Warning: Permanently added '10.128.0.37' (ED25519) to the list of known hosts.
2025/11/15 00:18:29 parsed 1 programs
[   93.977629][ T4612] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
[   95.452906][ T4632] chnl_net:caif_netlink_parms(): no params data found
[   95.492011][ T4632] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.499247][ T4632] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.506980][ T4632] device bridge_slave_0 entered promiscuous mode
[   95.515686][ T4632] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.523183][ T4632] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.531373][ T4632] device bridge_slave_1 entered promiscuous mode
[   95.551333][ T4632] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   95.562353][ T4632] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   95.583193][ T4632] team0: Port device team_slave_0 added
[   95.590892][ T4632] team0: Port device team_slave_1 added
[   95.609127][ T4632] batman_adv: batadv0: Adding interface: batadv_slave_0
[   95.616669][ T4632] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.643116][ T4632] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   95.657276][ T4632] batman_adv: batadv0: Adding interface: batadv_slave_1
[   95.664280][ T4632] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.690490][ T4632] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   95.721048][ T4632] device hsr_slave_0 entered promiscuous mode
[   95.727840][ T4632] device hsr_slave_1 entered promiscuous mode
[   96.307923][ T4632] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   96.326908][ T4632] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   96.354565][ T4632] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   96.374400][ T4632] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   96.461594][ T4632] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.468725][ T4632] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.476455][ T4632] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.483562][ T4632] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.501905][  T144] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.512767][  T144] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.560641][ T4632] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.580847][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   96.590772][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   96.602922][ T4632] 8021q: adding VLAN 0 to HW filter on device team0
[   96.616221][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   96.625633][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   96.638866][  T151] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.646144][  T151] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.664799][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   96.675088][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   96.683965][  T151] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.691143][  T151] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.702641][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   96.724086][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   96.739631][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   96.749445][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   96.774689][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   96.791969][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   96.814127][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   96.834903][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   96.843838][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   96.868009][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   96.883956][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   96.907391][ T4632] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   97.068160][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   97.076468][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   97.096544][ T4632] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.147218][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   97.157852][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   97.197111][ T4632] device veth0_vlan entered promiscuous mode
[   97.205102][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   97.224914][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   97.243648][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   97.251495][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   97.284296][ T4632] device veth1_vlan entered promiscuous mode
[   97.309994][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   97.318768][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   97.328907][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   97.339145][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   97.351687][ T4632] device veth0_macvtap entered promiscuous mode
[   97.406796][ T4632] device veth1_macvtap entered promiscuous mode
[   97.431835][ T4632] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.440825][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   97.449849][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   97.459266][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   97.469628][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   97.483620][ T4632] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.497976][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   97.506910][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   97.519715][ T4632] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.532362][ T4632] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.542986][ T4632] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.552583][ T4632] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.757470][  T151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.774485][  T151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.786923][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   97.807217][  T666] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.816655][  T666] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.826621][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   99.769025][    T9] ODEBUG: Out of memory. ODEBUG disabled
