Warning: Permanently added '10.128.1.238' (ED25519) to the list of known hosts.
2026/05/07 16:27:55 parsed 1 programs
Setting up swapspace version 1, size = 127995904 bytes
[ 111.168215][ T4628] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 112.823275][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 112.831154][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 112.847661][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 112.864813][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 112.872689][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 112.881589][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 115.137045][ T4696] chnl_net:caif_netlink_parms(): no params data found
[ 115.186405][ T4696] bridge0: port 1(bridge_slave_0) entered blocking state
[ 115.194680][ T4696] bridge0: port 1(bridge_slave_0) entered disabled state
[ 115.204017][ T4696] device bridge_slave_0 entered promiscuous mode
[ 115.212512][ T4696] bridge0: port 2(bridge_slave_1) entered blocking state
[ 115.219913][ T4696] bridge0: port 2(bridge_slave_1) entered disabled state
[ 115.228202][ T4696] device bridge_slave_1 entered promiscuous mode
[ 115.252436][ T4696] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 115.264448][ T4696] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 115.290064][ T4696] team0: Port device team_slave_0 added
[ 115.297971][ T4696] team0: Port device team_slave_1 added
[ 115.319043][ T4696] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 115.326628][ T4696] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 115.353581][ T4696] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 115.366716][ T4696] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 115.373864][ T4696] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 115.400328][ T4696] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 115.432743][ T4696] device hsr_slave_0 entered promiscuous mode
[ 115.440346][ T4696] device hsr_slave_1 entered promiscuous mode
[ 116.053974][ T4696] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 116.064259][ T4696] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 116.074457][ T4696] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 116.120132][ T4696] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 116.146050][ T4696] bridge0: port 2(bridge_slave_1) entered blocking state
[ 116.153439][ T4696] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 116.161059][ T4696] bridge0: port 1(bridge_slave_0) entered blocking state
[ 116.168938][ T4696] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 116.189544][ T3064] bridge0: port 1(bridge_slave_0) entered disabled state
[ 116.198450][ T3064] bridge0: port 2(bridge_slave_1) entered disabled state
[ 116.288755][ T4696] 8021q: adding VLAN 0 to HW filter on device bond0
[ 116.337123][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 116.346486][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 116.358035][ T4696] 8021q: adding VLAN 0 to HW filter on device team0
[ 116.372066][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 116.382218][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 116.393161][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 116.400290][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 116.429936][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 116.440773][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 116.451197][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 116.458600][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 116.471034][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 116.481122][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 116.492398][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 116.504774][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 116.551800][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 116.560727][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 116.570260][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 116.581555][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 116.591385][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 116.602973][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 116.613278][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 116.624042][ T4696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 116.846378][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 116.856877][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 116.872267][ T4696] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 116.909047][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 116.921005][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 116.948241][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 116.958555][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 116.969690][ T4696] device veth0_vlan entered promiscuous mode
