[  138.141567][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[  138.144981][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
Warning: Permanently added '[localhost]:17621' (ED25519) to the list of known hosts.
2025/06/06 23:38:10 ignoring optional flag "sandboxArg"="0"
2025/06/06 23:38:12 parsed 1 programs
[  146.683036][ T5618] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  150.918431][ T5354] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  150.924479][ T5354] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  150.929618][ T5354] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  150.935581][ T5354] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  150.940444][ T5354] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  152.604807][ T5659] chnl_net:caif_netlink_parms(): no params data found
[  152.667139][ T5659] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.671301][ T5659] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.675101][ T5659] bridge_slave_0: entered allmulticast mode
[  152.679017][ T5659] bridge_slave_0: entered promiscuous mode
[  152.684134][ T5659] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.687546][ T5659] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.692427][ T5659] bridge_slave_1: entered allmulticast mode
[  152.696415][ T5659] bridge_slave_1: entered promiscuous mode
[  152.722460][ T5659] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  152.730692][ T5659] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  152.756107][ T5659] team0: Port device team_slave_0 added
[  152.761752][ T5659] team0: Port device team_slave_1 added
[  152.783591][ T5659] batman_adv: batadv0: Adding interface: batadv_slave_0
[  152.787293][ T5659] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  152.799019][ T5659] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  152.806597][ T5659] batman_adv: batadv0: Adding interface: batadv_slave_1
[  152.811006][ T5659] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  152.824655][ T5659] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  152.860806][ T5659] hsr_slave_0: entered promiscuous mode
[  152.864485][ T5659] hsr_slave_1: entered promiscuous mode
[  153.554619][ T5659] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  153.584642][ T5659] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  153.593533][ T5659] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  153.612279][ T5659] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  153.773409][ T5659] 8021q: adding VLAN 0 to HW filter on device bond0
[  153.801322][ T5659] 8021q: adding VLAN 0 to HW filter on device team0
[  153.830906][ T1035] bridge0: port 1(bridge_slave_0) entered blocking state
[  153.834176][ T1035] bridge0: port 1(bridge_slave_0) entered forwarding state
[  153.839080][ T1035] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.842618][ T1035] bridge0: port 2(bridge_slave_1) entered forwarding state
[  153.924060][ T5659] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  154.216245][ T5659] 8021q: adding VLAN 0 to HW filter on device batadv0
[  154.286226][ T5659] veth0_vlan: entered promiscuous mode
[  154.311529][ T5659] veth1_vlan: entered promiscuous mode
[  154.364795][ T5659] veth0_macvtap: entered promiscuous mode
[  154.391924][ T5659] veth1_macvtap: entered promiscuous mode
[  154.423595][ T5659] batman_adv: batadv0: Interface activated: batadv_slave_0
[  154.444522][ T5659] batman_adv: batadv0: Interface activated: batadv_slave_1
[  154.463954][ T5659] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  154.468111][ T5659] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  154.491420][ T5659] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  154.495008][ T5659] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  154.794160][ T1099] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.906604][ T1099] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.416340][ T1037] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  155.426895][ T1037] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  155.491872][ T1035] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  155.495745][ T1035] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  155.851054][ T1099] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.901828][ T1099] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.539012][ T1099] bridge_slave_1: left allmulticast mode
