Warning: Permanently added '10.128.0.31' (ED25519) to the list of known hosts. 1970/01/01 00:01:27 ignoring optional flag "sandboxArg"="0" 1970/01/01 00:01:28 parsed 1 programs [ 91.218505][ T4439] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 99.847309][ T4476] chnl_net:caif_netlink_parms(): no params data found [ 99.888662][ T4476] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.890624][ T4476] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.893181][ T4476] device bridge_slave_0 entered promiscuous mode [ 99.897363][ T4476] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.899279][ T4476] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.901870][ T4476] device bridge_slave_1 entered promiscuous mode [ 99.917476][ T4476] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 99.948966][ T4476] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.964526][ T4476] team0: Port device team_slave_0 added [ 99.969354][ T4476] team0: Port device team_slave_1 added [ 99.985025][ T4476] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 99.988492][ T4476] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.995059][ T4476] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 99.999661][ T4476] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 100.001510][ T4476] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.009586][ T4476] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 100.089436][ T4476] device hsr_slave_0 entered promiscuous mode [ 100.127767][ T4476] device hsr_slave_1 entered promiscuous mode [ 100.994724][ T4476] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 101.048938][ T4476] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 101.098122][ T4476] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 101.139302][ T4476] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 101.248690][ T4476] 8021q: adding VLAN 0 to HW filter on device bond0 [ 101.256051][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 101.260373][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 101.265754][ T4476] 8021q: adding VLAN 0 to HW filter on device team0 [ 101.270973][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 101.273794][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 101.276761][ T136] bridge0: port 1(bridge_slave_0) entered blocking state [ 101.278707][ T136] bridge0: port 1(bridge_slave_0) entered forwarding state [ 101.281480][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 101.305236][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 101.309465][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 101.312041][ T334] bridge0: port 2(bridge_slave_1) entered blocking state [ 101.314102][ T334] bridge0: port 2(bridge_slave_1) entered forwarding state [ 101.322942][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 101.327626][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 101.335698][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 101.340558][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 101.343437][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 101.347210][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 101.355513][ T4476] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 101.359121][ T4476] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 101.363059][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 101.367093][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 101.370180][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 101.373225][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 101.375927][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 101.384670][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 101.464485][ T4476] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.469216][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 101.471529][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 101.485451][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 101.492170][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 101.505635][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 101.510780][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 101.535086][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 101.538783][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 101.542955][ T4476] device veth0_vlan entered promiscuous mode [ 101.551825][ T4476] device veth1_vlan entered promiscuous mode [ 101.567819][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 101.570478][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 101.573096][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 101.578259][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 101.583654][ T4476] device veth0_macvtap entered promiscuous mode [ 101.590415][ T4476] device veth1_macvtap entered promiscuous mode [ 101.601180][ T4476] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.603297][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 