Warning: Permanently added '10.128.0.242' (ED25519) to the list of known hosts.
2026/03/23 16:42:25 parsed 1 programs
[ 89.583553][ T4634] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 92.259203][ T4345] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 92.270564][ T4345] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 92.286537][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 92.300340][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 92.308852][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 92.316674][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 93.074369][ T4696] chnl_net:caif_netlink_parms(): no params data found
[ 93.117628][ T4696] bridge0: port 1(bridge_slave_0) entered blocking state
[ 93.124951][ T4696] bridge0: port 1(bridge_slave_0) entered disabled state
[ 93.133078][ T4696] device bridge_slave_0 entered promiscuous mode
[ 93.141029][ T4696] bridge0: port 2(bridge_slave_1) entered blocking state
[ 93.148736][ T4696] bridge0: port 2(bridge_slave_1) entered disabled state
[ 93.156445][ T4696] device bridge_slave_1 entered promiscuous mode
[ 93.174403][ T4696] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 93.185025][ T4696] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 93.211901][ T4696] team0: Port device team_slave_0 added
[ 93.218853][ T4696] team0: Port device team_slave_1 added
[ 93.234790][ T4696] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 93.241920][ T4696] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 93.268300][ T4696] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 93.282406][ T4696] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 93.289368][ T4696] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 93.315587][ T4696] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 93.358918][ T4696] device hsr_slave_0 entered promiscuous mode
[ 93.365619][ T4696] device hsr_slave_1 entered promiscuous mode
[ 93.898214][ T4696] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 93.907590][ T4696] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 93.920360][ T4696] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 93.949255][ T4696] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 94.028848][ T4696] 8021q: adding VLAN 0 to HW filter on device bond0
[ 94.077612][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 94.087617][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 94.099004][ T4696] 8021q: adding VLAN 0 to HW filter on device team0
[ 94.109648][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 94.121775][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 94.130215][ T144] bridge0: port 1(bridge_slave_0) entered blocking state
[ 94.137312][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 94.162961][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 94.171195][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 94.180557][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 94.190874][ T144] bridge0: port 2(bridge_slave_1) entered blocking state
[ 94.197997][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 94.210445][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 94.219418][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 94.245853][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 94.256800][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 94.265695][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 94.275773][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 94.285429][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 94.294086][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 94.329732][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 94.489856][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 94.500809][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 94.524039][ T4696] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 94.547491][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 94.558712][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 94.583771][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 94.592465][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 94.603791][ T4696] device veth0_vlan entered promiscuous mode
[ 94.610382][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 94.622097][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 94.635621][ T4696] device veth1_vlan entered promiscuous mode
[ 94.658160][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 94.667953][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 94.678575][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 94.687711][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 94.701058][ T4696] device veth0_macvtap entered promiscuous mode
[ 94.713472][ T4696] device veth1_macvtap entered promiscuous mode
