Warning: Permanently added '[localhost]:22781' (ED25519) to the list of known hosts.
[ 78.276131][ T5306] chnl_net:caif_netlink_parms(): no params data found
[ 78.336855][ T5306] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.341853][ T5306] bridge0: port 1(bridge_slave_0) entered disabled state
[ 78.345142][ T5306] bridge_slave_0: entered allmulticast mode
[ 78.349295][ T5306] bridge_slave_0: entered promiscuous mode
[ 78.354590][ T5306] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.358572][ T5306] bridge0: port 2(bridge_slave_1) entered disabled state
[ 78.361285][ T5306] bridge_slave_1: entered allmulticast mode
[ 78.364564][ T5306] bridge_slave_1: entered promiscuous mode
[ 78.383246][ T5306] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 78.388781][ T5306] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 78.409797][ T5306] team0: Port device team_slave_0 added
[ 78.415363][ T5306] team0: Port device team_slave_1 added
[ 78.431590][ T5306] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 78.434750][ T5306] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 78.446580][ T5306] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 78.454811][ T5306] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 78.459229][ T5306] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 78.469874][ T5306] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 78.498869][ T5306] hsr_slave_0: entered promiscuous mode
[ 78.501768][ T5306] hsr_slave_1: entered promiscuous mode
[ 78.615259][ T5306] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 78.626137][ T5306] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 78.632215][ T5306] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 78.638528][ T5306] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 78.664255][ T5306] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.667702][ T5306] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 78.671374][ T5306] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.674533][ T5306] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 78.733344][ T5306] 8021q: adding VLAN 0 to HW filter on device bond0
[ 78.746429][ T1032] bridge0: port 1(bridge_slave_0) entered disabled state
[ 78.753427][ T1032] bridge0: port 2(bridge_slave_1) entered disabled state
[ 78.770109][ T5306] 8021q: adding VLAN 0 to HW filter on device team0
[ 78.781862][ T1094] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.784801][ T1094] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 78.799635][ T1094] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.802574][ T1094] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 78.865994][ T5306] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 78.903831][ T5306] veth0_vlan: entered promiscuous mode
[ 78.914445][ T5306] veth1_vlan: entered promiscuous mode
[ 78.941768][ T5306] veth0_macvtap: entered promiscuous mode
[ 78.949977][ T5306] veth1_macvtap: entered promiscuous mode
[ 78.965331][ T5306] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 78.976270][ T5306] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 78.986113][ T5306] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.990380][ T5306] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.993846][ T5306] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.001776][ T5306] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.089170][ T1094] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 79.092440][ T1094] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 79.130685][ T1032] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 79.134812][ T1032] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program
[ 79.449493][ T5318] loop0: detected capacity change from 0 to 32768
[ 79.555444][ T5318] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[ 79.565464][ T5318] invalid journal entry, version=1.7: mi_btree_bitmap type=dev_usage in superblock: bad pad, fixing
[ 79.572217][ T5318] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[ 79.576643][ T5318] bcachefs (loop0): Version upgrade required:
[ 79.576643][ T5318] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[ 79.576643][ T5318] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size
[ 79.576643][ T5318] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[ 79.615817][ T5318] bcachefs (loop0): error validating btree node on loop0 at btree extents level 0/0
[ 79.615835][ T5318] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0
