Warning: Permanently added '[localhost]:35438' (ED25519) to the list of known hosts.
2025/03/05 12:26:14 ignoring optional flag "sandboxArg"="0"
2025/03/05 12:26:16 parsed 1 programs
[ 125.550415][ T5603] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 131.196252][ T1033] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 131.218467][ T1033] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 131.249519][ T1033] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 131.253161][ T1033] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 131.577350][ T5647] chnl_net:caif_netlink_parms(): no params data found
[ 131.630079][ T5647] bridge0: port 1(bridge_slave_0) entered blocking state
[ 131.633475][ T5647] bridge0: port 1(bridge_slave_0) entered disabled state
[ 131.636652][ T5647] bridge_slave_0: entered allmulticast mode
[ 131.641125][ T5647] bridge_slave_0: entered promiscuous mode
[ 131.646051][ T5647] bridge0: port 2(bridge_slave_1) entered blocking state
[ 131.650414][ T5647] bridge0: port 2(bridge_slave_1) entered disabled state
[ 131.653525][ T5647] bridge_slave_1: entered allmulticast mode
[ 131.656677][ T5647] bridge_slave_1: entered promiscuous mode
[ 131.676421][ T5647] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 131.683116][ T5647] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 131.704083][ T5647] team0: Port device team_slave_0 added
[ 131.711770][ T5647] team0: Port device team_slave_1 added
[ 131.726764][ T5647] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 131.730723][ T5647] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 131.743064][ T5647] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 131.751545][ T5647] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 131.754489][ T5647] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 131.766579][ T5647] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 131.791769][ T5647] hsr_slave_0: entered promiscuous mode
[ 131.795230][ T5647] hsr_slave_1: entered promiscuous mode
[ 132.386327][ T5647] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 132.412143][ T5647] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 132.421536][ T5647] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 132.437053][ T5647] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 132.554865][ T5647] 8021q: adding VLAN 0 to HW filter on device bond0
[ 132.579673][ T5647] 8021q: adding VLAN 0 to HW filter on device team0
[ 132.604877][ T1079] bridge0: port 1(bridge_slave_0) entered blocking state
[ 132.608013][ T1079] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 132.620448][ T1079] bridge0: port 2(bridge_slave_1) entered blocking state
[ 132.623552][ T1079] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 132.678002][ T5647] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 132.699253][ T5647] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 132.932062][ T5647] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 133.010300][ T5647] veth0_vlan: entered promiscuous mode
[ 133.032448][ T5647] veth1_vlan: entered promiscuous mode
[ 133.075604][ T5647] veth0_macvtap: entered promiscuous mode
[ 133.091821][ T5647] veth1_macvtap: entered promiscuous mode
[ 133.125691][ T5647] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 133.147789][ T5647] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 133.160887][ T5647] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 133.164641][ T5647] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 133.179938][ T5647] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 133.184236][ T5647] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 133.521571][ T46] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 133.651040][ T46] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 133.783620][ T46] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 133.832187][ T4663] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 133.836869][ T4663] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 133.842878][ T4663] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 133.849991][ T4663] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 133.853453][ T4663] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 133.857455][ T4663] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 134.681881][ T46] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 136.236971][ T46] bridge_slave_1: left allmulticast mode
[ 136.248960][ T46] bridge_slave_1: left promiscuous mode
[ 136.253288][ T46] bridge0: port 2(bridge_slave_1) entered disabled state
[ 136.280552][ T46] bridge_slave_0: left allmulticast mode
[ 136.283273][ T46] bridge_slave_0: left promiscuous mode
[ 136.285687][ T46] bridge0: port 1(bridge_slave_0) entered disabled state
2025/03/05 12:26:32 executed programs: 0