[ 116.979849][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 116.989967][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 117.005936][ T4696] device veth1_vlan entered promiscuous mode
[ 117.029710][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 117.039698][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 117.050174][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 117.059651][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 117.073980][ T4696] device veth0_macvtap entered promiscuous mode
[ 117.088712][ T4696] device veth1_macvtap entered promiscuous mode
[ 117.111097][ T4696] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 117.120418][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 117.131485][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 117.141632][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 117.152026][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 117.164897][ T4696] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 117.175893][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 117.185613][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 117.200043][ T4696] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 117.210827][ T4696] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 117.230287][ T4696] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 117.239764][ T4696] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2026/05/07 16:28:06 executed programs: 0
[ 118.491084][ T4789] chnl_net:caif_netlink_parms(): no params data found
[ 118.592519][ T4789] bridge0: port 1(bridge_slave_0) entered blocking state
[ 118.614414][ T4789] bridge0: port 1(bridge_slave_0) entered disabled state
[ 118.635716][ T4789] device bridge_slave_0 entered promiscuous mode
[ 118.650791][ T4789] bridge0: port 2(bridge_slave_1) entered blocking state
[ 118.658945][ T4789] bridge0: port 2(bridge_slave_1) entered disabled state
[ 118.670221][ T4789] device bridge_slave_1 entered promiscuous mode
[ 118.728786][ T4789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 118.749044][ T4789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 118.817079][ T4789] team0: Port device team_slave_0 added
[ 118.844525][ T4789] team0: Port device team_slave_1 added
[ 118.912697][ T4789] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 118.935260][ T4789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 118.993010][ T4789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 119.027711][ T4789] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 119.045343][ T4789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 119.076171][ T4789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 119.151621][ T4789] device hsr_slave_0 entered promiscuous mode
[ 119.161999][ T4789] device hsr_slave_1 entered promiscuous mode
[ 119.169432][ T4789] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 119.180929][ T4789] Cannot create hsr debugfs directory
[ 119.320072][ T4789] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 120.252973][ T4690] Bluetooth: hci0: command 0x0409 tx timeout
[ 121.590250][ T4789] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 121.650925][ T4789] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 121.721147][ T4789] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 121.843077][ T4789] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 121.870112][ T4789] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 121.884657][ T4789] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 121.897533][ T4789] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 121.995794][ T4789] 8021q: adding VLAN 0 to HW filter on device bond0
[ 122.012279][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 122.021454][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 122.036120][ T4789] 8021q: adding VLAN 0 to HW filter on device team0
[ 122.062397][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 122.073924][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 122.082584][ T3064] bridge0: port 1(bridge_slave_0) entered blocking state
[ 122.089881][ T3064] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 122.110444][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 122.124142][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 122.133753][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 122.142356][ T3064] bridge0: port 2(bridge_slave_1) entered blocking state
