Warning: Permanently added '10.128.0.82' (ED25519) to the list of known hosts.
2025/09/29 02:14:32 parsed 1 programs
[   86.860051][    T9] cfg80211: failed to load regulatory.db
[   87.148088][ T5841] cgroup: Unknown subsys name 'net'
[   87.390734][ T5841] cgroup: Unknown subsys name 'cpuset'
[   87.436567][ T5841] cgroup: Unknown subsys name 'rlimit'
[   89.156980][ T5841] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   95.058168][ T5887] chnl_net:caif_netlink_parms(): no params data found
[   95.456850][ T5887] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.458464][ T5887] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.458660][ T5887] bridge_slave_0: entered allmulticast mode
[   95.460220][ T5887] bridge_slave_0: entered promiscuous mode
[   95.493706][ T5887] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.493809][ T5887] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.493950][ T5887] bridge_slave_1: entered allmulticast mode
[   95.495413][ T5887] bridge_slave_1: entered promiscuous mode
[   95.683009][ T5887] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   95.685553][ T5887] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   95.799686][ T5887] team0: Port device team_slave_0 added
[   95.804586][ T5887] team0: Port device team_slave_1 added
[   95.987996][ T5887] batman_adv: batadv0: Adding interface: batadv_slave_0
[   95.988007][ T5887] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.988019][ T5887] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   95.990537][ T5887] batman_adv: batadv0: Adding interface: batadv_slave_1
[   95.990549][ T5887] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.990570][ T5887] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   96.363950][ T5887] hsr_slave_0: entered promiscuous mode
[   96.364976][ T5887] hsr_slave_1: entered promiscuous mode
[   96.731659][ T5887] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   96.762492][ T5887] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   96.779426][ T5887] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   96.819190][ T5887] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   96.951460][ T5887] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.005488][ T5887] 8021q: adding VLAN 0 to HW filter on device team0
[   97.017673][   T84] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.019325][   T84] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.029753][   T84] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.029891][   T84] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.265153][ T5887] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.309910][ T5887] veth0_vlan: entered promiscuous mode
[   97.319679][ T5887] veth1_vlan: entered promiscuous mode
[   97.359687][ T5887] veth0_macvtap: entered promiscuous mode
[   97.363637][ T5887] veth1_macvtap: entered promiscuous mode
[   97.399676][ T5887] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.408271][ T5887] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.432229][   T84] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.434038][   T84] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.434289][   T84] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.434324][   T84] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.110988][   T43] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.370827][   T43] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.601795][   T43] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.468849][   T43] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.474472][ T5931] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   