Warning: Permanently added '10.128.1.3' (ED25519) to the list of known hosts.
2026/05/17 06:43:45 parsed 1 programs
[ 66.096080][ T4199] cgroup: Unknown subsys name 'net'
[ 66.243214][ T4199] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 67.727925][ T4199] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 69.126053][ T4211] chnl_net:caif_netlink_parms(): no params data found
[ 69.168837][ T4211] bridge0: port 1(bridge_slave_0) entered blocking state
[ 69.176312][ T4211] bridge0: port 1(bridge_slave_0) entered disabled state
[ 69.184806][ T4211] device bridge_slave_0 entered promiscuous mode
[ 69.193847][ T4211] bridge0: port 2(bridge_slave_1) entered blocking state
[ 69.201208][ T4211] bridge0: port 2(bridge_slave_1) entered disabled state
[ 69.209086][ T4211] device bridge_slave_1 entered promiscuous mode
[ 69.228797][ T4211] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 69.240547][ T4211] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 69.261241][ T4211] team0: Port device team_slave_0 added
[ 69.268868][ T4211] team0: Port device team_slave_1 added
[ 69.284825][ T4211] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 69.291817][ T4211] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 69.317860][ T4211] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 69.330443][ T4211] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 69.337462][ T4211] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 69.363996][ T4211] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 69.393228][ T4211] device hsr_slave_0 entered promiscuous mode
[ 69.400589][ T4211] device hsr_slave_1 entered promiscuous mode
[ 69.501246][ T4211] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 69.512931][ T4211] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 69.522729][ T4211] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 69.531742][ T4211] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 69.554300][ T4211] bridge0: port 2(bridge_slave_1) entered blocking state
[ 69.561608][ T4211] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 69.569607][ T4211] bridge0: port 1(bridge_slave_0) entered blocking state
[ 69.576878][ T4211] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 69.619268][ T4211] 8021q: adding VLAN 0 to HW filter on device bond0
[ 69.632529][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 69.642053][ T144] bridge0: port 1(bridge_slave_0) entered disabled state
[ 69.651344][ T144] bridge0: port 2(bridge_slave_1) entered disabled state
[ 69.659276][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 69.673084][ T4211] 8021q: adding VLAN 0 to HW filter on device team0
[ 69.683779][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 69.692181][ T144] bridge0: port 1(bridge_slave_0) entered blocking state
[ 69.699277][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 69.719885][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 69.729200][ T144] bridge0: port 2(bridge_slave_1) entered blocking state
[ 69.736479][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 69.745751][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 69.754858][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 69.770276][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 69.781813][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 69.794226][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 69.806655][ T4211] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 69.890402][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 69.898459][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 69.912246][ T4211] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 69.930547][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 69.950307][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 69.959370][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 69.968331][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 69.976868][ T4211] device veth0_vlan entered promiscuous mode
[ 69.988579][ T4211] device veth1_vlan entered promiscuous mode
[ 70.008476][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 70.016740][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 70.025830][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 70.037013][ T4211] device veth0_macvtap entered promiscuous mode