[   99.855457][    T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/11/15 00:18:38 executed programs: 0
[  100.860016][ T4862] chnl_net:caif_netlink_parms(): no params data found
[  100.917964][ T4862] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.925281][ T4862] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.934222][ T4862] device bridge_slave_0 entered promiscuous mode
[  100.942642][ T4862] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.950273][ T4862] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.958700][ T4862] device bridge_slave_1 entered promiscuous mode
[  100.984803][ T4862] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  100.996599][ T4862] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  101.024328][ T4862] team0: Port device team_slave_0 added
[  101.032142][ T4862] team0: Port device team_slave_1 added
[  101.058298][ T4862] batman_adv: batadv0: Adding interface: batadv_slave_0
[  101.066475][ T4862] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.095362][ T4862] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  101.108166][ T4862] batman_adv: batadv0: Adding interface: batadv_slave_1
[  101.117554][ T4862] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.144458][ T4862] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  101.184352][ T4862] device hsr_slave_0 entered promiscuous mode
[  101.191151][ T4862] device hsr_slave_1 entered promiscuous mode
[  101.198801][ T4862] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  101.206821][ T4862] Cannot create hsr debugfs directory
[  101.938900][    T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.989192][    T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.051573][    T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.803729][ T4970] Bluetooth: hci0: command 0x0409 tx timeout
[  102.857919][ T4862] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  102.888526][ T4862] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  102.897892][ T4862] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  102.907420][ T4862] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  102.987200][ T4862] 8021q: adding VLAN 0 to HW filter on device bond0
[  103.008981][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  103.017753][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  103.028750][ T4862] 8021q: adding VLAN 0 to HW filter on device team0
[  103.039119][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  103.049112][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  103.058200][  T666] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.065305][  T666] bridge0: port 1(bridge_slave_0) entered forwarding state
[  103.104685][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  103.112944][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  103.124144][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  103.132732][  T666] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.139941][  T666] bridge0: port 2(bridge_slave_1) entered forwarding state
[  103.148684][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  103.166593][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  103.176122][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  103.186724][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  103.204307][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  103.212479][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  103.222415][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  103.232111][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  103.241567][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  103.250787][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  103.259727][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  103.270294][ T4862] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  103.456303][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  103.464500][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  103.477259][ T4862] 8021q: adding VLAN 0 to HW filter on device batadv0
[  103.501728][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  103.511448][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  103.545500][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  103.556531][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  103.565327][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  103.573118][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  103.585496][ T4862] device veth0_vlan entered promiscuous mode
[  103.610140][ T4862] device veth1_vlan entered promiscuous mode
[  103.630439][ T1457] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  103.639095][ T1457] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  103.648012][ T1457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  103.658092][ T1457] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  103.669054][ T4862] device veth0_macvtap entered promiscuous mode
[  103.681389][ T4862] device veth1_macvtap entered promiscuous mode
[  103.711087][ T4862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.722222][ T4862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.733993][ T4862] batman_adv: batadv0: Interface activated: batadv_slave_0
[  103.743195][ T1457] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  103.751513][ T1457] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  103.759726][ T1457] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  103.769268][ T1457] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  103.779744][ T4862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.790834][ T4862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.801738][ T4862] batman_adv: batadv0: Interface activated: batadv_slave_1
[  103.818907][ T1457] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  103.827703][ T1457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  103.838647][ T4862] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  103.848155][ T4862] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  103.857095][ T4862] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  103.865878][ T4862] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  103.879008][    T9] device hsr_slave_0 left promiscuous mode
