Warning: Permanently added '10.128.0.242' (ED25519) to the list of known hosts.
2026/01/23 07:40:34 parsed 1 programs
[   57.659997][ T4189] cgroup: Unknown subsys name 'net'
[   57.809610][ T4189] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   59.161762][ T4189] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
[   61.962381][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.974133][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.985510][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   62.008858][ T1283] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.017303][ T1283] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.027709][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   62.685545][ T4276] chnl_net:caif_netlink_parms(): no params data found
[   62.725986][ T4276] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.733394][ T4276] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.741306][ T4276] device bridge_slave_0 entered promiscuous mode
[   62.749739][ T4276] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.756962][ T4276] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.764985][ T4276] device bridge_slave_1 entered promiscuous mode
[   62.784310][ T4276] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.795247][ T4276] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.815941][ T4276] team0: Port device team_slave_0 added
[   62.823154][ T4276] team0: Port device team_slave_1 added
[   62.839123][ T4276] batman_adv: batadv0: Adding interface: batadv_slave_0
[   62.846196][ T4276] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.872142][ T4276] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   62.903238][ T4276] batman_adv: batadv0: Adding interface: batadv_slave_1
[   62.910252][ T4276] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.936226][ T4276] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   62.964836][ T4276] device hsr_slave_0 entered promiscuous mode
[   62.971672][ T4276] device hsr_slave_1 entered promiscuous mode
[   63.092561][ T4276] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   63.102755][ T4276] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   63.111308][ T4276] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   63.120004][ T4276] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   63.190828][ T4276] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.205790][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   63.215361][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   63.224811][ T4276] 8021q: adding VLAN 0 to HW filter on device team0
[   63.245729][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   63.255642][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   63.265745][  T154] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.272975][  T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.282172][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   63.305684][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   63.314376][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   63.322834][  T154] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.330023][  T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.337970][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   63.346776][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   63.355514][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   63.364233][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   63.372550][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   63.381394][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   63.389986][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   63.398767][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   63.427872][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   63.437651][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   63.446249][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   63.457653][ T4276] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   63.565562][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   63.573155][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   63.585830][ T4276] 8021q: adding VLAN 0 to HW filter on device batadv0
[   63.602302][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   63.611258][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   63.628675][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   63.637804][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   63.647085][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   63.655147][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   63.665708][ T4276] device veth0_vlan entered promiscuous mode
[   63.693014][ T4276] device veth1_vlan entered promiscuous mode
[   63.711412][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   63.719944][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   63.729229][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   63.740451][ T4276] device veth0_macvtap entered promiscuous mode
[   63.768072][ T4276] device veth1_macvtap entered promiscuous mode
[   63.782470][ T4276] batman_adv: batadv0: Interface activated: batadv_slave_0
[   63.791159][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   63.800470][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   63.809698][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   63.821159][ T4276] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.833958][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   63.843243][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   63.863819][ T4276] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.872617][ T4276] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.881640][ T4276] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.890605][ T4276] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.011420][ T4276] syz-executor (4276) used greatest stack depth: 20880 bytes left
2026/01/23 07:40:43 executed programs: 0
[   64.679539][ T4302] chnl_net:caif_netlink_parms(): no params data found
[   64.741597][ T4302] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.749849][ T4302] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.759506][ T4302] device bridge_slave_0 entered promiscuous mode
[   64.769223][ T4302] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.777692][ T4302] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.787183][ T4302] device bridge_slave_1 entered promiscuous mode
[   64.813173][ T4302] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   64.827877][ T4302] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.860486][ T4302] team0: Port device team_slave_0 added
[   64.869199][ T4302] team0: Port device team_slave_1 added
[   64.896582][ T4302] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.903968][ T4302] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.932461][ T4302] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.946177][ T4302] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.953136][ T4302] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.982175][ T4302] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.021143][ T4302] device hsr_slave_0 entered promiscuous mode