[ 70.048369][ T4211] device veth1_macvtap entered promiscuous mode
[ 70.065285][ T4211] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 70.072925][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 70.083121][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 70.094150][ T4211] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 70.102374][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 70.113377][ T4211] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 70.122643][ T4211] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 70.131686][ T4211] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 70.142337][ T4211] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 70.265036][ T4211] syz-executor (4211) used greatest stack depth: 20112 bytes left
[ 70.283341][ T144] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 71.459529][ T1431] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.466228][ T1431] ieee802154 phy1 wpan1: encryption failed: -22
[ 72.933426][ T144] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 75.551587][ T144] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 75.593972][ T144] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 76.378825][ T144] device hsr_slave_0 left promiscuous mode
[ 76.385753][ T144] device hsr_slave_1 left promiscuous mode
[ 76.396218][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 76.405047][ T144] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 76.414977][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 76.423985][ T144] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 76.431877][ T144] device bridge_slave_1 left promiscuous mode
[ 76.440507][ T144] bridge0: port 2(bridge_slave_1) entered disabled state
[ 76.455796][ T144] device bridge_slave_0 left promiscuous mode
[ 76.464916][ T144] bridge0: port 1(bridge_slave_0) entered disabled state
[ 76.489479][ T144] device veth1_macvtap left promiscuous mode
[ 76.495899][ T144] device veth0_macvtap left promiscuous mode
[ 76.504203][ T144] device veth1_vlan left promiscuous mode
[ 76.510594][ T144] device veth0_vlan left promiscuous mode
[ 76.651957][ T144] team0 (unregistering): Port device team_slave_1 removed
[ 76.664169][ T144] team0 (unregistering): Port device team_slave_0 removed
[ 76.676541][ T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 76.692073][ T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 76.745880][ T144] bond0 (unregistering): Released all slaves
[ 78.719913][ T3053] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 78.735110][ T3053] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 78.760216][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 78.795777][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 78.811493][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 78.836021][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 79.314493][ T144] ODEBUG: Out of memory. ODEBUG disabled
2026/05/17 06:44:01 executed programs: 0
[ 80.457643][ T4436] chnl_net:caif_netlink_parms(): no params data found
[ 80.535917][ T4436] bridge0: port 1(bridge_slave_0) entered blocking state
[ 80.544561][ T4436] bridge0: port 1(bridge_slave_0) entered disabled state
[ 80.554306][ T4436] device bridge_slave_0 entered promiscuous mode
[ 80.564023][ T4436] bridge0: port 2(bridge_slave_1) entered blocking state
[ 80.571423][ T4436] bridge0: port 2(bridge_slave_1) entered disabled state
[ 80.579759][ T4436] device bridge_slave_1 entered promiscuous mode
[ 80.635091][ T4436] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 80.649126][ T4436] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 80.709457][ T4436] team0: Port device team_slave_0 added
[ 80.719048][ T4436] team0: Port device team_slave_1 added
[ 80.736713][ T4436] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 80.743955][ T4436] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 80.771092][ T4436] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 80.785082][ T4436] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 80.792179][ T4436] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 80.818463][ T4436] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 80.861030][ T4436] device hsr_slave_0 entered promiscuous mode
[ 80.868246][ T4436] device hsr_slave_1 entered promiscuous mode
