[   92.054863][    T9] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.0.153' (ED25519) to the list of known hosts.
2025/11/10 15:11:00 parsed 1 programs
[   99.386247][ T5805] cgroup: Unknown subsys name 'net'
[   99.647333][ T5805] cgroup: Unknown subsys name 'cpuset'
[   99.702017][ T5805] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[  101.743686][ T5805] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  104.649552][   T61] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  104.653740][   T61] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  104.654634][   T61] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  104.655975][   T61] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  104.657033][   T61] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  106.085596][ T5835] chnl_net:caif_netlink_parms(): no params data found
[  106.512737][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.513596][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.513781][ T5835] bridge_slave_0: entered allmulticast mode
[  106.515786][ T5835] bridge_slave_0: entered promiscuous mode
[  106.538290][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.538442][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.538674][ T5835] bridge_slave_1: entered allmulticast mode
[  106.544828][ T5835] bridge_slave_1: entered promiscuous mode
[  106.720055][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  106.725974][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  106.885527][ T5835] team0: Port device team_slave_0 added
[  106.889605][ T5835] team0: Port device team_slave_1 added
[  107.184525][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0
[  107.184540][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  107.184566][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  107.187234][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1
[  107.187250][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  107.187276][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  107.389816][ T5835] hsr_slave_0: entered promiscuous mode
[  107.391635][ T5835] hsr_slave_1: entered promiscuous mode
[  107.810300][ T5835] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  107.828415][ T5835] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  107.865550][ T5835] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  107.906314][ T5835] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  108.026040][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.118220][ T5835] 8021q: adding VLAN 0 to HW filter on device team0
[  108.133779][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.134483][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  108.138174][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.138274][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  108.420404][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.469880][ T5835] veth0_vlan: entered promiscuous mode
[  108.482487][ T5835] veth1_vlan: entered promiscuous mode
[  108.516242][ T5835] veth0_macvtap: entered promiscuous mode
[  108.520556][ T5835] veth1_macvtap: entered promiscuous mode
[  108.542666][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0
[  108.550381][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1
[  108.578727][   T69] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  108.578800][   T69] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  108.578841][   T69] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  108.578881][   T69] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.357020][   T37] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.593670][   T37] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.875122][   T37] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.395812][   T37] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.129129][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.129152][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.190790][ T2129] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.190838][ T2129] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.521492][   T37] bridge_slave_1: left allmulticast mode
[  111.521638][   T37] bridge_slave_1: left promiscuous mode
[  111.523283][   T37] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.602988][   T37] bridge_slave_0: left allmulticast mode
[  111.603019][   T37] bridge_slave_0: left promiscuous mode
[  111.603274][   T37] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.352383][   T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  113.432106][   T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  113.453874][   T37] bond0 (unregistering): Released all slaves
[  113.825975][   T37] hsr_slave_0: left promiscuous mode
[  113.869073][   T37] hsr_slave_1: left promiscuous mode
[  113.870276][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  113.870343][   T37] batman_adv: batadv0: Removing interface: batadv_slave_0
[  113.953867][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  113.953898][   T37] batman_adv: batadv0: Removing interface: batadv_slave_1
[  114.089867][   T37] veth1_macvtap: left promiscuous mode
[  114.090104][   T37] veth0_macvtap: left promiscuous mode
[  114.090406][   T37] veth1_vlan: left promiscuous mode
[  114.090713][   T37] veth0_vlan: left promiscuous mode
[  116.181928][   T37] team0 (unregistering): Port device team_slave_1 removed
[  116.401989][   T37] team0 (unregistering): Port device team_slave_0 removed
