Warning: Permanently added '10.128.10.22' (ED25519) to the list of known hosts.
2024/11/16 19:43:19 ignoring optional flag "sandboxArg"="0"
2024/11/16 19:43:20 parsed 1 programs
[  101.674974][ T6289] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  104.025211][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  104.035094][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  104.045150][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  104.054440][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  104.063256][   T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  104.072487][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  105.044676][ T6339] chnl_net:caif_netlink_parms(): no params data found
[  105.124558][ T6339] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.131878][ T6339] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.139255][ T6339] bridge_slave_0: entered allmulticast mode
[  105.146334][ T6339] bridge_slave_0: entered promiscuous mode
[  105.153801][ T6339] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.162177][ T6339] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.169588][ T6339] bridge_slave_1: entered allmulticast mode
[  105.176139][ T6339] bridge_slave_1: entered promiscuous mode
[  105.200173][ T6339] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  105.212930][ T6339] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  105.238785][ T6339] team0: Port device team_slave_0 added
[  105.246984][ T6339] team0: Port device team_slave_1 added
[  105.267065][ T6339] batman_adv: batadv0: Adding interface: batadv_slave_0
[  105.274104][ T6339] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.300726][ T6339] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  105.314339][ T6339] batman_adv: batadv0: Adding interface: batadv_slave_1
[  105.321414][ T6339] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.347669][ T6339] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  105.375116][ T6339] hsr_slave_0: entered promiscuous mode
[  105.381501][ T6339] hsr_slave_1: entered promiscuous mode
[  105.828886][ T6339] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  105.844559][ T6339] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  105.859022][ T6339] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  105.871502][ T6339] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  105.949137][ T6339] 8021q: adding VLAN 0 to HW filter on device bond0
[  105.969649][ T6339] 8021q: adding VLAN 0 to HW filter on device team0
[  105.983197][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.990392][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.005168][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.012363][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.215061][ T6339] 8021q: adding VLAN 0 to HW filter on device batadv0
[  106.262498][ T6339] veth0_vlan: entered promiscuous mode
[  106.277104][ T6339] veth1_vlan: entered promiscuous mode
[  106.310521][ T6339] veth0_macvtap: entered promiscuous mode
[  106.322358][ T6339] veth1_macvtap: entered promiscuous mode
[  106.343941][ T6339] batman_adv: batadv0: Interface activated: batadv_slave_0
[  106.364433][ T6339] batman_adv: batadv0: Interface activated: batadv_slave_1
[  106.380397][ T6339] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  106.390385][ T6339] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  106.401552][ T6339] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  106.410723][ T6339] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  106.578090][   T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.710817][   T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.811168][   T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.880717][   T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.710101][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.718485][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.756706][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.768637][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2024/11/16 19:43:30 executed programs: 0
