Warning: Permanently added '10.128.0.204' (ED25519) to the list of known hosts.
2025/09/25 05:13:11 parsed 1 programs
[ 93.487402][ T4620] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 95.284646][ T4646] chnl_net:caif_netlink_parms(): no params data found
[ 95.346437][ T4646] bridge0: port 1(bridge_slave_0) entered blocking state
[ 95.353675][ T4646] bridge0: port 1(bridge_slave_0) entered disabled state
[ 95.363370][ T4646] device bridge_slave_0 entered promiscuous mode
[ 95.372193][ T4646] bridge0: port 2(bridge_slave_1) entered blocking state
[ 95.380714][ T4646] bridge0: port 2(bridge_slave_1) entered disabled state
[ 95.389512][ T4646] device bridge_slave_1 entered promiscuous mode
[ 95.418692][ T4646] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 95.430235][ T4646] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 95.461957][ T4646] team0: Port device team_slave_0 added
[ 95.470105][ T4646] team0: Port device team_slave_1 added
[ 95.495573][ T4646] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 95.502574][ T4646] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 95.530142][ T4646] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 95.542491][ T4646] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 95.550920][ T4646] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 95.579964][ T4646] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 95.618627][ T4646] device hsr_slave_0 entered promiscuous mode
[ 95.625547][ T4646] device hsr_slave_1 entered promiscuous mode
[ 96.252709][ T4646] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 96.262749][ T4646] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 96.287619][ T4646] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 96.297887][ T4646] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 96.402304][ T4646] 8021q: adding VLAN 0 to HW filter on device bond0
[ 96.418143][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 96.427182][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 96.439935][ T4646] 8021q: adding VLAN 0 to HW filter on device team0
[ 96.452845][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 96.462616][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 96.472923][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 96.480508][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 96.508709][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 96.517458][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 96.527917][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 96.538222][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 96.545730][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 96.556386][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 96.575666][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 96.586467][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 96.597061][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 96.615624][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 96.626502][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 96.635690][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 96.644580][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 96.653553][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 96.665481][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 96.677162][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 96.687666][ T4646] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 96.821134][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 96.830194][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 96.855751][ T4646] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 96.876983][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 96.888817][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 96.920346][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 96.930587][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 96.943217][ T4646] device veth0_vlan entered promiscuous mode
[ 96.958703][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 96.968343][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 96.981398][ T4646] device veth1_vlan entered promiscuous mode
[ 97.015401][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 97.025725][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 97.035322][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 97.044912][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 97.055844][ T4646] device veth0_macvtap entered promiscuous mode
[ 97.066315][ T4646] device veth1_macvtap entered promiscuous mode