99.475805][ T5931] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   99.477266][ T5931] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   99.478636][ T5931] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   99.479805][ T5931] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  100.087179][ T3595] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.087203][ T3595] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.153715][ T1051] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.153734][ T1051] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.583958][   T43] bridge_slave_1: left allmulticast mode
[  100.584086][   T43] bridge_slave_1: left promiscuous mode
[  100.586594][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.670042][   T43] bridge_slave_0: left allmulticast mode
[  100.670076][   T43] bridge_slave_0: left promiscuous mode
[  100.670345][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
2025/09/29 02:14:49 executed programs: 0
[  101.235692][ T5931] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  101.253199][ T5931] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  101.255073][ T5931] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  101.264646][ T5931] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  101.265368][ T5931] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  102.496903][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  102.557521][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  102.598762][   T43] bond0 (unregistering): Released all slaves
[  102.986141][   T43] hsr_slave_0: left promiscuous mode
[  103.028651][   T43] hsr_slave_1: left promiscuous mode
[  103.029781][   T43] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  103.029857][   T43] batman_adv: batadv0: Removing interface: batadv_slave_0
[  103.078141][   T43] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  103.078171][   T43] batman_adv: batadv0: Removing interface: batadv_slave_1
[  103.186762][   T43] veth1_macvtap: left promiscuous mode
[  103.186998][   T43] veth0_macvtap: left promiscuous mode
[  103.187327][   T43] veth1_vlan: left promiscuous mode
[  103.187634][   T43] veth0_vlan: left promiscuous mode
[  103.338199][ T5931] Bluetooth: hci0: command tx timeout
[  105.328112][   T43] team0 (unregistering): Port device team_slave_1 removed
[  105.416125][ T5931] Bluetooth: hci0: command tx timeout
[  105.516935][   T43] team0 (unregistering): Port device team_slave_0 removed
[  107.496076][ T5931] Bluetooth: hci0: command tx timeout
[  107.650621][ T5956] chnl_net:caif_netlink_parms(): no params data found
[  108.083821][ T5956] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.084044][ T5956] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.084237][ T5956] bridge_slave_0: entered allmulticast mode
[  108.108848][ T5956] bridge_slave_0: entered promiscuous mode
[  108.112453][ T5956] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.112663][ T5956] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.112890][ T5956] bridge_slave_1: entered allmulticast mode
[  108.115639][ T5956] bridge_slave_1: entered promiscuous mode
[  108.352875][ T5956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  108.363975][ T5956] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  108.580532][ T5956] team0: Port device team_slave_0 added
[  108.662874][ T5956] team0: Port device team_slave_1 added
[  108.872409][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_0
[  108.872426][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.872449][ T5956] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  108.878111][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_1
