Warning: Permanently added '10.128.0.76' (ED25519) to the list of known hosts.
2026/01/15 08:21:58 parsed 1 programs
[ 73.554348][ T4189] cgroup: Unknown subsys name 'net'
[ 73.674215][ T4189] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 75.333760][ T4189] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 76.971474][ T1425] ieee802154 phy0 wpan0: encryption failed: -22
[ 76.980505][ T1425] ieee802154 phy1 wpan1: encryption failed: -22
[ 77.965506][ T155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 77.984825][ T155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 78.003823][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 78.023266][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 78.046418][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 78.063881][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 78.868997][ T4238] chnl_net:caif_netlink_parms(): no params data found
[ 78.932628][ T4238] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.941997][ T4238] bridge0: port 1(bridge_slave_0) entered disabled state
[ 78.951244][ T4238] device bridge_slave_0 entered promiscuous mode
[ 78.963100][ T4238] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.971715][ T4238] bridge0: port 2(bridge_slave_1) entered disabled state
[ 78.980533][ T4238] device bridge_slave_1 entered promiscuous mode
[ 79.009071][ T4238] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 79.021657][ T4238] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 79.057679][ T4238] team0: Port device team_slave_0 added
[ 79.066767][ T4238] team0: Port device team_slave_1 added
[ 79.091357][ T4238] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 79.098652][ T4238] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 79.130268][ T4238] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 79.144568][ T4238] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 79.152242][ T4238] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 79.183242][ T4238] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 79.219204][ T4238] device hsr_slave_0 entered promiscuous mode
[ 79.229697][ T4238] device hsr_slave_1 entered promiscuous mode
[ 79.475491][ T4238] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 79.488466][ T4238] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 79.498715][ T4238] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 79.509274][ T4238] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 79.583728][ T4238] 8021q: adding VLAN 0 to HW filter on device bond0
[ 79.600618][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 79.612261][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 79.621281][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 79.633954][ T4238] 8021q: adding VLAN 0 to HW filter on device team0
[ 79.647870][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 79.659802][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 79.672609][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 79.680801][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 79.692490][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 79.705238][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 79.716743][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 79.728899][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 79.738425][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 79.781403][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 79.792600][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 79.807475][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 79.826458][ T4238] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 79.838125][ T4238] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 79.854227][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 79.865098][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 79.874717][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 79.990284][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 79.998164][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 80.013641][ T4238] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 80.034404][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 80.045973][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 80.089553][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 80.100520][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 80.111320][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 80.121191][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 80.132619][ T4238] device veth0_vlan entered promiscuous mode
[ 80.148067][ T4238] device veth1_vlan entered promiscuous mode
