Warning: Permanently added '10.128.1.212' (ED25519) to the list of known hosts.
2025/07/27 23:26:08 ignoring optional flag "sandboxArg"="0"
2025/07/27 23:26:09 parsed 1 programs
[   97.289071][ T5839] cgroup: Unknown subsys name 'net'
[   97.325879][    T9] cfg80211: failed to load regulatory.db
[   97.391330][ T5839] cgroup: Unknown subsys name 'cpuset'
[   97.400760][ T5839] cgroup: Unknown subsys name 'rlimit'
[   99.078199][ T5839] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  102.053715][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.063223][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.096236][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.105443][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.156224][ T5852] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  103.071017][ T5875] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  103.079818][ T5875] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  103.087925][ T5875] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  103.096881][ T5875] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  103.113030][ T5875] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  104.151228][ T5888] chnl_net:caif_netlink_parms(): no params data found
[  104.240807][ T5888] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.249242][ T5888] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.257169][ T5888] bridge_slave_0: entered allmulticast mode
[  104.265216][ T5888] bridge_slave_0: entered promiscuous mode
[  104.274984][ T5888] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.282466][ T5888] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.292331][ T5888] bridge_slave_1: entered allmulticast mode
[  104.299855][ T5888] bridge_slave_1: entered promiscuous mode
[  104.339248][ T5888] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  104.351336][ T5888] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  104.389776][ T5888] team0: Port device team_slave_0 added
[  104.398353][ T5888] team0: Port device team_slave_1 added
[  104.431699][ T5888] batman_adv: batadv0: Adding interface: batadv_slave_0
[  104.439193][ T5888] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.465632][ T5888] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  104.479098][ T5888] batman_adv: batadv0: Adding interface: batadv_slave_1
[  104.486204][ T5888] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.512596][ T5888] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  104.562657][ T5888] hsr_slave_0: entered promiscuous mode
[  104.569594][ T5888] hsr_slave_1: entered promiscuous mode
[  104.742017][ T5888] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  104.756003][ T5888] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  104.767389][ T5888] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  104.778444][ T5888] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  104.820448][ T5888] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.827784][ T5888] bridge0: port 2(bridge_slave_1) entered forwarding state
[  104.835987][ T5888] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.843262][ T5888] bridge0: port 1(bridge_slave_0) entered forwarding state
[  104.909583][ T5888] 8021q: adding VLAN 0 to HW filter on device bond0
[  104.932341][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.941847][   T61] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.962477][ T5888] 8021q: adding VLAN 0 to HW filter on device team0
[  104.978017][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.985225][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  104.999899][   T61] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.007215][   T61] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.221910][ T5888] 8021q: adding VLAN 0 to HW filter on device batadv0
[  105.275226][ T5888] veth0_vlan: entered promiscuous mode
[  105.288127][ T5888] veth1_vlan: entered promiscuous mode
[  105.320492][ T5888] veth0_macvtap: entered promiscuous mode
[  105.332513][ T5888] veth1_macvtap: entered promiscuous mode
[  105.352295][ T5888] batman_adv: batadv0: Interface activated: batadv_slave_0
[  105.369289][ T5888] batman_adv: batadv0: Interface activated: batadv_slave_1
[  105.382277][ T5888] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.391758][ T5888] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.400651][ T5888] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.409441][ T5888] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.570941][ T1166] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.661032][ T1166] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.749266][ T1166] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.845421][ T1166] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/07/27 23:26:23 executed programs: 0
[  107.433765][ T5875] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  107.442078][ T5875] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  107.451569][ T5875] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  107.462625][ T5875] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  107.471621][ T5875] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  107.658148][ T5938] chnl_net:caif_netlink_parms(): no params data found