[ 97.091766][ T4646] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 97.101709][ T1428] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 97.110521][ T1428] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 97.119881][ T1428] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 97.129094][ T1428] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 97.149437][ T4646] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 97.159072][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 97.170044][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 97.182587][ T4646] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.192224][ T4646] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.201739][ T4646] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.210764][ T4646] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 98.974747][ T1428] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 98.983054][ T1428] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 99.017357][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 99.038692][ T4324] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 99.054569][ T4324] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 99.064345][ T1428] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 99.172499][ T144] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 102.669279][ T144] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 102.727750][ T144] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 102.809066][ T144] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/09/25 05:13:24 executed programs: 0
[ 103.918987][ T5076] chnl_net:caif_netlink_parms(): no params data found
[ 103.999490][ T5076] bridge0: port 1(bridge_slave_0) entered blocking state
[ 104.009962][ T5076] bridge0: port 1(bridge_slave_0) entered disabled state
[ 104.018428][ T5076] device bridge_slave_0 entered promiscuous mode
[ 104.029641][ T5076] bridge0: port 2(bridge_slave_1) entered blocking state
[ 104.037119][ T5076] bridge0: port 2(bridge_slave_1) entered disabled state
[ 104.047850][ T5076] device bridge_slave_1 entered promiscuous mode
[ 104.112836][ T5076] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 104.129037][ T5076] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 104.175583][ T5076] team0: Port device team_slave_0 added
[ 104.183923][ T5076] team0: Port device team_slave_1 added
[ 104.203884][ T5076] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 104.211348][ T5076] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 104.238682][ T5076] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 104.275142][ T5076] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 104.282463][ T5076] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 104.310224][ T5076] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 104.346996][ T5076] device hsr_slave_0 entered promiscuous mode
[ 104.356966][ T5076] device hsr_slave_1 entered promiscuous mode
[ 104.364102][ T5076] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 104.372942][ T5076] Cannot create hsr debugfs directory
[ 104.612136][ T144] device hsr_slave_0 left promiscuous mode
[ 104.619896][ T144] device hsr_slave_1 left promiscuous mode
[ 104.626840][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 104.635406][ T144] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 104.645251][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 104.653000][ T144] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 104.661347][ T144] device bridge_slave_1 left promiscuous mode
[ 104.667694][ T144] bridge0: port 2(bridge_slave_1) entered disabled state
[ 104.678900][ T144] device bridge_slave_0 left promiscuous mode
[ 104.685231][ T144] bridge0: port 1(bridge_slave_0) entered disabled state
[ 104.697844][ T144] device veth1_macvtap left promiscuous mode
[ 104.704281][ T144] device veth0_macvtap left promiscuous mode
[ 104.710447][ T144] device veth1_vlan left promiscuous mode
[ 104.716491][ T144] device veth0_vlan left promiscuous mode
[ 104.845929][ T144] team0 (unregistering): Port device team_slave_1 removed
[ 104.858914][ T144] team0 (unregistering): Port device team_slave_0 removed
[ 104.869798][ T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 104.883011][ T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 104.937457][ T144] bond0 (unregistering): Released all slaves
[ 105.203853][ T5076] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 105.227695][ T5076] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 105.257172][ T5076] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 105.268373][ T5076] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 105.367854][ T5076] 8021q: adding VLAN 0 to HW filter on device bond0