[  157.550228][ T1099] bridge_slave_1: left promiscuous mode
[  157.573502][ T1099] bridge0: port 2(bridge_slave_1) entered disabled state
[  157.590351][ T1099] bridge_slave_0: left allmulticast mode
[  157.593252][ T1099] bridge_slave_0: left promiscuous mode
[  157.597383][ T1099] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.150452][ T1099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  158.157384][ T1099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  158.163440][ T1099] bond0 (unregistering): Released all slaves
[  158.291405][ T1099] hsr_slave_0: left promiscuous mode
[  158.296837][ T1099] hsr_slave_1: left promiscuous mode
[  158.306429][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  158.311415][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_0
[  158.332677][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  158.336131][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_1
[  158.354285][ T1099] veth1_macvtap: left promiscuous mode
[  158.360037][ T1099] veth0_macvtap: left promiscuous mode
[  158.362612][ T1099] veth1_vlan: left promiscuous mode
[  158.365247][ T1099] veth0_vlan: left promiscuous mode
[  159.101793][ T1099] team0 (unregistering): Port device team_slave_1 removed
[  159.145665][ T1099] team0 (unregistering): Port device team_slave_0 removed
2025/06/06 23:38:31 executed programs: 0
[  161.738544][ T4678] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  161.749867][ T4678] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  161.754428][ T4678] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  161.760635][ T4678] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  161.764649][ T4678] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  162.171598][ T5804] chnl_net:caif_netlink_parms(): no params data found
[  162.328872][ T5804] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.340044][ T5804] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.343912][ T5804] bridge_slave_0: entered allmulticast mode
[  162.360956][ T5804] bridge_slave_0: entered promiscuous mode
[  162.374422][ T5804] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.377651][ T5804] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.390932][ T5804] bridge_slave_1: entered allmulticast mode
[  162.400230][ T5804] bridge_slave_1: entered promiscuous mode
[  162.452034][ T5804] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  162.471896][ T5804] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  162.542672][ T5804] team0: Port device team_slave_0 added
[  162.560417][ T5804] team0: Port device team_slave_1 added
[  162.614550][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_0
[  162.617693][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  162.651115][ T5804] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  162.665656][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_1
[  162.668785][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  162.710616][ T5804] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  162.798057][ T5804] hsr_slave_0: entered promiscuous mode
[  162.810872][ T5804] hsr_slave_1: entered promiscuous mode
[  163.371081][ T5804] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  163.391811][ T5804] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  163.405005][ T5804] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  163.424406][ T5804] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  163.655088][ T5804] 8021q: adding VLAN 0 to HW filter on device bond0
[  163.720656][ T5804] 8021q: adding VLAN 0 to HW filter on device team0