[ 80.185718][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 80.194758][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 80.203830][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 80.215139][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 80.227518][ T4238] device veth0_macvtap entered promiscuous mode
[ 80.240060][ T4238] device veth1_macvtap entered promiscuous mode
[ 80.276447][ T4238] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 80.285393][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 80.293776][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 80.302914][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 80.311870][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 80.324774][ T4238] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 80.355242][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 80.367911][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 80.383125][ T4238] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.393546][ T4238] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.404668][ T4238] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.416335][ T4238] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.527220][ T4238] syz-executor (4238) used greatest stack depth: 20424 bytes left
2026/01/15 08:22:09 executed programs: 0
[ 82.440470][ T4295] chnl_net:caif_netlink_parms(): no params data found
[ 82.497207][ T4295] bridge0: port 1(bridge_slave_0) entered blocking state
[ 82.504689][ T4295] bridge0: port 1(bridge_slave_0) entered disabled state
[ 82.514631][ T4295] device bridge_slave_0 entered promiscuous mode
[ 82.523635][ T4295] bridge0: port 2(bridge_slave_1) entered blocking state
[ 82.531579][ T4295] bridge0: port 2(bridge_slave_1) entered disabled state
[ 82.541462][ T4295] device bridge_slave_1 entered promiscuous mode
[ 82.561383][ T1428] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 82.594343][ T4295] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 82.605618][ T4295] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 82.632488][ T4295] team0: Port device team_slave_0 added
[ 82.641993][ T4295] team0: Port device team_slave_1 added
[ 82.665335][ T4295] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 82.678958][ T4295] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 82.712989][ T4295] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 82.729565][ T4295] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 82.737867][ T4295] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 82.767549][ T4295] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 82.799907][ T4295] device hsr_slave_0 entered promiscuous mode
[ 82.807790][ T4295] device hsr_slave_1 entered promiscuous mode
[ 82.814609][ T4295] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 82.823072][ T4295] Cannot create hsr debugfs directory
[ 84.327743][ T4268] Bluetooth: hci0: command 0x0409 tx timeout
[ 85.365945][ T1428] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 85.422560][ T1428] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 85.495267][ T1428] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 86.318011][ T4295] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 86.351400][ T4295] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 86.363003][ T4295] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 86.374571][ T4295] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 86.406847][ T4256] Bluetooth: hci0: command 0x041b tx timeout
[ 86.466069][ T4295] 8021q: adding VLAN 0 to HW filter on device bond0
[ 86.481771][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 86.491535][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 86.523525][ T4295] 8021q: adding VLAN 0 to HW filter on device team0
[ 86.533789][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 86.544159][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 86.553255][ T154] bridge0: port 1(bridge_slave_0) entered blocking state
[ 86.560442][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 86.570695][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 86.584500][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 86.594400][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 86.603360][ T154] bridge0: port 2(bridge_slave_1) entered blocking state
[ 86.610939][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 86.641486][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 86.657600][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 86.670457][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 86.681411][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 86.691573][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 86.704812][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 86.714522][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 86.729627][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 86.739542][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 86.770940][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 86.780452][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 86.792769][ T4295] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 86.865615][ T1428] device hsr_slave_0 left promiscuous mode