[  107.741584][ T5938] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.749076][ T5938] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.756957][ T5938] bridge_slave_0: entered allmulticast mode
[  107.765135][ T5938] bridge_slave_0: entered promiscuous mode
[  107.773704][ T5938] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.780863][ T5938] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.788870][ T5938] bridge_slave_1: entered allmulticast mode
[  107.796508][ T5938] bridge_slave_1: entered promiscuous mode
[  107.832420][ T5938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  107.846170][ T5938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  107.886630][ T5938] team0: Port device team_slave_0 added
[  107.895223][ T5938] team0: Port device team_slave_1 added
[  107.932142][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_0
[  107.939821][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.966718][ T5938] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  107.980581][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_1
[  107.987694][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.013706][ T5938] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  108.122407][ T5938] hsr_slave_0: entered promiscuous mode
[  108.130032][ T5938] hsr_slave_1: entered promiscuous mode
[  108.136649][ T5938] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  108.145354][ T5938] Cannot create hsr debugfs directory
[  108.215142][ T1166] bridge_slave_1: left allmulticast mode
[  108.220997][ T1166] bridge_slave_1: left promiscuous mode
[  108.227765][ T1166] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.239843][ T1166] bridge_slave_0: left allmulticast mode
[  108.247057][ T1166] bridge_slave_0: left promiscuous mode
[  108.253058][ T1166] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.556877][ T1166] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  108.568982][ T1166] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  108.580009][ T1166] bond0 (unregistering): Released all slaves
[  108.680908][ T1166] hsr_slave_0: left promiscuous mode
[  108.687360][ T1166] hsr_slave_1: left promiscuous mode
[  108.694022][ T1166] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  108.701574][ T1166] batman_adv: batadv0: Removing interface: batadv_slave_0
[  108.710553][ T1166] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  108.719169][ T1166] batman_adv: batadv0: Removing interface: batadv_slave_1
[  108.737486][ T1166] veth1_macvtap: left promiscuous mode
[  108.743408][ T1166] veth0_macvtap: left promiscuous mode
[  108.749526][ T1166] veth1_vlan: left promiscuous mode
[  108.755177][ T1166] veth0_vlan: left promiscuous mode
[  109.114624][ T1166] team0 (unregistering): Port device team_slave_1 removed
[  109.147918][ T1166] team0 (unregistering): Port device team_slave_0 removed
[  109.553925][ T5875] Bluetooth: hci0: command tx timeout
[  109.932119][ T5938] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  110.366804][ T5938] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  110.383349][ T5938] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  110.401813][ T5938] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  110.716304][ T5938] 8021q: adding VLAN 0 to HW filter on device bond0
[  110.768443][ T5938] 8021q: adding VLAN 0 to HW filter on device team0
[  110.795512][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.802933][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[  110.826678][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.834018][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.135347][ T5938] 8021q: adding VLAN 0 to HW filter on device batadv0
[  111.181128][ T5938] veth0_vlan: entered promiscuous mode
[  111.193739][ T5938] veth1_vlan: entered promiscuous mode
[  111.225773][ T5938] veth0_macvtap: entered promiscuous mode
[  111.236021][ T5938] veth1_macvtap: entered promiscuous mode
[  111.256658][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_0
[  111.271290][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_1
[  111.285481][ T5938] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.295938][ T5938] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.304726][ T5938] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.313933][ T5938] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.387318][ T1166] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.400681][ T1166] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.432059][   T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.441796][   T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.507118][ T5983] loop0: detected capacity change from 0 to 128
[  111.517821][ T5983] =======================================================
[  111.517821][ T5983] WARNING: The mand mount option has been deprecated and
[  111.517821][ T5983]          and is ignored by this kernel. Remove the mand
[  111.517821][ T5983]          option from the mount to silence this warning.
[  111.517821][ T5983] =======================================================
[  111.561870][ T5983] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  111.575481][ T5983] hpfs: filesystem error: improperly stopped
[  111.581628][ T5983] hpfs: You really don't want any checks? You are crazy...
