Warning: Permanently added '10.128.1.209' (ED25519) to the list of known hosts.
2025/10/16 02:38:58 parsed 1 programs
[ 92.268387][ T4597] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 94.458988][ T4638] chnl_net:caif_netlink_parms(): no params data found
[ 94.514412][ T4638] bridge0: port 1(bridge_slave_0) entered blocking state
[ 94.521868][ T4638] bridge0: port 1(bridge_slave_0) entered disabled state
[ 94.529871][ T4638] device bridge_slave_0 entered promiscuous mode
[ 94.538186][ T4638] bridge0: port 2(bridge_slave_1) entered blocking state
[ 94.552003][ T4638] bridge0: port 2(bridge_slave_1) entered disabled state
[ 94.560158][ T4638] device bridge_slave_1 entered promiscuous mode
[ 94.586433][ T4638] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 94.598212][ T4638] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 94.627836][ T4638] team0: Port device team_slave_0 added
[ 94.635840][ T4638] team0: Port device team_slave_1 added
[ 94.658253][ T4638] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 94.665485][ T4638] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 94.692048][ T4638] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 94.704882][ T4638] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 94.711935][ T4638] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 94.738150][ T4638] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 94.775463][ T4638] device hsr_slave_0 entered promiscuous mode
[ 94.782452][ T4638] device hsr_slave_1 entered promiscuous mode
[ 95.353593][ T4638] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 95.373617][ T4638] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 95.402789][ T4638] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 95.423568][ T4638] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 95.529460][ T4638] 8021q: adding VLAN 0 to HW filter on device bond0
[ 95.555387][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 95.564990][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 95.576676][ T4638] 8021q: adding VLAN 0 to HW filter on device team0
[ 95.591707][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 95.606293][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 95.617520][ T629] bridge0: port 1(bridge_slave_0) entered blocking state
[ 95.624665][ T629] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 95.652311][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 95.671864][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 95.682034][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 95.692461][ T629] bridge0: port 2(bridge_slave_1) entered blocking state
[ 95.699550][ T629] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 95.708052][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 95.730762][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 95.739764][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 95.772160][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 95.780980][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 95.800776][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 95.809436][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 95.828858][ T4638] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 95.843943][ T4638] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 95.857204][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 95.867807][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 95.876705][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 95.885762][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 95.894757][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 96.014768][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 96.024230][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 96.052465][ T4638] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 96.076054][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 96.086675][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 96.121882][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 96.130609][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 96.139744][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 96.148832][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 96.159021][ T4638] device veth0_vlan entered promiscuous mode
[ 96.170823][ T4638] device veth1_vlan entered promiscuous mode
[ 96.208630][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 96.217897][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 96.227224][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 96.236179][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 96.261333][ T4638] device veth0_macvtap entered promiscuous mode
[ 96.271435][ T4638] device veth1_macvtap entered promiscuous mode
[ 96.288813][ T4638] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 96.298809][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 96.308310][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 96.317820][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 96.326846][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 96.340948][ T4638] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 96.362360][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 96.373334][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 96.384469][ T4638] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.393569][ T4638] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.404319][ T4638] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.413484][ T4638] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.428116][ T629] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 97.470250][ T4259] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 97.471149][ T629] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 97.478306][ T4259] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 97.494119][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 97.512699][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
2025/10/16 02:39:07 executed programs: 0
[ 98.228502][ T4794] chnl_net:caif_netlink_parms(): no params data found
[ 98.331650][ T4794] bridge0: port 1(bridge_slave_0) entered blocking state
[ 98.350114][ T4794] bridge0: port 1(bridge_slave_0) entered disabled state
[ 98.361767][ T4794] device bridge_slave_0 entered promiscuous mode
[ 98.381582][ T4794] bridge0: port 2(bridge_slave_1) entered blocking state
[ 98.400444][ T4794] bridge0: port 2(bridge_slave_1) entered disabled state
[ 98.408513][ T4794] device bridge_slave_1 entered promiscuous mode
[ 98.471790][ T4794] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 98.488316][ T4794] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 98.545399][ T4794] team0: Port device team_slave_0 added
[ 98.561983][ T4794] team0: Port device team_slave_1 added
[ 98.613102][ T4794] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 98.630093][ T4794] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 98.680092][ T4794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 98.701802][ T4794] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 98.708770][ T4794] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 98.747737][ T4794] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 98.791630][ T4794] device hsr_slave_0 entered promiscuous mode