[ 86.873581][ T1428] device hsr_slave_1 left promiscuous mode
[ 86.882602][ T1428] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 86.892364][ T1428] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 86.902766][ T1428] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 86.912245][ T1428] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 86.921308][ T1428] device bridge_slave_1 left promiscuous mode
[ 86.930918][ T1428] bridge0: port 2(bridge_slave_1) entered disabled state
[ 86.949944][ T1428] device bridge_slave_0 left promiscuous mode
[ 86.957780][ T1428] bridge0: port 1(bridge_slave_0) entered disabled state
[ 86.978891][ T1428] device veth1_macvtap left promiscuous mode
[ 86.989423][ T1428] device veth0_macvtap left promiscuous mode
[ 87.001804][ T1428] device veth1_vlan left promiscuous mode
[ 87.008313][ T1428] device veth0_vlan left promiscuous mode
[ 87.225918][ T1428] team0 (unregistering): Port device team_slave_1 removed
[ 87.245531][ T1428] team0 (unregistering): Port device team_slave_0 removed
[ 87.266584][ T1428] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 87.288989][ T1428] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 87.387033][ T1428] bond0 (unregistering): Released all slaves
[ 87.571224][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 87.583777][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 87.604990][ T4295] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 87.631446][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 87.645090][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 87.672496][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 87.683240][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 87.709008][ T4295] device veth0_vlan entered promiscuous mode
[ 87.721217][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 87.733162][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 87.752395][ T4295] device veth1_vlan entered promiscuous mode
[ 87.782398][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 87.793278][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 87.804549][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 87.819740][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 87.832595][ T4295] device veth0_macvtap entered promiscuous mode
[ 87.844514][ T4295] device veth1_macvtap entered promiscuous mode
[ 87.865438][ T4295] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 87.874491][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 87.886293][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 87.896503][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 87.909671][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 87.922336][ T4295] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 87.938067][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 87.950595][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 87.965210][ T4295] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 87.978418][ T4295] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 87.988025][ T4295] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.000254][ T4295] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.074102][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 88.098053][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 88.103461][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 88.112838][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 88.124625][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 88.135533][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 88.467684][ T4356] loop0: detected capacity change from 0 to 32768
[ 88.488542][ T4256] Bluetooth: hci0: command 0x040f tx timeout
[ 88.570949][ T4356] UFO tlock:0xffffc90002892288
[ 88.582062][ T4356] ==================================================================
[ 88.590493][ T4356] BUG: KASAN: use-after-free in lmWriteRecord+0x4c8/0x1aa0
[ 88.598024][ T4356] Read of size 32 at addr ffff88807c9bae00 by task syz.0.17/4356
[ 88.606128][ T4356]
[ 88.608495][ T4356] CPU: 0 PID: 4356 Comm: syz.0.17 Not tainted syzkaller #0
[ 88.616960][ T4356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 88.629016][ T4356] Call Trace:
[ 88.632973][ T4356]
[ 88.636197][ T4356] dump_stack_lvl+0x168/0x230
[ 88.642594][ T4356] ? show_regs_print_info+0x20/0x20
[ 88.649077][ T4356] ? _printk+0xcc/0x110
[ 88.654551][ T4356] ? lmWriteRecord+0x4c8/0x1aa0
[ 88.659829][ T4356] ? load_image+0x3b0/0x3b0
