Warning: Permanently added '[localhost]:38850' (ED25519) to the list of known hosts.
2025/09/12 12:23:07 parsed 1 programs
syzkaller login: [ 84.001012][ T5351] cgroup: Unknown subsys name 'net'
[ 84.072135][ T5351] cgroup: Unknown subsys name 'cpuset'
[ 84.077328][ T5351] cgroup: Unknown subsys name 'rlimit'
[ 85.649199][ T5351] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 89.470225][ T5362] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 89.965456][ T5379] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 89.969524][ T5379] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 89.974519][ T5379] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 89.980929][ T5379] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 89.984420][ T5379] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 91.021000][ T5392] chnl_net:caif_netlink_parms(): no params data found
[ 91.086414][ T5392] bridge0: port 1(bridge_slave_0) entered blocking state
[ 91.090899][ T5392] bridge0: port 1(bridge_slave_0) entered disabled state
[ 91.094142][ T5392] bridge_slave_0: entered allmulticast mode
[ 91.098009][ T5392] bridge_slave_0: entered promiscuous mode
[ 91.110341][ T5392] bridge0: port 2(bridge_slave_1) entered blocking state
[ 91.113390][ T5392] bridge0: port 2(bridge_slave_1) entered disabled state
[ 91.116302][ T5392] bridge_slave_1: entered allmulticast mode
[ 91.127138][ T5392] bridge_slave_1: entered promiscuous mode
[ 91.155307][ T5392] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 91.161883][ T5392] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 91.185781][ T5392] team0: Port device team_slave_0 added
[ 91.191057][ T5392] team0: Port device team_slave_1 added
[ 91.212221][ T5392] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 91.215317][ T5392] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 91.227228][ T5392] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 91.235260][ T5392] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 91.238909][ T5392] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 91.251359][ T5392] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 91.289666][ T5392] hsr_slave_0: entered promiscuous mode
[ 91.292958][ T5392] hsr_slave_1: entered promiscuous mode
[ 91.437609][ T5392] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 91.446144][ T5392] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 91.454075][ T5392] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 91.460606][ T5392] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 91.492096][ T5392] bridge0: port 2(bridge_slave_1) entered blocking state
[ 91.495275][ T5392] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 91.499105][ T5392] bridge0: port 1(bridge_slave_0) entered blocking state
[ 91.502243][ T5392] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 91.563342][ T5392] 8021q: adding VLAN 0 to HW filter on device bond0
[ 91.577474][ T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 91.584050][ T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 91.596503][ T5392] 8021q: adding VLAN 0 to HW filter on device team0
[ 91.606087][ T3081] bridge0: port 1(bridge_slave_0) entered blocking state
[ 91.609153][ T3081] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 91.624093][ T3081] bridge0: port 2(bridge_slave_1) entered blocking state
[ 91.627167][ T3081] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 91.806705][ T5392] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 91.844789][ T5392] veth0_vlan: entered promiscuous mode
[ 91.854695][ T5392] veth1_vlan: entered promiscuous mode
[ 91.880079][ T5392] veth0_macvtap: entered promiscuous mode
[ 91.886359][ T5392] veth1_macvtap: entered promiscuous mode
[ 91.900537][ T10] cfg80211: failed to load regulatory.db
[ 91.912617][ T5392] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 91.932662][ T5392] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 91.944372][ T3081] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 91.960911][ T3081] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 91.964821][ T3081] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 91.981258][ T3081] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.111569][ T43] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 92.166888][ T43] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 92.202322][ T43] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 92.252408][ T43] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 92.439726][ T31] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 92.442944][ T31] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 92.483021][ T31] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 92.486543][ T31] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/09/12 12:23:20 executed programs: 0
[ 94.643340][ T4707] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 94.648476][ T4707] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 94.652150][ T4707] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 94.657091][ T4707] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 94.662682][ T4707] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 94.949030][ T43] bridge_slave_1: left allmulticast mode
