Warning: Permanently added '10.128.0.20' (ED25519) to the list of known hosts.
2026/01/13 10:43:45 parsed 1 programs
Setting up swapspace version 1, size = 127995904 bytes
[ 98.618808][ T4776] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 100.222048][ T4797] chnl_net:caif_netlink_parms(): no params data found
[ 100.266243][ T4797] bridge0: port 1(bridge_slave_0) entered blocking state
[ 100.273923][ T4797] bridge0: port 1(bridge_slave_0) entered disabled state
[ 100.282466][ T4797] device bridge_slave_0 entered promiscuous mode
[ 100.292809][ T4797] bridge0: port 2(bridge_slave_1) entered blocking state
[ 100.300352][ T4797] bridge0: port 2(bridge_slave_1) entered disabled state
[ 100.309360][ T4797] device bridge_slave_1 entered promiscuous mode
[ 100.329334][ T4797] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 100.342039][ T4797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 100.364939][ T4797] team0: Port device team_slave_0 added
[ 100.373483][ T4797] team0: Port device team_slave_1 added
[ 100.392648][ T4797] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 100.400218][ T4797] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 100.427644][ T4797] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 100.439946][ T4797] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 100.447838][ T4797] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 100.475823][ T4797] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 100.511658][ T4797] device hsr_slave_0 entered promiscuous mode
[ 100.519649][ T4797] device hsr_slave_1 entered promiscuous mode
[ 101.141409][ T4797] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 101.153422][ T4797] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 101.181460][ T4797] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 101.199248][ T4797] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 101.363629][ T4797] 8021q: adding VLAN 0 to HW filter on device bond0
[ 101.378978][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 101.397517][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 101.415981][ T4797] 8021q: adding VLAN 0 to HW filter on device team0
[ 101.445648][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 101.457930][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 101.472085][ T144] bridge0: port 1(bridge_slave_0) entered blocking state
[ 101.479520][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 101.490349][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 101.509711][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 101.529485][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 101.557711][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 101.566133][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 101.592972][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 101.619470][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 101.640528][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 101.661165][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 101.688636][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 101.711789][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 101.741189][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 101.753384][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 101.779531][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 101.799031][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 101.819477][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 101.843618][ T4797] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 102.042692][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 102.057756][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 102.071795][ T4797] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 102.120323][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 102.133113][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 102.156584][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 102.166674][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 102.178785][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 102.189099][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 102.201412][ T4797] device veth0_vlan entered promiscuous mode
[ 102.214746][ T4797] device veth1_vlan entered promiscuous mode
[ 102.252603][ T4797] device veth0_macvtap entered promiscuous mode
[ 102.262837][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 102.273413][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 102.283736][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 102.293712][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 102.313176][ T4797] device veth1_macvtap entered promiscuous mode
[ 102.328164][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 102.336732][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 102.374228][ T4797] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 102.381969][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 102.395017][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 102.410171][ T4797] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 102.419802][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 102.431265][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 102.445057][ T4797] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.454994][ T4797] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.466083][ T4797] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.476791][ T4797] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.834291][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.853071][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.885539][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.887340][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 102.901758][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.917395][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 104.862056][ T4276] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2026/01/13 10:43:55 executed programs: 0
[ 106.226173][ T5039] chnl_net:caif_netlink_parms(): no params data found
[ 106.290371][ T5039] bridge0: port 1(bridge_slave_0) entered blocking state
[ 106.298282][ T5039] bridge0: port 1(bridge_slave_0) entered disabled state
[ 106.306592][ T5039] device bridge_slave_0 entered promiscuous mode
[ 106.315357][ T5039] bridge0: port 2(bridge_slave_1) entered blocking state
[ 106.322907][ T5039] bridge0: port 2(bridge_slave_1) entered disabled state
[ 106.331740][ T5039] device bridge_slave_1 entered promiscuous mode
[ 106.358664][ T5039] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 106.371016][ T5039] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 106.403670][ T5039] team0: Port device team_slave_0 added
[ 106.414933][ T5039] team0: Port device team_slave_1 added
