Warning: Permanently added '10.128.1.21' (ED25519) to the list of known hosts.
2026/02/19 22:16:09 parsed 1 programs
[ 89.904994][ T4588] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 91.429568][ T1361] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 91.440697][ T1361] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 91.448618][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 91.467900][ T1361] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 91.475751][ T1361] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 91.484014][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 92.488462][ T4636] chnl_net:caif_netlink_parms(): no params data found
[ 92.543729][ T4636] bridge0: port 1(bridge_slave_0) entered blocking state
[ 92.551133][ T4636] bridge0: port 1(bridge_slave_0) entered disabled state
[ 92.559340][ T4636] device bridge_slave_0 entered promiscuous mode
[ 92.567982][ T4636] bridge0: port 2(bridge_slave_1) entered blocking state
[ 92.575144][ T4636] bridge0: port 2(bridge_slave_1) entered disabled state
[ 92.583302][ T4636] device bridge_slave_1 entered promiscuous mode
[ 92.608764][ T4636] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 92.620259][ T4636] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 92.647760][ T4636] team0: Port device team_slave_0 added
[ 92.658553][ T4636] team0: Port device team_slave_1 added
[ 92.680874][ T4636] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 92.688096][ T4636] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 92.714302][ T4636] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 92.726738][ T4636] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 92.733816][ T4636] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 92.759950][ T4636] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 92.791124][ T4636] device hsr_slave_0 entered promiscuous mode
[ 92.798022][ T4636] device hsr_slave_1 entered promiscuous mode
[ 93.363191][ T4636] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 93.373449][ T4636] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 93.384334][ T4636] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 93.394444][ T4636] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 93.417055][ T4636] bridge0: port 2(bridge_slave_1) entered blocking state
[ 93.424273][ T4636] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 93.431876][ T4636] bridge0: port 1(bridge_slave_0) entered blocking state
[ 93.439196][ T4636] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 93.450720][ T1361] bridge0: port 1(bridge_slave_0) entered disabled state
[ 93.459172][ T1361] bridge0: port 2(bridge_slave_1) entered disabled state
[ 93.513307][ T4636] 8021q: adding VLAN 0 to HW filter on device bond0
[ 93.529250][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 93.541751][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 93.574956][ T4636] 8021q: adding VLAN 0 to HW filter on device team0
[ 93.586673][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 93.596971][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 93.608001][ T4297] bridge0: port 1(bridge_slave_0) entered blocking state
[ 93.615667][ T4297] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 93.642625][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 93.652729][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 93.663437][ T4297] bridge0: port 2(bridge_slave_1) entered blocking state
[ 93.671006][ T4297] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 93.684585][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 93.693771][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 93.704540][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 93.715493][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 93.725693][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 93.735498][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 93.774356][ T4636] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 93.788757][ T4636] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 93.801360][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 93.812674][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 93.821235][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 93.831231][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 93.839931][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 93.854217][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 93.979816][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 93.989398][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 94.003289][ T4636] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 94.044971][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 94.055587][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 94.077971][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 94.089553][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 94.101288][ T4636] device veth0_vlan entered promiscuous mode