[ 94.951481][ T43] bridge_slave_1: left promiscuous mode
[ 94.954443][ T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 94.994538][ T43] bridge_slave_0: left allmulticast mode
[ 94.997140][ T43] bridge_slave_0: left promiscuous mode
[ 95.009385][ T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 95.434524][ T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 95.441167][ T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 95.446171][ T43] bond0 (unregistering): Released all slaves
[ 95.521797][ T43] hsr_slave_0: left promiscuous mode
[ 95.526596][ T43] hsr_slave_1: left promiscuous mode
[ 95.531700][ T43] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 95.534939][ T43] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 95.540572][ T43] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 95.543680][ T43] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 95.556820][ T43] veth1_macvtap: left promiscuous mode
[ 95.559745][ T43] veth0_macvtap: left promiscuous mode
[ 95.562762][ T43] veth1_vlan: left promiscuous mode
[ 95.565229][ T43] veth0_vlan: left promiscuous mode
[ 96.090119][ T43] team0 (unregistering): Port device team_slave_1 removed
[ 96.129369][ T43] team0 (unregistering): Port device team_slave_0 removed
[ 96.699861][ T4707] Bluetooth: hci0: command tx timeout
[ 96.804539][ T5460] chnl_net:caif_netlink_parms(): no params data found
[ 97.393127][ T5460] bridge0: port 1(bridge_slave_0) entered blocking state
[ 97.396240][ T5460] bridge0: port 1(bridge_slave_0) entered disabled state
[ 97.400032][ T5460] bridge_slave_0: entered allmulticast mode
[ 97.414863][ T5460] bridge_slave_0: entered promiscuous mode
[ 97.426748][ T5460] bridge0: port 2(bridge_slave_1) entered blocking state
[ 97.443666][ T5460] bridge0: port 2(bridge_slave_1) entered disabled state
[ 97.446804][ T5460] bridge_slave_1: entered allmulticast mode
[ 97.471171][ T5460] bridge_slave_1: entered promiscuous mode
[ 97.574403][ T5460] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 97.596334][ T5460] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 97.733457][ T5460] team0: Port device team_slave_0 added
[ 97.749086][ T5460] team0: Port device team_slave_1 added
[ 97.870914][ T5460] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 97.874025][ T5460] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 97.906294][ T5460] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 97.929041][ T5460] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 97.931990][ T5460] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 97.958734][ T5460] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 98.060390][ T5460] hsr_slave_0: entered promiscuous mode
[ 98.070022][ T5460] hsr_slave_1: entered promiscuous mode
[ 98.616566][ T5460] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 98.635762][ T5460] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 98.662942][ T5460] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 98.679813][ T5460] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 98.778799][ T4707] Bluetooth: hci0: command tx timeout
[ 98.830146][ T5460] 8021q: adding VLAN 0 to HW filter on device bond0
[ 98.859413][ T5460] 8021q: adding VLAN 0 to HW filter on device team0
[ 98.876469][ T31] bridge0: port 1(bridge_slave_0) entered blocking state
[ 98.879834][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 98.900868][ T31] bridge0: port 2(bridge_slave_1) entered blocking state
[ 98.903983][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 99.232463][ T5460] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 99.307427][ T5460] veth0_vlan: entered promiscuous mode
[ 99.326685][ T5460] veth1_vlan: entered promiscuous mode
[ 99.374359][ T5460] veth0_macvtap: entered promiscuous mode
[ 99.394972][ T5460] veth1_macvtap: entered promiscuous mode
[ 99.421659][ T5460] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 99.449433][ T5460] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 99.461673][ T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 99.466149][ T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 99.491368][ T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 99.501137][ T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 99.591391][ T31] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 99.594735][ T31] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 99.640672][ T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 99.644015][ T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/09/12 12:23:25 executed programs: 2
[ 100.156142][ T5518] loop0: detected capacity change from 0 to 32768
[ 100.186763][ T5518] =======================================================
[ 100.186763][ T5518] WARNING: The mand mount option has been deprecated and
[ 100.186763][ T5518] and is ignored by this kernel. Remove the mand
[ 100.186763][ T5518] option from the mount to silence this warning.