[ 79.615843][ T5318] node offset 0/16: incorrect min_key: got 0:36028797018963968:0 should be POS_MIN
[ 79.633014][ T5318] bcachefs (loop0): running explicit recovery pass check_topology (2), currently at recovery_pass_empty (0)
[ 79.639277][ T5318] bcachefs (loop0): flagging btree extents lost data
[ 79.642552][ T5318] bcachefs (loop0): running explicit recovery pass scan_for_btree_nodes (1), currently at recovery_pass_empty (0)
[ 79.651525][ T5318] error reading btree root btree=extents level=0: btree_node_read_error, fixing
[ 79.658684][ T5318] bcachefs (loop0): error validating btree node at btree inodes level 0/0
[ 79.658711][ T5318] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0
[ 79.658720][ T5318] node offset 16/24 bset u64s 110 bset byte offset 152: keys out of order: u64s 16 type inode_v3 134217728:4096:U32_MAX len 0 ver 0 > u64s 18 type inode_v3 0:4098:U32_MAX len 0 ver 0, fixing
[ 79.680069][ T5318] invalid bkey in btree_node btree=inodes level=0: u64s 16 type inode_v3 134217728:4096:U32_MAX len 0 ver 0:
[ 79.680087][ T5318] mode=40755
[ 79.680093][ T5318] flags=(16300000)
[ 79.680100][ T5318] journal_seq=0
[ 79.680106][ T5318] hash_seed=28e4f092a4fc58ee
[ 79.680113][ T5318] hash_type=siphash
[ 79.680118][ T5318] bi_size=0
[ 79.680124][ T5318] bi_sectors=0
[ 79.680130][ T5318] bi_version=0
[ 79.680135][ T5318] bi_atime=200535484
[ 79.680141][ T5318] bi_ctime=2780562352
[ 79.680148][ T5318] bi_mtime=2780562352
[ 79.680155][ T5318] bi_otime=200535484
[ 79.680160][ T5318] bi_uid=0
[ 79.680166][ T5318] bi_gid=0
[ 79.680172][ T5318] bi_nlink=2
[ 79.680177][ T5318] bi_generation=0
[ 79.680183][ T5318] bi_dev=0
[ 79.680190][ T5318] bi_data_checksum=0
[ 79.680196][ T5318] bi_compression=0
[ 79.680201][ T5318] bi_project=0
[ 79.680207][ T5318] bi_background_compression=0
[ 79.680213][ T5318] bi_data_replicas=0
[ 79.680219][ T5318] bi_promote_target=0
[ 79.680225][ T5318] bi_foreground_target=0
[ 79.680232][ T5318] bi_background_target=0
[ 79.680238][ T5318] bi_erasure_code=0
[ 79.680244][ T5318] bi_fields_set=0
[ 79.680250][ T5318] bi_dir=0
[ 79.680255][ T5318] bi_dir_offset=0
[ 79.680260][ T5318] bi_subvol=1
[ 79.680266][ T5318] bi_parent_subvol=0
[ 79.680271][ T5318] bi_nocow=0
[ 79.680278][ T5318] bi_depth=0
[ 79.680284][ T5318] bi_inodes_32bit=0
[ 79.680290][ T5318] nonzero k.p.inode: delete?, fixing
[ 79.762178][ T5318] bcachefs (loop0): btree_node_read_work: rewriting btree node at due to error
[ 79.762178][ T5318] btree=inodes level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0
[ 79.773992][ T5318] bcachefs (loop0): error validating btree node on loop0 at btree dirents level 0/0
[ 79.774011][ T5318] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0
[ 79.774020][ T5318] node offset 16/24: btree node data missing: expected 24 sectors, found 16, fixing
[ 79.790447][ T5318] bcachefs (loop0): btree_node_read_work: rewriting btree node at due to error
[ 79.790447][ T5318] btree=dirents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0
[ 79.799779][ T5318] bcachefs (loop0): error validating btree node on loop0 at btree xattrs level 0/0
[ 79.799795][ T5318] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0
[ 79.799802][ T5318] node offset 0/16 bset u64s 0: incorrect btree id
[ 79.813354][ T5318] bcachefs (loop0): flagging btree xattrs lost data
[ 79.816517][ T5318] error reading btree root btree=xattrs level=0: btree_node_read_error, fixing
[ 79.823335][ T5318] bcachefs (loop0): error validating btree node at btree alloc level 0/0
[ 79.823354][ T5318] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0
[ 79.823361][ T5318] node offset 8/24 bset u64s 375 bset byte offset 184: keys out of order: u64s 11 type alloc_v4 0:32:0 len 0 ver 0 > u64s 11 type alloc_v4 0:2:0 len 0 ver 0, fixing
[ 79.846048][ T5318] bcachefs (loop0): btree_node_read_work: rewriting btree node at due to error
[ 79.846048][ T5318] btree=alloc level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0
[ 79.860380][ T5318] bcachefs (loop0): error validating btree node on loop0 at btree freespace level 0/0
[ 79.860402][ T5318] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0
[ 79.860417][ T5318] node offset 0/32 bset u64s 0: invalid bkey format: incorrect number of fields: got 0, should be 6
[ 79.860424][ T5318] u64s 5 fields 64:0, 64:0, 32:0, 0:0, 0:0, 0:0
[ 79.878333][ T5318] bcachefs (loop0): flagging btree freespace lost data
[ 79.883179][ T5318] error reading btree root btree=freespace level=0: btree_node_read_error, fixing
[ 79.889923][ T5318] bcachefs (loop0): scan_for_btree_nodes...