[  111.590887][ T5983] hpfs: hpfs_map_sector(): read error
[  111.596825][ T5983] hpfs: code page support is disabled
[  111.603461][ T5983] ==================================================================
[  111.611711][ T5983] BUG: KASAN: slab-use-after-free in strcmp+0x6f/0xc0
[  111.618559][ T5983] Read of size 1 at addr ffff888011a968a6 by task syz.0.16/5983
[  111.626299][ T5983] 
[  111.628694][ T5983] CPU: 0 UID: 0 PID: 5983 Comm: syz.0.16 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  111.628724][ T5983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  111.628745][ T5983] Call Trace:
[  111.628758][ T5983]  <TASK>
[  111.628768][ T5983]  dump_stack_lvl+0x189/0x250
[  111.628797][ T5983]  ? __virt_addr_valid+0x1c8/0x5c0
[  111.628825][ T5983]  ? rcu_is_watching+0x15/0xb0
[  111.628848][ T5983]  ? __kasan_check_byte+0x12/0x40
[  111.628871][ T5983]  ? __pfx_dump_stack_lvl+0x10/0x10
[  111.628895][ T5983]  ? rcu_is_watching+0x15/0xb0
[  111.628919][ T5983]  ? lock_release+0x4b/0x3e0
[  111.628942][ T5983]  ? __virt_addr_valid+0x1c8/0x5c0
[  111.628968][ T5983]  ? __virt_addr_valid+0x4a5/0x5c0
[  111.628996][ T5983]  print_report+0xca/0x240
[  111.629028][ T5983]  ? strcmp+0x6f/0xc0
[  111.629053][ T5983]  kasan_report+0x118/0x150
[  111.629078][ T5983]  ? strcmp+0x6f/0xc0
[  111.629107][ T5983]  strcmp+0x6f/0xc0
[  111.629134][ T5983]  hpfs_get_ea+0x114/0xdb0
[  111.629167][ T5983]  ? __pfx_hpfs_get_ea+0x10/0x10
[  111.629196][ T5983]  ? bdev_getblk+0x7b/0x690
[  111.629219][ T5983]  ? __pfx___might_resched+0x10/0x10
[  111.629244][ T5983]  ? validate_chain+0x897/0x2140
[  111.629273][ T5983]  ? __bread_gfp+0xc3/0x3c0
[  111.629308][ T5983]  ? hpfs_map_sector+0x14f/0x380
[  111.629335][ T5983]  ? hpfs_map_fnode+0x27e/0x6a0
[  111.629364][ T5983]  ? set_normalized_timespec64+0xf0/0x1a0
[  111.629398][ T5983]  ? __lock_acquire+0xab9/0xd20
[  111.629420][ T5983]  hpfs_read_inode+0x19d/0x1010
[  111.629453][ T5983]  ? __pfx_hpfs_read_inode+0x10/0x10
[  111.629481][ T5983]  ? inode_set_ctime_to_ts+0x126/0x2f0
[  111.629526][ T5983]  ? __pfx_inode_set_ctime_to_ts+0x10/0x10
[  111.629560][ T5983]  ? do_raw_spin_unlock+0x122/0x240
[  111.629593][ T5983]  ? hpfs_init_inode+0x216/0x350
[  111.629623][ T5983]  hpfs_fill_super+0x12bd/0x2070
[  111.629670][ T5983]  ? __pfx_hpfs_fill_super+0x10/0x10
[  111.629706][ T5983]  ? __pfx_snprintf+0x10/0x10
[  111.629736][ T5983]  ? set_blocksize+0x21e/0x500
[  111.629766][ T5983]  ? sb_set_blocksize+0x104/0x180
[  111.629792][ T5983]  ? setup_bdev_super+0x4c1/0x5b0
[  111.629815][ T5983]  get_tree_bdev_flags+0x40e/0x4d0
[  111.629836][ T5983]  ? __pfx_hpfs_fill_super+0x10/0x10
[  111.629870][ T5983]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  111.629890][ T5983]  ? cap_capable+0x11f/0x460
[  111.629913][ T5983]  ? safesetid_security_capable+0xa9/0x1a0
[  111.629941][ T5983]  vfs_get_tree+0x92/0x2b0
[  111.629964][ T5983]  do_new_mount+0x24a/0xa40
[  111.629992][ T5983]  __se_sys_mount+0x317/0x410
[  111.630020][ T5983]  ? __pfx___se_sys_mount+0x10/0x10
[  111.630048][ T5983]  ? do_syscall_64+0xbe/0x3b0
[  111.630072][ T5983]  ? __x64_sys_mount+0x20/0xc0
[  111.630097][ T5983]  do_syscall_64+0xfa/0x3b0
[  111.630121][ T5983]  ? lockdep_hardirqs_on+0x9c/0x150