[ 100.186763][ T5518] =======================================================
[ 100.281021][ T5518] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 100.401026][ T5518] ==================================================================
[ 100.404293][ T5518] BUG: KASAN: slab-out-of-bounds in crc32c+0xd0/0x460
[ 100.407401][ T5518] Read of size 8 at addr ffff888034bc8600 by task syz.0.17/5518
[ 100.411379][ T5518]
[ 100.412456][ T5518] CPU: 0 UID: 0 PID: 5518 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full)
[ 100.412470][ T5518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 100.412477][ T5518] Call Trace:
[ 100.412485][ T5518]
[ 100.412491][ T5518] dump_stack_lvl+0x189/0x250
[ 100.412509][ T5518] ? rcu_is_watching+0x15/0xb0
[ 100.412520][ T5518] ? __kasan_check_byte+0x12/0x40
[ 100.412534][ T5518] ? __pfx_dump_stack_lvl+0x10/0x10
[ 100.412546][ T5518] ? rcu_is_watching+0x15/0xb0
[ 100.412556][ T5518] ? lock_release+0x4b/0x3e0
[ 100.412573][ T5518] ? __virt_addr_valid+0x1c8/0x5c0
[ 100.412587][ T5518] ? __virt_addr_valid+0x4a5/0x5c0
[ 100.412600][ T5518] print_report+0xca/0x240
[ 100.412610][ T5518] ? crc32c+0xd0/0x460
[ 100.412620][ T5518] kasan_report+0x118/0x150
[ 100.412633][ T5518] ? crc32c+0xd0/0x460
[ 100.412645][ T5518] crc32c+0xd0/0x460
[ 100.412654][ T5518] ? xlog_cksum+0x6b/0xf0
[ 100.412670][ T5518] xlog_cksum+0x92/0xf0
[ 100.412688][ T5518] xlog_recover_process+0x7a/0x1f0
[ 100.412703][ T5518] xlog_do_recovery_pass+0x9cd/0xc30
[ 100.412718][ T5518] ? __pfx_xlog_do_recovery_pass+0x10/0x10
[ 100.412734][ T5518] ? xlog_verify_head+0xf2/0x440
[ 100.412747][ T5518] xlog_verify_head+0x136/0x440
[ 100.412761][ T5518] xlog_find_tail+0x5ca/0x840
[ 100.412775][ T5518] xlog_recover+0x4b/0x3e0
[ 100.412788][ T5518] xfs_log_mount+0x253/0x3e0
[ 100.412803][ T5518] xfs_mountfs+0xe5e/0x2330
[ 100.412818][ T5518] ? __pfx_xfs_mountfs+0x10/0x10
[ 100.412830][ T5518] ? trace_xfs_inode_timestamp_range+0x84/0x200
[ 100.412840][ T5518] xfs_fs_fill_super+0x11b3/0x1600
[ 100.412858][ T5518] get_tree_bdev_flags+0x40e/0x4d0
[ 100.412871][ T5518] ? __pfx_xfs_fs_fill_super+0x10/0x10
[ 100.412886][ T5518] ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 100.412901][ T5518] vfs_get_tree+0x8f/0x2b0
[ 100.412914][ T5518] do_new_mount+0x2a2/0x9e0
[ 100.412929][ T5518] ? __pfx_do_new_mount+0x10/0x10
[ 100.412941][ T5518] ? path_mount+0x61c/0xfe0
[ 100.412953][ T5518] ? user_path_at+0x44/0x60
[ 100.412966][ T5518] __se_sys_mount+0x317/0x410
[ 100.412981][ T5518] ? __pfx___se_sys_mount+0x10/0x10
[ 100.412997][ T5518] ? do_syscall_64+0xbe/0x3b0
[ 100.413056][ T5518] ? __x64_sys_mount+0x20/0xc0
[ 100.413070][ T5518] do_syscall_64+0xfa/0x3b0
[ 100.413081][ T5518] ? lockdep_hardirqs_on+0x9c/0x150
[ 100.413091][ T5518] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 100.413102][ T5518] ? clear_bhb_loop+0x60/0xb0
[ 100.413120][ T5518] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 100.413131][ T5518] RIP: 0033:0x7f4339d9034a
[ 100.413142][ T5518] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 100.413151][ T5518] RSP: 002b:00007fffba89c108 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 100.413164][ T5518] RAX: ffffffffffffffda RBX: 00007fffba89c190 RCX: 00007f4339d9034a
[ 100.413173][ T5518] RDX: 0000200000000500 RSI: 0000200000000200 RDI: 00007fffba89c150
[ 100.413180][ T5518] RBP: 0000200000000500 R08: 00007fffba89c190 R09: 0000000002218a5d
[ 100.413187][ T5518] R10: 0000000002218a5d R11: 0000000000000246 R12: 0000200000000200
[ 100.413194][ T5518] R13: 00007fffba89c150 R14: 00000000000096bf R15: 0000200000000380
[ 100.413204][ T5518]