[ 81.415530][ T4436] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 81.426338][ T4436] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 81.437441][ T4436] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 81.503797][ T4436] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 81.607732][ T4436] 8021q: adding VLAN 0 to HW filter on device bond0
[ 81.631614][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 81.645969][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 81.667890][ T4436] 8021q: adding VLAN 0 to HW filter on device team0
[ 81.684401][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 81.707972][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 81.716475][ T3053] bridge0: port 1(bridge_slave_0) entered blocking state
[ 81.723617][ T3053] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 81.740967][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 81.760328][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 81.777793][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 81.797266][ T3053] bridge0: port 2(bridge_slave_1) entered blocking state
[ 81.804453][ T3053] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 81.842557][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 81.860344][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 81.888111][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 81.907986][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 81.917749][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 81.930089][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 81.939166][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 81.963955][ T4436] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 81.988479][ T4436] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 82.015266][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 82.026559][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 82.050442][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 82.067866][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 82.084597][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 82.216656][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 82.225007][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 82.252686][ T4436] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 82.295578][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 82.305352][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 82.327781][ T1111] Bluetooth: hci0: command 0x0409 tx timeout
[ 82.328321][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 82.344792][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 82.356011][ T4436] device veth0_vlan entered promiscuous mode
[ 82.368157][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 82.389044][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 82.404141][ T4436] device veth1_vlan entered promiscuous mode
[ 82.435210][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 82.444823][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 82.453715][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 82.462942][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 82.474784][ T4436] device veth0_macvtap entered promiscuous mode
[ 82.484691][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 82.495555][ T4436] device veth1_macvtap entered promiscuous mode
[ 82.517685][ T4436] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 82.529217][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 82.539588][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 82.556484][ T4436] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 82.578152][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 82.589402][ T3053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 82.619659][ T4436] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.649084][ T4436] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.668368][ T4436] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.684237][ T4436] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 82.833771][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 82.843150][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 82.892921][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 82.947145][ T4507] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 82.955186][ T4507] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 82.975289][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 83.119518][ T4516] loop0: detected capacity change from 0 to 1024
