[ 91.980095][ T1833] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.1.249' (ED25519) to the list of known hosts.
executing program
[ 94.129523][ T5832] loop0: detected capacity change from 0 to 32768
[ 94.181919][ T5832] ==================================================================
[ 94.181940][ T5832] BUG: KASAN: slab-out-of-bounds in dtSearch+0x16b4/0x21b0
[ 94.181987][ T5832] Read of size 1 at addr ffff888042439b14 by task syz-executor139/5832
[ 94.182005][ T5832]
[ 94.182035][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: syz-executor139 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 94.182059][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 94.182080][ T5832] Call Trace:
[ 94.182088][ T5832]
[ 94.182097][ T5832] dump_stack_lvl+0x189/0x250
[ 94.182134][ T5832] ? __kasan_check_byte+0x12/0x40
[ 94.182164][ T5832] ? __pfx_dump_stack_lvl+0x10/0x10
[ 94.182195][ T5832] ? lock_release+0x4b/0x3e0
[ 94.182227][ T5832] ? __virt_addr_valid+0x4a5/0x5c0
[ 94.182262][ T5832] print_report+0xca/0x240
[ 94.182289][ T5832] ? dtSearch+0x16b4/0x21b0
[ 94.182313][ T5832] kasan_report+0x118/0x150
[ 94.182342][ T5832] ? dtSearch+0x16b4/0x21b0
[ 94.182371][ T5832] dtSearch+0x16b4/0x21b0
[ 94.182415][ T5832] jfs_lookup+0x155/0x380
[ 94.182444][ T5832] ? __pfx_jfs_lookup+0x10/0x10
[ 94.182472][ T5832] ? d_alloc_parallel+0x14c5/0x1600
[ 94.182506][ T5832] ? __pfx_d_alloc_parallel+0x10/0x10
[ 94.182530][ T5832] ? __rt_spin_lock_init+0x3e/0x50
[ 94.182555][ T5832] path_openat+0x110d/0x3840
[ 94.182597][ T5832] ? __pfx_path_openat+0x10/0x10
[ 94.182626][ T5832] ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 94.182662][ T5832] ? lockdep_hardirqs_on+0x9c/0x150
[ 94.182690][ T5832] ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 94.182722][ T5832] do_filp_open+0x1fa/0x410
[ 94.182746][ T5832] ? __pfx_do_filp_open+0x10/0x10
[ 94.182768][ T5832] ? rt_mutex_slowunlock+0x493/0x8a0
[ 94.182803][ T5832] ? alloc_fd+0x64f/0x6c0
[ 94.182845][ T5832] do_sys_openat2+0x121/0x1c0
[ 94.182868][ T5832] ? __pfx_do_sys_openat2+0x10/0x10
[ 94.182887][ T5832] ? __se_sys_mount+0x3c8/0x410
[ 94.182920][ T5832] ? __pfx___se_sys_mount+0x10/0x10
[ 94.182953][ T5832] __x64_sys_open+0x11e/0x150
[ 94.182976][ T5832] do_syscall_64+0xfa/0x3b0
[ 94.183005][ T5832] ? lockdep_hardirqs_on+0x9c/0x150
[ 94.183031][ T5832] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.183053][ T5832] ? clear_bhb_loop+0x60/0xb0
[ 94.183078][ T5832] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.183099][ T5832] RIP: 0033:0x7ff2dec76a89
[ 94.183123][ T5832] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 1c 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 94.183141][ T5832] RSP: 002b:00007ffe612ec838 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 94.183165][ T5832] RAX: ffffffffffffffda RBX: 00007ffe612ec890 RCX: 00007ff2dec76a89
[ 94.183181][ T5832] RDX: 0000000000000000 RSI: 0000000000000081 RDI: 00002000000003c0
[ 94.183194][ T5832] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 94.183206][ T5832] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff2decf05e0
[ 94.183220][ T5832] R13: 0000000000000004 R14: 431bde82d7b634db R15: 00007ff2decb903b