[ 79.908769][ T5327] invalid bkey in btree_node btree=stripes level=0: u64s 7 type xattr 536870912:3798421620223919902:U32_MAX len 0 ver 0: user.xattr2:xattr2
[ 79.908799][ T5327] nonzero snapshot: delete?, fixing
[ 79.924997][ T5327] bcachefs (loop0): flagging btree stripes lost data
[ 79.979419][ T5318] bcachefs (loop0): btree node scan found 6 nodes after overwrites
[ 79.982764][ T5318] done
[ 79.986100][ T5318] bcachefs (loop0): check_topology...
[ 79.989388][ T5318] bcachefs (loop0): btree root extents unreadable, must recover from scan
[ 79.995023][ T5318] bcachefs (loop0): bch2_get_scanned_nodes(): recovery btree=extents level=0 POS_MIN - SPOS_MAX
[ 80.002351][ T5318] bcachefs (loop0): bch2_get_scanned_nodes(): recovering u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 48 min_key 0:36028797018963968:0 durability: 1 ptr: 0:27:0 gen 0
[ 80.015392][ T37] bcachefs (loop0): error validating btree node at btree extents level 0/0
[ 80.015416][ T37] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 48 min_key 0:36028797018963968:0 durability: 1 ptr: 0:27:0 gen 0
[ 80.015425][ T37] node offset 8/48 bset u64s 2097 bset byte offset 40: bad k->u64s 0 (min 3 max 253), fixing
[ 80.031773][ T37] invalid bkey in btree_node btree=extents level=0: u64s 10 type deleted 8825211592396076079:4100:0 len 0 ver 0:
[ 80.031789][ T37] snapshot == 0: delete?, fixing
[ 80.039219][ T37] bcachefs (loop0): error validating btree node at btree extents level 0/0
[ 80.039238][ T37] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 48 min_key 0:36028797018963968:0 durability: 1 ptr: 0:27:0 gen 0
[ 80.039249][ T37] node offset 8/48 bset u64s 2088 bset byte offset 360: bad k->u64s 0 (min 3 max 253), fixing
[ 80.055658][ T37] ==================================================================
[ 80.059190][ T37] BUG: KASAN: use-after-free in bkey_packed_valid+0x488/0x6c0
[ 80.062678][ T37] Read of size 1 at addr ffff8880453a0000 by task kworker/0:1H/37
[ 80.067019][ T37]
[ 80.067904][ T37] CPU: 0 UID: 0 PID: 37 Comm: kworker/0:1H Not tainted 6.14.0-rc5-syzkaller #0
[ 80.067918][ T37] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 80.067926][ T37] Workqueue: bcachefs_btree_read_complete btree_node_read_work
[ 80.067947][ T37] Call Trace:
[ 80.067955][ T37]
[ 80.067961][ T37] dump_stack_lvl+0x241/0x360
[ 80.067975][ T37] ? __pfx_dump_stack_lvl+0x10/0x10
[ 80.067985][ T37] ? __pfx__printk+0x10/0x10
[ 80.067995][ T37] ? _printk+0xd5/0x120
[ 80.068003][ T37] ? __virt_addr_valid+0x183/0x530
[ 80.068014][ T37] ? __virt_addr_valid+0x183/0x530
[ 80.068023][ T37] print_report+0x16e/0x5b0
[ 80.068036][ T37] ? __virt_addr_valid+0x183/0x530
[ 80.068046][ T37] ? __virt_addr_valid+0x183/0x530
[ 80.068054][ T37] ? __virt_addr_valid+0x45f/0x530
