Warning: Permanently added '10.128.1.8' (ED25519) to the list of known hosts.
2025/09/04 02:38:11 parsed 1 programs
[ 73.503714][ T5867] cgroup: Unknown subsys name 'net'
[ 73.626186][ T5867] cgroup: Unknown subsys name 'cpuset'
[ 73.634402][ T5867] cgroup: Unknown subsys name 'rlimit'
[ 75.075505][ T5867] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 77.616419][ T5874] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 77.752145][ T5182] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 77.761736][ T5182] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 77.770027][ T5182] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 77.778220][ T5182] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 77.786236][ T5182] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 78.946336][ T5908] chnl_net:caif_netlink_parms(): no params data found
[ 79.035570][ T5908] bridge0: port 1(bridge_slave_0) entered blocking state
[ 79.043754][ T5908] bridge0: port 1(bridge_slave_0) entered disabled state
[ 79.050902][ T5908] bridge_slave_0: entered allmulticast mode
[ 79.058744][ T5908] bridge_slave_0: entered promiscuous mode
[ 79.067358][ T5908] bridge0: port 2(bridge_slave_1) entered blocking state
[ 79.075660][ T5908] bridge0: port 2(bridge_slave_1) entered disabled state
[ 79.082820][ T5908] bridge_slave_1: entered allmulticast mode
[ 79.089655][ T5908] bridge_slave_1: entered promiscuous mode
[ 79.119412][ T5908] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 79.130569][ T5908] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 79.158669][ T5908] team0: Port device team_slave_0 added
[ 79.166885][ T5908] team0: Port device team_slave_1 added
[ 79.192088][ T5908] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 79.199046][ T5908] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 79.225598][ T5908] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 79.238500][ T5908] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 79.245556][ T5908] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 79.271604][ T5908] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 79.310706][ T5908] hsr_slave_0: entered promiscuous mode
[ 79.317010][ T5908] hsr_slave_1: entered promiscuous mode
[ 79.449534][ T5908] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 79.460900][ T5908] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 79.470879][ T5908] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 79.480558][ T5908] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 79.511128][ T5908] bridge0: port 2(bridge_slave_1) entered blocking state
[ 79.518302][ T5908] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 79.526030][ T5908] bridge0: port 1(bridge_slave_0) entered blocking state
[ 79.533131][ T5908] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 79.582038][ T5908] 8021q: adding VLAN 0 to HW filter on device bond0
[ 79.599455][ T36] bridge0: port 1(bridge_slave_0) entered disabled state
[ 79.607932][ T36] bridge0: port 2(bridge_slave_1) entered disabled state
[ 79.624575][ T5908] 8021q: adding VLAN 0 to HW filter on device team0
[ 79.638604][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 79.645756][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 79.659758][ T36] bridge0: port 2(bridge_slave_1) entered blocking state
[ 79.666856][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 79.820786][ T5908] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 79.862637][ T5908] veth0_vlan: entered promiscuous mode
[ 79.872537][ T5908] veth1_vlan: entered promiscuous mode
[ 79.898737][ T5908] veth0_macvtap: entered promiscuous mode
[ 79.908822][ T5908] veth1_macvtap: entered promiscuous mode
[ 79.927479][ T5908] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 79.941244][ T5908] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 79.957178][ T62] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.966564][ T62] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.978211][ T62] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.987192][ T62] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.100569][ T62] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 80.187009][ T62] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 80.264802][ T62] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 80.350421][ T62] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 81.265677][ T2986] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 81.278313][ T2986] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 81.304504][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 81.312407][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/09/04 02:38:22 executed programs: 0
[ 82.508381][ T5182] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 82.517013][ T5182] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 82.524927][ T5182] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 82.535482][ T5182] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 82.543205][ T5182] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 82.684548][ T5977] chnl_net:caif_netlink_parms(): no params data found