[  108.080417][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  108.089560][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  108.099062][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  108.111636][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  108.119467][   T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  108.127302][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  108.305807][ T6477] chnl_net:caif_netlink_parms(): no params data found
[  108.412555][ T6477] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.420141][ T6477] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.430025][ T6477] bridge_slave_0: entered allmulticast mode
[  108.439065][ T6477] bridge_slave_0: entered promiscuous mode
[  108.449925][ T6477] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.457171][ T6477] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.465240][ T6477] bridge_slave_1: entered allmulticast mode
[  108.475056][ T6477] bridge_slave_1: entered promiscuous mode
[  108.506633][ T6477] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  108.522772][ T6477] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  108.559531][ T6477] team0: Port device team_slave_0 added
[  108.570155][ T6477] team0: Port device team_slave_1 added
[  108.604226][ T6477] batman_adv: batadv0: Adding interface: batadv_slave_0
[  108.612577][ T6477] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.642128][ T6477] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  108.656839][ T6477] batman_adv: batadv0: Adding interface: batadv_slave_1
[  108.666469][ T6477] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.696005][ T6477] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  108.736293][ T6477] hsr_slave_0: entered promiscuous mode
[  108.744393][ T6477] hsr_slave_1: entered promiscuous mode
[  108.751430][ T6477] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  108.759978][ T6477] Cannot create hsr debugfs directory
[  109.269541][   T11] bridge_slave_1: left allmulticast mode
[  109.275256][   T11] bridge_slave_1: left promiscuous mode
[  109.289217][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.301581][   T11] bridge_slave_0: left allmulticast mode
[  109.307286][   T11] bridge_slave_0: left promiscuous mode
[  109.314639][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.664013][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  109.675774][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  109.690119][   T11] bond0 (unregistering): Released all slaves
[  109.795116][   T11] hsr_slave_0: left promiscuous mode
[  109.801493][   T11] hsr_slave_1: left promiscuous mode
[  109.814567][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  109.823871][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  109.839917][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  109.850352][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  109.871889][   T11] veth1_macvtap: left promiscuous mode
[  109.877661][   T11] veth0_macvtap: left promiscuous mode
[  109.883291][   T11] veth1_vlan: left promiscuous mode
[  109.891563][   T11] veth0_vlan: left promiscuous mode
[  110.187186][   T11] team0 (unregistering): Port device team_slave_1 removed
[  110.197550][   T54] Bluetooth: hci0: command tx timeout
[  110.227607][   T11] team0 (unregistering): Port device team_slave_0 removed
[  110.735257][ T6477] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  110.749157][ T6477] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  110.770741][ T6477] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  110.790749][ T6477] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  110.888842][ T6477] 8021q: adding VLAN 0 to HW filter on device bond0