101.605914][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 101.609609][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 101.612657][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 101.618286][ T4476] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.622860][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 101.627160][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 101.630789][ T4476] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.633187][ T4476] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.635644][ T4476] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.639414][ T4476] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.155991][ T153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.159196][ T153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.162375][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 102.177605][ T153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.180049][ T153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.183257][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:01:42 executed programs: 0 [ 102.874166][ T4639] chnl_net:caif_netlink_parms(): no params data found [ 102.944551][ T4639] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.947973][ T4639] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.950773][ T4639] device bridge_slave_0 entered promiscuous mode [ 102.954513][ T4639] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.959626][ T4639] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.962236][ T4639] device bridge_slave_1 entered promiscuous mode [ 102.992904][ T4639] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 102.999705][ T4639] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 103.018996][ T4639] team0: Port device team_slave_0 added [ 103.023733][ T4639] team0: Port device team_slave_1 added [ 103.042122][ T4639] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.044092][ T4639] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.053355][ T4639] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.061574][ T4639] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.063461][ T4639] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.073404][ T4639] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.148524][ T4639] device hsr_slave_0 entered promiscuous mode [ 103.176464][ T4639] device hsr_slave_1 entered promiscuous mode [ 103.208989][ T4639] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 103.211205][ T4639] Cannot create hsr debugfs directory [ 103.288613][ T4639] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.816358][ T4088] Bluetooth: hci0: command 0x0409 tx timeout [ 106.733026][ T4639] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.897304][ T4136] Bluetooth: hci0: command 0x041b tx timeout [ 107.112473][ T4639] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.204211][ T4639] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.383006][ T4639] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 107.428740][ T4639] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 107.478944][ T4639] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 107.519700][ T4639] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 107.668108][ T4639] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.675091][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 107.677936][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 107.683238][ T4639] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.713632][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 107.720013][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 107.722836][ T334] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.724772][ T334] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.727806][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 107.732884][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 107.735606][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 107.740921][ T334] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.743110][ T334] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.759498][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 107.762506][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 107.767595][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 107.771079][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 107.773879][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 107.781803][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 107.784607][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 107.788852][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 107.791604][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 107.800575][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 107.803357][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 107.827684][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 107.904232][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 