[ 106.443182][ T5039] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 106.451390][ T5039] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 106.488798][ T5039] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 106.504965][ T5039] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 106.512971][ T5039] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 106.543576][ T5039] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 106.590809][ T5039] device hsr_slave_0 entered promiscuous mode
[ 106.598385][ T5039] device hsr_slave_1 entered promiscuous mode
[ 106.605326][ T5039] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 106.616381][ T5039] Cannot create hsr debugfs directory
[ 107.773381][ T4276] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 107.853757][ T4276] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 107.918141][ T4276] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 108.159719][ T4428] Bluetooth: hci0: command 0x0409 tx timeout
[ 108.838239][ T5039] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 108.848319][ T5039] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 108.859511][ T5039] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 108.890934][ T5039] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 108.970877][ T5039] 8021q: adding VLAN 0 to HW filter on device bond0
[ 108.984381][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 108.994246][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 109.006950][ T5039] 8021q: adding VLAN 0 to HW filter on device team0
[ 109.024419][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 109.034636][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 109.044301][ T144] bridge0: port 1(bridge_slave_0) entered blocking state
[ 109.051811][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 109.066445][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 109.075014][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 109.084167][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 109.093121][ T144] bridge0: port 2(bridge_slave_1) entered blocking state
[ 109.100470][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 109.110432][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 109.119634][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 109.143044][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 109.152926][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 109.163113][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 109.178044][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 109.187810][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 109.216668][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 109.226663][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 109.239991][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 109.249682][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 109.261996][ T5039] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 109.376926][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 109.385179][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 109.414339][ T5039] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 109.432555][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 109.442728][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 109.474776][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 109.485259][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 109.494894][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 109.504287][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 109.516180][ T5039] device veth0_vlan entered promiscuous mode
[ 109.528997][ T5039] device veth1_vlan entered promiscuous mode
[ 109.569654][ T1454] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 109.580755][ T1454] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 109.590240][ T1454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 109.600419][ T1454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 109.612248][ T5039] device veth0_macvtap entered promiscuous mode
[ 109.625010][ T5039] device veth1_macvtap entered promiscuous mode
[ 109.640014][ T4276] device hsr_slave_0 left promiscuous mode
[ 109.646365][ T4276] device hsr_slave_1 left promiscuous mode
[ 109.655079][ T4276] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 109.664080][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 109.672876][ T4276] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 109.681579][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 109.690477][ T4276] device bridge_slave_1 left promiscuous mode
[ 109.698072][ T4276] bridge0: port 2(bridge_slave_1) entered disabled state
[ 109.706793][ T4276] device bridge_slave_0 left promiscuous mode
[ 109.713923][ T4276] bridge0: port 1(bridge_slave_0) entered disabled state
[ 109.726356][ T4276] device veth1_macvtap left promiscuous mode
[ 109.732855][ T4276] device veth0_macvtap left promiscuous mode
[ 109.739144][ T4276] device veth1_vlan left promiscuous mode
[ 109.745269][ T4276] device veth0_vlan left promiscuous mode
[ 109.892716][ T4276] team0 (unregistering): Port device team_slave_1 removed
[ 109.904581][ T4276] team0 (unregistering): Port device team_slave_0 removed
[ 109.916878][ T4276] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 109.931706][ T4276] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 109.983784][ T4276] bond0 (unregistering): Released all slaves
[ 110.035971][ T5039] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 110.045727][ T1454] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 110.054595][ T1454] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 110.062967][ T1454] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 110.072810][ T1454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 110.086075][ T5039] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 110.095232][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 110.104380][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 110.120685][ T5039] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 110.130320][ T5039] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 110.139779][ T5039] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 110.150054][ T5039] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 110.220443][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.242365][ T5190] Bluetooth: hci0: command 0x041b tx timeout
[ 110.242921][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.279318][ T1454] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.280456][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 110.288635][ T1454] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.306157][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 110.551708][ T5235] loop0: detected capacity change from 0 to 32768
[ 110.655590][ T5235] =======================================================
[ 110.655590][ T5235] WARNING: The mand mount option has been deprecated and
[ 110.655590][ T5235] and is ignored by this kernel. Remove the mand
[ 110.655590][ T5235] option from the mount to silence this warning.