[  111.071750][ T6477] 8021q: adding VLAN 0 to HW filter on device team0
[  111.086683][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.093832][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.128501][ T3114] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.135704][ T3114] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.394083][ T6477] 8021q: adding VLAN 0 to HW filter on device batadv0
[  111.481991][ T6477] veth0_vlan: entered promiscuous mode
[  111.494786][ T6477] veth1_vlan: entered promiscuous mode
[  111.566371][ T6477] veth0_macvtap: entered promiscuous mode
[  111.576075][ T6477] veth1_macvtap: entered promiscuous mode
[  111.611535][ T6477] batman_adv: batadv0: Interface activated: batadv_slave_0
[  111.630672][ T6477] batman_adv: batadv0: Interface activated: batadv_slave_1
[  111.651541][ T6477] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.662335][ T6477] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.672227][ T6477] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.682427][ T6477] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.795270][ T1132] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.820795][ T1132] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.847303][ T1132] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.855572][ T1132] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.260500][ T6627] loop0: detected capacity change from 0 to 32768
[  112.277811][   T54] Bluetooth: hci0: command tx timeout
[  112.278075][ T6627] =======================================================
[  112.278075][ T6627] WARNING: The mand mount option has been deprecated and
[  112.278075][ T6627]          and is ignored by this kernel. Remove the mand
[  112.278075][ T6627]          option from the mount to silence this warning.
[  112.278075][ T6627] =======================================================
[  112.362270][ T6627] JBD2: Ignoring recovery information on journal
[  112.407623][ T6627] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  112.431530][ T6627] ==================================================================
[  112.439832][ T6627] BUG: KASAN: use-after-free in ocfs2_reserve_suballoc_bits+0x1023/0x4eb0
[  112.448389][ T6627] Read of size 4 at addr ffff88805f288004 by task syz.0.15/6627
[  112.456213][ T6627] 
[  112.458575][ T6627] CPU: 1 UID: 0 PID: 6627 Comm: syz.0.15 Not tainted 6.12.0-rc7-syzkaller-00192-gb5a24181e461 #0
[  112.469184][ T6627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  112.479370][ T6627] Call Trace:
[  112.482672][ T6627]  <TASK>
[  112.486688][ T6627]  dump_stack_lvl+0x241/0x360
[  112.491404][ T6627]  ? __pfx_dump_stack_lvl+0x10/0x10
[  112.496612][ T6627]  ? __pfx__printk+0x10/0x10
[  112.501224][ T6627]  ? _printk+0xd5/0x120
[  112.505378][ T6627]  ? __virt_addr_valid+0x183/0x530
[  112.510483][ T6627]  ? __virt_addr_valid+0x183/0x530
[  112.515591][ T6627]  print_report+0x169/0x550
[  112.520111][ T6627]  ? __virt_addr_valid+0x183/0x530
[  112.525215][ T6627]  ? __virt_addr_valid+0x183/0x530
[  112.530497][ T6627]  ? __virt_addr_valid+0x45f/0x530
[  112.535685][ T6627]  ? __phys_addr+0xba/0x170
[  112.540305][ T6627]  ? ocfs2_reserve_suballoc_bits+0x1023/0x4eb0
[  112.546460][ T6627]  kasan_report+0x143/0x180
[  112.550979][ T6627]  ? ocfs2_reserve_suballoc_bits+0x1023/0x4eb0
[  112.557134][ T6627]  ocfs2_reserve_suballoc_bits+0x1023/0x4eb0
[  112.563200][ T6627]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  112.569196][ T6627]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  112.575523][ T6627]  ? lockdep_hardirqs_on+0x99/0x150
[  112.580779][ T6627]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  112.587105][ T6627]  ? __pfx_ocfs2_reserve_suballoc_bits+0x10/0x10
[  112.593542][ T6627]  ? stack_depot_save_flags+0x6e4/0x830
[  112.599180][ T6627]  ? kasan_save_track+0x51/0x80
[  112.604371][ T6627]  ? kasan_save_track+0x3f/0x80
