Warning: Permanently added '10.128.1.34' (ED25519) to the list of known hosts.
2025/09/18 22:28:01 parsed 1 programs
syzkaller login: [   69.742739][ T5786] cgroup: Unknown subsys name 'net'
[   69.875810][ T5786] cgroup: Unknown subsys name 'rlimit'
[   71.319963][ T5786] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   71.563240][ T1284] ieee802154 phy0 wpan0: encryption failed: -22
[   71.569847][ T1284] ieee802154 phy1 wpan1: encryption failed: -22
[   73.066395][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.075099][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.104684][   T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.112729][   T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.514621][ T5818] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   73.532447][ T5818] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   73.540121][ T5818] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   73.551124][ T5818] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   73.558829][ T5818] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   73.566865][ T5818] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   74.072834][ T5830] chnl_net:caif_netlink_parms(): no params data found
[   74.141616][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.148716][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.156362][ T5830] bridge_slave_0: entered allmulticast mode
[   74.163996][ T5830] bridge_slave_0: entered promiscuous mode
[   74.174448][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.181603][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.188781][ T5830] bridge_slave_1: entered allmulticast mode
[   74.195705][ T5830] bridge_slave_1: entered promiscuous mode
[   74.226722][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   74.238152][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   74.272911][ T5830] team0: Port device team_slave_0 added
[   74.280380][ T5830] team0: Port device team_slave_1 added
[   74.301913][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0
[   74.308860][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.335259][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   74.348890][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1
[   74.355893][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.381974][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   74.437780][ T5830] hsr_slave_0: entered promiscuous mode
[   74.444356][ T5830] hsr_slave_1: entered promiscuous mode
[   74.607445][ T5830] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   74.620747][ T5830] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   74.631556][ T5830] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   74.641743][ T5830] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   74.683915][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.691133][ T5830] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.698883][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.706096][ T5830] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.755624][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0
[   74.774595][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.784025][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.801515][ T5830] 8021q: adding VLAN 0 to HW filter on device team0
[   74.816871][ T1001] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.824094][ T1001] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.856706][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.863960][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   75.042855][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0
[   75.077487][ T5830] veth0_vlan: entered promiscuous mode
[   75.099307][ T5830] veth1_vlan: entered promiscuous mode
[   75.122963][ T5830] veth0_macvtap: entered promiscuous mode
[   75.135069][ T5830] veth1_macvtap: entered promiscuous mode
[   75.164878][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0
[   75.178286][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1
