Warning: Permanently added '10.128.0.99' (ED25519) to the list of known hosts.
1970/01/01 00:01:22 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:01:23 parsed 1 programs
[   85.955809][ T4487] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SSFS
[   94.499119][ T4520] chnl_net:caif_netlink_parms(): no params data found
[   94.585301][ T4520] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.587457][ T4520] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.590090][ T4520] device bridge_slave_0 entered promiscuous mode
[   94.593729][ T4520] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.596265][ T4520] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.598884][ T4520] device bridge_slave_1 entered promiscuous mode
[   94.615340][ T4520] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.619864][ T4520] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.635931][ T4520] team0: Port device team_slave_0 added
[   94.639397][ T4520] team0: Port device team_slave_1 added
[   94.653555][ T4520] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.656000][ T4520] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.663372][ T4520] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.668266][ T4520] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.670291][ T4520] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.678986][ T4520] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.757839][ T4520] device hsr_slave_0 entered promiscuous mode
[   94.837557][ T4520] device hsr_slave_1 entered promiscuous mode
[   95.665588][ T4520] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   95.706413][ T4520] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   95.736435][ T4520] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   95.768580][ T4520] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   95.869888][ T4520] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.878288][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   95.881014][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   95.886265][ T4520] 8021q: adding VLAN 0 to HW filter on device team0
[   95.893210][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   95.896386][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   95.899027][  T148] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.900943][  T148] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.905015][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   95.907558][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   95.910299][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   95.913182][  T148] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.915165][  T148] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.930562][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   95.935341][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   95.938504][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   95.942044][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   95.945438][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   95.948323][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   95.951100][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   95.961060][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   95.964080][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   95.967689][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   95.970469][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   95.992240][ T4520] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   96.087281][ T4520] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.090960][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   96.093218][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   96.108633][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   96.111488][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   96.126114][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   96.128812][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   96.131876][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   96.135334][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   96.140294][ T4520] device veth0_vlan entered promiscuous mode
[   96.149811][ T4520] device veth1_vlan entered promiscuous mode
[   96.168589][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   96.171345][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   96.173951][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   96.178350][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   96.183349][ T4520] device veth0_macvtap entered promiscuous mode
[   96.189250][ T4520] device veth1_macvtap entered promiscuous mode