2025/11/10 15:11:29 executed programs: 0
[  124.142249][   T61] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  124.154129][   T61] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  124.159603][   T61] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  124.160954][   T61] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  124.162181][   T61] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  124.539248][ T5977] chnl_net:caif_netlink_parms(): no params data found
[  124.914426][ T5977] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.914570][ T5977] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.914711][ T5977] bridge_slave_0: entered allmulticast mode
[  124.916618][ T5977] bridge_slave_0: entered promiscuous mode
[  124.961754][ T5977] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.961921][ T5977] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.962130][ T5977] bridge_slave_1: entered allmulticast mode
[  124.964202][ T5977] bridge_slave_1: entered promiscuous mode
[  125.136950][ T5977] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  125.143349][ T5977] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  125.317319][ T5977] team0: Port device team_slave_0 added
[  125.319931][ T5977] team0: Port device team_slave_1 added
[  125.553197][ T5977] batman_adv: batadv0: Adding interface: batadv_slave_0
[  125.553214][ T5977] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  125.553245][ T5977] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  125.555062][ T5977] batman_adv: batadv0: Adding interface: batadv_slave_1
[  125.555077][ T5977] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  125.555102][ T5977] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  125.759328][ T5977] hsr_slave_0: entered promiscuous mode
[  125.760338][ T5977] hsr_slave_1: entered promiscuous mode
[  126.213600][   T61] Bluetooth: hci0: command tx timeout
[  127.397756][ T5977] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  127.427196][ T5977] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  127.470468][ T5977] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  127.508358][ T5977] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  127.695184][ T5977] 8021q: adding VLAN 0 to HW filter on device bond0
[  127.726784][ T5977] 8021q: adding VLAN 0 to HW filter on device team0
[  127.746197][   T69] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.746457][   T69] bridge0: port 1(bridge_slave_0) entered forwarding state
[  127.781090][   T69] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.781476][   T69] bridge0: port 2(bridge_slave_1) entered forwarding state
[  128.155500][ T5977] 8021q: adding VLAN 0 to HW filter on device batadv0
[  128.253420][ T5977] veth0_vlan: entered promiscuous mode
[  128.270144][ T5977] veth1_vlan: entered promiscuous mode
[  128.291573][   T61] Bluetooth: hci0: command tx timeout
[  128.335550][ T5977] veth0_macvtap: entered promiscuous mode
[  128.347750][ T5977] veth1_macvtap: entered promiscuous mode
[  128.379811][ T5977] batman_adv: batadv0: Interface activated: batadv_slave_0
[  128.405047][ T5977] batman_adv: batadv0: Interface activated: batadv_slave_1
[  128.435238][ T2129] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.437550][ T2129] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.437616][ T2129] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.437657][ T2129] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.679204][ T2129] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.679227][ T2129] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.770118][ T2129] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.770139][ T2129] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.938232][ T6064] loop0: detected capacity change from 0 to 128
[  128.964066][ T6064] =======================================================
[  128.964066][ T6064] WARNING: The mand mount option has been deprecated and
[  128.964066][ T6064]          and is ignored by this kernel. Remove the mand
[  128.964066][ T6064]          option from the mount to silence this warning.
[  128.964066][ T6064] =======================================================
[  129.037849][ T6064] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  129.040103][ T6064] hpfs: filesystem error: improperly stopped
[  129.040124][ T6064] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  129.040140][ T6064] hpfs: You really don't want any checks? You are crazy...
[  129.040772][ T6064] hpfs: hpfs_map_sector(): read error
[  129.040785][ T6064] hpfs: code page support is disabled
[  129.054173][ T6064] hpfs: hpfs_map_sector(): read error
2025/11/10 15:11:34 executed programs: 3
[  129.054215][ T6064] hpfs: hpfs_map_sector(): read error
[  129.054238][ T6064] hpfs: hpfs_map_sector(): read error
[  129.054262][ T6064] hpfs: hpfs_map_sector(): read error
[  129.054288][ T6064] hpfs: hpfs_map_4sectors(): unaligned read
[  129.054595][ T6064] hpfs: hpfs_map_4sectors(): unaligned read
[  129.054606][ T6064] hpfs: filesystem error: unable to find root dir
[  129.317985][ T6075] loop0: detected capacity change from 0 to 128
[  129.364655][ T6075] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  129.364716][ T6075] hpfs: filesystem error: improperly stopped
[  129.364731][ T6075] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  129.364745][ T6075] hpfs: You really don't want any checks? You are crazy...
