Warning: Permanently added '10.128.1.200' (ED25519) to the list of known hosts.
2026/04/19 16:18:40 parsed 1 programs
Setting up swapspace version 1, size = 127995904 bytes
[ 91.028398][ T4855] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 93.962672][ T4919] chnl_net:caif_netlink_parms(): no params data found
[ 94.086736][ T4919] bridge0: port 1(bridge_slave_0) entered blocking state
[ 94.094452][ T4919] bridge0: port 1(bridge_slave_0) entered disabled state
[ 94.103426][ T4919] device bridge_slave_0 entered promiscuous mode
[ 94.112150][ T4919] bridge0: port 2(bridge_slave_1) entered blocking state
[ 94.119753][ T4919] bridge0: port 2(bridge_slave_1) entered disabled state
[ 94.127764][ T4919] device bridge_slave_1 entered promiscuous mode
[ 94.146451][ T4919] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 94.157417][ T4919] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 94.178395][ T4919] team0: Port device team_slave_0 added
[ 94.185332][ T4919] team0: Port device team_slave_1 added
[ 94.201639][ T4919] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 94.208905][ T4919] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 94.235054][ T4919] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 94.247293][ T4919] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 94.254245][ T4919] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 94.280512][ T4919] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 94.305924][ T4919] device hsr_slave_0 entered promiscuous mode
[ 94.312566][ T4919] device hsr_slave_1 entered promiscuous mode
[ 94.833931][ T4919] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 94.873855][ T4919] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 94.884803][ T4919] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 94.897239][ T4919] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 95.019957][ T4919] 8021q: adding VLAN 0 to HW filter on device bond0
[ 95.034587][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 95.044856][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 95.056636][ T4919] 8021q: adding VLAN 0 to HW filter on device team0
[ 95.066704][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 95.077171][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 95.086297][ T1215] bridge0: port 1(bridge_slave_0) entered blocking state
[ 95.093489][ T1215] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 95.138112][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 95.148069][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 95.157981][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 95.168114][ T1215] bridge0: port 2(bridge_slave_1) entered blocking state
[ 95.175206][ T1215] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 95.184911][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 95.210635][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 95.220187][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 95.230680][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 95.240712][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 95.250533][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 95.259742][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 95.268751][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 95.278487][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 95.287373][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 95.296231][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 95.305533][ T4919] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 95.434001][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 95.441702][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 95.454676][ T4919] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 95.476468][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 95.487218][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 95.507523][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 95.518997][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 95.528437][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 95.538233][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 95.547246][ T4919] device veth0_vlan entered promiscuous mode