[  108.878127][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.878151][ T5956] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  109.547083][ T5956] hsr_slave_0: entered promiscuous mode
[  109.548264][ T5956] hsr_slave_1: entered promiscuous mode
[  109.578837][ T5931] Bluetooth: hci0: command tx timeout
[  112.026264][ T5956] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  112.098576][ T5956] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  112.176553][ T5956] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  112.263594][ T5956] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  112.514565][ T5956] 8021q: adding VLAN 0 to HW filter on device bond0
[  112.557663][ T5956] 8021q: adding VLAN 0 to HW filter on device team0
[  112.575477][ T3595] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.576135][ T3595] bridge0: port 1(bridge_slave_0) entered forwarding state
[  112.605428][ T3595] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.607596][ T3595] bridge0: port 2(bridge_slave_1) entered forwarding state
[  112.961397][ T5956] 8021q: adding VLAN 0 to HW filter on device batadv0
[  113.045810][ T5956] veth0_vlan: entered promiscuous mode
[  113.059347][ T5956] veth1_vlan: entered promiscuous mode
[  113.105295][ T5956] veth0_macvtap: entered promiscuous mode
[  113.120142][ T5956] veth1_macvtap: entered promiscuous mode
[  113.157024][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_0
[  113.170838][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_1
[  113.185289][ T3579] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.185564][ T3579] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.185816][ T3579] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  113.185851][ T3579] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.450456][ T3579] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  113.450476][ T3579] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  113.527192][ T3595] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  113.527212][ T3595] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/09/29 02:15:01 executed programs: 2
[  114.028949][ T6104] loop0: detected capacity change from 0 to 32768
[  114.284276][ T6104] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_[  114.284276][ T6104] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  114.284294][ T6104]   allowing incompatible features above 0.0: (unknown version)
[  114.284303][ T6104]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  114.284329][ T6104] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  114.289778][ T6104] bcachefs (loop0): invalid bkey in superblock btree=extents level=1: u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0
[  114.289796][ T6104]   pointer before first bucket (27 < 1024), deleting
[  114.290049][ T6104] ==================================================================
[  114.290064][ T6104] BUG: KASAN: use-after-free in bch2_extent_ptr_to_text+0x883/0x890
[  114.290094][ T6104] Read of size 1 at addr ffff8880992caf4e by task syz.0.17/6104
[  114.290109][ T6104] 
[  114.290131][ T6104] CPU: 0 UID: 0 PID: 6104 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  114.290151][ T6104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  114.290168][ T6104] Call Trace:
[  114.290174][ T6104]  <TASK>
[  114.290181][ T6104]  dump_stack_lvl+0x189/0x250
[  114.290205][ T6104]  ? __virt_addr_valid+0x1c8/0x5c0
[  114.290220][ T6104]  ? rcu_is_watching+0x15/0xb0
[  114.290243][ T6104]  ? __kasan_check_byte+0x12/0x40
