Warning: Permanently added '[localhost]:21356' (ED25519) to the list of known hosts.
2025/03/05 02:12:32 ignoring optional flag "sandboxArg"="0"
2025/03/05 02:12:33 parsed 1 programs
[  124.906810][ T5616] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  130.665533][ T5658] chnl_net:caif_netlink_parms(): no params data found
[  130.703912][ T5658] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.707013][ T5658] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.710290][ T5658] bridge_slave_0: entered allmulticast mode
[  130.716711][ T5658] bridge_slave_0: entered promiscuous mode
[  130.722481][ T5658] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.727366][ T5658] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.732170][ T5658] bridge_slave_1: entered allmulticast mode
[  130.735711][ T5658] bridge_slave_1: entered promiscuous mode
[  130.754054][ T5658] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  130.759834][ T5658] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  130.779987][ T5658] team0: Port device team_slave_0 added
[  130.785717][ T5658] team0: Port device team_slave_1 added
[  130.800422][ T5658] batman_adv: batadv0: Adding interface: batadv_slave_0
[  130.803847][ T5658] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.816392][ T5658] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  130.824135][ T5658] batman_adv: batadv0: Adding interface: batadv_slave_1
[  130.827040][ T5658] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.839136][ T5658] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  130.863575][ T5658] hsr_slave_0: entered promiscuous mode
[  130.867464][ T5658] hsr_slave_1: entered promiscuous mode
[  131.438628][ T5658] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  131.472225][ T5658] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  131.479176][ T5658] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  131.493921][ T5658] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  131.615028][ T5658] 8021q: adding VLAN 0 to HW filter on device bond0
[  131.634095][ T5658] 8021q: adding VLAN 0 to HW filter on device team0
[  131.675639][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.678820][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  131.699018][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.702340][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  131.986640][ T5658] 8021q: adding VLAN 0 to HW filter on device batadv0
[  132.055884][ T5658] veth0_vlan: entered promiscuous mode
[  132.073076][ T5658] veth1_vlan: entered promiscuous mode
[  132.113355][ T5658] veth0_macvtap: entered promiscuous mode
[  132.124594][ T5658] veth1_macvtap: entered promiscuous mode
[  132.153001][ T5658] batman_adv: batadv0: Interface activated: batadv_slave_0
[  132.174062][ T5658] batman_adv: batadv0: Interface activated: batadv_slave_1
[  132.179433][ T5658] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  132.202785][ T5658] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  132.206731][ T5658] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  132.210478][ T5658] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  132.543447][ T4105] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.612078][ T4105] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.702377][ T4105] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.798024][ T4105] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.207208][ T1032] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  134.210499][ T1032] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  134.253058][   T30] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  134.257803][   T30] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  134.798378][ T4105] bridge_slave_1: left allmulticast mode
[  134.809295][ T4105] bridge_slave_1: left promiscuous mode
[  134.831219][ T4105] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.852799][ T4105] bridge_slave_0: left allmulticast mode
[  134.855302][ T4105] bridge_slave_0: left promiscuous mode
[  134.857989][ T4105] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.333148][ T4105] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  135.338271][ T4105] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  135.344085][ T4105] bond0 (unregistering): Released all slaves
[  135.406099][ T4105] hsr_slave_0: left promiscuous mode
[  135.431325][ T4105] hsr_slave_1: left promiscuous mode
[  135.434043][ T4105] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  135.451443][ T4105] batman_adv: batadv0: Removing interface: batadv_slave_0
[  135.454900][ T4105] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  135.458378][ T4105] batman_adv: batadv0: Removing interface: batadv_slave_1
[  135.495297][ T4105] veth1_macvtap: left promiscuous mode
[  135.497474][ T4105] veth0_macvtap: left promiscuous mode
[  135.532164][ T4105] veth1_vlan: left promiscuous mode
[  135.534498][ T4105] veth0_vlan: left promiscuous mode
