Warning: Permanently added '10.128.0.229' (ED25519) to the list of known hosts.
2025/07/19 08:19:30 ignoring optional flag "sandboxArg"="0"
2025/07/19 08:19:31 parsed 1 programs
[  124.794466][ T6352] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  128.324623][ T1167] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.333367][ T1167] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.387325][ T1167] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.395995][ T1167] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.258788][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  129.267332][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  129.275893][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  129.283968][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  129.295937][   T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  129.742133][ T6404] chnl_net:caif_netlink_parms(): no params data found
[  129.819289][ T6404] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.826466][ T6404] bridge0: port 1(bridge_slave_0) entered disabled state
[  129.834244][ T6404] bridge_slave_0: entered allmulticast mode
[  129.841347][ T6404] bridge_slave_0: entered promiscuous mode
[  129.849985][ T6404] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.857250][ T6404] bridge0: port 2(bridge_slave_1) entered disabled state
[  129.864614][ T6404] bridge_slave_1: entered allmulticast mode
[  129.872667][ T6404] bridge_slave_1: entered promiscuous mode
[  129.905727][ T6404] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  129.918278][ T6404] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  129.955771][ T6404] team0: Port device team_slave_0 added
[  129.964036][ T6404] team0: Port device team_slave_1 added
[  129.992128][ T6404] batman_adv: batadv0: Adding interface: batadv_slave_0
[  129.999151][ T6404] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.026077][ T6404] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  130.037981][ T6404] batman_adv: batadv0: Adding interface: batadv_slave_1
[  130.044974][ T6404] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.070923][ T6404] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  130.111347][ T6404] hsr_slave_0: entered promiscuous mode
[  130.117584][ T6404] hsr_slave_1: entered promiscuous mode
[  130.686317][ T6404] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  130.697160][ T6404] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  130.710196][ T6404] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  130.722808][ T6404] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  130.840639][ T6404] 8021q: adding VLAN 0 to HW filter on device bond0
[  130.868718][ T6404] 8021q: adding VLAN 0 to HW filter on device team0
[  130.884760][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.892017][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  130.910459][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.917632][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  131.199741][ T6404] 8021q: adding VLAN 0 to HW filter on device batadv0
[  131.257126][ T6404] veth0_vlan: entered promiscuous mode
[  131.275161][ T6404] veth1_vlan: entered promiscuous mode
[  131.316827][ T6404] veth0_macvtap: entered promiscuous mode
[  131.331503][ T6404] veth1_macvtap: entered promiscuous mode
[  131.358187][ T6404] batman_adv: batadv0: Interface activated: batadv_slave_0
[  131.377061][ T6404] batman_adv: batadv0: Interface activated: batadv_slave_1
[  131.393690][ T6404] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  131.404814][ T6404] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  131.415397][ T6404] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  131.426292][ T6404] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  131.646626][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.744385][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.842096][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.991567][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.863367][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  132.869978][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
2025/07/19 08:19:44 executed programs: 0
[  133.609475][ T5156] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  133.619628][ T5156] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  133.635598][ T5156] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  133.645071][ T5156] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  133.653099][ T5156] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  133.873901][   T12] bridge_slave_1: left allmulticast mode
[  133.887895][   T12] bridge_slave_1: left promiscuous mode
[  133.895625][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.914124][   T12] bridge_slave_0: left allmulticast mode
[  133.919926][   T12] bridge_slave_0: left promiscuous mode
[  133.926352][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.251457][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  134.263745][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  134.274413][   T12] bond0 (unregistering): Released all slaves
[  134.391964][   T12] hsr_slave_0: left promiscuous mode
[  134.398161][   T12] hsr_slave_1: left promiscuous mode
[  134.405147][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  134.414860][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  134.423672][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  134.432294][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  134.452539][   T12] veth1_macvtap: left promiscuous mode