[ 136.861494][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 136.880071][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 136.884675][ T48] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 136.891417][ T48] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 136.895442][ T48] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 136.901513][ T48] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 136.905307][ T48] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 136.909168][ T48] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 136.930121][ T46] bond0 (unregistering): Released all slaves
[ 137.035884][ T46] hsr_slave_0: left promiscuous mode
[ 137.059381][ T46] hsr_slave_1: left promiscuous mode
[ 137.067394][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 137.078958][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 137.082808][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 137.087089][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 137.104079][ T46] veth1_macvtap: left promiscuous mode
[ 137.107934][ T46] veth0_macvtap: left promiscuous mode
[ 137.119981][ T46] veth1_vlan: left promiscuous mode
[ 137.122947][ T46] veth0_vlan: left promiscuous mode
[ 137.734913][ T46] team0 (unregistering): Port device team_slave_1 removed
[ 137.766645][ T46] team0 (unregistering): Port device team_slave_0 removed
[ 138.101987][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[ 138.104966][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[ 138.267954][ T5777] chnl_net:caif_netlink_parms(): no params data found
[ 138.424839][ T5777] bridge0: port 1(bridge_slave_0) entered blocking state
[ 138.428153][ T5777] bridge0: port 1(bridge_slave_0) entered disabled state
[ 138.440749][ T5777] bridge_slave_0: entered allmulticast mode
[ 138.456715][ T5777] bridge_slave_0: entered promiscuous mode
[ 138.474522][ T5777] bridge0: port 2(bridge_slave_1) entered blocking state
[ 138.478139][ T5777] bridge0: port 2(bridge_slave_1) entered disabled state
[ 138.489800][ T5777] bridge_slave_1: entered allmulticast mode
[ 138.498802][ T5777] bridge_slave_1: entered promiscuous mode
[ 138.815545][ T5777] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 138.857810][ T5777] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 138.967084][ T5777] team0: Port device team_slave_0 added
[ 138.980255][ T48] Bluetooth: hci0: command tx timeout
[ 139.001506][ T5777] team0: Port device team_slave_1 added
[ 139.055943][ T5777] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 139.080007][ T5777] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 139.103370][ T5777] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 139.122042][ T5777] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 139.124952][ T5777] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 139.154335][ T5777] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 139.247397][ T5777] hsr_slave_0: entered promiscuous mode
[ 139.265064][ T5777] hsr_slave_1: entered promiscuous mode
[ 139.701208][ T5777] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 139.718979][ T5777] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 139.740814][ T5777] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 139.745900][ T5777] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 139.835780][ T5777] 8021q: adding VLAN 0 to HW filter on device bond0
[ 139.860278][ T5777] 8021q: adding VLAN 0 to HW filter on device team0
[ 139.872761][ T1079] bridge0: port 1(bridge_slave_0) entered blocking state
[ 139.875744][ T1079] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 139.894607][ T1079] bridge0: port 2(bridge_slave_1) entered blocking state
[ 139.897487][ T1079] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 139.943076][ T5777] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 140.191255][ T5777] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 140.261793][ T5777] veth0_vlan: entered promiscuous mode
[ 140.287283][ T5777] veth1_vlan: entered promiscuous mode
[ 140.324678][ T5777] veth0_macvtap: entered promiscuous mode
[ 140.337791][ T5777] veth1_macvtap: entered promiscuous mode
[ 140.363532][ T5777] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 140.381440][ T5777] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 140.390351][ T5777] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 140.394169][ T5777] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 140.397632][ T5777] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 140.425161][ T5777] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 140.523870][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 140.527172][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 140.591928][ T1079] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 140.595296][ T1079] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 141.051215][ T5851] loop0: detected capacity change from 0 to 32768
[ 141.058744][ T48] Bluetooth: hci0: command tx timeout
[ 141.061607][ T5851] =======================================================
[ 141.061607][ T5851] WARNING: The mand mount option has been deprecated and
[ 141.061607][ T5851] and is ignored by this kernel. Remove the mand
[ 141.061607][ T5851] option from the mount to silence this warning.