[  135.668012][ T5323] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  135.673011][ T5323] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  135.676005][ T5323] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  135.679847][ T5323] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  135.685253][ T5323] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  135.688581][ T5323] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  136.181917][ T4105] team0 (unregistering): Port device team_slave_1 removed
[  136.235383][ T4105] team0 (unregistering): Port device team_slave_0 removed
[  138.096319][ T1310] ieee802154 phy0 wpan0: encryption failed: -22
[  138.099758][ T1310] ieee802154 phy1 wpan1: encryption failed: -22
2025/03/05 02:12:51 executed programs: 0
[  138.272578][ T4665] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  138.277521][ T4665] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  138.286279][ T4665] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  138.296547][ T4665] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  138.300321][ T4665] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  138.304812][ T4665] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  138.564584][ T5827] chnl_net:caif_netlink_parms(): no params data found
[  138.663558][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.667453][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.678461][ T5827] bridge_slave_0: entered allmulticast mode
[  138.692454][ T5827] bridge_slave_0: entered promiscuous mode
[  138.697286][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.700340][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.721788][ T5827] bridge_slave_1: entered allmulticast mode
[  138.725819][ T5827] bridge_slave_1: entered promiscuous mode
[  138.773026][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  138.779427][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  138.825713][ T5827] team0: Port device team_slave_0 added
[  138.843062][ T5827] team0: Port device team_slave_1 added
[  138.873924][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0
[  138.876991][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  138.910809][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  138.931796][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1
[  138.934730][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  138.961537][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  139.016562][ T5827] hsr_slave_0: entered promiscuous mode
[  139.031853][ T5827] hsr_slave_1: entered promiscuous mode
[  139.418150][ T5827] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  139.436631][ T5827] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  139.453860][ T5827] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  139.465584][ T5827] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  139.503476][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.506516][ T5827] bridge0: port 2(bridge_slave_1) entered forwarding state
[  139.509693][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.513203][ T5827] bridge0: port 1(bridge_slave_0) entered forwarding state
[  139.591661][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0
[  139.603475][ T4105] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.607384][ T4105] bridge0: port 2(bridge_slave_1) entered disabled state
[  139.627788][ T5827] 8021q: adding VLAN 0 to HW filter on device team0
[  139.640498][ T1093] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.644631][ T1093] bridge0: port 1(bridge_slave_0) entered forwarding state
[  139.663877][ T1093] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.666963][ T1093] bridge0: port 2(bridge_slave_1) entered forwarding state
[  139.807493][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0
[  139.836552][ T5827] veth0_vlan: entered promiscuous mode
[  139.846735][ T5827] veth1_vlan: entered promiscuous mode
[  139.867701][ T5827] veth0_macvtap: entered promiscuous mode
[  139.875178][ T5827] veth1_macvtap: entered promiscuous mode
[  139.892174][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0
[  139.899945][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1
[  139.911336][ T5827] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  139.914948][ T5827] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  139.918598][ T5827] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  139.924996][ T5827] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  139.979879][   T30] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.989772][   T30] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  140.007782][ T1032] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  140.013664][ T1032] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  140.317008][ T5864] loop0: detected capacity change from 0 to 32768
[  140.325141][ T5864] =======================================================
[  140.325141][ T5864] WARNING: The mand mount option has been deprecated and
[  140.325141][ T5864]          and is ignored by this kernel. Remove the mand
[  140.325141][ T5864]          option from the mount to silence this warning.