[  134.458133][   T12] veth0_macvtap: left promiscuous mode
[  134.464347][   T12] veth1_vlan: left promiscuous mode
[  134.470509][   T12] veth0_vlan: left promiscuous mode
[  134.758629][   T12] team0 (unregistering): Port device team_slave_1 removed
[  134.788155][   T12] team0 (unregistering): Port device team_slave_0 removed
[  135.104847][ T6525] chnl_net:caif_netlink_parms(): no params data found
[  135.245629][ T6525] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.253924][ T6525] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.261631][ T6525] bridge_slave_0: entered allmulticast mode
[  135.269969][ T6525] bridge_slave_0: entered promiscuous mode
[  135.280191][ T6525] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.287454][ T6525] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.295912][ T6525] bridge_slave_1: entered allmulticast mode
[  135.304570][ T6525] bridge_slave_1: entered promiscuous mode
[  135.363549][ T6525] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  135.395874][ T6525] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  135.452666][ T6525] team0: Port device team_slave_0 added
[  135.674749][ T6525] team0: Port device team_slave_1 added
[  135.738996][ T5156] Bluetooth: hci0: command tx timeout
[  135.763309][ T6525] batman_adv: batadv0: Adding interface: batadv_slave_0
[  135.778228][ T6525] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  135.824668][ T6525] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  135.869559][ T6525] batman_adv: batadv0: Adding interface: batadv_slave_1
[  135.876547][ T6525] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  135.906215][ T6525] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  136.046129][ T6525] hsr_slave_0: entered promiscuous mode
[  136.057300][ T6525] hsr_slave_1: entered promiscuous mode
[  136.547912][ T6525] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  136.559599][ T6525] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  136.574212][ T6525] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  136.584762][ T6525] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  136.706948][ T6525] 8021q: adding VLAN 0 to HW filter on device bond0
[  136.734842][ T6525] 8021q: adding VLAN 0 to HW filter on device team0
[  136.751061][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.758260][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  136.788457][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.795777][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.058572][ T6525] 8021q: adding VLAN 0 to HW filter on device batadv0
[  137.131032][ T6525] veth0_vlan: entered promiscuous mode
[  137.147013][ T6525] veth1_vlan: entered promiscuous mode
[  137.188015][ T6525] veth0_macvtap: entered promiscuous mode
[  137.201641][ T6525] veth1_macvtap: entered promiscuous mode
[  137.227177][ T6525] batman_adv: batadv0: Interface activated: batadv_slave_0
[  137.247932][ T6525] batman_adv: batadv0: Interface activated: batadv_slave_1
[  137.264646][ T6525] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  137.275593][ T6525] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  137.284832][ T6525] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  137.295822][ T6525] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  137.390326][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  137.398179][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.435045][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  137.444052][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.522366][ T6628] loop0: detected capacity change from 0 to 128
[  137.541147][ T6628] =======================================================
[  137.541147][ T6628] WARNING: The mand mount option has been deprecated and
[  137.541147][ T6628]          and is ignored by this kernel. Remove the mand
[  137.541147][ T6628]          option from the mount to silence this warning.
[  137.541147][ T6628] =======================================================
[  137.605431][ T6628] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  137.648582][ T6628] hpfs: filesystem error: improperly stopped
[  137.657589][ T6628] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  137.667060][ T6628] hpfs: You really don't want any checks? You are crazy...
[  137.676395][ T6628] hpfs: hpfs_map_sector(): read error
[  137.682720][ T6628] hpfs: code page support is disabled
[  137.690733][ T6628] hpfs: hpfs_map_sector(): read error
[  137.696178][ T6628] hpfs: hpfs_map_sector(): read error
[  137.702459][ T6628] hpfs: hpfs_map_sector(): read error
[  137.707885][ T6628] hpfs: hpfs_map_sector(): read error
[  137.714757][ T6628] hpfs: hpfs_map_4sectors(): unaligned read
[  137.722007][ T6628] hpfs: hpfs_map_4sectors(): unaligned read
[  137.727933][ T6628] hpfs: filesystem error: unable to find root dir
[  137.774072][ T6635] loop0: detected capacity change from 0 to 128
[  137.784545][ T6635] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  137.801694][ T6635] hpfs: filesystem error: improperly stopped
[  137.819150][ T5156] Bluetooth: hci0: command tx timeout
[  137.824083][ T6635] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  137.855963][ T6635] hpfs: You really don't want any checks? You are crazy...