[   65.028761][ T4302] device hsr_slave_1 entered promiscuous mode
[   65.035317][ T4302] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   65.043100][ T4302] Cannot create hsr debugfs directory
[   65.136919][ T4302] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.624183][ T4262] Bluetooth: hci0: command 0x0409 tx timeout
[   68.330776][ T4302] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.704655][ T4265] Bluetooth: hci0: command 0x041b tx timeout
[   69.589103][ T4302] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.668887][ T4302] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.842101][ T4302] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   69.852876][ T4302] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   69.863444][ T4302] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   69.883962][ T4302] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   69.932854][ T4302] 8021q: adding VLAN 0 to HW filter on device bond0
[   69.958328][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   69.966268][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   69.977474][ T4302] 8021q: adding VLAN 0 to HW filter on device team0
[   69.991131][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   70.000190][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   70.008913][  T154] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.016027][  T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.024221][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   70.044329][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   70.052953][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   70.062788][  T154] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.069891][  T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.080311][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   70.091201][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   70.105447][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   70.114440][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   70.122961][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   70.137306][    T9] device hsr_slave_0 left promiscuous mode
[   70.144628][    T9] device hsr_slave_1 left promiscuous mode
[   70.151390][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   70.159389][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[   70.168309][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   70.175984][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[   70.183960][    T9] device bridge_slave_1 left promiscuous mode
[   70.190551][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.202896][    T9] device bridge_slave_0 left promiscuous mode
[   70.209252][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.224817][    T9] device veth1_macvtap left promiscuous mode
[   70.230944][    T9] device veth0_macvtap left promiscuous mode
[   70.237277][    T9] device veth1_vlan left promiscuous mode
[   70.243176][    T9] device veth0_vlan left promiscuous mode
[   70.381941][    T9] team0 (unregistering): Port device team_slave_1 removed
[   70.396835][    T9] team0 (unregistering): Port device team_slave_0 removed
[   70.409025][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   70.424572][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   70.477924][    T9] bond0 (unregistering): Released all slaves
[   70.533376][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   70.542229][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   70.552690][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   70.561382][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   70.575398][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   70.584059][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   70.594307][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   70.687966][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   70.695750][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   70.707587][ T4302] 8021q: adding VLAN 0 to HW filter on device batadv0
[   70.730769][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   70.740840][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   70.755496][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   70.765379][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   70.774794][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   70.782473][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   70.790129][ T4262] Bluetooth: hci0: command 0x040f tx timeout
[   70.797918][ T4302] device veth0_vlan entered promiscuous mode
[   70.812674][ T4302] device veth1_vlan entered promiscuous mode
[   70.831930][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   70.840305][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   70.848472][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   70.857274][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   70.868500][ T4302] device veth0_macvtap entered promiscuous mode
[   70.879259][ T4302] device veth1_macvtap entered promiscuous mode
[   70.897020][ T4302] batman_adv: batadv0: Interface activated: batadv_slave_0
[   70.905931][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   70.914503][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   70.922588][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   70.933670][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   70.945299][ T4302] batman_adv: batadv0: Interface activated: batadv_slave_1
[   70.954686][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   70.963650][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   70.973950][ T4302] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   70.982837][ T4302] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   70.992912][ T4302] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.002137][ T4302] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.037723][ T1424] ieee802154 phy0 wpan0: encryption failed: -22
[   71.044377][ T1424] ieee802154 phy1 wpan1: encryption failed: -22
[   71.091767][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.100097][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.111366][ T1283] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   71.141807][ T1283] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.150356][ T1283] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.159858][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   71.420285][ T4321] loop0: detected capacity change from 0 to 32768
[   71.446285][ T4321] 
[   71.446285][ T4321]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   71.446285][ T4321] 
[   71.470003][ T4321] read_mapping_page failed!
[   71.476494][ T4321] ERROR: (device loop0): txCommit: 
[   71.476494][ T4321] 
[   71.487219][ T4321] read_mapping_page failed!