[ 95.589981][ T4919] device veth1_vlan entered promiscuous mode
[ 95.611790][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 95.622600][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 95.631171][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 95.641195][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 95.654075][ T4919] device veth0_macvtap entered promiscuous mode
[ 95.677563][ T4919] device veth1_macvtap entered promiscuous mode
[ 95.716873][ T4919] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 95.724225][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 95.748083][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 95.762922][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 95.771835][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 95.786163][ T4919] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 95.794522][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 95.804808][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 95.829211][ T4919] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 95.845627][ T4919] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 95.855470][ T4919] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 95.872999][ T4919] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.177699][ T151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 96.191732][ T151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 96.214716][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 96.230169][ T1226] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 96.238603][ T1226] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 96.250114][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
2026/04/19 16:18:49 executed programs: 0
[ 97.197181][ T5059] chnl_net:caif_netlink_parms(): no params data found
[ 97.305503][ T5059] bridge0: port 1(bridge_slave_0) entered blocking state
[ 97.313467][ T5059] bridge0: port 1(bridge_slave_0) entered disabled state
[ 97.322618][ T5059] device bridge_slave_0 entered promiscuous mode
[ 97.331811][ T5059] bridge0: port 2(bridge_slave_1) entered blocking state
[ 97.342218][ T5059] bridge0: port 2(bridge_slave_1) entered disabled state
[ 97.350555][ T5059] device bridge_slave_1 entered promiscuous mode
[ 97.368178][ T4274] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 97.400478][ T5059] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 97.413846][ T5059] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 97.441803][ T5059] team0: Port device team_slave_0 added
[ 97.450991][ T5059] team0: Port device team_slave_1 added
[ 97.473090][ T5059] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 97.481015][ T5059] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 97.507801][ T5059] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 97.520605][ T5059] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 97.527933][ T5059] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 97.554441][ T5059] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 97.589789][ T5059] device hsr_slave_0 entered promiscuous mode
[ 97.597488][ T5059] device hsr_slave_1 entered promiscuous mode
[ 97.604321][ T5059] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 97.612968][ T5059] Cannot create hsr debugfs directory
[ 98.986717][ T4412] Bluetooth: hci0: command 0x0409 tx timeout
[ 99.850630][ T4274] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 100.360223][ T4274] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 100.419647][ T4274] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 101.075834][ T4414] Bluetooth: hci0: command 0x041b tx timeout
[ 101.179681][ T5059] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 101.189109][ T5059] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 101.198953][ T5059] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 101.214394][ T5059] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 101.261445][ T5059] 8021q: adding VLAN 0 to HW filter on device bond0
