Warning: Permanently added '10.128.1.108' (ED25519) to the list of known hosts.
1970/01/01 00:01:24 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:01:25 parsed 1 programs
[   88.479808][ T4458] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SSFS
[   96.208404][  T136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.210681][  T136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.213729][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   96.254539][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.256810][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.260694][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   96.492722][ T4505] chnl_net:caif_netlink_parms(): no params data found
[   96.532450][ T4505] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.534549][ T4505] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.537277][ T4505] device bridge_slave_0 entered promiscuous mode
[   96.541428][ T4505] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.543510][ T4505] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.546207][ T4505] device bridge_slave_1 entered promiscuous mode
[   96.562849][ T4505] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   96.567711][ T4505] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   96.584708][ T4505] team0: Port device team_slave_0 added
[   96.588217][ T4505] team0: Port device team_slave_1 added
[   96.603438][ T4505] batman_adv: batadv0: Adding interface: batadv_slave_0
[   96.605415][ T4505] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.612529][ T4505] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   96.616768][ T4505] batman_adv: batadv0: Adding interface: batadv_slave_1
[   96.618936][ T4505] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.625949][ T4505] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   96.700503][ T4505] device hsr_slave_0 entered promiscuous mode
[   96.738717][ T4505] device hsr_slave_1 entered promiscuous mode
[   97.592726][ T4505] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   97.623820][ T4505] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   97.671742][ T4505] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   97.682755][ T4505] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   97.788151][ T4505] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.799120][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   97.801718][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   97.807254][ T4505] 8021q: adding VLAN 0 to HW filter on device team0
[   97.815443][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   97.818540][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   97.821222][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.823175][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.834643][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   97.837167][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   97.840725][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   97.843290][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.845265][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.849615][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   97.861814][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   97.864869][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   97.867898][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   97.871996][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   97.876011][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   97.880506][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   97.892217][ T4505] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   97.895157][ T4505] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   97.934073][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   97.936947][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   97.941872][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   97.944606][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   97.950430][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   98.034825][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   98.039372][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   98.051570][ T4505] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.065935][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   98.070753][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   98.083023][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   98.085755][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   98.090053][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   98.093122][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   98.098117][ T4505] device veth0_vlan entered promiscuous mode
[   98.106346][ T4505] device veth1_vlan entered promiscuous mode