[  112.609219][ T6627]  ? __kasan_kmalloc+0x98/0xb0
[  112.613981][ T6627]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[  112.619542][ T6627]  ? ocfs2_reserve_new_metadata_blocks+0x117/0x9c0
[  112.626043][ T6627]  ? ocfs2_mknod+0x143a/0x2b40
[  112.630860][ T6627]  ? ocfs2_create+0x1ab/0x480
[  112.635532][ T6627]  ? path_openat+0x1c03/0x3590
[  112.640307][ T6627]  ? do_filp_open+0x235/0x490
[  112.645172][ T6627]  ? do_sys_openat2+0x13e/0x1d0
[  112.650034][ T6627]  ? __x64_sys_openat+0x247/0x2a0
[  112.655146][ T6627]  ? do_syscall_64+0xf3/0x230
[  112.659821][ T6627]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.665896][ T6627]  ? __kasan_kmalloc+0x98/0xb0
[  112.670657][ T6627]  ? ocfs2_reserve_new_metadata_blocks+0x117/0x9c0
[  112.677152][ T6627]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[  112.682870][ T6627]  ocfs2_reserve_new_metadata_blocks+0x41c/0x9c0
[  112.689198][ T6627]  ? __pfx_ocfs2_reserve_new_metadata_blocks+0x10/0x10
[  112.696058][ T6627]  ? __pfx_ocfs2_calc_xattr_init+0x10/0x10
[  112.701864][ T6627]  ? ocfs2_init_security_get+0x12d/0x1a0
[  112.707499][ T6627]  ocfs2_mknod+0x143a/0x2b40
[  112.712169][ T6627]  ? __pfx_validate_chain+0x10/0x10
[  112.717547][ T6627]  ? __pfx_ocfs2_mknod+0x10/0x10
[  112.722488][ T6627]  ? __lock_acquire+0x1384/0x2050
[  112.727625][ T6627]  ? __pfx_lock_acquire+0x10/0x10
[  112.732821][ T6627]  ? ocfs2_inode_unlock+0xa7/0x150
[  112.738023][ T6627]  ? __pfx_lock_release+0x10/0x10
[  112.743132][ T6627]  ? do_raw_spin_lock+0x14f/0x370
[  112.748246][ T6627]  ? do_raw_spin_unlock+0x13c/0x8b0
[  112.753441][ T6627]  ? _raw_spin_unlock+0x28/0x50
[  112.758284][ T6627]  ? rcu_is_watching+0x15/0xb0
[  112.763038][ T6627]  ? ocfs2_lookup+0x503/0xa60
[  112.767717][ T6627]  ocfs2_create+0x1ab/0x480
[  112.772225][ T6627]  ? __pfx_ocfs2_create+0x10/0x10
[  112.777244][ T6627]  ? bpf_lsm_inode_create+0x9/0x10
[  112.782356][ T6627]  ? security_inode_create+0xbe/0x340
[  112.788088][ T6627]  ? __pfx_ocfs2_create+0x10/0x10
[  112.793115][ T6627]  path_openat+0x1c03/0x3590
[  112.797707][ T6627]  ? __pfx_path_openat+0x10/0x10
[  112.802648][ T6627]  do_filp_open+0x235/0x490
[  112.807145][ T6627]  ? __pfx_do_filp_open+0x10/0x10
[  112.812173][ T6627]  ? _raw_spin_unlock+0x28/0x50
[  112.817019][ T6627]  ? alloc_fd+0x5a1/0x640
[  112.821438][ T6627]  do_sys_openat2+0x13e/0x1d0
[  112.826458][ T6627]  ? __pfx_do_sys_openat2+0x10/0x10
[  112.831662][ T6627]  __x64_sys_openat+0x247/0x2a0
[  112.836510][ T6627]  ? __pfx___x64_sys_openat+0x10/0x10
[  112.841972][ T6627]  ? do_syscall_64+0x100/0x230
[  112.846739][ T6627]  ? do_syscall_64+0xb6/0x230
[  112.851419][ T6627]  do_syscall_64+0xf3/0x230
[  112.855956][ T6627]  ? clear_bhb_loop+0x35/0x90
[  112.860675][ T6627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.866587][ T6627] RIP: 0033:0x7f3ea0b7e719
[  112.871020][ T6627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.890726][ T6627] RSP: 002b:00007f3ea19ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  112.899136][ T6627] RAX: ffffffffffffffda RBX: 00007f3ea0d35f80 RCX: 00007f3ea0b7e719
[  112.907188][ T6627] RDX: 0000000000105042 RSI: 0000000020000080 RDI: ffffffffffffff9c
[  112.915160][ T6627] RBP: 00007f3ea0bf132e R08: 0000000000000000 R09: 0000000000000000
[  112.923128][ T6627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  112.931096][ T6627] R13: 0000000000000000 R14: 00007f3ea0d35f80 R15: 00007ffe263d3f18
[  112.939085][ T6627]  </TASK>
[  112.942107][ T6627] 
[  112.944420][ T6627] The buggy address belongs to the physical page:
[  112.950843][ T6627] page: refcount:1 mapcount:1 mapping:0000000000000000 index:0xc0 pfn:0x5f288
[  112.959694][ T6627] memcg:ffff888140adc000
[  112.964103][ T6627] anon flags: 0xfff00000020828(uptodate|lru|owner_2|swapbacked|node=0|zone=1|lastcpupid=0x7ff)
[  112.974615][ T6627] raw: 00fff00000020828 ffffea00017cb9c8 ffffea00017ca248 ffff88803304fbb1