[  163.732876][ T1035] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.736196][ T1035] bridge0: port 1(bridge_slave_0) entered forwarding state
[  163.761654][ T1035] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.765619][ T1035] bridge0: port 2(bridge_slave_1) entered forwarding state
[  163.812777][ T4678] Bluetooth: hci0: command tx timeout
[  163.862237][ T5804] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  164.198553][ T5804] 8021q: adding VLAN 0 to HW filter on device batadv0
[  164.291043][ T5804] veth0_vlan: entered promiscuous mode
[  164.308776][ T5804] veth1_vlan: entered promiscuous mode
[  164.382987][ T5804] veth0_macvtap: entered promiscuous mode
[  164.404166][ T5804] veth1_macvtap: entered promiscuous mode
[  164.442139][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_0
[  164.461225][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_1
[  164.484830][ T5804] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  164.489091][ T5804] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  164.509424][ T5804] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  164.513425][ T5804] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  164.685220][ T1035] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  164.700884][ T1035] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  164.757836][ T1099] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  164.775962][ T1099] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  165.177749][ T5864] loop0: detected capacity change from 0 to 32768
[  165.287142][ T5864] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  165.287142][ T5864]   allowing incompatible features above 0.0: (unknown version)
[  165.287142][ T5864]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  165.324981][ T5864] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  165.336590][ T5864] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  165.342512][ T5864] bcachefs (loop0): Version upgrade required:
[  165.342512][ T5864] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  165.342512][ T5864] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  165.342512][ T5864]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  165.394213][ T5864] bcachefs (loop0): btree node read error at btree dirents level 0/0
[  165.394236][ T5864]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0
[  165.394245][ T5864]   loop0 node offset 16/24: btree node data missing: expected 24 sectors, found 16
[  165.394252][ T5864]   repair success (rewriting node)
[  165.427628][ T5864] ==================================================================
[  165.431566][ T5864] BUG: KASAN: use-after-free in bch2_btree_node_read_done+0xd28/0x5150
[  165.435641][ T5864] Read of size 8 at addr ffff888042700010 by task syz.0.16/5864
[  165.448470][ T5864] 
[  165.449931][ T5864] CPU: 0 UID: 0 PID: 5864 Comm: syz.0.16 Not tainted 6.15.0-syzkaller-g7a912d04415b #0 PREEMPT(full) 
[  165.449950][ T5864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  165.449957][ T5864] Call Trace:
[  165.449966][ T5864]  <TASK>
[  165.449970][ T5864]  dump_stack_lvl+0x189/0x250
[  165.449987][ T5864]  ? __virt_addr_valid+0x1c8/0x5c0
[  165.449995][ T5864]  ? rcu_is_watching+0x15/0xb0
[  165.450002][ T5864]  ? __kasan_check_byte+0x12/0x40
[  165.450028][ T5864]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.450038][ T5864]  ? rcu_is_watching+0x15/0xb0
[  165.450044][ T5864]  ? lock_release+0x4b/0x3e0
[  165.450056][ T5864]  ? __virt_addr_valid+0x1c8/0x5c0
[  165.450063][ T5864]  ? __virt_addr_valid+0x4a5/0x5c0
[  165.450070][ T5864]  print_report+0xd2/0x2b0
[  165.450081][ T5864]  ? bch2_btree_node_read_done+0xd28/0x5150
[  165.450128][ T5864]  kasan_report+0x118/0x150
[  165.450142][ T5864]  ? bch2_btree_node_read_done+0xd28/0x5150
[  165.450157][ T5864]  bch2_btree_node_read_done+0xd28/0x5150
[  165.450172][ T5864]  ? __pfx_number+0x10/0x10
[  165.450235][ T5864]  ? __pfx_bch2_btree_node_read_done+0x10/0x10
[  165.450245][ T5864]  ? bch2_extent_ptr_to_text+0x5a/0x890