[  114.290264][ T6104]  ? __pfx_dump_stack_lvl+0x10/0x10
[  114.290286][ T6104]  ? rcu_is_watching+0x15/0xb0
[  114.290307][ T6104]  ? lock_release+0x4b/0x3e0
[  114.290330][ T6104]  ? __virt_addr_valid+0x1c8/0x5c0
[  114.290344][ T6104]  ? __virt_addr_valid+0x4a5/0x5c0
[  114.290365][ T6104]  print_report+0xca/0x240
[  114.290386][ T6104]  ? bch2_extent_ptr_to_text+0x883/0x890
[  114.290406][ T6104]  kasan_report+0x118/0x150
[  114.290427][ T6104]  ? bch2_extent_ptr_to_text+0x883/0x890
[  114.290449][ T6104]  ? bch2_extent_ptr_to_text+0x5a/0x890
[  114.290469][ T6104]  bch2_extent_ptr_to_text+0x883/0x890
[  114.290493][ T6104]  bch2_bkey_ptrs_to_text+0xd75/0x1310
[  114.290514][ T6104]  ? bch2_bkey_ptrs_to_text+0x392/0x1310
[  114.290537][ T6104]  __bch2_bkey_fsck_err+0x3f7/0x540
[  114.290557][ T6104]  ? __pfx___bch2_bkey_fsck_err+0x10/0x10
[  114.290576][ T6104]  ? __lock_acquire+0xab9/0xd20
[  114.290599][ T6104]  ? bch2_bkey_ptrs_validate+0xb5a/0x24c0
[  114.290620][ T6104]  ? bch2_bkey_ptrs_validate+0xb5a/0x24c0
[  114.290639][ T6104]  bch2_bkey_ptrs_validate+0x1d56/0x24c0
[  114.290670][ T6104]  ? __pfx_bch2_bkey_ptrs_validate+0x10/0x10
[  114.290689][ T6104]  ? __bch2_bkey_compat+0xb1a/0xbd0
[  114.290716][ T6104]  bch2_btree_ptr_v2_validate+0x406/0x8d0
[  114.290737][ T6104]  ? __pfx_bch2_btree_ptr_v2_validate+0x10/0x10
[  114.290761][ T6104]  ? __pfx_bch2_btree_ptr_v2_validate+0x10/0x10
[  114.290780][ T6104]  bch2_bkey_validate+0x291/0x4e0
[  114.290803][ T6104]  ? __pfx_bch2_bkey_validate+0x10/0x10
[  114.290824][ T6104]  ? __lock_acquire+0xab9/0xd20
[  114.290848][ T6104]  journal_validate_key+0x631/0xe50
[  114.290871][ T6104]  ? __pfx_journal_validate_key+0x10/0x10
[  114.290889][ T6104]  ? do_raw_spin_lock+0x121/0x290
[  114.290911][ T6104]  ? bch2_printbuf_exit+0x6f/0xb0
[  114.290931][ T6104]  ? rcu_is_watching+0x15/0xb0
[  114.290952][ T6104]  ? bch2_printbuf_exit+0x6f/0xb0
[  114.290970][ T6104]  ? kfree+0x4d/0x550
[  114.290988][ T6104]  ? bch2_replicas_entry_validate+0x375/0x4d0
[  114.291011][ T6104]  ? bch2_printbuf_exit+0x6f/0xb0
[  114.291031][ T6104]  ? journal_entry_data_usage_validate+0x495/0x680
[  114.291052][ T6104]  journal_entry_btree_root_validate+0x22a/0x620
[  114.291071][ T6104]  ? __pfx_journal_entry_clock_validate+0x10/0x10
[  114.291090][ T6104]  ? __pfx_journal_entry_btree_root_validate+0x10/0x10
[  114.291107][ T6104]  ? journal_entry_btree_keys_validate+0x2eb/0x3e0
[  114.291125][ T6104]  ? do_syscall_64+0xfa/0x3b0
[  114.291140][ T6104]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.291158][ T6104]  ? __pfx_journal_entry_btree_keys_validate+0x10/0x10
[  114.291182][ T6104]  bch2_journal_entry_validate+0x15b/0x220
[  114.291200][ T6104]  ? __pfx_bch2_journal_entry_validate+0x10/0x10
[  114.291222][ T6104]  bch2_sb_clean_validate_late+0x16c/0x330
[  114.291249][ T6104]  bch2_read_superblock_clean+0xd9/0x260
[  114.291271][ T6104]  ? bch2_fs_recovery+0x13d/0x3a50
[  114.291289][ T6104]  bch2_fs_recovery+0x158/0x3a50
[  114.291306][ T6104]  ? __kernel_text_address+0xd/0x40
[  114.291323][ T6104]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  114.291341][ T6104]  ? arch_stack_walk+0xfc/0x150
[  114.291368][ T6104]  ? __bfs+0x154/0x2a0
[  114.291387][ T6104]  ? __pfx_hlock_conflict+0x10/0x10
[  114.291405][ T6104]  ? check_path+0x21/0x40
[  114.291419][ T6104]  ? __pfx_bch2_fs_recovery+0x10/0x10
[  114.291436][ T6104]  ? lockdep_unlock+0x89/0x120
[  114.291454][ T6104]  ? validate_chain+0x897/0x2140
[  114.291478][ T6104]  ? __lock_acquire+0xab9/0xd20
[  114.291501][ T6104]  ? do_raw_spin_lock+0x121/0x290