[   71.491911][ T4321] ERROR: (device loop0): txCommit: 
[   71.491911][ T4321] 
[   71.503060][ T4321] ==================================================================
[   71.511278][ T4321] BUG: KASAN: slab-out-of-bounds in dtSplitPage+0x1066/0x3200
[   71.518752][ T4321] Read of size 1 at addr ffff88805cc4b775 by task syz.0.17/4321
[   71.526390][ T4321] 
[   71.528741][ T4321] CPU: 0 PID: 4321 Comm: syz.0.17 Not tainted syzkaller #0
[   71.536100][ T4321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   71.546187][ T4321] Call Trace:
[   71.549480][ T4321]  <TASK>
[   71.552422][ T4321]  dump_stack_lvl+0x188/0x250
[   71.557129][ T4321]  ? show_regs_print_info+0x20/0x20
[   71.562362][ T4321]  ? _printk+0xda/0x130
[   71.566545][ T4321]  ? load_image+0x400/0x400
[   71.571092][ T4321]  ? _raw_spin_lock_irqsave+0xbc/0x100
[   71.576586][ T4321]  ? unlock_page+0x17c/0x1f0
[   71.581214][ T4321]  print_address_description+0x60/0x2d0
[   71.586793][ T4321]  ? dtSplitPage+0x1066/0x3200
[   71.591587][ T4321]  kasan_report+0xdf/0x130
[   71.596022][ T4321]  ? dtSplitPage+0x1066/0x3200
[   71.600816][ T4321]  dtSplitPage+0x1066/0x3200
[   71.605439][ T4321]  ? __lock_acquire+0x7d10/0x7d10
[   71.610503][ T4321]  ? dbAlloc+0x7ac/0xba0
[   71.614772][ T4321]  dtInsert+0xff4/0x5830
[   71.619048][ T4321]  ? lockdep_hardirqs_on+0x94/0x140
[   71.624286][ T4321]  ? UniStrupr+0x2e0/0x2e0
[   71.628717][ T4321]  ? do_raw_spin_lock+0x128/0x2f0
[   71.633761][ T4321]  ? __rwlock_init+0x140/0x140
[   71.638566][ T4321]  jfs_create+0x730/0xad0
[   71.642918][ T4321]  ? jfs_lookup+0x420/0x420
[   71.647441][ T4321]  ? jfs_get_parent+0xa0/0xa0
[   71.652176][ T4321]  ? make_kgid+0x660/0x660
[   71.656626][ T4321]  ? generic_permission+0x230/0x510
[   71.661850][ T4321]  ? inode_permission+0xef/0x480
[   71.666807][ T4321]  ? bpf_lsm_inode_create+0x5/0x10
[   71.671944][ T4321]  ? security_inode_create+0xb3/0x100
[   71.677337][ T4321]  ? jfs_lookup+0x420/0x420
[   71.681871][ T4321]  path_openat+0x11db/0x2fa0
[   71.686511][ T4321]  ? do_filp_open+0x410/0x410
[   71.691233][ T4321]  do_filp_open+0x1e2/0x410
[   71.695756][ T4321]  ? vfs_tmpfile+0x300/0x300
[   71.700382][ T4321]  ? _raw_spin_unlock+0x24/0x40
[   71.705245][ T4321]  ? alloc_fd+0x598/0x630
[   71.709602][ T4321]  do_sys_openat2+0x150/0x4b0
[   71.714292][ T4321]  ? __lock_acquire+0x7d10/0x7d10
[   71.719341][ T4321]  ? do_sys_open+0xe0/0xe0
[   71.723782][ T4321]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[   71.729787][ T4321]  ? lock_chain_count+0x20/0x20
[   71.734652][ T4321]  ? vtime_user_exit+0x2c8/0x3e0
[   71.739612][ T4321]  __x64_sys_openat+0x135/0x160
[   71.744481][ T4321]  do_syscall_64+0x4c/0xa0
[   71.748916][ T4321]  ? clear_bhb_loop+0x30/0x80
[   71.753610][ T4321]  ? clear_bhb_loop+0x30/0x80
[   71.758305][ T4321]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   71.764223][ T4321] RIP: 0033:0x7fced636acb9