[ 122.149866][ T3064] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 122.160136][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 122.201688][ T4789] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 122.215378][ T4789] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 122.230924][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 122.241369][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 122.250492][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 122.260003][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 122.269567][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 122.278225][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 122.286931][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 122.296078][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 122.305565][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 122.316022][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 122.324869][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 122.333553][ T4313] Bluetooth: hci0: command 0x041b tx timeout
[ 122.491118][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 122.500273][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 122.517922][ T4789] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 122.533427][ T154] device hsr_slave_0 left promiscuous mode
[ 122.540288][ T154] device hsr_slave_1 left promiscuous mode
[ 122.548245][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 122.558339][ T154] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 122.567413][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 122.578164][ T154] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 122.586533][ T154] device bridge_slave_1 left promiscuous mode
[ 122.595365][ T154] bridge0: port 2(bridge_slave_1) entered disabled state
[ 122.604862][ T154] device bridge_slave_0 left promiscuous mode
[ 122.611139][ T154] bridge0: port 1(bridge_slave_0) entered disabled state
[ 122.628016][ T154] device veth1_macvtap left promiscuous mode
[ 122.636956][ T154] device veth0_macvtap left promiscuous mode
[ 122.644178][ T154] device veth1_vlan left promiscuous mode
[ 122.650316][ T154] device veth0_vlan left promiscuous mode
[ 122.898159][ T154] team0 (unregistering): Port device team_slave_1 removed
[ 122.918178][ T154] team0 (unregistering): Port device team_slave_0 removed
[ 122.932359][ T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 122.955042][ T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 123.043604][ T154] bond0 (unregistering): Released all slaves
[ 123.118963][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 123.128773][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 123.164538][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 123.188683][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 123.201988][ T4789] device veth0_vlan entered promiscuous mode
[ 123.210977][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 123.221299][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 123.235840][ T4789] device veth1_vlan entered promiscuous mode
[ 123.298615][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 123.308294][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 123.317062][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 123.326375][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 123.337785][ T4789] device veth0_macvtap entered promiscuous mode
[ 123.360081][ T4789] device veth1_macvtap entered promiscuous mode
[ 123.401221][ T4789] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 123.408762][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 123.418555][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 123.427154][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 123.437981][ T3064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 123.450858][ T4789] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 123.472763][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 123.482469][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 123.498986][ T4789] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 123.508659][ T4789] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 123.518114][ T4789] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 123.528124][ T4789] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 123.628262][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 123.639270][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 123.655727][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
2026/05/07 16:28:11 executed programs: 2
[ 123.715206][ T3064] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 123.724332][ T3064] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 123.736727][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 124.206565][ T5033] loop0: detected capacity change from 0 to 32768
