Warning: Permanently added '[localhost]:13459' (ED25519) to the list of known hosts.
2025/10/15 20:47:36 parsed 1 programs
[ 131.816218][ T5602] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 136.064542][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 136.070550][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 136.117736][ T3088] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 136.123950][ T3088] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 137.938245][ T1313] ieee802154 phy0 wpan0: encryption failed: -22
[ 137.941238][ T1313] ieee802154 phy1 wpan1: encryption failed: -22
[ 139.442196][ T5641] chnl_net:caif_netlink_parms(): no params data found
[ 139.549453][ T5641] bridge0: port 1(bridge_slave_0) entered blocking state
[ 139.556667][ T5641] bridge0: port 1(bridge_slave_0) entered disabled state
[ 139.559873][ T5641] bridge_slave_0: entered allmulticast mode
[ 139.576725][ T5641] bridge_slave_0: entered promiscuous mode
[ 139.581284][ T5641] bridge0: port 2(bridge_slave_1) entered blocking state
[ 139.584415][ T5641] bridge0: port 2(bridge_slave_1) entered disabled state
[ 139.597294][ T5641] bridge_slave_1: entered allmulticast mode
[ 139.601195][ T5641] bridge_slave_1: entered promiscuous mode
[ 139.628900][ T5641] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 139.634782][ T5641] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 139.655774][ T5641] team0: Port device team_slave_0 added
[ 139.660442][ T5641] team0: Port device team_slave_1 added
[ 139.680844][ T5641] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 139.683869][ T5641] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 139.695646][ T5641] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 139.701715][ T5641] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 139.704632][ T5641] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 139.716709][ T5641] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 139.747385][ T5641] hsr_slave_0: entered promiscuous mode
[ 139.750521][ T5641] hsr_slave_1: entered promiscuous mode
[ 140.408966][ T5641] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 140.424666][ T5641] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 140.461686][ T5641] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 140.473070][ T5641] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 140.601334][ T5641] 8021q: adding VLAN 0 to HW filter on device bond0
[ 140.636834][ T5641] 8021q: adding VLAN 0 to HW filter on device team0
[ 140.649194][ T54] bridge0: port 1(bridge_slave_0) entered blocking state
[ 140.652360][ T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 140.661748][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 140.665055][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 140.992818][ T5641] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 141.073458][ T5641] veth0_vlan: entered promiscuous mode
[ 141.095950][ T5641] veth1_vlan: entered promiscuous mode
[ 141.148130][ T5641] veth0_macvtap: entered promiscuous mode
[ 141.159943][ T5641] veth1_macvtap: entered promiscuous mode
[ 141.198196][ T5641] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 141.217625][ T5641] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 141.238668][ T54] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 141.248868][ T54] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 141.252613][ T54] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 141.256097][ T54] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 141.520908][ T3088] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 141.679104][ T3088] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 141.811934][ T3088] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 141.918544][ T3088] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 143.816680][ T3088] bridge_slave_1: left allmulticast mode