[  114.291522][ T6104]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  114.291545][ T6104]  ? lockdep_hardirqs_on+0x9c/0x150
[  114.291568][ T6104]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  114.291590][ T6104]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  114.291613][ T6104]  ? do_raw_spin_lock+0x121/0x290
[  114.291633][ T6104]  ? rt_mutex_slowunlock+0x493/0x8a0
[  114.291650][ T6104]  ? lockdep_hardirqs_on+0x9c/0x150
[  114.291673][ T6104]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  114.291695][ T6104]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  114.291714][ T6104]  ? bch2_fs_start+0xa0f/0xda0
[  114.291734][ T6104]  bch2_fs_start+0xaaf/0xda0
[  114.291753][ T6104]  ? bch2_fs_start+0x5e7/0xda0
[  114.291772][ T6104]  ? __pfx_bch2_fs_start+0x10/0x10
[  114.291799][ T6104]  ? sget+0x267/0x620
[  114.291818][ T6104]  bch2_fs_get_tree+0xb39/0x1520
[  114.291847][ T6104]  ? __pfx_bch2_fs_get_tree+0x10/0x10
[  114.291875][ T6104]  ? __pfx_vfs_parse_comma_sep+0x10/0x10
[  114.291899][ T6104]  ? rcu_is_watching+0x15/0xb0
[  114.291920][ T6104]  ? cap_capable+0x11f/0x460
[  114.291939][ T6104]  ? safesetid_security_capable+0xa9/0x1a0
[  114.291961][ T6104]  vfs_get_tree+0x8f/0x2b0
[  114.291982][ T6104]  do_new_mount+0x2a2/0x9e0
[  114.292004][ T6104]  ? ns_capable+0x8a/0xf0
[  114.292022][ T6104]  ? __pfx_do_new_mount+0x10/0x10
[  114.292042][ T6104]  ? path_mount+0x61c/0xfe0
[  114.292066][ T6104]  __se_sys_mount+0x317/0x410
[  114.292089][ T6104]  ? __pfx___se_sys_mount+0x10/0x10
[  114.292129][ T6104]  ? do_syscall_64+0xbe/0x3b0
[  114.292144][ T6104]  ? __x64_sys_mount+0x20/0xc0
[  114.292166][ T6104]  do_syscall_64+0xfa/0x3b0
[  114.292181][ T6104]  ? lockdep_hardirqs_on+0x9c/0x150
[  114.292202][ T6104]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.292218][ T6104]  ? clear_bhb_loop+0x60/0xb0
[  114.292235][ T6104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.292252][ T6104] RIP: 0033:0x7fa145eb066a
[  114.292271][ T6104] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.292285][ T6104] RSP: 002b:00007fa145515e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  114.292311][ T6104] RAX: ffffffffffffffda RBX: 00007fa145515ef0 RCX: 00007fa145eb066a
[  114.292324][ T6104] RDX: 0000200000005b40 RSI: 0000200000000000 RDI: 00007fa145515eb0
[  114.292336][ T6104] RBP: 0000200000005b40 R08: 00007fa145515ef0 R09: 0000000000000000
[  114.292347][ T6104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000000
[  114.292364][ T6104] R13: 00007fa145515eb0 R14: 000000000000594b R15: 0000200000000080
[  114.292383][ T6104]  </TASK>
[  114.292389][ T6104] 
[  114.292393][ T6104] The buggy address belongs to the physical page:
[  114.292413][ T6104] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x992ca
[  114.292431][ T6104] flags: 0x80000000000000(node=0|zone=1)
[  114.292455][ T6104] raw: 0080000000000000 ffffea000264b288 ffffea000264b288 0000000000000000
[  114.292469][ T6104] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  114.292477][ T6104] page dumped because: kasan: bad access detected
[  114.292492][ T6104] page_owner info is not present (never set?)
[  114.292502][ T6104] 
[  114.292506][ T6104] Memory state around the buggy address:
[  114.292514][ T6104]  ffff8880992cae00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  114.292525][ T6104]  ffff8880992cae80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  114.292536][ T6104] >ffff8880992caf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  114.292544][ T6104]                                               ^