107.907149][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 107.914580][ T4639] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.927634][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 107.930539][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 107.943030][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 107.946002][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 107.949835][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 107.952332][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 107.956154][ T4639] device veth0_vlan entered promiscuous mode [ 107.964145][ T4639] device veth1_vlan entered promiscuous mode [ 107.979030][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 107.981854][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 107.984705][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 107.990455][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 107.995100][ T4639] device veth0_macvtap entered promiscuous mode [ 108.000760][ T4639] device veth1_macvtap entered promiscuous mode [ 108.010002][ T4639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 108.012915][ T4639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.017785][ T4639] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.019990][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 108.022796][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 108.025372][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 108.029907][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 108.035097][ T4639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 108.038103][ T4639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.041843][ T4639] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.044115][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 108.047555][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 108.079789][ T4639] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.082166][ T4639] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.084584][ T4639] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.087553][ T4639] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.133701][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.135925][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.140357][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 108.155233][ T334] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.158792][ T334] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.162098][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:01:48 executed programs: 2 [ 108.407420][ T4864] loop0: detected capacity change from 0 to 32768 [ 108.425579][ T4864] [ 108.425579][ T4864] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 108.425579][ T4864] [ 108.433780][ T4864] [ 108.433780][ T4864] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 108.433780][ T4864] [ 108.438469][ T4864] [ 108.438469][ T4864] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 108.438469][ T4864] [ 108.441551][ T4864] [ 108.441551][ T4864] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 108.441551][ T4864] [ 108.444420][ T4864] [ 108.444420][ T4864] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 108.444420][ T4864] [ 108.452001][ T241] [ 108.452001][ T241] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 108.452001][ T241] [ 108.455832][ T4864] ================================================================== [ 108.458210][ T4864] BUG: KASAN: slab-out-of-bounds in diWrite+0x91c/0x1218 [ 108.460257][ T4864] Read of size 32 at addr ffff0000e1fd37f0 by task syz.0.16/4864 [ 108.462345][ T4864] [ 108.462971][ T4864] CPU: 1 PID: 4864 Comm: syz.0.16 Not tainted 5.15.185-syzkaller #0 [ 108.465200][ T4864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 108.468124][ T4864] Call trace: [ 108.469081][ T4864] dump_backtrace+0x0/0x43c [ 108.470386][ T4864] show_stack+0x2c/0x3c [ 108.471548][ T4864] __dump_stack+0x30/0x40 [ 108.472748][ T4864] dump_stack_lvl+0xf8/0x160 [ 108.474083][ T4864] print_address_description+0x78/0x30c [ 108.475668][ T4864] kasan_report+0xec/0x15c [ 108.476905][ T4864] kasan_check_range+0x270/0x2b0 [ 108.478258][ T4864] memcpy+0x90/0xe8 [ 108.479354][ T4864] diWrite+0x91c/0x1218 [ 108.480514][ T4864] txCommit+0x5d4/0x3c1c [ 108.481682][ T4864] add_missing_indices+0x6e4/0xa0c [ 108.483106][ T4864] jfs_readdir+0x1880/0x3024 [ 108.484425][ T4864] iterate_dir+0x1f0/0x4cc [ 108.485659][ T4864] __arm64_sys_getdents64+0x11c/0x340 [ 108.487171][ T4864] invoke_syscall+0x98/0x2b8 [ 108.488462][ T4864] el0_svc_common+0x138/0x258 [ 108.489772][ T4864] do_el0_svc+0x58/0x14c [ 108.491048][ T4864] el0_svc+0x78/0x1e0 [ 108.492141][ T4864] el0t_64_sync_handler+0xcc/0xe4 [ 108.493616][ T4864] el0t_64_sync+0x1a0/0x1a4 [ 108.494821][ T4864] [ 108.495475][ T4864] Allocated by task 0: [ 108.496651][ T4864] (stack is not available) [ 108.497879][ T4864] [ 108.498518][ T4864] The buggy address belongs to the object at ffff0000e1fd3780 [ 108.498518][ T4864] which