Warning: Permanently added '10.128.1.222' (ED25519) to the list of known hosts.
2025/12/09 14:11:33 parsed 1 programs
[ 106.656906][ T5818] cgroup: Unknown subsys name 'net'
[ 106.897702][ T5818] cgroup: Unknown subsys name 'cpuset'
[ 106.953663][ T5818] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 108.662295][ T5818] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 113.529445][ T5119] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 113.531845][ T5119] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 113.532881][ T5119] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 113.556952][ T5119] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 113.557775][ T5119] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 114.130998][ T2150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 114.131023][ T2150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 114.279436][ T1830] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 114.279463][ T1830] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 114.871347][ T5869] chnl_net:caif_netlink_parms(): no params data found
[ 115.860384][ T5869] bridge0: port 1(bridge_slave_0) entered blocking state
[ 115.872278][ T5869] bridge0: port 1(bridge_slave_0) entered disabled state
[ 115.872461][ T5869] bridge_slave_0: entered allmulticast mode
[ 115.882101][ T5869] bridge_slave_0: entered promiscuous mode
[ 115.933386][ T5869] bridge0: port 2(bridge_slave_1) entered blocking state
[ 115.933490][ T5869] bridge0: port 2(bridge_slave_1) entered disabled state
[ 115.933621][ T5869] bridge_slave_1: entered allmulticast mode
[ 115.935987][ T5869] bridge_slave_1: entered promiscuous mode
[ 116.148511][ T5869] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 116.162256][ T5869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 116.309047][ T5869] team0: Port device team_slave_0 added
[ 116.311905][ T5869] team0: Port device team_slave_1 added
[ 116.555369][ T5869] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 116.555381][ T5869] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 116.555394][ T5869] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 116.558219][ T5869] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 116.558233][ T5869] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 116.558250][ T5869] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 116.790394][ T5869] hsr_slave_0: entered promiscuous mode
[ 116.791342][ T5869] hsr_slave_1: entered promiscuous mode
[ 117.177474][ T5869] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 117.222879][ T5869] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 117.256587][ T5869] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 117.297428][ T5869] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 117.414865][ T5869] 8021q: adding VLAN 0 to HW filter on device bond0
[ 117.511205][ T5869] 8021q: adding VLAN 0 to HW filter on device team0
[ 117.525536][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 117.526359][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 117.548903][ T1830] bridge0: port 2(bridge_slave_1) entered blocking state
[ 117.549043][ T1830] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 117.774731][ T5869] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 117.825477][ T5869] veth0_vlan: entered promiscuous mode
[ 117.831978][ T5869] veth1_vlan: entered promiscuous mode
[ 117.875035][ T5869] veth0_macvtap: entered promiscuous mode
[ 117.878799][ T5869] veth1_macvtap: entered promiscuous mode