[   71.768652][ T4321] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   71.788278][ T4321] RSP: 002b:00007ffc3c6d62e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   71.796713][ T4321] RAX: ffffffffffffffda RBX: 00007fced65e5fa0 RCX: 00007fced636acb9
[   71.804710][ T4321] RDX: 0000000000183341 RSI: 0000200000000080 RDI: ffffffffffffff9c
[   71.812695][ T4321] RBP: 00007fced63d8bf7 R08: 0000000000000000 R09: 0000000000000000
[   71.820675][ T4321] R10: 0000000000000050 R11: 0000000000000246 R12: 0000000000000000
[   71.828663][ T4321] R13: 00007fced65e5fac R14: 00007fced65e5fa0 R15: 00007fced65e5fa0
[   71.836767][ T4321]  </TASK>
[   71.839812][ T4321] 
[   71.842145][ T4321] Allocated by task 4321:
[   71.846563][ T4321]  __kasan_slab_alloc+0x9c/0xd0
[   71.851551][ T4321]  slab_post_alloc_hook+0x4c/0x380
[   71.856699][ T4321]  kmem_cache_alloc+0x100/0x290
[   71.861570][ T4321]  jfs_alloc_inode+0x17/0x50
[   71.866173][ T4321]  iget_locked+0x191/0x820
[   71.870612][ T4321]  jfs_iget+0x20/0x3f0
[   71.874694][ T4321]  jfs_lookup+0x21d/0x420
[   71.879041][ T4321]  __lookup_slow+0x29d/0x410
[   71.883652][ T4321]  lookup_slow+0x53/0x70
[   71.887937][ T4321]  walk_component+0x319/0x460
[   71.892634][ T4321]  path_lookupat+0x169/0x440
[   71.897242][ T4321]  filename_lookup+0x214/0x540
[   71.902031][ T4321]  user_path_at_empty+0x40/0x190
[   71.907069][ T4321]  __se_sys_chdir+0x98/0x280
[   71.911693][ T4321]  do_syscall_64+0x4c/0xa0
[   71.916405][ T4321]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   71.922326][ T4321] 
[   71.924654][ T4321] The buggy address belongs to the object at ffff88805cc4ae40
[   71.924654][ T4321]  which belongs to the cache jfs_ip of size 2240
[   71.938365][ T4321] The buggy address is located 117 bytes to the right of
[   71.938365][ T4321]  2240-byte region [ffff88805cc4ae40, ffff88805cc4b700)
[   71.952255][ T4321] The buggy address belongs to the page:
[   71.957905][ T4321] page:ffffea0001731200 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5cc48
[   71.968068][ T4321] head:ffffea0001731200 order:3 compound_mapcount:0 compound_pincount:0
[   71.976404][ T4321] memcg:ffff88807e654e01
[   71.980653][ T4321] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[   71.988650][ T4321] raw: 00fff00000010200 0000000000000000 dead000000000122 ffff888146111dc0
[   71.997258][ T4321] raw: 0000000000000000 00000000800d000d 00000001ffffffff ffff88807e654e01
[   72.005859][ T4321] page dumped because: kasan: bad access detected
[   72.012288][ T4321] page_owner tracks the page as allocated
[   72.018015][ T4321] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 4321, ts 71441211355, free_ts 60812170520
[   72.039778][ T4321]  get_page_from_freelist+0x1bbd/0x1ca0
[   72.045348][ T4321]  __alloc_pages+0x1ee/0x480
[   72.049953][ T4321]  new_slab+0xc0/0x4b0
[   72.054035][ T4321]  ___slab_alloc+0x80a/0xdd0