[ 100.413208][ T5518]
[ 100.543671][ T5518] Allocated by task 5518:
[ 100.545460][ T5518] kasan_save_track+0x3e/0x80
[ 100.547426][ T5518] __kasan_kmalloc+0x93/0xb0
[ 100.549504][ T5518] __kvmalloc_node_noprof+0x30d/0x5f0
[ 100.551876][ T5518] xlog_do_recovery_pass+0x106/0xc30
[ 100.554164][ T5518] xlog_verify_head+0x136/0x440
[ 100.556251][ T5518] xlog_find_tail+0x5ca/0x840
[ 100.558261][ T5518] xlog_recover+0x4b/0x3e0
[ 100.560139][ T5518] xfs_log_mount+0x253/0x3e0
[ 100.562023][ T5518] xfs_mountfs+0xe5e/0x2330
[ 100.563890][ T5518] xfs_fs_fill_super+0x11b3/0x1600
[ 100.566072][ T5518] get_tree_bdev_flags+0x40e/0x4d0
[ 100.568258][ T5518] vfs_get_tree+0x8f/0x2b0
[ 100.570132][ T5518] do_new_mount+0x2a2/0x9e0
[ 100.572027][ T5518] __se_sys_mount+0x317/0x410
[ 100.574075][ T5518] do_syscall_64+0xfa/0x3b0
[ 100.576024][ T5518] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 100.578389][ T5518]
[ 100.579446][ T5518] The buggy address belongs to the object at ffff888034bc8400
[ 100.579446][ T5518] which belongs to the cache kmalloc-512 of size 512
[ 100.585248][ T5518] The buggy address is located 0 bytes to the right of
[ 100.585248][ T5518] allocated 512-byte region [ffff888034bc8400, ffff888034bc8600)
[ 100.591060][ T5518]
[ 100.592107][ T5518] The buggy address belongs to the physical page:
[ 100.594754][ T5518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x34bc8
[ 100.598521][ T5518] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 100.602097][ T5518] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[ 100.605280][ T5518] page_type: f5(slab)
[ 100.607092][ T5518] raw: 04fff00000000040 ffff88801a441c80 ffffea0000d8b780 dead000000000002
[ 100.610807][ T5518] raw: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[ 100.614404][ T5518] head: 04fff00000000040 ffff88801a441c80 ffffea0000d8b780 dead000000000002
[ 100.618142][ T5518] head: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[ 100.621829][ T5518] head: 04fff00000000001 ffffea0000d2f201 00000000ffffffff 00000000ffffffff
[ 100.625464][ T5518] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 100.629152][ T5518] page dumped because: kasan: bad access detected
[ 100.631831][ T5518] page_owner tracks the page as allocated
[ 100.634255][ T5518] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 24309130644, free_ts 15886860872
[ 100.642965][ T5518] post_alloc_hook+0x240/0x2a0
[ 100.645073][ T5518] get_page_from_freelist+0x21e4/0x22c0
[ 100.647382][ T5518] __alloc_frozen_pages_noprof+0x181/0x370
[ 100.649805][ T5518] alloc_pages_mpol+0x232/0x4a0
[ 100.651852][ T5518] allocate_slab+0x8a/0x370
[ 100.653819][ T5518] ___slab_alloc+0xbeb/0x1420
[ 100.655815][ T5518] __kmalloc_cache_noprof+0x296/0x3d0
[ 100.658173][ T5518] snd_mixer_oss_build_test+0xad/0x370
[ 100.660537][ T5518] snd_mixer_oss_build_input+0x377/0x1370
[ 100.663013][ T5518] snd_mixer_oss_notify_handler+0x93e/0x1060
[ 100.665613][ T5518] snd_card_register+0x5e7/0x760
[ 100.667793][ T5518] snd_dummy_probe+0x108f/0x1870
[ 100.669933][ T5518] platform_probe+0xf9/0x190
[ 100.671901][ T5518] really_probe+0x26d/0x9e0
[ 100.673867][ T5518] __driver_probe_device+0x18c/0x2f0
[ 100.676094][ T5518] driver_probe_device+0x4f/0x430
[ 100.678253][ T5518] page last free pid 1 tgid 1 stack trace:
[ 100.680795][ T5518] __free_frozen_pages+0xbc4/0xd30
[ 100.683011][ T5518] __put_partials+0x156/0x1a0
[ 100.684988][ T5518] put_cpu_partial+0x17c/0x250
[ 100.687063][ T5518] __slab_free+0x2d5/0x3c0
[ 100.689057][ T5518] qlist_free_all+0x97/0x140
[ 100.691053][ T5518] kasan_quarantine_reduce+0x148/0x160