[ 117.898725][ T5869] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 117.915945][ T5869] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 117.935888][ T1107] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 117.935955][ T1107] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 117.938565][ T1107] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 117.941024][ T1107] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 118.728504][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 118.957524][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 119.171816][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 119.497402][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 121.203639][ T12] bridge_slave_1: left allmulticast mode
[ 121.203831][ T12] bridge_slave_1: left promiscuous mode
[ 121.207244][ T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 121.314642][ T12] bridge_slave_0: left allmulticast mode
[ 121.314672][ T12] bridge_slave_0: left promiscuous mode
[ 121.314922][ T12] bridge0: port 1(bridge_slave_0) entered disabled state
2025/12/09 14:11:50 executed programs: 0
[ 121.667628][ T5119] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 121.674019][ T5119] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 121.677843][ T5119] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 121.679081][ T5119] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 121.679883][ T5119] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 123.083980][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 123.143813][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 123.185338][ T12] bond0 (unregistering): Released all slaves
[ 123.513172][ T12] hsr_slave_0: left promiscuous mode
[ 123.553157][ T12] hsr_slave_1: left promiscuous mode
[ 123.555672][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 123.555745][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 123.597887][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 123.597915][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 123.717696][ T12] veth1_macvtap: left promiscuous mode
[ 123.717922][ T12] veth0_macvtap: left promiscuous mode
[ 123.718215][ T12] veth1_vlan: left promiscuous mode
[ 123.718509][ T12] veth0_vlan: left promiscuous mode
[ 123.766025][ T5119] Bluetooth: hci0: command tx timeout
[ 125.723719][ T12] team0 (unregistering): Port device team_slave_1 removed
[ 125.843188][ T5119] Bluetooth: hci0: command tx timeout
[ 125.953923][ T12] team0 (unregistering): Port device team_slave_0 removed
[ 127.923224][ T5119] Bluetooth: hci0: command tx timeout
[ 128.319119][ T5937] chnl_net:caif_netlink_parms(): no params data found
[ 128.706033][ T5937] bridge0: port 1(bridge_slave_0) entered blocking state
[ 128.706225][ T5937] bridge0: port 1(bridge_slave_0) entered disabled state
[ 128.706399][ T5937] bridge_slave_0: entered allmulticast mode
[ 128.708489][ T5937] bridge_slave_0: entered promiscuous mode
[ 128.712555][ T5937] bridge0: port 2(bridge_slave_1) entered blocking state
[ 128.712687][ T5937] bridge0: port 2(bridge_slave_1) entered disabled state
[ 128.712797][ T5937] bridge_slave_1: entered allmulticast mode
[ 128.725652][ T5937] bridge_slave_1: entered promiscuous mode
[ 128.980199][ T5937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 128.984992][ T5937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 129.277721][ T5937] team0: Port device team_slave_0 added
[ 129.281338][ T5937] team0: Port device team_slave_1 added
[ 129.787012][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 129.787029][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 129.787049][ T5937] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 129.789233][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 129.789247][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 129.789267][ T5937] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 130.003175][ T5119] Bluetooth: hci0: command tx timeout
[ 130.054253][ T5937] hsr_slave_0: entered promiscuous mode
