Warning: Permanently added '10.128.0.60' (ED25519) to the list of known hosts.
2025/07/07 21:33:54 ignoring optional flag "sandboxArg"="0"
2025/07/07 21:33:55 parsed 1 programs
[ 86.731800][ T4642] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 88.402000][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 88.413810][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 88.423579][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 88.434566][ T4351] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 88.443550][ T4351] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 88.452560][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 90.045153][ T4709] chnl_net:caif_netlink_parms(): no params data found
[ 90.079693][ T4709] bridge0: port 1(bridge_slave_0) entered blocking state
[ 90.086994][ T4709] bridge0: port 1(bridge_slave_0) entered disabled state
[ 90.095089][ T4709] device bridge_slave_0 entered promiscuous mode
[ 90.102657][ T4709] bridge0: port 2(bridge_slave_1) entered blocking state
[ 90.109987][ T4709] bridge0: port 2(bridge_slave_1) entered disabled state
[ 90.117733][ T4709] device bridge_slave_1 entered promiscuous mode
[ 90.136143][ T4709] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 90.146794][ T4709] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 90.169624][ T4709] team0: Port device team_slave_0 added
[ 90.176652][ T4709] team0: Port device team_slave_1 added
[ 90.192881][ T4709] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 90.200107][ T4709] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 90.226442][ T4709] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 90.238861][ T4709] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 90.246522][ T4709] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 90.272861][ T4709] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 90.299653][ T4709] device hsr_slave_0 entered promiscuous mode
[ 90.307074][ T4709] device hsr_slave_1 entered promiscuous mode
[ 90.777918][ T4709] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 90.819929][ T4709] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 90.830463][ T4709] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 90.840673][ T4709] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 90.893199][ T4709] bridge0: port 2(bridge_slave_1) entered blocking state
[ 90.900441][ T4709] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 90.907856][ T4709] bridge0: port 1(bridge_slave_0) entered blocking state
[ 90.914963][ T4709] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 90.984496][ T4709] 8021q: adding VLAN 0 to HW filter on device bond0
[ 90.998363][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 91.007487][ T4351] bridge0: port 1(bridge_slave_0) entered disabled state
[ 91.017752][ T4351] bridge0: port 2(bridge_slave_1) entered disabled state
[ 91.027058][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 91.041315][ T4709] 8021q: adding VLAN 0 to HW filter on device team0
[ 91.086622][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 91.097032][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 91.106475][ T4351] bridge0: port 1(bridge_slave_0) entered blocking state
[ 91.113543][ T4351] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 91.122300][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 91.138645][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 91.147708][ T4351] bridge0: port 2(bridge_slave_1) entered blocking state
[ 91.154830][ T4351] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 91.163406][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 91.173138][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 91.182358][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 91.191577][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 91.224601][ T4709] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 91.239526][ T4709] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 91.253091][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 91.262545][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 91.271665][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 91.282498][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 91.291610][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 91.301577][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 91.310427][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 91.340289][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 91.484849][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 91.492297][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 91.511097][ T4709] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 91.535951][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 91.555187][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 91.595119][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 91.616584][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 91.637168][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 91.647854][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 91.657932][ T4709] device veth0_vlan entered promiscuous mode
