Warning: Permanently added '10.128.0.17' (ED25519) to the list of known hosts.
2026/01/19 14:02:36 parsed 1 programs
Setting up swapspace version 1, size = 127995904 bytes
[   87.538607][ T4644] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
[   89.207431][ T4672] chnl_net:caif_netlink_parms(): no params data found
[   89.261824][ T4672] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.268991][ T4672] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.277269][ T4672] device bridge_slave_0 entered promiscuous mode
[   89.286029][ T4672] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.293675][ T4672] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.302450][ T4672] device bridge_slave_1 entered promiscuous mode
[   89.327330][ T4672] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.338826][ T4672] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   89.368243][ T4672] team0: Port device team_slave_0 added
[   89.376736][ T4672] team0: Port device team_slave_1 added
[   89.398210][ T4672] batman_adv: batadv0: Adding interface: batadv_slave_0
[   89.405715][ T4672] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.431670][ T4672] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   89.443949][ T4672] batman_adv: batadv0: Adding interface: batadv_slave_1
[   89.450955][ T4672] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.477122][ T4672] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   89.521494][ T4672] device hsr_slave_0 entered promiscuous mode
[   89.528675][ T4672] device hsr_slave_1 entered promiscuous mode
[   90.000236][ T4672] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   90.026472][ T4672] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   90.056850][ T4672] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   90.077963][ T4672] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   90.169062][ T4672] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.176322][ T4672] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.183674][ T4672] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.190882][ T4672] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.210124][ T3078] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.218883][ T3078] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.296909][ T4672] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.310785][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   90.321747][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   90.332510][ T4672] 8021q: adding VLAN 0 to HW filter on device team0
[   90.343305][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   90.353599][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   90.363692][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.370822][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.390988][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   90.400799][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   90.409678][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.416918][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.428586][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   90.437495][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   90.456344][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   90.467933][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   90.476633][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   90.489541][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   90.498229][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   90.509834][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   90.522163][ T4672] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   90.535427][ T4672] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   90.544205][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   90.554141][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   90.563192][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   90.714947][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   90.722624][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   90.741659][ T4672] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.768842][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   90.778382][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   90.796171][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   90.806756][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   90.818006][ T4672] device veth0_vlan entered promiscuous mode
[   90.837463][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   90.847087][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   90.860644][ T4672] device veth1_vlan entered promiscuous mode
[   90.884024][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   90.894454][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   90.904355][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   90.914192][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   90.925230][ T4672] device veth0_macvtap entered promiscuous mode
[   90.934246][ T4672] device veth1_macvtap entered promiscuous mode