[ 101.272888][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 101.282803][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 101.292999][ T5059] 8021q: adding VLAN 0 to HW filter on device team0
[ 101.309862][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 101.320973][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 101.329601][ T151] bridge0: port 1(bridge_slave_0) entered blocking state
[ 101.336676][ T151] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 101.347594][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 101.355930][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 101.364487][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 101.373334][ T151] bridge0: port 2(bridge_slave_1) entered blocking state
[ 101.380542][ T151] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 101.391554][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 101.405656][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 101.425158][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 101.435828][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 101.444366][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 101.454836][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 101.464863][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 101.488126][ T4274] device hsr_slave_0 left promiscuous mode
[ 101.494607][ T4274] device hsr_slave_1 left promiscuous mode
[ 101.501582][ T4274] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 101.509221][ T4274] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 101.518389][ T4274] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 101.525935][ T4274] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 101.533450][ T4274] device bridge_slave_1 left promiscuous mode
[ 101.539798][ T4274] bridge0: port 2(bridge_slave_1) entered disabled state
[ 101.548818][ T4274] device bridge_slave_0 left promiscuous mode
[ 101.555135][ T4274] bridge0: port 1(bridge_slave_0) entered disabled state
[ 101.566596][ T4274] device veth1_macvtap left promiscuous mode
[ 101.572767][ T4274] device veth0_macvtap left promiscuous mode
[ 101.579292][ T4274] device veth1_vlan left promiscuous mode
[ 101.585276][ T4274] device veth0_vlan left promiscuous mode
[ 101.688964][ T4274] team0 (unregistering): Port device team_slave_1 removed
[ 101.702857][ T4274] team0 (unregistering): Port device team_slave_0 removed
[ 101.714450][ T4274] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 101.726846][ T4274] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 101.770645][ T4274] bond0 (unregistering): Released all slaves
[ 101.802211][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 101.811200][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 101.821562][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 101.830472][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 101.842172][ T5059] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 101.922724][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 101.931986][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 101.949607][ T5059] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 101.973637][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 101.982378][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 101.999007][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 102.007533][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 102.016857][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 102.024550][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 102.035047][ T5059] device veth0_vlan entered promiscuous mode
[ 102.047850][ T5059] device veth1_vlan entered promiscuous mode
[ 102.067550][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 102.075782][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 102.083746][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 102.092660][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 102.102599][ T5059] device veth0_macvtap entered promiscuous mode