[ 124.340292][ T5033] UFO tlock:0xffffc90002862288
[ 124.414175][ T4311] Bluetooth: hci0: command 0x040f tx timeout
[ 125.152592][ T5058] loop0: detected capacity change from 0 to 32768
[ 125.315967][ T5058] UFO tlock:0xffffc900028620d8
[ 125.334134][ T5058] ==================================================================
[ 125.342577][ T5058] BUG: KASAN: use-after-free in lmWriteRecord+0x4c8/0x1aa0
[ 125.350043][ T5058] Read of size 32 at addr ffff88805985fe00 by task syz.0.18/5058
[ 125.358261][ T5058]
[ 125.360771][ T5058] CPU: 0 PID: 5058 Comm: syz.0.18 Not tainted syzkaller #0
[ 125.368009][ T5058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 125.378209][ T5058] Call Trace:
[ 125.381531][ T5058]
[ 125.384590][ T5058] dump_stack_lvl+0x188/0x250
[ 125.389330][ T5058] ? show_regs_print_info+0x20/0x20
[ 125.394735][ T5058] ? _printk+0xda/0x130
[ 125.398945][ T5058] ? load_image+0x400/0x400
[ 125.403489][ T5058] ? _raw_spin_lock_irqsave+0xbc/0x100
[ 125.409012][ T5058] print_address_description+0x60/0x2d0
[ 125.414606][ T5058] ? lmWriteRecord+0x4c8/0x1aa0
[ 125.419493][ T5058] kasan_report+0xdf/0x130
[ 125.424039][ T5058] ? lmWriteRecord+0x4c8/0x1aa0
[ 125.429433][ T5058] kasan_check_range+0x235/0x290
[ 125.434520][ T5058] ? lmWriteRecord+0x4c8/0x1aa0
[ 125.439520][ T5058] memcpy+0x25/0x60
[ 125.443466][ T5058] lmWriteRecord+0x4c8/0x1aa0
[ 125.448212][ T5058] lmLog+0x6f6/0xa30
[ 125.452161][ T5058] txCommit+0x1c49/0x5200
[ 125.456632][ T5058] ? ktime_get_real_ts64+0x440/0x440
[ 125.462070][ T5058] ? txLinelock+0x160/0x160
[ 125.466858][ T5058] ? rcu_is_watching+0x11/0xa0
[ 125.471912][ T5058] ? __mark_inode_dirty+0x3a4/0xc90
[ 125.477167][ T5058] jfs_mkdir+0x8d5/0xad0
[ 125.481544][ T5058] ? jfs_symlink+0xfb0/0xfb0
[ 125.486398][ T5058] ? make_kgid+0x660/0x660
[ 125.490988][ T5058] ? apparmor_path_mkdir+0x1ac/0x230
[ 125.496432][ T5058] ? generic_permission+0x230/0x510
[ 125.502217][ T5058] ? inode_permission+0xef/0x480
[ 125.507301][ T5058] ? bpf_lsm_inode_mkdir+0x5/0x10
[ 125.512446][ T5058] ? security_inode_mkdir+0xb3/0x100
[ 125.518049][ T5058] vfs_mkdir+0x387/0x570
[ 125.522521][ T5058] do_mkdirat+0x1df/0x5b0
[ 125.526898][ T5058] ? vfs_mkdir+0x570/0x570
[ 125.531745][ T5058] ? getname_flags+0x1fe/0x500
[ 125.536562][ T5058] __x64_sys_mkdirat+0x85/0x90
[ 125.541555][ T5058] do_syscall_64+0x4c/0xa0
[ 125.546017][ T5058] ? clear_bhb_loop+0x30/0x80
[ 125.550753][ T5058] ? clear_bhb_loop+0x30/0x80
[ 125.555706][ T5058] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 125.561938][ T5058] RIP: 0033:0x7f8317574dd7
[ 125.566581][ T5058] Code: 00 66 90 48 89 f2 b9 00 01 00 00 48 89 fe bf 9c ff ff ff e9 db f7 ff ff 66 2e 0f 1f 84 00 00 00 00 00 90 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 125.586752][ T5058] RSP: 002b:00007f8316bd8e58 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 125.595224][ T5058] RAX: ffffffffffffffda RBX: 00007f8316bd8ee0 RCX: 00007f8317574dd7
[ 125.603462][ T5058] RDX: 00000000000001ff RSI: 0000200000000000 RDI: 00000000ffffff9c
[ 125.611497][ T5058] RBP: 00002000000002c0 R08: 0000200000000080 R09: 0000000000000000
[ 125.620108][ T5058] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000200000000000
[ 125.628342][ T5058] R13: 00007f8316bd8ea0 R14: 0000000000000000 R15: 0000000000000000
[ 125.636573][ T5058]
[ 125.639812][ T5058]
[ 125.642369][ T5058] The buggy address belongs to the page:
[ 125.648272][ T5058] page:ffffea00016617c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5985f
[ 125.658603][ T5058] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 125.666083][ T5058] raw: 00fff00000000000 ffffea0001660cc8 ffffea00016618c8 0000000000000000
[ 125.674860][ T5058] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 125.684118][ T5058] page dumped because: kasan: bad access detected
[ 125.691218][ T5058] page_owner tracks the page as freed
[ 125.696601][ T5058] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL), pid 4637, ts 124294946917, free_ts 124412297829
[ 125.714709][ T5058] get_page_from_freelist+0x1bbd/0x1ca0
[ 125.720370][ T5058] __alloc_pages+0x1ee/0x480
[ 125.725297][ T5058] __page_cache_alloc+0xce/0x440
[ 125.730351][ T5058] page_cache_ra_unbounded+0x25d/0x940
[ 125.735945][ T5058] force_page_cache_ra+0x3e5/0x440
[ 125.741086][ T5058] filemap_read+0x5de/0x2540
[ 125.745724][ T5058] blkdev_read_iter+0x11d/0x150
[ 125.750888][ T5058] vfs_read+0x759/0xd60
[ 125.755070][ T5058] ksys_read+0x152/0x260
[ 125.759532][ T5058] do_syscall_64+0x4c/0xa0
[ 125.763983][ T5058] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 125.770179][ T5058] page last free stack trace:
[ 125.775084][ T5058] free_unref_page_prepare+0x637/0x6c0