[ 91.676154][ T4709] device veth1_vlan entered promiscuous mode
[ 91.704028][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 91.716178][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 91.740445][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 91.749563][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 91.778079][ T4709] device veth0_macvtap entered promiscuous mode
[ 91.798557][ T4709] device veth1_macvtap entered promiscuous mode
[ 91.832889][ T4709] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 91.855051][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 91.863599][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 91.873230][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 91.883785][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 91.896345][ T4709] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 91.905348][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 91.917804][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 91.928806][ T4709] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 91.944875][ T4709] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 91.957790][ T4709] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 91.971811][ T4709] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/07/07 21:34:04 executed programs: 0
[ 92.751906][ T4818] chnl_net:caif_netlink_parms(): no params data found
[ 92.869473][ T4818] bridge0: port 1(bridge_slave_0) entered blocking state
[ 92.887616][ T4818] bridge0: port 1(bridge_slave_0) entered disabled state
[ 92.900551][ T4818] device bridge_slave_0 entered promiscuous mode
[ 92.911684][ T4818] bridge0: port 2(bridge_slave_1) entered blocking state
[ 92.924964][ T4818] bridge0: port 2(bridge_slave_1) entered disabled state
[ 92.932948][ T4818] device bridge_slave_1 entered promiscuous mode
[ 92.986978][ T4818] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 93.007973][ T4818] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 93.057667][ T4818] team0: Port device team_slave_0 added
[ 93.087231][ T4818] team0: Port device team_slave_1 added
[ 93.124271][ T4818] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 93.133394][ T4818] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 93.163344][ T4818] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 93.177460][ T4818] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 93.184509][ T4818] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 93.218399][ T4818] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 93.271931][ T4818] device hsr_slave_0 entered promiscuous mode
[ 93.280959][ T4818] device hsr_slave_1 entered promiscuous mode
[ 93.287891][ T4818] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 93.297848][ T4818] Cannot create hsr debugfs directory
[ 93.404495][ T4818] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 94.564882][ T7] Bluetooth: hci0: command 0x0409 tx timeout
[ 96.003301][ T4818] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 96.228856][ T4818] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 96.311620][ T4818] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 96.379343][ T4818] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 96.388599][ T4818] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 96.397424][ T4818] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 96.406472][ T4818] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 96.456980][ T4818] 8021q: adding VLAN 0 to HW filter on device bond0
[ 96.477234][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 96.485907][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 96.494477][ T4818] 8021q: adding VLAN 0 to HW filter on device team0
[ 96.504529][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 96.513367][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 96.522434][ T154] bridge0: port 1(bridge_slave_0) entered blocking state
[ 96.529541][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 96.537345][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 96.547887][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 96.556551][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 96.566209][ T1210] bridge0: port 2(bridge_slave_1) entered blocking state
[ 96.573350][ T1210] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 96.590924][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 96.601627][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 96.613444][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 96.623006][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 96.638880][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 96.646303][ T4702] Bluetooth: hci0: command 0x041b tx timeout