belongs to the cache jfs_ip of size 2240 [ 108.502428][ T4864] The buggy address is located 112 bytes inside of [ 108.502428][ T4864] 2240-byte region [ffff0000e1fd3780, ffff0000e1fd4040) [ 108.506170][ T4864] The buggy address belongs to the page: [ 108.507720][ T4864] page:00000000e0785abc refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x121fd0 [ 108.510521][ T4864] head:00000000e0785abc order:3 compound_mapcount:0 compound_pincount:0 [ 108.512832][ T4864] memcg:ffff0000ce70a201 [ 108.514070][ T4864] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff) [ 108.516405][ T4864] raw: 05ffc00000010200 0000000000000000 dead000000000122 ffff0000c625ea80 [ 108.518918][ T4864] raw: 0000000000000000 00000000800d000d 00000001ffffffff ffff0000ce70a201 [ 108.521255][ T4864] page dumped because: kasan: bad access detected [ 108.523114][ T4864] [ 108.523724][ T4864] Memory state around the buggy address: [ 108.525303][ T4864] ffff0000e1fd3680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 108.527583][ T4864] ffff0000e1fd3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 108.529941][ T4864] >ffff0000e1fd3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 108.532304][ T4864] ^ [ 108.534566][ T4864] ffff0000e1fd3800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 108.536796][ T4864] ffff0000e1fd3880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 108.539096][ T4864] ================================================================== [ 108.541299][ T4864] Disabling lock debugging due to kernel taint [ 108.544443][ T4864] [ 108.544443][ T4864] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 108.544443][ T4864] [ 108.547284][ T4864] [ 108.547284][ T4864] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 108.547284][ T4864] [ 108.550189][ T4864] [ 108.550189][ T4864] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 108.550189][ T4864] [ 108.553190][ T4864] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 0 [ 108.553190][ T4864] [ 108.553440][ T241] [ 108.553440][ T241] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 108.553440][ T241] [ 108.556617][ T4864] ERROR: (device loop0): remounting filesystem as read-only [ 108.561204][ T4864] JFS: Invalid stbl[1] = -128 for inode 2, block = 0 [ 108.785850][ T4866] loop0: detected capacity change from 0 to 32768 [ 108.878944][ T4866] [ 108.878944][ T4866] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 108.878944][ T4866] [ 108.883097][ T4866] [ 108.883097][ T4866] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 108.883097][ T4866] [ 108.886027][ T4866] [ 108.886027][ T4866] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 108.886027][ T4866] [ 108.889868][ T4866] [ 108.889868][ T4866] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 108.889868][ T4866] [ 108.892809][ T4866] [ 108.892809][ T4866] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 108.892809][ T4866] [ 108.896429][ T241] [ 108.896429][ T241] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 108.896429][ T241] [ 108.901102][ T4866] [ 108.901102][ T4866] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 108.901102][ T4866] [ 108.904018][ T4866] [ 108.904018][ T4866] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 108.904018][ T4866] [ 108.906970][ T4866] [ 108.906970][ T4866] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 108.906970][ T4866] [ 108.909912][ T4866] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 0 [ 108.909912][ T4866] [ 108.910228][ T240] [ 108.910228][ T240] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 108.910228][ T240] [ 108.916193][ T4866] ERROR: (device loop0): remounting filesystem as read-only [ 108.918255][ T4866] JFS: Invalid stbl[1] = -128 for inode 2, block = 0 [ 108.976625][ T1959] Bluetooth: hci0: command 0x040f tx timeout [ 109.155542][ T4868] loop0: detected capacity change from 0 to 32768 [ 109.211742][ T4868] [ 109.211742][ T4868] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 109.211742][ T4868] [ 109.221395][ T4868] [ 109.221395][ T4868] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 109.221395][ T4868] [ 109.224939][ T4868] [ 109.224939][ T4868] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 109.224939][ T4868] [ 109.229247][ T4868] [ 109.229247][ T4868] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 109.229247][ T4868] [ 109.232067][ T4868] [ 109.232067][ T4868] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 109.232067][ T4868] [ 109.235490][ T240] [ 109.235490][ T240] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 109.235490][ T240] [ 109.243014][ T4868] [ 109.243014][ T4868] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 109.243014][ T4868] [ 109.245859][ T4868] [ 109.245859][ T4868] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 109.245859][ T4868] [ 109.249426][ T4868] [ 109.249426][ T4868] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 109.249426][ T4868] [ 109.252452][ T4868] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 