[ 94.729289][ T4696] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 94.739216][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 94.748231][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 94.757838][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 94.768601][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 94.783608][ T4696] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 94.794242][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 94.804008][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 94.815542][ T4696] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 94.824687][ T4696] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 94.835479][ T4696] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 94.844683][ T4696] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2026/03/23 16:42:34 executed programs: 0
[ 95.937045][ T4798] chnl_net:caif_netlink_parms(): no params data found
[ 96.061913][ T4798] bridge0: port 1(bridge_slave_0) entered blocking state
[ 96.084261][ T4798] bridge0: port 1(bridge_slave_0) entered disabled state
[ 96.094809][ T4798] device bridge_slave_0 entered promiscuous mode
[ 96.104701][ T4798] bridge0: port 2(bridge_slave_1) entered blocking state
[ 96.114284][ T4798] bridge0: port 2(bridge_slave_1) entered disabled state
[ 96.123231][ T4798] device bridge_slave_1 entered promiscuous mode
[ 96.170470][ T4798] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 96.195049][ T4798] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 96.260196][ T4798] team0: Port device team_slave_0 added
[ 96.276211][ T4798] team0: Port device team_slave_1 added
[ 96.322774][ T4798] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 96.329742][ T4798] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 96.364395][ T4798] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 96.381825][ T4798] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 96.388773][ T4798] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 96.415184][ T4798] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 96.457869][ T4798] device hsr_slave_0 entered promiscuous mode
[ 96.464986][ T4798] device hsr_slave_1 entered promiscuous mode
[ 96.471738][ T4798] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 96.479304][ T4798] Cannot create hsr debugfs directory
[ 96.614109][ T4798] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 97.731549][ T4311] Bluetooth: hci0: command 0x0409 tx timeout
[ 99.812637][ T4238] Bluetooth: hci0: command 0x041b tx timeout
[ 99.908398][ T4798] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 99.957942][ T4798] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 99.999199][ T4798] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 100.068546][ T4798] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 100.078631][ T4798] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 100.088117][ T4798] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 100.097867][ T4798] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 100.150378][ T4798] 8021q: adding VLAN 0 to HW filter on device bond0
[ 100.165116][ T4798] 8021q: adding VLAN 0 to HW filter on device team0
[ 100.172134][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 100.179833][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 100.198121][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 100.206952][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 100.215774][ T154] bridge0: port 1(bridge_slave_0) entered blocking state
[ 100.223127][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 100.249492][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 100.257521][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 100.266535][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 100.275654][ T154] bridge0: port 2(bridge_slave_1) entered blocking state
[ 100.282744][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 100.292374][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 100.300928][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 100.309656][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 100.318508][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 100.327158][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 100.336660][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 100.345126][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 100.353623][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 100.361985][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 100.374616][ T4798] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 100.387488][ T4798] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 100.396836][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 100.405635][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 100.499528][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 100.507134][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 100.518743][ T4798] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 100.546188][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 100.555307][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 100.572584][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 100.580889][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 100.590074][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 100.598048][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 100.618992][ T4798] device veth0_vlan entered promiscuous mode
[ 100.629282][ T4798] device veth1_vlan entered promiscuous mode