[ 96.655556][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 96.664136][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 96.676561][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 96.685394][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 96.695847][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 96.704226][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 96.723656][ T4818] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 96.807844][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 96.815567][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 96.828006][ T4818] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 96.842812][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 96.852492][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 96.876496][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 96.884644][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 96.894688][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 96.903543][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 96.912474][ T4818] device veth0_vlan entered promiscuous mode
[ 96.923486][ T144] device hsr_slave_0 left promiscuous mode
[ 96.930049][ T144] device hsr_slave_1 left promiscuous mode
[ 96.936716][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 96.944098][ T144] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 96.952482][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 96.960188][ T144] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 96.969696][ T144] device bridge_slave_1 left promiscuous mode
[ 96.976115][ T144] bridge0: port 2(bridge_slave_1) entered disabled state
[ 96.984546][ T144] device bridge_slave_0 left promiscuous mode
[ 96.991147][ T144] bridge0: port 1(bridge_slave_0) entered disabled state
[ 97.001666][ T144] device veth1_macvtap left promiscuous mode
[ 97.007999][ T144] device veth0_macvtap left promiscuous mode
[ 97.014037][ T144] device veth1_vlan left promiscuous mode
[ 97.020151][ T144] device veth0_vlan left promiscuous mode
[ 97.132722][ T144] team0 (unregistering): Port device team_slave_1 removed
[ 97.146517][ T144] team0 (unregistering): Port device team_slave_0 removed
[ 97.158871][ T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 97.171973][ T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 97.216355][ T144] bond0 (unregistering): Released all slaves
[ 97.282826][ T4818] device veth1_vlan entered promiscuous mode
[ 97.301611][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 97.310068][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 97.318272][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 97.326741][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 97.341155][ T4818] device veth0_macvtap entered promiscuous mode
[ 97.350909][ T4818] device veth1_macvtap entered promiscuous mode
[ 97.368497][ T4818] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 97.376269][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 97.384350][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 97.392828][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 97.402117][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 97.415050][ T4818] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 97.422684][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 97.433177][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 97.448670][ T4818] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.458324][ T4818] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.467929][ T4818] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.477099][ T4818] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/07/07 21:34:09 executed programs: 2
[ 97.521153][ T155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 97.545495][ T155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 97.554261][ T1210] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 97.566443][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 97.570399][ T1210] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 97.583070][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 97.818702][ T5092] loop0: detected capacity change from 0 to 32768
[ 97.875933][ T5092] ==================================================================
[ 97.884183][ T5092] BUG: KASAN: slab-out-of-bounds in diWrite+0xbe7/0x1610
[ 97.891233][ T5092] Write of size 32 at addr ffff888072da64c0 by task syz.0.16/5092
[ 97.899036][ T5092]
[ 97.901367][ T5092] CPU: 1 PID: 5092 Comm: syz.0.16 Not tainted 5.15.186-syzkaller #0
[ 97.909341][ T5092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 97.919407][ T5092] Call Trace:
[ 97.922683][ T5092]
[ 97.925613][ T5092] dump_stack_lvl+0x168/0x230
[ 97.930313][ T5092] ? show_regs_print_info+0x20/0x20
[ 97.935520][ T5092] ? load_image+0x3b0/0x3b0