[  140.325141][ T5864] =======================================================
[  140.346784][ T4665] Bluetooth: hci0: command tx timeout
[  140.392307][ T5864] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  140.449761][ T5864] ==================================================================
[  140.453342][ T5864] BUG: KASAN: slab-out-of-bounds in crc32c_le_arch+0xc7/0x1b0
[  140.457522][ T5864] Read of size 8 at addr ffff888032f85200 by task syz.0.16/5864
[  140.461788][ T5864] 
[  140.462793][ T5864] CPU: 0 UID: 0 PID: 5864 Comm: syz.0.16 Not tainted 6.14.0-rc5-syzkaller-g48a5eed9ad58-dirty #0
[  140.462807][ T5864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  140.462814][ T5864] Call Trace:
[  140.462821][ T5864]  <TASK>
[  140.462827][ T5864]  dump_stack_lvl+0x241/0x360
[  140.462845][ T5864]  ? __pfx_dump_stack_lvl+0x10/0x10
[  140.462856][ T5864]  ? __pfx__printk+0x10/0x10
[  140.462866][ T5864]  ? _printk+0xd5/0x120
[  140.462874][ T5864]  ? __virt_addr_valid+0x183/0x530
[  140.462885][ T5864]  ? __virt_addr_valid+0x183/0x530
[  140.462894][ T5864]  print_report+0x16e/0x5b0
[  140.462908][ T5864]  ? __virt_addr_valid+0x183/0x530
[  140.462918][ T5864]  ? __virt_addr_valid+0x183/0x530
[  140.462926][ T5864]  ? __virt_addr_valid+0x45f/0x530
[  140.462934][ T5864]  ? __phys_addr+0xba/0x170
[  140.462948][ T5864]  ? crc32c_le_arch+0xc7/0x1b0
[  140.462962][ T5864]  kasan_report+0x143/0x180
[  140.462973][ T5864]  ? crc32c_le_arch+0xc7/0x1b0
[  140.462986][ T5864]  crc32c_le_arch+0xc7/0x1b0
[  140.462999][ T5864]  xlog_cksum+0xcf/0x130
[  140.463013][ T5864]  xlog_recover_process+0x78/0x1e0
[  140.463027][ T5864]  xlog_do_recovery_pass+0xa01/0xdc0
[  140.463040][ T5864]  ? mark_lock+0x9a/0x360
[  140.463051][ T5864]  ? __pfx_xlog_do_recovery_pass+0x10/0x10
[  140.463062][ T5864]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  140.463078][ T5864]  ? xlog_verify_head+0x1b0/0x5a0
[  140.463089][ T5864]  ? xlog_verify_head+0x1b0/0x5a0
[  140.463101][ T5864]  xlog_verify_head+0x21f/0x5a0
[  140.463111][ T5864]  ? xlog_bread+0x57/0xc0
[  140.463123][ T5864]  ? __pfx_xlog_verify_head+0x10/0x10
[  140.463134][ T5864]  ? xlog_check_unmount_rec+0x295/0x5c0
[  140.463153][ T5864]  ? __pfx_xlog_check_unmount_rec+0x10/0x10
[  140.463166][ T5864]  xlog_find_tail+0xa04/0xdf0
[  140.463177][ T5864]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  140.463240][ T5864]  ? __pfx_xlog_find_tail+0x10/0x10
[  140.463251][ T5864]  ? try_to_wake_up+0x959/0x1470
[  140.463266][ T5864]  ? __pfx_xfsaild+0x10/0x10
[  140.463281][ T5864]  xlog_recover+0xe1/0x540
[  140.463291][ T5864]  ? __pfx_xlog_recover+0x10/0x10
[  140.463304][ T5864]  xfs_log_mount+0x252/0x3e0
[  140.463319][ T5864]  xfs_mountfs+0xfbb/0x2500
[  140.463334][ T5864]  ? __pfx_xfs_mountfs+0x10/0x10
[  140.463345][ T5864]  ? xfs_mru_cache_create+0x4c6/0x5f0
[  140.463357][ T5864]  ? rcu_is_watching+0x15/0xb0
[  140.463369][ T5864]  xfs_fs_fill_super+0x1223/0x1550
[  140.463380][ T5864]  get_tree_bdev_flags+0x48c/0x5c0
[  140.463391][ T5864]  ? __pfx_vfs_parse_comma_sep+0x10/0x10
[  140.463405][ T5864]  ? __pfx_xfs_fs_fill_super+0x10/0x10
[  140.463414][ T5864]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  140.463424][ T5864]  ? apparmor_capable+0x13b/0x1b0
[  140.463438][ T5864]  vfs_get_tree+0x90/0x2b0
[  140.463449][ T5864]  do_new_mount+0x2be/0xb40