[ 130.055508][ T5937] hsr_slave_1: entered promiscuous mode
[ 131.961909][ T5937] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 131.999273][ T5937] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 132.036339][ T5937] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 132.080054][ T5937] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 132.234533][ T5937] 8021q: adding VLAN 0 to HW filter on device bond0
[ 132.266296][ T5937] 8021q: adding VLAN 0 to HW filter on device team0
[ 132.283986][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 132.284186][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 132.323044][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 132.323200][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 132.638022][ T5937] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 132.722520][ T5937] veth0_vlan: entered promiscuous mode
[ 132.741078][ T5937] veth1_vlan: entered promiscuous mode
[ 132.788390][ T5937] veth0_macvtap: entered promiscuous mode
[ 132.801764][ T5937] veth1_macvtap: entered promiscuous mode
[ 132.845029][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 132.868375][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 132.893749][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 132.894241][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 132.919454][ T1107] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 132.919501][ T1107] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 132.919533][ T1107] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 132.919564][ T1107] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 133.154607][ T2150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 133.154628][ T2150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 133.231512][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 133.231533][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/12/09 14:12:02 executed programs: 2
[ 133.758566][ T6076] loop0: detected capacity change from 0 to 32768
[ 133.905552][ T6076] JBD2: Ignoring recovery information on journal
[ 134.068339][ T6076] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 134.109488][ T1482] (kworker/u8:15,1482,0):ocfs2_read_blocks_sync:112 ERROR: status = -12
[ 134.109518][ T1482] (kworker/u8:15,1482,0):ocfs2_read_locked_inode:599 ERROR: status = -12
[ 134.110259][ T1482] ==================================================================
[ 134.110271][ T1482] BUG: KASAN: slab-use-after-free in ocfs2_check_dir_entry+0x3a0/0x480
[ 134.110308][ T1482] Read of size 2 at addr ffff888039b4f780 by task kworker/u8:15/1482
[ 134.110323][ T1482]
[ 134.110344][ T1482] CPU: 0 UID: 0 PID: 1482 Comm: kworker/u8:15 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 134.110364][ T1482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 134.110375][ T1482] Workqueue: ocfs2_wq ocfs2_complete_recovery
[ 134.110407][ T1482] Call Trace:
[ 134.110420][ T1482]
[ 134.110427][ T1482] dump_stack_lvl+0x189/0x250
[ 134.110449][ T1482] ? __kasan_check_byte+0x12/0x40
[ 134.110474][ T1482] ? __pfx_dump_stack_lvl+0x10/0x10
[ 134.110494][ T1482] ? lock_release+0x4b/0x3b0
[ 134.110518][ T1482] ? __virt_addr_valid+0x4a5/0x5c0
[ 134.110542][ T1482] print_report+0xca/0x240
[ 134.110561][ T1482] ? ocfs2_check_dir_entry+0x3a0/0x480
[ 134.110579][ T1482] kasan_report+0x118/0x150
[ 134.110602][ T1482] ? ocfs2_check_dir_entry+0x3a0/0x480
[ 134.110624][ T1482] ocfs2_check_dir_entry+0x3a0/0x480
[ 134.110645][ T1482] ? __pfx_ocfs2_check_dir_entry+0x10/0x10
[ 134.110663][ T1482] ? __pfx_ocfs2_read_inode_block+0x10/0x10
[ 134.110680][ T1482] ? ocfs2_orphan_filldir+0x189/0x500
[ 134.110701][ T1482] ocfs2_dir_foreach_blk+0xfff/0x1420
[ 134.110727][ T1482] ? kthread_data+0x4f/0xc0
[ 134.110745][ T1482] ? __pfx_ocfs2_dir_foreach_blk+0x10/0x10