[  111.630145][ T5983]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.630167][ T5983]  ? clear_bhb_loop+0x60/0xb0
[  111.630192][ T5983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.630212][ T5983] RIP: 0033:0x7f7ffe19014a
[  111.630241][ T5983] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.630260][ T5983] RSP: 002b:00007ffe954e1418 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  111.630294][ T5983] RAX: ffffffffffffffda RBX: 00007ffe954e14a0 RCX: 00007f7ffe19014a
[  111.630311][ T5983] RDX: 0000200000009e80 RSI: 0000200000009ec0 RDI: 00007ffe954e1460
[  111.630327][ T5983] RBP: 0000200000009e80 R08: 00007ffe954e14a0 R09: 0000000000000041
[  111.630343][ T5983] R10: 0000000000000041 R11: 0000000000000246 R12: 0000200000009ec0
[  111.630357][ T5983] R13: 00007ffe954e1460 R14: 0000000000009e05 R15: 0000200000009f00
[  111.630382][ T5983]  </TASK>
[  111.630390][ T5983] 
[  111.635407][ T5875] Bluetooth: hci0: command tx timeout
[  111.642228][ T5983] Allocated by task 5771:
[  112.003337][ T5983]  kasan_save_track+0x3e/0x80
[  112.008125][ T5983]  __kasan_slab_alloc+0x6c/0x80
[  112.013024][ T5983]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  112.018518][ T5983]  ptlock_alloc+0x20/0x70
[  112.022877][ T5983]  pte_alloc_one+0x7d/0x170
[  112.027431][ T5983]  __pte_alloc+0x25/0x1a0
[  112.031803][ T5983]  copy_pmd_range+0x68e6/0x7000
[  112.036680][ T5983]  copy_page_range+0xc46/0x1270
[  112.041552][ T5983]  dup_mmap+0xf57/0x1ac0
[  112.045811][ T5983]  copy_mm+0x13c/0x4b0
[  112.049896][ T5983]  copy_process+0x16d3/0x3b80
[  112.054596][ T5983]  kernel_clone+0x224/0x7f0
[  112.059162][ T5983]  __x64_sys_clone+0x18b/0x1e0
[  112.063975][ T5983]  do_syscall_64+0xfa/0x3b0
[  112.068504][ T5983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.074447][ T5983] 
[  112.076816][ T5983] Freed by task 15:
[  112.080631][ T5983]  kasan_save_track+0x3e/0x80
[  112.085335][ T5983]  kasan_save_free_info+0x46/0x50
[  112.090381][ T5983]  __kasan_slab_free+0x62/0x70
[  112.095160][ T5983]  kmem_cache_free+0x18f/0x400
[  112.099942][ T5983]  __tlb_remove_table+0x81/0x3b0
[  112.104923][ T5983]  tlb_remove_table_rcu+0x85/0x100
[  112.110066][ T5983]  rcu_core+0xca5/0x1710
[  112.114323][ T5983]  handle_softirqs+0x283/0x870
[  112.119102][ T5983]  run_ksoftirqd+0x9b/0x100
[  112.123633][ T5983]  smpboot_thread_fn+0x53f/0xa60
[  112.128588][ T5983]  kthread+0x70e/0x8a0
[  112.132682][ T5983]  ret_from_fork+0x3fc/0x770
[  112.137288][ T5983]  ret_from_fork_asm+0x1a/0x30
[  112.142071][ T5983] 
[  112.144405][ T5983] The buggy address belongs to the object at ffff888011a968a0
[  112.144405][ T5983]  which belongs to the cache page->ptl of size 64
[  112.158325][ T5983] The buggy address is located 6 bytes inside of
[  112.158325][ T5983]  freed 64-byte region [ffff888011a968a0, ffff888011a968e0)
[  112.171878][ T5983] 
[  112.174220][ T5983] The buggy address belongs to the physical page:
[  112.180678][ T5983] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888011a961e0 pfn:0x11a96
[  112.190767][ T5983] anon flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  112.198336][ T5983] page_type: f5(slab)
[  112.202333][ T5983] raw: 00fff00000000000 ffff88801a44b780 0000000000000000 0000000000000001