[   75.195307][ T5830] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   75.204392][ T5830] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   75.213212][ T5830] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   75.221980][ T5830] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   75.737557][ T1088] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/09/18 22:28:11 executed programs: 0
[   77.548600][ T5818] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   77.557109][ T5818] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   77.567165][ T5818] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   77.575842][ T5818] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   77.583729][ T5818] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   77.591822][ T5818] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   77.711127][ T5893] chnl_net:caif_netlink_parms(): no params data found
[   77.762224][ T5893] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.769371][ T5893] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.776637][ T5893] bridge_slave_0: entered allmulticast mode
[   77.783332][ T5893] bridge_slave_0: entered promiscuous mode
[   77.791817][ T5893] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.798942][ T5893] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.806621][ T5893] bridge_slave_1: entered allmulticast mode
[   77.813994][ T5893] bridge_slave_1: entered promiscuous mode
[   77.841753][ T5893] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.854614][ T5893] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.881926][ T5893] team0: Port device team_slave_0 added
[   77.889276][ T5893] team0: Port device team_slave_1 added
[   77.911052][ T5893] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.918018][ T5893] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.943973][ T5893] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.957477][ T5893] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.964652][ T5893] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.991821][ T5893] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.026632][ T5893] hsr_slave_0: entered promiscuous mode
[   78.034197][ T5893] hsr_slave_1: entered promiscuous mode
[   78.040997][ T5893] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   78.048836][ T5893] Cannot create hsr debugfs directory
[   78.281771][ T1088] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.640927][ T5818] Bluetooth: hci0: command tx timeout
[   80.300671][ T1088] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.381209][ T1088] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.313045][ T1088] hsr_slave_0: left promiscuous mode
[   81.319060][ T1088] hsr_slave_1: left promiscuous mode
[   81.325262][ T1088] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   81.333233][ T1088] batman_adv: batadv0: Removing interface: batadv_slave_0
[   81.341672][ T1088] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   81.349080][ T1088] batman_adv: batadv0: Removing interface: batadv_slave_1
[   81.356924][ T1088] bridge_slave_1: left allmulticast mode
[   81.362938][ T1088] bridge_slave_1: left promiscuous mode
[   81.369280][ T1088] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.380312][ T1088] bridge_slave_0: left allmulticast mode
[   81.385974][ T1088] bridge_slave_0: left promiscuous mode
[   81.391749][ T1088] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.415193][ T1088] veth1_macvtap: left promiscuous mode
[   81.421432][ T1088] veth0_macvtap: left promiscuous mode
[   81.426986][ T1088] veth1_vlan: left promiscuous mode
[   81.432474][ T1088] veth0_vlan: left promiscuous mode
[   81.732462][ T5818] Bluetooth: hci0: command tx timeout
[   81.787450][ T1088] team0 (unregistering): Port device team_slave_1 removed
[   81.819440][   T27] cfg80211: failed to load regulatory.db
[   81.826395][ T1088] team0 (unregistering): Port device team_slave_0 removed
[   81.855754][ T1088] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   81.886259][ T1088] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   82.161257][ T1088] bond0 (unregistering): Released all slaves