[  137.880590][ T6635] hpfs: hpfs_map_sector(): read error
[  137.886258][ T6635] hpfs: code page support is disabled
[  137.910998][ T6635] ==================================================================
[  137.919116][ T6635] BUG: KASAN: use-after-free in hpfs_get_ea+0x1e4/0xcb0
[  137.926274][ T6635] Read of size 1 at addr ffff888066cc98a3 by task syz.0.17/6635
[  137.933935][ T6635] 
[  137.936301][ T6635] CPU: 0 UID: 0 PID: 6635 Comm: syz.0.17 Not tainted 6.16.0-rc6-syzkaller-00253-g4871b7cb27f4-dirty #0 PREEMPT(full) 
[  137.936325][ T6635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  137.936344][ T6635] Call Trace:
[  137.936355][ T6635]  <TASK>
[  137.936364][ T6635]  dump_stack_lvl+0x189/0x250
[  137.936389][ T6635]  ? __kasan_check_byte+0x12/0x40
[  137.936417][ T6635]  ? __pfx_dump_stack_lvl+0x10/0x10
[  137.936439][ T6635]  ? lock_release+0x4b/0x3e0
[  137.936461][ T6635]  ? __virt_addr_valid+0x4a5/0x5c0
[  137.936487][ T6635]  print_report+0xca/0x230
[  137.936514][ T6635]  ? hpfs_get_ea+0x1e4/0xcb0
[  137.936532][ T6635]  kasan_report+0x118/0x150
[  137.936558][ T6635]  ? hpfs_get_ea+0x1e4/0xcb0
[  137.936579][ T6635]  hpfs_get_ea+0x1e4/0xcb0
[  137.936601][ T6635]  ? __pfx_hpfs_get_ea+0x10/0x10
[  137.936620][ T6635]  ? bdev_getblk+0x7b/0x690
[  137.936637][ T6635]  ? __pfx___might_resched+0x10/0x10
[  137.936661][ T6635]  ? __bread_gfp+0xc3/0x3c0
[  137.936679][ T6635]  ? hpfs_map_sector+0x14f/0x380
[  137.936707][ T6635]  ? hpfs_map_fnode+0x27e/0x6a0
[  137.936727][ T6635]  ? set_normalized_timespec64+0xf0/0x1a0
[  137.936754][ T6635]  ? __lock_acquire+0xab9/0xd20
[  137.936773][ T6635]  hpfs_read_inode+0x19d/0x1010
[  137.936796][ T6635]  ? __pfx_hpfs_read_inode+0x10/0x10
[  137.936816][ T6635]  ? inode_set_ctime_to_ts+0x126/0x2f0
[  137.936838][ T6635]  ? __pfx_inode_set_ctime_to_ts+0x10/0x10
[  137.936861][ T6635]  ? do_raw_spin_unlock+0x122/0x240
[  137.936889][ T6635]  ? hpfs_init_inode+0x216/0x350
[  137.936910][ T6635]  hpfs_fill_super+0x12bd/0x2070
[  137.936943][ T6635]  ? __pfx_hpfs_fill_super+0x10/0x10
[  137.936969][ T6635]  ? __pfx_snprintf+0x10/0x10
[  137.936991][ T6635]  ? set_blocksize+0x21e/0x500
[  137.937013][ T6635]  ? sb_set_blocksize+0x104/0x180
[  137.937032][ T6635]  ? setup_bdev_super+0x4c1/0x5b0
[  137.937058][ T6635]  get_tree_bdev_flags+0x40e/0x4d0
[  137.937084][ T6635]  ? __pfx_hpfs_fill_super+0x10/0x10
[  137.937108][ T6635]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  137.937131][ T6635]  ? cap_capable+0x11f/0x460
[  137.937156][ T6635]  ? safesetid_security_capable+0xa9/0x1a0
[  137.937194][ T6635]  vfs_get_tree+0x8f/0x2b0
[  137.937220][ T6635]  do_new_mount+0x24a/0xa40
[  137.937250][ T6635]  __se_sys_mount+0x317/0x410
[  137.937270][ T6635]  ? __pfx___se_sys_mount+0x10/0x10
[  137.937289][ T6635]  ? do_syscall_64+0xbe/0x3b0
[  137.937306][ T6635]  ? __x64_sys_mount+0x20/0xc0
[  137.937324][ T6635]  do_syscall_64+0xfa/0x3b0
[  137.937341][ T6635]  ? lockdep_hardirqs_on+0x9c/0x150
[  137.937369][ T6635]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.937387][ T6635]  ? clear_bhb_loop+0x60/0xb0
[  137.937407][ T6635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.937425][ T6635] RIP: 0033:0x7f962d1900ca
[  137.937448][ T6635] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.937465][ T6635] RSP: 002b:00007f962df7fe68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  137.937486][ T6635] RAX: ffffffffffffffda RBX: 00007f962df7fef0 RCX: 00007f962d1900ca
[  137.937501][ T6635] RDX: 0000200000009e80 RSI: 0000200000009ec0 RDI: 00007f962df7feb0