[   72.058633][ T4321]  kmem_cache_alloc+0x195/0x290
[   72.063489][ T4321]  jfs_alloc_inode+0x17/0x50
[   72.068095][ T4321]  new_inode_pseudo+0x5f/0x210
[   72.072883][ T4321]  new_inode+0x25/0x1c0
[   72.077059][ T4321]  diReadSpecial+0x4e/0x700
[   72.081597][ T4321]  jfs_mount+0x6f/0x860
[   72.085762][ T4321]  jfs_fill_super+0x511/0xb00
[   72.090453][ T4321]  mount_bdev+0x287/0x3c0
[   72.094798][ T4321]  legacy_get_tree+0xe6/0x180
[   72.099494][ T4321]  vfs_get_tree+0x88/0x270
[   72.103929][ T4321]  do_new_mount+0x24a/0xa40
[   72.108458][ T4321]  __se_sys_mount+0x2e3/0x3d0
[   72.113151][ T4321] page last free stack trace:
[   72.117851][ T4321]  free_unref_page_prepare+0x637/0x6c0
[   72.123347][ T4321]  free_unref_page+0x8f/0x2a0
[   72.128039][ T4321]  __vunmap+0x8b9/0xa50
[   72.132217][ T4321]  kcov_close+0x27/0x50
[   72.136390][ T4321]  __fput+0x234/0x930
[   72.140385][ T4321]  task_work_run+0x125/0x1a0
[   72.144989][ T4321]  do_exit+0x626/0x20c0
[   72.149161][ T4321]  do_group_exit+0x12e/0x300
[   72.153777][ T4321]  get_signal+0x6ca/0x12c0
[   72.158219][ T4321]  arch_do_signal_or_restart+0xe7/0x12c0
[   72.164044][ T4321]  exit_to_user_mode_loop+0x9e/0x130
[   72.169449][ T4321]  exit_to_user_mode_prepare+0xee/0x180
[   72.175017][ T4321]  syscall_exit_to_user_mode+0x16/0x40
[   72.180493][ T4321]  do_syscall_64+0x58/0xa0
[   72.184935][ T4321]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   72.190851][ T4321] 
[   72.193187][ T4321] Memory state around the buggy address:
[   72.198831][ T4321]  ffff88805cc4b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   72.206910][ T4321]  ffff88805cc4b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   72.214988][ T4321] >ffff88805cc4b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   72.223054][ T4321]                                                              ^
[   72.230780][ T4321]  ffff88805cc4b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   72.238852][ T4321]  ffff88805cc4b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   72.246928][ T4321] ==================================================================
[   72.255004][ T4321] Disabling lock debugging due to kernel taint
[   72.283032][ T4321] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   72.290272][ T4321] CPU: 0 PID: 4321 Comm: syz.0.17 Tainted: G    B             syzkaller #0
[   72.298870][ T4321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   72.308931][ T4321] Call Trace:
[   72.312217][ T4321]  <TASK>
[   72.315154][ T4321]  dump_stack_lvl+0x188/0x250
[   72.319870][ T4321]  ? show_regs_print_info+0x20/0x20
[   72.325097][ T4321]  ? load_image+0x400/0x400
[   72.329618][ T4321]  panic+0x2e5/0x810
[   72.333535][ T4321]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[   72.339722][ T4321]  ? bpf_jit_dump+0xd0/0xd0
[   72.344246][ T4321]  ? _raw_spin_unlock_irqrestore+0x10d/0x120