[ 141.061607][ T5851] =======================================================
[ 141.110106][ T5851] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 141.155326][ T5851] hlen: 64512, bufsize: 65536, xlog_valid_rec_header
[ 141.159851][ T5851] hlen: 64512, bufsize: 65536, xlog_valid_rec_header
[ 141.162834][ T5851] xheads: 2, size: 64512, xlog_cksum
[ 141.165003][ T5851] ==================================================================
[ 141.168322][ T5851] BUG: KASAN: slab-out-of-bounds in crc32c_le_arch+0xc7/0x1b0
[ 141.172376][ T5851] Read of size 8 at addr ffff88804899fa00 by task syz.0.16/5851
[ 141.176659][ T5851]
[ 141.177967][ T5851] CPU: 0 UID: 0 PID: 5851 Comm: syz.0.16 Not tainted 6.14.0-rc5-syzkaller-g48a5eed9ad58-dirty #0
[ 141.177986][ T5851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 141.177994][ T5851] Call Trace:
[ 141.178003][ T5851]
[ 141.178010][ T5851] dump_stack_lvl+0x241/0x360
[ 141.178031][ T5851] ? __pfx_dump_stack_lvl+0x10/0x10
[ 141.178044][ T5851] ? __pfx__printk+0x10/0x10
[ 141.178056][ T5851] ? _printk+0xd5/0x120
[ 141.178067][ T5851] ? __virt_addr_valid+0x183/0x530
[ 141.178078][ T5851] ? __virt_addr_valid+0x183/0x530
[ 141.178090][ T5851] print_report+0x16e/0x5b0
[ 141.178106][ T5851] ? __virt_addr_valid+0x183/0x530
[ 141.178117][ T5851] ? __virt_addr_valid+0x183/0x530
[ 141.178127][ T5851] ? __virt_addr_valid+0x45f/0x530
[ 141.178137][ T5851] ? __phys_addr+0xba/0x170
[ 141.178154][ T5851] ? crc32c_le_arch+0xc7/0x1b0
[ 141.178169][ T5851] kasan_report+0x143/0x180
[ 141.178184][ T5851] ? crc32c_le_arch+0xc7/0x1b0
[ 141.178201][ T5851] crc32c_le_arch+0xc7/0x1b0
[ 141.178215][ T5851] xlog_cksum+0xcb/0x130
[ 141.178235][ T5851] xlog_recover_process+0x78/0x1e0
[ 141.178252][ T5851] xlog_do_recovery_pass+0xa01/0xdc0
[ 141.178268][ T5851] ? mark_lock+0x9a/0x360
[ 141.178281][ T5851] ? __pfx_xlog_do_recovery_pass+0x10/0x10
[ 141.178295][ T5851] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 141.178317][ T5851] ? xlog_verify_head+0x1b0/0x5a0
[ 141.178331][ T5851] ? xlog_verify_head+0x1b0/0x5a0
[ 141.178345][ T5851] xlog_verify_head+0x21f/0x5a0
[ 141.178357][ T5851] ? xlog_bread+0x57/0xc0
[ 141.178370][ T5851] ? __pfx_xlog_verify_head+0x10/0x10
[ 141.178383][ T5851] ? xlog_check_unmount_rec+0x295/0x5c0
[ 141.178398][ T5851] ? __pfx_xlog_check_unmount_rec+0x10/0x10
[ 141.178414][ T5851] xlog_find_tail+0xa04/0xdf0
[ 141.178429][ T5851] ? __pfx_xlog_find_tail+0x10/0x10
[ 141.178441][ T5851] ? try_to_wake_up+0x9c3/0x1470
[ 141.178459][ T5851] ? __pfx_xfsaild+0x10/0x10
[ 141.178477][ T5851] xlog_recover+0xe1/0x540
[ 141.178490][ T5851] ? __pfx_xlog_recover+0x10/0x10
[ 141.178504][ T5851] xfs_log_mount+0x252/0x3e0
[ 141.178521][ T5851] xfs_mountfs+0xfbb/0x2500
[ 141.178548][ T5851] ? __pfx_xfs_mountfs+0x10/0x10
[ 141.178561][ T5851] ? xfs_mru_cache_create+0x4c6/0x5f0
[ 141.178576][ T5851] ? rcu_is_watching+0x15/0xb0
[ 141.178588][ T5851] xfs_fs_fill_super+0x1223/0x1550
[ 141.178597][ T5851] get_tree_bdev_flags+0x48c/0x5c0
[ 141.178607][ T5851] ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 141.178618][ T5851] ? __pfx_xfs_fs_fill_super+0x10/0x10
[ 141.178626][ T5851] ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 141.178635][ T5851] ? apparmor_capable+0x13b/0x1b0
[ 141.178645][ T5851] vfs_get_tree+0x90/0x2b0
