocfs2_get_system_file_inode+0x10/0x10
[  114.716850][ T6629]  ocfs2_init_global_system_inodes+0x32c/0x730
[  114.723106][ T6629]  ? __pfx_ocfs2_init_global_system_inodes+0x10/0x10
[  114.729831][ T6629]  ? __kmalloc_cache_noprof+0x243/0x390
[  114.735457][ T6629]  ? ocfs2_new_dlm_debug+0x97/0x200
[  114.740648][ T6629]  ? ocfs2_new_dlm_debug+0xb5/0x200
[  114.745835][ T6629]  ? __pfx_ocfs2_new_dlm_debug+0x10/0x10
[  114.751457][ T6629]  ? rcu_is_watching+0x15/0xb0
[  114.756308][ T6629]  ? trace_ocfs2_initialize_super+0x9e/0x230
[  114.762282][ T6629]  ocfs2_fill_super+0x4b69/0x7200
[  114.767316][ T6629]  ? __pfx_ocfs2_fill_super+0x10/0x10
[  114.772681][ T6629]  ? __pfx_check_noncircular+0x10/0x10
[  114.778145][ T6629]  ? lockdep_unlock+0x16a/0x300
[  114.783004][ T6629]  ? __pfx_lockdep_unlock+0x10/0x10
[  114.788198][ T6629]  ? validate_chain+0x15c0/0x5920
[  114.793222][ T6629]  ? __pfx_validate_chain+0x10/0x10
[  114.798413][ T6629]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  114.804387][ T6629]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  114.810727][ T6629]  ? lockdep_hardirqs_on+0x99/0x150
[  114.815935][ T6629]  ? validate_chain+0x11e/0x5920
[  114.820898][ T6629]  ? mark_lock+0x9a/0x360
[  114.825228][ T6629]  ? __pfx_validate_chain+0x10/0x10
[  114.830512][ T6629]  ? string+0x270/0x2b0
[  114.834655][ T6629]  ? widen_string+0x3a/0x300
[  114.839239][ T6629]  ? string+0x270/0x2b0
[  114.843383][ T6629]  ? bdev_name+0x2a2/0x3b0
[  114.847802][ T6629]  ? pointer+0x764/0x1210
[  114.852121][ T6629]  ? bdev_open+0x882/0xc50
[  114.856530][ T6629]  ? __pfx_lock_release+0x10/0x10
[  114.861547][ T6629]  ? __pfx_pointer+0x10/0x10
[  114.866124][ T6629]  ? mark_lock+0x9a/0x360
[  114.870446][ T6629]  ? format_decode+0x56c/0xca0
[  114.875223][ T6629]  ? vsnprintf+0x1152/0x1220
[  114.879807][ T6629]  ? snprintf+0xda/0x120
[  114.884037][ T6629]  ? __pfx_lock_release+0x10/0x10
[  114.889063][ T6629]  ? do_raw_spin_lock+0x14f/0x370
[  114.894082][ T6629]  ? __pfx_snprintf+0x10/0x10
[  114.898744][ T6629]  ? set_blocksize+0x1fc/0x360
[  114.903496][ T6629]  ? sb_set_blocksize+0x98/0xf0
[  114.908346][ T6629]  ? setup_bdev_super+0x4e6/0x5d0
[  114.913362][ T6629]  get_tree_bdev_flags+0x48c/0x5c0
[  114.918470][ T6629]  ? __pfx_ocfs2_fill_super+0x10/0x10
[  114.923837][ T6629]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  114.929456][ T6629]  ? cap_capable+0x139/0x450
[  114.934044][ T6629]  ? safesetid_security_capable+0xb2/0x1d0
[  114.939841][ T6629]  vfs_get_tree+0x90/0x2b0
[  114.944266][ T6629]  do_new_mount+0x2be/0xb40
[  114.948760][ T6629]  ? __pfx_do_new_mount+0x10/0x10
[  114.953776][ T6629]  __se_sys_mount+0x2d6/0x3c0
[  114.958460][ T6629]  ? __pfx___se_sys_mount+0x10/0x10
[  114.963651][ T6629]  ? exc_page_fault+0x590/0x8b0
[  114.968494][ T6629]  ? __x64_sys_mount+0x20/0xc0
[  114.973256][ T6629]  do_syscall_64+0xf3/0x230
[  114.977763][ T6629]  ? clear_bhb_loop+0x35/0x90
[  114.982459][ T6629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.988344][ T6629] RIP: 0033:0x7f779e57ffba
[  114.992755][ T6629] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.012477][ T6629] RSP: 002b:00007f779f437e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  115.020902][ T6629] RAX: ffffffffffffffda RBX: 00007f779f437ef0 RCX: 00007f779e57ffba
[  115.028883][ T6629] RDX: 0000000020004440 RSI: 0000000020000780 RDI: 00007f779f437eb0
[  115.036855][ T6629] RBP: 0000000020004440 R08: 00007f779f437ef0 R09: 0000000001000000
[  115.044937][ T6629] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000020000780
[  115.052894][ T6629] R13: 00007f779f437eb0 R14: 000000000000444a R15: 00000000200005c0
[  115.060860][ T6629]  </TASK>
[  115.064159][ T6629] Kernel Offset: disabled
[  115.068492][ T6629] Rebooting in 86400 seconds..