[ 94.135849][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 94.145550][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 94.157630][ T4636] device veth1_vlan entered promiscuous mode
[ 94.182417][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 94.194646][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 94.204304][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 94.214514][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 94.225750][ T4636] device veth0_macvtap entered promiscuous mode
[ 94.261389][ T4636] device veth1_macvtap entered promiscuous mode
[ 94.279560][ T4636] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 94.289009][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 94.302451][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 94.313649][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 94.323670][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 94.336798][ T4636] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 94.348533][ T4636] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 94.358245][ T4636] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 94.367317][ T4636] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 94.376241][ T4636] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 94.404388][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 94.413521][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
2026/02/19 22:16:18 executed programs: 0
[ 96.335588][ T4792] chnl_net:caif_netlink_parms(): no params data found
[ 96.419178][ T4792] bridge0: port 1(bridge_slave_0) entered blocking state
[ 96.427737][ T4792] bridge0: port 1(bridge_slave_0) entered disabled state
[ 96.437152][ T4792] device bridge_slave_0 entered promiscuous mode
[ 96.446783][ T4792] bridge0: port 2(bridge_slave_1) entered blocking state
[ 96.455197][ T4792] bridge0: port 2(bridge_slave_1) entered disabled state
[ 96.464779][ T4792] device bridge_slave_1 entered promiscuous mode
[ 96.494653][ T4792] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 96.507297][ T4792] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 96.542638][ T4792] team0: Port device team_slave_0 added
[ 96.553626][ T4792] team0: Port device team_slave_1 added
[ 96.578755][ T4792] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 96.586934][ T4792] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 96.617097][ T4792] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 96.629892][ T4792] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 96.639242][ T4792] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 96.666011][ T4792] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 96.706863][ T4792] device hsr_slave_0 entered promiscuous mode
[ 96.714138][ T4792] device hsr_slave_1 entered promiscuous mode
[ 96.722541][ T4792] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 96.733427][ T4792] Cannot create hsr debugfs directory
[ 96.759191][ T154] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 98.160320][ T4242] Bluetooth: hci0: command 0x0409 tx timeout
[ 99.285033][ T154] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 99.345576][ T154] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 99.426133][ T154] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 100.218398][ T4792] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 100.230608][ T4792] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 100.239345][ T4792] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 100.247127][ T5020] Bluetooth: hci0: command 0x041b tx timeout
[ 100.255544][ T4792] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 100.310828][ T4792] 8021q: adding VLAN 0 to HW filter on device bond0
[ 100.337303][ T4792] 8021q: adding VLAN 0 to HW filter on device team0
[ 100.346568][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 100.354744][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 100.376190][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 100.385729][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 100.394528][ T144] bridge0: port 1(bridge_slave_0) entered blocking state
[ 100.402114][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 100.423276][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 100.431675][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 100.442223][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 100.452782][ T144] bridge0: port 2(bridge_slave_1) entered blocking state