[  114.292553][ T6104]  ffff8880992caf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  114.292564][ T6104]  ffff8880992cb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  114.292572][ T6104] ==================================================================
[  114.292586][ T6104] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  114.292598][ T6104] CPU: 0 UID: 0 PID: 6104 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  114.292617][ T6104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  114.292626][ T6104] Call Trace:
[  114.292632][ T6104]  <TASK>
[  114.292638][ T6104]  dump_stack_lvl+0x99/0x250
[  114.292660][ T6104]  ? __asan_memcpy+0x40/0x70
[  114.292678][ T6104]  ? __pfx_dump_stack_lvl+0x10/0x10
[  114.292699][ T6104]  ? __pfx__printk+0x10/0x10
[  114.292719][ T6104]  vpanic+0x281/0x750
[  114.292741][ T6104]  ? __pfx_print_hex_dump+0x10/0x10
[  114.292765][ T6104]  ? __pfx_vpanic+0x10/0x10
[  114.292791][ T6104]  panic+0xb9/0xc0
[  114.292811][ T6104]  ? __pfx_panic+0x10/0x10
[  114.292832][ T6104]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  114.292855][ T6104]  ? lockdep_hardirqs_on+0x9c/0x150
[  114.292878][ T6104]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  114.292903][ T6104]  ? bch2_extent_ptr_to_text+0x883/0x890
[  114.292923][ T6104]  check_panic_on_warn+0x89/0xb0
[  114.292939][ T6104]  ? bch2_extent_ptr_to_text+0x883/0x890
[  114.292959][ T6104]  end_report+0x78/0x160
[  114.292978][ T6104]  kasan_report+0x129/0x150
[  114.293000][ T6104]  ? bch2_extent_ptr_to_text+0x883/0x890
[  114.293023][ T6104]  ? bch2_extent_ptr_to_text+0x5a/0x890
[  114.293043][ T6104]  bch2_extent_ptr_to_text+0x883/0x890
[  114.293067][ T6104]  bch2_bkey_ptrs_to_text+0xd75/0x1310
[  114.293088][ T6104]  ? bch2_bkey_ptrs_to_text+0x392/0x1310
[  114.293110][ T6104]  __bch2_bkey_fsck_err+0x3f7/0x540
[  114.293130][ T6104]  ? __pfx___bch2_bkey_fsck_err+0x10/0x10
[  114.293148][ T6104]  ? __lock_acquire+0xab9/0xd20
[  114.293172][ T6104]  ? bch2_bkey_ptrs_validate+0xb5a/0x24c0
[  114.293193][ T6104]  ? bch2_bkey_ptrs_validate+0xb5a/0x24c0
[  114.293212][ T6104]  bch2_bkey_ptrs_validate+0x1d56/0x24c0
[  114.293243][ T6104]  ? __pfx_bch2_bkey_ptrs_validate+0x10/0x10
[  114.293263][ T6104]  ? __bch2_bkey_compat+0xb1a/0xbd0
[  114.293288][ T6104]  bch2_btree_ptr_v2_validate+0x406/0x8d0
[  114.293310][ T6104]  ? __pfx_bch2_btree_ptr_v2_validate+0x10/0x10
[  114.293334][ T6104]  ? __pfx_bch2_btree_ptr_v2_validate+0x10/0x10
[  114.293353][ T6104]  bch2_bkey_validate+0x291/0x4e0
[  114.293382][ T6104]  ? __pfx_bch2_bkey_validate+0x10/0x10
[  114.293403][ T6104]  ? __lock_acquire+0xab9/0xd20
[  114.293427][ T6104]  journal_validate_key+0x631/0xe50
[  114.293449][ T6104]  ? __pfx_journal_validate_key+0x10/0x10
[  114.293468][ T6104]  ? do_raw_spin_lock+0x121/0x290
[  114.293489][ T6104]  ? bch2_printbuf_exit+0x6f/0xb0
[  114.293508][ T6104]  ? rcu_is_watching+0x15/0xb0
[  114.293529][ T6104]  ? bch2_printbuf_exit+0x6f/0xb0
[  114.293547][ T6104]  ? kfree+0x4d/0x550
[  114.293565][ T6104]  ? bch2_replicas_entry_validate+0x375/0x4d0
[  114.293587][ T6104]  ? bch2_printbuf_exit+0x6f/0xb0
[  114.293607][ T6104]  ? journal_entry_data_usage_validate+0x495/0x680
[  114.293628][ T6104]  journal_entry_btree_root_validate+0x22a/0x620
[  114.293646][ T6104]  ? __pfx_journal_entry_clock_validate+0x10/0x10
[  114.293666][ T6104]  ? __pfx_journal_entry_btree_root_validate+0x10/0x10
[  114.293683][ T6104]  ? journal_entry_btree_keys_validate+0x2eb/0x3e0
[  114.293701][ T6104]  ? do_syscall_64+0xfa/0x3b0
[  114.293716][ T6104]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.293733][ T6104]  ? __pfx_journal_entry_btree_keys_validate+0x10/0x10