[ 143.819181][ T3088] bridge_slave_1: left promiscuous mode
[ 143.821732][ T3088] bridge0: port 2(bridge_slave_1) entered disabled state
[ 143.832473][ T3088] bridge_slave_0: left allmulticast mode
[ 143.835158][ T3088] bridge_slave_0: left promiscuous mode
[ 143.855549][ T3088] bridge0: port 1(bridge_slave_0) entered disabled state
[ 144.049830][ T4666] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 144.053743][ T4666] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 144.057661][ T4666] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 144.061333][ T4666] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 144.064732][ T4666] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 144.343925][ T3088] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 144.349374][ T3088] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 144.354163][ T3088] bond0 (unregistering): Released all slaves
[ 144.450530][ T3088] hsr_slave_0: left promiscuous mode
[ 144.457299][ T3088] hsr_slave_1: left promiscuous mode
[ 144.460130][ T3088] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 144.463272][ T3088] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 144.474381][ T3088] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 144.482191][ T3088] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 144.510106][ T3088] veth1_macvtap: left promiscuous mode
[ 144.512533][ T3088] veth0_macvtap: left promiscuous mode
[ 144.515022][ T3088] veth1_vlan: left promiscuous mode
[ 144.526556][ T3088] veth0_vlan: left promiscuous mode
[ 145.095240][ T3088] team0 (unregistering): Port device team_slave_1 removed
[ 145.141279][ T3088] team0 (unregistering): Port device team_slave_0 removed
2025/10/15 20:47:55 executed programs: 0
[ 146.958641][ T4666] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 146.963142][ T4666] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 146.967104][ T4666] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 146.971088][ T4666] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 146.974700][ T4666] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 147.345503][ T5782] chnl_net:caif_netlink_parms(): no params data found
[ 147.523764][ T5782] bridge0: port 1(bridge_slave_0) entered blocking state
[ 147.528838][ T5782] bridge0: port 1(bridge_slave_0) entered disabled state
[ 147.532110][ T5782] bridge_slave_0: entered allmulticast mode
[ 147.536002][ T5782] bridge_slave_0: entered promiscuous mode
[ 147.547385][ T5782] bridge0: port 2(bridge_slave_1) entered blocking state
[ 147.550923][ T5782] bridge0: port 2(bridge_slave_1) entered disabled state
[ 147.554165][ T5782] bridge_slave_1: entered allmulticast mode
[ 147.568528][ T5782] bridge_slave_1: entered promiscuous mode
[ 147.609732][ T5782] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 147.621111][ T5782] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 147.668466][ T5782] team0: Port device team_slave_0 added
[ 147.672881][ T5782] team0: Port device team_slave_1 added
[ 147.708736][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 147.711908][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 147.736861][ T5782] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 147.749680][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 147.752760][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 147.764994][ T5782] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 147.832288][ T5782] hsr_slave_0: entered promiscuous mode