[ 94.183244][ T5832]
[ 94.183251][ T5832]
[ 94.183256][ T5832] The buggy address belongs to the object at ffff8880424393a0
[ 94.183256][ T5832] which belongs to the cache jfs_ip of size 2384
[ 94.183274][ T5832] The buggy address is located 1908 bytes inside of
[ 94.183274][ T5832] allocated 2384-byte region [ffff8880424393a0, ffff888042439cf0)
[ 94.183296][ T5832]
[ 94.183302][ T5832] The buggy address belongs to the physical page:
[ 94.183321][ T5832] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x42438
[ 94.183344][ T5832] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 94.183361][ T5832] flags: 0x80000000000040(head|node=0|zone=1)
[ 94.183382][ T5832] page_type: f5(slab)
[ 94.183400][ T5832] raw: 0080000000000040 ffff888146efc140 dead000000000122 0000000000000000
[ 94.183418][ T5832] raw: 0000000000000000 00000000800d000d 00000000f5000000 0000000000000000
[ 94.183437][ T5832] head: 0080000000000040 ffff888146efc140 dead000000000122 0000000000000000
[ 94.183454][ T5832] head: 0000000000000000 00000000800d000d 00000000f5000000 0000000000000000
[ 94.183472][ T5832] head: 0080000000000003 ffffea0001090e01 00000000ffffffff 00000000ffffffff
[ 94.183489][ T5832] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000008
[ 94.183500][ T5832] page dumped because: kasan: bad access detected
[ 94.183514][ T5832] page_owner tracks the page as allocated
[ 94.183521][ T5832] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd2050(__GFP_RECLAIMABLE|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5832, tgid 5832 (syz-executor139), ts 94160007013, free_ts 0
[ 94.183558][ T5832] post_alloc_hook+0x240/0x2a0
[ 94.183587][ T5832] get_page_from_freelist+0x2119/0x21b0
[ 94.183606][ T5832] __alloc_frozen_pages_noprof+0x181/0x370
[ 94.183625][ T5832] alloc_pages_mpol+0xd1/0x380
[ 94.183650][ T5832] allocate_slab+0x8a/0x370
[ 94.183668][ T5832] ___slab_alloc+0x8d1/0xdd0
[ 94.183697][ T5832] kmem_cache_alloc_lru_noprof+0xea/0x310
[ 94.183723][ T5832] jfs_alloc_inode+0x28/0x70
[ 94.183744][ T5832] alloc_inode+0x6a/0x1b0
[ 94.183768][ T5832] new_inode+0x22/0x170
[ 94.183793][ T5832] diReadSpecial+0x52/0x710
[ 94.183809][ T5832] jfs_mount+0x174/0x870
[ 94.183842][ T5832] jfs_fill_super+0x6bc/0xd80
[ 94.183862][ T5832] get_tree_bdev_flags+0x40e/0x4d0
[ 94.183885][ T5832] vfs_get_tree+0x92/0x2b0
[ 94.183908][ T5832] do_new_mount+0x2a2/0x9e0
[ 94.183933][ T5832] page_owner free stack trace missing
[ 94.183941][ T5832]
[ 94.183945][ T5832] Memory state around the buggy address:
[ 94.183957][ T5832] ffff888042439a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 94.183971][ T5832] ffff888042439a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 94.183985][ T5832] >ffff888042439b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 94.183996][ T5832] ^
[ 94.184006][ T5832] ffff888042439b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 94.184020][ T5832] ffff888042439c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 94.184031][ T5832] ==================================================================