[ 105.384827][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 105.393336][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 105.405806][ T5076] 8021q: adding VLAN 0 to HW filter on device team0
[ 105.418971][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 105.455892][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 105.465746][ T4324] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.473205][ T4324] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 105.495227][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 105.503679][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 105.512961][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 105.522075][ T4324] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.529795][ T4324] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 105.541014][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 105.553664][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 105.578306][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 105.588599][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 105.599518][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 105.609019][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 105.619114][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 105.631570][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 105.648110][ T5076] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 105.661707][ T5076] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 105.670724][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 105.681719][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 105.691416][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 105.804450][ T4189] Bluetooth: hci0: command 0x0409 tx timeout
[ 105.880825][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 105.895194][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 105.907970][ T5076] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 105.929866][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 105.940424][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 105.961023][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 105.975037][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 105.985610][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 105.993633][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 106.005218][ T5076] device veth0_vlan entered promiscuous mode
[ 106.031828][ T5076] device veth1_vlan entered promiscuous mode
[ 106.058525][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 106.075875][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 106.095585][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 106.109167][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 106.123875][ T5076] device veth0_macvtap entered promiscuous mode
[ 106.140411][ T5076] device veth1_macvtap entered promiscuous mode
[ 106.158811][ T5076] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 106.175329][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 106.193201][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 106.209429][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 106.221883][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 106.238095][ T5076] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 106.246466][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 106.265608][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 106.283943][ T5076] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.296601][ T5076] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.307055][ T5076] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.322505][ T5076] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.414220][ T4324] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.425299][ T4324] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.436977][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 106.461326][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.475267][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.499740][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 107.020534][ T5169] loop0: detected capacity change from 0 to 32768
[ 107.201442][ T5169] ==================================================================
[ 107.210022][ T5169] BUG: KASAN: use-after-free in jfs_readdir+0x11ca/0x3c10
[ 107.217540][ T5169] Read of size 8 at addr ffff88807a6f7bd0 by task syz.0.17/5169
[ 107.225449][ T5169]
[ 107.227884][ T5169] CPU: 0 PID: 5169 Comm: syz.0.17 Not tainted syzkaller #0