[ 97.940021][ T5092] ? _raw_spin_lock_irqsave+0xb0/0xf0
[ 97.945513][ T5092] ? __rwlock_init+0x140/0x140
[ 97.950286][ T5092] ? mark_page_accessed+0xce5/0x12b0
[ 97.955581][ T5092] print_address_description+0x60/0x2d0
[ 97.961137][ T5092] ? diWrite+0xbe7/0x1610
[ 97.965473][ T5092] kasan_report+0xdf/0x130
[ 97.969898][ T5092] ? diWrite+0xbe7/0x1610
[ 97.974237][ T5092] ? diWrite+0xbe7/0x1610
[ 97.978576][ T5092] kasan_check_range+0x27b/0x290
[ 97.983520][ T5092] memcpy+0x3c/0x60
[ 97.987337][ T5092] diWrite+0xbe7/0x1610
[ 97.991509][ T5092] txCommit+0x84b/0x51c0
[ 97.995759][ T5092] ? ktime_get_real_ts64+0x420/0x420
[ 98.001059][ T5092] ? txLinelock+0x160/0x160
[ 98.005566][ T5092] ? rcu_is_watching+0x11/0xa0
[ 98.010327][ T5092] ? __mark_inode_dirty+0x383/0xc60
[ 98.015528][ T5092] jfs_mkdir+0x875/0xa70
[ 98.019869][ T5092] ? jfs_symlink+0xe60/0xe60
[ 98.024480][ T5092] ? make_kgid+0x640/0x640
[ 98.028892][ T5092] ? apparmor_path_mkdir+0x1a3/0x220
[ 98.034217][ T5092] ? generic_permission+0x230/0x510
[ 98.039419][ T5092] ? inode_permission+0xef/0x480
[ 98.044366][ T5092] ? bpf_lsm_inode_mkdir+0x5/0x10
[ 98.049389][ T5092] ? security_inode_mkdir+0xb3/0x100
[ 98.054680][ T5092] vfs_mkdir+0x387/0x570
[ 98.058939][ T5092] do_mkdirat+0x1d7/0x5a0
[ 98.063270][ T5092] ? vfs_mkdir+0x570/0x570
[ 98.067690][ T5092] ? getname_flags+0x1fe/0x500
[ 98.072458][ T5092] __x64_sys_mkdir+0x6a/0x80
[ 98.077049][ T5092] do_syscall_64+0x4c/0xa0
[ 98.081466][ T5092] ? clear_bhb_loop+0x30/0x80
[ 98.086145][ T5092] ? clear_bhb_loop+0x30/0x80
[ 98.090986][ T5092] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 98.096908][ T5092] RIP: 0033:0x7fe30cb74969
[ 98.101335][ T5092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 98.120944][ T5092] RSP: 002b:00007fe30bde4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 98.129466][ T5092] RAX: ffffffffffffffda RBX: 00007fe30cd9bfa0 RCX: 00007fe30cb74969
[ 98.137451][ T5092] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000200
[ 98.145426][ T5092] RBP: 00007fe30cbf6ab1 R08: 0000000000000000 R09: 0000000000000000
[ 98.153402][ T5092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 98.161383][ T5092] R13: 0000000000000000 R14: 00007fe30cd9bfa0 R15: 00007ffc5f94ebc8
[ 98.169386][ T5092]
[ 98.172404][ T5092]
[ 98.174896][ T5092] Allocated by task 4991:
[ 98.179226][ T5092] __kasan_kmalloc+0xb5/0xf0
[ 98.183848][ T5092] tomoyo_encode+0x27e/0x540
[ 98.188455][ T5092] tomoyo_realpath_from_path+0x5cd/0x610
[ 98.194103][ T5092] tomoyo_check_open_permission+0x183/0x360
[ 98.200003][ T5092] security_file_open+0x5e/0xa0
[ 98.204857][ T5092] do_dentry_open+0x322/0xf80
[ 98.209531][ T5092] path_openat+0x2682/0x2f30
[ 98.214119][ T5092] do_filp_open+0x1b3/0x3e0
[ 98.218629][ T5092] do_sys_openat2+0x142/0x4a0
[ 98.223426][ T5092] __x64_sys_openat+0x135/0x160
[ 98.228282][ T5092] do_syscall_64+0x4c/0xa0
[ 98.232707][ T5092] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 98.238618][ T5092]
[ 98.240942][ T5092] Freed by task 4991:
[ 98.244909][ T5092] kasan_set_track+0x4b/0x70
[ 98.249504][ T5092] kasan_set_free_info+0x1f/0x40
[ 98.254452][ T5092] ____kasan_slab_free+0xd5/0x110
[ 98.259487][ T5092] slab_free_freelist_hook+0xea/0x170
[ 98.264860][ T5092] kfree+0xef/0x2a0
[ 98.268663][ T5092] tomoyo_check_open_permission+0x292/0x360
[ 98.274555][ T5092] security_file_open+0x5e/0xa0
[ 98.279401][ T5092] do_dentry_open+0x322/0xf80
[ 98.284075][ T5092] path_openat+0x2682/0x2f30
[ 98.288664][ T5092] do_filp_open+0x1b3/0x3e0
[ 98.293175][ T5092] do_sys_openat2+0x142/0x4a0
[ 98.297863][ T5092] __x64_sys_openat+0x135/0x160
[ 98.302726][ T5092] do_syscall_64+0x4c/0xa0
[ 98.307152][ T5092] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 98.313058][ T5092]
[ 98.315436][ T5092] The buggy address belongs to the object at ffff888072da6480
[ 98.315436][ T5092] which belongs to the cache kmalloc-64 of size 64
[ 98.329324][ T5092] The buggy address is located 0 bytes to the right of
[ 98.329324][ T5092] 64-byte region [ffff888072da6480, ffff888072da64c0)
[ 98.342873][ T5092] The buggy address belongs to the page:
[ 98.348519][ T5092] page:ffffea0001cb6980 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x72da6
[ 98.358673][ T5092] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 98.366240][ T5092] raw: 00fff00000000200 0000000000000000 dead000000000122 ffff888016841640
[ 98.374912][ T5092] raw: 0000000000000000 0000000000200020 00000001ffffffff 0000000000000000
[ 98.383488][ T5092] page dumped because: kasan: bad access detected
[ 98.389904][ T5092] page_owner tracks the page as allocated
[ 98.395615][ T5092] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL), pid 4991, ts 95130334196, free_ts 95128817434
[ 98.412895][ T5092] get_page_from_freelist+0x1b77/0x1c60
[ 98.418467][ T5092] __alloc_pages+0x1e1/0x470
[ 98.423070][ T5092] new_slab+0xc0/0x4b0
[ 98.427147][ T5092] ___slab_alloc+0x81e/0xdf0