[ 134.110763][ T1482] ? wq_worker_running+0x9c/0x200
[ 134.110783][ T1482] ? inode_query_iversion+0x11a/0x170
[ 134.110802][ T1482] ? __pfx_inode_query_iversion+0x10/0x10
[ 134.110819][ T1482] ? rwbase_write_lock+0x56f/0x750
[ 134.110841][ T1482] ? rt_spin_unlock+0x150/0x200
[ 134.110857][ T1482] ocfs2_dir_foreach+0x42/0x70
[ 134.110874][ T1482] ocfs2_complete_recovery+0xc37/0x20b0
[ 134.110891][ T1482] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 134.110918][ T1482] ? __pfx_ocfs2_complete_recovery+0x10/0x10
[ 134.110936][ T1482] ? stack_trace_save+0x9c/0xe0
[ 134.110954][ T1482] ? __pfx_ocfs2_orphan_filldir+0x10/0x10
[ 134.110976][ T1482] ? check_path+0x21/0x40
[ 134.110994][ T1482] ? lockdep_unlock+0x89/0x120
[ 134.111020][ T1482] ? __lock_acquire+0x146f/0x2cf0
[ 134.111053][ T1482] ? process_scheduled_works+0x9ef/0x1770
[ 134.111075][ T1482] ? _raw_spin_unlock_irq+0x23/0x50
[ 134.111094][ T1482] ? process_scheduled_works+0x9ef/0x1770
[ 134.111111][ T1482] ? process_scheduled_works+0x9ef/0x1770
[ 134.111130][ T1482] process_scheduled_works+0xad1/0x1770
[ 134.111160][ T1482] ? __pfx_process_scheduled_works+0x10/0x10
[ 134.111185][ T1482] worker_thread+0x8a0/0xda0
[ 134.111205][ T1482] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 134.111228][ T1482] ? __kthread_parkme+0x7b/0x200
[ 134.111252][ T1482] kthread+0x711/0x8a0
[ 134.111274][ T1482] ? __pfx_worker_thread+0x10/0x10
[ 134.111292][ T1482] ? __pfx_kthread+0x10/0x10
[ 134.111312][ T1482] ? rt_spin_unlock+0x150/0x200
[ 134.111330][ T1482] ? rt_spin_unlock+0x161/0x200
[ 134.111345][ T1482] ? __pfx_kthread+0x10/0x10
[ 134.111365][ T1482] ret_from_fork+0x599/0xb30
[ 134.111383][ T1482] ? __pfx_ret_from_fork+0x10/0x10
[ 134.111404][ T1482] ? __switch_to_asm+0x39/0x70
[ 134.111425][ T1482] ? __switch_to_asm+0x33/0x70
[ 134.111445][ T1482] ? __pfx_kthread+0x10/0x10
[ 134.111466][ T1482] ret_from_fork_asm+0x1a/0x30
[ 134.111494][ T1482]
[ 134.111501][ T1482]
[ 134.111505][ T1482] Allocated by task 16:
[ 134.111513][ T1482] kasan_save_track+0x3e/0x80
[ 134.111533][ T1482] __kasan_slab_alloc+0x6c/0x80
[ 134.111552][ T1482] kmem_cache_alloc_node_noprof+0x23c/0x6f0
[ 134.111573][ T1482] kmalloc_reserve+0xbd/0x290
[ 134.111593][ T1482] __alloc_skb+0x27e/0x430
[ 134.111611][ T1482] skb_copy+0x188/0x800
[ 134.111624][ T1482] mac80211_hwsim_tx_frame_no_nl+0xcd3/0x11c0
[ 134.111642][ T1482] mac80211_hwsim_tx_frame+0x1b5/0x200
[ 134.111660][ T1482] mac80211_hwsim_beacon_tx+0x3e8/0x870
[ 134.111677][ T1482] __iterate_interfaces+0x2ab/0x590
[ 134.111695][ T1482] ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[ 134.111713][ T1482] mac80211_hwsim_beacon+0xbb/0x180
[ 134.111734][ T1482] __hrtimer_run_queues+0x542/0xd00
[ 134.111750][ T1482] hrtimer_run_softirq+0x1a3/0x2e0
[ 134.111765][ T1482] handle_softirqs+0x226/0x6d0
[ 134.111782][ T1482] run_ktimerd+0xcf/0x190
[ 134.111799][ T1482] smpboot_thread_fn+0x542/0xa60
[ 134.111817][ T1482] kthread+0x711/0x8a0
[ 134.111835][ T1482] ret_from_fork+0x599/0xb30
[ 134.111849][ T1482] ret_from_fork_asm+0x1a/0x30
[ 134.111869][ T1482]
[ 134.111873][ T1482] Freed by task 13:
[ 134.111880][ T1482] kasan_save_track+0x3e/0x80
[ 134.111899][ T1482] kasan_save_free_info+0x4[ 134.111899][ T1482] kasan_save_free_info+0x46/0x50
[ 134.111916][ T1482] __kasan_slab_free+0x5c/0x80
[ 134.111935][ T1482] kmem_cache_free+0x18f/0x8d0
[ 134.111954][ T1482] skb_release_data+0x62d/0x7c0
[ 134.111973][ T1482] sk_skb_reason_drop+0x127/0x170
[ 134.111992][ T1482] ieee80211_iface_work+0xb2a/0x12d0
[ 134.112020][ T1482] cfg80211_wiphy_work+0x2ab/0x450
[ 134.112041][ T1482] process_scheduled_works+0xad1/0x1770
[ 134.112057][ T1482] worker_thread+0x8a0/0xda0
[ 134.112073][ T1482] kthread+0x711/0x8a0