[ 102.116240][ T5059] device veth1_macvtap entered promiscuous mode
[ 102.129736][ T5059] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 102.139265][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 102.148042][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 102.156447][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 102.165287][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 102.178240][ T5059] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 102.187947][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 102.197239][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 102.207137][ T5059] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.216374][ T5059] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.225203][ T5059] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.234100][ T5059] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.304994][ T151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.318026][ T151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.334591][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
2026/04/19 16:18:54 executed programs: 2
[ 102.348634][ T1226] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.357909][ T1226] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.366741][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 102.461866][ T5335] loop0: detected capacity change from 0 to 8192
[ 102.487532][ T5335] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[ 102.497482][ T5335] REISERFS (device loop0): using ordered data mode
[ 102.504015][ T5335] reiserfs: using flush barriers
[ 102.511736][ T5335] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 102.530643][ T5335] REISERFS (device loop0): checking transaction log (loop0)
[ 102.548845][ T5335] REISERFS (device loop0): Using r5 hash to sort names
[ 102.566278][ T5335] REISERFS (device loop0): using 3.5.x disk format
[ 102.574532][ T5335] ==================================================================
[ 102.582896][ T5335] BUG: KASAN: out-of-bounds in leaf_paste_entries+0x794/0x1130
[ 102.590568][ T5335] Read of size 18446744073709551584 at addr ffff88806bb2bfa4 by task syz.0.17/5335
[ 102.599872][ T5335]
[ 102.602321][ T5335] CPU: 0 PID: 5335 Comm: syz.0.17 Not tainted syzkaller #0
[ 102.609528][ T5335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 102.620041][ T5335] Call Trace:
[ 102.623341][ T5335]
[ 102.626444][ T5335] dump_stack_lvl+0x188/0x250
[ 102.631599][ T5335] ? show_regs_print_info+0x20/0x20
[ 102.636818][ T5335] ? load_image+0x400/0x400
[ 102.641446][ T5335] ? _raw_spin_lock_irqsave+0xbc/0x100
[ 102.647254][ T5335] ? __lock_acquire+0x13bc/0x7d10
[ 102.652286][ T5335] ? verify_lock_unused+0x140/0x140
[ 102.657519][ T5335] print_address_description+0x60/0x2d0
[ 102.663076][ T5335] ? leaf_paste_entries+0x794/0x1130
[ 102.668372][ T5335] kasan_report+0xdf/0x130
[ 102.672814][ T5335] ? leaf_paste_entries+0x794/0x1130
[ 102.678123][ T5335] ? journal_mark_dirty+0x21d/0xdf0
[ 102.683428][ T5335] ? leaf_paste_entries+0x794/0x1130
[ 102.688771][ T5335] kasan_check_range+0x235/0x290
[ 102.693712][ T5335] ? leaf_paste_entries+0x794/0x1130
[ 102.700262][ T5335] memmove+0x25/0x60
[ 102.704615][ T5335] leaf_paste_entries+0x794/0x1130
[ 102.709868][ T5335] balance_leaf+0xb2e5/0x10ec0
[ 102.714651][ T5335] ? mark_lock+0x94/0x320
[ 102.719250][ T5335] ? lock_chain_count+0x20/0x20
[ 102.724117][ T5335] ? _raw_spin_unlock_irqrestore+0x82/0x120
[ 102.730019][ T5335] ? do_balance+0x930/0x930
[ 102.734733][ T5335] ? _raw_spin_unlock+0x40/0x40
[ 102.739607][ T5335] ? stack_trace_snprint+0xf0/0xf0
[ 102.744745][ T5335] ? stack_depot_save+0x404/0x440
[ 102.749815][ T5335] ? __kasan_kmalloc+0xcc/0xf0
[ 102.754770][ T5335] ? __kasan_kmalloc+0xb5/0xf0
[ 102.759647][ T5335] ? fix_nodes+0x60a2/0x8340
[ 102.764246][ T5335] ? reiserfs_paste_into_item+0x60b/0x810
[ 102.770102][ T5335] ? reiserfs_add_entry+0xa42/0xe10
[ 102.775481][ T5335] ? reiserfs_mkdir+0x6bc/0x920
[ 102.780605][ T5335] ? reiserfs_xattr_init+0x331/0x720