[ 98.798478][ T4794] device hsr_slave_1 entered promiscuous mode
[ 98.814105][ T4794] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 98.823116][ T4794] Cannot create hsr debugfs directory
[ 98.841591][ T150] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 100.091418][ T4691] Bluetooth: hci0: command 0x0409 tx timeout
[ 100.979197][ T150] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 101.036534][ T150] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 101.099225][ T150] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 101.987382][ T4794] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 101.996768][ T4794] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 102.006913][ T4794] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 102.017645][ T4794] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 102.074685][ T4794] 8021q: adding VLAN 0 to HW filter on device bond0
[ 102.098544][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 102.107076][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 102.118993][ T4794] 8021q: adding VLAN 0 to HW filter on device team0
[ 102.135585][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 102.146420][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 102.155187][ T144] bridge0: port 1(bridge_slave_0) entered blocking state
[ 102.162410][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 102.170756][ T4216] Bluetooth: hci0: command 0x041b tx timeout
[ 102.178257][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 102.186539][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 102.195506][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 102.204502][ T144] bridge0: port 2(bridge_slave_1) entered blocking state
[ 102.212148][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 102.232721][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 102.241974][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 102.251143][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 102.261009][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 102.269421][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 102.287312][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 102.296393][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 102.311607][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 102.320908][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 102.334772][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 102.344114][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 102.356106][ T150] device hsr_slave_0 left promiscuous mode
[ 102.363541][ T150] device hsr_slave_1 left promiscuous mode
[ 102.370461][ T150] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 102.377878][ T150] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 102.386060][ T150] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 102.393863][ T150] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 102.402456][ T150] device bridge_slave_1 left promiscuous mode
[ 102.408627][ T150] bridge0: port 2(bridge_slave_1) entered disabled state
[ 102.416934][ T150] device bridge_slave_0 left promiscuous mode
[ 102.423482][ T150] bridge0: port 1(bridge_slave_0) entered disabled state
[ 102.434174][ T150] device veth1_macvtap left promiscuous mode
[ 102.440428][ T150] device veth0_macvtap left promiscuous mode
[ 102.446485][ T150] device veth1_vlan left promiscuous mode
[ 102.452367][ T150] device veth0_vlan left promiscuous mode
[ 102.572267][ T150] team0 (unregistering): Port device team_slave_1 removed
[ 102.585280][ T150] team0 (unregistering): Port device team_slave_0 removed
[ 102.596072][ T150] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 102.608344][ T150] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 102.658164][ T150] bond0 (unregistering): Released all slaves
[ 102.706387][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 102.792297][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 102.799863][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 102.814892][ T4794] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 102.835731][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 102.845064][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 102.862045][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 102.870883][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 102.879161][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 102.887421][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 102.899759][ T4794] device veth0_vlan entered promiscuous mode
[ 102.911838][ T4794] device veth1_vlan entered promiscuous mode
[ 102.932127][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 102.941005][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 102.949151][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 102.958196][ T5042] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 102.969202][ T4794] device veth0_macvtap entered promiscuous mode
[ 102.980317][ T4794] device veth1_macvtap entered promiscuous mode
[ 103.000675][ T4794] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 103.008349][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 103.016854][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 103.025938][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 103.035232][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 103.046525][ T4794] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 103.058507][ T4794] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.067893][ T4794] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.077532][ T4794] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.087138][ T4794] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.097688][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 103.106790][ T629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 103.173844][ T629] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 103.196299][ T629] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 103.204104][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 103.214542][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/10/16 02:39:12 executed programs: 2
[ 103.224710][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 103.237615][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 103.335833][ T5048] loop0: detected capacity change from 0 to 8192
[ 103.449761][ T5048] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[ 103.460341][ T5048] REISERFS (device loop0): using ordered data mode
[ 103.467100][ T5048] reiserfs: using flush barriers
[ 103.486283][ T5048] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 103.530750][ T5048] REISERFS (device loop0): checking transaction log (loop0)
[ 103.551400][ T5048] REISERFS (device loop0): Using tea hash to sort names
[ 103.583513][ T5048] REISERFS warning (device loop0): jdm-13090 reiserfs_new_inode: ACLs aren't enabled in the fs, but vfs thinks they are!