[ 147.835726][ T5782] hsr_slave_1: entered promiscuous mode
[ 148.338005][ T5782] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 148.358271][ T5782] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 148.369856][ T5782] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 148.388301][ T5782] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 148.538687][ T5782] 8021q: adding VLAN 0 to HW filter on device bond0
[ 148.579528][ T5782] 8021q: adding VLAN 0 to HW filter on device team0
[ 148.607666][ T54] bridge0: port 1(bridge_slave_0) entered blocking state
[ 148.610860][ T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 148.615433][ T54] bridge0: port 2(bridge_slave_1) entered blocking state
[ 148.618756][ T54] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 148.978567][ T5782] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 149.056893][ T4666] Bluetooth: hci0: command tx timeout
[ 149.061060][ T5782] veth0_vlan: entered promiscuous mode
[ 149.082813][ T5782] veth1_vlan: entered promiscuous mode
[ 149.140124][ T5782] veth0_macvtap: entered promiscuous mode
[ 149.149917][ T5782] veth1_macvtap: entered promiscuous mode
[ 149.187736][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 149.198474][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 149.220959][ T54] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 149.225207][ T54] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 149.253322][ T54] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 149.268495][ T54] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 149.358936][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 149.362486][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 149.429135][ T54] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 149.433646][ T54] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 149.543668][ T5836] loop0: detected capacity change from 0 to 1024
[ 149.566734][ T5836] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 149.579919][ T5836] EXT4-fs (loop0): stripe (7) is not aligned with cluster size (16), stripe is disabled
[ 149.629341][ T5836] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 149.664212][ T5836] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[ 149.718236][ T5836] loop0: detected capacity change from 1024 to 767
[ 149.771477][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 149.884242][ T5844] loop0: detected capacity change from 0 to 1024
[ 149.920896][ T5844] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 149.923876][ T5844] EXT4-fs (loop0): stripe (7) is not aligned with cluster size (16), stripe is disabled
[ 149.967186][ T5844] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 150.038596][ T5844] loop0: detected capacity change from 1024 to 767
[ 150.087759][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 150.173755][ T5850] loop0: detected capacity change from 0 to 1024
[ 150.199521][ T5850] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 150.202699][ T5850] EXT4-fs (loop0): stripe (7) is not aligned with cluster size (16), stripe is disabled
[ 150.255499][ T5850] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 150.316965][ T5850] loop0: detected capacity change from 1024 to 767
[ 150.333710][ T5850] ==================================================================
[ 150.337307][ T5850] BUG: KASAN: slab-use-after-free in ext4_search_dir+0xf1/0x1b0
[ 150.340667][ T5850] Read of size 1 at addr ffff88801fdd083b by task syz.0.19/5850
[ 150.344811][ T5850]
[ 150.345925][ T5850] CPU: 0 UID: 0 PID: 5850 Comm: syz.0.19 Not tainted syzkaller #0 PREEMPT(full)
[ 150.345939][ T5850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 150.345946][ T5850] Call Trace:
[ 150.345952][ T5850]
[ 150.345958][ T5850] dump_stack_lvl+0x189/0x250
[ 150.345977][ T5850] ? __virt_addr_valid+0x1c8/0x5c0
[ 150.345990][ T5850] ? rcu_is_watching+0x15/0xb0
[ 150.346005][ T5850] ? __pfx_dump_stack_lvl+0x10/0x10
[ 150.346015][ T5850] ? rcu_is_watching+0x15/0xb0
[ 150.346029][ T5850] ? lock_release+0x4b/0x3e0
[ 150.346042][ T5850] ? _raw_spin_lock_irqsave+0xb3/0xf0
[ 150.346102][ T5850] ? __virt_addr_valid+0x1c8/0x5c0
[ 150.346113][ T5850] ? __virt_addr_valid+0x4a5/0x5c0
[ 150.346125][ T5850] print_report+0xca/0x240
[ 150.346139][ T5850] ? ext4_search_dir+0xf1/0x1b0
[ 150.346153][ T5850] kasan_report+0x118/0x150
[ 150.346167][ T5850] ? ext4_search_dir+0xf1/0x1b0
[ 150.346183][ T5850] ext4_search_dir+0xf1/0x1b0
[ 150.346227][ T5850] ext4_find_inline_entry+0x492/0x5f0
[ 150.346245][ T5850] ? __pfx_ext4_find_inline_entry+0x10/0x10
[ 150.346262][ T5850] ? kasan_quarantine_put+0xdd/0x220
[ 150.346277][ T5850] ? lockdep_hardirqs_on+0x9c/0x150
[ 150.346298][ T5850] __ext4_find_entry+0x2fd/0x1f20
[ 150.346314][ T5850] ? __pfx___ext4_find_entry+0x10/0x10
[ 150.346325][ T5850] ? ext4_fname_prepare_lookup+0x3b8/0x4c0
[ 150.346342][ T5850] ext4_lookup+0x13d/0x6c0
[ 150.346358][ T5850] ? apparmor_path_mknod+0x1b1/0x230
[ 150.346373][ T5850] ? __pfx_ext4_lookup+0x10/0x10
[ 150.346392][ T5850] ? inode_permission+0x149/0x470
[ 150.346403][ T5850] ? bpf_lsm_path_mknod+0x9/0x20
[ 150.346414][ T5850] ? bpf_lsm_inode_create+0x9/0x20
[ 150.346426][ T5850] path_openat+0x1101/0x3830
[ 150.346449][ T5850] ? __pfx_path_openat+0x10/0x10
[ 150.346469][ T5850] do_filp_open+0x1fa/0x410
[ 150.346482][ T5850] ? __lock_acquire+0xab9/0xd20
[ 150.346496][ T5850] ? __pfx_do_filp_open+0x10/0x10
[ 150.346517][ T5850] ? _raw_spin_unlock+0x28/0x50
[ 150.346531][ T5850] ? alloc_fd+0x64c/0x6c0
[ 150.346544][ T5850] do_sys_openat2+0x121/0x1c0
[ 150.346559][ T5850] ? __pfx_do_sys_openat2+0x10/0x10
[ 150.346574][ T5850] ? rcu_is_watching+0x15/0xb0
[ 150.346590][ T5850] __x64_sys_openat+0x138/0x170
[ 150.346605][ T5850] do_syscall_64+0xfa/0xfa0
[ 150.346615][ T5850] ? lockdep_hardirqs_on+0x9c/0x150
[ 150.346630][ T5850] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 150.346641][ T5850] ? clear_bhb_loop+0x60/0xb0
[ 150.346653][ T5850] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 150.346665][ T5850] RIP: 0033:0x7f2fc9d8eec9
[ 150.346676][ T5850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 150.346685][ T5850] RSP: 002b:00007f2fcac71038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 150.346699][ T5850] RAX: ffffffffffffffda RBX: 00007f2fc9fe5fa0 RCX: 00007f2fc9d8eec9
[ 150.346707][ T5850] RDX: 0000000000000042 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 150.346715][ T5850] RBP: 00007f2fc9e11f91 R08: 0000000000000000 R09: 0000000000000000
[ 150.346721][ T5850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 150.346728][ T5850] R13: 00007f2fc9fe6038 R14: 00007f2fc9fe5fa0 R15: 00007ffdf40cf608
[ 150.346740][ T5850]
[ 150.346745][ T5850]
[ 150.485654][ T5850] Allocated by task 5832:
[ 150.487508][ T5850] kasan_save_track+0x3e/0x80
[ 150.489567][ T5850] __kasan_slab_alloc+0x6c/0x80
[ 150.491738][ T5850] kmem_cache_alloc_noprof+0x367/0x6e0
[ 150.494092][ T5850] getname_flags+0xb8/0x540
[ 150.496153][ T5850] do_sys_openat2+0xbc/0x1c0
[ 150.498284][ T5850] __x64_sys_openat+0x138/0x170
[ 150.500490][ T5850] do_syscall_64+0xfa/0xfa0
[ 150.502541][ T5850] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 150.505152][ T5850]
[ 150.506290][ T5850] Freed by task 5832:
[ 150.508087][ T5850] kasan_save_track+0x3e/0x80
[ 150.510237][ T5850] __kasan_save_free_info+0x46/0x50
[ 150.512532][ T5850] __kasan_slab_free+0x5c/0x80