[ 102.786003][ T5335] ? reiserfs_fill_super+0x1fe6/0x2440
[ 102.791553][ T5335] ? mount_bdev+0x287/0x3c0
[ 102.796059][ T5335] ? legacy_get_tree+0xe6/0x180
[ 102.800912][ T5335] ? vfs_get_tree+0x88/0x270
[ 102.805601][ T5335] ? do_new_mount+0x24a/0xa40
[ 102.810471][ T5335] ? __se_sys_mount+0x2e3/0x3d0
[ 102.815329][ T5335] ? do_syscall_64+0x4c/0xa0
[ 102.819917][ T5335] ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 102.826063][ T5335] ? __wake_up_bit+0x120/0x120
[ 102.830858][ T5335] ? get_parents+0x400/0xd20
[ 102.835536][ T5335] ? get_neighbors+0x9ba/0x1030
[ 102.840663][ T5335] ? reiserfs_prepare_for_journal+0x269/0x280
[ 102.846740][ T5335] ? fix_nodes+0x7bc3/0x8340
[ 102.851389][ T5335] do_balance+0x318/0x930
[ 102.855730][ T5335] ? get_right_neighbor_position+0x210/0x210
[ 102.861813][ T5335] ? reiserfs_paste_into_item+0x3b0/0x810
[ 102.867542][ T5335] reiserfs_paste_into_item+0x6dd/0x810
[ 102.873124][ T5335] ? reiserfs_cut_from_item+0x1fa0/0x1fa0
[ 102.878927][ T5335] ? reiserfs_get_parent+0x2f0/0x2f0
[ 102.884400][ T5335] ? inode_get_bytes+0x73/0xa0
[ 102.889176][ T5335] ? _find_first_zero_bit+0x60/0xf0
[ 102.894384][ T5335] reiserfs_add_entry+0xa42/0xe10
[ 102.899540][ T5335] ? drop_new_inode+0x60/0x60
[ 102.904267][ T5335] ? journal_begin+0x1f1/0x350
[ 102.909049][ T5335] ? reiserfs_update_inode_transaction+0x1c/0x120
[ 102.915558][ T5335] reiserfs_mkdir+0x6bc/0x920
[ 102.920261][ T5335] ? reiserfs_symlink+0x790/0x790
[ 102.925295][ T5335] ? rwsem_write_trylock+0x135/0x1c0
[ 102.930756][ T5335] ? lookup_one_len+0x19d/0x2d0
[ 102.935724][ T5335] ? lookup_one_common+0x460/0x460
[ 102.941112][ T5335] reiserfs_xattr_init+0x331/0x720
[ 102.946235][ T5335] reiserfs_fill_super+0x1fe6/0x2440
[ 102.951638][ T5335] ? reiserfs_kill_sb+0x140/0x140
[ 102.956658][ T5335] ? snprintf+0xe5/0x140
[ 102.960939][ T5335] ? vscnprintf+0x80/0x80
[ 102.965360][ T5335] ? set_blocksize+0x1f3/0x370
[ 102.970131][ T5335] ? sb_set_blocksize+0xa5/0xe0
[ 102.974979][ T5335] mount_bdev+0x287/0x3c0
[ 102.979346][ T5335] ? reiserfs_kill_sb+0x140/0x140
[ 102.984380][ T5335] legacy_get_tree+0xe6/0x180
[ 102.989151][ T5335] ? remove_save_link+0x3e0/0x3e0
[ 102.994185][ T5335] vfs_get_tree+0x88/0x270
[ 102.998619][ T5335] do_new_mount+0x24a/0xa40
[ 103.003138][ T5335] __se_sys_mount+0x2e3/0x3d0
[ 103.007823][ T5335] ? __x64_sys_mount+0xc0/0xc0
[ 103.012606][ T5335] ? lockdep_hardirqs_on+0x94/0x140
[ 103.017827][ T5335] ? __x64_sys_mount+0x1c/0xc0
[ 103.022687][ T5335] do_syscall_64+0x4c/0xa0
[ 103.027112][ T5335] ? clear_bhb_loop+0x30/0x80
[ 103.031803][ T5335] ? clear_bhb_loop+0x30/0x80
[ 103.036581][ T5335] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 103.042501][ T5335] RIP: 0033:0x7f43b6b3818a
[ 103.046915][ T5335] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 103.067101][ T5335] RSP: 002b:00007f43b6199e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 103.075733][ T5335] RAX: ffffffffffffffda RBX: 00007f43b6199ee0 RCX: 00007f43b6b3818a
[ 103.083717][ T5335] RDX: 00002000000000c0 RSI: 0000200000000140 RDI: 00007f43b6199ea0
[ 103.091787][ T5335] RBP: 00002000000000c0 R08: 00007f43b6199ee0 R09: 0000000000000000
[ 103.099858][ T5335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000140
[ 103.107920][ T5335] R13: 00007f43b6199ea0 R14: 0000000000001117 R15: 00002000000001c0
[ 103.116434][ T5335]
[ 103.119459][ T5335]
[ 103.121780][ T5335] The buggy address belongs to the page:
[ 103.127413][ T5335] page:ffffea0001aecac0 refcount:3 mapcount:0 mapping:ffff888140914f30 index:0x213 pfn:0x6bb2b
[ 103.137746][ T5335] memcg:ffff8880757b8000
[ 103.141988][ T5335] aops:def_blk_aops ino:700000
[ 103.146758][ T5335] flags: 0xfff00000002022(referenced|active|private|node=0|zone=1|lastcpupid=0x7ff)
[ 103.156175][ T5335] raw: 00fff00000002022 0000000000000000 dead000000000122 ffff888140914f30
[ 103.164771][ T5335] raw: 0000000000000213 ffff88802137cbc8 00000003ffffffff ffff8880757b8000
[ 103.173435][ T5335] page dumped because: kasan: bad access detected
[ 103.179859][ T5335] page_owner tracks the page as allocated