[  112.983215][ T6627] raw: 00000000000000c0 0000000000000000 0000000100000000 ffff888140adc000
[  112.991795][ T6627] page dumped because: kasan: bad access detected
[  112.998205][ T6627] page_owner tracks the page as allocated
[  113.003903][ T6627] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 6648, tgid 6648 (sed), ts 112472749983, free_ts 112394068475
[  113.020998][ T6627]  post_alloc_hook+0x1f3/0x230
[  113.025758][ T6627]  get_page_from_freelist+0x363e/0x3790
[  113.031297][ T6627]  __alloc_pages_noprof+0x292/0x710
[  113.036488][ T6627]  alloc_pages_mpol_noprof+0x3e8/0x680
[  113.041953][ T6627]  vma_alloc_folio_noprof+0x12e/0x230
[  113.047326][ T6627]  folio_prealloc+0x31/0x170
[  113.051917][ T6627]  do_wp_page+0x11c4/0x52d0
[  113.056415][ T6627]  handle_pte_fault+0x10e3/0x6820
[  113.061519][ T6627]  handle_mm_fault+0x1053/0x1ad0
[  113.066446][ T6627]  exc_page_fault+0x459/0x8c0
[  113.071117][ T6627]  asm_exc_page_fault+0x26/0x30
[  113.075975][ T6627] page last free pid 6643 tgid 6643 stack trace:
[  113.082286][ T6627]  free_unref_folios+0xf21/0x1a10
[  113.087325][ T6627]  folios_put_refs+0x76c/0x860
[  113.092109][ T6627]  free_pages_and_swap_cache+0x2ea/0x690
[  113.097752][ T6627]  tlb_flush_mmu+0x3a3/0x680
[  113.102334][ T6627]  tlb_finish_mmu+0xd4/0x200
[  113.106916][ T6627]  exit_mmap+0x496/0xc40
[  113.111158][ T6627]  __mmput+0x115/0x380
[  113.115219][ T6627]  exit_mm+0x220/0x310
[  113.119295][ T6627]  do_exit+0x9b2/0x28e0
[  113.123438][ T6627]  do_group_exit+0x207/0x2c0
[  113.128017][ T6627]  __x64_sys_exit_group+0x3f/0x40
[  113.133032][ T6627]  x64_sys_call+0x2634/0x2640
[  113.137735][ T6627]  do_syscall_64+0xf3/0x230
[  113.142231][ T6627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.148121][ T6627] 
[  113.150435][ T6627] Memory state around the buggy address:
[  113.156050][ T6627]  ffff88805f287f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  113.164110][ T6627]  ffff88805f287f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  113.172165][ T6627] >ffff88805f288000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  113.180211][ T6627]                    ^
[  113.184265][ T6627]  ffff88805f288080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  113.192315][ T6627]  ffff88805f288100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  113.200452][ T6627] ==================================================================
[  113.225371][ T6627] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  113.232620][ T6627] CPU: 1 UID: 0 PID: 6627 Comm: syz.0.15 Not tainted 6.12.0-rc7-syzkaller-00192-gb5a24181e461 #0
[  113.243138][ T6627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  113.253472][ T6627] Call Trace:
[  113.256766][ T6627]  <TASK>
[  113.259717][ T6627]  dump_stack_lvl+0x241/0x360
[  113.264432][ T6627]  ? __pfx_dump_stack_lvl+0x10/0x10
[  113.269745][ T6627]  ? __pfx__printk+0x10/0x10
[  113.274368][ T6627]  ? preempt_schedule+0xe1/0xf0
[  113.279251][ T6627]  ? vscnprintf+0x5d/0x90
[  113.283617][ T6627]  panic+0x349/0x880
[  113.287546][ T6627]  ? check_panic_on_warn+0x21/0xb0
[  113.292696][ T6627]  ? __pfx_panic+0x10/0x10
[  113.297143][ T6627]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  113.303163][ T6627]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  113.309593][ T6627]  ? print_report+0x502/0x550
[  113.314442][ T6627]  check_panic_on_warn+0x86/0xb0
[  113.319639][ T6627]  ? ocfs2_reserve_suballoc_bits+0x1023/0x4eb0
[  113.325839][ T6627]  end_report+0x77/0x160
[  113.330129][ T6627]  kasan_report+0x154/0x180
[  113.334685][ T6627]  ? ocfs2_reserve_suballoc_bits+0x1023/0x4eb0
[  113.340887][ T6627]  ocfs2_reserve_suballoc_bits+0x1023/0x4eb0
[  113.347003][ T6627]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  113.353031][ T6627]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  113.359400][ T6627]  ? lockdep_hardirqs_on+0x99/0x150