[ 103.597700][ T5048] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[ 103.816655][ T5051] loop0: detected capacity change from 0 to 8192
[ 103.836389][ T5051] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[ 103.859163][ T5051] REISERFS (device loop0): using ordered data mode
[ 103.880359][ T5051] reiserfs: using flush barriers
[ 103.891426][ T5051] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 103.925018][ T5051] REISERFS (device loop0): checking transaction log (loop0)
[ 103.933638][ T5051] REISERFS (device loop0): Using tea hash to sort names
[ 103.941341][ T5051] ==================================================================
[ 103.949591][ T5051] BUG: KASAN: use-after-free in search_by_entry_key+0x597/0x1370
[ 103.957508][ T5051] Read of size 4 at addr ffff88806d55e7c4 by task syz.0.17/5051
[ 103.965143][ T5051]
[ 103.967474][ T5051] CPU: 1 PID: 5051 Comm: syz.0.17 Not tainted syzkaller #0
[ 103.974837][ T5051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 103.984992][ T5051] Call Trace:
[ 103.988286][ T5051]
[ 103.991213][ T5051] dump_stack_lvl+0x168/0x230
[ 103.995998][ T5051] ? show_regs_print_info+0x20/0x20
[ 104.001297][ T5051] ? _printk+0xcc/0x110
[ 104.005582][ T5051] ? search_by_entry_key+0x597/0x1370
[ 104.010979][ T5051] ? load_image+0x3b0/0x3b0
[ 104.015574][ T5051] ? _raw_spin_lock_irqsave+0xb0/0xf0
[ 104.020951][ T5051] print_address_description+0x60/0x2d0
[ 104.026513][ T5051] ? search_by_entry_key+0x597/0x1370
[ 104.031901][ T5051] kasan_report+0xdf/0x130
[ 104.036333][ T5051] ? search_by_entry_key+0x597/0x1370
[ 104.041840][ T5051] search_by_entry_key+0x597/0x1370
[ 104.047147][ T5051] ? make_cpu_key+0x2b/0x220
[ 104.051744][ T5051] reiserfs_find_entry+0x2ff/0x18e0
[ 104.056944][ T5051] ? mutex_lock_io_nested+0x60/0x60
[ 104.062328][ T5051] ? reiserfs_get_parent+0x270/0x270
[ 104.067619][ T5051] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 104.073617][ T5051] ? mutex_lock_nested+0x17/0x20
[ 104.078549][ T5051] reiserfs_lookup+0x1a7/0x420
[ 104.083307][ T5051] ? reiserfs_find_entry+0x18e0/0x18e0
[ 104.088860][ T5051] ? __init_waitqueue_head+0xa5/0x150
[ 104.094225][ T5051] __lookup_slow+0x27d/0x3d0
[ 104.098805][ T5051] ? lookup_one_len+0x2c0/0x2c0
[ 104.103653][ T5051] lookup_one_len+0x18e/0x2c0
[ 104.108375][ T5051] ? lookup_one_common+0x460/0x460
[ 104.113571][ T5051] reiserfs_lookup_privroot+0x85/0x1e0
[ 104.119018][ T5051] reiserfs_fill_super+0x1f65/0x23e0
[ 104.124390][ T5051] ? reiserfs_kill_sb+0x140/0x140
[ 104.129481][ T5051] ? snprintf+0xd7/0x120
[ 104.133820][ T5051] ? vscnprintf+0x80/0x80
[ 104.138216][ T5051] ? set_blocksize+0x1f1/0x370
[ 104.142974][ T5051] ? sb_set_blocksize+0xa5/0xe0
[ 104.147895][ T5051] mount_bdev+0x287/0x3c0
[ 104.152212][ T5051] ? reiserfs_kill_sb+0x140/0x140
[ 104.157315][ T5051] legacy_get_tree+0xe6/0x180
[ 104.162159][ T5051] ? remove_save_link+0x3c0/0x3c0
[ 104.167254][ T5051] vfs_get_tree+0x88/0x270
[ 104.171652][ T5051] do_new_mount+0x24a/0xa40
[ 104.176237][ T5051] __se_sys_mount+0x2d6/0x3c0
[ 104.181096][ T5051] ? __x64_sys_mount+0xc0/0xc0
[ 104.185844][ T5051] ? lockdep_hardirqs_on+0x94/0x140
[ 104.191165][ T5051] ? __x64_sys_mount+0x1c/0xc0
[ 104.196006][ T5051] do_syscall_64+0x4c/0xa0
[ 104.200406][ T5051] ? clear_bhb_loop+0x30/0x80
[ 104.205067][ T5051] ? clear_bhb_loop+0x30/0x80
[ 104.209737][ T5051] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 104.216122][ T5051] RIP: 0033:0x7f0f9660290a
[ 104.220586][ T5051] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 104.240661][ T5051] RSP: 002b:00007f0f95871e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 104.249347][ T5051] RAX: ffffffffffffffda RBX: 00007f0f95871ef0 RCX: 00007f0f9660290a