[ 150.514607][ T5850] kmem_cache_free+0x19b/0x690
[ 150.516792][ T5850] do_sys_openat2+0x154/0x1c0
[ 150.518905][ T5850] __x64_sys_openat+0x138/0x170
[ 150.521071][ T5850] do_syscall_64+0xfa/0xfa0
[ 150.523089][ T5850] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 150.525607][ T5850]
[ 150.526702][ T5850] The buggy address belongs to the object at ffff88801fdd0000
[ 150.526702][ T5850] which belongs to the cache names_cache of size 4096
[ 150.532788][ T5850] The buggy address is located 2107 bytes inside of
[ 150.532788][ T5850] freed 4096-byte region [ffff88801fdd0000, ffff88801fdd1000)
[ 150.538867][ T5850]
[ 150.539918][ T5850] The buggy address belongs to the physical page:
[ 150.542756][ T5850] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1fdd0
[ 150.546587][ T5850] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 150.550316][ T5850] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 150.553621][ T5850] page_type: f5(slab)
[ 150.555402][ T5850] raw: 00fff00000000040 ffff888030409640 ffffea0000472200 dead000000000002
[ 150.559098][ T5850] raw: 0000000000000000 0000000000070007 00000000f5000000 0000000000000000
[ 150.562789][ T5850] head: 00fff00000000040 ffff888030409640 ffffea0000472200 dead000000000002
[ 150.566555][ T5850] head: 0000000000000000 0000000000070007 00000000f5000000 0000000000000000
[ 150.570233][ T5850] head: 00fff00000000003 ffffea00007f7401 00000000ffffffff 00000000ffffffff
[ 150.573925][ T5850] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 150.577639][ T5850] page dumped because: kasan: bad access detected
[ 150.580400][ T5850] page_owner tracks the page as allocated
[ 150.582830][ T5850] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5769, tgid 5769 (syz-executor), ts 146604182356, free_ts 146603343223
[ 150.592017][ T5850] post_alloc_hook+0x240/0x2a0
[ 150.594067][ T5850] get_page_from_freelist+0x2365/0x2440
[ 150.596521][ T5850] __alloc_frozen_pages_noprof+0x181/0x370
[ 150.599020][ T5850] alloc_pages_mpol+0x232/0x4a0
[ 150.601146][ T5850] allocate_slab+0x96/0x3a0
[ 150.603140][ T5850] ___slab_alloc+0xe94/0x18a0
[ 150.605204][ T5850] __slab_alloc+0x65/0x100
[ 150.607224][ T5850] kmem_cache_alloc_noprof+0x3f9/0x6e0
[ 150.609607][ T5850] getname_flags+0xb8/0x540
[ 150.611634][ T5850] vfs_fstatat+0x43/0x170
[ 150.613509][ T5850] __x64_sys_newfstatat+0x116/0x190
[ 150.615792][ T5850] do_syscall_64+0xfa/0xfa0
[ 150.617866][ T5850] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 150.620512][ T5850] page last free pid 5769 tgid 5769 stack trace:
[ 150.623231][ T5850] __free_frozen_pages+0xbc4/0xd30
[ 150.625510][ T5850] __slab_free+0x2e7/0x390
[ 150.627605][ T5850] qlist_free_all+0x97/0x140
[ 150.629683][ T5850] kasan_quarantine_reduce+0x148/0x160
[ 150.632121][ T5850] __kasan_slab_alloc+0x22/0x80
[ 150.634301][ T5850] kmem_cache_alloc_noprof+0x367/0x6e0
[ 150.636652][ T5850] getname_flags+0xb8/0x540
[ 150.638636][ T5850] vfs_fstatat+0x43/0x170
[ 150.640489][ T5850] __x64_sys_newfstatat+0x116/0x190
[ 150.642738][ T5850] do_syscall_64+0xfa/0xfa0
[ 150.644724][ T5850] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 150.647379][ T5850]
[ 150.648440][ T5850] Memory state around the buggy address:
[ 150.650951][ T5850] ffff88801fdd0700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 150.654410][ T5850] ffff88801fdd0780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 150.657813][ T5850] >ffff88801fdd0800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 150.661357][ T5850] ^
[ 150.664006][ T5850] ffff88801fdd0880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 150.667582][ T5850] ffff88801fdd0900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 150.671113][ T5850] ==================================================================