[ 100.693354][ T5518] __kasan_slab_alloc+0x22/0x80
[ 100.695425][ T5518] __kmalloc_cache_noprof+0x1be/0x3d0
[ 100.697703][ T5518] __usb_serial_register_drivers+0x61/0xc80
[ 100.700271][ T5518] do_one_initcall+0x233/0x820
[ 100.702369][ T5518] do_initcall_level+0x104/0x190
[ 100.705346][ T5518] do_initcalls+0x59/0xa0
[ 100.707126][ T5518] kernel_init_freeable+0x334/0x4b0
[ 100.709377][ T5518] kernel_init+0x1d/0x1d0
[ 100.711196][ T5518] ret_from_fork+0x436/0x7d0
[ 100.713228][ T5518] ret_from_fork_asm+0x1a/0x30
[ 100.715306][ T5518]
[ 100.716309][ T5518] Memory state around the buggy address:
[ 100.718688][ T5518] ffff888034bc8500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 100.722017][ T5518] ffff888034bc8580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 100.725318][ T5518] >ffff888034bc8600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 100.728649][ T5518] ^
[ 100.730268][ T5518] ffff888034bc8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 100.733904][ T5518] ffff888034bc8700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 100.738013][ T5518] ==================================================================
[ 100.877792][ T4707] Bluetooth: hci0: command tx timeout
[ 100.881812][ T5518] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 100.884820][ T5518] CPU: 0 UID: 0 PID: 5518 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full)
[ 100.888526][ T5518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 100.893107][ T5518] Call Trace:
[ 100.894868][ T5518]
[ 100.896423][ T5518] dump_stack_lvl+0x99/0x250
[ 100.898634][ T5518] ? __asan_memcpy+0x40/0x70
[ 100.900628][ T5518] ? __pfx_dump_stack_lvl+0x10/0x10
[ 100.902853][ T5518] ? __pfx__printk+0x10/0x10
[ 100.904861][ T5518] vpanic+0x281/0x750
[ 100.906390][ T5518] ? preempt_schedule+0xae/0xc0
[ 100.908702][ T5518] ? __pfx_vpanic+0x10/0x10
[ 100.911129][ T5518] ? preempt_schedule_common+0x83/0xd0
[ 100.913514][ T5518] ? preempt_schedule+0xae/0xc0
[ 100.915527][ T5518] ? __pfx_preempt_schedule+0x10/0x10
[ 100.917814][ T5518] panic+0xb9/0xc0
[ 100.919346][ T5518] ? __pfx_panic+0x10/0x10
[ 100.921130][ T5518] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 100.923535][ T5518] ? crc32c+0xd0/0x460
[ 100.925222][ T5518] check_panic_on_warn+0x89/0xb0
[ 100.927374][ T5518] ? crc32c+0xd0/0x460
[ 100.929179][ T5518] end_report+0x78/0x160
[ 100.930908][ T5518] kasan_report+0x129/0x150
[ 100.932703][ T5518] ? crc32c+0xd0/0x460
[ 100.934273][ T5518] crc32c+0xd0/0x460
[ 100.935770][ T5518] ? xlog_cksum+0x6b/0xf0
[ 100.937421][ T5518] xlog_cksum+0x92/0xf0
[ 100.939221][ T5518] xlog_recover_process+0x7a/0x1f0
[ 100.941392][ T5518] xlog_do_recovery_pass+0x9cd/0xc30
[ 100.943578][ T5518] ? __pfx_xlog_do_recovery_pass+0x10/0x10
[ 100.945952][ T5518] ? xlog_verify_head+0xf2/0x440
[ 100.948084][ T5518] xlog_verify_head+0x136/0x440
[ 100.950208][ T5518] xlog_find_tail+0x5ca/0x840
[ 100.952249][ T5518] xlog_recover+0x4b/0x3e0
[ 100.954191][ T5518] xfs_log_mount+0x253/0x3e0
[ 100.956223][ T5518] xfs_mountfs+0xe5e/0x2330
[ 100.958161][ T5518] ? __pfx_xfs_mountfs+0x10/0x10
[ 100.960319][ T5518] ? trace_xfs_inode_timestamp_range+0x84/0x200
[ 100.963012][ T5518] xfs_fs_fill_super+0x11b3/0x1600
[ 100.965237][ T5518] get_tree_bdev_flags+0x40e/0x4d0
[ 100.967466][ T5518] ? __pfx_xfs_fs_fill_super+0x10/0x10
[ 100.969792][ T5518] ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 100.972473][ T5518] vfs_get_tree+0x8f/0x2b0
[ 100.974674][ T5518] do_new_mount+0x2a2/0x9e0
[ 100.976663][ T5518] ? __pfx_do_new_mount+0x10/0x10
[ 100.978838][ T5518] ? path_mount+0x61c/0xfe0
[ 100.980845][ T5518] ? user_path_at+0x44/0x60