[ 110.655590][ T5235] =======================================================
[ 110.737078][ T5039] ==================================================================
[ 110.745703][ T5039] BUG: KASAN: use-after-free in jfs_readdir+0x11ca/0x3c10
[ 110.753228][ T5039] Read of size 8 at addr ffff88807616e030 by task syz-executor/5039
[ 110.761242][ T5039]
[ 110.763678][ T5039] CPU: 0 PID: 5039 Comm: syz-executor Not tainted syzkaller #0
[ 110.771304][ T5039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 110.781742][ T5039] Call Trace:
[ 110.785044][ T5039]
[ 110.788075][ T5039] dump_stack_lvl+0x168/0x230
[ 110.793067][ T5039] ? show_regs_print_info+0x20/0x20
[ 110.798752][ T5039] ? load_image+0x3b0/0x3b0
[ 110.803627][ T5039] ? _raw_spin_lock_irqsave+0xb0/0xf0
[ 110.809103][ T5039] ? unlock_page+0x17c/0x1f0
[ 110.814172][ T5039] print_address_description+0x60/0x2d0
[ 110.820073][ T5039] ? jfs_readdir+0x11ca/0x3c10
[ 110.825127][ T5039] kasan_report+0xdf/0x130
[ 110.829821][ T5039] ? jfs_readdir+0x11ca/0x3c10
[ 110.834940][ T5039] jfs_readdir+0x11ca/0x3c10
[ 110.839648][ T5039] ? dtInitRoot+0x660/0x660
[ 110.844440][ T5039] ? end_current_label_crit_section+0x14b/0x170
[ 110.851311][ T5039] ? common_file_perm+0x171/0x1c0
[ 110.856956][ T5039] iterate_dir+0x218/0x560
[ 110.861929][ T5039] __se_sys_getdents64+0xe5/0x260
[ 110.867067][ T5039] ? __x64_sys_getdents64+0x80/0x80
[ 110.872364][ T5039] ? filldir+0x720/0x720
[ 110.876968][ T5039] ? vtime_user_exit+0x2dc/0x400
[ 110.882221][ T5039] ? lockdep_hardirqs_on+0x94/0x140
[ 110.887686][ T5039] do_syscall_64+0x4c/0xa0
[ 110.892284][ T5039] ? clear_bhb_loop+0x30/0x80
[ 110.896988][ T5039] ? clear_bhb_loop+0x30/0x80
[ 110.902458][ T5039] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 110.908960][ T5039] RIP: 0033:0x7f3dabbd10b3
[ 110.913846][ T5039] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 3d f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[ 110.934089][ T5039] RSP: 002b:00007ffd4fc95668 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[ 110.942980][ T5039] RAX: ffffffffffffffda RBX: 000055556d66e600 RCX: 00007f3dabbd10b3
[ 110.951487][ T5039] RDX: 0000000000008000 RSI: 000055556d66e600 RDI: 0000000000000005
[ 110.960245][ T5039] RBP: 000055556d66e5d4 R08: 0000000000028a41 R09: 0000000000000000
[ 110.968980][ T5039] R10: 00007f3dabdc9cc0 R11: 0000000000000293 R12: ffffffffffffffa8
[ 110.977587][ T5039] R13: 0000000000000010 R14: 000055556d66e5d0 R15: 00007ffd4fc97920
[ 110.986108][ T5039]
[ 110.989404][ T5039]
[ 110.992055][ T5039] Allocated by task 5039:
[ 110.997132][ T5039] __kasan_slab_alloc+0x9c/0xd0
[ 111.002286][ T5039] slab_post_alloc_hook+0x4c/0x380
[ 111.007602][ T5039] kmem_cache_alloc+0x100/0x290
[ 111.012571][ T5039] mempool_alloc+0x18f/0x4e0
[ 111.017419][ T5039] __get_metapage+0x5e8/0x1060
[ 111.022542][ T5039] dtReadFirst+0xd5/0x8f0
[ 111.027108][ T5039] jfs_readdir+0x908/0x3c10
[ 111.031891][ T5039] iterate_dir+0x218/0x560
[ 111.036419][ T5039] __se_sys_getdents64+0xe5/0x260
[ 111.042183][ T5039] do_syscall_64+0x4c/0xa0