[  129.365295][ T6075] hpfs: hpfs_map_sector(): read error
[  129.365307][ T6075] hpfs: code page support is disabled
[  129.366260][ T6075] hpfs: hpfs_map_sector(): read error
[  129.366294][ T6075] hpfs: hpfs_map_sector(): read error
[  129.366321][ T6075] hpfs: hpfs_map_sector(): read error
[  129.366348][ T6075] hpfs: hpfs_map_sector(): read error
[  129.366358][ T6075] hpfs: hpfs_map_4sectors(): unaligned read
[  129.366457][ T6075] hpfs: hpfs_map_4sectors(): unaligned read
[  129.366468][ T6075] hpfs: filesystem error: unable to find root dir
[  129.503623][ T6078] loop0: detected capacity change from 0 to 128
[  129.531382][ T6078] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  129.531707][ T6078] hpfs: filesystem error: improperly stopped
[  129.531725][ T6078] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  129.531740][ T6078] hpfs: You really don't want any checks? You are crazy...
[  129.532313][ T6078] hpfs: hpfs_map_sector(): read error
[  129.532323][ T6078] hpfs: code page support is disabled
[  129.532552][ T6078] ==================================================================
[  129.532564][ T6078] BUG: KASAN: use-after-free in strcmp+0x6f/0xc0
[  129.532609][ T6078] Read of size 1 at addr ffff888046c838a6 by task syz.0.20/6078
[  129.532627][ T6078] 
[  129.532656][ T6078] CPU: 0 UID: 0 PID: 6078 Comm: syz.0.20 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  129.532680][ T6078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  129.532702][ T6078] Call Trace:
[  129.532714][ T6078]  <TASK>
[  129.532723][ T6078]  dump_stack_lvl+0x189/0x250
[  129.532759][ T6078]  ? __virt_addr_valid+0x1c8/0x5c0
[  129.532794][ T6078]  ? rcu_is_watching+0x15/0xb0
[  129.532813][ T6078]  ? __kasan_check_byte+0x12/0x40
[  129.532845][ T6078]  ? __pfx_dump_stack_lvl+0x10/0x10
[  129.532878][ T6078]  ? rcu_is_watching+0x15/0xb0
[  129.532898][ T6078]  ? lock_release+0x4b/0x3e0
[  129.532930][ T6078]  ? __virt_addr_valid+0x1c8/0x5c0
[  129.532964][ T6078]  ? __virt_addr_valid+0x4a5/0x5c0
[  129.532999][ T6078]  print_report+0xca/0x240
[  129.533032][ T6078]  ? strcmp+0x6f/0xc0
[  129.533062][ T6078]  kasan_report+0x118/0x150
[  129.533094][ T6078]  ? strcmp+0x6f/0xc0
[  129.533130][ T6078]  strcmp+0x6f/0xc0
[  129.533164][ T6078]  hpfs_get_ea+0x114/0xdb0
[  129.533193][ T6078]  ? __pfx_hpfs_get_ea+0x10/0x10
[  129.533218][ T6078]  ? bdev_getblk+0x80/0x660
[  129.533239][ T6078]  ? __pfx___might_resched+0x10/0x10
[  129.533264][ T6078]  ? do_raw_spin_lock+0x121/0x290
[  129.533294][ T6078]  ? __bread_gfp+0xc3/0x3c0
[  129.533316][ T6078]  ? hpfs_map_sector+0x167/0x3a0
[  129.533346][ T6078]  ? hpfs_map_fnode+0x27e/0x6a0
[  129.533373][ T6078]  ? set_normalized_timespec64+0xf0/0x1a0
[  129.533407][ T6078]  hpfs_read_inode+0x19d/0x1010
[  129.533437][ T6078]  ? __pfx_hpfs_read_inode+0x10/0x10
[  129.533462][ T6078]  ? inode_set_ctime_to_ts+0x126/0x2f0
[  129.533486][ T6078]  ? __pfx_inode_set_ctime_to_ts+0x10/0x10
[  129.533516][ T6078]  ? hpfs_init_inode+0x216/0x350