[ 141.178656][ T5851] do_new_mount+0x2be/0xb40
[ 141.178672][ T5851] ? __pfx_do_new_mount+0x10/0x10
[ 141.178691][ T5851] __se_sys_mount+0x2d6/0x3c0
[ 141.178708][ T5851] ? __pfx___se_sys_mount+0x10/0x10
[ 141.178723][ T5851] ? exc_page_fault+0x590/0x8b0
[ 141.178798][ T5851] ? __x64_sys_mount+0x20/0xc0
[ 141.178813][ T5851] do_syscall_64+0xf3/0x230
[ 141.178831][ T5851] ? clear_bhb_loop+0x35/0x90
[ 141.178851][ T5851] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 141.178867][ T5851] RIP: 0033:0x7f5c0bb8e90a
[ 141.178880][ T5851] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 141.178890][ T5851] RSP: 002b:00007f5c0ca1fe68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 141.178904][ T5851] RAX: ffffffffffffffda RBX: 00007f5c0ca1fef0 RCX: 00007f5c0bb8e90a
[ 141.178912][ T5851] RDX: 0000400000000500 RSI: 0000400000000200 RDI: 00007f5c0ca1feb0
[ 141.178920][ T5851] RBP: 0000400000000500 R08: 00007f5c0ca1fef0 R09: 0000000002218a5d
[ 141.178927][ T5851] R10: 0000000002218a5d R11: 0000000000000246 R12: 0000400000000200
[ 141.178935][ T5851] R13: 00007f5c0ca1feb0 R14: 0000000000009706 R15: 0000400000000100
[ 141.178946][ T5851]
[ 141.178950][ T5851]
[ 141.349055][ T5851] Allocated by task 5851:
[ 141.350730][ T5851] kasan_save_track+0x3f/0x80
[ 141.352644][ T5851] __kasan_kmalloc+0x98/0xb0
[ 141.354487][ T5851] __kmalloc_node_noprof+0x290/0x4d0
[ 141.356789][ T5851] __kvmalloc_node_noprof+0x72/0x190
[ 141.360032][ T5851] xlog_do_recovery_pass+0x143/0xdc0
[ 141.362886][ T5851] xlog_verify_head+0x21f/0x5a0
[ 141.364762][ T5851] xlog_find_tail+0xa04/0xdf0
[ 141.366648][ T5851] xlog_recover+0xe1/0x540
[ 141.368361][ T5851] xfs_log_mount+0x252/0x3e0
[ 141.370225][ T5851] xfs_mountfs+0xfbb/0x2500
[ 141.372083][ T5851] xfs_fs_fill_super+0x1223/0x1550
[ 141.374273][ T5851] get_tree_bdev_flags+0x48c/0x5c0
[ 141.376397][ T5851] vfs_get_tree+0x90/0x2b0
[ 141.378539][ T5851] do_new_mount+0x2be/0xb40
[ 141.381029][ T5851] __se_sys_mount+0x2d6/0x3c0
[ 141.383385][ T5851] do_syscall_64+0xf3/0x230
[ 141.385664][ T5851] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 141.388317][ T5851]
[ 141.389347][ T5851] The buggy address belongs to the object at ffff88804899f800
[ 141.389347][ T5851] which belongs to the cache kmalloc-512 of size 512
[ 141.394962][ T5851] The buggy address is located 0 bytes to the right of
[ 141.394962][ T5851] allocated 512-byte region [ffff88804899f800, ffff88804899fa00)
[ 141.400747][ T5851]
[ 141.401889][ T5851] The buggy address belongs to the physical page:
[ 141.405308][ T5851] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4899e
[ 141.409756][ T5851] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 141.413155][ T5851] anon flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[ 141.416528][ T5851] page_type: f5(slab)
[ 141.418208][ T5851] raw: 04fff00000000040 ffff88801b041c80 0000000000000000 dead000000000001
[ 141.422453][ T5851] raw: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[ 141.427047][ T5851] head: 04fff00000000040 ffff88801b041c80 0000000000000000 dead000000000001
[ 141.430553][ T5851] head: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[ 141.434215][ T5851] head: 04fff00000000001 ffffea0001226781 ffffffffffffffff 0000000000000000
[ 141.438021][ T5851] head: 0000000700000002 0000000000000000 00000000ffffffff 0000000000000000