[  140.463464][ T5864]  ? __pfx_do_new_mount+0x10/0x10
[  140.463477][ T5864]  __se_sys_mount+0x2d6/0x3c0
[  140.463491][ T5864]  ? __pfx___se_sys_mount+0x10/0x10
[  140.463504][ T5864]  ? exc_page_fault+0x590/0x8b0
[  140.463517][ T5864]  ? __x64_sys_mount+0x20/0xc0
[  140.463530][ T5864]  do_syscall_64+0xf3/0x230
[  140.463545][ T5864]  ? clear_bhb_loop+0x35/0x90
[  140.463560][ T5864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.463574][ T5864] RIP: 0033:0x7f2098f8e90a
[  140.463586][ T5864] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.463594][ T5864] RSP: 002b:00007f2099e4fe68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  140.463607][ T5864] RAX: ffffffffffffffda RBX: 00007f2099e4fef0 RCX: 00007f2098f8e90a
[  140.463614][ T5864] RDX: 0000400000000500 RSI: 0000400000000200 RDI: 00007f2099e4feb0
[  140.463620][ T5864] RBP: 0000400000000500 R08: 00007f2099e4fef0 R09: 0000000002218a5d
[  140.463627][ T5864] R10: 0000000002218a5d R11: 0000000000000246 R12: 0000400000000200
[  140.463633][ T5864] R13: 00007f2099e4feb0 R14: 0000000000009706 R15: 0000400000000100
[  140.463644][ T5864]  </TASK>
[  140.463648][ T5864] 
[  140.642232][ T5864] Allocated by task 5864:
[  140.644136][ T5864]  kasan_save_track+0x3f/0x80
[  140.646190][ T5864]  __kasan_kmalloc+0x98/0xb0
[  140.648195][ T5864]  __kmalloc_node_noprof+0x290/0x4d0
[  140.650334][ T5864]  __kvmalloc_node_noprof+0x72/0x190
[  140.652561][ T5864]  xlog_do_recovery_pass+0x143/0xdc0
[  140.654969][ T5864]  xlog_verify_head+0x21f/0x5a0
[  140.657492][ T5864]  xlog_find_tail+0xa04/0xdf0
[  140.659619][ T5864]  xlog_recover+0xe1/0x540
[  140.661418][ T5864]  xfs_log_mount+0x252/0x3e0
[  140.663222][ T5864]  xfs_mountfs+0xfbb/0x2500
[  140.664936][ T5864]  xfs_fs_fill_super+0x1223/0x1550
[  140.667011][ T5864]  get_tree_bdev_flags+0x48c/0x5c0
[  140.669293][ T5864]  vfs_get_tree+0x90/0x2b0
[  140.671561][ T5864]  do_new_mount+0x2be/0xb40
[  140.673966][ T5864]  __se_sys_mount+0x2d6/0x3c0
[  140.676310][ T5864]  do_syscall_64+0xf3/0x230
[  140.678334][ T5864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.680866][ T5864] 
[  140.681834][ T5864] The buggy address belongs to the object at ffff888032f85000
[  140.681834][ T5864]  which belongs to the cache kmalloc-512 of size 512
[  140.687263][ T5864] The buggy address is located 0 bytes to the right of
[  140.687263][ T5864]  allocated 512-byte region [ffff888032f85000, ffff888032f85200)
[  140.693845][ T5864] 
[  140.695235][ T5864] The buggy address belongs to the physical page:
[  140.698508][ T5864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x32f84
[  140.702133][ T5864] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  140.705586][ T5864] anon flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  140.709124][ T5864] page_type: f5(slab)
[  140.711434][ T5864] raw: 04fff00000000040 ffff88801b041c80 0000000000000000 dead000000000001
[  140.715568][ T5864] raw: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[  140.719243][ T5864] head: 04fff00000000040 ffff88801b041c80 0000000000000000 dead000000000001
[  140.722814][ T5864] head: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[  140.726954][ T5864] head: 04fff00000000001 ffffea0000cbe101 ffffffffffffffff 0000000000000000
[  140.731538][ T5864] head: ffff888000000002 0000000000000000 00000000ffffffff 0000000000000000