[   96.217768][ T4520] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.223122][ T4520] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.226919][ T1673] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   96.229612][ T1673] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   96.232784][ T1673] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   96.235744][ T1673] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   96.238599][ T1673] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   96.241414][ T1673] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   96.249147][ T4520] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.251627][ T4520] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.253970][ T4520] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.257714][ T4520] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.995014][  T148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.997469][  T148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.000849][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   97.020759][  T148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.023127][  T148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.028167][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
1970/01/01 00:01:37 executed programs: 0
[   98.088131][ T4703] chnl_net:caif_netlink_parms(): no params data found
[   98.171502][ T4703] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.175213][ T4703] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.178052][ T4703] device bridge_slave_0 entered promiscuous mode
[   98.195596][ T4703] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.197708][ T4703] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.200556][ T4703] device bridge_slave_1 entered promiscuous mode
[   98.245041][ T4703] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   98.249910][ T4703] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   98.286291][ T4703] team0: Port device team_slave_0 added
[   98.290513][ T4703] team0: Port device team_slave_1 added
[   98.330970][ T4703] batman_adv: batadv0: Adding interface: batadv_slave_0
[   98.333043][ T4703] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   98.348485][ T4703] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   98.356287][ T4703] batman_adv: batadv0: Adding interface: batadv_slave_1
[   98.358213][ T4703] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   98.374529][ T4703] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   98.456711][ T4703] device hsr_slave_0 entered promiscuous mode
[   98.487438][ T4703] device hsr_slave_1 entered promiscuous mode
[   98.515005][ T4703] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   98.517113][ T4703] Cannot create hsr debugfs directory
[   98.642435][ T4703] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.774966][ T4150] Bluetooth: hci0: command 0x0409 tx timeout
[  101.854525][ T4150] Bluetooth: hci0: command 0x041b tx timeout
[  101.933028][ T4703] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.982940][ T4703] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.032898][ T4703] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.182055][ T4703] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  102.207731][ T4703] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  102.267468][ T4703] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  102.316997][ T4703] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  102.407389][ T4703] 8021q: adding VLAN 0 to HW filter on device bond0
[  102.417025][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  102.419766][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  102.425653][ T4703] 8021q: adding VLAN 0 to HW filter on device team0
[  102.430347][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  102.433226][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  102.436582][  T148] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.438504][  T148] bridge0: port 1(bridge_slave_0) entered forwarding state
[  102.440891][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  102.446135][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  102.449050][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  102.451649][  T148] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.453519][  T148] bridge0: port 2(bridge_slave_1) entered forwarding state
[  102.461693][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  102.468576][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  102.473956][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  102.481538][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  102.484882][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  102.525992][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  102.529499][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  102.532370][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  102.536888][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  102.539646][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  102.542321][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  102.548007][ T4703] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  102.643283][ T4703] 8021q: adding VLAN 0 to HW filter on device batadv0