[  114.293757][ T6104]  bch2_journal_entry_validate+0x15b/0x220
[  114.293776][ T6104]  ? __pfx_bch2_journal_entry_validate+0x10/0x10
[  114.293798][ T6104]  bch2_sb_clean_validate_late+0x16c/0x330
[  114.293825][ T6104]  bch2_read_superblock_clean+0xd9/0x260
[  114.293847][ T6104]  ? bch2_fs_recovery+0x13d/0x3a50
[  114.293865][ T6104]  bch2_fs_recovery+0x158/0x3a50
[  114.293882][ T6104]  ? __kernel_text_address+0xd/0x40
[  114.293899][ T6104]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  114.293916][ T6104]  ? arch_stack_walk+0xfc/0x150
[  114.293937][ T6104]  ? __bfs+0x154/0x2a0
[  114.293955][ T6104]  ? __pfx_hlock_conflict+0x10/0x10
[  114.293972][ T6104]  ? check_path+0x21/0x40
[  114.293987][ T6104]  ? __pfx_bch2_fs_recovery+0x10/0x10
[  114.294005][ T6104]  ? lockdep_unlock+0x89/0x120
[  114.294022][ T6104]  ? validate_chain+0x897/0x2140
[  114.294047][ T6104]  ? __lock_acquire+0xab9/0xd20
[  114.294069][ T6104]  ? do_raw_spin_lock+0x121/0x290
[  114.294091][ T6104]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  114.294114][ T6104]  ? lockdep_hardirqs_on+0x9c/0x150
[  114.294136][ T6104]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  114.294158][ T6104]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  114.294181][ T6104]  ? do_raw_spin_lock+0x121/0x290
[  114.294202][ T6104]  ? rt_mutex_slowunlock+0x493/0x8a0
[  114.294219][ T6104]  ? lockdep_hardirqs_on+0x9c/0x150
[  114.294241][ T6104]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  114.294264][ T6104]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  114.294282][ T6104]  ? bch2_fs_start+0xa0f/0xda0
[  114.294304][ T6104]  bch2_fs_start+0xaaf/0xda0
[  114.294322][ T6104]  ? bch2_fs_start+0x5e7/0xda0
[  114.294342][ T6104]  ? __pfx_bch2_fs_start+0x10/0x10
[  114.294374][ T6104]  ? sget+0x267/0x620
[  114.294393][ T6104]  bch2_fs_get_tree+0xb39/0x1520
[  114.294421][ T6104]  ? __pfx_bch2_fs_get_tree+0x10/0x10
[  114.294449][ T6104]  ? __pfx_vfs_parse_comma_sep+0x10/0x10
[  114.294472][ T6104]  ? rcu_is_watching+0x15/0xb0
[  114.294494][ T6104]  ? cap_capable+0x11f/0x460
[  114.294512][ T6104]  ? safesetid_security_capable+0xa9/0x1a0
[  114.294534][ T6104]  vfs_get_tree+0x8f/0x2b0
[  114.294555][ T6104]  do_new_mount+0x2a2/0x9e0
[  114.294576][ T6104]  ? ns_capable+0x8a/0xf0
[  114.294594][ T6104]  ? __pfx_do_new_mount+0x10/0x10
[  114.294614][ T6104]  ? path_mount+0x61c/0xfe0
[  114.294639][ T6104]  __se_sys_mount+0x317/0x410
[  114.294662][ T6104]  ? __pfx___se_sys_mount+0x10/0x10
[  114.294685][ T6104]  ? do_syscall_64+0xbe/0x3b0
[  114.294699][ T6104]  ? __x64_sys_mount+0x20/0xc0
[  114.294721][ T6104]  do_syscall_64+0xfa/0x3b0
[  114.294736][ T6104]  ? lockdep_hardirqs_on+0x9c/0x150
[  114.294758][ T6104]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.294774][ T6104]  ? clear_bhb_loop+0x60/0xb0
[  114.294791][ T6104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.294807][ T6104] RIP: 0033:0x7fa145eb066a
[  114.294819][ T6104] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.294832][ T6104] RSP: 002b:00007fa145515e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  114.294848][ T6104] RAX: ffffffffffffffda RBX: 00007fa145515ef0 RCX: 00007fa145eb066a
[  114.294861][ T6104] RDX: 0000200000005b40 RSI: 0000200000000000 RDI: 00007fa145515eb0
[  114.294873][ T6104] RBP: 0000200000005b40 R08: 00007fa145515ef0 R09: 0000000000000000
[  114.294885][ T6104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000000
[  114.294895][ T6104] R13: 00007fa145515eb0 R14: 000000000000594b R15: 0000200000000080
[  114.294914][ T6104]  </TASK>
[  114.295172][ T6104] Kernel Offset: disabled