[   98.126623][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   98.131940][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   98.134644][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   98.138964][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   98.144006][ T4505] device veth0_macvtap entered promiscuous mode
[   98.149433][ T4505] device veth1_macvtap entered promiscuous mode
[   98.164479][ T4505] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.168641][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   98.171376][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   98.173994][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   98.177419][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   98.183898][ T4505] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.189330][ T4505] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.191795][ T4505] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.194232][ T4505] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.196708][ T4505] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.202273][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   98.205152][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
1970/01/01 00:01:39 executed programs: 0
[   99.494508][ T4661] chnl_net:caif_netlink_parms(): no params data found
[   99.536313][ T4661] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.539393][ T4661] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.542105][ T4661] device bridge_slave_0 entered promiscuous mode
[   99.546587][ T4661] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.549240][ T4661] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.551969][ T4661] device bridge_slave_1 entered promiscuous mode
[   99.572152][ T4661] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   99.577158][ T4661] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   99.596985][ T4661] team0: Port device team_slave_0 added
[   99.600982][ T4661] team0: Port device team_slave_1 added
[   99.615925][ T4661] batman_adv: batadv0: Adding interface: batadv_slave_0
[   99.617891][ T4661] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   99.625840][ T4661] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   99.630467][ T4661] batman_adv: batadv0: Adding interface: batadv_slave_1
[   99.632376][ T4661] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   99.640219][ T4661] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   99.701509][ T4661] device hsr_slave_0 entered promiscuous mode
[   99.738594][ T4661] device hsr_slave_1 entered promiscuous mode
[   99.778685][ T4661] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   99.780866][ T4661] Cannot create hsr debugfs directory
[   99.897714][ T4661] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.398525][ T4144] Bluetooth: hci0: command 0x0409 tx timeout
[  103.478790][   T13] Bluetooth: hci0: command 0x041b tx timeout
[  103.756740][ T4661] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.805947][ T4661] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.868941][ T4661] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.030903][ T4661] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  104.060828][ T4661] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  104.110900][ T4661] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  104.185708][ T4661] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  104.271672][ T4661] 8021q: adding VLAN 0 to HW filter on device bond0
[  104.282958][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  104.285587][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  104.292071][ T4661] 8021q: adding VLAN 0 to HW filter on device team0
[  104.297128][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  104.301077][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  104.303815][  T378] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.305803][  T378] bridge0: port 1(bridge_slave_0) entered forwarding state
[  104.308604][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  104.319667][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  104.322560][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  104.325208][  T378] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.327222][  T378] bridge0: port 2(bridge_slave_1) entered forwarding state
[  104.330444][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  104.333364][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  104.338876][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  104.341930][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  104.345667][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  104.351332][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  104.354476][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  104.361044][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  104.363911][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  104.370849][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  104.373782][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  104.379914][ T4661] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  104.466751][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  104.469174][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  104.476829][ T4661] 8021q: adding VLAN 0 to HW filter on device batadv0