[  112.210931][ T5983] raw: ffff888011a961e0 00000000002a0023 00000000f5000000 0000000000000000
[  112.219528][ T5983] page dumped because: kasan: bad access detected
[  112.225963][ T5983] page_owner tracks the page as allocated
[  112.231692][ T5983] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5771, tgid 5771 (dhcpcd-run-hook), ts 78116845101, free_ts 78034110984
[  112.251364][ T5983]  post_alloc_hook+0x240/0x2a0
[  112.256156][ T5983]  get_page_from_freelist+0x21d5/0x22b0
[  112.261748][ T5983]  __alloc_frozen_pages_noprof+0x181/0x370
[  112.267576][ T5983]  alloc_pages_mpol+0x232/0x4a0
[  112.272445][ T5983]  allocate_slab+0x8a/0x3b0
[  112.276975][ T5983]  ___slab_alloc+0xbfc/0x1480
[  112.281670][ T5983]  kmem_cache_alloc_noprof+0x283/0x3c0
[  112.287144][ T5983]  __pmd_alloc+0xc6/0x3b0
[  112.291504][ T5983]  copy_pmd_range+0x6bfc/0x7000
[  112.296374][ T5983]  copy_page_range+0xc46/0x1270
[  112.301247][ T5983]  dup_mmap+0xf57/0x1ac0
[  112.305511][ T5983]  copy_mm+0x13c/0x4b0
[  112.309599][ T5983]  copy_process+0x16d3/0x3b80
[  112.314293][ T5983]  kernel_clone+0x224/0x7f0
[  112.318812][ T5983]  __x64_sys_clone+0x18b/0x1e0
[  112.323595][ T5983]  do_syscall_64+0xfa/0x3b0
[  112.328120][ T5983] page last free pid 15 tgid 15 stack trace:
[  112.334331][ T5983]  __free_frozen_pages+0xc65/0xe60
[  112.339506][ T5983]  __tlb_remove_table+0x2d2/0x3b0
[  112.344721][ T5983]  tlb_remove_table_rcu+0x85/0x100
[  112.349955][ T5983]  rcu_core+0xca5/0x1710
[  112.354229][ T5983]  handle_softirqs+0x283/0x870
[  112.359096][ T5983]  run_ksoftirqd+0x9b/0x100
[  112.363631][ T5983]  smpboot_thread_fn+0x53f/0xa60
[  112.368587][ T5983]  kthread+0x70e/0x8a0
[  112.372675][ T5983]  ret_from_fork+0x3fc/0x770
[  112.377282][ T5983]  ret_from_fork_asm+0x1a/0x30
[  112.382066][ T5983] 
[  112.384402][ T5983] Memory state around the buggy address:
[  112.390058][ T5983]  ffff888011a96780: fa fb fb fb fb fb fb fb fc fc fc fc fa fb fb fb
[  112.398161][ T5983]  ffff888011a96800: fb fb fb fb fc fc fc fc fa fb fb fb fb fb fb fb
[  112.406257][ T5983] >ffff888011a96880: fc fc fc fc fa fb fb fb fb fb fb fb fc fc fc fc
[  112.414345][ T5983]                                ^
[  112.419466][ T5983]  ffff888011a96900: fa fb fb fb fb fb fb fb fc fc fc fc fa fb fb fb
[  112.427543][ T5983]  ffff888011a96980: fb fb fb fb fc fc fc fc fa fb fb fb fb fb fb fb
[  112.435619][ T5983] ==================================================================
[  112.459557][ T5983] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  112.466864][ T5983] CPU: 1 UID: 0 PID: 5983 Comm: syz.0.16 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) 
[  112.478754][ T5983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  112.488906][ T5983] Call Trace:
[  112.492349][ T5983]  <TASK>
[  112.495501][ T5983]  dump_stack_lvl+0x99/0x250
[  112.500185][ T5983]  ? __asan_memcpy+0x40/0x70
[  112.504910][ T5983]  ? __pfx_dump_stack_lvl+0x10/0x10
[  112.510203][ T5983]  ? __pfx__printk+0x10/0x10
[  112.514844][ T5983]  panic+0x2db/0x790
[  112.518765][ T5983]  ? __pfx_preempt_schedule+0x10/0x10
[  112.524160][ T5983]  ? __pfx_panic+0x10/0x10
[  112.528598][ T5983]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  112.534546][ T5983]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  112.540899][ T5983]  ? strcmp+0x6f/0xc0