[ 82.749686][ T5977] bridge0: port 1(bridge_slave_0) entered blocking state
[ 82.756909][ T5977] bridge0: port 1(bridge_slave_0) entered disabled state
[ 82.764113][ T5977] bridge_slave_0: entered allmulticast mode
[ 82.771233][ T5977] bridge_slave_0: entered promiscuous mode
[ 82.779972][ T5977] bridge0: port 2(bridge_slave_1) entered blocking state
[ 82.788411][ T5977] bridge0: port 2(bridge_slave_1) entered disabled state
[ 82.795795][ T5977] bridge_slave_1: entered allmulticast mode
[ 82.803491][ T5977] bridge_slave_1: entered promiscuous mode
[ 82.837476][ T5977] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 82.871744][ T5977] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 82.906789][ T5977] team0: Port device team_slave_0 added
[ 82.932250][ T5977] team0: Port device team_slave_1 added
[ 82.976551][ T62] bridge_slave_1: left allmulticast mode
[ 82.982334][ T62] bridge_slave_1: left promiscuous mode
[ 82.989272][ T62] bridge0: port 2(bridge_slave_1) entered disabled state
[ 83.001139][ T62] bridge_slave_0: left allmulticast mode
[ 83.007771][ T62] bridge_slave_0: left promiscuous mode
[ 83.013567][ T62] bridge0: port 1(bridge_slave_0) entered disabled state
[ 83.218382][ T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 83.229875][ T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 83.239824][ T62] bond0 (unregistering): Released all slaves
[ 83.251902][ T5977] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 83.259030][ T5977] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 83.285427][ T5977] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 83.319859][ T5977] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 83.326881][ T5977] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 83.352799][ T5977] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 83.418740][ T62] hsr_slave_0: left promiscuous mode
[ 83.428378][ T62] hsr_slave_1: left promiscuous mode
[ 83.437061][ T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 83.447508][ T62] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 83.456406][ T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 83.465566][ T62] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 83.486825][ T62] veth1_macvtap: left promiscuous mode
[ 83.492504][ T62] veth0_macvtap: left promiscuous mode
[ 83.498607][ T62] veth1_vlan: left promiscuous mode
[ 83.505623][ T62] veth0_vlan: left promiscuous mode
[ 83.925855][ T62] team0 (unregistering): Port device team_slave_1 removed
[ 83.950313][ T62] team0 (unregistering): Port device team_slave_0 removed
[ 84.153917][ T5977] hsr_slave_0: entered promiscuous mode
[ 84.160104][ T5977] hsr_slave_1: entered promiscuous mode
[ 84.633708][ T52] Bluetooth: hci0: command tx timeout
[ 85.035903][ T5977] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 85.127331][ T5977] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 85.165469][ T5977] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 85.227388][ T5977] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 85.412112][ T5977] 8021q: adding VLAN 0 to HW filter on device bond0
[ 85.455559][ T5977] 8021q: adding VLAN 0 to HW filter on device team0
[ 85.491369][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 85.498545][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 85.547356][ T36] bridge0: port 2(bridge_slave_1) entered blocking state
[ 85.554552][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 85.831708][ T5977] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 85.897387][ T5977] veth0_vlan: entered promiscuous mode
[ 85.911742][ T5977] veth1_vlan: entered promiscuous mode
[ 85.952151][ T5977] veth0_macvtap: entered promiscuous mode
[ 85.967083][ T5977] veth1_macvtap: entered promiscuous mode
[ 85.992277][ T5977] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 86.011914][ T5977] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 86.030133][ T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.057217][ T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.081739][ T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.100316][ T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.151208][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 86.165937][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 86.197046][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 86.205328][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 86.398446][ T6051] loop0: detected capacity change from 0 to 32768
[ 86.447480][ T6051] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 86.466722][ T6051] OCFS2: ERROR (device loop0): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #0 has bad signature �������
[ 86.483386][ T6051] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[ 86.497438][ T6051] OCFS2: File system is now read-only.