[ 80.068062][ T37] ? __phys_addr+0xba/0x170
[ 80.068077][ T37] ? bkey_packed_valid+0x488/0x6c0
[ 80.068089][ T37] kasan_report+0x143/0x180
[ 80.068101][ T37] ? bkey_packed_valid+0x488/0x6c0
[ 80.068114][ T37] bkey_packed_valid+0x488/0x6c0
[ 80.068126][ T37] ? __pfx___btree_err+0x10/0x10
[ 80.068137][ T37] ? __pfx_bkey_packed_valid+0x10/0x10
[ 80.068149][ T37] ? __pfx_bch2_bkey_in_btree_node+0x10/0x10
[ 80.068161][ T37] ? __asan_memset+0x23/0x50
[ 80.068171][ T37] ? validate_bset_keys+0x5df/0x1af0
[ 80.068181][ T37] validate_bset_keys+0xeb5/0x1af0
[ 80.068198][ T37] ? __pfx_validate_bset_keys+0x10/0x10
[ 80.068210][ T37] ? __pfx_validate_bset+0x10/0x10
[ 80.068221][ T37] ? mempool_alloc_noprof+0x1a6/0x5a0
[ 80.068233][ T37] ? bch2_bpos_to_text+0x295/0x3a0
[ 80.068244][ T37] ? __pfx_bch2_bpos_to_text+0x10/0x10
[ 80.068255][ T37] ? prt_str+0x4af/0x7d0
[ 80.068264][ T37] ? bch2_btree_node_read_done+0x2177/0x6180
[ 80.068276][ T37] bch2_btree_node_read_done+0x2298/0x6180
[ 80.068297][ T37] ? __pfx_bch2_btree_node_read_done+0x10/0x10
[ 80.068308][ T37] ? __pfx_lock_acquire+0x10/0x10
[ 80.068323][ T37] ? bch2_bkey_pick_read_device+0x221/0x1850
[ 80.068336][ T37] ? __pfx_lock_release+0x10/0x10
[ 80.068357][ T37] ? __lock_acquire+0x1397/0x2100
[ 80.068372][ T37] ? bch2_bkey_pick_read_device+0x221/0x1850
[ 80.068385][ T37] ? bch2_bkey_pick_read_device+0x1561/0x1850
[ 80.068397][ T37] ? bch2_bkey_pick_read_device+0x221/0x1850
[ 80.068410][ T37] ? __pfx_bch2_bkey_pick_read_device+0x10/0x10
[ 80.068420][ T37] ? bch2_btree_ptr_v2_to_text+0x209/0x2f0
[ 80.068431][ T37] ? __pfx_bch2_btree_ptr_v2_to_text+0x10/0x10
[ 80.068444][ T37] btree_node_read_work+0x6dc/0x1380
[ 80.068460][ T37] ? __pfx_btree_node_read_work+0x10/0x10
[ 80.068471][ T37] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 80.068487][ T37] ? process_scheduled_works+0x9c6/0x18e0
[ 80.068500][ T37] process_scheduled_works+0xabe/0x18e0
[ 80.068518][ T37] ? __pfx_process_scheduled_works+0x10/0x10
[ 80.068532][ T37] ? assign_work+0x364/0x3d0
[ 80.068544][ T37] worker_thread+0x870/0xd30
[ 80.068558][ T37] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 80.068622][ T37] ? __kthread_parkme+0x169/0x1d0
[ 80.068637][ T37] ? __pfx_worker_thread+0x10/0x10
[ 80.068650][ T37] kthread+0x7a9/0x920
[ 80.068664][ T37] ? __pfx_kthread+0x10/0x10
[ 80.068677][ T37] ? __pfx_worker_thread+0x10/0x10
[ 80.068689][ T37] ? __pfx_kthread+0x10/0x10
[ 80.068702][ T37] ? __pfx_kthread+0x10/0x10
[ 80.068716][ T37] ? __pfx_kthread+0x10/0x10
[ 80.068729][ T37] ? _raw_spin_unlock_irq+0x23/0x50
[ 80.068739][ T37] ? lockdep_hardirqs_on+0x99/0x150
[ 80.068752][ T37] ? __pfx_kthread+0x10/0x10
[ 80.068766][ T37] ret_from_fork+0x4b/0x80
[ 80.068780][ T37] ? __pfx_kthread+0x10/0x10