[  112.544900][ T5983]  check_panic_on_warn+0x89/0xb0
[  112.549864][ T5983]  ? strcmp+0x6f/0xc0
[  112.553880][ T5983]  end_report+0x78/0x160
[  112.558171][ T5983]  kasan_report+0x129/0x150
[  112.562713][ T5983]  ? strcmp+0x6f/0xc0
[  112.566725][ T5983]  strcmp+0x6f/0xc0
[  112.570737][ T5983]  hpfs_get_ea+0x114/0xdb0
[  112.575198][ T5983]  ? __pfx_hpfs_get_ea+0x10/0x10
[  112.580154][ T5983]  ? bdev_getblk+0x7b/0x690
[  112.584684][ T5983]  ? __pfx___might_resched+0x10/0x10
[  112.589998][ T5983]  ? validate_chain+0x897/0x2140
[  112.594955][ T5983]  ? __bread_gfp+0xc3/0x3c0
[  112.599475][ T5983]  ? hpfs_map_sector+0x14f/0x380
[  112.604524][ T5983]  ? hpfs_map_fnode+0x27e/0x6a0
[  112.609396][ T5983]  ? set_normalized_timespec64+0xf0/0x1a0
[  112.615154][ T5983]  ? __lock_acquire+0xab9/0xd20
[  112.620064][ T5983]  hpfs_read_inode+0x19d/0x1010
[  112.624944][ T5983]  ? __pfx_hpfs_read_inode+0x10/0x10
[  112.630251][ T5983]  ? inode_set_ctime_to_ts+0x126/0x2f0
[  112.635749][ T5983]  ? __pfx_inode_set_ctime_to_ts+0x10/0x10
[  112.641595][ T5983]  ? do_raw_spin_unlock+0x122/0x240
[  112.646905][ T5983]  ? hpfs_init_inode+0x216/0x350
[  112.651879][ T5983]  hpfs_fill_super+0x12bd/0x2070
[  112.656859][ T5983]  ? __pfx_hpfs_fill_super+0x10/0x10
[  112.662177][ T5983]  ? __pfx_snprintf+0x10/0x10
[  112.666876][ T5983]  ? set_blocksize+0x21e/0x500
[  112.671672][ T5983]  ? sb_set_blocksize+0x104/0x180
[  112.676757][ T5983]  ? setup_bdev_super+0x4c1/0x5b0
[  112.681795][ T5983]  get_tree_bdev_flags+0x40e/0x4d0
[  112.686935][ T5983]  ? __pfx_hpfs_fill_super+0x10/0x10
[  112.692249][ T5983]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  112.697901][ T5983]  ? cap_capable+0x11f/0x460
[  112.702512][ T5983]  ? safesetid_security_capable+0xa9/0x1a0
[  112.708350][ T5983]  vfs_get_tree+0x92/0x2b0
[  112.712790][ T5983]  do_new_mount+0x24a/0xa40
[  112.717323][ T5983]  __se_sys_mount+0x317/0x410
[  112.722151][ T5983]  ? __pfx___se_sys_mount+0x10/0x10
[  112.727392][ T5983]  ? do_syscall_64+0xbe/0x3b0
[  112.732119][ T5983]  ? __x64_sys_mount+0x20/0xc0
[  112.737004][ T5983]  do_syscall_64+0xfa/0x3b0
[  112.741625][ T5983]  ? lockdep_hardirqs_on+0x9c/0x150
[  112.746843][ T5983]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.753059][ T5983]  ? clear_bhb_loop+0x60/0xb0
[  112.757772][ T5983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.763900][ T5983] RIP: 0033:0x7f7ffe19014a
[  112.768372][ T5983] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.788174][ T5983] RSP: 002b:00007ffe954e1418 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  112.796628][ T5983] RAX: ffffffffffffffda RBX: 00007ffe954e14a0 RCX: 00007f7ffe19014a
[  112.804643][ T5983] RDX: 0000200000009e80 RSI: 0000200000009ec0 RDI: 00007ffe954e1460
[  112.812645][ T5983] RBP: 0000200000009e80 R08: 00007ffe954e14a0 R09: 0000000000000041
[  112.820631][ T5983] R10: 0000000000000041 R11: 0000000000000246 R12: 0000200000009ec0
[  112.828641][ T5983] R13: 00007ffe954e1460 R14: 0000000000009e05 R15: 0000200000009f00
[  112.836648][ T5983]  </TASK>
[  112.839972][ T5983] Kernel Offset: disabled
[  112.844314][ T5983] Rebooting in 86400 seconds..