[   82.237538][ T5893] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   82.247258][ T5893] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   82.257114][ T5893] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   82.277596][ T5893] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   82.359903][ T5893] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.379722][ T5893] 8021q: adding VLAN 0 to HW filter on device team0
[   82.392887][ T1001] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.400044][ T1001] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.414340][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.421488][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.625906][ T5893] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.666142][ T5893] veth0_vlan: entered promiscuous mode
[   82.681494][ T5893] veth1_vlan: entered promiscuous mode
[   82.719871][ T5893] veth0_macvtap: entered promiscuous mode
[   82.738247][ T5893] veth1_macvtap: entered promiscuous mode
[   82.792174][ T5893] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.813220][ T5893] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.824930][ T5893] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.833933][ T5893] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.842907][ T5893] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.851730][ T5893] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.913323][ T1001] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.921443][ T1001] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.945255][ T2977] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.953486][ T2977] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.002922][ T5938] syz.0.17[5938]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   83.233549][ T5938] loop0: detected capacity change from 0 to 32768
[   83.267050][ T5938] ==================================================================
[   83.275326][ T5938] BUG: KASAN: slab-out-of-bounds in dtSearch+0x167a/0x21b0
[   83.282531][ T5938] Read of size 1 at addr ffff8880621d4058 by task syz.0.17/5938
[   83.290143][ T5938] 
[   83.292470][ T5938] CPU: 1 PID: 5938 Comm: syz.0.17 Not tainted syzkaller #0
[   83.299652][ T5938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   83.309695][ T5938] Call Trace:
[   83.313046][ T5938]  <TASK>
[   83.315967][ T5938]  dump_stack_lvl+0x16c/0x230
[   83.320636][ T5938]  ? __lock_acquire+0x7c80/0x7c80
[   83.325648][ T5938]  ? show_regs_print_info+0x20/0x20
[   83.330841][ T5938]  ? load_image+0x3b0/0x3b0
[   83.335420][ T5938]  ? __virt_addr_valid+0x469/0x540
[   83.340513][ T5938]  print_report+0xac/0x220
[   83.344910][ T5938]  ? dtSearch+0x167a/0x21b0
[   83.349397][ T5938]  kasan_report+0x117/0x150
[   83.353884][ T5938]  ? dtSearch+0x167a/0x21b0
[   83.358374][ T5938]  dtSearch+0x167a/0x21b0
[   83.362700][ T5938]  jfs_lookup+0x156/0x380
[   83.367011][ T5938]  ? jfs_get_parent+0xb0/0xb0
[   83.371680][ T5938]  ? apparmor_path_rmdir+0x2f0/0x2f0
[   83.376947][ T5938]  ? make_vfsuid+0x51/0xb0
[   83.381350][ T5938]  ? inode_permission+0xf3/0x480
[   83.386283][ T5938]  ? bpf_lsm_inode_create+0x9/0x10
[   83.391377][ T5938]  ? security_inode_create+0xb7/0x100
[   83.396737][ T5938]  ? jfs_get_parent+0xb0/0xb0
[   83.401400][ T5938]  path_openat+0x10b8/0x3190
[   83.405984][ T5938]  ? do_filp_open+0x3d0/0x3d0
[   83.410650][ T5938]  do_filp_open+0x1c5/0x3d0
[   83.415140][ T5938]  ? vfs_tmpfile+0x490/0x490
[   83.419723][ T5938]  ? _raw_spin_unlock+0x28/0x40
[   83.424579][ T5938]  ? alloc_fd+0x58f/0x630
[   83.428894][ T5938]  do_sys_openat2+0x12c/0x1c0
[   83.433556][ T5938]  ? do_sys_open+0xe0/0xe0
[   83.437963][ T5938]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[   83.443924][ T5938]  ? lock_chain_count+0x20/0x20
[   83.448761][ T5938]  __x64_sys_creat+0x90/0xb0
[   83.453335][ T5938]  do_syscall_64+0x55/0xb0
[   83.457736][ T5938]  ? clear_bhb_loop+0x40/0x90
[   83.462403][ T5938]  ? clear_bhb_loop+0x40/0x90