[  102.647395][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  102.649679][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  102.669816][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  102.672829][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  102.688681][ T4703] device veth0_vlan entered promiscuous mode
[  102.690897][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  102.693727][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  102.697793][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  102.700349][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  102.731076][ T4703] device veth1_vlan entered promiscuous mode
[  102.748480][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  102.751133][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  102.753919][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  102.757300][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  102.762144][ T4703] device veth0_macvtap entered promiscuous mode
[  102.768218][ T4703] device veth1_macvtap entered promiscuous mode
[  102.778655][ T4703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  102.781635][ T4703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  102.785456][ T4703] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.787665][ T1673] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  102.790291][ T1673] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  102.793042][ T1673] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  102.796553][ T1673] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  102.801966][ T4703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  102.806421][ T4703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  102.810673][ T4703] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.812820][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  102.815922][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  102.821091][ T4703] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.823582][ T4703] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.827069][ T4703] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.829595][ T4703] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.868363][ T1673] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.870526][ T1673] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.873640][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  102.892227][  T148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.895270][  T148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.898397][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
1970/01/01 00:01:42 executed programs: 2
[  103.153703][ T4926] loop0: detected capacity change from 0 to 32768
[  103.173900][ T4926] ==================================================================
[  103.176419][ T4926] BUG: KASAN: slab-out-of-bounds in dtReadFirst+0x3f4/0x78c
[  103.178392][ T4926] Read of size 4 at addr ffff0000ee06b710 by task syz.0.16/4926
[  103.180448][ T4926] 
[  103.181068][ T4926] CPU: 0 PID: 4926 Comm: syz.0.16 Not tainted 5.15.189-syzkaller #0
[  103.183315][ T4926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  103.186081][ T4926] Call trace:
[  103.186998][ T4926]  dump_backtrace+0x0/0x43c
[  103.188232][ T4926]  show_stack+0x2c/0x3c
[  103.189347][ T4926]  __dump_stack+0x30/0x40
[  103.190509][ T4926]  dump_stack_lvl+0xf8/0x160
[  103.191803][ T4926]  print_address_description+0x78/0x30c
[  103.193359][ T4926]  kasan_report+0xec/0x15c
[  103.194684][ T4926]  __asan_report_load4_noabort+0x44/0x50
[  103.196229][ T4926]  dtReadFirst+0x3f4/0x78c
[  103.197447][ T4926]  jfs_readdir+0x624/0x3070
[  103.198678][ T4926]  iterate_dir+0x1f0/0x4cc
[  103.199896][ T4926]  __arm64_sys_getdents64+0x11c/0x340
[  103.201363][ T4926]  invoke_syscall+0x98/0x2b8
[  103.202607][ T4926]  el0_svc_common+0x138/0x258
[  103.203901][ T4926]  do_el0_svc+0x58/0x14c
[  103.205036][ T4926]  el0_svc+0x78/0x1e0
[  103.206144][ T4926]  el0t_64_sync_handler+0xcc/0xe4
[  103.207569][ T4926]  el0t_64_sync+0x1a0/0x1a4
[  103.208803][ T4926] 
[  103.209453][ T4926] Allocated by task 4926:
[  103.210695][ T4926]  __kasan_slab_alloc+0x8c/0xcc
[  103.212071][ T4926]  slab_post_alloc_hook+0x74/0x408
[  103.213491][ T4926]  kmem_cache_alloc+0x1e0/0x3e4
[  103.214868][ T4926]  jfs_alloc_inode+0x24/0x60
[  103.216109][ T4926]  new_inode_pseudo+0x68/0x1fc