[ 83.187622][ T4516] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[ 83.208235][ T4516] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 83.267323][ T4516] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[ 83.276059][ T4516] System zones: 0-1, 3-36
[ 83.301715][ T4516] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,bsddf,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[ 83.569979][ T4529] loop0: detected capacity change from 0 to 1024
[ 83.587974][ T4529] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[ 83.595432][ T4529] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 83.635314][ T4529] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[ 83.656042][ T4529] System zones: 0-1, 3-36
[ 83.678115][ T4529] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,bsddf,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[ 83.780661][ T4529] ==================================================================
[ 83.789100][ T4529] BUG: KASAN: use-after-free in ext4_get_inode_usage+0x401/0x5b0
[ 83.797042][ T4529] Read of size 4 at addr ffff88801fe9c070 by task syz.0.18/4529
[ 83.804706][ T4529]
[ 83.807057][ T4529] CPU: 1 PID: 4529 Comm: syz.0.18 Not tainted syzkaller #0
[ 83.814288][ T4529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 83.824646][ T4529] Call Trace:
[ 83.827961][ T4529]
[ 83.830926][ T4529] dump_stack_lvl+0x188/0x250
[ 83.835725][ T4529] ? show_regs_print_info+0x20/0x20
[ 83.840966][ T4529] ? load_image+0x400/0x400
[ 83.845512][ T4529] ? _raw_spin_lock_irqsave+0xbc/0x100
[ 83.851011][ T4529] print_address_description+0x60/0x2d0
[ 83.856620][ T4529] ? ext4_get_inode_usage+0x401/0x5b0
[ 83.862130][ T4529] kasan_report+0xdf/0x130
[ 83.866592][ T4529] ? ext4_get_inode_usage+0x401/0x5b0
[ 83.872193][ T4529] ext4_get_inode_usage+0x401/0x5b0
[ 83.877432][ T4529] ? ext4_listxattr+0xc50/0xc50
[ 83.882326][ T4529] ? ext4_quota_read+0x3a0/0x3a0
[ 83.887308][ T4529] __dquot_transfer+0x177/0x2270
[ 83.892293][ T4529] ? dquot_free_inode+0x9b0/0x9b0
[ 83.897356][ T4529] ? 0xffffffff81000000
[ 83.901545][ T4529] ? dquot_acquire+0x24e/0x520
[ 83.906430][ T4529] ? __ext4_journal_stop+0x30/0x190
[ 83.911671][ T4529] ? ext4_acquire_dquot+0x2ed/0x4a0
[ 83.916913][ T4529] ? ext4_acquire_dquot+0x36f/0x4a0
[ 83.922153][ T4529] ? dqget+0x951/0xeb0
[ 83.926263][ T4529] dquot_transfer+0x2f1/0x460
[ 83.930989][ T4529] ? __dquot_transfer+0x2270/0x2270
[ 83.936234][ T4529] ? down_read+0x1aa/0x2e0
[ 83.941045][ T4529] ext4_setattr+0x735/0x1b60
[ 83.945813][ T4529] ? evm_inode_setattr+0x87/0x590
[ 83.950882][ T4529] ? common_perm+0x1b0/0x1b0
[ 83.956032][ T4529] ? bpf_lsm_inode_setattr+0x5/0x10
[ 83.961275][ T4529] ? try_break_deleg+0x79/0x120
[ 83.966156][ T4529] ? ext4_write_inode+0x5f0/0x5f0
[ 83.971216][ T4529] notify_change+0xbcd/0xee0
[ 83.975956][ T4529] chown_common+0x4a7/0x660
[ 83.980517][ T4529] ? __ia32_sys_chmod+0x70/0x70
[ 83.985443][ T4529] ? rcu_read_lock_any_held+0xb0/0x130
[ 83.991036][ T4529] ? rcu_read_lock_bh_held+0xf0/0xf0
[ 83.996639][ T4529] ? __mnt_want_write+0x1e2/0x260
[ 84.001714][ T4529] ? mnt_want_write_file+0x174/0x200
[ 84.007049][ T4529] ksys_fchown+0xe2/0x150
[ 84.011436][ T4529] __x64_sys_fchown+0x76/0x80
[ 84.016169][ T4529] do_syscall_64+0x4c/0xa0
[ 84.020627][ T4529] ? clear_bhb_loop+0x30/0x80
[ 84.025444][ T4529] ? clear_bhb_loop+0x30/0x80
[ 84.030213][ T4529] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 84.036246][ T4529] RIP: 0033:0x7f855e111e59
[ 84.040698][ T4529] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 84.060423][ T4529] RSP: 002b:00007ffdfaf81668 EFLAGS: 00000246 ORIG_RAX: 000000000000005d
[ 84.068967][ T4529] RAX: ffffffffffffffda RBX: 00007f855e38afa0 RCX: 00007f855e111e59
[ 84.077521][ T4529] RDX: 000000000000ee01 RSI: 0000000000000000 RDI: 0000000000000005
[ 84.085789][ T4529] RBP: 00007f855e1a7d6f R08: 0000000000000000 R09: 0000000000000000
[ 84.093793][ T4529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 84.101802][ T4529] R13: 00007f855e38afac R14: 00007f855e38afa0 R15: 00007f855e38afa0
[ 84.109918][ T4529]
[ 84.112968][ T4529]