[ 86.503519][ T6051] (syz.0.17,6051,0):ocfs2_search_chain:1817 ERROR: status = -30
[ 86.511323][ T6051] (syz.0.17,6051,0):ocfs2_search_chain:1940 ERROR: status = -30
[ 86.521015][ T6051] (syz.0.17,6051,0):ocfs2_claim_suballoc_bits:2010 ERROR: status = -30
[ 86.529876][ T6051] (syz.0.17,6051,0):ocfs2_claim_suballoc_bits:2063 ERROR: status = -30
[ 86.538395][ T6051] (syz.0.17,6051,0):ocfs2_claim_new_inode:2298 ERROR: status = -30
[ 86.546924][ T6051] (syz.0.17,6051,0):ocfs2_claim_new_inode:2313 ERROR: status = -30
[ 86.555406][ T6051] (syz.0.17,6051,0):ocfs2_mknod_locked:641 ERROR: status = -30
[ 86.563638][ T6051] (syz.0.17,6051,0):ocfs2_mknod:388 ERROR: status = -30
[ 86.571256][ T6051] (syz.0.17,6051,0):ocfs2_mknod:505 ERROR: status = -30
[ 86.579350][ T6051] (syz.0.17,6051,0):ocfs2_mkdir:661 ERROR: status = -30
[ 86.598105][ T5977] ocfs2: Unmounting device (7,0) on (node local)
[ 86.648219][ T43] cfg80211: failed to load regulatory.db
[ 86.715748][ T52] Bluetooth: hci0: command tx timeout
[ 86.865326][ T6055] loop0: detected capacity change from 0 to 32768
[ 86.889022][ T6055] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 86.902542][ T6055] OCFS2: ERROR (device loop0): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #0 has bad signature �������
[ 86.918442][ T6055] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[ 86.930067][ T6055] OCFS2: File system is now read-only.
[ 86.937526][ T6055] (syz.0.18,6055,0):ocfs2_search_chain:1817 ERROR: status = -30
[ 86.945324][ T6055] (syz.0.18,6055,0):ocfs2_search_chain:1940 ERROR: status = -30
[ 86.953642][ T6055] (syz.0.18,6055,0):ocfs2_claim_suballoc_bits:2010 ERROR: status = -30
[ 86.962003][ T6055] (syz.0.18,6055,0):ocfs2_claim_suballoc_bits:2063 ERROR: status = -30
[ 86.971239][ T6055] (syz.0.18,6055,0):ocfs2_claim_new_inode:2298 ERROR: status = -30
[ 86.979264][ T6055] (syz.0.18,6055,0):ocfs2_claim_new_inode:2313 ERROR: status = -30
[ 86.987298][ T6055] (syz.0.18,6055,0):ocfs2_mknod_locked:641 ERROR: status = -30
[ 86.994863][ T6055] (syz.0.18,6055,0):ocfs2_mknod:388 ERROR: status = -30
[ 87.001869][ T6055] (syz.0.18,6055,0):ocfs2_mknod:505 ERROR: status = -30
[ 87.009174][ T6055] (syz.0.18,6055,0):ocfs2_mkdir:661 ERROR: status = -30
[ 87.024242][ T5977] ocfs2: Unmounting device (7,0) on (node local)
[ 87.292392][ T6059] loop0: detected capacity change from 0 to 32768
[ 87.318311][ T6059] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 87.330799][ T6059] OCFS2: ERROR (device loop0): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #0 has bad signature �������
[ 87.347626][ T6059] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[ 87.363270][ T6059] OCFS2: File system is now read-only.
[ 87.368750][ T6059] (syz.0.19,6059,1):ocfs2_search_chain:1817 ERROR: status = -30
[ 87.377725][ T6059] (syz.0.19,6059,1):ocfs2_search_chain:1940 ERROR: status = -30
[ 87.386257][ T6059] (syz.0.19,6059,1):ocfs2_claim_suballoc_bits:2010 ERROR: status = -30
[ 87.396250][ T6059] (syz.0.19,6059,1):ocfs2_claim_suballoc_bits:2063 ERROR: status = -30
[ 87.405426][ T6059] (syz.0.19,6059,1):ocfs2_claim_new_inode:2298 ERROR: status = -30
[ 87.414483][ T6059] (syz.0.19,6059,1):ocfs2_claim_new_inode:2313 ERROR: status = -30
[ 87.424380][ T6059] (syz.0.19,6059,1):ocfs2_mknod_locked:641 ERROR: status = -30
[ 87.431957][ T6059] (syz.0.19,6059,1):ocfs2_mknod:388 ERROR: status = -30
2025/09/04 02:38:27 executed programs: 5
[ 87.441010][ T6059] (syz.0.19,6059,1):ocfs2_mknod:505 ERROR: status = -30
[ 87.448132][ T6059] (syz.0.19,6059,1):ocfs2_mkdir:661 ERROR: status = -30
[ 87.462365][ T5977] ocfs2: Unmounting device (7,0) on (node local)
[ 87.720916][ T6063] loop0: detected capacity change from 0 to 32768
[ 87.747297][ T6063] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 87.760690][ T6063] OCFS2: ERROR (device loop0): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #11 has bad signature
[ 87.779835][ T6063] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[ 87.791337][ T6063] OCFS2: File system is now read-only.