[  103.217355][ T4926]  new_inode+0x38/0x174
[  103.218619][ T4926]  ialloc+0x54/0x7a4
[  103.219732][ T4926]  jfs_create+0x170/0x8c4
[  103.220946][ T4926]  path_openat+0x1144/0x26e4
[  103.222192][ T4926]  do_filp_open+0x164/0x330
[  103.223499][ T4926]  do_sys_openat2+0x128/0x3d8
[  103.224839][ T4926]  __arm64_sys_openat+0x120/0x154
[  103.226259][ T4926]  invoke_syscall+0x98/0x2b8
[  103.227664][ T4926]  el0_svc_common+0x138/0x258
[  103.229057][ T4926]  do_el0_svc+0x58/0x14c
[  103.230212][ T4926]  el0_svc+0x78/0x1e0
[  103.231359][ T4926]  el0t_64_sync_handler+0xcc/0xe4
[  103.232820][ T4926]  el0t_64_sync+0x1a0/0x1a4
[  103.234114][ T4926] 
[  103.234717][ T4926] The buggy address belongs to the object at ffff0000ee06ae40
[  103.234717][ T4926]  which belongs to the cache jfs_ip of size 2240
[  103.238591][ T4926] The buggy address is located 16 bytes to the right of
[  103.238591][ T4926]  2240-byte region [ffff0000ee06ae40, ffff0000ee06b700)
[  103.242307][ T4926] The buggy address belongs to the page:
[  103.243860][ T4926] page:0000000057534bf1 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12e068
[  103.246716][ T4926] head:0000000057534bf1 order:3 compound_mapcount:0 compound_pincount:0
[  103.249180][ T4926] memcg:ffff0000d3708601
[  103.250337][ T4926] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[  103.252518][ T4926] raw: 05ffc00000010200 0000000000000000 dead000000000122 ffff0000c6a72000
[  103.254916][ T4926] raw: 0000000000000000 00000000800d000d 00000001ffffffff ffff0000d3708601
[  103.257345][ T4926] page dumped because: kasan: bad access detected
[  103.259087][ T4926] 
[  103.259704][ T4926] Memory state around the buggy address:
[  103.261295][ T4926]  ffff0000ee06b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  103.263489][ T4926]  ffff0000ee06b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  103.265697][ T4926] >ffff0000ee06b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  103.268036][ T4926]                          ^
[  103.269454][ T4926]  ffff0000ee06b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  103.271752][ T4926]  ffff0000ee06b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  103.273972][ T4926] ==================================================================
[  103.276161][ T4926] Disabling lock debugging due to kernel taint
[  103.279596][ T4926] ERROR: (device loop0): dtReadFirst: btstack overrun
[  103.279596][ T4926] 
[  103.282404][ T4926] ERROR: (device loop0): remounting filesystem as read-only
[  103.284614][ T4926] btstack dump:
[  103.285535][ T4926] bn = 0, index = 0
[  103.286480][ T4926] bn = 0, index = 0
[  103.287529][ T4926] bn = 0, index = 0
[  103.288554][ T4926] bn = 0, index = 0
[  103.289574][ T4926] bn = 0, index = 0
[  103.290510][ T4926] bn = 0, index = 0
[  103.291573][ T4926] bn = 0, index = 0
[  103.292636][ T4926] bn = 0, index = 0
[  103.796909][ T4928] loop0: detected capacity change from 0 to 32768
[  103.845385][ T4928] ERROR: (device loop0): dtReadFirst: btstack overrun
[  103.845385][ T4928] 
[  103.848040][ T4928] ERROR: (device loop0): remounting filesystem as read-only
[  103.850070][ T4928] btstack dump:
[  103.851113][ T4928] bn = 0, index = 0
[  103.852137][ T4928] bn = 0, index = 0
[  103.853083][ T4928] bn = 0, index = 0
[  103.854077][ T4928] bn = 0, index = 0
[  103.856192][ T4928] bn = 0, index = 0
[  103.857284][ T4928] bn = 0, index = 0
[  103.858485][ T4928] bn = 0, index = 0
[  103.859549][ T4928] bn = 0, index = 0
[  103.934504][ T4147] Bluetooth: hci0: command 0x040f tx timeout
[  104.368506][ T4930] loop0: detected capacity change from 0 to 32768
[  104.418190][ T4930] MetaData crosses page boundary!!
[  104.419754][ T4930] lblock = 11ffff8000, size  = 440139776
[  104.421365][ T4930] CPU: 0 PID: 4930 Comm: syz.0.18 Tainted: G    B             5.15.189-syzkaller #0
[  104.424007][ T4930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  104.426750][ T4930] Call trace:
[  104.427648][ T4930]  dump_backtrace+0x0/0x43c
[  104.428915][ T4930]  show_stack+0x2c/0x3c
[  104.430027][ T4930]  __dump_stack+0x30/0x40
[  104.431287][ T4930]  dump_stack_lvl+0xf8/0x160
[  104.432569][ T4930]  dump_stack+0x1c/0x5c
[  104.433692][ T4930]  __get_metapage+0xac8/0x10a0
[  104.434967][ T4930]  dtReadFirst+0xcc/0x78c
[  104.436189][ T4930]  jfs_readdir+0x624/0x3070
[  104.437369][ T4930]  iterate_dir+0x1f0/0x4cc
[  104.438559][ T4930]  __arm64_sys_getdents64+0x11c/0x340
[  104.440072][ T4930]  invoke_syscall+0x98/0x2b8
[  104.441452][ T4930]  el0_svc_common+0x138/0x258
[  104.442727][ T4930]  do_el0_svc+0x58/0x14c
[  104.443846][ T4930]  el0_svc+0x78/0x1e0
[  104.444943][ T4930]  el0t_64_sync_handler+0xcc/0xe4
[  104.446336][ T4930]  el0t_64_sync+0x1a0/0x1a4
[  104.448001][ T4930] bread failed!