[ 107.235706][ T5169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 107.246356][ T5169] Call Trace:
[ 107.249729][ T5169]
[ 107.252650][ T5169] dump_stack_lvl+0x168/0x230
[ 107.257324][ T5169] ? show_regs_print_info+0x20/0x20
[ 107.262714][ T5169] ? load_image+0x3b0/0x3b0
[ 107.267295][ T5169] ? _raw_spin_lock_irqsave+0xb0/0xf0
[ 107.272662][ T5169] ? unlock_page+0x17c/0x1f0
[ 107.277439][ T5169] print_address_description+0x60/0x2d0
[ 107.283083][ T5169] ? jfs_readdir+0x11ca/0x3c10
[ 107.288132][ T5169] kasan_report+0xdf/0x130
[ 107.292977][ T5169] ? jfs_readdir+0x11ca/0x3c10
[ 107.297888][ T5169] jfs_readdir+0x11ca/0x3c10
[ 107.302670][ T5169] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 107.309040][ T5169] ? lockdep_hardirqs_on+0x94/0x140
[ 107.314347][ T5169] ? dtInitRoot+0x660/0x660
[ 107.319349][ T5169] ? lock_acquire+0x1f2/0x3f0
[ 107.324709][ T5169] ? end_current_label_crit_section+0x14b/0x170
[ 107.331560][ T5169] ? common_file_perm+0x171/0x1c0
[ 107.336965][ T5169] iterate_dir+0x218/0x560
[ 107.341842][ T5169] __se_sys_getdents+0xe5/0x250
[ 107.346803][ T5169] ? __x64_sys_getdents+0x80/0x80
[ 107.352208][ T5169] ? fillonedir+0x4c0/0x4c0
[ 107.356978][ T5169] ? vtime_user_exit+0x2dc/0x400
[ 107.362742][ T5169] ? lockdep_hardirqs_on+0x94/0x140
[ 107.368825][ T5169] do_syscall_64+0x4c/0xa0
[ 107.373696][ T5169] ? clear_bhb_loop+0x30/0x80
[ 107.378464][ T5169] ? clear_bhb_loop+0x30/0x80
[ 107.383743][ T5169] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 107.389907][ T5169] RIP: 0033:0x7f8ab5b25ba9
[ 107.394484][ T5169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 107.414801][ T5169] RSP: 002b:00007f8ab5195038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[ 107.423468][ T5169] RAX: ffffffffffffffda RBX: 00007f8ab5d6cfa0 RCX: 00007f8ab5b25ba9
[ 107.431548][ T5169] RDX: fffffffffffffd90 RSI: 0000000000000000 RDI: 0000000000000004
[ 107.439698][ T5169] RBP: 00007f8ab5ba8e19 R08: 0000000000000000 R09: 0000000000000000
[ 107.447860][ T5169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 107.456455][ T5169] R13: 00007f8ab5d6d038 R14: 00007f8ab5d6cfa0 R15: 00007ffe17e16928
[ 107.465168][ T5169]
[ 107.468469][ T5169]
[ 107.470810][ T5169] Allocated by task 5169:
[ 107.475290][ T5169] __kasan_slab_alloc+0x9c/0xd0
[ 107.480473][ T5169] slab_post_alloc_hook+0x4c/0x380
[ 107.486106][ T5169] kmem_cache_alloc+0x100/0x290
[ 107.491302][ T5169] mempool_alloc+0x18f/0x4e0
[ 107.496196][ T5169] __get_metapage+0x5e8/0x1060
[ 107.501074][ T5169] dtSplitRoot+0x1e5/0x1510
[ 107.505686][ T5169] dtInsert+0xe20/0x57a0
[ 107.510259][ T5169] jfs_symlink+0x70f/0xe60
[ 107.515341][ T5169] vfs_symlink+0x247/0x3d0
[ 107.519831][ T5169] do_symlinkat+0x1be/0x6c0
[ 107.524324][ T5169] __x64_sys_symlink+0x7a/0x90
[ 107.529110][ T5169] do_syscall_64+0x4c/0xa0
[ 107.533590][ T5169] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 107.540003][ T5169]
[ 107.542311][ T5169] Freed by task 5169:
[ 107.546514][ T5169] kasan_set_track+0x4b/0x70
[ 107.551311][ T5169] kasan_set_free_info+0x1f/0x40
[ 107.557073][ T5169] ____kasan_slab_free+0xd5/0x110
[ 107.563369][ T5169] slab_free_freelist_hook+0xea/0x170
[ 107.569583][ T5169] kmem_cache_free+0x8f/0x210
[ 107.574829][ T5169] release_metapage+0x97b/0xe10
[ 107.580298][ T5169] jfs_readdir+0xf6f/0x3c10
[ 107.585623][ T5169] iterate_dir+0x218/0x560
[ 107.591293][ T5169] __se_sys_getdents+0xe5/0x250
[ 107.597106][ T5169] do_syscall_64+0x4c/0xa0
[ 107.602175][ T5169] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 107.608717][ T5169]
[ 107.611401][ T5169] The buggy address belongs to the object at ffff88807a6f7ba0
[ 107.611401][ T5169] which belongs to the cache jfs_mp of size 184
[ 107.625839][ T5169] The buggy address is located 48 bytes inside of
[ 107.625839][ T5169] 184-byte region [ffff88807a6f7ba0, ffff88807a6f7c58)
[ 107.639147][ T5169] The buggy address belongs to the page:
[ 107.644946][ T5169] page:ffffea0001e9bdc0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7a6f7
[ 107.655354][ T5169] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 107.663072][ T5169] raw: 00fff00000000200 0000000000000000 dead000000000122 ffff8881465a2dc0
[ 107.672511][ T5169] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[ 107.681288][ T5169] page dumped because: kasan: bad access detected
[ 107.687797][ T5169] page_owner tracks the page as allocated
[ 107.693707][ T5169] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x192800(GFP_NOWAIT|__GFP_NOWARN|__GFP_NORETRY|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 5169, ts 107139460980, free_ts 107017167894
[ 107.713194][ T5169] get_page_from_freelist+0x1b77/0x1c60