[  165.450257][ T5864]  ? bch2_bkey_ptrs_to_text+0x1161/0x1310
[  165.450265][ T5864]  ? bch2_printbuf_make_room+0xdb/0x360
[  165.450295][ T5864]  ? enumerated_ref_put+0xbe/0x270
[  165.450305][ T5864]  btree_node_read_work+0x426/0xe30
[  165.450318][ T5864]  ? __pfx_btree_node_read_work+0x10/0x10
[  165.450327][ T5864]  ? bch2_latency_acct+0x436/0x520
[  165.450335][ T5864]  ? __pfx_bch2_latency_acct+0x10/0x10
[  165.450343][ T5864]  ? bio_associate_blkg+0x6d/0x230
[  165.450376][ T5864]  bch2_btree_node_read+0x887/0x2a00
[  165.450393][ T5864]  ? bch2_btree_node_hash_insert+0x88/0xc0
[  165.450405][ T5864]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  165.450425][ T5864]  ? __pfx_bch2_btree_node_read+0x10/0x10
[  165.450439][ T5864]  ? bch2_trans_unlock+0x8a/0x580
[  165.450452][ T5864]  ? bch2_trans_unlock+0x491/0x580
[  165.450465][ T5864]  bch2_btree_root_read+0x5f0/0x760
[  165.450482][ T5864]  ? __pfx_bch2_btree_root_read+0x10/0x10
[  165.450500][ T5864]  ? bch2_current_has_btree_trans+0x169/0x1a0
[  165.450515][ T5864]  read_btree_roots+0x2c2/0x880
[  165.450532][ T5864]  ? __pfx_read_btree_roots+0x10/0x10
[  165.450549][ T5864]  ? bch2_fs_resize_on_mount+0x81/0x880
[  165.450565][ T5864]  bch2_fs_recovery+0x25ec/0x39a0
[  165.450581][ T5864]  ? check_noncircular+0xe0/0x160
[  165.450596][ T5864]  ? __pfx_bch2_fs_recovery+0x10/0x10
[  165.450611][ T5864]  ? irqentry_exit+0x74/0x90
[  165.450617][ T5864]  ? lockdep_hardirqs_on+0x9c/0x150
[  165.450630][ T5864]  ? preempt_schedule+0xae/0xc0
[  165.450640][ T5864]  ? preempt_schedule_common+0x83/0xd0
[  165.450650][ T5864]  ? preempt_schedule+0xae/0xc0
[  165.450661][ T5864]  ? __lock_acquire+0xab9/0xd20
[  165.450673][ T5864]  ? __lock_acquire+0xab9/0xd20
[  165.450685][ T5864]  ? bch2_fs_start+0x9fe/0xd90
[  165.450692][ T5864]  ? up_write+0x1c4/0x420
[  165.450699][ T5864]  ? bch2_fs_start+0x5c4/0xd90
[  165.450706][ T5864]  bch2_fs_start+0xa99/0xd90
[  165.450713][ T5864]  ? bch2_fs_start+0x5c4/0xd90
[  165.450720][ T5864]  ? __pfx_bch2_fs_start+0x10/0x10
[  165.450730][ T5864]  ? sget+0x267/0x620
[  165.450752][ T5864]  bch2_fs_get_tree+0xb6c/0x1460
[  165.450768][ T5864]  ? __pfx_bch2_fs_get_tree+0x10/0x10
[  165.450781][ T5864]  ? aa_get_newest_label+0xf7/0x5d0
[  165.450803][ T5864]  ? vfs_parse_monolithic_sep+0x2df/0x310
[  165.450827][ T5864]  ? apparmor_capable+0x137/0x1b0
[  165.450834][ T5864]  vfs_get_tree+0x92/0x2b0
[  165.450846][ T5864]  do_new_mount+0x24a/0xa40
[  165.450859][ T5864]  __se_sys_mount+0x317/0x410
[  165.450873][ T5864]  ? __pfx___se_sys_mount+0x10/0x10
[  165.450885][ T5864]  ? do_syscall_64+0xbe/0x3b0
[  165.450895][ T5864]  ? __x64_sys_mount+0x20/0xc0
[  165.450905][ T5864]  do_syscall_64+0xfa/0x3b0
[  165.450915][ T5864]  ? lockdep_hardirqs_on+0x9c/0x150
[  165.450930][ T5864]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.450940][ T5864]  ? clear_bhb_loop+0x60/0xb0
[  165.450952][ T5864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.450965][ T5864] RIP: 0033:0x7f477539010a
[  165.450977][ T5864] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.450986][ T5864] RSP: 002b:00007f4776176e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  165.451000][ T5864] RAX: ffffffffffffffda RBX: 00007f4776176ef0 RCX: 00007f477539010a
[  165.451008][ T5864] RDX: 00002000000000c0 RSI: 0000200000000180 RDI: 00007f4776176eb0
[  165.451015][ T5864] RBP: 00002000000000c0 R08: 00007f4776176ef0 R09: 0000000000000010
[  165.451021][ T5864] R10: 0000000000000010 R11: 0000000000000246 R12: 0000200000000180
[  165.451030][ T5864] R13: 00007f4776176eb0 R14: 0000000000005943 R15: 0000200000000480
[  165.451044][ T5864]  </TASK>
[  165.451048][ T5864] 
[  165.670963][ T5864] The buggy address belongs to the physical page:
[  165.673655][ T5864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888042700000 pfn:0x42700
[  165.677969][ T5864] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  165.681240][ T5864] page_type: f0(buddy)