[  104.492273][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  104.495279][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  104.511028][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  104.513906][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  104.516844][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  104.521577][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  104.525907][ T4661] device veth0_vlan entered promiscuous mode
[  104.535026][ T4661] device veth1_vlan entered promiscuous mode
[  104.551966][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  104.554869][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  104.557730][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  104.561854][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  104.567000][ T4661] device veth0_macvtap entered promiscuous mode
[  104.593989][ T4661] device veth1_macvtap entered promiscuous mode
[  104.605775][ T4661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  104.608915][ T4661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.613936][ T4661] batman_adv: batadv0: Interface activated: batadv_slave_0
[  104.616265][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  104.619753][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  104.622554][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  104.625337][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  104.648646][ T4661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  104.651692][ T4661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.655455][ T4661] batman_adv: batadv0: Interface activated: batadv_slave_1
[  104.658471][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  104.661350][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  104.666651][ T4661] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  104.670215][ T4661] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  104.672751][ T4661] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  104.675290][ T4661] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  104.728202][  T378] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.732315][  T378] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  104.736559][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  104.750885][  T153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.753157][  T153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  104.757695][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
1970/01/01 00:01:44 executed programs: 2
[  104.837142][ T4896] loop0: detected capacity change from 0 to 4096
[  104.903204][ T4896] ntfs: (device loop0): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  104.906635][ T4896] ntfs: (device loop0): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  104.915513][ T4896] ntfs: (device loop0): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  104.919054][ T4896] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  104.922612][ T4896] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  104.927668][ T4896] ntfs: volume version 3.1.
[  104.931406][ T4896] ntfs: (device loop0): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty.
[  104.934940][ T4896] ntfs: (device loop0): load_system_files(): Failed to load $LogFile.  Will not be able to remount read-write.  Mount in Windows.
[  104.940222][ T4896] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  104.943198][ T4896] ntfs: (device loop0): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  104.946209][ T4896] ntfs: (device loop0): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[  104.954233][ T4896] ==================================================================
[  104.956707][ T4896] BUG: KASAN: use-after-free in ntfs_readpage+0x670/0x1d94
[  104.958703][ T4896] Read of size 285212680 at addr ffff0000e9be2a9a by task syz.0.16/4896
[  104.961053][ T4896] 
[  104.961727][ T4896] CPU: 0 PID: 4896 Comm: syz.0.16 Not tainted 5.15.186-syzkaller #0
[  104.964018][ T4896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  104.966775][ T4896] Call trace:
[  104.967705][ T4896]  dump_backtrace+0x0/0x43c
[  104.968972][ T4896]  show_stack+0x2c/0x3c
[  104.970047][ T4896]  __dump_stack+0x30/0x40
[  104.971272][ T4896]  dump_stack_lvl+0xf8/0x160
[  104.972543][ T4896]  print_address_description+0x78/0x30c
[  104.974055][ T4896]  kasan_report+0xec/0x15c
[  104.975265][ T4896]  kasan_check_range+0x270/0x2b0
[  104.976641][ T4896]  memcpy+0x90/0xe8
[  104.977677][ T4896]  ntfs_readpage+0x670/0x1d94
[  104.978974][ T4896]  do_read_cache_page+0x5f4/0x8f8