[ 80.068793][ T37] ret_from_fork_asm+0x1a/0x30
[ 80.068808][ T37]
[ 80.068813][ T37]
[ 80.219493][ T37] The buggy address belongs to the physical page:
[ 80.221874][ T37] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x453a0
[ 80.224959][ T37] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 80.227712][ T37] raw: 04fff00000000000 ffffea000114fb08 ffff88801fc44c20 0000000000000000
[ 80.231163][ T37] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 80.234881][ T37] page dumped because: kasan: bad access detected
[ 80.237778][ T37] page_owner tracks the page as freed
[ 80.240467][ T37] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0x452cd0(GFP_KERNEL_ACCOUNT|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_RECLAIMABLE), pid 5318, tgid 5317 (syz-executor285), ts 79505389118, free_ts 79904883188
[ 80.250059][ T37] post_alloc_hook+0x1f4/0x240
[ 80.252481][ T37] get_page_from_freelist+0x365c/0x37a0
[ 80.254800][ T37] __alloc_frozen_pages_noprof+0x292/0x710
[ 80.257131][ T37] __alloc_pages_noprof+0xa/0x30
[ 80.258979][ T37] ___kmalloc_large_node+0x8b/0x1d0
[ 80.260908][ T37] __kmalloc_large_node_noprof+0x1a/0x80
[ 80.263080][ T37] __kmalloc_node_noprof+0x33a/0x4d0
[ 80.265351][ T37] __kvmalloc_node_noprof+0x72/0x190
[ 80.267849][ T37] btree_node_data_alloc+0xdb/0x260
[ 80.270967][ T37] __bch2_btree_node_mem_alloc+0x201/0x420
[ 80.273263][ T37] bch2_fs_btree_cache_init+0x27a/0x630
[ 80.275251][ T37] bch2_fs_open+0x2d2d/0x31e0
[ 80.277005][ T37] bch2_fs_get_tree+0x738/0x17a0
[ 80.278987][ T37] vfs_get_tree+0x90/0x2b0
[ 80.280699][ T37] do_new_mount+0x2be/0xb40
[ 80.282518][ T37] __se_sys_mount+0x2d6/0x3c0
[ 80.284195][ T37] page last free pid 5327 tgid 5327 stack trace:
[ 80.286906][ T37] free_frozen_pages+0xe0d/0x10e0
[ 80.289213][ T37] __folio_put+0x2b3/0x360
[ 80.291284][ T37] free_large_kmalloc+0xfe/0x180
[ 80.293030][ T37] kfree+0x212/0x430
[ 80.294429][ T37] bch2_btree_node_read_done+0x3c89/0x6180
[ 80.296541][ T37] btree_node_read_work+0x6dc/0x1380
[ 80.298363][ T37] bch2_btree_node_read+0x2433/0x29f0
[ 80.300367][ T37] bch2_btree_node_fill+0xca6/0x1370
[ 80.302394][ T37] bch2_btree_node_get_noiter+0x9d5/0xf70
[ 80.305214][ T37] read_btree_nodes_worker+0x1392/0x1fd0
[ 80.308248][ T37] kthread+0x7a9/0x920
[ 80.310142][ T37] ret_from_fork+0x4b/0x80
[ 80.312062][ T37] ret_from_fork_asm+0x1a/0x30
[ 80.313923][ T37]
[ 80.314920][ T37] Memory state around the buggy address:
[ 80.317097][ T37] ffff88804539ff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 80.320104][ T37] ffff88804539ff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 80.323733][ T37] >ffff8880453a0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 80.327530][ T37] ^