[ 87.797998][ T6063] (syz.0.20,6063,1):ocfs2_search_chain:1817 ERROR: status = -30
[ 87.807967][ T6063] (syz.0.20,6063,1):ocfs2_search_chain:1940 ERROR: status = -30
[ 87.816874][ T6063] (syz.0.20,6063,1):ocfs2_claim_suballoc_bits:2010 ERROR: status = -30
[ 87.825942][ T6063] (syz.0.20,6063,1):ocfs2_claim_suballoc_bits:2063 ERROR: status = -30
[ 87.837430][ T6063] (syz.0.20,6063,1):ocfs2_claim_new_inode:2298 ERROR: status = -30
[ 87.845674][ T6063] (syz.0.20,6063,1):ocfs2_claim_new_inode:2313 ERROR: status = -30
[ 87.854740][ T6063] (syz.0.20,6063,1):ocfs2_mknod_locked:641 ERROR: status = -30
[ 87.862318][ T6063] (syz.0.20,6063,1):ocfs2_mknod:388 ERROR: status = -30
[ 87.869656][ T6063] (syz.0.20,6063,0):ocfs2_mknod:505 ERROR: status = -30
[ 87.877799][ T6063] (syz.0.20,6063,1):ocfs2_mkdir:661 ERROR: status = -30
[ 87.892500][ T5977] ocfs2: Unmounting device (7,0) on (node local)
[ 88.144524][ T6067] loop0: detected capacity change from 0 to 32768
[ 88.183757][ T6067] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 88.196176][ T6067] ==================================================================
[ 88.204255][ T6067] BUG: KASAN: use-after-free in ocfs2_claim_suballoc_bits+0x8b2/0x2450
[ 88.212518][ T6067] Read of size 4 at addr ffff888063b91000 by task syz.0.21/6067
[ 88.220146][ T6067]
[ 88.222489][ T6067] CPU: 1 UID: 0 PID: 6067 Comm: syz.0.21 Not tainted syzkaller #0 PREEMPT(full)
[ 88.222514][ T6067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 88.222531][ T6067] Call Trace:
[ 88.222538][ T6067]
[ 88.222545][ T6067] dump_stack_lvl+0x189/0x250
[ 88.222568][ T6067] ? __kasan_check_byte+0x12/0x40
[ 88.222592][ T6067] ? __pfx_dump_stack_lvl+0x10/0x10
[ 88.222608][ T6067] ? lock_release+0x4b/0x3e0
[ 88.222630][ T6067] ? __virt_addr_valid+0x4a5/0x5c0
[ 88.222648][ T6067] print_report+0xca/0x240
[ 88.222663][ T6067] ? ocfs2_claim_suballoc_bits+0x8b2/0x2450
[ 88.222681][ T6067] kasan_report+0x118/0x150
[ 88.222703][ T6067] ? ocfs2_claim_suballoc_bits+0x8b2/0x2450
[ 88.222731][ T6067] ocfs2_claim_suballoc_bits+0x8b2/0x2450
[ 88.222760][ T6067] ? __pfx_ocfs2_claim_suballoc_bits+0x10/0x10
[ 88.222779][ T6067] ? start_this_handle+0x2065/0x21c0
[ 88.222812][ T6067] ? __lock_acquire+0xab9/0xd20
[ 88.222835][ T6067] ocfs2_claim_new_inode+0x332/0x7a0
[ 88.222859][ T6067] ? __pfx_ocfs2_claim_new_inode+0x10/0x10
[ 88.222880][ T6067] ? _raw_spin_lock_irq+0xae/0xf0
[ 88.222897][ T6067] ? __pfx__raw_spin_lock_irq+0x10/0x10
[ 88.222918][ T6067] ocfs2_mknod_locked+0x100/0x250
[ 88.222938][ T6067] ? __pfx_ocfs2_mknod_locked+0x10/0x10
[ 88.222955][ T6067] ? dquot_alloc_inode+0x216/0xa50
[ 88.222974][ T6067] ? ocfs2_block_signals+0x94/0xe0
[ 88.222990][ T6067] ? __pfx_ocfs2_block_signals+0x10/0x10
[ 88.223008][ T6067] ? ocfs2_init_security_get+0x139/0x1a0
[ 88.223029][ T6067] ocfs2_mknod+0x10c7/0x2050
[ 88.223050][ T6067] ? __pfx_ocfs2_mknod+0x10/0x10
[ 88.223066][ T6067] ? do_raw_spin_unlock+0x122/0x240