[  104.603413][ T4932] loop0: detected capacity change from 0 to 32768
[  104.667652][ T4932] ERROR: (device loop0): dtReadFirst: btstack overrun
[  104.667652][ T4932] 
[  104.670344][ T4932] ERROR: (device loop0): remounting filesystem as read-only
[  104.672578][ T4932] btstack dump:
[  104.673612][ T4932] bn = 0, index = 0
[  104.675115][ T4932] bn = 0, index = 0
[  104.676353][ T4932] bn = 0, index = 0
[  104.677496][ T4932] bn = 0, index = 0
[  104.678532][ T4932] bn = 0, index = 0
[  104.679533][ T4932] bn = 0, index = 0
[  104.680611][ T4932] bn = 0, index = 0
[  104.681645][ T4932] bn = 0, index = 0
[  105.105951][ T1628] device hsr_slave_0 left promiscuous mode
[  105.126876][ T1628] device hsr_slave_1 left promiscuous mode
[  105.183272][ T4934] loop0: detected capacity change from 0 to 32768
[  105.214614][ T1628] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  105.216912][ T1628] batman_adv: batadv0: Removing interface: batadv_slave_0
[  105.219365][ T1628] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  105.221497][ T1628] batman_adv: batadv0: Removing interface: batadv_slave_1
[  105.223910][ T1628] device bridge_slave_1 left promiscuous mode
[  105.225987][ T1628] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.245741][ T4934] ERROR: (device loop0): dtReadFirst: btstack overrun
[  105.245741][ T4934] 
[  105.248545][ T4934] ERROR: (device loop0): remounting filesystem as read-only
[  105.250718][ T4934] btstack dump:
[  105.251627][ T4934] bn = 0, index = 0
[  105.252660][ T4934] bn = 0, index = 0
[  105.253685][ T4934] bn = 0, index = 0
[  105.255462][ T4934] bn = 0, index = 0
[  105.256523][ T4934] bn = 0, index = 0
[  105.257529][ T4934] bn = 0, index = 0
[  105.258566][ T4934] bn = 0, index = 0
[  105.259625][ T4934] bn = 0, index = 0
[  105.267352][ T1628] device bridge_slave_0 left promiscuous mode
[  105.269182][ T1628] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.384788][ T1628] device veth1_macvtap left promiscuous mode
[  105.386504][ T1628] device veth0_macvtap left promiscuous mode
[  105.388171][ T1628] device veth1_vlan left promiscuous mode
[  105.389758][ T1628] device veth0_vlan left promiscuous mode
[  105.564621][ T1628] team0 (unregistering): Port device team_slave_1 removed
[  105.571476][ T1628] team0 (unregistering): Port device team_slave_0 removed
[  105.594218][ T1628] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  105.636467][ T1628] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  105.749974][ T1628] bond0 (unregistering): Released all slaves
[  105.768897][ T4937] loop0: detected capacity change from 0 to 32768
[  105.814343][ T4937] ERROR: (device loop0): dtReadFirst: btstack overrun
[  105.814343][ T4937] 
[  105.817250][ T4937] ERROR: (device loop0): remounting filesystem as read-only
[  105.819391][ T4937] btstack dump:
[  105.820360][ T4937] bn = 0, index = 0
[  105.821512][ T4937] bn = 0, index = 0
[  105.822647][ T4937] bn = 0, index = 0
[  105.823746][ T4937] bn = 0, index = 0
[  105.825975][ T4937] bn = 0, index = 0
[  105.827096][ T4937] bn = 0, index = 0
[  105.828180][ T4937] bn = 0, index = 0
[  105.829261][ T4937] bn = 0, index = 0
[  106.014474][ T4150] Bluetooth: hci0: command 0x0419 tx timeout
[  106.334704][ T4939] loop0: detected capacity change from 0 to 32768