[  165.683087][ T5864] raw: 04fff00000000000 ffffea000106b608 ffffea000109f808 0000000000000000
[  165.686809][ T5864] raw: ffff888042700000 0000000000000003 00000000f0000000 0000000000000000
[  165.690347][ T5864] page dumped because: kasan: bad access detected
[  165.693072][ T5864] page_owner tracks the page as freed
[  165.695530][ T5864] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4740, tgid 4740 (udevadm), ts 37819140475, free_ts 151484159217
[  165.705255][ T5864]  post_alloc_hook+0x240/0x2a0
[  165.707492][ T5864]  get_page_from_freelist+0x21e4/0x22c0
[  165.710691][ T5864]  __alloc_frozen_pages_noprof+0x181/0x370
[  165.713875][ T5864]  alloc_pages_mpol+0x232/0x4a0
[  165.716255][ T5864]  allocate_slab+0x8a/0x3b0
[  165.718186][ T5864]  ___slab_alloc+0xbfc/0x1480
[  165.720100][ T5864]  kmem_cache_alloc_lru_noprof+0x288/0x3d0
[  165.722801][ T5864]  alloc_inode+0xb8/0x1b0
[  165.724694][ T5864]  iget_locked+0xf0/0x570
[  165.726735][ T5864]  kernfs_get_inode+0x4f/0x780
[  165.728918][ T5864]  kernfs_iop_lookup+0x1f6/0x320
[  165.731427][ T5864]  __lookup_slow+0x294/0x3d0
[  165.733863][ T5864]  lookup_slow+0x53/0x70
[  165.735908][ T5864]  link_path_walk+0x935/0xea0
[  165.738189][ T5864]  path_lookupat+0x97/0x430
[  165.740188][ T5864]  filename_lookup+0x212/0x570
[  165.742145][ T5864] page last free pid 5644 tgid 5644 stack trace:
[  165.744909][ T5864]  __free_frozen_pages+0xc71/0xe70
[  165.747314][ T5864]  __slab_free+0x326/0x400
[  165.749564][ T5864]  qlist_free_all+0x97/0x140
[  165.751658][ T5864]  kasan_quarantine_reduce+0x148/0x160
[  165.754005][ T5864]  __kasan_slab_alloc+0x22/0x80
[  165.756057][ T5864]  __kmalloc_node_track_caller_noprof+0x216/0x4e0
[  165.758906][ T5864]  kmemdup_noprof+0x2b/0x70
[  165.761231][ T5864]  setup_mq_sysctls+0x57/0x4b0
[  165.763794][ T5864]  copy_ipcs+0x314/0x4f0
[  165.765767][ T5864]  create_new_namespaces+0x218/0x720
[  165.767988][ T5864]  unshare_nsproxy_namespaces+0x11c/0x170
[  165.770583][ T5864]  ksys_unshare+0x4c8/0x8c0
[  165.772798][ T5864]  __x64_sys_unshare+0x38/0x50
[  165.775376][ T5864]  do_syscall_64+0xfa/0x3b0
[  165.777874][ T5864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.780682][ T5864] 
[  165.781809][ T5864] Memory state around the buggy address:
[  165.784138][ T5864]  ffff8880426fff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  165.787586][ T5864]  ffff8880426fff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  165.791137][ T5864] >ffff888042700000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  165.795360][ T5864]                          ^
[  165.797837][ T5864]  ffff888042700080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  165.801366][ T5864]  ffff888042700100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  165.804908][ T5864] ==================================================================
[  165.836917][ T5864] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  165.839857][ T5864] CPU: 0 UID: 0 PID: 5864 Comm: syz.0.16 Not tainted 6.15.0-syzkaller-g7a912d04415b #0 PREEMPT(full) 
[  165.844803][ T5864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  165.849899][ T5864] Call Trace:
[  165.851540][ T5864]  <TASK>
[  165.852768][ T5864]  dump_stack_lvl+0x99/0x250
[  165.854797][ T5864]  ? __asan_memcpy+0x40/0x70
[  165.856800][ T5864]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.858973][ T5864]  ? __pfx__printk+0x10/0x10
[  165.860959][ T5864]  panic+0x2db/0x790
[  165.862827][ T5864]  ? __pfx_panic+0x10/0x10
[  165.864943][ T5864]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  165.867920][ T5864]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  165.871048][ T5864]  ? print_memory_metadata+0x314/0x400
[  165.873316][ T5864]  ? bch2_btree_node_read_done+0xd28/0x5150
[  165.875838][ T5864]  check_panic_on_warn+0x89/0xb0
[  165.877947][ T5864]  ? bch2_btree_node_read_done+0xd28/0x5150
[  165.880677][ T5864]  end_report+0x78/0x160
[  165.882849][ T5864]  kasan_report+0x129/0x150
[  165.885087][ T5864]  ? bch2_btree_node_read_done+0xd28/0x5150