[ 134.112091][ T1482] ret_from_fork+0x599/0xb30
[ 134.112105][ T1482] ret_from_fork_asm+0x1a/0x30
[ 134.112125][ T1482]
[ 134.112130][ T1482] The buggy address belongs to the object at ffff888039b4f740
[ 134.112130][ T1482] which belongs to the cache skbuff_small_head of size 704
[ 134.112144][ T1482] The buggy address is located 64 bytes inside of
[ 134.112144][ T1482] freed 704-byte region [ffff888039b4f740, ffff888039b4fa00)
[ 134.112161][ T1482]
[ 134.112165][ T1482] The buggy address belongs to the physical page:
[ 134.112187][ T1482] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x39b4c
[ 134.112203][ T1482] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 134.112217][ T1482] flags: 0x80000000000040(head|node=0|zone=1)
[ 134.112235][ T1482] page_type: f5(slab)
[ 134.112251][ T1482] raw: 0080000000000040 ffff88801bede140 dead000000000122 0000000000000000
[ 134.112263][ T1482] raw: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[ 134.112277][ T1482] head: 0080000000000040 ffff88801bede140 dead000000000122 0000000000000000
[ 134.112290][ T1482] head: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[ 134.112305][ T1482] head: 0080000000000002 ffffea0000e6d301 00000000ffffffff 00000000ffffffff
[ 134.112319][ T1482] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000004
[ 134.112327][ T1482] page dumped because: kasan: bad access detected
[ 134.112340][ T1482] page_owner tracks the page as allocated
[ 134.112346][ T1482] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 2150, tgid 2150 (kworker/u8:17), ts 133376242266, free_ts 132029573869
[ 134.112377][ T1482] post_alloc_hook+0x234/0x290
[ 134.112397][ T1482] get_page_from_freelist+0x28c0/0x2960
[ 134.112411][ T1482] __alloc_frozen_pages_noprof+0x181/0x370
[ 134.112426][ T1482] alloc_pages_mpol+0xd1/0x380
[ 134.112439][ T1482] allocate_slab+0x86/0x3b0
[ 134.112455][ T1482] ___slab_alloc+0xb10/0x1400
[ 134.112469][ T1482] __slab_alloc+0xc6/0x1f0
[ 134.112483][ T1482] kmem_cache_alloc_node_noprof+0x1b6/0x6f0
[ 134.112503][ T1482] kmalloc_reserve+0xbd/0x290
[ 134.112521][ T1482] __alloc_skb+0x27e/0x430
[ 134.112539][ T1482] inet6_rt_notify+0x170/0x470
[ 134.112555][ T1482] fib6_add_rt2node+0x187f/0x3470
[ 134.112571][ T1482] fib6_add+0x8da/0x18a0
[ 134.112584][ T1482] ip6_ins_rt+0xdf/0x150
[ 134.112603][ T1482] __ipv6_ifa_notify+0x62f/0xaa0
[ 134.112619][ T1482] addrconf_dad_completed+0x16f/0xd70
[ 134.112633][ T1482] page last free pid 6037 tgid 6037 stack trace:
[ 134.112643][ T1482] __free_frozen_pages+0xfe1/0x1170
[ 134.112663][ T1482] __slab_free+0x1c3/0x210
[ 134.112679][ T1482] qlist_free_all+0x97/0x100
[ 134.112696][ T1482] kasan_quarantine_reduce+0x148/0x160
[ 134.112714][ T1482] __kasan_slab_alloc+0x22/0x80
[ 134.112734][ T1482] kmem_cache_alloc_noprof+0x18d/0x6c0
[ 134.112753][ T1482] mas_alloc_nodes+0x291/0x350
[ 134.112769][ T1482] mas_preallocate+0x2e0/0x670
[ 134.112784][ T1482] commit_merge+0x1fa/0x620
[ 134.112799][ T1482] vma_expand+0x4a3/0xa10
[ 134.112813][ T1482] vma_merge_new_range+0x61b/0x7b0
[ 134.112828][ T1482] mmap_region+0xd7e/0x1d00
[ 134.112843][ T1482] do_mmap+0xc23/0x10c0
[ 134.112861][ T1482] vm_mmap_pgoff+0x2a9/0x4d0
[ 134.112878][ T1482] do_syscall_64+0xfa/0xf80
[ 134.112895][ T1482] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 134.112910][ T1482]
[ 134.112915][ T1482] Memory state around the buggy address:
[ 134.112927][ T1482] ffff888039b4f680: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 134.112936][ T1482] ffff888039b4f700: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[ 134.112945][ T1482] >ffff888039b4f780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 134.112952][ T1482] ^