[   90.972095][ T4672] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.980430][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   90.990820][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   90.999711][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   91.008744][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   91.028524][ T4672] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.036069][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   91.045435][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   91.056416][ T4672] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.066732][ T4672] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.075852][ T4672] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.084558][ T4672] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.180623][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.199514][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.219707][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   92.234719][  T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.243395][  T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.254934][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   93.369147][ T1224] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2026/01/19 14:02:45 executed programs: 0
[   94.028308][ T4882] chnl_net:caif_netlink_parms(): no params data found
[   94.082059][ T4882] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.089662][ T4882] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.097785][ T4882] device bridge_slave_0 entered promiscuous mode
[   94.107434][ T4882] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.114565][ T4882] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.122765][ T4882] device bridge_slave_1 entered promiscuous mode
[   94.146667][ T4882] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.157994][ T4882] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.186720][ T4882] team0: Port device team_slave_0 added
[   94.195505][ T4882] team0: Port device team_slave_1 added
[   94.216929][ T4882] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.223889][ T4882] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.249987][ T4882] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.262282][ T4882] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.269461][ T4882] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.295747][ T4882] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.329258][ T4882] device hsr_slave_0 entered promiscuous mode
[   94.336195][ T4882] device hsr_slave_1 entered promiscuous mode
[   94.345882][ T4882] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   94.353457][ T4882] Cannot create hsr debugfs directory
[   95.945037][   T13] Bluetooth: hci0: command 0x0409 tx timeout
[   96.469616][ T1224] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.520046][ T1224] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.569486][ T1224] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.334208][ T4882] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   97.342814][ T4882] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   97.351672][ T4882] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   97.377315][ T4882] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   97.433375][ T4882] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.445380][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   97.453314][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   97.463462][ T4882] 8021q: adding VLAN 0 to HW filter on device team0
[   97.481988][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   97.492487][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   97.501026][  T154] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.508191][  T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.516666][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   97.542061][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   97.551087][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   97.560905][  T154] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.568086][  T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.587294][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   97.596309][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   97.605017][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   97.613601][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   97.622538][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   97.632047][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   97.640703][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   97.649267][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   97.657986][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   97.686236][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   97.694665][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   97.705573][ T4882] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   97.792179][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   97.800978][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   97.826638][ T4882] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.842006][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   97.852384][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   97.882910][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   97.891340][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   97.901078][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   97.909321][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   97.929359][ T4882] device veth0_vlan entered promiscuous mode
[   97.940619][ T4882] device veth1_vlan entered promiscuous mode
[   97.957120][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   97.965783][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   97.973737][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   97.982512][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   97.996341][ T4882] device veth0_macvtap entered promiscuous mode
[   98.004443][ T4882] device veth1_macvtap entered promiscuous mode
[   98.024950][ T4302] Bluetooth: hci0: command 0x041b tx timeout