[  140.734991][ T5864] page dumped because: kasan: bad access detected
[  140.737590][ T5864] page_owner tracks the page as allocated
[  140.739967][ T5864] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5658, tgid 5658 (syz-executor), ts 131552625607, free_ts 131548944772
[  140.750007][ T5864]  post_alloc_hook+0x1f4/0x240
[  140.752021][ T5864]  get_page_from_freelist+0x365c/0x37a0
[  140.754415][ T5864]  __alloc_frozen_pages_noprof+0x292/0x710
[  140.757245][ T5864]  alloc_pages_mpol+0x311/0x660
[  140.759805][ T5864]  allocate_slab+0x8f/0x3a0
[  140.761922][ T5864]  ___slab_alloc+0xc27/0x14a0
[  140.764036][ T5864]  __slab_alloc+0x58/0xa0
[  140.765932][ T5864]  __kmalloc_noprof+0x2e6/0x4c0
[  140.768018][ T5864]  fib6_info_alloc+0x2e/0xf0
[  140.770197][ T5864]  ip6_route_info_create+0x445/0x12b0
[  140.773180][ T5864]  addrconf_f6i_alloc+0x3c2/0x7f0
[  140.775890][ T5864]  ipv6_add_addr+0x5b6/0x1090
[  140.778057][ T5864]  inet6_addr_add+0x3ae/0xe30
[  140.779976][ T5864]  inet6_rtm_newaddr+0xa89/0xf10
[  140.781949][ T5864]  rtnetlink_rcv_msg+0x791/0xcf0
[  140.784000][ T5864]  netlink_rcv_skb+0x206/0x480
[  140.785956][ T5864] page last free pid 5678 tgid 5678 stack trace:
[  140.788559][ T5864]  free_frozen_pages+0xe0d/0x10e0
[  140.790790][ T5864]  __mmdrop+0xb9/0x3d0
[  140.792941][ T5864]  exec_mmap+0x7a5/0x890
[  140.795343][ T5864]  begin_new_exec+0x1281/0x2100
[  140.797633][ T5864]  load_elf_binary+0x973/0x2820
[  140.799716][ T5864]  bprm_execve+0x979/0x1430
[  140.801662][ T5864]  do_execveat_common+0x57f/0x710
[  140.803714][ T5864]  __x64_sys_execve+0x92/0xb0
[  140.805699][ T5864]  do_syscall_64+0xf3/0x230
[  140.808033][ T5864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.811226][ T5864] 
[  140.812394][ T5864] Memory state around the buggy address:
[  140.814789][ T5864]  ffff888032f85100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  140.818090][ T5864]  ffff888032f85180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  140.821577][ T5864] >ffff888032f85200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  140.825446][ T5864]                    ^
[  140.827526][ T5864]  ffff888032f85280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  140.831250][ T5864]  ffff888032f85300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  140.834438][ T5864] ==================================================================
[  140.868463][ T5864] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  140.871984][ T5864] CPU: 0 UID: 0 PID: 5864 Comm: syz.0.16 Not tainted 6.14.0-rc5-syzkaller-g48a5eed9ad58-dirty #0
[  140.876795][ T5864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  140.881009][ T5864] Call Trace:
[  140.882382][ T5864]  <TASK>
[  140.883744][ T5864]  dump_stack_lvl+0x241/0x360
[  140.885890][ T5864]  ? __pfx_dump_stack_lvl+0x10/0x10
[  140.888511][ T5864]  ? __pfx__printk+0x10/0x10
[  140.890886][ T5864]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  140.893286][ T5864]  ? vscnprintf+0x5d/0x90
[  140.895535][ T5864]  panic+0x349/0x880
[  140.897558][ T5864]  ? check_panic_on_warn+0x21/0xb0
[  140.900104][ T5864]  ? __pfx_panic+0x10/0x10
[  140.902346][ T5864]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  140.906185][ T5864]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  140.909554][ T5864]  check_panic_on_warn+0x86/0xb0