[  129.533544][ T6078]  hpfs_fill_super+0x12a9/0x2050
[  129.533586][ T6078]  ? __pfx_hpfs_fill_super+0x10/0x10
[  129.533618][ T6078]  ? __pfx_snprintf+0x10/0x10
[  129.533640][ T6078]  ? set_blocksize+0x219/0x450
[  129.533672][ T6078]  ? rt_spin_unlock+0x150/0x200
[  129.533700][ T6078]  ? sb_set_blocksize+0x104/0x180
[  129.533734][ T6078]  ? setup_bdev_super+0x4c1/0x5b0
[  129.533765][ T6078]  get_tree_bdev_flags+0x40e/0x4d0
[  129.533794][ T6078]  ? __pfx_hpfs_fill_super+0x10/0x10
[  129.533824][ T6078]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  129.533853][ T6078]  ? cap_capable+0x11f/0x460
[  129.533874][ T6078]  ? safesetid_security_capable+0xa9/0x1a0
[  129.533900][ T6078]  vfs_get_tree+0x92/0x2b0
[  129.533929][ T6078]  do_new_mount+0x302/0xa10
[  129.533959][ T6078]  ? safesetid_security_capable+0xa9/0x1a0
[  129.533983][ T6078]  ? __pfx_do_new_mount+0x10/0x10
[  129.534014][ T6078]  ? ns_capable+0x8a/0xf0
[  129.534049][ T6078]  __se_sys_mount+0x313/0x410
[  129.534084][ T6078]  ? __pfx___se_sys_mount+0x10/0x10
[  129.534118][ T6078]  ? do_syscall_64+0xbe/0xfa0
[  129.534148][ T6078]  ? __x64_sys_mount+0x20/0xc0
[  129.534180][ T6078]  do_syscall_64+0xfa/0xfa0
[  129.534211][ T6078]  ? lockdep_hardirqs_on+0x9c/0x150
[  129.534242][ T6078]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.534264][ T6078]  ? clear_bhb_loop+0x60/0xb0
[  129.534290][ T6078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.534312][ T6078] RIP: 0033:0x7fd9f70e0e6a
[  129.534337][ T6078] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.534362][ T6078] RSP: 002b:00007ffe25893498 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  129.534385][ T6078] RAX: ffffffffffffffda RBX: 00007ffe25893520 RCX: 00007fd9f70e0e6a
[  129.534402][ T6078] RDX: 000020000000a000 RSI: 0000200000009ec0 RDI: 00007ffe258934e0
[  129.534418][ T6078] RBP: 000020000000a000 R08: 00007ffe25893520 R09: 0000000003200041
[  129.534433][ T6078] R10: 0000000003200041 R11: 0000000000000246 R12: 0000200000009ec0
[  129.534448][ T6078] R13: 00007ffe258934e0 R14: 0000000000009e15 R15: 0000200000000100
[  129.534474][ T6078]  </TASK>
[  129.534482][ T6078] 
[  129.534487][ T6078] The buggy address belongs to the physical page:
[  129.534507][ T6078] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x33c pfn:0x46c83
[  129.534527][ T6078] flags: 0x80000000000000(node=0|zone=1)
[  129.534557][ T6078] raw: 0080000000000000 dead000000000100 dead000000000122 0000000000000000
[  129.534576][ T6078] raw: 000000000000033c 0000000000000000 00000000ffffffff 0000000000000000
[  129.534587][ T6078] page dumped because: kasan: bad access detected
[  129.534605][ T6078] page_owner tracks the page as freed
[  129.534613][ T6078] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 5964, tgid 5964 (syz-executor), ts 122495471564, free_ts 123405522325
[  129.534648][ T6078]  post_alloc_hook+0x240/0x2a0
[  129.534676][ T6078]  get_page_from_freelist+0x28c0/0x2960
[  129.534706][ T6078]  __alloc_frozen_pages_noprof+0x181/0x370