[ 100.982925][ T5518] __se_sys_mount+0x317/0x410
[ 100.984842][ T5518] ? __pfx___se_sys_mount+0x10/0x10
[ 100.987059][ T5518] ? do_syscall_64+0xbe/0x3b0
[ 100.989317][ T5518] ? __x64_sys_mount+0x20/0xc0
[ 100.991355][ T5518] do_syscall_64+0xfa/0x3b0
[ 100.993304][ T5518] ? lockdep_hardirqs_on+0x9c/0x150
[ 100.995517][ T5518] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 100.998116][ T5518] ? clear_bhb_loop+0x60/0xb0
[ 101.000195][ T5518] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 101.002742][ T5518] RIP: 0033:0x7f4339d9034a
[ 101.004618][ T5518] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 101.012670][ T5518] RSP: 002b:00007fffba89c108 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 101.016267][ T5518] RAX: ffffffffffffffda RBX: 00007fffba89c190 RCX: 00007f4339d9034a
[ 101.019647][ T5518] RDX: 0000200000000500 RSI: 0000200000000200 RDI: 00007fffba89c150
[ 101.023089][ T5518] RBP: 0000200000000500 R08: 00007fffba89c190 R09: 0000000002218a5d
[ 101.026371][ T5518] R10: 0000000002218a5d R11: 0000000000000246 R12: 0000200000000200
[ 101.029748][ T5518] R13: 00007fffba89c150 R14: 00000000000096bf R15: 0000200000000380
[ 101.033053][ T5518]
[ 101.034731][ T5518] Kernel Offset: disabled
[ 101.036503][ T5518] Rebooting in 86400 seconds..
VM DIAGNOSIS:
12:23:26 Registers:
info registers vcpu 0
CPU#0
RAX=0000000000000038 RBX=0000000000000038 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90002afef10
R8 =ffff888033de0237 R9 =1ffff110067bc046 R10=dffffc0000000000 R11=ffffffff855120c0
R12=dffffc0000000000 R13=ffffffff99b0b8e5 R14=ffffffff99e00820 R15=0000000000000000
RIP=ffffffff8551213c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055558e0da500 ffffffff 00c00000
GS =0000 ffff88808d20a000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f486bd51000 CR3=0000000059e9f000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000c0c40000 Opmask01=0000000000000001 Opmask02=000000000000ffdf Opmask03=0000000000000000
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055edd44712d8 000055edd44712d8
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055edd44611f0
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055edd44720e8
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f486b7f1b20
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ffffffffffff0000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ffff00000000ff00
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2a2a2a2a2a2a2a28 d5d5d5d5d5d5d442
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2a2a7fc7fe6311ba 2a2a7fc7fe6d2a1b
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 20676e6964616572 004b4f2034366f66 6e695f706f6f6c20 676e696461657200
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 05424b4c41444057 004b4f0511134a43 4b4c5f554a4a4905 424b4c4144405700
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7361647c2a737369 63637c2a65686361 63627c2a6476787c 2a64767c2a72737c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7265747369676572 6e755f7665647465 6e2e65726f632e74 656e2e6c74637379
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e617020343d7372 6f6e696d5f796361 67656c5f6d756e5f 6964656d6f632e69
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 64656d6f63203233 3d78616d5f736462 6e2032333d706f6f 6c5f78616d203233
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d6d756e2e646368 5f796d6d75642030 34313d736365735f 74756f656d69745f
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7265747369676572 6e755f7665647465 6e2e65726f632e74 656e2e6c74637379
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000