[ 100.460154][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 100.468243][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 100.477665][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 100.486624][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 100.495725][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 100.504496][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 100.513560][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 100.536660][ T4792] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 100.549297][ T4792] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 100.561893][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 100.570771][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 100.579416][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 100.588923][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 100.598101][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 100.607485][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 100.623377][ T154] device hsr_slave_0 left promiscuous mode
[ 100.633448][ T154] device hsr_slave_1 left promiscuous mode
[ 100.640982][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 100.649156][ T154] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 100.662966][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 100.670737][ T154] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 100.678591][ T154] device bridge_slave_1 left promiscuous mode
[ 100.685173][ T154] bridge0: port 2(bridge_slave_1) entered disabled state
[ 100.693466][ T154] device bridge_slave_0 left promiscuous mode
[ 100.699867][ T154] bridge0: port 1(bridge_slave_0) entered disabled state
[ 100.710912][ T154] device veth1_macvtap left promiscuous mode
[ 100.717020][ T154] device veth0_macvtap left promiscuous mode
[ 100.723695][ T154] device veth1_vlan left promiscuous mode
[ 100.729640][ T154] device veth0_vlan left promiscuous mode
[ 100.853001][ T154] team0 (unregistering): Port device team_slave_1 removed
[ 100.864323][ T154] team0 (unregistering): Port device team_slave_0 removed
[ 100.879378][ T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 100.892611][ T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 100.938778][ T154] bond0 (unregistering): Released all slaves
[ 101.004520][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 101.012114][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 101.032129][ T4792] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 101.055241][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 101.065704][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 101.083867][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 101.092294][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 101.101635][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 101.109540][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 101.119041][ T4792] device veth0_vlan entered promiscuous mode
[ 101.132244][ T4792] device veth1_vlan entered promiscuous mode
[ 101.159350][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 101.167520][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 101.175899][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 101.184704][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 101.197733][ T4792] device veth0_macvtap entered promiscuous mode
[ 101.208082][ T4792] device veth1_macvtap entered promiscuous mode
[ 101.224645][ T4792] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 101.232610][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 101.241726][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 101.250977][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 101.259689][ T1361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 101.271420][ T4792] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 101.278979][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 101.288296][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 101.299703][ T4792] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.308811][ T4792] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.317866][ T4792] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.327067][ T4792] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.387391][ T4297] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 101.398779][ T4297] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 101.410658][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
2026/02/19 22:16:23 executed programs: 2
[ 101.432095][ T4297] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 101.441821][ T4297] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 101.450642][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 101.536464][ T5050] loop0: detected capacity change from 0 to 8192
[ 101.665744][ T5050] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[ 101.677176][ T5050] REISERFS (device loop0): using ordered data mode
[ 101.686151][ T5050] reiserfs: using flush barriers
[ 101.695206][ T5050] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 101.712156][ T5050] REISERFS (device loop0): checking transaction log (loop0)
[ 101.731625][ T5050] REISERFS (device loop0): Using tea hash to sort names
[ 101.739661][ T5050] ==================================================================