[ 88.665541][ T4356] print_address_description+0x60/0x2d0
[ 88.672513][ T4356] ? lmWriteRecord+0x4c8/0x1aa0
[ 88.678039][ T4356] kasan_report+0xdf/0x130
[ 88.683241][ T4356] ? lmWriteRecord+0x4c8/0x1aa0
[ 88.689039][ T4356] ? lmWriteRecord+0x4c8/0x1aa0
[ 88.694167][ T4356] kasan_check_range+0x27b/0x290
[ 88.699469][ T4356] memcpy+0x25/0x60
[ 88.703487][ T4356] lmWriteRecord+0x4c8/0x1aa0
[ 88.708501][ T4356] lmLog+0x6f6/0xa30
[ 88.713328][ T4356] txCommit+0x1c2b/0x51c0
[ 88.718866][ T4356] ? ktime_get_real_ts64+0x420/0x420
[ 88.725596][ T4356] ? txLinelock+0x160/0x160
[ 88.730795][ T4356] ? rcu_is_watching+0x11/0xa0
[ 88.736883][ T4356] ? __mark_inode_dirty+0x3a4/0xc90
[ 88.743154][ T4356] jfs_mkdir+0x875/0xa70
[ 88.748837][ T4356] ? jfs_symlink+0xe60/0xe60
[ 88.753714][ T4356] ? make_kgid+0x640/0x640
[ 88.758775][ T4356] ? apparmor_path_mkdir+0x1a3/0x220
[ 88.764499][ T4356] ? generic_permission+0x230/0x510
[ 88.769829][ T4356] ? inode_permission+0xef/0x480
[ 88.774858][ T4356] ? bpf_lsm_inode_mkdir+0x5/0x10
[ 88.779913][ T4356] ? security_inode_mkdir+0xb3/0x100
[ 88.785447][ T4356] vfs_mkdir+0x387/0x570
[ 88.789744][ T4356] do_mkdirat+0x1d7/0x5a0
[ 88.794123][ T4356] ? vfs_mkdir+0x570/0x570
[ 88.798684][ T4356] ? getname_flags+0x1fe/0x500
[ 88.803715][ T4356] __x64_sys_mkdirat+0x85/0x90
[ 88.808640][ T4356] do_syscall_64+0x4c/0xa0
[ 88.813183][ T4356] ? clear_bhb_loop+0x30/0x80
[ 88.817890][ T4356] ? clear_bhb_loop+0x30/0x80
[ 88.822709][ T4356] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 88.828736][ T4356] RIP: 0033:0x7fb7bb20ce97
[ 88.833216][ T4356] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 88.853398][ T4356] RSP: 002b:00007fff32797068 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 88.862236][ T4356] RAX: ffffffffffffffda RBX: 00007fff327970f0 RCX: 00007fb7bb20ce97
[ 88.870258][ T4356] RDX: 00000000000001ff RSI: 0000200000000000 RDI: 00000000ffffff9c
[ 88.878486][ T4356] RBP: 00002000000002c0 R08: 0000200000000080 R09: 0000000000000000
[ 88.886767][ T4356] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000200000000000
[ 88.894899][ T4356] R13: 00007fff327970b0 R14: 0000000000000000 R15: 0000000000000000
[ 88.903215][ T4356]
[ 88.906275][ T4356]
[ 88.908751][ T4356] Allocated by task 4126:
[ 88.913155][ T4356] __kasan_slab_alloc+0x9c/0xd0
[ 88.918233][ T4356] slab_post_alloc_hook+0x4c/0x380
[ 88.923632][ T4356] kmem_cache_alloc+0x100/0x290
[ 88.928660][ T4356] vm_area_alloc+0x20/0xe0
[ 88.933133][ T4356] mmap_region+0xac7/0x1660
[ 88.938132][ T4356] do_mmap+0x81f/0xea0
[ 88.942440][ T4356] vm_mmap_pgoff+0x1b2/0x2b0
[ 88.947478][ T4356] ksys_mmap_pgoff+0x542/0x780
[ 88.952478][ T4356] do_syscall_64+0x4c/0xa0
[ 88.957030][ T4356] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 88.962984][ T4356]
[ 88.965636][ T4356] Freed by task 4126:
[ 88.969743][ T4356] kasan_set_track+0x4b/0x70
[ 88.974656][ T4356] kasan_set_free_info+0x1f/0x40
[ 88.979910][ T4356] ____kasan_slab_free+0xd5/0x110
[ 88.985998][ T4356] slab_free_freelist_hook+0xea/0x170
[ 88.991653][ T4356] kmem_cache_free+0x8f/0x210
[ 88.996745][ T4356] exit_mmap+0x4d8/0x5f0
[ 89.001468][ T4356] __mmput+0x115/0x3b0
[ 89.006108][ T4356] exit_mm+0x567/0x6c0
[ 89.010642][ T4356] do_exit+0x5a1/0x20a0
[ 89.015805][ T4356] do_group_exit+0x12e/0x300
[ 89.020958][ T4356] __x64_sys_exit_group+0x3b/0x40
[ 89.026201][ T4356] do_syscall_64+0x4c/0xa0
[ 89.031016][ T4356] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 89.037231][ T4356]
[ 89.039673][ T4356] The buggy address belongs to the object at ffff88807c9bad68
[ 89.039673][ T4356] which belongs to the cache vm_area_struct of size 200
[ 89.056675][ T4356] The buggy address is located 152 bytes inside of
[ 89.056675][ T4356] 200-byte region [ffff88807c9bad68, ffff88807c9bae30)
[ 89.071550][ T4356] The buggy address belongs to the page:
[ 89.077320][ T4356] page:ffffea0001f26e80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7c9ba
[ 89.087603][ T4356] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 89.095629][ T4356] raw: 00fff00000000200 0000000000000000 dead000000000122 ffff8880169e9a00
[ 89.105255][ T4356] raw: 0000000000000000 00000000000f000f 00000001ffffffff 0000000000000000
[ 89.114335][ T4356] page dumped because: kasan: bad access detected
[ 89.120971][ T4356] page_owner tracks the page as allocated
[ 89.127196][ T4356] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 4126, ts 60760471855, free_ts 60756826050
[ 89.144359][ T4356] get_page_from_freelist+0x1b77/0x1c60
[ 89.150416][ T4356] __alloc_pages+0x1e1/0x470
[ 89.155606][ T4356] new_slab+0xc0/0x4b0
[ 89.159904][ T4356] ___slab_alloc+0x81e/0xdf0
[ 89.164897][ T4356] kmem_cache_alloc+0x195/0x290
[ 89.170325][ T4356] vm_area_alloc+0x20/0xe0
[ 89.175434][ T4356] mmap_region+0xac7/0x1660