[  137.937515][ T6635] RBP: 0000200000009e80 R08: 00007f962df7fef0 R09: 0000000000000041
[  137.937528][ T6635] R10: 0000000000000041 R11: 0000000000000246 R12: 0000200000009ec0
[  137.937541][ T6635] R13: 00007f962df7feb0 R14: 0000000000009e02 R15: 0000200000009fc0
[  137.937561][ T6635]  </TASK>
[  137.937569][ T6635] 
[  138.273012][ T6635] The buggy address belongs to the physical page:
[  138.279440][ T6635] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x3 pfn:0x66cc9
[  138.288326][ T6635] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  138.295473][ T6635] raw: 00fff00000000000 ffffea0001a32348 ffffea0001c6d988 0000000000000000
[  138.304075][ T6635] raw: 0000000000000003 0000000000000000 00000000ffffffff 0000000000000000
[  138.312666][ T6635] page dumped because: kasan: bad access detected
[  138.319107][ T6635] page_owner tracks the page as freed
[  138.324591][ T6635] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 6622, tgid 6622 (sed), ts 137283206252, free_ts 137322824885
[  138.341720][ T6635]  post_alloc_hook+0x240/0x2a0
[  138.346604][ T6635]  get_page_from_freelist+0x21d5/0x22b0
[  138.352344][ T6635]  __alloc_frozen_pages_noprof+0x181/0x370
[  138.358184][ T6635]  alloc_pages_mpol+0x232/0x4a0
[  138.363064][ T6635]  vma_alloc_folio_noprof+0xe4/0x200
[  138.368381][ T6635]  folio_prealloc+0x30/0x180
[  138.372999][ T6635]  __handle_mm_fault+0x183f/0x5620
[  138.378128][ T6635]  handle_mm_fault+0x2d5/0x7f0
[  138.382909][ T6635]  do_user_addr_fault+0x764/0x1390
[  138.388050][ T6635]  exc_page_fault+0x76/0xf0
[  138.392579][ T6635]  asm_exc_page_fault+0x26/0x30
[  138.397445][ T6635] page last free pid 6622 tgid 6622 stack trace:
[  138.403784][ T6635]  free_unref_folios+0xcd2/0x1570
[  138.408839][ T6635]  folios_put_refs+0x559/0x640
[  138.413633][ T6635]  free_pages_and_swap_cache+0x4be/0x520
[  138.419289][ T6635]  tlb_flush_mmu+0x3a0/0x680
[  138.424088][ T6635]  tlb_finish_mmu+0xc3/0x1d0
[  138.428778][ T6635]  exit_mmap+0x44c/0xb50
[  138.433040][ T6635]  __mmput+0x118/0x410
[  138.437118][ T6635]  exit_mm+0x1da/0x2c0
[  138.441204][ T6635]  do_exit+0x648/0x22e0
[  138.445377][ T6635]  do_group_exit+0x21c/0x2d0
[  138.449985][ T6635]  __x64_sys_exit_group+0x3f/0x40
[  138.455211][ T6635]  x64_sys_call+0x21ba/0x21c0
[  138.459910][ T6635]  do_syscall_64+0xfa/0x3b0
[  138.464428][ T6635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.470348][ T6635] 
[  138.472690][ T6635] Memory state around the buggy address:
[  138.478424][ T6635]  ffff888066cc9780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  138.486507][ T6635]  ffff888066cc9800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  138.494595][ T6635] >ffff888066cc9880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  138.502664][ T6635]                                ^
[  138.507795][ T6635]  ffff888066cc9900: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  138.515877][ T6635]  ffff888066cc9980: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  138.523951][ T6635] ==================================================================
[  138.588046][ T6635] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  138.595332][ T6635] CPU: 0 UID: 0 PID: 6635 Comm: syz.0.17 Not tainted 6.16.0-rc6-syzkaller-00253-g4871b7cb27f4-dirty #0 PREEMPT(full) 
[  138.607670][ T6635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  138.617743][ T6635] Call Trace:
[  138.621034][ T6635]  <TASK>
[  138.623973][ T6635]  dump_stack_lvl+0x99/0x250
[  138.628576][ T6635]  ? __asan_memcpy+0x40/0x70