[  113.364642][ T6627]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  113.371000][ T6627]  ? __pfx_ocfs2_reserve_suballoc_bits+0x10/0x10
[  113.377723][ T6627]  ? stack_depot_save_flags+0x6e4/0x830
[  113.383309][ T6627]  ? kasan_save_track+0x51/0x80
[  113.388226][ T6627]  ? kasan_save_track+0x3f/0x80
[  113.393111][ T6627]  ? __kasan_kmalloc+0x98/0xb0
[  113.397907][ T6627]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[  113.403567][ T6627]  ? ocfs2_reserve_new_metadata_blocks+0x117/0x9c0
[  113.410612][ T6627]  ? ocfs2_mknod+0x143a/0x2b40
[  113.415409][ T6627]  ? ocfs2_create+0x1ab/0x480
[  113.420122][ T6627]  ? path_openat+0x1c03/0x3590
[  113.424945][ T6627]  ? do_filp_open+0x235/0x490
[  113.429687][ T6627]  ? do_sys_openat2+0x13e/0x1d0
[  113.434740][ T6627]  ? __x64_sys_openat+0x247/0x2a0
[  113.439802][ T6627]  ? do_syscall_64+0xf3/0x230
[  113.444512][ T6627]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.450671][ T6627]  ? __kasan_kmalloc+0x98/0xb0
[  113.455479][ T6627]  ? ocfs2_reserve_new_metadata_blocks+0x117/0x9c0
[  113.462018][ T6627]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[  113.467624][ T6627]  ocfs2_reserve_new_metadata_blocks+0x41c/0x9c0
[  113.474078][ T6627]  ? __pfx_ocfs2_reserve_new_metadata_blocks+0x10/0x10
[  113.480967][ T6627]  ? __pfx_ocfs2_calc_xattr_init+0x10/0x10
[  113.487154][ T6627]  ? ocfs2_init_security_get+0x12d/0x1a0
[  113.492823][ T6627]  ocfs2_mknod+0x143a/0x2b40
[  113.497447][ T6627]  ? __pfx_validate_chain+0x10/0x10
[  113.502760][ T6627]  ? __pfx_ocfs2_mknod+0x10/0x10
[  113.507737][ T6627]  ? __lock_acquire+0x1384/0x2050
[  113.512807][ T6627]  ? __pfx_lock_acquire+0x10/0x10
[  113.518132][ T6627]  ? ocfs2_inode_unlock+0xa7/0x150
[  113.523277][ T6627]  ? __pfx_lock_release+0x10/0x10
[  113.528339][ T6627]  ? do_raw_spin_lock+0x14f/0x370
[  113.533663][ T6627]  ? do_raw_spin_unlock+0x13c/0x8b0
[  113.538902][ T6627]  ? _raw_spin_unlock+0x28/0x50
[  113.543779][ T6627]  ? rcu_is_watching+0x15/0xb0
[  113.548577][ T6627]  ? ocfs2_lookup+0x503/0xa60
[  113.553284][ T6627]  ocfs2_create+0x1ab/0x480
[  113.557906][ T6627]  ? __pfx_ocfs2_create+0x10/0x10
[  113.562958][ T6627]  ? bpf_lsm_inode_create+0x9/0x10
[  113.568101][ T6627]  ? security_inode_create+0xbe/0x340
[  113.573506][ T6627]  ? __pfx_ocfs2_create+0x10/0x10
[  113.578556][ T6627]  path_openat+0x1c03/0x3590
[  113.583277][ T6627]  ? __pfx_path_openat+0x10/0x10
[  113.588260][ T6627]  do_filp_open+0x235/0x490
[  113.592795][ T6627]  ? __pfx_do_filp_open+0x10/0x10
[  113.597868][ T6627]  ? _raw_spin_unlock+0x28/0x50
[  113.602835][ T6627]  ? alloc_fd+0x5a1/0x640
[  113.607199][ T6627]  do_sys_openat2+0x13e/0x1d0
[  113.611905][ T6627]  ? __pfx_do_sys_openat2+0x10/0x10
[  113.617140][ T6627]  __x64_sys_openat+0x247/0x2a0
[  113.622113][ T6627]  ? __pfx___x64_sys_openat+0x10/0x10
[  113.627517][ T6627]  ? do_syscall_64+0x100/0x230
[  113.632745][ T6627]  ? do_syscall_64+0xb6/0x230
[  113.637451][ T6627]  do_syscall_64+0xf3/0x230
[  113.642081][ T6627]  ? clear_bhb_loop+0x35/0x90
[  113.646789][ T6627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.652724][ T6627] RIP: 0033:0x7f3ea0b7e719
[  113.657165][ T6627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.676799][ T6627] RSP: 002b:00007f3ea19ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  113.685336][ T6627] RAX: ffffffffffffffda RBX: 00007f3ea0d35f80 RCX: 00007f3ea0b7e719
[  113.693366][ T6627] RDX: 0000000000105042 RSI: 0000000020000080 RDI: ffffffffffffff9c
[  113.701456][ T6627] RBP: 00007f3ea0bf132e R08: 0000000000000000 R09: 0000000000000000
[  113.709455][ T6627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  113.717451][ T6627] R13: 0000000000000000 R14: 00007f3ea0d35f80 R15: 00007ffe263d3f18
[  113.725456][ T6627]  </TASK>
[  113.728792][ T6627] Kernel Offset: disabled
[  113.733114][ T6627] Rebooting in 86400 seconds..