[ 141.442244][ T5851] page dumped because: kasan: bad access detected
[ 141.445194][ T5851] page_owner tracks the page as allocated
[ 141.447567][ T5851] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5614, tgid 5614 (syz-executor), ts 129766503794, free_ts 128754914187
[ 141.457004][ T5851] post_alloc_hook+0x1f4/0x240
[ 141.459571][ T5851] get_page_from_freelist+0x365c/0x37a0
[ 141.462098][ T5851] __alloc_frozen_pages_noprof+0x292/0x710
[ 141.464517][ T5851] alloc_pages_mpol+0x311/0x660
[ 141.466577][ T5851] allocate_slab+0x8f/0x3a0
[ 141.468413][ T5851] ___slab_alloc+0xc27/0x14a0
[ 141.470347][ T5851] __slab_alloc+0x58/0xa0
[ 141.472146][ T5851] __kmalloc_noprof+0x2e6/0x4c0
[ 141.474557][ T5851] ops_init+0x76/0x5b0
[ 141.476746][ T5851] setup_net+0x287/0x9e0
[ 141.478918][ T5851] copy_net_ns+0x33f/0x570
[ 141.480960][ T5851] create_new_namespaces+0x425/0x7b0
[ 141.483258][ T5851] unshare_nsproxy_namespaces+0x124/0x180
[ 141.485596][ T5851] ksys_unshare+0x57d/0xa70
[ 141.487503][ T5851] __x64_sys_unshare+0x38/0x40
[ 141.489526][ T5851] do_syscall_64+0xf3/0x230
[ 141.491348][ T5851] page last free pid 5603 tgid 5603 stack trace:
[ 141.494148][ T5851] free_unref_folios+0xe40/0x18b0
[ 141.496590][ T5851] folios_put_refs+0x76c/0x860
[ 141.498899][ T5851] free_pages_and_swap_cache+0x2e5/0x690
[ 141.501729][ T5851] tlb_flush_mmu+0x3a3/0x680
[ 141.503740][ T5851] tlb_finish_mmu+0xd4/0x200
[ 141.505704][ T5851] vms_clear_ptes+0x432/0x530
[ 141.507680][ T5851] vms_complete_munmap_vmas+0x210/0x8f0
[ 141.510034][ T5851] do_vmi_align_munmap+0x5ef/0x6f0
[ 141.512335][ T5851] do_vmi_munmap+0x24e/0x2d0
[ 141.514703][ T5851] __vm_munmap+0x372/0x510
[ 141.516812][ T5851] __x64_sys_munmap+0x60/0x70
[ 141.518644][ T5851] do_syscall_64+0xf3/0x230
[ 141.520361][ T5851] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 141.522606][ T5851]
[ 141.523672][ T5851] Memory state around the buggy address:
[ 141.526223][ T5851] ffff88804899f900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 141.530005][ T5851] ffff88804899f980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 141.533371][ T5851] >ffff88804899fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 141.536545][ T5851] ^
[ 141.538247][ T5851] ffff88804899fa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 141.542070][ T5851] ffff88804899fb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 141.546223][ T5851] ==================================================================
[ 141.580842][ T5851] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 141.584710][ T5851] CPU: 0 UID: 0 PID: 5851 Comm: syz.0.16 Not tainted 6.14.0-rc5-syzkaller-g48a5eed9ad58-dirty #0
[ 141.589276][ T5851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 141.593780][ T5851] Call Trace:
[ 141.595300][ T5851]
[ 141.596755][ T5851] dump_stack_lvl+0x241/0x360
[ 141.599108][ T5851] ? __pfx_dump_stack_lvl+0x10/0x10
[ 141.601786][ T5851] ? __pfx__printk+0x10/0x10
[ 141.604094][ T5851] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 141.606674][ T5851] ? vscnprintf+0x5d/0x90
[ 141.608549][ T5851] panic+0x349/0x880
[ 141.610332][ T5851] ? check_panic_on_warn+0x21/0xb0
[ 141.612923][ T5851] ? __pfx_panic+0x10/0x10