[  165.887775][ T5864]  bch2_btree_node_read_done+0xd28/0x5150
[  165.890175][ T5864]  ? __pfx_number+0x10/0x10
[  165.892133][ T5864]  ? __pfx_bch2_btree_node_read_done+0x10/0x10
[  165.894829][ T5864]  ? bch2_extent_ptr_to_text+0x5a/0x890
[  165.897648][ T5864]  ? bch2_bkey_ptrs_to_text+0x1161/0x1310
[  165.900631][ T5864]  ? bch2_printbuf_make_room+0xdb/0x360
[  165.903259][ T5864]  ? enumerated_ref_put+0xbe/0x270
[  165.905405][ T5864]  btree_node_read_work+0x426/0xe30
[  165.907595][ T5864]  ? __pfx_btree_node_read_work+0x10/0x10
[  165.909999][ T5864]  ? bch2_latency_acct+0x436/0x520
[  165.912215][ T5864]  ? __pfx_bch2_latency_acct+0x10/0x10
[  165.914552][ T5864]  ? bio_associate_blkg+0x6d/0x230
[  165.917203][ T5864]  bch2_btree_node_read+0x887/0x2a00
[  165.920184][ T5864]  ? bch2_btree_node_hash_insert+0x88/0xc0
[  165.922931][ T5864]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  165.925344][ T5864]  ? __pfx_bch2_btree_node_read+0x10/0x10
[  165.927803][ T5864]  ? bch2_trans_unlock+0x8a/0x580
[  165.930069][ T5864]  ? bch2_trans_unlock+0x491/0x580
[  165.932308][ T5864]  bch2_btree_root_read+0x5f0/0x760
[  165.934621][ T5864]  ? __pfx_bch2_btree_root_read+0x10/0x10
[  165.937403][ T5864]  ? bch2_current_has_btree_trans+0x169/0x1a0
[  165.941527][ T5864]  read_btree_roots+0x2c2/0x880
[  165.943672][ T5864]  ? __pfx_read_btree_roots+0x10/0x10
[  165.945824][ T5864]  ? bch2_fs_resize_on_mount+0x81/0x880
[  165.948077][ T5864]  bch2_fs_recovery+0x25ec/0x39a0
[  165.950218][ T5864]  ? check_noncircular+0xe0/0x160
[  165.952424][ T5864]  ? __pfx_bch2_fs_recovery+0x10/0x10
[  165.954743][ T5864]  ? irqentry_exit+0x74/0x90
[  165.957075][ T5864]  ? lockdep_hardirqs_on+0x9c/0x150
[  165.960124][ T5864]  ? preempt_schedule+0xae/0xc0
[  165.962579][ T5864]  ? preempt_schedule_common+0x83/0xd0
[  165.964992][ T5864]  ? preempt_schedule+0xae/0xc0
[  165.967143][ T5864]  ? __lock_acquire+0xab9/0xd20
[  165.969310][ T5864]  ? __lock_acquire+0xab9/0xd20
[  165.971929][ T5864]  ? bch2_fs_start+0x9fe/0xd90
[  165.974256][ T5864]  ? up_write+0x1c4/0x420
[  165.976461][ T5864]  ? bch2_fs_start+0x5c4/0xd90
[  165.979158][ T5864]  bch2_fs_start+0xa99/0xd90
[  165.981319][ T5864]  ? bch2_fs_start+0x5c4/0xd90
[  165.983674][ T5864]  ? __pfx_bch2_fs_start+0x10/0x10
[  165.986042][ T5864]  ? sget+0x267/0x620
[  165.987951][ T5864]  bch2_fs_get_tree+0xb6c/0x1460
[  165.990511][ T5864]  ? __pfx_bch2_fs_get_tree+0x10/0x10
[  165.993226][ T5864]  ? aa_get_newest_label+0xf7/0x5d0
[  165.995468][ T5864]  ? vfs_parse_monolithic_sep+0x2df/0x310
[  165.998173][ T5864]  ? apparmor_capable+0x137/0x1b0
[  166.000707][ T5864]  vfs_get_tree+0x92/0x2b0
[  166.003064][ T5864]  do_new_mount+0x24a/0xa40
[  166.005599][ T5864]  __se_sys_mount+0x317/0x410
[  166.008373][ T5864]  ? __pfx___se_sys_mount+0x10/0x10
[  166.011005][ T5864]  ? do_syscall_64+0xbe/0x3b0
[  166.013126][ T5864]  ? __x64_sys_mount+0x20/0xc0
[  166.015260][ T5864]  do_syscall_64+0xfa/0x3b0
[  166.017307][ T5864]  ? lockdep_hardirqs_on+0x9c/0x150
[  166.019699][ T5864]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.022942][ T5864]  ? clear_bhb_loop+0x60/0xb0
[  166.025649][ T5864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.028468][ T5864] RIP: 0033:0x7f477539010a
[  166.030470][ T5864] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.039013][ T5864] RSP: 002b:00007f4776176e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  166.043153][ T5864] RAX: ffffffffffffffda RBX: 00007f4776176ef0 RCX: 00007f477539010a
[  166.047568][ T5864] RDX: 00002000000000c0 RSI: 0000200000000180 RDI: 00007f4776176eb0
[  166.051193][ T5864] RBP: 00002000000000c0 R08: 00007f4776176ef0 R09: 0000000000000010
[  166.055775][ T5864] R10: 0000000000000010 R11: 0000000000000246 R12: 0000200000000180
[  166.060644][ T5864] R13: 00007f4776176eb0 R14: 0000000000005943 R15: 0000200000000480
[  166.064409][ T5864]  </TASK>
[  166.066112][ T5864] Kernel Offset: disabled
[  166.067964][ T5864] Rebooting in 86400 seconds..