[ 101.748252][ T5050] BUG: KASAN: use-after-free in search_by_entry_key+0x597/0x1370
[ 101.756168][ T5050] Read of size 4 at addr ffff88806fe71fc4 by task syz.0.16/5050
[ 101.764046][ T5050]
[ 101.766482][ T5050] CPU: 0 PID: 5050 Comm: syz.0.16 Not tainted syzkaller #0
[ 101.773936][ T5050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 101.784301][ T5050] Call Trace:
[ 101.787586][ T5050]
[ 101.790612][ T5050] dump_stack_lvl+0x188/0x250
[ 101.795391][ T5050] ? show_regs_print_info+0x20/0x20
[ 101.800781][ T5050] ? _printk+0xda/0x130
[ 101.804932][ T5050] ? search_by_entry_key+0x597/0x1370
[ 101.810318][ T5050] ? load_image+0x400/0x400
[ 101.814823][ T5050] ? _raw_spin_lock_irqsave+0xbc/0x100
[ 101.820295][ T5050] print_address_description+0x60/0x2d0
[ 101.826076][ T5050] ? search_by_entry_key+0x597/0x1370
[ 101.831536][ T5050] kasan_report+0xdf/0x130
[ 101.836221][ T5050] ? search_by_entry_key+0x597/0x1370
[ 101.841686][ T5050] search_by_entry_key+0x597/0x1370
[ 101.846900][ T5050] ? make_cpu_key+0x2b/0x220
[ 101.851499][ T5050] reiserfs_find_entry+0x2f2/0x18e0
[ 101.856704][ T5050] ? mutex_lock_io_nested+0x60/0x60
[ 101.861919][ T5050] ? mark_lock+0x94/0x320
[ 101.866333][ T5050] ? reiserfs_get_parent+0x2f0/0x2f0
[ 101.871870][ T5050] ? mutex_lock_nested+0x17/0x20
[ 101.876915][ T5050] reiserfs_lookup+0x1e8/0x480
[ 101.881707][ T5050] ? reiserfs_find_entry+0x18e0/0x18e0
[ 101.887291][ T5050] ? __init_waitqueue_head+0xa5/0x150
[ 101.892854][ T5050] __lookup_slow+0x29d/0x410
[ 101.898138][ T5050] ? lookup_one_len+0x2d0/0x2d0
[ 101.903327][ T5050] lookup_one_len+0x19d/0x2d0
[ 101.908072][ T5050] ? lookup_one_common+0x460/0x460
[ 101.913305][ T5050] reiserfs_lookup_privroot+0x85/0x1e0
[ 101.918768][ T5050] reiserfs_fill_super+0x1fa6/0x2440
[ 101.924067][ T5050] ? reiserfs_kill_sb+0x140/0x140
[ 101.929183][ T5050] ? snprintf+0xe5/0x140
[ 101.933510][ T5050] ? vscnprintf+0x80/0x80
[ 101.937928][ T5050] ? set_blocksize+0x1f3/0x370
[ 101.942694][ T5050] ? sb_set_blocksize+0xa5/0xe0
[ 101.947563][ T5050] mount_bdev+0x287/0x3c0
[ 101.951990][ T5050] ? reiserfs_kill_sb+0x140/0x140
[ 101.957104][ T5050] legacy_get_tree+0xe6/0x180
[ 101.961816][ T5050] ? remove_save_link+0x3e0/0x3e0
[ 101.966927][ T5050] vfs_get_tree+0x88/0x270
[ 101.971351][ T5050] do_new_mount+0x24a/0xa40
[ 101.975958][ T5050] __se_sys_mount+0x2e3/0x3d0
[ 101.980653][ T5050] ? __x64_sys_mount+0xc0/0xc0
[ 101.985416][ T5050] ? lockdep_hardirqs_on+0x94/0x140
[ 101.990619][ T5050] ? __x64_sys_mount+0x1c/0xc0
[ 101.995385][ T5050] do_syscall_64+0x4c/0xa0
[ 101.999900][ T5050] ? clear_bhb_loop+0x30/0x80
[ 102.004582][ T5050] ? clear_bhb_loop+0x30/0x80
[ 102.009260][ T5050] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 102.015154][ T5050] RIP: 0033:0x7f76808aab8a
[ 102.019825][ T5050] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 102.039427][ T5050] RSP: 002b:00007f767fb0fe58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 102.047861][ T5050] RAX: ffffffffffffffda RBX: 00007f767fb0fee0 RCX: 00007f76808aab8a
[ 102.055956][ T5050] RDX: 0000400000000180 RSI: 0000400000000040 RDI: 00007f767fb0fea0
[ 102.063926][ T5050] RBP: 0000400000000180 R08: 00007f767fb0fee0 R09: 000000000001801c
[ 102.071917][ T5050] R10: 000000000001801c R11: 0000000000000246 R12: 0000400000000040
[ 102.079888][ T5050] R13: 00007f767fb0fea0 R14: 000000000000112d R15: 0000400000000300
[ 102.087873][ T5050]
[ 102.091034][ T5050]
[ 102.093366][ T5050] The buggy address belongs to the page:
[ 102.099102][ T5050] page:ffffea0001bf9c40 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6fe71
[ 102.109656][ T5050] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 102.116798][ T5050] raw: 00fff00000000000 ffffea0001bf9c88 ffffea0001bf9c08 0000000000000000
[ 102.125396][ T5050] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[ 102.134116][ T5050] page dumped because: kasan: bad access detected
[ 102.140625][ T5050] page_owner tracks the page as freed
[ 102.146001][ T5050] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100cca(GFP_HIGHUSER_MOVABLE), pid 4614, ts 91534868895, free_ts 91717814723
[ 102.163549][ T5050] get_page_from_freelist+0x1bbd/0x1ca0
[ 102.169691][ T5050] __alloc_pages+0x1ee/0x480
[ 102.174651][ T5050] alloc_pages_vma+0x393/0x7c0
[ 102.179853][ T5050] handle_mm_fault+0x1bd4/0x4410
[ 102.185141][ T5050] do_user_addr_fault+0x489/0xc80
[ 102.190287][ T5050] exc_page_fault+0x60/0x100
[ 102.194879][ T5050] asm_exc_page_fault+0x22/0x30
[ 102.199744][ T5050] page last free stack trace:
[ 102.204404][ T5050] free_unref_page_prepare+0x637/0x6c0
[ 102.209945][ T5050] free_unref_page_list+0x119/0x820
[ 102.215245][ T5050] release_pages+0x186c/0x1be0
[ 102.220121][ T5050] tlb_finish_mmu+0x176/0x300
[ 102.225087][ T5050] exit_mmap+0x3d0/0x640
[ 102.229330][ T5050] __mmput+0x115/0x3b0