[  106.397604][ T4939] ERROR: (device loop0): dtReadFirst: btstack overrun
[  106.397604][ T4939] 
[  106.400313][ T4939] ERROR: (device loop0): remounting filesystem as read-only
[  106.402348][ T4939] btstack dump:
[  106.403249][ T4939] bn = 0, index = 0
[  106.404227][ T4939] bn = 0, index = 0
[  106.405935][ T4939] bn = 0, index = 0
[  106.406957][ T4939] bn = 0, index = 0
[  106.407931][ T4939] bn = 0, index = 0
[  106.408968][ T4939] bn = 0, index = 0
[  106.410075][ T4939] bn = 0, index = 0
[  106.411112][ T4939] bn = 0, index = 0
[  106.942819][ T4941] loop0: detected capacity change from 0 to 32768
[  106.998400][ T4941] ERROR: (device loop0): dtReadFirst: btstack overrun
[  106.998400][ T4941] 
[  107.001395][ T4941] ERROR: (device loop0): remounting filesystem as read-only
[  107.003433][ T4941] btstack dump:
[  107.004849][ T4941] bn = 0, index = 0
[  107.005970][ T4941] bn = 0, index = 0
[  107.007009][ T4941] bn = 0, index = 0
[  107.008013][ T4941] bn = 0, index = 0
[  107.009060][ T4941] bn = 0, index = 0
[  107.010097][ T4941] bn = 0, index = 0
[  107.011100][ T4941] bn = 0, index = 0
[  107.012207][ T4941] bn = 0, index = 0
[  107.510080][ T4943] loop0: detected capacity change from 0 to 32768
[  107.578078][ T4943] ERROR: (device loop0): dtReadFirst: btstack overrun
[  107.578078][ T4943] 
[  107.585473][ T4943] ERROR: (device loop0): remounting filesystem as read-only
[  107.587421][ T4943] btstack dump:
[  107.588357][ T4943] bn = 0, index = 0
[  107.589455][ T4943] bn = 0, index = 0
[  107.590495][ T4943] bn = 0, index = 0
[  107.591467][ T4943] bn = 0, index = 0
[  107.592503][ T4943] bn = 0, index = 0
[  107.593545][ T4943] bn = 0, index = 0
[  107.604073][ T4943] bn = 0, index = 0
[  107.605510][ T4943] bn = 0, index = 0
[  108.127872][ T4945] loop0: detected capacity change from 0 to 32768
[  108.188413][ T4945] ERROR: (device loop0): dtReadFirst: btstack overrun
[  108.188413][ T4945] 
[  108.191226][ T4945] ERROR: (device loop0): remounting filesystem as read-only
[  108.193209][ T4945] btstack dump:
[  108.194146][ T4945] bn = 0, index = 0
[  108.195588][ T4945] bn = 0, index = 0
[  108.196624][ T4945] bn = 0, index = 0
[  108.197654][ T4945] bn = 0, index = 0
[  108.198625][ T4945] bn = 0, index = 0
[  108.199707][ T4945] bn = 0, index = 0
[  108.200812][ T4945] bn = 0, index = 0
[  108.201816][ T4945] bn = 0, index = 0
1970/01/01 00:01:48 executed programs: 12
[  108.693186][ T4947] loop0: detected capacity change from 0 to 32768
[  108.745449][ T4947] ERROR: (device loop0): dtReadFirst: btstack overrun
[  108.745449][ T4947] 
[  108.748205][ T4947] ERROR: (device loop0): remounting filesystem as read-only
[  108.750343][ T4947] btstack dump:
[  108.751306][ T4947] bn = 0, index = 0
[  108.752332][ T4947] bn = 0, index = 0
[  108.753385][ T4947] bn = 0, index = 0
[  108.755236][ T4947] bn = 0, index = 0
[  108.756378][ T4947] bn = 0, index = 0
[  108.757373][ T4947] bn = 0, index = 0
[  108.758451][ T4947] bn = 0, index = 0
[  108.759500][ T4947] bn = 0, index = 0
[  109.008449][ T4949] loop0: detected capacity change from 0 to 32768
[  109.076366][ T4949] ERROR: (device loop0): dtReadFirst: btstack overrun
[  109.076366][ T4949] 
[  109.079014][ T4949] ERROR: (device loop0): remounting filesystem as read-only