[ 94.184073][ T5832] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 94.184090][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: syz-executor139 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 94.184115][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 94.184128][ T5832] Call Trace:
[ 94.184135][ T5832]
[ 94.184144][ T5832] dump_stack_lvl+0x99/0x250
[ 94.184177][ T5832] ? __asan_memcpy+0x40/0x70
[ 94.184199][ T5832] ? __pfx_dump_stack_lvl+0x10/0x10
[ 94.184231][ T5832] ? __pfx__printk+0x10/0x10
[ 94.184260][ T5832] vpanic+0x281/0x750
[ 94.184290][ T5832] ? preempt_schedule+0xae/0xc0
[ 94.184317][ T5832] ? __pfx_vpanic+0x10/0x10
[ 94.184346][ T5832] ? preempt_schedule_common+0x83/0xd0
[ 94.184372][ T5832] ? preempt_schedule+0xae/0xc0
[ 94.184397][ T5832] ? __pfx_preempt_schedule+0x10/0x10
[ 94.184427][ T5832] panic+0xb9/0xc0
[ 94.184456][ T5832] ? __pfx_panic+0x10/0x10
[ 94.184488][ T5832] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 94.184521][ T5832] ? dtSearch+0x16b4/0x21b0
[ 94.184546][ T5832] check_panic_on_warn+0x89/0xb0
[ 94.184567][ T5832] ? dtSearch+0x16b4/0x21b0
[ 94.184591][ T5832] end_report+0x78/0x160
[ 94.184617][ T5832] kasan_report+0x129/0x150
[ 94.184646][ T5832] ? dtSearch+0x16b4/0x21b0
[ 94.184675][ T5832] dtSearch+0x16b4/0x21b0
[ 94.184717][ T5832] jfs_lookup+0x155/0x380
[ 94.184747][ T5832] ? __pfx_jfs_lookup+0x10/0x10
[ 94.184774][ T5832] ? d_alloc_parallel+0x14c5/0x1600
[ 94.184808][ T5832] ? __pfx_d_alloc_parallel+0x10/0x10
[ 94.184842][ T5832] ? __rt_spin_lock_init+0x3e/0x50
[ 94.184869][ T5832] path_openat+0x110d/0x3840
[ 94.184911][ T5832] ? __pfx_path_openat+0x10/0x10
[ 94.184941][ T5832] ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 94.184971][ T5832] ? lockdep_hardirqs_on+0x9c/0x150
[ 94.185004][ T5832] ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 94.185034][ T5832] do_filp_open+0x1fa/0x410
[ 94.185060][ T5832] ? __pfx_do_filp_open+0x10/0x10
[ 94.185082][ T5832] ? rt_mutex_slowunlock+0x493/0x8a0
[ 94.185116][ T5832] ? alloc_fd+0x64f/0x6c0
[ 94.185150][ T5832] do_sys_openat2+0x121/0x1c0
[ 94.185173][ T5832] ? __pfx_do_sys_openat2+0x10/0x10
[ 94.185192][ T5832] ? __se_sys_mount+0x3c8/0x410
[ 94.185225][ T5832] ? __pfx___se_sys_mount+0x10/0x10
[ 94.185257][ T5832] __x64_sys_open+0x11e/0x150
[ 94.185280][ T5832] do_syscall_64+0xfa/0x3b0
[ 94.185309][ T5832] ? lockdep_hardirqs_on+0x9c/0x150
[ 94.185336][ T5832] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.185358][ T5832] ? clear_bhb_loop+0x60/0xb0
[ 94.185381][ T5832] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.185402][ T5832] RIP: 0033:0x7ff2dec76a89
[ 94.185420][ T5832] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 1c 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 94.185437][ T5832] RSP: 002b:00007ffe612ec838 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 94.185459][ T5832] RAX: ffffffffffffffda RBX: 00007ffe612ec890 RCX: 00007ff2dec76a89
[ 94.185475][ T5832] RDX: 0000000000000000 RSI: 0000000000000081 RDI: 00002000000003c0
[ 94.185489][ T5832] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 94.185501][ T5832] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff2decf05e0
[ 94.185515][ T5832] R13: 0000000000000004 R14: 431bde82d7b634db R15: 00007ff2decb903b
[ 94.185539][ T5832]
[ 94.185875][ T5832] Kernel Offset: disabled