[  104.980362][ T4896]  read_cache_page+0x68/0x88
[  104.981636][ T4896]  ntfs_readdir+0x568/0x262c
[  104.982978][ T4896]  iterate_dir+0x1f0/0x4cc
[  104.984239][ T4896]  __arm64_sys_getdents64+0x11c/0x340
[  104.985731][ T4896]  invoke_syscall+0x98/0x2b8
[  104.986952][ T4896]  el0_svc_common+0x138/0x258
[  104.988205][ T4896]  do_el0_svc+0x58/0x14c
[  104.989360][ T4896]  el0_svc+0x78/0x1e0
[  104.990422][ T4896]  el0t_64_sync_handler+0xcc/0xe4
[  104.991846][ T4896]  el0t_64_sync+0x1a0/0x1a4
[  104.993057][ T4896] 
[  104.993659][ T4896] The buggy address belongs to the page:
[  104.995228][ T4896] page:00000000ecd30218 refcount:3 mapcount:0 mapping:00000000ec3821bb index:0x2 pfn:0x129be2
[  104.998088][ T4896] memcg:ffff0000c8c74000
[  104.999324][ T4896] aops:ntfs_mst_aops ino:0
[  105.000554][ T4896] flags: 0x5ffc00000002036(referenced|uptodate|lru|active|private|node=0|zone=2|lastcpupid=0x7ff)
[  105.003605][ T4896] raw: 05ffc00000002036 fffffc00035ce8c8 fffffc0003a6f908 ffff0000e73a8548
[  105.006023][ T4896] raw: 0000000000000002 ffff0000c0661740 00000003ffffffff ffff0000c8c74000
[  105.008358][ T4896] page dumped because: kasan: bad access detected
[  105.010194][ T4896] 
[  105.010837][ T4896] Memory state around the buggy address:
[  105.012389][ T4896]  ffff0000e9be9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  105.014720][ T4896]  ffff0000e9be9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  105.016957][ T4896] >ffff0000e9bea000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  105.019207][ T4896]                    ^
[  105.020309][ T4896]  ffff0000e9bea080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  105.022553][ T4896]  ffff0000e9bea100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  105.024798][ T4896] ==================================================================
[  105.027049][ T4896] Disabling lock debugging due to kernel taint
[  105.133391][ T4898] loop0: detected capacity change from 0 to 4096
[  105.181395][ T4898] ntfs: volume version 3.1.
[  105.190331][  T136] ------------[ cut here ]------------
[  105.191923][  T136] ODEBUG: activate not available (active state 0) object type: timer_list hint: delayed_work_timer_fn+0x0/0x90
[  105.195473][  T136] WARNING: CPU: 1 PID: 136 at lib/debugobjects.c:521 debug_object_activate+0x348/0x464
[  105.198356][  T136] Modules linked in:
[  105.199450][  T136] CPU: 1 PID: 136 Comm: kworker/u4:1 Tainted: G    B             5.15.186-syzkaller #0
[  105.202102][  T136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  105.204867][  T136] Workqueue: bat_events batadv_nc_worker
[  105.206418][  T136] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[  105.208496][  T136] pc : debug_object_activate+0x348/0x464
[  105.209984][  T136] lr : debug_object_activate+0x348/0x464
[  105.211555][  T136] sp : ffff80001bd47930
[  105.212751][  T136] x29: ffff80001bd47930 x28: dfff800000000000 x27: ffff80001b0e7000
[  105.215166][  T136] x26: ffff0000dc699728 x25: 0000000000000000 x24: ffff800011342ce0
[  105.216912][ T4898] Kernel panic - not syncing: corrupted stack end detected inside scheduler
[  105.217437][  T136] x23: 0000000000000005 x22: ffff8000117da4e0
[  105.219956][ T4898] CPU: 0 PID: 4898 Comm: syz.0.17 Tainted: G    B             5.15.186-syzkaller #0
[  105.219962][  T136]  x21: ffff8000081e85f0
[  105.219971][ T4898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  105.221610][  T136] 
[  105.224234][ T4898] Call trace:
[  105.224242][ T4898]  dump_backtrace+0x0/0x43c
[  105.225399][  T136] x20: ffff800011342ce0
[  105.228136][ T4898]  show_stack+0x2c/0x3c
[  105.228820][  T136]  x19: ffff0000dc699728
[  105.229735][ T4898]  __dump_stack+0x30/0x40
[  105.230910][  T136]  x18: 0000000000000002
[  105.232095][ T4898]  dump_stack_lvl+0xf8/0x160
[  105.233230][  T136] 
[  105.234379][ T4898]  dump_stack+0x1c/0x5c
[  105.235555][  T136] x17: 0000000000000000
[  105.236728][ T4898]  panic+0x2e4/0x854
[  105.238113][  T136]  x16: ffff8000111cf35c
[  105.238725][ T4898]  __schedule+0xfd8/0x1c0c
[  105.239862][  T136]  x15: 00000000ffffffff
[  105.241006][ T4898]  preempt_schedule_common+0x138/0x218
[  105.242090][  T136] 
[  105.243273][ T4898]  preempt_schedule+0x64/0x84
[  105.244479][  T136] x14: 0000000000ff0100
[  105.245608][ T4898]  ntfs_readpage+0x1a38/0x1d94
[  105.247184][  T136]  x13: 0000000000000001
[  105.247807][ T4898]  do_read_cache_page+0x5f4/0x8f8
[  105.249086][  T136]  x12: 0000000000ff0100
[  105.250260][ T4898]  read_cache_page+0x68/0x88
[  105.251568][  T136] 
[  105.252776][ T4898]  ntfs_readdir+0x568/0x262c
[  105.254221][  T136] x11: 0000000000000001
[  105.255411][ T4898]  iterate_dir+0x1f0/0x4cc
[  105.256634][  T136]  x10: 0000000000000000
[  105.257271][ T4898]  __arm64_sys_getdents64+0x11c/0x340
[  105.258522][  T136]  x9 : 9b464c2b80c5bb00
[  105.259676][ T4898]  invoke_syscall+0x98/0x2b8