[ 103.185841][ T5335] page last allocated via order 0, migratetype Movable, gfp_mask 0x108c48(GFP_NOFS|__GFP_NOFAIL|__GFP_HARDWALL|__GFP_MOVABLE), pid 5335, ts 102548120060, free_ts 93822172603
[ 103.203140][ T5335] get_page_from_freelist+0x1bbd/0x1ca0
[ 103.208715][ T5335] __alloc_pages+0x1ee/0x480
[ 103.213412][ T5335] __page_cache_alloc+0xce/0x440
[ 103.218351][ T5335] pagecache_get_page+0x9b6/0xf10
[ 103.224369][ T5335] __getblk_gfp+0x247/0xb60
[ 103.228921][ T5335] search_by_key+0x46c/0x4470
[ 103.233797][ T5335] reiserfs_read_locked_inode+0x195/0x26b0
[ 103.239737][ T5335] reiserfs_fill_super+0x12af/0x2440
[ 103.245027][ T5335] mount_bdev+0x287/0x3c0
[ 103.249351][ T5335] legacy_get_tree+0xe6/0x180
[ 103.254121][ T5335] vfs_get_tree+0x88/0x270
[ 103.258718][ T5335] do_new_mount+0x24a/0xa40
[ 103.263214][ T5335] __se_sys_mount+0x2e3/0x3d0
[ 103.267888][ T5335] do_syscall_64+0x4c/0xa0
[ 103.272323][ T5335] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 103.278245][ T5335] page last free stack trace:
[ 103.282911][ T5335] free_unref_page_prepare+0x637/0x6c0
[ 103.288380][ T5335] free_unref_page_list+0x119/0x820
[ 103.293613][ T5335] release_pages+0x186c/0x1be0
[ 103.298378][ T5335] tlb_finish_mmu+0x1b4/0x370
[ 103.303074][ T5335] exit_mmap+0x3d0/0x640
[ 103.307301][ T5335] __mmput+0x115/0x3b0
[ 103.311365][ T5335] exit_mm+0x588/0x6e0
[ 103.315420][ T5335] do_exit+0x5a9/0x20c0
[ 103.319570][ T5335] do_group_exit+0x12e/0x300
[ 103.324159][ T5335] get_signal+0x6ca/0x12c0
[ 103.328758][ T5335] arch_do_signal_or_restart+0xe7/0x12c0
[ 103.334404][ T5335] exit_to_user_mode_loop+0x9e/0x130
[ 103.339774][ T5335] exit_to_user_mode_prepare+0xee/0x180
[ 103.345411][ T5335] syscall_exit_to_user_mode+0x16/0x40
[ 103.350946][ T5335] do_syscall_64+0x58/0xa0
[ 103.355435][ T5335] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 103.361333][ T5335]
[ 103.363643][ T5335] Memory state around the buggy address:
[ 103.369256][ T5335] ffff88806bb2be80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 103.377326][ T5335] ffff88806bb2bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 103.385486][ T5335] >ffff88806bb2bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 103.393529][ T5335] ^
[ 103.398621][ T5335] ffff88806bb2c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 103.406924][ T5335] ffff88806bb2c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 103.414972][ T5335] ==================================================================
[ 103.423099][ T5335] Disabling lock debugging due to kernel taint
[ 103.430750][ T4935] Bluetooth: hci0: command 0x040f tx timeout
[ 103.436608][ T5335] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 103.444109][ T5335] CPU: 1 PID: 5335 Comm: syz.0.17 Tainted: G B syzkaller #0
[ 103.452930][ T5335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 103.463252][ T5335] Call Trace:
[ 103.466541][ T5335]
[ 103.469482][ T5335] dump_stack_lvl+0x188/0x250
[ 103.474175][ T5335] ? show_regs_print_info+0x20/0x20
[ 103.479382][ T5335] ? load_image+0x400/0x400
[ 103.483888][ T5335] panic+0x2e5/0x810
[ 103.487785][ T5335] ? bpf_jit_dump+0xd0/0xd0
[ 103.492274][ T5335] ? _raw_spin_unlock_irqrestore+0x10d/0x120
[ 103.498321][ T5335] ? _raw_spin_unlock+0x40/0x40
[ 103.503175][ T5335] ? leaf_paste_entries+0x794/0x1130
[ 103.508448][ T5335] check_panic_on_warn+0x80/0xa0
[ 103.513370][ T5335] ? leaf_paste_entries+0x794/0x1130
[ 103.518747][ T5335] end_report+0x6d/0xf0
[ 103.522887][ T5335] kasan_report+0x102/0x130
[ 103.527481][ T5335] ? leaf_paste_entries+0x794/0x1130
[ 103.533365][ T5335] ? journal_mark_dirty+0x21d/0xdf0
[ 103.538667][ T5335] ? leaf_paste_entries+0x794/0x1130
[ 103.543953][ T5335] kasan_check_range+0x235/0x290
[ 103.548966][ T5335] ? leaf_paste_entries+0x794/0x1130
[ 103.554348][ T5335] memmove+0x25/0x60
[ 103.558222][ T5335] leaf_paste_entries+0x794/0x1130
[ 103.563331][ T5335] balance_leaf+0xb2e5/0x10ec0
[ 103.568077][ T5335] ? mark_lock+0x94/0x320
[ 103.572386][ T5335] ? lock_chain_count+0x20/0x20
[ 103.577235][ T5335] ? _raw_spin_unlock_irqrestore+0x82/0x120