[ 84.115323][ T4529] Allocated by task 4211:
[ 84.119759][ T4529] __kasan_slab_alloc+0x9c/0xd0
[ 84.124736][ T4529] slab_post_alloc_hook+0x4c/0x380
[ 84.129900][ T4529] kmem_cache_alloc+0x100/0x290
[ 84.134795][ T4529] __kernfs_new_node+0xe3/0x6c0
[ 84.139832][ T4529] kernfs_new_node+0x148/0x250
[ 84.144827][ T4529] __kernfs_create_file+0x47/0x2e0
[ 84.149973][ T4529] sysfs_add_file_mode_ns+0x2d4/0x3a0
[ 84.155381][ T4529] internal_create_group+0x495/0xd00
[ 84.160697][ T4529] sysfs_create_groups+0x55/0x120
[ 84.165754][ T4529] device_add_attrs+0x83/0x6a0
[ 84.170731][ T4529] device_add+0x64b/0xfb0
[ 84.175085][ T4529] netdev_register_kobject+0x184/0x320
[ 84.180578][ T4529] register_netdevice+0x1042/0x1710
[ 84.186024][ T4529] xfrmi_newlink+0x336/0x4c0
[ 84.190664][ T4529] rtnl_newlink+0x1359/0x1a50
[ 84.195466][ T4529] rtnetlink_rcv_msg+0x844/0xf30
[ 84.200440][ T4529] netlink_rcv_skb+0x1f5/0x440
[ 84.205326][ T4529] netlink_unicast+0x774/0x920
[ 84.210115][ T4529] netlink_sendmsg+0x8ba/0xbe0
[ 84.214910][ T4529] __sys_sendto+0x46d/0x620
[ 84.219444][ T4529] __x64_sys_sendto+0xda/0xf0
[ 84.224151][ T4529] do_syscall_64+0x4c/0xa0
[ 84.228615][ T4529] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 84.234584][ T4529]
[ 84.236939][ T4529] Freed by task 144:
[ 84.240847][ T4529] kasan_set_track+0x4b/0x70
[ 84.245574][ T4529] kasan_set_free_info+0x1f/0x40
[ 84.250742][ T4529] ____kasan_slab_free+0xd5/0x110
[ 84.255900][ T4529] slab_free_freelist_hook+0xea/0x170
[ 84.261309][ T4529] kmem_cache_free+0x8f/0x210
[ 84.266024][ T4529] kernfs_put+0x319/0x490
[ 84.270383][ T4529] kernfs_remove_by_name_ns+0x99/0x100
[ 84.275890][ T4529] sysfs_remove_group+0xf8/0x290
[ 84.280950][ T4529] sysfs_remove_groups+0x50/0xa0
[ 84.285917][ T4529] device_del+0x6a7/0xaf0
[ 84.290275][ T4529] unregister_netdevice_many+0x1518/0x19f0
[ 84.296210][ T4529] xfrmi_exit_batch_net+0x232/0x280
[ 84.301540][ T4529] cleanup_net+0x791/0xba0
[ 84.305991][ T4529] process_one_work+0x85f/0x1010
[ 84.310963][ T4529] worker_thread+0xaa6/0x1290
[ 84.315672][ T4529] kthread+0x436/0x520
[ 84.319839][ T4529] ret_from_fork+0x1f/0x30
[ 84.324286][ T4529]
[ 84.326635][ T4529] The buggy address belongs to the object at ffff88801fe9c000
[ 84.326635][ T4529] which belongs to the cache kernfs_node_cache of size 168
[ 84.341288][ T4529] The buggy address is located 112 bytes inside of
[ 84.341288][ T4529] 168-byte region [ffff88801fe9c000, ffff88801fe9c0a8)
[ 84.354613][ T4529] The buggy address belongs to the page:
[ 84.360267][ T4529] page:ffffea00007fa700 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1fe9c
[ 84.370720][ T4529] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 84.378325][ T4529] raw: 00fff00000000200 ffffea000061e880 0000000200000002 ffff888016de9b40
[ 84.387471][ T4529] raw: ffff88801fe9c570 0000000080110000 00000001ffffffff 0000000000000000
[ 84.396181][ T4529] page dumped because: kasan: bad access detected
[ 84.402643][ T4529] page_owner tracks the page as allocated
[ 84.408387][ T4529] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 4211, ts 69376153786, free_ts 66362603005
[ 84.424826][ T4529] get_page_from_freelist+0x1bbd/0x1ca0
[ 84.430513][ T4529] __alloc_pages+0x1ee/0x480
[ 84.435264][ T4529] new_slab+0xc0/0x4b0
[ 84.437749][ T4201] Bluetooth: hci0: command 0x041b tx timeout
[ 84.439459][ T4529] ___slab_alloc+0x80a/0xdd0
[ 84.450343][ T4529] kmem_cache_alloc+0x195/0x290
[ 84.455316][ T4529] __kernfs_new_node+0xe3/0x6c0
[ 84.460291][ T4529] kernfs_new_node+0x148/0x250
[ 84.465098][ T4529] __kernfs_create_file+0x47/0x2e0
[ 84.470326][ T4529] sysfs_add_file_mode_ns+0x2d4/0x3a0
[ 84.476273][ T4529] internal_create_group+0x495/0xd00
[ 84.481594][ T4529] sysfs_create_groups+0x55/0x120
[ 84.486769][ T4529] device_add_attrs+0x83/0x6a0
[ 84.491834][ T4529] device_add+0x64b/0xfb0
[ 84.496192][ T4529] netdev_register_kobject+0x184/0x320
[ 84.502143][ T4529] register_netdevice+0x1042/0x1710
[ 84.507380][ T4529] xfrmi_newlink+0x336/0x4c0
[ 84.512088][ T4529] page last free stack trace:
[ 84.516778][ T4529] free_unref_page_prepare+0x637/0x6c0
[ 84.522537][ T4529] free_unref_page+0x8f/0x2a0
[ 84.527248][ T4529] __vunmap+0x8b9/0xa50
[ 84.531524][ T4529] kcov_mmap+0x89/0x120
[ 84.535838][ T4529] mmap_file+0x5d/0xb0
[ 84.539955][ T4529] mmap_region+0xf88/0x1650