[ 150.860447][ T5850] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 150.863584][ T5850] CPU: 0 UID: 0 PID: 5850 Comm: syz.0.19 Not tainted syzkaller #0 PREEMPT(full)
[ 150.867423][ T5850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 150.871884][ T5850] Call Trace:
[ 150.873351][ T5850]
[ 150.874678][ T5850] dump_stack_lvl+0x99/0x250
[ 150.876719][ T5850] ? __asan_memcpy+0x40/0x70
[ 150.878754][ T5850] ? __pfx_dump_stack_lvl+0x10/0x10
[ 150.880951][ T5850] ? __pfx__printk+0x10/0x10
[ 150.882919][ T5850] vpanic+0x237/0x6d0
[ 150.884707][ T5850] ? __pfx_vpanic+0x10/0x10
[ 150.886710][ T5850] ? preempt_schedule+0xae/0xc0
[ 150.888784][ T5850] ? __pfx_preempt_schedule+0x10/0x10
[ 150.891089][ T5850] panic+0xb9/0xc0
[ 150.892779][ T5850] ? __pfx_panic+0x10/0x10
[ 150.894716][ T5850] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 150.897302][ T5850] ? is_module_address+0x17/0xf0
[ 150.899355][ T5850] ? ext4_search_dir+0xf1/0x1b0
[ 150.901347][ T5850] check_panic_on_warn+0x89/0xb0
[ 150.903469][ T5850] ? ext4_search_dir+0xf1/0x1b0
[ 150.905609][ T5850] end_report+0x78/0x160
[ 150.907505][ T5850] kasan_report+0x129/0x150
[ 150.909441][ T5850] ? ext4_search_dir+0xf1/0x1b0
[ 150.911565][ T5850] ext4_search_dir+0xf1/0x1b0
[ 150.913561][ T5850] ext4_find_inline_entry+0x492/0x5f0
[ 150.915961][ T5850] ? __pfx_ext4_find_inline_entry+0x10/0x10
[ 150.918754][ T5850] ? kasan_quarantine_put+0xdd/0x220
[ 150.921057][ T5850] ? lockdep_hardirqs_on+0x9c/0x150
[ 150.923309][ T5850] __ext4_find_entry+0x2fd/0x1f20
[ 150.925525][ T5850] ? __pfx___ext4_find_entry+0x10/0x10
[ 150.927949][ T5850] ? ext4_fname_prepare_lookup+0x3b8/0x4c0
[ 150.930432][ T5850] ext4_lookup+0x13d/0x6c0
[ 150.932359][ T5850] ? apparmor_path_mknod+0x1b1/0x230
[ 150.934645][ T5850] ? __pfx_ext4_lookup+0x10/0x10
[ 150.936734][ T5850] ? inode_permission+0x149/0x470
[ 150.938913][ T5850] ? bpf_lsm_path_mknod+0x9/0x20
[ 150.941023][ T5850] ? bpf_lsm_inode_create+0x9/0x20
[ 150.943297][ T5850] path_openat+0x1101/0x3830
[ 150.945396][ T5850] ? __pfx_path_openat+0x10/0x10
[ 150.947693][ T5850] do_filp_open+0x1fa/0x410
[ 150.949726][ T5850] ? __lock_acquire+0xab9/0xd20
[ 150.951837][ T5850] ? __pfx_do_filp_open+0x10/0x10
[ 150.953937][ T5850] ? _raw_spin_unlock+0x28/0x50
[ 150.956072][ T5850] ? alloc_fd+0x64c/0x6c0
[ 150.957964][ T5850] do_sys_openat2+0x121/0x1c0
[ 150.959982][ T5850] ? __pfx_do_sys_openat2+0x10/0x10
[ 150.962174][ T5850] ? rcu_is_watching+0x15/0xb0
[ 150.964394][ T5850] __x64_sys_openat+0x138/0x170
[ 150.967044][ T5850] do_syscall_64+0xfa/0xfa0
[ 150.969530][ T5850] ? lockdep_hardirqs_on+0x9c/0x150
[ 150.972337][ T5850] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 150.975566][ T5850] ? clear_bhb_loop+0x60/0xb0
[ 150.978169][ T5850] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 150.980952][ T5850] RIP: 0033:0x7f2fc9d8eec9
[ 150.982923][ T5850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 150.991266][ T5850] RSP: 002b:00007f2fcac71038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 150.995026][ T5850] RAX: ffffffffffffffda RBX: 00007f2fc9fe5fa0 RCX: 00007f2fc9d8eec9
[ 150.998520][ T5850] RDX: 0000000000000042 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 151.001865][ T5850] RBP: 00007f2fc9e11f91 R08: 0000000000000000 R09: 0000000000000000
[ 151.005282][ T5850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 151.008665][ T5850] R13: 00007f2fc9fe6038 R14: 00007f2fc9fe5fa0 R15: 00007ffdf40cf608
[ 151.011841][ T5850]
[ 151.013489][ T5850] Kernel Offset: disabled
[ 151.015373][ T5850] Rebooting in 86400 seconds..