[ 98.431857][ T5092] __kmalloc+0x1cd/0x330
[ 98.436109][ T5092] tomoyo_encode+0x27e/0x540
[ 98.440709][ T5092] tomoyo_realpath_from_path+0x5cd/0x610
[ 98.446343][ T5092] tomoyo_path_perm+0x1cd/0x510
[ 98.451195][ T5092] security_inode_getattr+0xcf/0x120
[ 98.456741][ T5092] vfs_getattr+0x26/0x3a0
[ 98.461070][ T5092] __x64_sys_newfstat+0x104/0x1d0
[ 98.466097][ T5092] do_syscall_64+0x4c/0xa0
[ 98.470509][ T5092] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 98.476399][ T5092] page last free stack trace:
[ 98.481077][ T5092] free_unref_page_prepare+0x637/0x6c0
[ 98.486549][ T5092] free_unref_page_list+0x122/0x7e0
[ 98.491750][ T5092] release_pages+0x184b/0x1bb0
[ 98.496519][ T5092] tlb_finish_mmu+0x164/0x2e0
[ 98.501196][ T5092] exit_mmap+0x3a6/0x5f0
[ 98.505433][ T5092] __mmput+0x115/0x3b0
[ 98.509513][ T5092] exec_mmap+0x4d1/0x5c0
[ 98.513747][ T5092] begin_new_exec+0x7e8/0x1160
[ 98.518502][ T5092] load_elf_binary+0x98e/0x2890
[ 98.523469][ T5092] bprm_execve+0xa92/0x17d0
[ 98.527967][ T5092] do_execveat_common+0x51e/0x6d0
[ 98.533071][ T5092] __x64_sys_execve+0x8e/0xa0
[ 98.537762][ T5092] do_syscall_64+0x4c/0xa0
[ 98.542201][ T5092] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 98.548220][ T5092]
[ 98.550541][ T5092] Memory state around the buggy address:
[ 98.556163][ T5092] ffff888072da6380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 98.564221][ T5092] ffff888072da6400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 98.572289][ T5092] >ffff888072da6480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 98.580345][ T5092] ^
[ 98.586500][ T5092] ffff888072da6500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 98.594559][ T5092] ffff888072da6580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 98.602626][ T5092] ==================================================================
[ 98.610779][ T5092] Disabling lock debugging due to kernel taint
[ 98.630411][ T5092] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 98.637651][ T5092] CPU: 1 PID: 5092 Comm: syz.0.16 Tainted: G B 5.15.186-syzkaller #0
[ 98.647035][ T5092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 98.657091][ T5092] Call Trace:
[ 98.660355][ T5092]
[ 98.663274][ T5092] dump_stack_lvl+0x168/0x230
[ 98.667940][ T5092] ? show_regs_print_info+0x20/0x20
[ 98.673136][ T5092] ? load_image+0x3b0/0x3b0
[ 98.677635][ T5092] panic+0x2c9/0x7f0
[ 98.681775][ T5092] ? bpf_jit_dump+0xd0/0xd0
[ 98.686345][ T5092] ? _raw_spin_unlock_irqrestore+0xf6/0x100
[ 98.692212][ T5092] ? _raw_spin_unlock+0x40/0x40
[ 98.697127][ T5092] ? diWrite+0xbe7/0x1610
[ 98.701452][ T5092] check_panic_on_warn+0x80/0xa0
[ 98.706368][ T5092] ? diWrite+0xbe7/0x1610
[ 98.710673][ T5092] end_report+0x6d/0xf0
[ 98.714812][ T5092] kasan_report+0x102/0x130
[ 98.719313][ T5092] ? diWrite+0xbe7/0x1610
[ 98.723616][ T5092] ? diWrite+0xbe7/0x1610
[ 98.725388][ T13] Bluetooth: hci0: command 0x040f tx timeout
[ 98.727930][ T5092] kasan_check_range+0x27b/0x290
[ 98.727958][ T5092] memcpy+0x3c/0x60
[ 98.742865][ T5092] diWrite+0xbe7/0x1610
[ 98.747005][ T5092] txCommit+0x84b/0x51c0
[ 98.751232][ T5092] ? ktime_get_real_ts64+0x420/0x420
[ 98.756496][ T5092] ? txLinelock+0x160/0x160
[ 98.761092][ T5092] ? rcu_is_watching+0x11/0xa0
[ 98.765829][ T5092] ? __mark_inode_dirty+0x383/0xc60
[ 98.771026][ T5092] jfs_mkdir+0x875/0xa70
[ 98.775246][ T5092] ? jfs_symlink+0xe60/0xe60
[ 98.779817][ T5092] ? make_kgid+0x640/0x640
[ 98.784206][ T5092] ? apparmor_path_mkdir+0x1a3/0x220
[ 98.789467][ T5092] ? generic_permission+0x230/0x510
[ 98.794651][ T5092] ? inode_permission+0xef/0x480
[ 98.799570][ T5092] ? bpf_lsm_inode_mkdir+0x5/0x10
[ 98.804586][ T5092] ? security_inode_mkdir+0xb3/0x100
[ 98.809870][ T5092] vfs_mkdir+0x387/0x570
[ 98.814099][ T5092] do_mkdirat+0x1d7/0x5a0
[ 98.818408][ T5092] ? vfs_mkdir+0x570/0x570
[ 98.822805][ T5092] ? getname_flags+0x1fe/0x500
[ 98.827557][ T5092] __x64_sys_mkdir+0x6a/0x80
[ 98.832124][ T5092] do_syscall_64+0x4c/0xa0
[ 98.836514][ T5092] ? clear_bhb_loop+0x30/0x80
[ 98.841170][ T5092] ? clear_bhb_loop+0x30/0x80
[ 98.845841][ T5092] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 98.851707][ T5092] RIP: 0033:0x7fe30cb74969
[ 98.856095][ T5092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 98.875798][ T5092] RSP: 002b:00007fe30bde4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 98.884310][ T5092] RAX: ffffffffffffffda RBX: 00007fe30cd9bfa0 RCX: 00007fe30cb74969
[ 98.892351][ T5092] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000200
[ 98.900405][ T5092] RBP: 00007fe30cbf6ab1 R08: 0000000000000000 R09: 0000000000000000
[ 98.908447][ T5092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 98.916398][ T5092] R13: 0000000000000000 R14: 00007fe30cd9bfa0 R15: 00007ffc5f94ebc8
[ 98.924859][ T5092]
[ 98.928119][ T5092] Kernel Offset: disabled
[ 98.932448][ T5092] Rebooting in 86400 seconds..