[ 104.257397][ T5051] RDX: 0000400000000180 RSI: 0000400000000040 RDI: 00007f0f95871eb0
[ 104.265363][ T5051] RBP: 0000400000000180 R08: 00007f0f95871ef0 R09: 000000000001801c
[ 104.273334][ T5051] R10: 000000000001801c R11: 0000000000000246 R12: 0000400000000040
[ 104.281298][ T5051] R13: 00007f0f95871eb0 R14: 000000000000112d R15: 0000400000000300
[ 104.289299][ T5051]
[ 104.292306][ T5051]
[ 104.294620][ T5051] The buggy address belongs to the page:
[ 104.300320][ T5051] page:ffffea0001b55780 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6d55e
[ 104.310628][ T5051] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 104.317870][ T5051] raw: 00fff00000000000 ffffea0001cb19c8 ffffea0001a55348 0000000000000000
[ 104.326690][ T5051] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[ 104.335252][ T5051] page dumped because: kasan: bad access detected
[ 104.341687][ T5051] page_owner tracks the page as freed
[ 104.347053][ T5051] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), pid 4792, ts 97984460709, free_ts 103624983569
[ 104.362953][ T5051] get_page_from_freelist+0x1b77/0x1c60
[ 104.368638][ T5051] __alloc_pages+0x1e1/0x470
[ 104.373334][ T5051] alloc_pages_vma+0x393/0x7c0
[ 104.378094][ T5051] handle_mm_fault+0x2382/0x43c0
[ 104.383112][ T5051] do_user_addr_fault+0x489/0xc80
[ 104.388207][ T5051] exc_page_fault+0x60/0x100
[ 104.392781][ T5051] asm_exc_page_fault+0x22/0x30
[ 104.397704][ T5051] copy_user_generic_unrolled+0xa0/0xc0
[ 104.403326][ T5051] _copy_to_user+0xf0/0x130
[ 104.407847][ T5051] create_elf_tables+0x183/0x1300
[ 104.412887][ T5051] load_elf_binary+0x1fa5/0x2890
[ 104.417851][ T5051] bprm_execve+0xa92/0x17d0
[ 104.422337][ T5051] do_execveat_common+0x51e/0x6d0
[ 104.427344][ T5051] __x64_sys_execve+0x8e/0xa0
[ 104.432014][ T5051] do_syscall_64+0x4c/0xa0
[ 104.436412][ T5051] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 104.442432][ T5051] page last free stack trace:
[ 104.447185][ T5051] free_unref_page_prepare+0x637/0x6c0
[ 104.452680][ T5051] free_unref_page_list+0x122/0x7e0
[ 104.457862][ T5051] release_pages+0x184b/0x1bb0
[ 104.462610][ T5051] tlb_finish_mmu+0x164/0x2e0
[ 104.467383][ T5051] exit_mmap+0x3a6/0x5f0
[ 104.471603][ T5051] __mmput+0x115/0x3b0
[ 104.475706][ T5051] exit_mm+0x567/0x6c0
[ 104.479786][ T5051] do_exit+0x5a1/0x20a0
[ 104.483922][ T5051] do_group_exit+0x12e/0x300
[ 104.488500][ T5051] get_signal+0x6ca/0x12c0
[ 104.492982][ T5051] arch_do_signal_or_restart+0xc1/0x1300
[ 104.498860][ T5051] exit_to_user_mode_loop+0x9e/0x130
[ 104.504130][ T5051] exit_to_user_mode_prepare+0xee/0x180
[ 104.509920][ T5051] syscall_exit_to_user_mode+0x16/0x40
[ 104.515625][ T5051] do_syscall_64+0x58/0xa0
[ 104.520024][ T5051] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 104.525906][ T5051]
[ 104.528213][ T5051] Memory state around the buggy address:
[ 104.533909][ T5051] ffff88806d55e680: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 104.542044][ T5051] ffff88806d55e700: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 104.550089][ T5051] >ffff88806d55e780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 104.558215][ T5051] ^
[ 104.564439][ T5051] ffff88806d55e800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 104.572585][ T5051] ffff88806d55e880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 104.580644][ T5051] ==================================================================
[ 104.588804][ T5051] Disabling lock debugging due to kernel taint