[ 80.329315][ T37] ffff8880453a0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 80.332344][ T37] ffff8880453a0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 80.335258][ T37] ==================================================================
[ 80.354248][ T37] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 80.357751][ T37] CPU: 0 UID: 0 PID: 37 Comm: kworker/0:1H Not tainted 6.14.0-rc5-syzkaller #0
[ 80.361324][ T37] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 80.365411][ T37] Workqueue: bcachefs_btree_read_complete btree_node_read_work
[ 80.368389][ T37] Call Trace:
[ 80.369825][ T37]
[ 80.371242][ T37] dump_stack_lvl+0x241/0x360
[ 80.373328][ T37] ? __pfx_dump_stack_lvl+0x10/0x10
[ 80.375647][ T37] ? __pfx__printk+0x10/0x10
[ 80.378177][ T37] ? preempt_schedule+0xe1/0xf0
[ 80.380231][ T37] ? vscnprintf+0x5d/0x90
[ 80.382185][ T37] panic+0x349/0x880
[ 80.384089][ T37] ? check_panic_on_warn+0x21/0xb0
[ 80.386360][ T37] ? __pfx_panic+0x10/0x10
[ 80.388294][ T37] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 80.391093][ T37] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 80.394006][ T37] ? print_report+0x519/0x5b0
[ 80.396141][ T37] check_panic_on_warn+0x86/0xb0
[ 80.398365][ T37] ? bkey_packed_valid+0x488/0x6c0
[ 80.400324][ T37] end_report+0x77/0x160
[ 80.401659][ T37] kasan_report+0x154/0x180
[ 80.403502][ T37] ? bkey_packed_valid+0x488/0x6c0
[ 80.405432][ T37] bkey_packed_valid+0x488/0x6c0
[ 80.407996][ T37] ? __pfx___btree_err+0x10/0x10
[ 80.410898][ T37] ? __pfx_bkey_packed_valid+0x10/0x10
[ 80.413545][ T37] ? __pfx_bch2_bkey_in_btree_node+0x10/0x10
[ 80.415972][ T37] ? __asan_memset+0x23/0x50
[ 80.417937][ T37] ? validate_bset_keys+0x5df/0x1af0
[ 80.420170][ T37] validate_bset_keys+0xeb5/0x1af0
[ 80.422292][ T37] ? __pfx_validate_bset_keys+0x10/0x10
[ 80.424491][ T37] ? __pfx_validate_bset+0x10/0x10
[ 80.426750][ T37] ? mempool_alloc_noprof+0x1a6/0x5a0
[ 80.428907][ T37] ? bch2_bpos_to_text+0x295/0x3a0
[ 80.431417][ T37] ? __pfx_bch2_bpos_to_text+0x10/0x10
[ 80.433548][ T37] ? prt_str+0x4af/0x7d0
[ 80.435052][ T37] ? bch2_btree_node_read_done+0x2177/0x6180
[ 80.437383][ T37] bch2_btree_node_read_done+0x2298/0x6180
[ 80.439331][ T37] ? __pfx_bch2_btree_node_read_done+0x10/0x10
[ 80.441597][ T37] ? __pfx_lock_acquire+0x10/0x10
[ 80.443285][ T37] ? bch2_bkey_pick_read_device+0x221/0x1850
[ 80.445387][ T37] ? __pfx_lock_release+0x10/0x10
[ 80.448292][ T37] ? __lock_acquire+0x1397/0x2100
[ 80.451038][ T37] ? bch2_bkey_pick_read_device+0x221/0x1850
[ 80.453370][ T37] ? bch2_bkey_pick_read_device+0x1561/0x1850
[ 80.455788][ T37] ? bch2_bkey_pick_read_device+0x221/0x1850
[ 80.458122][ T37] ? __pfx_bch2_bkey_pick_read_device+0x10/0x10
[ 80.460429][ T37] ? bch2_btree_ptr_v2_to_text+0x209/0x2f0