[   98.034662][ T4882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   98.047513][ T4882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   98.058757][ T4882] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.067062][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   98.075790][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   98.083613][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   98.092490][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   98.102753][ T4882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   98.114142][ T4882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   98.125041][ T4882] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.135543][ T4882] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.144247][ T4882] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.152990][ T4882] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.161988][ T4882] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.172123][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   98.181120][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   98.206727][ T1224] device hsr_slave_0 left promiscuous mode
[   98.212902][ T1224] device hsr_slave_1 left promiscuous mode
[   98.219632][ T1224] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   98.228618][ T1224] batman_adv: batadv0: Removing interface: batadv_slave_0
[   98.236511][ T1224] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   98.243890][ T1224] batman_adv: batadv0: Removing interface: batadv_slave_1
[   98.251527][ T1224] device bridge_slave_1 left promiscuous mode
[   98.258104][ T1224] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.267594][ T1224] device bridge_slave_0 left promiscuous mode
[   98.273830][ T1224] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.285626][ T1224] device veth1_macvtap left promiscuous mode
[   98.291659][ T1224] device veth0_macvtap left promiscuous mode
[   98.297884][ T1224] device veth1_vlan left promiscuous mode
[   98.303667][ T1224] device veth0_vlan left promiscuous mode
[   98.430731][ T1224] team0 (unregistering): Port device team_slave_1 removed
[   98.442463][ T1224] team0 (unregistering): Port device team_slave_0 removed
[   98.455623][ T1224] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   98.469311][ T1224] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   98.513701][ T1224] bond0 (unregistering): Released all slaves
[   98.585161][  T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.593341][  T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.611998][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.613554][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   98.627989][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.651148][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   98.719183][ T5119] loop0: detected capacity change from 0 to 2048
[   98.787969][ T5119] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=27485, location=27485
[   98.812264][ T5119] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
2026/01/19 14:02:50 executed programs: 3
[   99.034867][ T4882] ==================================================================
[   99.043285][ T4882] BUG: KASAN: use-after-free in crc_itu_t+0x1fa/0x280
[   99.050068][ T4882] Read of size 1 at addr ffff88801e77c000 by task syz-executor/4882
[   99.058041][ T4882] 
[   99.060387][ T4882] CPU: 1 PID: 4882 Comm: syz-executor Not tainted syzkaller #0
[   99.067918][ T4882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   99.077980][ T4882] Call Trace:
[   99.081253][ T4882]  <TASK>
[   99.084176][ T4882]  dump_stack_lvl+0x188/0x250
[   99.088862][ T4882]  ? show_regs_print_info+0x20/0x20
[   99.094057][ T4882]  ? load_image+0x400/0x400
[   99.098558][ T4882]  ? _raw_spin_lock_irqsave+0xbc/0x100
[   99.104029][ T4882]  print_address_description+0x60/0x2d0
[   99.109581][ T4882]  ? crc_itu_t+0x1fa/0x280
[   99.113996][ T4882]  kasan_report+0xdf/0x130
[   99.118423][ T4882]  ? crc_itu_t+0x1fa/0x280
[   99.122851][ T4882]  crc_itu_t+0x1fa/0x280
[   99.127103][ T4882]  udf_close_lvid+0x554/0x9a0
[   99.131791][ T4882]  ? udf_open_lvid+0x5c0/0x5c0
[   99.136554][ T4882]  ? iput+0x333/0x8a0
[   99.140539][ T4882]  ? clear_inode+0x150/0x150
[   99.145129][ T4882]  udf_put_super+0xc8/0x160
[   99.149647][ T4882]  ? udf_free_in_core_inode+0x20/0x20
[   99.155015][ T4882]  generic_shutdown_super+0x130/0x300
[   99.160384][ T4882]  kill_block_super+0x7c/0xe0
[   99.165056][ T4882]  deactivate_locked_super+0x93/0xf0
[   99.170433][ T4882]  cleanup_mnt+0x42d/0x4e0
[   99.174841][ T4882]  ? lockdep_hardirqs_on+0x94/0x140
[   99.180035][ T4882]  task_work_run+0x125/0x1a0
[   99.184667][ T4882]  exit_to_user_mode_loop+0x10f/0x130
[   99.190033][ T4882]  exit_to_user_mode_prepare+0xee/0x180
[   99.195580][ T4882]  syscall_exit_to_user_mode+0x16/0x40
[   99.201124][ T4882]  do_syscall_64+0x58/0xa0
[   99.205530][ T4882]  ? clear_bhb_loop+0x30/0x80
[   99.210208][ T4882]  ? clear_bhb_loop+0x30/0x80
[   99.214902][ T4882]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   99.220813][ T4882] RIP: 0033:0x7fc7b84e2157
[   99.225235][ T4882] Code: a2 c7 05 3c 84 23 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[   99.245021][ T4882] RSP: 002b:00007ffddb8aed28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   99.253620][ T4882] RAX: 0000000000000000 RBX: 00007fc7b857533b RCX: 00007fc7b84e2157
[   99.261608][ T4882] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffddb8aede0
[   99.269587][ T4882] RBP: 00007ffddb8aede0 R08: 00007ffddb8afde0 R09: 00000000ffffffff
[   99.277565][ T4882] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffddb8afe70
[   99.285540][ T4882] R13: 00007fc7b857533b R14: 00000000000181fe R15: 00007ffddb8afeb0
[   99.293534][ T4882]  </TASK>
[   99.296545][ T4882] 
[   99.298861][ T4882] The buggy address belongs to the page:
[   99.304489][ T4882] page:ffffea000079df00 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x0 pfn:0x1e77c
[   99.314893][ T4882] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   99.322094][ T4882] raw: 00fff00000000000 ffffea0000ad5fc8 ffffea00008c3c88 0000000000000000
[   99.330676][ T4882] raw: 0000000000000000 0000000000000000 00000000ffffff7f 0000000000000000
[   99.339339][ T4882] page dumped because: kasan: bad access detected
[   99.345756][ T4882] page_owner tracks the page as freed
[   99.351109][ T4882] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102dc2(GFP_HIGHUSER|__GFP_NOWARN|__GFP_ZERO), pid 4809, ts 92433907369, free_ts 92823469605
[   99.367186][ T4882]  get_page_from_freelist+0x1bbd/0x1ca0
[   99.372737][ T4882]  __alloc_pages+0x1ee/0x480
[   99.377322][ T4882]  __vmalloc_node_range+0x4b2/0x8b0
[   99.382516][ T4882]  vmalloc_user+0x70/0x80
[   99.386900][ T4882]  kcov_mmap+0x27/0x120
[   99.391187][ T4882]  mmap_file+0x5d/0xb0
[   99.395245][ T4882]  mmap_region+0xf88/0x1650
[   99.399831][ T4882]  do_mmap+0x819/0xe90
[   99.403894][ T4882]  vm_mmap_pgoff+0x1c1/0x2d0
[   99.408475][ T4882]  ksys_mmap_pgoff+0x54b/0x790
[   99.413228][ T4882]  do_syscall_64+0x4c/0xa0
[   99.417634][ T4882]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   99.423609][ T4882] page last free stack trace:
[   99.428270][ T4882]  free_unref_page_prepare+0x637/0x6c0
[   99.433727][ T4882]  free_unref_page+0x8f/0x2a0
[   99.438397][ T4882]  __vunmap+0x8b9/0xa50
[   99.442543][ T4882]  kcov_close+0x27/0x50
[   99.446776][ T4882]  __fput+0x234/0x930
[   99.450749][ T4882]  task_work_run+0x125/0x1a0
[   99.455337][ T4882]  do_exit+0x626/0x20c0
[   99.459504][ T4882]  do_group_exit+0x12e/0x300
[   99.464113][ T4882]  get_signal+0x6ca/0x12c0
[   99.468552][ T4882]  arch_do_signal_or_restart+0xe7/0x12c0
[   99.474305][ T4882]  exit_to_user_mode_loop+0x9e/0x130
[   99.479602][ T4882]  exit_to_user_mode_prepare+0xee/0x180
[   99.485161][ T4882]  syscall_exit_to_user_mode+0x16/0x40
[   99.490619][ T4882]  do_syscall_64+0x58/0xa0
[   99.495039][ T4882]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   99.500943][ T4882] 
[   99.503276][ T4882] Memory state around the buggy address:
[   99.508990][ T4882]  ffff88801e77bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   99.517055][ T4882]  ffff88801e77bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   99.525121][ T4882] >ffff88801e77c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   99.533171][ T4882]                    ^
[   99.537340][ T4882]  ffff88801e77c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   99.545398][ T4882]  ffff88801e77c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   99.553451][ T4882] ==================================================================
[   99.561545][ T4882] Disabling lock debugging due to kernel taint
[   99.571015][ T4882] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   99.578265][ T4882] CPU: 1 PID: 4882 Comm: syz-executor Tainted: G    B             syzkaller #0
[   99.587204][ T4882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   99.597341][ T4882] Call Trace:
[   99.600614][ T4882]  <TASK>
[   99.603538][ T4882]  dump_stack_lvl+0x188/0x250
[   99.608214][ T4882]  ? show_regs_print_info+0x20/0x20
[   99.613430][ T4882]  ? load_image+0x400/0x400
[   99.617939][ T4882]  panic+0x2e5/0x810
[   99.621836][ T4882]  ? bpf_jit_dump+0xd0/0xd0
[   99.626322][ T4882]  ? _raw_spin_unlock_irqrestore+0x10d/0x120
[   99.632282][ T4882]  ? _raw_spin_unlock+0x40/0x40
[   99.637110][ T4882]  ? crc_itu_t+0x1fa/0x280
[   99.641512][ T4882]  check_panic_on_warn+0x80/0xa0
[   99.646437][ T4882]  ? crc_itu_t+0x1fa/0x280
[   99.650837][ T4882]  end_report+0x6d/0xf0
[   99.654972][ T4882]  kasan_report+0x102/0x130
[   99.659455][ T4882]  ? crc_itu_t+0x1fa/0x280
[   99.663855][ T4882]  crc_itu_t+0x1fa/0x280
[   99.668085][ T4882]  udf_close_lvid+0x554/0x9a0
[   99.672742][ T4882]  ? udf_open_lvid+0x5c0/0x5c0
[   99.677481][ T4882]  ? iput+0x333/0x8a0
[   99.681446][ T4882]  ? clear_inode+0x150/0x150
[   99.686013][ T4882]  udf_put_super+0xc8/0x160
[   99.690509][ T4882]  ? udf_free_in_core_inode+0x20/0x20
[   99.695877][ T4882]  generic_shutdown_super+0x130/0x300
[   99.701246][ T4882]  kill_block_super+0x7c/0xe0
[   99.705991][ T4882]  deactivate_locked_super+0x93/0xf0
[   99.711300][ T4882]  cleanup_mnt+0x42d/0x4e0
[   99.715716][ T4882]  ? lockdep_hardirqs_on+0x94/0x140
[   99.720910][ T4882]  task_work_run+0x125/0x1a0
[   99.725491][ T4882]  exit_to_user_mode_loop+0x10f/0x130
[   99.730932][ T4882]  exit_to_user_mode_prepare+0xee/0x180
[   99.736468][ T4882]  syscall_exit_to_user_mode+0x16/0x40
[   99.741903][ T4882]  do_syscall_64+0x58/0xa0
[   99.746300][ T4882]  ? clear_bhb_loop+0x30/0x80
[   99.750967][ T4882]  ? clear_bhb_loop+0x30/0x80
[   99.755625][ T4882]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   99.761607][ T4882] RIP: 0033:0x7fc7b84e2157
[   99.766098][ T4882] Code: a2 c7 05 3c 84 23 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[   99.786079][ T4882] RSP: 002b:00007ffddb8aed28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   99.794655][ T4882] RAX: 0000000000000000 RBX: 00007fc7b857533b RCX: 00007fc7b84e2157
[   99.802635][ T4882] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffddb8aede0
[   99.810598][ T4882] RBP: 00007ffddb8aede0 R08: 00007ffddb8afde0 R09: 00000000ffffffff
[   99.818681][ T4882] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffddb8afe70
[   99.826654][ T4882] R13: 00007fc7b857533b R14: 00000000000181fe R15: 00007ffddb8afeb0
[   99.834626][ T4882]  </TASK>
[   99.838340][ T4882] Kernel Offset: disabled
[   99.842669][ T4882] Rebooting in 86400 seconds..