[  109.081139][ T4949] btstack dump:
[  109.082055][ T4949] bn = 0, index = 0
[  109.083138][ T4949] bn = 0, index = 0
[  109.084174][ T4949] bn = 0, index = 0
[  109.085306][ T4949] bn = 0, index = 0
[  109.086333][ T4949] bn = 0, index = 0
[  109.087367][ T4949] bn = 0, index = 0
[  109.088421][ T4949] bn = 0, index = 0
[  109.089524][ T4949] bn = 0, index = 0
[  109.250094][ T4951] loop0: detected capacity change from 0 to 32768
[  109.264701][ T4951] ERROR: (device loop0): dtReadFirst: btstack overrun
[  109.264701][ T4951] 
[  109.267347][ T4951] ERROR: (device loop0): remounting filesystem as read-only
[  109.269340][ T4951] btstack dump:
[  109.270432][ T4951] bn = 0, index = 0
[  109.271443][ T4951] bn = 0, index = 0
[  109.272453][ T4951] bn = 0, index = 0
[  109.273480][ T4951] bn = 0, index = 0
[  109.275268][ T4951] bn = 0, index = 0
[  109.276386][ T4951] bn = 0, index = 0
[  109.277401][ T4951] bn = 0, index = 0
[  109.278460][ T4951] bn = 0, index = 0
[  109.774292][ T4953] loop0: detected capacity change from 0 to 32768
[  109.837987][ T4953] ERROR: (device loop0): dtReadFirst: btstack overrun
[  109.837987][ T4953] 
[  109.840595][ T4953] ERROR: (device loop0): remounting filesystem as read-only
[  109.842709][ T4953] btstack dump:
[  109.843731][ T4953] bn = 0, index = 0
[  109.845327][ T4953] bn = 0, index = 0
[  109.846378][ T4953] bn = 0, index = 0
[  109.847449][ T4953] bn = 0, index = 0
[  109.848499][ T4953] bn = 0, index = 0
[  109.849589][ T4953] bn = 0, index = 0
[  109.850603][ T4953] bn = 0, index = 0
[  109.851656][ T4953] bn = 0, index = 0
[  110.006259][ T4955] loop0: detected capacity change from 0 to 32768
[  110.054211][ T4955] ERROR: (device loop0): dtReadFirst: btstack overrun
[  110.054211][ T4955] 
[  110.057605][ T4955] ERROR: (device loop0): remounting filesystem as read-only
[  110.059665][ T4955] btstack dump:
[  110.060651][ T4955] bn = 0, index = 0
[  110.061670][ T4955] bn = 0, index = 0
[  110.062660][ T4955] bn = 0, index = 0
[  110.063759][ T4955] bn = 0, index = 0
[  110.065132][ T4955] bn = 0, index = 0
[  110.066189][ T4955] bn = 0, index = 0
[  110.067248][ T4955] bn = 0, index = 0
[  110.068275][ T4955] bn = 0, index = 0
[  110.225897][ T4957] loop0: detected capacity change from 0 to 32768
[  110.265544][ T4957] ERROR: (device loop0): dtReadFirst: btstack overrun
[  110.265544][ T4957] 
[  110.268340][ T4957] ERROR: (device loop0): remounting filesystem as read-only
[  110.270484][ T4957] btstack dump:
[  110.271516][ T4957] bn = 0, index = 0
[  110.272665][ T4957] bn = 0, index = 0
[  110.273833][ T4957] bn = 0, index = 0
[  110.276037][ T4957] bn = 0, index = 0
[  110.277077][ T4957] bn = 0, index = 0
[  110.278092][ T4957] bn = 0, index = 0
[  110.279218][ T4957] bn = 0, index = 0
[  110.280314][ T4957] bn = 0, index = 0
[  110.442136][ T4959] loop0: detected capacity change from 0 to 32768
[  110.456370][ T4959] ERROR: (device loop0): dtReadFirst: btstack overrun
[  110.456370][ T4959] 
[  110.459219][ T4959] ERROR: (device loop0): remounting filesystem as read-only
[  110.461471][ T4959] btstack dump:
[  110.462529][ T4959] bn = 0, index = 0
[  110.463685][ T4959] bn = 0, index = 0
[  110.465271][ T4959] bn = 0, index = 0
[  110.466283][ T4959] bn = 0, index = 0