[ 104.608579][ T5051] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 104.615808][ T5051] CPU: 1 PID: 5051 Comm: syz.0.17 Tainted: G B syzkaller #0
[ 104.624403][ T5051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 104.625631][ T4216] Bluetooth: hci0: command 0x040f tx timeout
[ 104.634543][ T5051] Call Trace:
[ 104.634550][ T5051]
[ 104.634557][ T5051] dump_stack_lvl+0x168/0x230
[ 104.651483][ T5051] ? show_regs_print_info+0x20/0x20
[ 104.656767][ T5051] ? load_image+0x3b0/0x3b0
[ 104.661290][ T5051] panic+0x2c9/0x7f0
[ 104.665203][ T5051] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 104.671377][ T5051] ? bpf_jit_dump+0xd0/0xd0
[ 104.676138][ T5051] ? _raw_spin_unlock_irqrestore+0xf6/0x100
[ 104.682025][ T5051] ? _raw_spin_unlock+0x40/0x40
[ 104.686870][ T5051] ? search_by_entry_key+0x597/0x1370
[ 104.692320][ T5051] check_panic_on_warn+0x80/0xa0
[ 104.697415][ T5051] ? search_by_entry_key+0x597/0x1370
[ 104.702788][ T5051] end_report+0x6d/0xf0
[ 104.706939][ T5051] kasan_report+0x102/0x130
[ 104.711608][ T5051] ? search_by_entry_key+0x597/0x1370
[ 104.717170][ T5051] search_by_entry_key+0x597/0x1370
[ 104.722435][ T5051] ? make_cpu_key+0x2b/0x220
[ 104.727031][ T5051] reiserfs_find_entry+0x2ff/0x18e0
[ 104.732222][ T5051] ? mutex_lock_io_nested+0x60/0x60
[ 104.737422][ T5051] ? reiserfs_get_parent+0x270/0x270
[ 104.742789][ T5051] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 104.748752][ T5051] ? mutex_lock_nested+0x17/0x20
[ 104.753667][ T5051] reiserfs_lookup+0x1a7/0x420
[ 104.758499][ T5051] ? reiserfs_find_entry+0x18e0/0x18e0
[ 104.764165][ T5051] ? __init_waitqueue_head+0xa5/0x150
[ 104.769543][ T5051] __lookup_slow+0x27d/0x3d0
[ 104.774189][ T5051] ? lookup_one_len+0x2c0/0x2c0
[ 104.779246][ T5051] lookup_one_len+0x18e/0x2c0
[ 104.784031][ T5051] ? lookup_one_common+0x460/0x460
[ 104.789172][ T5051] reiserfs_lookup_privroot+0x85/0x1e0
[ 104.794755][ T5051] reiserfs_fill_super+0x1f65/0x23e0
[ 104.800152][ T5051] ? reiserfs_kill_sb+0x140/0x140
[ 104.805171][ T5051] ? snprintf+0xd7/0x120
[ 104.809399][ T5051] ? vscnprintf+0x80/0x80
[ 104.813810][ T5051] ? set_blocksize+0x1f1/0x370
[ 104.818583][ T5051] ? sb_set_blocksize+0xa5/0xe0
[ 104.823595][ T5051] mount_bdev+0x287/0x3c0
[ 104.827926][ T5051] ? reiserfs_kill_sb+0x140/0x140
[ 104.832949][ T5051] legacy_get_tree+0xe6/0x180
[ 104.837623][ T5051] ? remove_save_link+0x3c0/0x3c0
[ 104.842669][ T5051] vfs_get_tree+0x88/0x270
[ 104.847124][ T5051] do_new_mount+0x24a/0xa40
[ 104.851630][ T5051] __se_sys_mount+0x2d6/0x3c0
[ 104.856342][ T5051] ? __x64_sys_mount+0xc0/0xc0
[ 104.861544][ T5051] ? lockdep_hardirqs_on+0x94/0x140
[ 104.866878][ T5051] ? __x64_sys_mount+0x1c/0xc0
[ 104.871663][ T5051] do_syscall_64+0x4c/0xa0
[ 104.876092][ T5051] ? clear_bhb_loop+0x30/0x80
[ 104.880757][ T5051] ? clear_bhb_loop+0x30/0x80
[ 104.885906][ T5051] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 104.891884][ T5051] RIP: 0033:0x7f0f9660290a
[ 104.896282][ T5051] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 104.916992][ T5051] RSP: 002b:00007f0f95871e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 104.925565][ T5051] RAX: ffffffffffffffda RBX: 00007f0f95871ef0 RCX: 00007f0f9660290a
[ 104.933525][ T5051] RDX: 0000400000000180 RSI: 0000400000000040 RDI: 00007f0f95871eb0
[ 104.941585][ T5051] RBP: 0000400000000180 R08: 00007f0f95871ef0 R09: 000000000001801c
[ 104.949698][ T5051] R10: 000000000001801c R11: 0000000000000246 R12: 0000400000000040
[ 104.957749][ T5051] R13: 00007f0f95871eb0 R14: 000000000000112d R15: 0000400000000300
[ 104.966152][ T5051]
[ 104.969367][ T5051] Kernel Offset: disabled
[ 104.973712][ T5051] Rebooting in 86400 seconds..