[ 88.223084][ T6067] ? ocfs2_inode_lock_full_nested+0xabe/0x1b40
[ 88.223112][ T6067] ? __lock_acquire+0xab9/0xd20
[ 88.223142][ T6067] ? __lock_acquire+0xab9/0xd20
[ 88.223166][ T6067] ? do_raw_spin_lock+0x121/0x290
[ 88.223188][ T6067] ? do_raw_spin_unlock+0x122/0x240
[ 88.223208][ T6067] ? put_pid+0xe9/0x130
[ 88.223227][ T6067] ocfs2_mkdir+0x191/0x440
[ 88.223244][ T6067] ? __pfx_from_kgid+0x10/0x10
[ 88.223263][ T6067] ? apparmor_path_mkdir+0x1a7/0x220
[ 88.223285][ T6067] ? __pfx_ocfs2_mkdir+0x10/0x10
[ 88.223301][ T6067] ? HAS_UNMAPPED_ID+0x11a/0x180
[ 88.223319][ T6067] ? inode_permission+0x149/0x470
[ 88.223334][ T6067] ? __pfx_ocfs2_permission+0x10/0x10
[ 88.223349][ T6067] ? bpf_lsm_inode_mkdir+0x9/0x20
[ 88.223367][ T6067] vfs_mkdir+0x306/0x510
[ 88.223389][ T6067] do_mkdirat+0x247/0x590
[ 88.223410][ T6067] ? __pfx_do_mkdirat+0x10/0x10
[ 88.223430][ T6067] ? getname_flags+0x1e5/0x540
[ 88.223448][ T6067] __x64_sys_mkdirat+0x87/0xa0
[ 88.223468][ T6067] do_syscall_64+0xfa/0xfa0
[ 88.223485][ T6067] ? lockdep_hardirqs_on+0x9c/0x150
[ 88.223502][ T6067] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.223519][ T6067] ? clear_bhb_loop+0x60/0xb0
[ 88.223536][ T6067] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.223553][ T6067] RIP: 0033:0x7f9add58ebe9
[ 88.223574][ T6067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 88.223587][ T6067] RSP: 002b:00007f9ade31f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 88.223605][ T6067] RAX: ffffffffffffffda RBX: 00007f9add7c5fa0 RCX: 00007f9add58ebe9
[ 88.223618][ T6067] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 88.223629][ T6067] RBP: 00007f9add611e19 R08: 0000000000000000 R09: 0000000000000000
[ 88.223640][ T6067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 88.223650][ T6067] R13: 00007f9add7c6038 R14: 00007f9add7c5fa0 R15: 00007ffcd111ad38
[ 88.223670][ T6067]
[ 88.223676][ T6067]
[ 88.579747][ T6067] The buggy address belongs to the physical page:
[ 88.586147][ T6067] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x7faf1f61b pfn:0x63b91
[ 88.595580][ T6067] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 88.602683][ T6067] raw: 00fff00000000000 ffffea0001bfbd48 ffffea00018ef488 0000000000000000
[ 88.611250][ T6067] raw: 00000007faf1f61b 0000000000000000 00000000ffffffff 0000000000000000
[ 88.619803][ T6067] page dumped because: kasan: bad access detected
[ 88.626197][ T6067] page_owner tracks the page as freed
[ 88.631541][ T6067] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|__GFP_COMP), pid 5875, tgid 5875 (udevd), ts 88252414639, free_ts 88279834187
[ 88.649573][ T6067] post_alloc_hook+0x240/0x2a0
[ 88.654323][ T6067] get_page_from_freelist+0x21e4/0x22c0
[ 88.659848][ T6067] __alloc_frozen_pages_noprof+0x181/0x370
[ 88.665630][ T6067] alloc_pages_mpol+0x232/0x4a0
[ 88.670466][ T6067] vma_alloc_folio_noprof+0xe4/0x200
[ 88.675731][ T6067] folio_prealloc+0x30/0x180