[  140.911874][ T5864]  ? crc32c_le_arch+0xc7/0x1b0
[  140.914003][ T5864]  end_report+0x77/0x160
[  140.915700][ T5864]  kasan_report+0x154/0x180
[  140.917436][ T5864]  ? crc32c_le_arch+0xc7/0x1b0
[  140.919387][ T5864]  crc32c_le_arch+0xc7/0x1b0
[  140.921280][ T5864]  xlog_cksum+0xcf/0x130
[  140.923089][ T5864]  xlog_recover_process+0x78/0x1e0
[  140.925265][ T5864]  xlog_do_recovery_pass+0xa01/0xdc0
[  140.927637][ T5864]  ? mark_lock+0x9a/0x360
[  140.929793][ T5864]  ? __pfx_xlog_do_recovery_pass+0x10/0x10
[  140.932855][ T5864]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  140.935659][ T5864]  ? xlog_verify_head+0x1b0/0x5a0
[  140.937690][ T5864]  ? xlog_verify_head+0x1b0/0x5a0
[  140.939754][ T5864]  xlog_verify_head+0x21f/0x5a0
[  140.941801][ T5864]  ? xlog_bread+0x57/0xc0
[  140.943751][ T5864]  ? __pfx_xlog_verify_head+0x10/0x10
[  140.947391][ T5864]  ? xlog_check_unmount_rec+0x295/0x5c0
[  140.949990][ T5864]  ? __pfx_xlog_check_unmount_rec+0x10/0x10
[  140.952525][ T5864]  xlog_find_tail+0xa04/0xdf0
[  140.954490][ T5864]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  140.957078][ T5864]  ? __pfx_xlog_find_tail+0x10/0x10
[  140.959265][ T5864]  ? try_to_wake_up+0x959/0x1470
[  140.961331][ T5864]  ? __pfx_xfsaild+0x10/0x10
[  140.963578][ T5864]  xlog_recover+0xe1/0x540
[  140.965905][ T5864]  ? __pfx_xlog_recover+0x10/0x10
[  140.968672][ T5864]  xfs_log_mount+0x252/0x3e0
[  140.970693][ T5864]  xfs_mountfs+0xfbb/0x2500
[  140.972540][ T5864]  ? __pfx_xfs_mountfs+0x10/0x10
[  140.974587][ T5864]  ? xfs_mru_cache_create+0x4c6/0x5f0
[  140.976979][ T5864]  ? rcu_is_watching+0x15/0xb0
[  140.979139][ T5864]  xfs_fs_fill_super+0x1223/0x1550
[  140.981423][ T5864]  get_tree_bdev_flags+0x48c/0x5c0
[  140.983614][ T5864]  ? __pfx_vfs_parse_comma_sep+0x10/0x10
[  140.985980][ T5864]  ? __pfx_xfs_fs_fill_super+0x10/0x10
[  140.988508][ T5864]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  140.991506][ T5864]  ? apparmor_capable+0x13b/0x1b0
[  140.994095][ T5864]  vfs_get_tree+0x90/0x2b0
[  140.996236][ T5864]  do_new_mount+0x2be/0xb40
[  140.998175][ T5864]  ? __pfx_do_new_mount+0x10/0x10
[  141.000434][ T5864]  __se_sys_mount+0x2d6/0x3c0
[  141.002754][ T5864]  ? __pfx___se_sys_mount+0x10/0x10
[  141.005261][ T5864]  ? exc_page_fault+0x590/0x8b0
[  141.007643][ T5864]  ? __x64_sys_mount+0x20/0xc0
[  141.010232][ T5864]  do_syscall_64+0xf3/0x230
[  141.012574][ T5864]  ? clear_bhb_loop+0x35/0x90
[  141.014584][ T5864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.017050][ T5864] RIP: 0033:0x7f2098f8e90a
[  141.018912][ T5864] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.027537][ T5864] RSP: 002b:00007f2099e4fe68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  141.031010][ T5864] RAX: ffffffffffffffda RBX: 00007f2099e4fef0 RCX: 00007f2098f8e90a
[  141.034710][ T5864] RDX: 0000400000000500 RSI: 0000400000000200 RDI: 00007f2099e4feb0
[  141.038854][ T5864] RBP: 0000400000000500 R08: 00007f2099e4fef0 R09: 0000000002218a5d
[  141.042147][ T5864] R10: 0000000002218a5d R11: 0000000000000246 R12: 0000400000000200
[  141.045349][ T5864] R13: 00007f2099e4feb0 R14: 0000000000009706 R15: 0000400000000100
[  141.048805][ T5864]  </TASK>
[  141.050482][ T5864] Kernel Offset: disabled
[  141.052500][ T5864] Rebooting in 86400 seconds..