[ 125.780692][ T5058] free_unref_page_list+0x119/0x820
[ 125.786023][ T5058] release_pages+0x186c/0x1be0
[ 125.790904][ T5058] __pagevec_release+0x6d/0xe0
[ 125.795976][ T5058] truncate_inode_pages_range+0x362/0xfe0
[ 125.801807][ T5058] blkdev_flush_mapping+0x188/0x360
[ 125.807112][ T5058] blkdev_put+0x4d1/0x7d0
[ 125.811634][ T5058] deactivate_locked_super+0x93/0xf0
[ 125.817186][ T5058] cleanup_mnt+0x42d/0x4e0
[ 125.821656][ T5058] task_work_run+0x125/0x1a0
[ 125.826272][ T5058] exit_to_user_mode_loop+0x10f/0x130
[ 125.832201][ T5058] exit_to_user_mode_prepare+0xee/0x180
[ 125.838051][ T5058] syscall_exit_to_user_mode+0x16/0x40
[ 125.843615][ T5058] do_syscall_64+0x58/0xa0
[ 125.848216][ T5058] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 125.854245][ T5058]
[ 125.856573][ T5058] Memory state around the buggy address:
[ 125.862406][ T5058] ffff88805985fd00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 125.870954][ T5058] ffff88805985fd80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 125.879207][ T5058] >ffff88805985fe00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 125.887664][ T5058] ^
[ 125.891749][ T5058] ffff88805985fe80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 125.899999][ T5058] ffff88805985ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 125.908296][ T5058] ==================================================================
[ 125.916486][ T5058] Disabling lock debugging due to kernel taint
[ 125.925988][ T5058] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 125.933535][ T5058] CPU: 0 PID: 5058 Comm: syz.0.18 Tainted: G B syzkaller #0
[ 125.942332][ T5058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 125.952980][ T5058] Call Trace:
[ 125.956649][ T5058]
[ 125.959617][ T5058] dump_stack_lvl+0x188/0x250
[ 125.964337][ T5058] ? show_regs_print_info+0x20/0x20
[ 125.969767][ T5058] ? load_image+0x400/0x400
[ 125.974610][ T5058] panic+0x2e5/0x810
[ 125.978553][ T5058] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 125.985095][ T5058] ? bpf_jit_dump+0xd0/0xd0
[ 125.989751][ T5058] ? _raw_spin_unlock_irqrestore+0x10d/0x120
[ 125.995960][ T5058] ? _raw_spin_unlock+0x40/0x40
[ 126.000854][ T5058] ? lmWriteRecord+0x4c8/0x1aa0
[ 126.005752][ T5058] check_panic_on_warn+0x80/0xa0
[ 126.010964][ T5058] ? lmWriteRecord+0x4c8/0x1aa0
[ 126.015947][ T5058] end_report+0x6d/0xf0
[ 126.020705][ T5058] kasan_report+0x102/0x130
[ 126.025531][ T5058] ? lmWriteRecord+0x4c8/0x1aa0
[ 126.030697][ T5058] kasan_check_range+0x235/0x290
[ 126.036019][ T5058] ? lmWriteRecord+0x4c8/0x1aa0
[ 126.040921][ T5058] memcpy+0x25/0x60
[ 126.044749][ T5058] lmWriteRecord+0x4c8/0x1aa0
[ 126.049939][ T5058] lmLog+0x6f6/0xa30
[ 126.053876][ T5058] txCommit+0x1c49/0x5200
[ 126.058327][ T5058] ? ktime_get_real_ts64+0x440/0x440
[ 126.063642][ T5058] ? txLinelock+0x160/0x160
[ 126.068262][ T5058] ? rcu_is_watching+0x11/0xa0
[ 126.073164][ T5058] ? __mark_inode_dirty+0x3a4/0xc90
[ 126.078702][ T5058] jfs_mkdir+0x8d5/0xad0
[ 126.082967][ T5058] ? jfs_symlink+0xfb0/0xfb0
[ 126.087938][ T5058] ? make_kgid+0x660/0x660
[ 126.092472][ T5058] ? apparmor_path_mkdir+0x1ac/0x230
[ 126.098211][ T5058] ? generic_permission+0x230/0x510
[ 126.103616][ T5058] ? inode_permission+0xef/0x480
[ 126.108587][ T5058] ? bpf_lsm_inode_mkdir+0x5/0x10
[ 126.113633][ T5058] ? security_inode_mkdir+0xb3/0x100
[ 126.119137][ T5058] vfs_mkdir+0x387/0x570
[ 126.123546][ T5058] do_mkdirat+0x1df/0x5b0
[ 126.128071][ T5058] ? vfs_mkdir+0x570/0x570
[ 126.132711][ T5058] ? getname_flags+0x1fe/0x500
[ 126.137755][ T5058] __x64_sys_mkdirat+0x85/0x90
[ 126.142577][ T5058] do_syscall_64+0x4c/0xa0
[ 126.147021][ T5058] ? clear_bhb_loop+0x30/0x80
[ 126.151802][ T5058] ? clear_bhb_loop+0x30/0x80
[ 126.156505][ T5058] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 126.162721][ T5058] RIP: 0033:0x7f8317574dd7
[ 126.167256][ T5058] Code: 00 66 90 48 89 f2 b9 00 01 00 00 48 89 fe bf 9c ff ff ff e9 db f7 ff ff 66 2e 0f 1f 84 00 00 00 00 00 90 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 126.186962][ T5058] RSP: 002b:00007f8316bd8e58 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 126.195741][ T5058] RAX: ffffffffffffffda RBX: 00007f8316bd8ee0 RCX: 00007f8317574dd7
[ 126.203816][ T5058] RDX: 00000000000001ff RSI: 0000200000000000 RDI: 00000000ffffff9c
[ 126.211885][ T5058] RBP: 00002000000002c0 R08: 0000200000000080 R09: 0000000000000000
[ 126.219972][ T5058] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000200000000000
[ 126.228313][ T5058] R13: 00007f8316bd8ea0 R14: 0000000000000000 R15: 0000000000000000
[ 126.236539][ T5058]
[ 126.240650][ T5058] Kernel Offset: disabled
[ 126.245033][ T5058] Rebooting in 86400 seconds..