[   83.467060][ T5938]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   83.472940][ T5938] RIP: 0033:0x7f397f38eba9
[   83.477336][ T5938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.497009][ T5938] RSP: 002b:00007ffefb0cae08 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[   83.505406][ T5938] RAX: ffffffffffffffda RBX: 00007f397f5d5fa0 RCX: 00007f397f38eba9
[   83.513370][ T5938] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000200000000100
[   83.521321][ T5938] RBP: 00007f397f411e19 R08: 0000000000000000 R09: 0000000000000000
[   83.529274][ T5938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   83.537231][ T5938] R13: 00007f397f5d5fa0 R14: 00007f397f5d5fa0 R15: 0000000000000002
[   83.545192][ T5938]  </TASK>
[   83.548197][ T5938] 
[   83.550512][ T5938] Allocated by task 5938:
[   83.554814][ T5938]  kasan_set_track+0x4e/0x70
[   83.559386][ T5938]  __kasan_slab_alloc+0x6c/0x80
[   83.564228][ T5938]  slab_post_alloc_hook+0x6e/0x4d0
[   83.569326][ T5938]  kmem_cache_alloc_lru+0x115/0x2e0
[   83.574511][ T5938]  jfs_alloc_inode+0x28/0x60
[   83.579083][ T5938]  new_inode_pseudo+0x63/0x1d0
[   83.583912][ T5938]  new_inode+0x22/0x1b0
[   83.588136][ T5938]  ialloc+0x4c/0x950
[   83.592019][ T5938]  jfs_create+0x18b/0xa40
[   83.596331][ T5938]  path_openat+0x1277/0x3190
[   83.600907][ T5938]  do_filp_open+0x1c5/0x3d0
[   83.605394][ T5938]  do_sys_openat2+0x12c/0x1c0
[   83.610051][ T5938]  __x64_sys_openat+0x139/0x160
[   83.614883][ T5938]  do_syscall_64+0x55/0xb0
[   83.619278][ T5938]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   83.625158][ T5938] 
[   83.627464][ T5938] The buggy address belongs to the object at ffff8880621d3780
[   83.627464][ T5938]  which belongs to the cache jfs_ip of size 2240
[   83.641147][ T5938] The buggy address is located 24 bytes to the right of
[   83.641147][ T5938]  allocated 2240-byte region [ffff8880621d3780, ffff8880621d4040)
[   83.655800][ T5938] 
[   83.658104][ T5938] The buggy address belongs to the physical page:
[   83.664503][ T5938] page:ffffea0001887400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x621d0
[   83.674634][ T5938] head:ffffea0001887400 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   83.683544][ T5938] memcg:ffff88802459ac01
[   83.687759][ T5938] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[   83.695722][ T5938] page_type: 0xffffffff()
[   83.700032][ T5938] raw: 00fff00000000840 ffff8881422ce780 dead000000000122 0000000000000000
[   83.708592][ T5938] raw: 0000000000000000 00000000800d000d 00000001ffffffff ffff88802459ac01
[   83.717148][ T5938] page dumped because: kasan: bad access detected
[   83.723553][ T5938] page_owner tracks the page as allocated
[   83.729249][ T5938] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 5938, tgid 5938 (syz.0.17), ts 83243886862, free_ts 16436193775
[   83.752583][ T5938]  post_alloc_hook+0x1cd/0x210
[   83.757337][ T5938]  get_page_from_freelist+0x195c/0x19f0
[   83.762870][ T5938]  __alloc_pages+0x1e3/0x460
[   83.767448][ T5938]  alloc_slab_page+0x5d/0x170
[   83.772110][ T5938]  new_slab+0x87/0x2e0
[   83.776164][ T5938]  ___slab_alloc+0xc6d/0x1300
[   83.780824][ T5938]  kmem_cache_alloc_lru+0x1ae/0x2e0
[   83.786010][ T5938]  jfs_alloc_inode+0x28/0x60
[   83.790581][ T5938]  new_inode_pseudo+0x63/0x1d0
[   83.795324][ T5938]  new_inode+0x22/0x1b0
[   83.799456][ T5938]  jfs_fill_super+0x396/0xac0
[   83.804112][ T5938]  mount_bdev+0x22b/0x2d0
[   83.808426][ T5938]  legacy_get_tree+0xea/0x180
[   83.813085][ T5938]  vfs_get_tree+0x8c/0x280
[   83.817483][ T5938]  do_new_mount+0x24b/0xa40
[   83.821964][ T5938]  __se_sys_mount+0x2da/0x3c0
[   83.826619][ T5938] page last free stack trace:
[   83.831268][ T5938]  free_unref_page_prepare+0x7ce/0x8e0
[   83.836715][ T5938]  free_unref_page+0x32/0x2e0
[   83.841376][ T5938]  free_contig_range+0xa1/0x160
[   83.846292][ T5938]  destroy_args+0x80/0x850
[   83.850706][ T5938]  debug_vm_pgtable+0x3cc/0x410
[   83.855542][ T5938]  do_one_initcall+0x1fd/0x750
[   83.860291][ T5938]  do_initcall_level+0x137/0x1f0