[ 107.718741][ T5169] __alloc_pages+0x1e1/0x470
[ 107.723532][ T5169] new_slab+0xc0/0x4b0
[ 107.727603][ T5169] ___slab_alloc+0x81e/0xdf0
[ 107.732270][ T5169] kmem_cache_alloc+0x195/0x290
[ 107.737304][ T5169] mempool_alloc+0x18f/0x4e0
[ 107.741877][ T5169] __get_metapage+0x5e8/0x1060
[ 107.746886][ T5169] diReadSpecial+0x257/0x700
[ 107.751838][ T5169] jfs_mount+0x6f/0x860
[ 107.756157][ T5169] jfs_fill_super+0x50b/0xaf0
[ 107.760912][ T5169] mount_bdev+0x287/0x3c0
[ 107.765322][ T5169] legacy_get_tree+0xe6/0x180
[ 107.770328][ T5169] vfs_get_tree+0x88/0x270
[ 107.774915][ T5169] do_new_mount+0x24a/0xa40
[ 107.779488][ T5169] __se_sys_mount+0x2d6/0x3c0
[ 107.784320][ T5169] do_syscall_64+0x4c/0xa0
[ 107.788722][ T5169] page last free stack trace:
[ 107.793469][ T5169] free_unref_page_prepare+0x637/0x6c0
[ 107.799181][ T5169] free_unref_page_list+0x122/0x7e0
[ 107.804467][ T5169] release_pages+0x184b/0x1bb0
[ 107.809236][ T5169] tlb_finish_mmu+0x164/0x2e0
[ 107.814459][ T5169] unmap_region+0x315/0x360
[ 107.818962][ T5169] __do_munmap+0x9d3/0xdc0
[ 107.823398][ T5169] __vm_munmap+0x137/0x230
[ 107.828100][ T5169] __x64_sys_munmap+0x67/0x70
[ 107.833307][ T5169] do_syscall_64+0x4c/0xa0
[ 107.837734][ T5169] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 107.843738][ T5169]
[ 107.846140][ T5169] Memory state around the buggy address:
[ 107.852023][ T5169] ffff88807a6f7a80: fc fc fc fc fc 00 00 00 00 00 00 00 00 00 00 00
[ 107.860541][ T5169] ffff88807a6f7b00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc
[ 107.869490][ T5169] >ffff88807a6f7b80: fc fc fc fc fa fb fb fb fb fb fb fb fb fb fb fb
[ 107.878463][ T5169] ^
[ 107.885759][ T5169] ffff88807a6f7c00: fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc
[ 107.894235][ T5169] ffff88807a6f7c80: fc fc fc 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 107.902885][ T5169] ==================================================================
[ 107.911115][ T5169] Disabling lock debugging due to kernel taint
[ 107.920365][ T5169] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 107.927764][ T5169] CPU: 1 PID: 5169 Comm: syz.0.17 Tainted: G B syzkaller #0
[ 107.936632][ T5169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 107.946953][ T5169] Call Trace:
[ 107.950342][ T5169]
[ 107.953279][ T5169] dump_stack_lvl+0x168/0x230
[ 107.958040][ T5169] ? show_regs_print_info+0x20/0x20
[ 107.963227][ T5169] ? load_image+0x3b0/0x3b0
[ 107.968120][ T5169] panic+0x2c9/0x7f0
[ 107.972277][ T5169] ? bpf_jit_dump+0xd0/0xd0
[ 107.976857][ T5169] ? _raw_spin_unlock_irqrestore+0xf6/0x100
[ 107.983020][ T5169] ? _raw_spin_unlock+0x40/0x40
[ 107.989130][ T5169] ? jfs_readdir+0x11ca/0x3c10
[ 107.994072][ T5169] check_panic_on_warn+0x80/0xa0
[ 107.999123][ T5169] ? jfs_readdir+0x11ca/0x3c10
[ 108.003958][ T5169] end_report+0x6d/0xf0
[ 108.008201][ T5169] kasan_report+0x102/0x130
[ 108.012772][ T5169] ? jfs_readdir+0x11ca/0x3c10
[ 108.017638][ T5169] jfs_readdir+0x11ca/0x3c10
[ 108.022332][ T5169] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 108.028565][ T5169] ? lockdep_hardirqs_on+0x94/0x140
[ 108.033833][ T5169] ? dtInitRoot+0x660/0x660
[ 108.038413][ T5169] ? lock_acquire+0x1f2/0x3f0
[ 108.044819][ T5169] ? end_current_label_crit_section+0x14b/0x170
[ 108.051326][ T5169] ? common_file_perm+0x171/0x1c0
[ 108.056801][ T5169] iterate_dir+0x218/0x560
[ 108.063048][ T5169] __se_sys_getdents+0xe5/0x250
[ 108.068237][ T5169] ? __x64_sys_getdents+0x80/0x80
[ 108.073444][ T5169] ? fillonedir+0x4c0/0x4c0
[ 108.078303][ T5169] ? vtime_user_exit+0x2dc/0x400
[ 108.083328][ T5169] ? lockdep_hardirqs_on+0x94/0x140
[ 108.088509][ T5169] do_syscall_64+0x4c/0xa0
[ 108.093000][ T5169] ? clear_bhb_loop+0x30/0x80
[ 108.097743][ T5169] ? clear_bhb_loop+0x30/0x80
[ 108.102410][ T5169] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 108.108368][ T5169] RIP: 0033:0x7f8ab5b25ba9
[ 108.112882][ T5169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 108.133660][ T5169] RSP: 002b:00007f8ab5195038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[ 108.142622][ T5169] RAX: ffffffffffffffda RBX: 00007f8ab5d6cfa0 RCX: 00007f8ab5b25ba9
[ 108.150699][ T5169] RDX: fffffffffffffd90 RSI: 0000000000000000 RDI: 0000000000000004
[ 108.159560][ T5169] RBP: 00007f8ab5ba8e19 R08: 0000000000000000 R09: 0000000000000000
[ 108.167659][ T5169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 108.176023][ T5169] R13: 00007f8ab5d6d038 R14: 00007f8ab5d6cfa0 R15: 00007ffe17e16928
[ 108.184528][ T5169]
[ 108.187909][ T5169] Kernel Offset: disabled
[ 108.193346][ T5169] Rebooting in 86400 seconds..