[ 100.645835][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 100.654228][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 100.664150][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 100.672585][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 100.683021][ T4798] device veth0_macvtap entered promiscuous mode
[ 100.695485][ T299] device hsr_slave_0 left promiscuous mode
[ 100.701892][ T299] device hsr_slave_1 left promiscuous mode
[ 100.708202][ T299] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 100.715915][ T299] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 100.725024][ T299] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 100.732558][ T299] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 100.740058][ T299] device bridge_slave_1 left promiscuous mode
[ 100.746335][ T299] bridge0: port 2(bridge_slave_1) entered disabled state
[ 100.754863][ T299] device bridge_slave_0 left promiscuous mode
[ 100.761018][ T299] bridge0: port 1(bridge_slave_0) entered disabled state
[ 100.771779][ T299] device veth1_macvtap left promiscuous mode
[ 100.777777][ T299] device veth0_macvtap left promiscuous mode
[ 100.784176][ T299] device veth1_vlan left promiscuous mode
[ 100.789936][ T299] device veth0_vlan left promiscuous mode
[ 100.910053][ T299] team0 (unregistering): Port device team_slave_1 removed
[ 100.921119][ T299] team0 (unregistering): Port device team_slave_0 removed
[ 100.938107][ T299] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 100.951188][ T299] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 100.997646][ T299] bond0 (unregistering): Released all slaves
[ 101.038792][ T4798] device veth1_macvtap entered promiscuous mode
[ 101.057808][ T4798] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 101.065290][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 101.073977][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 101.082555][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 101.091025][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 101.107042][ T4798] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 101.114572][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 101.126537][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 101.137660][ T4798] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.147308][ T4798] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.156393][ T4798] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.165400][ T4798] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.212901][ T4345] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 101.220775][ T4345] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 101.229475][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
2026/03/23 16:42:40 executed programs: 2
[ 101.265108][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 101.273177][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 101.280884][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 101.336851][ T5068] loop0: detected capacity change from 0 to 128
[ 101.430538][ T5068] attempt to access beyond end of device
[ 101.430538][ T5068] loop0: rw=0, want=6491538, limit=128
[ 101.462059][ T5068] Buffer I/O error on dev loop0, logical block 3245768, async page read
[ 101.471169][ T5068] ==================================================================
[ 101.479411][ T5068] BUG: KASAN: use-after-free in sysv_new_inode+0x1130/0x12c0
[ 101.486811][ T5068] Read of size 2 at addr ffff88806b5611ce by task syz.0.17/5068
[ 101.494441][ T5068]
[ 101.496774][ T5068] CPU: 0 PID: 5068 Comm: syz.0.17 Not tainted syzkaller #0
[ 101.503966][ T5068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 101.514024][ T5068] Call Trace:
[ 101.517301][ T5068]
[ 101.520232][ T5068] dump_stack_lvl+0x188/0x250
[ 101.524915][ T5068] ? show_regs_print_info+0x20/0x20
[ 101.530126][ T5068] ? load_image+0x400/0x400
[ 101.534628][ T5068] ? _raw_spin_lock_irqsave+0xbc/0x100
[ 101.540088][ T5068] ? mutex_lock_io_nested+0x60/0x60
[ 101.545287][ T5068] print_address_description+0x60/0x2d0
[ 101.550833][ T5068] ? sysv_new_inode+0x1130/0x12c0
[ 101.555850][ T5068] kasan_report+0xdf/0x130
[ 101.560279][ T5068] ? sysv_new_inode+0x1130/0x12c0
[ 101.565302][ T5068] sysv_new_inode+0x1130/0x12c0
[ 101.570158][ T5068] ? from_kgid+0x169/0x690
[ 101.574592][ T5068] ? make_kgid+0x660/0x660
[ 101.579013][ T5068] ? sysv_free_inode+0x7e0/0x7e0
[ 101.583960][ T5068] ? generic_permission+0x292/0x510
[ 101.589161][ T5068] sysv_symlink+0x9b/0x150
[ 101.593584][ T5068] vfs_symlink+0x247/0x3d0
[ 101.598003][ T5068] do_symlinkat+0x1ab/0x6b0
[ 101.602506][ T5068] ? vfs_symlink+0x3d0/0x3d0
[ 101.607098][ T5068] ? getname_flags+0x1fe/0x500
[ 101.611859][ T5068] __x64_sys_symlink+0x7a/0x90
[ 101.616722][ T5068] do_syscall_64+0x4c/0xa0
[ 101.621132][ T5068] ? clear_bhb_loop+0x30/0x80
[ 101.625815][ T5068] ? clear_bhb_loop+0x30/0x80
[ 101.630492][ T5068] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 101.636390][ T5068] RIP: 0033:0x7f9317e74379
[ 101.640802][ T5068] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 101.660400][ T5068] RSP: 002b:00007f93174d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[ 101.668824][ T5068] RAX: ffffffffffffffda RBX: 00007f93180bffa0 RCX: 00007f9317e74379
[ 101.676795][ T5068] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000200000000100