0 [ 109.252452][ T4868] [ 109.252705][ T240] [ 109.252705][ T240] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 109.252705][ T240] [ 109.255804][ T4868] ERROR: (device loop0): remounting filesystem as read-only [ 109.260512][ T4868] JFS: Invalid stbl[1] = -128 for inode 2, block = 0 [ 109.490522][ T4870] loop0: detected capacity change from 0 to 32768 [ 109.548864][ T4870] [ 109.548864][ T4870] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 109.548864][ T4870] [ 109.553667][ T4870] [ 109.553667][ T4870] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 109.553667][ T4870] [ 109.557290][ T4870] [ 109.557290][ T4870] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 109.557290][ T4870] [ 109.560249][ T4870] [ 109.560249][ T4870] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 109.560249][ T4870] [ 109.563111][ T4870] [ 109.563111][ T4870] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 109.563111][ T4870] [ 109.568326][ T240] [ 109.568326][ T240] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 109.568326][ T240] [ 109.571799][ T4870] [ 109.571799][ T4870] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 109.571799][ T4870] [ 109.574603][ T4870] [ 109.574603][ T4870] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 109.574603][ T4870] [ 109.577555][ T4870] [ 109.577555][ T4870] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 109.577555][ T4870] [ 109.580690][ T4870] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 0 [ 109.580690][ T4870] [ 109.580821][ T241] [ 109.580821][ T241] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 109.580821][ T241] [ 109.584052][ T4870] ERROR: (device loop0): remounting filesystem as read-only [ 109.591016][ T4870] JFS: Invalid stbl[1] = -128 for inode 2, block = 0 [ 109.613108][ T4871] Unable to handle kernel paging request at virtual address dfff800120000006 [ 109.615724][ T4871] Mem abort info: [ 109.618634][ T4871] ESR = 0x0000000096000005 [ 109.619922][ T4871] EC = 0x25: DABT (current EL), IL = 32 bits [ 109.621604][ T4871] SET = 0, FnV = 0 [ 109.622664][ T4871] EA = 0, S1PTW = 0 [ 109.623836][ T4871] FSC = 0x05: level 1 translation fault [ 109.625540][ T4871] Data abort info: [ 109.627097][ T4871] ISV = 0, ISS = 0x00000005 [ 109.628350][ T4871] CM = 0, WnR = 0 [ 109.629322][ T4871] [dfff800120000006] address between user and kernel address ranges [ 109.631567][ T4871] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP [ 109.633534][ T4871] Modules linked in: [ 109.634622][ T4871] CPU: 1 PID: 4871 Comm: udevd Tainted: G B 5.15.185-syzkaller #0 [ 109.637147][ T4871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 109.639890][ T4871] pstate: a0400005 (NzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 109.642089][ T4871] pc : find_get_entry+0xcc/0x254 [ 109.643501][ T4871] lr : find_get_entry+0xc8/0x254 [ 109.644890][ T4871] sp : ffff80001f3d7540 [ 109.646041][ T4871] x29: ffff80001f3d7540 x28: 1ffff00003e7aec3 x27: dfff800000000000 [ 109.648196][ T4871] x26: 0000000000000041 x25: 0000000900000034 x24: 0000000900000000 [ 109.650497][ T4871] x23: ffff8000143b4c30 x22: ffff80001f3d7618 x21: ffff80001f3d7600 [ 109.652818][ T4871] x20: fffffffffffffffe x19: 0000000000000008 x18: 0000000000000000 [ 109.654996][ T4871] x17: 0000000000000000 x16: ffff80000867a5b4 x15: 0000000000000406 [ 109.657244][ T4871] x14: 0000000000ff0100 x13: ffffffffffffffff x12: 0000000000ff0100 [ 109.659432][ T4871] x11: 0000000000000000 x10: 0000000000000000 x9 : ffff80001ae153d0 [ 109.661708][ T4871] x8 : 0000000120000006 x7 : 0000000000000000 x6 : ffff8000086847b4 [ 109.663882][ T4871] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff80000867a5e8 [ 109.666144][ T4871] x2 : 0000000000000001 x1 : 0000000000000004 x0 : 0000000000000001 [ 109.668368][ T4871] Call trace: [ 109.669391][ T4871] find_get_entry+0xcc/0x254 [ 109.670648][ T4871] find_lock_entries+0x4ec/0x828 [ 109.671983][ T4871] truncate_inode_pages_range+0x160/0x9b8 [ 109.673541][ T4871] truncate_inode_pages+0x2c/0x3c [ 109.674931][ T4871] blkdev_flush_mapping+0x174/0x31c [ 109.676361][ T4871] blkdev_put+0x490/0x6ac [ 109.677581][ T4871] blkdev_close+0x74/0xb0 [ 109.678758][ T4871] __fput+0x1c0/0x7f8 [ 109.679822][ T4871] ____fput+0x20/0x30 [ 109.680897][ T4871] task_work_run+0x12c/0x1e0 [ 109.682145][ T4871] do_notify_resume+0x24b4/0x3128 [ 109.683540][ T4871] el0_svc+0xf0/0x1e0 [ 109.684564][ T4871] el0t_64_sync_handler+0xcc/0xe4 [ 109.685951][ T4871] el0t_64_sync+0x1a0/0x1a4 [ 109.687239][ T4871] Code: 52800081 aa1903e0 940748bf d343ff28 (38fb6908) [ 109.689071][ T4871] ---[ end trace 06bafb644443c1c0 ]--- [ 110.136688][ T4871] Kernel panic - not syncing: Oops: Fatal exception [ 110.138609][ T4871] SMP: stopping secondary CPUs [ 110.140058][ T4871] Kernel Offset: disabled [ 110.141334][ T4871] CPU features: 0x8,000081c1,21302e40 [ 110.142860][ T4871] Memory Limit: none [ 110.539439][ T4871] Rebooting in 86400 seconds..