[ 103.583194][ T5335] ? do_balance+0x930/0x930
[ 103.587687][ T5335] ? _raw_spin_unlock+0x40/0x40
[ 103.592688][ T5335] ? stack_trace_snprint+0xf0/0xf0
[ 103.597801][ T5335] ? stack_depot_save+0x404/0x440
[ 103.602990][ T5335] ? __kasan_kmalloc+0xcc/0xf0
[ 103.607734][ T5335] ? __kasan_kmalloc+0xb5/0xf0
[ 103.612479][ T5335] ? fix_nodes+0x60a2/0x8340
[ 103.617044][ T5335] ? reiserfs_paste_into_item+0x60b/0x810
[ 103.622745][ T5335] ? reiserfs_add_entry+0xa42/0xe10
[ 103.627920][ T5335] ? reiserfs_mkdir+0x6bc/0x920
[ 103.632757][ T5335] ? reiserfs_xattr_init+0x331/0x720
[ 103.638019][ T5335] ? reiserfs_fill_super+0x1fe6/0x2440
[ 103.643460][ T5335] ? mount_bdev+0x287/0x3c0
[ 103.648070][ T5335] ? legacy_get_tree+0xe6/0x180
[ 103.652908][ T5335] ? vfs_get_tree+0x88/0x270
[ 103.657476][ T5335] ? do_new_mount+0x24a/0xa40
[ 103.662163][ T5335] ? __se_sys_mount+0x2e3/0x3d0
[ 103.666991][ T5335] ? do_syscall_64+0x4c/0xa0
[ 103.671571][ T5335] ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 103.677645][ T5335] ? __wake_up_bit+0x120/0x120
[ 103.682389][ T5335] ? get_parents+0x400/0xd20
[ 103.686952][ T5335] ? get_neighbors+0x9ba/0x1030
[ 103.691870][ T5335] ? reiserfs_prepare_for_journal+0x269/0x280
[ 103.697917][ T5335] ? fix_nodes+0x7bc3/0x8340
[ 103.702490][ T5335] do_balance+0x318/0x930
[ 103.706829][ T5335] ? get_right_neighbor_position+0x210/0x210
[ 103.712882][ T5335] ? reiserfs_paste_into_item+0x3b0/0x810
[ 103.718590][ T5335] reiserfs_paste_into_item+0x6dd/0x810
[ 103.724234][ T5335] ? reiserfs_cut_from_item+0x1fa0/0x1fa0
[ 103.730093][ T5335] ? reiserfs_get_parent+0x2f0/0x2f0
[ 103.735386][ T5335] ? inode_get_bytes+0x73/0xa0
[ 103.740154][ T5335] ? _find_first_zero_bit+0x60/0xf0
[ 103.745441][ T5335] reiserfs_add_entry+0xa42/0xe10
[ 103.750462][ T5335] ? drop_new_inode+0x60/0x60
[ 103.755136][ T5335] ? journal_begin+0x1f1/0x350
[ 103.759888][ T5335] ? reiserfs_update_inode_transaction+0x1c/0x120
[ 103.766292][ T5335] reiserfs_mkdir+0x6bc/0x920
[ 103.770965][ T5335] ? reiserfs_symlink+0x790/0x790
[ 103.775982][ T5335] ? rwsem_write_trylock+0x135/0x1c0
[ 103.781353][ T5335] ? lookup_one_len+0x19d/0x2d0
[ 103.786323][ T5335] ? lookup_one_common+0x460/0x460
[ 103.791520][ T5335] reiserfs_xattr_init+0x331/0x720
[ 103.796714][ T5335] reiserfs_fill_super+0x1fe6/0x2440
[ 103.802030][ T5335] ? reiserfs_kill_sb+0x140/0x140
[ 103.807252][ T5335] ? snprintf+0xe5/0x140
[ 103.811576][ T5335] ? vscnprintf+0x80/0x80
[ 103.815884][ T5335] ? set_blocksize+0x1f3/0x370
[ 103.820630][ T5335] ? sb_set_blocksize+0xa5/0xe0
[ 103.825563][ T5335] mount_bdev+0x287/0x3c0
[ 103.829884][ T5335] ? reiserfs_kill_sb+0x140/0x140
[ 103.834888][ T5335] legacy_get_tree+0xe6/0x180
[ 103.839572][ T5335] ? remove_save_link+0x3e0/0x3e0
[ 103.844757][ T5335] vfs_get_tree+0x88/0x270
[ 103.849172][ T5335] do_new_mount+0x24a/0xa40
[ 103.853668][ T5335] __se_sys_mount+0x2e3/0x3d0
[ 103.858354][ T5335] ? __x64_sys_mount+0xc0/0xc0
[ 103.863205][ T5335] ? lockdep_hardirqs_on+0x94/0x140
[ 103.868577][ T5335] ? __x64_sys_mount+0x1c/0xc0
[ 103.873336][ T5335] do_syscall_64+0x4c/0xa0
[ 103.878201][ T5335] ? clear_bhb_loop+0x30/0x80
[ 103.883053][ T5335] ? clear_bhb_loop+0x30/0x80
[ 103.887735][ T5335] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 103.893890][ T5335] RIP: 0033:0x7f43b6b3818a
[ 103.898347][ T5335] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 103.917974][ T5335] RSP: 002b:00007f43b6199e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 103.926374][ T5335] RAX: ffffffffffffffda RBX: 00007f43b6199ee0 RCX: 00007f43b6b3818a
[ 103.934460][ T5335] RDX: 00002000000000c0 RSI: 0000200000000140 RDI: 00007f43b6199ea0
[ 103.942624][ T5335] RBP: 00002000000000c0 R08: 00007f43b6199ee0 R09: 0000000000000000
[ 103.950774][ T5335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000140
[ 103.958907][ T5335] R13: 00007f43b6199ea0 R14: 0000000000001117 R15: 00002000000001c0
[ 103.966963][ T5335]
[ 103.970382][ T5335] Kernel Offset: disabled
[ 103.974782][ T5335] Rebooting in 86400 seconds..