[   83.865298][ T5938]  do_initcalls+0x69/0xd0
[   83.869608][ T5938]  kernel_init_freeable+0x3d2/0x570
[   83.874788][ T5938]  kernel_init+0x1d/0x1c0
[   83.879099][ T5938]  ret_from_fork+0x48/0x80
[   83.883497][ T5938]  ret_from_fork_asm+0x11/0x20
[   83.888242][ T5938] 
[   83.890547][ T5938] Memory state around the buggy address:
[   83.896310][ T5938]  ffff8880621d3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   83.904393][ T5938]  ffff8880621d3f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   83.912444][ T5938] >ffff8880621d4000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   83.920490][ T5938]                                                     ^
[   83.927488][ T5938]  ffff8880621d4080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   83.935529][ T5938]  ffff8880621d4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   83.943567][ T5938] ==================================================================
[   83.965088][ T5818] Bluetooth: hci0: command tx timeout
[   83.980109][ T5938] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   83.987341][ T5938] CPU: 0 PID: 5938 Comm: syz.0.17 Not tainted syzkaller #0
[   83.994550][ T5938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   84.004620][ T5938] Call Trace:
[   84.007906][ T5938]  <TASK>
[   84.010849][ T5938]  dump_stack_lvl+0x16c/0x230
[   84.015539][ T5938]  ? show_regs_print_info+0x20/0x20
[   84.020749][ T5938]  ? load_image+0x3b0/0x3b0
[   84.025262][ T5938]  panic+0x2c0/0x710
[   84.029176][ T5938]  ? bpf_jit_dump+0xd0/0xd0
[   84.033687][ T5938]  ? _raw_spin_unlock_irqrestore+0xfa/0x110
[   84.039585][ T5938]  ? _raw_spin_unlock+0x40/0x40
[   84.044437][ T5938]  ? print_memory_metadata+0x314/0x400
[   84.049991][ T5938]  ? dtSearch+0x167a/0x21b0
[   84.054503][ T5938]  check_panic_on_warn+0x84/0xa0
[   84.059453][ T5938]  ? dtSearch+0x167a/0x21b0
[   84.063965][ T5938]  end_report+0x6f/0x140
[   84.068220][ T5938]  kasan_report+0x128/0x150
[   84.072725][ T5938]  ? dtSearch+0x167a/0x21b0
[   84.077237][ T5938]  dtSearch+0x167a/0x21b0
[   84.081589][ T5938]  jfs_lookup+0x156/0x380
[   84.085929][ T5938]  ? jfs_get_parent+0xb0/0xb0
[   84.090619][ T5938]  ? apparmor_path_rmdir+0x2f0/0x2f0
[   84.095908][ T5938]  ? make_vfsuid+0x51/0xb0
[   84.100323][ T5938]  ? inode_permission+0xf3/0x480
[   84.105248][ T5938]  ? bpf_lsm_inode_create+0x9/0x10
[   84.110340][ T5938]  ? security_inode_create+0xb7/0x100
[   84.115695][ T5938]  ? jfs_get_parent+0xb0/0xb0
[   84.120360][ T5938]  path_openat+0x10b8/0x3190
[   84.124946][ T5938]  ? do_filp_open+0x3d0/0x3d0
[   84.129613][ T5938]  do_filp_open+0x1c5/0x3d0
[   84.134102][ T5938]  ? vfs_tmpfile+0x490/0x490
[   84.138679][ T5938]  ? _raw_spin_unlock+0x28/0x40
[   84.143516][ T5938]  ? alloc_fd+0x58f/0x630
[   84.147830][ T5938]  do_sys_openat2+0x12c/0x1c0
[   84.152496][ T5938]  ? do_sys_open+0xe0/0xe0
[   84.156893][ T5938]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[   84.162855][ T5938]  ? lock_chain_count+0x20/0x20
[   84.167688][ T5938]  __x64_sys_creat+0x90/0xb0
[   84.172263][ T5938]  do_syscall_64+0x55/0xb0
[   84.176663][ T5938]  ? clear_bhb_loop+0x40/0x90
[   84.181323][ T5938]  ? clear_bhb_loop+0x40/0x90
[   84.185980][ T5938]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   84.191872][ T5938] RIP: 0033:0x7f397f38eba9
[   84.196270][ T5938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.215948][ T5938] RSP: 002b:00007ffefb0cae08 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[   84.224347][ T5938] RAX: ffffffffffffffda RBX: 00007f397f5d5fa0 RCX: 00007f397f38eba9
[   84.232301][ T5938] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000200000000100
[   84.240257][ T5938] RBP: 00007f397f411e19 R08: 0000000000000000 R09: 0000000000000000
[   84.248209][ T5938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   84.256162][ T5938] R13: 00007f397f5d5fa0 R14: 00007f397f5d5fa0 R15: 0000000000000002
[   84.264121][ T5938]  </TASK>
[   84.267428][ T5938] Kernel Offset: disabled
[   84.271736][ T5938] Rebooting in 86400 seconds..