[ 84.544488][ T4529] do_mmap+0x819/0xe90
[ 84.548582][ T4529] vm_mmap_pgoff+0x1c1/0x2d0
[ 84.553197][ T4529] ksys_mmap_pgoff+0x54b/0x790
[ 84.557986][ T4529] do_syscall_64+0x4c/0xa0
[ 84.562465][ T4529] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 84.568403][ T4529]
[ 84.570756][ T4529] Memory state around the buggy address:
[ 84.576417][ T4529] ffff88801fe9bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 84.584848][ T4529] ffff88801fe9bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 84.593041][ T4529] >ffff88801fe9c000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 84.601691][ T4529] ^
[ 84.609442][ T4529] ffff88801fe9c080: fb fb fb fb fb fc fc fc fc fc fc fc fc fb fb fb
[ 84.617632][ T4529] ffff88801fe9c100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 84.625829][ T4529] ==================================================================
[ 84.633919][ T4529] Disabling lock debugging due to kernel taint
[ 84.653282][ T4529] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 84.660614][ T4529] CPU: 1 PID: 4529 Comm: syz.0.18 Tainted: G B syzkaller #0
[ 84.669485][ T4529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 84.679765][ T4529] Call Trace:
[ 84.683055][ T4529]
[ 84.685984][ T4529] dump_stack_lvl+0x188/0x250
[ 84.690685][ T4529] ? show_regs_print_info+0x20/0x20
[ 84.695966][ T4529] ? load_image+0x400/0x400
[ 84.700474][ T4529] panic+0x2e5/0x810
[ 84.704387][ T4529] ? bpf_jit_dump+0xd0/0xd0
[ 84.708900][ T4529] ? _raw_spin_unlock_irqrestore+0x10d/0x120
[ 84.714881][ T4529] ? _raw_spin_unlock+0x40/0x40
[ 84.719966][ T4529] ? ext4_get_inode_usage+0x401/0x5b0
[ 84.725435][ T4529] check_panic_on_warn+0x80/0xa0
[ 84.730374][ T4529] ? ext4_get_inode_usage+0x401/0x5b0
[ 84.735750][ T4529] end_report+0x6d/0xf0
[ 84.740620][ T4529] kasan_report+0x102/0x130
[ 84.745130][ T4529] ? ext4_get_inode_usage+0x401/0x5b0
[ 84.750506][ T4529] ext4_get_inode_usage+0x401/0x5b0
[ 84.755800][ T4529] ? ext4_listxattr+0xc50/0xc50
[ 84.760818][ T4529] ? ext4_quota_read+0x3a0/0x3a0
[ 84.765848][ T4529] __dquot_transfer+0x177/0x2270
[ 84.770790][ T4529] ? dquot_free_inode+0x9b0/0x9b0
[ 84.775816][ T4529] ? 0xffffffff81000000
[ 84.779981][ T4529] ? dquot_acquire+0x24e/0x520
[ 84.784747][ T4529] ? __ext4_journal_stop+0x30/0x190
[ 84.789954][ T4529] ? ext4_acquire_dquot+0x2ed/0x4a0
[ 84.795154][ T4529] ? ext4_acquire_dquot+0x36f/0x4a0
[ 84.800543][ T4529] ? dqget+0x951/0xeb0
[ 84.804788][ T4529] dquot_transfer+0x2f1/0x460
[ 84.809469][ T4529] ? __dquot_transfer+0x2270/0x2270
[ 84.814665][ T4529] ? down_read+0x1aa/0x2e0
[ 84.819088][ T4529] ext4_setattr+0x735/0x1b60
[ 84.823766][ T4529] ? evm_inode_setattr+0x87/0x590
[ 84.828791][ T4529] ? common_perm+0x1b0/0x1b0
[ 84.833410][ T4529] ? bpf_lsm_inode_setattr+0x5/0x10
[ 84.838615][ T4529] ? try_break_deleg+0x79/0x120
[ 84.843567][ T4529] ? ext4_write_inode+0x5f0/0x5f0
[ 84.848597][ T4529] notify_change+0xbcd/0xee0
[ 84.853193][ T4529] chown_common+0x4a7/0x660
[ 84.857869][ T4529] ? __ia32_sys_chmod+0x70/0x70
[ 84.862820][ T4529] ? rcu_read_lock_any_held+0xb0/0x130
[ 84.868481][ T4529] ? rcu_read_lock_bh_held+0xf0/0xf0
[ 84.873777][ T4529] ? __mnt_want_write+0x1e2/0x260
[ 84.878892][ T4529] ? mnt_want_write_file+0x174/0x200
[ 84.884180][ T4529] ksys_fchown+0xe2/0x150
[ 84.888553][ T4529] __x64_sys_fchown+0x76/0x80
[ 84.893246][ T4529] do_syscall_64+0x4c/0xa0
[ 84.897663][ T4529] ? clear_bhb_loop+0x30/0x80
[ 84.902422][ T4529] ? clear_bhb_loop+0x30/0x80
[ 84.907095][ T4529] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 84.912994][ T4529] RIP: 0033:0x7f855e111e59
[ 84.917618][ T4529] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 84.937506][ T4529] RSP: 002b:00007ffdfaf81668 EFLAGS: 00000246 ORIG_RAX: 000000000000005d
[ 84.946536][ T4529] RAX: ffffffffffffffda RBX: 00007f855e38afa0 RCX: 00007f855e111e59
[ 84.954524][ T4529] RDX: 000000000000ee01 RSI: 0000000000000000 RDI: 0000000000000005
[ 84.962497][ T4529] RBP: 00007f855e1a7d6f R08: 0000000000000000 R09: 0000000000000000
[ 84.970469][ T4529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 84.978571][ T4529] R13: 00007f855e38afac R14: 00007f855e38afa0 R15: 00007f855e38afa0
[ 84.986549][ T4529]
[ 84.989654][ T4529] Kernel Offset: disabled
[ 84.993979][ T4529] Rebooting in 86400 seconds..