[  110.467265][ T4959] bn = 0, index = 0
[  110.468279][ T4959] bn = 0, index = 0
[  110.469304][ T4959] bn = 0, index = 0
[  110.470278][ T4959] bn = 0, index = 0
[  110.965168][ T4961] loop0: detected capacity change from 0 to 32768
[  111.015577][ T4961] ERROR: (device loop0): dtReadFirst: btstack overrun
[  111.015577][ T4961] 
[  111.018472][ T4961] ERROR: (device loop0): remounting filesystem as read-only
[  111.020460][ T4961] btstack dump:
[  111.021548][ T4961] bn = 0, index = 0
[  111.022534][ T4961] bn = 0, index = 0
[  111.023529][ T4961] bn = 0, index = 0
[  111.025247][ T4961] bn = 0, index = 0
[  111.026590][ T4961] bn = 0, index = 0
[  111.027668][ T4961] bn = 0, index = 0
[  111.028681][ T4961] bn = 0, index = 0
[  111.029728][ T4961] bn = 0, index = 0
[  111.202032][ T4963] loop0: detected capacity change from 0 to 32768
[  111.246102][ T4963] ERROR: (device loop0): dtReadFirst: btstack overrun
[  111.246102][ T4963] 
[  111.248750][ T4963] ERROR: (device loop0): remounting filesystem as read-only
[  111.250809][ T4963] btstack dump:
[  111.251782][ T4963] bn = 0, index = 0
[  111.252817][ T4963] bn = 0, index = 0
[  111.253886][ T4963] bn = 0, index = 0
[  111.255516][ T4963] bn = 0, index = 0
[  111.256557][ T4963] bn = 0, index = 0
[  111.257675][ T4963] bn = 0, index = 0
[  111.258667][ T4963] bn = 0, index = 0
[  111.259670][ T4963] bn = 0, index = 0
[  111.757512][ T4965] loop0: detected capacity change from 0 to 32768
[  111.824306][ T4965] ERROR: (device loop0): dtReadFirst: btstack overrun
[  111.824306][ T4965] 
[  111.827256][ T4965] ERROR: (device loop0): remounting filesystem as read-only
[  111.829523][ T4965] btstack dump:
[  111.830569][ T4965] bn = 0, index = 0
[  111.831665][ T4965] bn = 0, index = 0
[  111.832656][ T4965] bn = 0, index = 0
[  111.833684][ T4965] bn = 0, index = 0
[  111.835732][ T4965] bn = 0, index = 0
[  111.836805][ T4965] bn = 0, index = 0
[  111.837824][ T4965] bn = 0, index = 0
[  111.838879][ T4965] bn = 0, index = 0
[  112.346967][ T4967] loop0: detected capacity change from 0 to 32768
[  112.386627][ T4967] ERROR: (device loop0): dtReadFirst: btstack overrun
[  112.386627][ T4967] 
[  112.389368][ T4967] ERROR: (device loop0): remounting filesystem as read-only
[  112.391463][ T4967] btstack dump:
[  112.392405][ T4967] bn = 0, index = 0
[  112.393463][ T4967] bn = 0, index = 0
[  112.394509][ T4967] bn = 0, index = 0
[  112.395688][ T4967] bn = 0, index = 0
[  112.396764][ T4967] bn = 0, index = 0
[  112.397895][ T4967] bn = 0, index = 0
[  112.398960][ T4967] bn = 0, index = 0
[  112.400004][ T4967] bn = 0, index = 0
[  112.558292][ T4969] loop0: detected capacity change from 0 to 32768
[  112.614295][ T4969] ERROR: (device loop0): dtReadFirst: btstack overrun
[  112.614295][ T4969] 
[  112.617177][ T4969] ERROR: (device loop0): remounting filesystem as read-only
[  112.619279][ T4969] btstack dump:
[  112.620170][ T4969] bn = 0, index = 0
[  112.621322][ T4969] bn = 0, index = 0
[  112.622372][ T4969] bn = 0, index = 0
[  112.623456][ T4969] bn = 0, index = 0
[  112.624938][ T4969] bn = 0, index = 0
[  112.626001][ T4969] bn = 0, index = 0
[  112.627008][ T4969] bn = 0, index = 0
[  112.628064][ T4969] bn = 0, index = 0
[  113.122588][ T4971] loop0: detected capacity change from 0 to 32768