[ 101.684765][ T5068] RBP: 00007f9317f07d68 R08: 0000000000000000 R09: 0000000000000000
[ 101.692739][ T5068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 101.700705][ T5068] R13: 00007f93180c0038 R14: 00007f93180bffa0 R15: 00007ffca1c47948
[ 101.708721][ T5068]
[ 101.711732][ T5068]
[ 101.714049][ T5068] The buggy address belongs to the page:
[ 101.719676][ T5068] page:ffffea0001ad5840 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6b561
[ 101.729823][ T5068] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 101.736943][ T5068] raw: 00fff00000000000 ffffea0001ad5948 ffffea0001ae2248 0000000000000000
[ 101.745523][ T5068] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[ 101.754092][ T5068] page dumped because: kasan: bad access detected
[ 101.760494][ T5068] page_owner tracks the page as freed
[ 101.765848][ T5068] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), pid 5066, ts 100486072721, free_ts 100495104720
[ 101.781555][ T5068] get_page_from_freelist+0x1bbd/0x1ca0
[ 101.787103][ T5068] __alloc_pages+0x1ee/0x480
[ 101.791686][ T5068] alloc_pages_vma+0x393/0x7c0
[ 101.796444][ T5068] handle_mm_fault+0x23be/0x4410
[ 101.801375][ T5068] do_user_addr_fault+0x489/0xc80
[ 101.806397][ T5068] exc_page_fault+0x60/0x100
[ 101.810988][ T5068] asm_exc_page_fault+0x22/0x30
[ 101.815831][ T5068] page last free stack trace:
[ 101.820491][ T5068] free_unref_page_prepare+0x637/0x6c0
[ 101.826037][ T5068] free_unref_page_list+0x119/0x820
[ 101.831240][ T5068] release_pages+0x186c/0x1be0
[ 101.835998][ T5068] tlb_finish_mmu+0x176/0x300
[ 101.840681][ T5068] exit_mmap+0x3d0/0x640
[ 101.844915][ T5068] __mmput+0x115/0x3b0
[ 101.848974][ T5068] exit_mm+0x588/0x6e0
[ 101.853029][ T5068] do_exit+0x5a9/0x20c0
[ 101.857209][ T5068] do_group_exit+0x12e/0x300
[ 101.861789][ T5068] __x64_sys_exit_group+0x3b/0x40
[ 101.866803][ T5068] do_syscall_64+0x4c/0xa0
[ 101.871208][ T5068] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 101.877095][ T5068]
[ 101.879418][ T5068] Memory state around the buggy address:
[ 101.885035][ T5068] ffff88806b561080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 101.893085][ T5068] ffff88806b561100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 101.901132][ T5068] >ffff88806b561180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 101.909183][ T5068] ^
[ 101.915583][ T5068] ffff88806b561200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 101.923635][ T5068] ffff88806b561280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 101.931685][ T5068] ==================================================================
[ 101.939732][ T5068] Disabling lock debugging due to kernel taint
[ 101.948891][ T4243] Bluetooth: hci0: command 0x040f tx timeout
[ 101.958990][ T5068] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 101.966189][ T5068] CPU: 0 PID: 5068 Comm: syz.0.17 Tainted: G B syzkaller #0
[ 101.974764][ T5068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 101.984893][ T5068] Call Trace:
[ 101.988162][ T5068]
[ 101.991081][ T5068] dump_stack_lvl+0x188/0x250
[ 101.995752][ T5068] ? show_regs_print_info+0x20/0x20
[ 102.000942][ T5068] ? load_image+0x400/0x400
[ 102.005440][ T5068] panic+0x2e5/0x810
[ 102.009360][ T5068] ? bpf_jit_dump+0xd0/0xd0
[ 102.013855][ T5068] ? _raw_spin_unlock_irqrestore+0x10d/0x120
[ 102.019826][ T5068] ? _raw_spin_unlock+0x40/0x40
[ 102.024670][ T5068] ? sysv_new_inode+0x1130/0x12c0
[ 102.029745][ T5068] check_panic_on_warn+0x80/0xa0
[ 102.034680][ T5068] ? sysv_new_inode+0x1130/0x12c0
[ 102.039697][ T5068] end_report+0x6d/0xf0
[ 102.043849][ T5068] kasan_report+0x102/0x130
[ 102.048359][ T5068] ? sysv_new_inode+0x1130/0x12c0
[ 102.053379][ T5068] sysv_new_inode+0x1130/0x12c0
[ 102.058225][ T5068] ? from_kgid+0x169/0x690
[ 102.062710][ T5068] ? make_kgid+0x660/0x660
[ 102.067123][ T5068] ? sysv_free_inode+0x7e0/0x7e0
[ 102.072072][ T5068] ? generic_permission+0x292/0x510
[ 102.077246][ T5068] sysv_symlink+0x9b/0x150
[ 102.081645][ T5068] vfs_symlink+0x247/0x3d0
[ 102.086040][ T5068] do_symlinkat+0x1ab/0x6b0
[ 102.090519][ T5068] ? vfs_symlink+0x3d0/0x3d0
[ 102.095083][ T5068] ? getname_flags+0x1fe/0x500
[ 102.099821][ T5068] __x64_sys_symlink+0x7a/0x90
[ 102.104555][ T5068] do_syscall_64+0x4c/0xa0
[ 102.108947][ T5068] ? clear_bhb_loop+0x30/0x80
[ 102.113601][ T5068] ? clear_bhb_loop+0x30/0x80
[ 102.118252][ T5068] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 102.124118][ T5068] RIP: 0033:0x7f9317e74379
[ 102.128510][ T5068] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 102.148085][ T5068] RSP: 002b:00007f93174d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[ 102.156471][ T5068] RAX: ffffffffffffffda RBX: 00007f93180bffa0 RCX: 00007f9317e74379
[ 102.164418][ T5068] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000200000000100
[ 102.172365][ T5068] RBP: 00007f9317f07d68 R08: 0000000000000000 R09: 0000000000000000
[ 102.180311][ T5068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 102.188256][ T5068] R13: 00007f93180c0038 R14: 00007f93180bffa0 R15: 00007ffca1c47948
[ 102.196219][ T5068]
[ 102.199481][ T5068] Kernel Offset: disabled
[ 102.203788][ T5068] Rebooting in 86400 seconds..