[   72.350242][ T4321]  ? _raw_spin_unlock+0x40/0x40
[   72.355105][ T4321]  ? dtSplitPage+0x1066/0x3200
[   72.359881][ T4321]  check_panic_on_warn+0x80/0xa0
[   72.364836][ T4321]  ? dtSplitPage+0x1066/0x3200
[   72.369620][ T4321]  end_report+0x6d/0xf0
[   72.373792][ T4321]  kasan_report+0x102/0x130
[   72.378318][ T4321]  ? dtSplitPage+0x1066/0x3200
[   72.383101][ T4321]  dtSplitPage+0x1066/0x3200
[   72.387714][ T4321]  ? __lock_acquire+0x7d10/0x7d10
[   72.392813][ T4321]  ? dbAlloc+0x7ac/0xba0
[   72.397070][ T4321]  dtInsert+0xff4/0x5830
[   72.401324][ T4321]  ? lockdep_hardirqs_on+0x94/0x140
[   72.406537][ T4321]  ? UniStrupr+0x2e0/0x2e0
[   72.410962][ T4321]  ? do_raw_spin_lock+0x128/0x2f0
[   72.416009][ T4321]  ? __rwlock_init+0x140/0x140
[   72.420785][ T4321]  jfs_create+0x730/0xad0
[   72.425132][ T4321]  ? jfs_lookup+0x420/0x420
[   72.429637][ T4321]  ? jfs_get_parent+0xa0/0xa0
[   72.434324][ T4321]  ? make_kgid+0x660/0x660
[   72.438750][ T4321]  ? generic_permission+0x230/0x510
[   72.443961][ T4321]  ? inode_permission+0xef/0x480
[   72.448898][ T4321]  ? bpf_lsm_inode_create+0x5/0x10
[   72.454026][ T4321]  ? security_inode_create+0xb3/0x100
[   72.459424][ T4321]  ? jfs_lookup+0x420/0x420
[   72.463924][ T4321]  path_openat+0x11db/0x2fa0
[   72.468523][ T4321]  ? do_filp_open+0x410/0x410
[   72.473203][ T4321]  do_filp_open+0x1e2/0x410
[   72.477726][ T4321]  ? vfs_tmpfile+0x300/0x300
[   72.482351][ T4321]  ? _raw_spin_unlock+0x24/0x40
[   72.487215][ T4321]  ? alloc_fd+0x598/0x630
[   72.491556][ T4321]  do_sys_openat2+0x150/0x4b0
[   72.496230][ T4321]  ? __lock_acquire+0x7d10/0x7d10
[   72.501265][ T4321]  ? do_sys_open+0xe0/0xe0
[   72.505685][ T4321]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[   72.511668][ T4321]  ? lock_chain_count+0x20/0x20
[   72.516526][ T4321]  ? vtime_user_exit+0x2c8/0x3e0
[   72.521467][ T4321]  __x64_sys_openat+0x135/0x160
[   72.526321][ T4321]  do_syscall_64+0x4c/0xa0
[   72.530741][ T4321]  ? clear_bhb_loop+0x30/0x80
[   72.535425][ T4321]  ? clear_bhb_loop+0x30/0x80
[   72.540107][ T4321]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   72.546006][ T4321] RIP: 0033:0x7fced636acb9
[   72.550424][ T4321] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   72.570034][ T4321] RSP: 002b:00007ffc3c6d62e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   72.578456][ T4321] RAX: ffffffffffffffda RBX: 00007fced65e5fa0 RCX: 00007fced636acb9
[   72.586434][ T4321] RDX: 0000000000183341 RSI: 0000200000000080 RDI: ffffffffffffff9c
[   72.594405][ T4321] RBP: 00007fced63d8bf7 R08: 0000000000000000 R09: 0000000000000000
[   72.602375][ T4321] R10: 0000000000000050 R11: 0000000000000246 R12: 0000000000000000
[   72.610350][ T4321] R13: 00007fced65e5fac R14: 00007fced65e5fa0 R15: 00007fced65e5fa0
[   72.618335][ T4321]  </TASK>
[   72.621637][ T4321] Kernel Offset: disabled
[   72.625980][ T4321] Rebooting in 86400 seconds..