[ 141.615345][ T5851] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 141.617922][ T5851] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 141.620521][ T5851] check_panic_on_warn+0x86/0xb0
[ 141.622643][ T5851] ? crc32c_le_arch+0xc7/0x1b0
[ 141.625034][ T5851] end_report+0x77/0x160
[ 141.627454][ T5851] kasan_report+0x154/0x180
[ 141.629905][ T5851] ? crc32c_le_arch+0xc7/0x1b0
[ 141.631892][ T5851] crc32c_le_arch+0xc7/0x1b0
[ 141.633900][ T5851] xlog_cksum+0xcb/0x130
[ 141.635696][ T5851] xlog_recover_process+0x78/0x1e0
[ 141.637907][ T5851] xlog_do_recovery_pass+0xa01/0xdc0
[ 141.640234][ T5851] ? mark_lock+0x9a/0x360
[ 141.642438][ T5851] ? __pfx_xlog_do_recovery_pass+0x10/0x10
[ 141.644996][ T5851] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 141.647654][ T5851] ? xlog_verify_head+0x1b0/0x5a0
[ 141.649815][ T5851] ? xlog_verify_head+0x1b0/0x5a0
[ 141.652361][ T5851] xlog_verify_head+0x21f/0x5a0
[ 141.655149][ T5851] ? xlog_bread+0x57/0xc0
[ 141.657221][ T5851] ? __pfx_xlog_verify_head+0x10/0x10
[ 141.659424][ T5851] ? xlog_check_unmount_rec+0x295/0x5c0
[ 141.661676][ T5851] ? __pfx_xlog_check_unmount_rec+0x10/0x10
[ 141.664179][ T5851] xlog_find_tail+0xa04/0xdf0
[ 141.666173][ T5851] ? __pfx_xlog_find_tail+0x10/0x10
[ 141.668633][ T5851] ? try_to_wake_up+0x9c3/0x1470
[ 141.671065][ T5851] ? __pfx_xfsaild+0x10/0x10
[ 141.673238][ T5851] xlog_recover+0xe1/0x540
[ 141.675147][ T5851] ? __pfx_xlog_recover+0x10/0x10
[ 141.677236][ T5851] xfs_log_mount+0x252/0x3e0
[ 141.679367][ T5851] xfs_mountfs+0xfbb/0x2500
[ 141.681916][ T5851] ? __pfx_xfs_mountfs+0x10/0x10
[ 141.684632][ T5851] ? xfs_mru_cache_create+0x4c6/0x5f0
[ 141.686957][ T5851] ? rcu_is_watching+0x15/0xb0
[ 141.688909][ T5851] xfs_fs_fill_super+0x1223/0x1550
[ 141.691053][ T5851] get_tree_bdev_flags+0x48c/0x5c0
[ 141.693224][ T5851] ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 141.696174][ T5851] ? __pfx_xfs_fs_fill_super+0x10/0x10
[ 141.698882][ T5851] ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 141.701281][ T5851] ? apparmor_capable+0x13b/0x1b0
[ 141.703496][ T5851] vfs_get_tree+0x90/0x2b0
[ 141.705564][ T5851] do_new_mount+0x2be/0xb40
[ 141.707752][ T5851] ? __pfx_do_new_mount+0x10/0x10
[ 141.710346][ T5851] __se_sys_mount+0x2d6/0x3c0
[ 141.712512][ T5851] ? __pfx___se_sys_mount+0x10/0x10
[ 141.714819][ T5851] ? exc_page_fault+0x590/0x8b0
[ 141.716926][ T5851] ? __x64_sys_mount+0x20/0xc0
[ 141.719183][ T5851] do_syscall_64+0xf3/0x230
[ 141.721512][ T5851] ? clear_bhb_loop+0x35/0x90
[ 141.723868][ T5851] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 141.726513][ T5851] RIP: 0033:0x7f5c0bb8e90a
[ 141.728392][ T5851] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 141.737701][ T5851] RSP: 002b:00007f5c0ca1fe68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 141.741476][ T5851] RAX: ffffffffffffffda RBX: 00007f5c0ca1fef0 RCX: 00007f5c0bb8e90a
[ 141.744730][ T5851] RDX: 0000400000000500 RSI: 0000400000000200 RDI: 00007f5c0ca1feb0
[ 141.748040][ T5851] RBP: 0000400000000500 R08: 00007f5c0ca1fef0 R09: 0000000002218a5d
[ 141.751690][ T5851] R10: 0000000002218a5d R11: 0000000000000246 R12: 0000400000000200
[ 141.755399][ T5851] R13: 00007f5c0ca1feb0 R14: 0000000000009706 R15: 0000400000000100
[ 141.758832][ T5851]
[ 141.760490][ T5851] Kernel Offset: disabled
[ 141.762453][ T5851] Rebooting in 86400 seconds..