[  129.534736][ T6078]  alloc_pages_mpol+0xd1/0x380
[  129.534764][ T6078]  vma_alloc_folio_noprof+0xe4/0x280
[  129.534791][ T6078]  folio_prealloc+0x30/0x180
[  129.534820][ T6078]  handle_mm_fault+0x103a/0x3400
[  129.534846][ T6078]  do_user_addr_fault+0xa7c/0x1380
[  129.534869][ T6078]  exc_page_fault+0x82/0x100
[  129.534895][ T6078]  asm_exc_page_fault+0x26/0x30
[  129.534914][ T6078] page last free pid 5967 tgid 5967 stack trace:
[  129.534925][ T6078]  free_unref_folios+0xc22/0x1860
[  129.534953][ T6078]  folios_put_refs+0x569/0x670
[  129.534971][ T6078]  free_pages_and_swap_cache+0x277/0x520
[  129.534994][ T6078]  tlb_flush_mmu+0x3a0/0x680
[  129.535012][ T6078]  tlb_finish_mmu+0xc3/0x1d0
[  129.535028][ T6078]  exit_mmap+0x444/0xb40
[  129.535055][ T6078]  __mmput+0xcb/0x3d0
[  129.535076][ T6078]  exit_mm+0x1da/0x2c0
[  129.535107][ T6078]  do_exit+0x648/0x2300
[  129.535137][ T6078]  do_group_exit+0x21c/0x2d0
[  129.535153][ T6078]  get_signal+0x125d/0x1310
[  129.535175][ T6078]  arch_do_signal_or_restart+0xa0/0x790
[  129.535196][ T6078]  exit_to_user_mode_loop+0x72/0x130
[  129.535222][ T6078]  do_syscall_64+0x2bd/0xfa0
[  129.535250][ T6078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.535271][ T6078] 
[  129.535276][ T6078] Memory state around the buggy address:
[  129.535288][ T6078]  ffff888046c83780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  129.535303][ T6078]  ffff888046c83800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  129.535318][ T6078] >ffff888046c83880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  129.535346][ T6078]                                ^
[  129.535358][ T6078]  ffff888046c83900: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  129.535373][ T6078]  ffff888046c83980: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  129.535384][ T6078] ==================================================================
[  129.535402][ T6078] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  129.535418][ T6078] CPU: 0 UID: 0 PID: 6078 Comm: syz.0.20 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  129.535443][ T6078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  129.535456][ T6078] Call Trace:
[  129.535464][ T6078]  <TASK>
[  129.535473][ T6078]  dump_stack_lvl+0x99/0x250
[  129.535508][ T6078]  ? __asan_memcpy+0x40/0x70
[  129.535533][ T6078]  ? __pfx_dump_stack_lvl+0x10/0x10
[  129.535568][ T6078]  ? __pfx__printk+0x10/0x10
[  129.535601][ T6078]  vpanic+0x237/0x6d0
[  129.535623][ T6078]  ? __pfx_vpanic+0x10/0x10
[  129.535649][ T6078]  panic+0xb9/0xc0
[  129.535669][ T6078]  ? __pfx_panic+0x10/0x10
[  129.535690][ T6078]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  129.535724][ T6078]  ? lockdep_hardirqs_on+0x9c/0x150
[  129.535757][ T6078]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  129.535793][ T6078]  ? strcmp+0x6f/0xc0
[  129.535825][ T6078]  check_panic_on_warn+0x89/0xb0
[  129.535846][ T6078]  ? strcmp+0x6f/0xc0
[  129.535878][ T6078]  end_report+0x78/0x160
[  129.535910][ T6078]  kasan_report+0x129/0x150