[ 88.680300][ T6067] __handle_mm_fault+0x2a8b/0x5400
[ 88.685385][ T6067] handle_mm_fault+0x40a/0x8e0
[ 88.690124][ T6067] do_user_addr_fault+0x764/0x1390
[ 88.695214][ T6067] exc_page_fault+0x82/0x100
[ 88.699781][ T6067] asm_exc_page_fault+0x26/0x30
[ 88.704609][ T6067] page last free pid 5875 tgid 5875 stack trace:
[ 88.710908][ T6067] free_unref_folios+0xdb3/0x14f0
[ 88.715911][ T6067] folios_put_refs+0x559/0x640
[ 88.720653][ T6067] folio_batch_move_lru+0x39b/0x420
[ 88.725824][ T6067] lru_add_drain_cpu+0x119/0x880
[ 88.730737][ T6067] lru_add_drain+0x122/0x3e0
[ 88.735300][ T6067] __folio_batch_release+0x48/0x90
[ 88.740385][ T6067] shmem_undo_range+0x49e/0x14b0
[ 88.745296][ T6067] shmem_evict_inode+0x272/0xa70
[ 88.750217][ T6067] evict+0x504/0x9c0
[ 88.754091][ T6067] __dentry_kill+0x209/0x660
[ 88.758656][ T6067] dput+0x19f/0x2b0
[ 88.762438][ T6067] do_renameat2+0x6de/0xa80
[ 88.766922][ T6067] __x64_sys_rename+0x82/0x90
[ 88.771579][ T6067] do_syscall_64+0xfa/0xfa0
[ 88.776059][ T6067] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.781928][ T6067]
[ 88.784230][ T6067] Memory state around the buggy address:
[ 88.789834][ T6067] ffff888063b90f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 88.797873][ T6067] ffff888063b90f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 88.805909][ T6067] >ffff888063b91000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 88.813947][ T6067] ^
[ 88.817990][ T6067] ffff888063b91080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 88.826027][ T6067] ffff888063b91100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 88.834060][ T6067] ==================================================================
[ 88.843762][ T52] Bluetooth: hci0: command tx timeout
[ 88.851943][ T6067] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 88.859145][ T6067] CPU: 1 UID: 0 PID: 6067 Comm: syz.0.21 Not tainted syzkaller #0 PREEMPT(full)
[ 88.868250][ T6067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 88.878298][ T6067] Call Trace:
[ 88.881559][ T6067]
[ 88.884472][ T6067] dump_stack_lvl+0x99/0x250
[ 88.889071][ T6067] ? __asan_memcpy+0x40/0x70
[ 88.893643][ T6067] ? __pfx_dump_stack_lvl+0x10/0x10
[ 88.898825][ T6067] ? __pfx__printk+0x10/0x10
[ 88.903400][ T6067] vpanic+0x229/0x6d0
[ 88.907366][ T6067] ? __pfx_vpanic+0x10/0x10
[ 88.911845][ T6067] ? preempt_schedule+0xae/0xc0
[ 88.916675][ T6067] ? __pfx_preempt_schedule+0x10/0x10
[ 88.922025][ T6067] panic+0xb9/0xc0
[ 88.925725][ T6067] ? __pfx_panic+0x10/0x10
[ 88.930120][ T6067] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 88.935991][ T6067] ? ocfs2_claim_suballoc_bits+0x8b2/0x2450
[ 88.941866][ T6067] check_panic_on_warn+0x89/0xb0
[ 88.946783][ T6067] ? ocfs2_claim_suballoc_bits+0x8b2/0x2450
[ 88.952659][ T6067] end_report+0x78/0x160
[ 88.956905][ T6067] kasan_report+0x129/0x150
[ 88.961410][ T6067] ? ocfs2_claim_suballoc_bits+0x8b2/0x2450