[ 134.112960][ T1482] ffff888039b4f800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 134.112969][ T1482] ffff888039b4f880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 134.112976][ T1482] ==================================================================
[ 134.603134][ T1482] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 134.603160][ T1482] CPU: 1 UID: 0 PID: 1482 Comm: kworker/u8:15 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 134.603181][ T1482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 134.603193][ T1482] Workqueue: ocfs2_wq ocfs2_complete_recovery
[ 134.603224][ T1482] Call Trace:
[ 134.603231][ T1482]
[ 134.603239][ T1482] dump_stack_lvl+0x99/0x250
[ 134.603262][ T1482] ? __asan_memcpy+0x40/0x70
[ 134.603282][ T1482] ? __pfx_dump_stack_lvl+0x10/0x10
[ 134.603301][ T1482] ? __pfx__printk+0x10/0x10
[ 134.603322][ T1482] vpanic+0x237/0x6d0
[ 134.603343][ T1482] ? __pfx_vpanic+0x10/0x10
[ 134.603361][ T1482] ? preempt_schedule+0xae/0xc0
[ 134.603380][ T1482] ? __pfx_preempt_schedule+0x10/0x10
[ 134.603402][ T1482] panic+0xb9/0xc0
[ 134.603421][ T1482] ? __pfx_panic+0x10/0x10
[ 134.603442][ T1482] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 134.603465][ T1482] ? ocfs2_check_dir_entry+0x3a0/0x480
[ 134.603483][ T1482] check_panic_on_warn+0x89/0xb0
[ 134.603508][ T1482] ? ocfs2_check_dir_entry+0x3a0/0x480
[ 134.603525][ T1482] end_report+0x6f/0x140
[ 134.603547][ T1482] kasan_report+0x129/0x150
[ 134.603570][ T1482] ? ocfs2_check_dir_entry+0x3a0/0x480
[ 134.603591][ T1482] ocfs2_check_dir_entry+0x3a0/0x480
[ 134.603612][ T1482] ? __pfx_ocfs2_check_dir_entry+0x10/0x10
[ 134.603630][ T1482] ? __pfx_ocfs2_read_inode_block+0x10/0x10
[ 134.603648][ T1482] ? ocfs2_orphan_filldir+0x189/0x500
[ 134.603669][ T1482] ocfs2_dir_foreach_blk+0xfff/0x1420
[ 134.603694][ T1482] ? kthread_data+0x4f/0xc0
[ 134.603713][ T1482] ? __pfx_ocfs2_dir_foreach_blk+0x10/0x10
[ 134.603731][ T1482] ? wq_worker_running+0x9c/0x200
[ 134.603752][ T1482] ? inode_query_iversion+0x11a/0x170
[ 134.603769][ T1482] ? __pfx_inode_query_iversion+0x10/0x10
[ 134.603786][ T1482] ? rwbase_write_lock+0x56f/0x750
[ 134.603806][ T1482] ? rt_spin_unlock+0x150/0x200
[ 134.603824][ T1482] ocfs2_dir_foreach+0x42/0x70
[ 134.603843][ T1482] ocfs2_complete_recovery+0xc37/0x20b0
[ 134.603861][ T1482] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 134.603886][ T1482] ? __pfx_ocfs2_complete_recovery+0x10/0x10
[ 134.603904][ T1482] ? stack_trace_save+0x9c/0xe0
[ 134.603921][ T1482] ? __pfx_ocfs2_orphan_filldir+0x10/0x10
[ 134.603944][ T1482] ? check_path+0x21/0x40
[ 134.603961][ T1482] ? lockdep_unlock+0x89/0x120
[ 134.603980][ T1482] ? __lock_acquire+0x146f/0x2cf0
[ 134.604011][ T1482] ? process_scheduled_works+0x9ef/0x1770
[ 134.604033][ T1482] ? _raw_spin_unlock_irq+0x23/0x50
[ 134.604051][ T1482] ? process_scheduled_works+0x9ef/0x1770
[ 134.604069][ T1482] ? process_scheduled_works+0x9ef/0x1770
[ 134.604086][ T1482] process_scheduled_works+0xad1/0x1770
[ 134.604116][ T1482] ? __pfx_process_scheduled_works+0x10/0x10
[ 134.604141][ T1482] worker_thread+0x8a0/0xda0
[ 134.604160][ T1482] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 134.604183][ T1482] ? __kthread_parkme+0x7b/0x200
[ 134.604206][ T1482] kthread+0x711/0x8a0
[ 134.604233][ T1482] ? __pfx_worker_thread+0x10/0x10
[ 134.604251][ T1482] ? __pfx_kthread+0x10/0x10
[ 134.604270][ T1482] ? rt_spin_unlock+0x150/0x200
[ 134.604287][ T1482] ? rt_spin_unlock+0x161/0x200
[ 134.604302][ T1482] ? __pfx_kthread+0x10/0x10
[ 134.604323][ T1482] ret_from_fork+0x599/0xb30
[ 134.604341][ T1482] ? __pfx_ret_from_fork+0x10/0x10
[ 134.604363][ T1482] ? __switch_to_asm+0x39/0x70
[ 134.604383][ T1482] ? __switch_to_asm+0x33/0x70
[ 134.604403][ T1482] ? __pfx_kthread+0x10/0x10
[ 134.604424][ T1482] ret_from_fork_asm+0x1a/0x30
[ 134.604452][ T1482]
[ 134.604822][ T1482] Kernel Offset: disabled