[  129.535943][ T6078]  ? strcmp+0x6f/0xc0
[  129.535978][ T6078]  strcmp+0x6f/0xc0
[  129.536012][ T6078]  hpfs_get_ea+0x114/0xdb0
[  129.536041][ T6078]  ? __pfx_hpfs_get_ea+0x10/0x10
[  129.536066][ T6078]  ? bdev_getblk+0x80/0x660
[  129.536086][ T6078]  ? __pfx___might_resched+0x10/0x10
[  129.536111][ T6078]  ? do_raw_spin_lock+0x121/0x290
[  129.536140][ T6078]  ? __bread_gfp+0xc3/0x3c0
[  129.536162][ T6078]  ? hpfs_map_sector+0x167/0x3a0
[  129.536185][ T6078]  ? hpfs_map_fnode+0x27e/0x6a0
[  129.536211][ T6078]  ? set_normalized_timespec64+0xf0/0x1a0
[  129.536245][ T6078]  hpfs_read_inode+0x19d/0x1010
[  129.536276][ T6078]  ? __pfx_hpfs_read_inode+0x10/0x10
[  129.536302][ T6078]  ? inode_set_ctime_to_ts+0x126/0x2f0
[  129.536326][ T6078]  ? __pfx_inode_set_ctime_to_ts+0x10/0x10
[  129.536389][ T6078]  ? hpfs_init_inode+0x216/0x350
[  129.536415][ T6078]  hpfs_fill_super+0x12a9/0x2050
[  129.536459][ T6078]  ? __pfx_hpfs_fill_super+0x10/0x10
[  129.536491][ T6078]  ? __pfx_snprintf+0x10/0x10
[  129.536513][ T6078]  ? set_blocksize+0x219/0x450
[  129.536546][ T6078]  ? rt_spin_unlock+0x150/0x200
[  129.536574][ T6078]  ? sb_set_blocksize+0x104/0x180
[  129.536607][ T6078]  ? setup_bdev_super+0x4c1/0x5b0
[  129.536638][ T6078]  get_tree_bdev_flags+0x40e/0x4d0
[  129.536667][ T6078]  ? __pfx_hpfs_fill_super+0x10/0x10
[  129.536699][ T6078]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  129.536728][ T6078]  ? cap_capable+0x11f/0x460
[  129.536749][ T6078]  ? safesetid_security_capable+0xa9/0x1a0
[  129.536774][ T6078]  vfs_get_tree+0x92/0x2b0
[  129.536805][ T6078]  do_new_mount+0x302/0xa10
[  129.536835][ T6078]  ? safesetid_security_capable+0xa9/0x1a0
[  129.536859][ T6078]  ? __pfx_do_new_mount+0x10/0x10
[  129.536889][ T6078]  ? ns_capable+0x8a/0xf0
[  129.536924][ T6078]  __se_sys_mount+0x313/0x410
[  129.536960][ T6078]  ? __pfx___se_sys_mount+0x10/0x10
[  129.536994][ T6078]  ? do_syscall_64+0xbe/0xfa0
[  129.537025][ T6078]  ? __x64_sys_mount+0x20/0xc0
[  129.537057][ T6078]  do_syscall_64+0xfa/0xfa0
[  129.537086][ T6078]  ? lockdep_hardirqs_on+0x9c/0x150
[  129.537118][ T6078]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.537141][ T6078]  ? clear_bhb_loop+0x60/0xb0
[  129.537166][ T6078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.537188][ T6078] RIP: 0033:0x7fd9f70e0e6a
[  129.537206][ T6078] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.537225][ T6078] RSP: 002b:00007ffe25893498 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  129.537248][ T6078] RAX: ffffffffffffffda RBX: 00007ffe25893520 RCX: 00007fd9f70e0e6a
[  129.537265][ T6078] RDX: 000020000000a000 RSI: 0000200000009ec0 RDI: 00007ffe258934e0
[  129.537281][ T6078] RBP: 000020000000a000 R08: 00007ffe25893520 R09: 0000000003200041
[  129.537297][ T6078] R10: 0000000003200041 R11: 0000000000000246 R12: 0000200000009ec0
[  129.537312][ T6078] R13: 00007ffe258934e0 R14: 0000000000009e15 R15: 0000200000000100
[  129.537344][ T6078]  </TASK>
[  129.537603][ T6078] Kernel Offset: disabled