[ 80.462561][ T37] ? __pfx_bch2_btree_ptr_v2_to_text+0x10/0x10
[ 80.464998][ T37] btree_node_read_work+0x6dc/0x1380
[ 80.467393][ T37] ? __pfx_btree_node_read_work+0x10/0x10
[ 80.469563][ T37] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 80.471714][ T37] ? process_scheduled_works+0x9c6/0x18e0
[ 80.473470][ T37] process_scheduled_works+0xabe/0x18e0
[ 80.475046][ T37] ? __pfx_process_scheduled_works+0x10/0x10
[ 80.477200][ T37] ? assign_work+0x364/0x3d0
[ 80.478991][ T37] worker_thread+0x870/0xd30
[ 80.480741][ T37] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 80.483006][ T37] ? __kthread_parkme+0x169/0x1d0
[ 80.484893][ T37] ? __pfx_worker_thread+0x10/0x10
[ 80.487001][ T37] kthread+0x7a9/0x920
[ 80.488309][ T37] ? __pfx_kthread+0x10/0x10
[ 80.489860][ T37] ? __pfx_worker_thread+0x10/0x10
[ 80.491908][ T37] ? __pfx_kthread+0x10/0x10
[ 80.493808][ T37] ? __pfx_kthread+0x10/0x10
[ 80.495897][ T37] ? __pfx_kthread+0x10/0x10
[ 80.498209][ T37] ? _raw_spin_unlock_irq+0x23/0x50
[ 80.500175][ T37] ? lockdep_hardirqs_on+0x99/0x150
[ 80.502074][ T37] ? __pfx_kthread+0x10/0x10
[ 80.503728][ T37] ret_from_fork+0x4b/0x80
[ 80.505377][ T37] ? __pfx_kthread+0x10/0x10
[ 80.507074][ T37] ret_from_fork_asm+0x1a/0x30
[ 80.508829][ T37]
[ 80.510316][ T37] Kernel Offset: disabled
[ 80.512142][ T37] Rebooting in 86400 seconds..
VM DIAGNOSIS:
13:47:10 Registers:
info registers vcpu 0
CPU#0
RAX=0000000000000020 RBX=ffffffff9a9960a0 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=0000000000000000 RSP=ffffc900005866d0
R8 =ffffffff8583ed4b R9 =1ffff11003df7046 R10=dffffc0000000000 R11=ffffffff8583ed00
R12=dffffc0000000000 R13=0000000000000020 R14=0000000000000020 R15=00000000000003f8
RIP=ffffffff8583ed7e RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88801fc00000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00005624fb2f0028 CR3=00000000123a8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0001000000000000 Opmask01=0000000000010000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffffee62780 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6565656565656565 6565656565656565
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffff0000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2074657366666f20 65646f6e2020205d 3733542020205b5d 3934323933302e30
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 206f206566666220 65646f6220202030 322054202020205d 3934322033302e30
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6d2033206e696d28 203020733436753e 2d6b20646162203a 3036332074657366
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a20332033363928 2030203934363200 0a67206461622020 2c29332032207361
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000