[ 111.046727][ T5039] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 111.053377][ T5039]
[ 111.055918][ T5039] Freed by task 5039:
[ 111.060308][ T5039] kasan_set_track+0x4b/0x70
[ 111.065111][ T5039] kasan_set_free_info+0x1f/0x40
[ 111.070428][ T5039] ____kasan_slab_free+0xd5/0x110
[ 111.075804][ T5039] slab_free_freelist_hook+0xea/0x170
[ 111.081281][ T5039] kmem_cache_free+0x8f/0x210
[ 111.086394][ T5039] release_metapage+0x97b/0xe10
[ 111.091494][ T5039] jfs_readdir+0xf6f/0x3c10
[ 111.096464][ T5039] iterate_dir+0x218/0x560
[ 111.100975][ T5039] __se_sys_getdents64+0xe5/0x260
[ 111.106220][ T5039] do_syscall_64+0x4c/0xa0
[ 111.110972][ T5039] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 111.117070][ T5039]
[ 111.119837][ T5039] The buggy address belongs to the object at ffff88807616e000
[ 111.119837][ T5039] which belongs to the cache jfs_mp of size 184
[ 111.134439][ T5039] The buggy address is located 48 bytes inside of
[ 111.134439][ T5039] 184-byte region [ffff88807616e000, ffff88807616e0b8)
[ 111.148054][ T5039] The buggy address belongs to the page:
[ 111.154144][ T5039] page:ffffea0001d85b80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7616e
[ 111.164723][ T5039] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 111.172541][ T5039] raw: 00fff00000000200 0000000000000000 dead000000000122 ffff888146c0a780
[ 111.181660][ T5039] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 111.190502][ T5039] page dumped because: kasan: bad access detected
[ 111.197560][ T5039] page_owner tracks the page as allocated
[ 111.203516][ T5039] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x192800(GFP_NOWAIT|__GFP_NOWARN|__GFP_NORETRY|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 5039, ts 110736691090, free_ts 110734817530
[ 111.224666][ T5039] get_page_from_freelist+0x1b77/0x1c60
[ 111.230774][ T5039] __alloc_pages+0x1e1/0x470
[ 111.235584][ T5039] new_slab+0xc0/0x4b0
[ 111.239862][ T5039] ___slab_alloc+0x81e/0xdf0
[ 111.244654][ T5039] kmem_cache_alloc+0x195/0x290
[ 111.249522][ T5039] mempool_alloc+0x18f/0x4e0
[ 111.254221][ T5039] __get_metapage+0x5e8/0x1060
[ 111.259170][ T5039] dtReadFirst+0xd5/0x8f0
[ 111.263634][ T5039] jfs_readdir+0x908/0x3c10
[ 111.268748][ T5039] iterate_dir+0x218/0x560
[ 111.273511][ T5039] __se_sys_getdents64+0xe5/0x260
[ 111.278547][ T5039] do_syscall_64+0x4c/0xa0
[ 111.283245][ T5039] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 111.289389][ T5039] page last free stack trace:
[ 111.294700][ T5039] free_unref_page_prepare+0x637/0x6c0
[ 111.300887][ T5039] free_unref_page+0x94/0x280
[ 111.306089][ T5039] __mmdrop+0xaa/0x3e0
[ 111.310705][ T5039] finish_task_switch+0x215/0x640
[ 111.315863][ T5039] __schedule+0x11c3/0x4390
[ 111.320484][ T5039] schedule+0x11b/0x1e0
[ 111.324837][ T5039] do_nanosleep+0x1f1/0x760
[ 111.329342][ T5039] hrtimer_nanosleep+0x2f7/0x520
[ 111.334618][ T5039] __se_sys_clock_nanosleep+0x2e6/0x370
[ 111.340260][ T5039] do_syscall_64+0x4c/0xa0
[ 111.344883][ T5039] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 111.351068][ T5039]
[ 111.353672][ T5039] Memory state around the buggy address:
[ 111.359560][ T5039] ffff88807616df00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 111.368074][ T5039] ffff88807616df80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 111.376547][ T5039] >ffff88807616e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 111.385190][ T5039] ^
[ 111.390936][ T5039] ffff88807616e080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc
[ 111.399278][ T5039] ffff88807616e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 111.407601][ T5039] ==================================================================
[ 111.415744][ T5039] Disabling lock debugging due to kernel taint
[ 111.429517][ T5039] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 111.437313][ T5039] CPU: 0 PID: 5039 Comm: syz-executor Tainted: G B syzkaller #0
[ 111.446856][ T5039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 111.457442][ T5039] Call Trace:
[ 111.460910][ T5039]
[ 111.463838][ T5039] dump_stack_lvl+0x168/0x230
[ 111.468776][ T5039] ? show_regs_print_info+0x20/0x20
[ 111.474400][ T5039] ? load_image+0x3b0/0x3b0
[ 111.479071][ T5039] panic+0x2c9/0x7f0
[ 111.483308][ T5039] ? bpf_jit_dump+0xd0/0xd0
[ 111.488010][ T5039] ? _raw_spin_unlock_irqrestore+0xf6/0x100
[ 111.494550][ T5039] ? _raw_spin_unlock+0x40/0x40
[ 111.499686][ T5039] ? jfs_readdir+0x11ca/0x3c10
[ 111.504726][ T5039] check_panic_on_warn+0x80/0xa0
[ 111.510014][ T5039] ? jfs_readdir+0x11ca/0x3c10
[ 111.515062][ T5039] end_report+0x6d/0xf0
[ 111.519306][ T5039] kasan_report+0x102/0x130
[ 111.523981][ T5039] ? jfs_readdir+0x11ca/0x3c10
[ 111.528740][ T5039] jfs_readdir+0x11ca/0x3c10
[ 111.533411][ T5039] ? dtInitRoot+0x660/0x660
[ 111.538168][ T5039] ? end_current_label_crit_section+0x14b/0x170
[ 111.544510][ T5039] ? common_file_perm+0x171/0x1c0
[ 111.549799][ T5039] iterate_dir+0x218/0x560
[ 111.554720][ T5039] __se_sys_getdents64+0xe5/0x260
[ 111.559948][ T5039] ? __x64_sys_getdents64+0x80/0x80
[ 111.565312][ T5039] ? filldir+0x720/0x720
[ 111.569644][ T5039] ? vtime_user_exit+0x2dc/0x400
[ 111.574928][ T5039] ? lockdep_hardirqs_on+0x94/0x140
[ 111.580425][ T5039] do_syscall_64+0x4c/0xa0
[ 111.585206][ T5039] ? clear_bhb_loop+0x30/0x80
[ 111.590070][ T5039] ? clear_bhb_loop+0x30/0x80
[ 111.595112][ T5039] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 111.601687][ T5039] RIP: 0033:0x7f3dabbd10b3
[ 111.606350][ T5039] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 3d f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[ 111.626739][ T5039] RSP: 002b:00007ffd4fc95668 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[ 111.635495][ T5039] RAX: ffffffffffffffda RBX: 000055556d66e600 RCX: 00007f3dabbd10b3
[ 111.643803][ T5039] RDX: 0000000000008000 RSI: 000055556d66e600 RDI: 0000000000000005
[ 111.652166][ T5039] RBP: 000055556d66e5d4 R08: 0000000000028a41 R09: 0000000000000000
[ 111.660707][ T5039] R10: 00007f3dabdc9cc0 R11: 0000000000000293 R12: ffffffffffffffa8
[ 111.669597][ T5039] R13: 0000000000000010 R14: 000055556d66e5d0 R15: 00007ffd4fc97920
[ 111.678638][ T5039]
[ 111.682806][ T5039] Kernel Offset: disabled
[ 111.687888][ T5039] Rebooting in 86400 seconds..