[ 89.180773][ T4356] do_mmap+0x81f/0xea0
[ 89.185086][ T4356] vm_mmap_pgoff+0x1b2/0x2b0
[ 89.189745][ T4356] ksys_mmap_pgoff+0x542/0x780
[ 89.195158][ T4356] do_syscall_64+0x4c/0xa0
[ 89.199657][ T4356] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 89.206147][ T4356] page last free stack trace:
[ 89.211031][ T4356] free_unref_page_prepare+0x637/0x6c0
[ 89.216795][ T4356] free_unref_page_list+0x122/0x7e0
[ 89.222386][ T4356] release_pages+0x184b/0x1bb0
[ 89.227713][ T4356] tlb_finish_mmu+0x164/0x2e0
[ 89.232522][ T4356] exit_mmap+0x3a6/0x5f0
[ 89.237091][ T4356] __mmput+0x115/0x3b0
[ 89.241233][ T4356] exec_mmap+0x4d1/0x5c0
[ 89.245537][ T4356] begin_new_exec+0x7e8/0x1160
[ 89.250466][ T4356] load_elf_binary+0x98e/0x2890
[ 89.256991][ T4356] bprm_execve+0xa92/0x17d0
[ 89.263798][ T4356] do_execveat_common+0x51e/0x6d0
[ 89.269289][ T4356] __x64_sys_execve+0x8e/0xa0
[ 89.274250][ T4356] do_syscall_64+0x4c/0xa0
[ 89.279378][ T4356] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 89.285949][ T4356]
[ 89.288659][ T4356] Memory state around the buggy address:
[ 89.294438][ T4356] ffff88807c9bad00: fb fb fb fb fb fc fc fc fc fc fc fc fc fa fb fb
[ 89.303342][ T4356] ffff88807c9bad80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 89.312310][ T4356] >ffff88807c9bae00: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fa fb
[ 89.320852][ T4356] ^
[ 89.324966][ T4356] ffff88807c9bae80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 89.333608][ T4356] ffff88807c9baf00: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc
[ 89.342838][ T4356] ==================================================================
[ 89.352190][ T4356] Disabling lock debugging due to kernel taint
[ 89.389363][ T4356] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 89.398569][ T4356] CPU: 0 PID: 4356 Comm: syz.0.17 Tainted: G B syzkaller #0
[ 89.408494][ T4356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 89.419461][ T4356] Call Trace:
[ 89.423134][ T4356]
[ 89.426385][ T4356] dump_stack_lvl+0x168/0x230
[ 89.431202][ T4356] ? show_regs_print_info+0x20/0x20
[ 89.437207][ T4356] ? load_image+0x3b0/0x3b0
[ 89.441945][ T4356] panic+0x2c9/0x7f0
[ 89.446477][ T4356] ? bpf_jit_dump+0xd0/0xd0
[ 89.451882][ T4356] ? _raw_spin_unlock_irqrestore+0xf6/0x100
[ 89.457950][ T4356] ? _raw_spin_unlock+0x40/0x40
[ 89.463143][ T4356] ? print_memory_metadata+0x314/0x400
[ 89.469412][ T4356] ? lmWriteRecord+0x4c8/0x1aa0
[ 89.474761][ T4356] check_panic_on_warn+0x80/0xa0
[ 89.480686][ T4356] ? lmWriteRecord+0x4c8/0x1aa0
[ 89.486609][ T4356] end_report+0x6d/0xf0
[ 89.491441][ T4356] kasan_report+0x102/0x130
[ 89.496158][ T4356] ? lmWriteRecord+0x4c8/0x1aa0
[ 89.501133][ T4356] ? lmWriteRecord+0x4c8/0x1aa0
[ 89.506029][ T4356] kasan_check_range+0x27b/0x290
[ 89.511104][ T4356] memcpy+0x25/0x60
[ 89.515031][ T4356] lmWriteRecord+0x4c8/0x1aa0
[ 89.519940][ T4356] lmLog+0x6f6/0xa30
[ 89.524015][ T4356] txCommit+0x1c2b/0x51c0
[ 89.528491][ T4356] ? ktime_get_real_ts64+0x420/0x420
[ 89.534000][ T4356] ? txLinelock+0x160/0x160
[ 89.539493][ T4356] ? rcu_is_watching+0x11/0xa0
[ 89.545544][ T4356] ? __mark_inode_dirty+0x3a4/0xc90
[ 89.551137][ T4356] jfs_mkdir+0x875/0xa70
[ 89.556600][ T4356] ? jfs_symlink+0xe60/0xe60
[ 89.563368][ T4356] ? make_kgid+0x640/0x640
[ 89.568457][ T4356] ? apparmor_path_mkdir+0x1a3/0x220
[ 89.574357][ T4356] ? generic_permission+0x230/0x510
[ 89.580490][ T4356] ? inode_permission+0xef/0x480
[ 89.585908][ T4356] ? bpf_lsm_inode_mkdir+0x5/0x10
[ 89.591807][ T4356] ? security_inode_mkdir+0xb3/0x100
[ 89.597576][ T4356] vfs_mkdir+0x387/0x570
[ 89.601944][ T4356] do_mkdirat+0x1d7/0x5a0
[ 89.606932][ T4356] ? vfs_mkdir+0x570/0x570
[ 89.612080][ T4356] ? getname_flags+0x1fe/0x500
[ 89.616979][ T4356] __x64_sys_mkdirat+0x85/0x90
[ 89.622540][ T4356] do_syscall_64+0x4c/0xa0
[ 89.627346][ T4356] ? clear_bhb_loop+0x30/0x80
[ 89.632621][ T4356] ? clear_bhb_loop+0x30/0x80
[ 89.637401][ T4356] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 89.644268][ T4356] RIP: 0033:0x7fb7bb20ce97
[ 89.649357][ T4356] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 89.670316][ T4356] RSP: 002b:00007fff32797068 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 89.679178][ T4356] RAX: ffffffffffffffda RBX: 00007fff327970f0 RCX: 00007fb7bb20ce97
[ 89.688412][ T4356] RDX: 00000000000001ff RSI: 0000200000000000 RDI: 00000000ffffff9c
[ 89.696823][ T4356] RBP: 00002000000002c0 R08: 0000200000000080 R09: 0000000000000000
[ 89.705071][ T4356] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000200000000000
[ 89.713230][ T4356] R13: 00007fff327970b0 R14: 0000000000000000 R15: 0000000000000000
[ 89.724506][ T4356]
[ 89.728381][ T4356] Kernel Offset: disabled
[ 89.734415][ T4356] Rebooting in 86400 seconds..