[  105.260908][  T136] 
[  105.262074][ T4898]  el0_svc_common+0x138/0x258
[  105.263586][  T136] x8 : 9b464c2b80c5bb00
[  105.264817][ T4898]  do_el0_svc+0x58/0x14c
[  105.266009][  T136]  x7 : 0000000000000001
[  105.266671][ T4898]  el0_svc+0x78/0x1e0
[  105.267995][  T136]  x6 : 0000000000000001
[  105.269183][ T4898]  el0t_64_sync_handler+0xcc/0xe4
[  105.270417][  T136] 
[  105.271586][ T4898]  el0t_64_sync+0x1a0/0x1a4
[  105.272671][  T136] x5 : ffff80001bd47218
[  105.273798][ T4898] SMP: stopping secondary CPUs
[  105.275163][  T136]  x4 : ffff80001425f400 x3 : ffff800008505198
[  105.281277][  T136] x2 : 0000000000000001 x1 : 0000000100000001 x0 : 000000000000006c
[  105.283535][  T136] Call trace:
[  105.284470][  T136]  debug_object_activate+0x348/0x464
[  105.285958][  T136]  __mod_timer+0x618/0xb44
[  105.287217][  T136]  add_timer+0x6c/0x88
[  105.288462][  T136]  queue_delayed_work_on+0x1e8/0x324
[  105.289926][  T136]  batadv_nc_worker+0x4dc/0x554
[  105.291323][  T136]  process_one_work+0x79c/0x1140
[  105.292703][  T136]  worker_thread+0x8f4/0x101c
[  105.293997][  T136]  kthread+0x374/0x454
[  105.295144][  T136]  ret_from_fork+0x10/0x20
[  105.296413][  T136] irq event stamp: 2242408
[  105.297759][  T136] hardirqs last  enabled at (2242407): [<ffff8000112a9590>] _raw_spin_unlock_irq+0x98/0x128
[  105.300725][  T136] hardirqs last disabled at (2242408): [<ffff800011295698>] __schedule+0x2ec/0x1c0c
[  105.303449][  T136] softirqs last  enabled at (2242402): [<ffff800010f4f414>] batadv_nc_purge_paths+0x308/0x390
[  105.306513][  T136] softirqs last disabled at (2242400): [<ffff800010f4f1dc>] batadv_nc_purge_paths+0xd0/0x390
[  105.309402][  T136] ---[ end trace 668e466cb3c282ee ]---
[  105.310896][  T136] Unable to handle kernel paging request at virtual address dfff9bd400468000
[  105.313336][  T136] Mem abort info:
[  105.314554][  T136]   ESR = 0x0000000096000004
[  105.316109][  T136]   EC = 0x25: DABT (current EL), IL = 32 bits
[  105.317807][  T136]   SET = 0, FnV = 0
[  105.318887][  T136]   EA = 0, S1PTW = 0
[  105.319976][  T136]   FSC = 0x04: level 0 translation fault
[  105.321588][  T136] Data abort info:
[  105.322589][  T136]   ISV = 0, ISS = 0x00000004
[  105.323906][  T136]   CM = 0, WnR = 0
[  105.324973][  T136] [dfff9bd400468000] address between user and kernel address ranges
[  105.327158][  T136] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP
[  105.329229][  T136] Modules linked in:
[  105.330347][  T136] CPU: 1 PID: 136 Comm: kworker/u4:1 Tainted: G    B   W         5.15.186-syzkaller #0
[  105.333152][  T136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  105.336048][  T136] Workqueue: bat_events batadv_nc_worker
[  105.337596][  T136] pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[  105.339750][  T136] pc : alloc_object+0xf4/0x608
[  105.341099][  T136] lr : alloc_object+0x34/0x608
[  105.342368][  T136] sp : ffff80001bd47660
[  105.343520][  T136] x29: ffff80001bd476a0 x28: ffff0000ec2ade70 x27: ffff80001b026918
[  105.345807][  T136] x26: dfff800000000000 x25: 0000dea002340000 x24: ffff0000ec2ade78
[  105.347985][  T136] x23: ffff0001a10e3d50 x22: dfff800000000000 x21: 12f5000000000000
[  105.350156][  T136] x20: 1fffe0001d855bcf x19: 1fffe0001d855bce x18: 0000000000000001
[  105.352322][  T136] x17: 0000000000000000 x16: ffff8000082d5f6c x15: 0000000000000005
[  105.354522][  T136] x14: 0000000000ff0100 x13: ffffffffffffffff x12: 0000000000ff0100
[  105.356763][  T136] x11: 0000000000000002 x10: 0000000000000003 x9 : ffff8000140e2d50
[  105.359108][  T136] x8 : 00001bd400468000 x7 : 0000000000000001 x6 : ffff80000a781510
[  105.361468][  T136] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff8000082d608c
[  105.363674][  T136] x2 : ffff800011342ce0 x1 : ffff8000117d99e0 x0 : 0000000000000001
[  105.365922][  T136] Call trace:
[  105.366826][  T136]  alloc_object+0xf4/0x608
[  105.368048][  T136]  __debug_object_init+0x164/0x98c
[  105.369483][  T136]  debug_object_init+0x20/0x2c
[  105.370757][  T136]  init_timer_key+0x54/0x418
[  105.372013][  T136]  timer_fixup_activate+0x64/0x94
[  105.373404][  T136]  debug_object_activate+0x398/0x464
[  105.374817][  T136]  __mod_timer+0x618/0xb44
[  105.376031][  T136]  add_timer+0x6c/0x88
[  105.377152][  T136]  queue_delayed_work_on+0x1e8/0x324
[  105.378702][  T136]  batadv_nc_worker+0x4dc/0x554
[  105.380045][  T136]  process_one_work+0x79c/0x1140
[  105.381359][  T136]  worker_thread+0x8f4/0x101c
[  105.382605][  T136]  kthread+0x374/0x454
[  105.383772][  T136]  ret_from_fork+0x10/0x20
[  105.385012][  T136] Code: aa1803e0 9783293e f9400319 d343ff28 (38766908) 
[  105.386961][  T136] ---[ end trace 668e466cb3c282ef ]---
[  105.801543][ T4898] Kernel Offset: disabled
[  105.802841][ T4898] CPU features: 0x8,000081c1,21302e40
[  105.804350][ T4898] Memory Limit: none
[  106.172128][ T4898] Rebooting in 86400 seconds..