[ 88.967293][ T6067] ocfs2_claim_suballoc_bits+0x8b2/0x2450
[ 88.973006][ T6067] ? __pfx_ocfs2_claim_suballoc_bits+0x10/0x10
[ 88.979145][ T6067] ? start_this_handle+0x2065/0x21c0
[ 88.984434][ T6067] ? __lock_acquire+0xab9/0xd20
[ 88.989281][ T6067] ocfs2_claim_new_inode+0x332/0x7a0
[ 88.994559][ T6067] ? __pfx_ocfs2_claim_new_inode+0x10/0x10
[ 89.000359][ T6067] ? _raw_spin_lock_irq+0xae/0xf0
[ 89.005372][ T6067] ? __pfx__raw_spin_lock_irq+0x10/0x10
[ 89.010912][ T6067] ocfs2_mknod_locked+0x100/0x250
[ 89.015926][ T6067] ? __pfx_ocfs2_mknod_locked+0x10/0x10
[ 89.021457][ T6067] ? dquot_alloc_inode+0x216/0xa50
[ 89.026554][ T6067] ? ocfs2_block_signals+0x94/0xe0
[ 89.031650][ T6067] ? __pfx_ocfs2_block_signals+0x10/0x10
[ 89.037269][ T6067] ? ocfs2_init_security_get+0x139/0x1a0
[ 89.042890][ T6067] ocfs2_mknod+0x10c7/0x2050
[ 89.047471][ T6067] ? __pfx_ocfs2_mknod+0x10/0x10
[ 89.052394][ T6067] ? do_raw_spin_unlock+0x122/0x240
[ 89.057580][ T6067] ? ocfs2_inode_lock_full_nested+0xabe/0x1b40
[ 89.063730][ T6067] ? __lock_acquire+0xab9/0xd20
[ 89.068576][ T6067] ? __lock_acquire+0xab9/0xd20
[ 89.073416][ T6067] ? do_raw_spin_lock+0x121/0x290
[ 89.078427][ T6067] ? do_raw_spin_unlock+0x122/0x240
[ 89.083612][ T6067] ? put_pid+0xe9/0x130
[ 89.087753][ T6067] ocfs2_mkdir+0x191/0x440
[ 89.092154][ T6067] ? __pfx_from_kgid+0x10/0x10
[ 89.096903][ T6067] ? apparmor_path_mkdir+0x1a7/0x220
[ 89.102175][ T6067] ? __pfx_ocfs2_mkdir+0x10/0x10
[ 89.107096][ T6067] ? HAS_UNMAPPED_ID+0x11a/0x180
[ 89.112018][ T6067] ? inode_permission+0x149/0x470
[ 89.117023][ T6067] ? __pfx_ocfs2_permission+0x10/0x10
[ 89.122383][ T6067] ? bpf_lsm_inode_mkdir+0x9/0x20
[ 89.127393][ T6067] vfs_mkdir+0x306/0x510
[ 89.131623][ T6067] do_mkdirat+0x247/0x590
[ 89.135939][ T6067] ? __pfx_do_mkdirat+0x10/0x10
[ 89.140784][ T6067] ? getname_flags+0x1e5/0x540
[ 89.145550][ T6067] __x64_sys_mkdirat+0x87/0xa0
[ 89.150315][ T6067] do_syscall_64+0xfa/0xfa0
[ 89.154818][ T6067] ? lockdep_hardirqs_on+0x9c/0x150
[ 89.160008][ T6067] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.166062][ T6067] ? clear_bhb_loop+0x60/0xb0
[ 89.170727][ T6067] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.176605][ T6067] RIP: 0033:0x7f9add58ebe9
[ 89.181007][ T6067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 89.200598][ T6067] RSP: 002b:00007f9ade31f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 89.209000][ T6067] RAX: ffffffffffffffda RBX: 00007f9add7c5fa0 RCX: 00007f9add58ebe9
[ 89.216957][ T6067] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 89.224910][ T6067] RBP: 00007f9add611e19 R08: 0000000000000000 R09: 0000000000000000
[ 89.232863][ T6067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 89.240815][ T6067] R13: 00007f9add7c6038 R14: 00007f9add7c5fa0 R15: 00007ffcd111ad38
[ 89.248777][ T6067]
[ 89.252023][ T6067] Kernel Offset: disabled
[ 89.256357][ T6067] Rebooting in 86400 seconds..