[  138.633173][ T6635]  ? __pfx_dump_stack_lvl+0x10/0x10
[  138.638377][ T6635]  ? __pfx__printk+0x10/0x10
[  138.642985][ T6635]  panic+0x2db/0x790
[  138.646895][ T6635]  ? __pfx_panic+0x10/0x10
[  138.651323][ T6635]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  138.657244][ T6635]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  138.663595][ T6635]  ? print_memory_metadata+0x314/0x400
[  138.669078][ T6635]  ? hpfs_get_ea+0x1e4/0xcb0
[  138.673683][ T6635]  check_panic_on_warn+0x89/0xb0
[  138.678635][ T6635]  ? hpfs_get_ea+0x1e4/0xcb0
[  138.683238][ T6635]  end_report+0x78/0x160
[  138.687494][ T6635]  kasan_report+0x129/0x150
[  138.692009][ T6635]  ? hpfs_get_ea+0x1e4/0xcb0
[  138.696610][ T6635]  hpfs_get_ea+0x1e4/0xcb0
[  138.701052][ T6635]  ? __pfx_hpfs_get_ea+0x10/0x10
[  138.705986][ T6635]  ? bdev_getblk+0x7b/0x690
[  138.710480][ T6635]  ? __pfx___might_resched+0x10/0x10
[  138.715765][ T6635]  ? __bread_gfp+0xc3/0x3c0
[  138.720285][ T6635]  ? hpfs_map_sector+0x14f/0x380
[  138.725233][ T6635]  ? hpfs_map_fnode+0x27e/0x6a0
[  138.730080][ T6635]  ? set_normalized_timespec64+0xf0/0x1a0
[  138.735808][ T6635]  ? __lock_acquire+0xab9/0xd20
[  138.740660][ T6635]  hpfs_read_inode+0x19d/0x1010
[  138.745509][ T6635]  ? __pfx_hpfs_read_inode+0x10/0x10
[  138.750790][ T6635]  ? inode_set_ctime_to_ts+0x126/0x2f0
[  138.756261][ T6635]  ? __pfx_inode_set_ctime_to_ts+0x10/0x10
[  138.762068][ T6635]  ? do_raw_spin_unlock+0x122/0x240
[  138.767267][ T6635]  ? hpfs_init_inode+0x216/0x350
[  138.772285][ T6635]  hpfs_fill_super+0x12bd/0x2070
[  138.777402][ T6635]  ? __pfx_hpfs_fill_super+0x10/0x10
[  138.782951][ T6635]  ? __pfx_snprintf+0x10/0x10
[  138.787626][ T6635]  ? set_blocksize+0x21e/0x500
[  138.792399][ T6635]  ? sb_set_blocksize+0x104/0x180
[  138.797429][ T6635]  ? setup_bdev_super+0x4c1/0x5b0
[  138.802454][ T6635]  get_tree_bdev_flags+0x40e/0x4d0
[  138.807563][ T6635]  ? __pfx_hpfs_fill_super+0x10/0x10
[  138.812848][ T6635]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  138.818517][ T6635]  ? cap_capable+0x11f/0x460
[  138.823125][ T6635]  ? safesetid_security_capable+0xa9/0x1a0
[  138.828951][ T6635]  vfs_get_tree+0x8f/0x2b0
[  138.833366][ T6635]  do_new_mount+0x24a/0xa40
[  138.837910][ T6635]  __se_sys_mount+0x317/0x410
[  138.842590][ T6635]  ? __pfx___se_sys_mount+0x10/0x10
[  138.847867][ T6635]  ? do_syscall_64+0xbe/0x3b0
[  138.852538][ T6635]  ? __x64_sys_mount+0x20/0xc0
[  138.857305][ T6635]  do_syscall_64+0xfa/0x3b0
[  138.861817][ T6635]  ? lockdep_hardirqs_on+0x9c/0x150
[  138.867188][ T6635]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.873247][ T6635]  ? clear_bhb_loop+0x60/0xb0
[  138.877919][ T6635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.883809][ T6635] RIP: 0033:0x7f962d1900ca
[  138.888227][ T6635] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.907919][ T6635] RSP: 002b:00007f962df7fe68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  138.916338][ T6635] RAX: ffffffffffffffda RBX: 00007f962df7fef0 RCX: 00007f962d1900ca
[  138.924306][ T6635] RDX: 0000200000009e80 RSI: 0000200000009ec0 RDI: 00007f962df7feb0
[  138.932275][ T6635] RBP: 0000200000009e80 R08: 00007f962df7fef0 R09: 0000000000000041
[  138.940243][ T6635] R10: 0000000000000041 R11: 0000000000000246 R12: 0000200000009ec0
[  138.948212][ T6635] R13: 00007f962df7feb0 R14: 0000000000009e02 R15: 0000200000009fc0
[  138.956183][ T6635]  </TASK>
[  138.959437][ T6635] Kernel Offset: disabled
[  138.963837][ T6635] Rebooting in 86400 seconds..