[ 102.233563][ T5050] exit_mm+0x588/0x6e0
[ 102.237625][ T5050] do_exit+0x5a9/0x20c0
[ 102.241968][ T5050] do_group_exit+0x12e/0x300
[ 102.246651][ T5050] get_signal+0x6ca/0x12c0
[ 102.251063][ T5050] arch_do_signal_or_restart+0xe7/0x12c0
[ 102.256792][ T5050] exit_to_user_mode_loop+0x9e/0x130
[ 102.262250][ T5050] exit_to_user_mode_prepare+0xee/0x180
[ 102.267876][ T5050] syscall_exit_to_user_mode+0x16/0x40
[ 102.273333][ T5050] do_syscall_64+0x58/0xa0
[ 102.277769][ T5050] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 102.283672][ T5050]
[ 102.286002][ T5050] Memory state around the buggy address:
[ 102.291867][ T5050] ffff88806fe71e80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 102.299923][ T5050] ffff88806fe71f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 102.308453][ T5050] >ffff88806fe71f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 102.316904][ T5050] ^
[ 102.323094][ T5050] ffff88806fe72000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 102.331152][ T5050] ffff88806fe72080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 102.339286][ T5050] ==================================================================
[ 102.347443][ T5050] Disabling lock debugging due to kernel taint
[ 102.354976][ T5020] Bluetooth: hci0: command 0x040f tx timeout
[ 102.366779][ T5050] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 102.374205][ T5050] CPU: 0 PID: 5050 Comm: syz.0.16 Tainted: G B syzkaller #0
[ 102.383087][ T5050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 102.393760][ T5050] Call Trace:
[ 102.397276][ T5050]
[ 102.400281][ T5050] dump_stack_lvl+0x188/0x250
[ 102.404948][ T5050] ? show_regs_print_info+0x20/0x20
[ 102.410586][ T5050] ? load_image+0x400/0x400
[ 102.415343][ T5050] panic+0x2e5/0x810
[ 102.419329][ T5050] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 102.425663][ T5050] ? bpf_jit_dump+0xd0/0xd0
[ 102.430245][ T5050] ? _raw_spin_unlock_irqrestore+0x10d/0x120
[ 102.436775][ T5050] ? _raw_spin_unlock+0x40/0x40
[ 102.441612][ T5050] ? search_by_entry_key+0x597/0x1370
[ 102.447235][ T5050] check_panic_on_warn+0x80/0xa0
[ 102.452172][ T5050] ? search_by_entry_key+0x597/0x1370
[ 102.457617][ T5050] end_report+0x6d/0xf0
[ 102.461758][ T5050] kasan_report+0x102/0x130
[ 102.466259][ T5050] ? search_by_entry_key+0x597/0x1370
[ 102.472143][ T5050] search_by_entry_key+0x597/0x1370
[ 102.478349][ T5050] ? make_cpu_key+0x2b/0x220
[ 102.483202][ T5050] reiserfs_find_entry+0x2f2/0x18e0
[ 102.488508][ T5050] ? mutex_lock_io_nested+0x60/0x60
[ 102.494483][ T5050] ? mark_lock+0x94/0x320
[ 102.498895][ T5050] ? reiserfs_get_parent+0x2f0/0x2f0
[ 102.504190][ T5050] ? mutex_lock_nested+0x17/0x20
[ 102.509207][ T5050] reiserfs_lookup+0x1e8/0x480
[ 102.514152][ T5050] ? reiserfs_find_entry+0x18e0/0x18e0
[ 102.519615][ T5050] ? __init_waitqueue_head+0xa5/0x150
[ 102.524982][ T5050] __lookup_slow+0x29d/0x410
[ 102.529557][ T5050] ? lookup_one_len+0x2d0/0x2d0
[ 102.534522][ T5050] lookup_one_len+0x19d/0x2d0
[ 102.539461][ T5050] ? lookup_one_common+0x460/0x460
[ 102.544564][ T5050] reiserfs_lookup_privroot+0x85/0x1e0
[ 102.550208][ T5050] reiserfs_fill_super+0x1fa6/0x2440
[ 102.555665][ T5050] ? reiserfs_kill_sb+0x140/0x140
[ 102.560680][ T5050] ? snprintf+0xe5/0x140
[ 102.564908][ T5050] ? vscnprintf+0x80/0x80
[ 102.569329][ T5050] ? set_blocksize+0x1f3/0x370
[ 102.574075][ T5050] ? sb_set_blocksize+0xa5/0xe0
[ 102.578999][ T5050] mount_bdev+0x287/0x3c0
[ 102.583533][ T5050] ? reiserfs_kill_sb+0x140/0x140
[ 102.589752][ T5050] legacy_get_tree+0xe6/0x180
[ 102.595058][ T5050] ? remove_save_link+0x3e0/0x3e0
[ 102.600357][ T5050] vfs_get_tree+0x88/0x270
[ 102.605301][ T5050] do_new_mount+0x24a/0xa40
[ 102.610028][ T5050] __se_sys_mount+0x2e3/0x3d0
[ 102.614718][ T5050] ? __x64_sys_mount+0xc0/0xc0
[ 102.619463][ T5050] ? lockdep_hardirqs_on+0x94/0x140
[ 102.624936][ T5050] ? __x64_sys_mount+0x1c/0xc0
[ 102.630049][ T5050] do_syscall_64+0x4c/0xa0
[ 102.634542][ T5050] ? clear_bhb_loop+0x30/0x80
[ 102.639800][ T5050] ? clear_bhb_loop+0x30/0x80
[ 102.644636][ T5050] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 102.650685][ T5050] RIP: 0033:0x7f76808aab8a
[ 102.655172][ T5050] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 102.674878][ T5050] RSP: 002b:00007f767fb0fe58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 102.683587][ T5050] RAX: ffffffffffffffda RBX: 00007f767fb0fee0 RCX: 00007f76808aab8a
[ 102.692049][ T5050] RDX: 0000400000000180 RSI: 0000400000000040 RDI: 00007f767fb0fea0
[ 102.700301][ T5050] RBP: 0000400000000180 R08: 00007f767fb0fee0 R09: 000000000001801c
[ 102.708734][ T5050] R10: 000000000001801c R11: 0000000000000246 R12: 0000400000000040
[ 102.716821][ T5050] R13: 00007f767fb0fea0 R14: 000000000000112d R15: 0000400000000300
[ 102.724956][ T5050]
[ 102.728586][ T5050] Kernel Offset: disabled
[ 102.733250][ T5050] Rebooting in 86400 seconds..