[  103.885709][    T9] device hsr_slave_1 left promiscuous mode
[  103.892275][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  103.900050][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  103.908335][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  103.916256][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  103.924191][    T9] device bridge_slave_1 left promiscuous mode
[  103.930858][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.939870][    T9] device bridge_slave_0 left promiscuous mode
[  103.946489][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.957650][    T9] device veth1_macvtap left promiscuous mode
[  103.963711][    T9] device veth0_macvtap left promiscuous mode
[  103.969702][    T9] device veth1_vlan left promiscuous mode
[  103.975687][    T9] device veth0_vlan left promiscuous mode
[  104.085584][    T9] team0 (unregistering): Port device team_slave_1 removed
[  104.099327][    T9] team0 (unregistering): Port device team_slave_0 removed
[  104.110103][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  104.122405][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  104.167387][    T9] bond0 (unregistering): Released all slaves
[  104.256615][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.276196][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  104.298216][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  104.307689][  T151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.316927][  T151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  104.338335][  T151] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  104.417713][ T5061] loop0: detected capacity change from 0 to 8192
[  104.529476][ T5061] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  104.539047][ T5061] REISERFS (device loop0): using ordered data mode
[  104.547973][ T5061] reiserfs: using flush barriers
[  104.565170][ T5061] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  104.595127][ T5061] REISERFS (device loop0): checking transaction log (loop0)
[  104.610136][ T5061] REISERFS (device loop0): Using r5 hash to sort names
[  104.620708][ T5061] ==================================================================
[  104.628942][ T5061] BUG: KASAN: out-of-bounds in leaf_paste_entries+0x73c/0x10c0
[  104.636510][ T5061] Read of size 18446744073709551584 at addr ffff88806cb85fa4 by task syz.0.17/5061
[  104.645809][ T5061] 
[  104.648133][ T5061] CPU: 1 PID: 5061 Comm: syz.0.17 Not tainted syzkaller #0
[  104.655323][ T5061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  104.665383][ T5061] Call Trace:
[  104.668661][ T5061]  <TASK>
[  104.671591][ T5061]  dump_stack_lvl+0x168/0x230
[  104.676283][ T5061]  ? show_regs_print_info+0x20/0x20
[  104.681498][ T5061]  ? _printk+0xcc/0x110
[  104.685651][ T5061]  ? leaf_paste_entries+0x73c/0x10c0
[  104.690937][ T5061]  ? load_image+0x3b0/0x3b0
[  104.695437][ T5061]  ? __lock_acquire+0x13ad/0x7c60
[  104.700555][ T5061]  print_address_description+0x60/0x2d0
[  104.706099][ T5061]  ? leaf_paste_entries+0x73c/0x10c0
[  104.711482][ T5061]  kasan_report+0xdf/0x130
[  104.715903][ T5061]  ? leaf_paste_entries+0x73c/0x10c0
[  104.721192][ T5061]  ? leaf_paste_entries+0x73c/0x10c0
[  104.726500][ T5061]  kasan_check_range+0x27b/0x290
[  104.731448][ T5061]  memmove+0x25/0x60
[  104.735375][ T5061]  leaf_paste_entries+0x73c/0x10c0
[  104.740499][ T5061]  balance_leaf+0xacec/0x10e60
[  104.745313][ T5061]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  104.751303][ T5061]  ? lock_chain_count+0x20/0x20
[  104.756336][ T5061]  ? _raw_spin_lock_irqsave+0x7f/0xf0
[  104.761702][ T5061]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  104.767598][ T5061]  ? do_balance+0x930/0x930
[  104.772110][ T5061]  ? _raw_spin_unlock+0x40/0x40
[  104.776959][ T5061]  ? stack_trace_snprint+0xf0/0xf0
[  104.782066][ T5061]  ? stack_depot_save+0x404/0x440
[  104.787091][ T5061]  ? __kasan_kmalloc+0xcc/0xf0
[  104.791854][ T5061]  ? __kasan_kmalloc+0xb5/0xf0
[  104.796706][ T5061]  ? fix_nodes+0x6044/0x82d0
[  104.801291][ T5061]  ? reiserfs_paste_into_item+0x5c8/0x7e0
[  104.807445][ T5061]  ? reiserfs_add_entry+0x975/0xd40
[  104.812650][ T5061]  ? reiserfs_mkdir+0x68f/0x970
[  104.817508][ T5061]  ? reiserfs_xattr_init+0x331/0x720
[  104.822790][ T5061]  ? reiserfs_fill_super+0x1fa6/0x23e0
[  104.828272][ T5061]  ? mount_bdev+0x287/0x3c0
[  104.832773][ T5061]  ? legacy_get_tree+0xe6/0x180
[  104.837710][ T5061]  ? vfs_get_tree+0x88/0x270
[  104.842308][ T5061]  ? do_new_mount+0x24a/0xa40
[  104.846980][ T5061]  ? __se_sys_mount+0x2d6/0x3c0
[  104.851827][ T5061]  ? do_syscall_64+0x4c/0xa0
[  104.856415][ T5061]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  104.862501][ T5061]  ? __wake_up_bit+0x100/0x100
[  104.867277][ T5061]  ? get_parents+0x400/0xd20
[  104.871860][ T5061]  ? get_neighbors+0x9ba/0x1030
[  104.876740][ T5061]  ? reiserfs_prepare_for_journal+0x269/0x280
[  104.882815][ T5061]  ? fix_nodes+0x7b26/0x82d0
[  104.884015][ T4972] Bluetooth: hci0: command 0x041b tx timeout
[  104.887514][ T5061]  do_balance+0x2fa/0x930
[  104.897961][ T5061]  ? get_right_neighbor_position+0x210/0x210
[  104.903970][ T5061]  reiserfs_paste_into_item+0x69b/0x7e0
[  104.909539][ T5061]  ? reiserfs_cut_from_item+0x1ef0/0x1ef0
[  104.915339][ T5061]  ? reiserfs_get_parent+0x270/0x270
[  104.920626][ T5061]  ? inode_get_bytes+0x73/0xa0
[  104.925397][ T5061]  ? memset+0x1e/0x40
[  104.929408][ T5061]  ? _find_first_zero_bit+0x60/0xf0
[  104.934610][ T5061]  reiserfs_add_entry+0x975/0xd40
[  104.939659][ T5061]  ? drop_new_inode+0x60/0x60
[  104.944386][ T5061]  ? journal_begin+0x1f1/0x350
[  104.949152][ T5061]  ? reiserfs_update_inode_transaction+0x1c/0x120
[  104.955579][ T5061]  reiserfs_mkdir+0x68f/0x970
[  104.960267][ T5061]  ? reiserfs_symlink+0x770/0x770
[  104.965294][ T5061]  ? preempt_count_add+0x8d/0x190
[  104.970326][ T5061]  ? rwsem_write_trylock+0x12f/0x1b0
[  104.975617][ T5061]  ? lookup_one_len+0x18e/0x2c0
[  104.980467][ T5061]  ? lookup_one_common+0x460/0x460
[  104.985579][ T5061]  reiserfs_xattr_init+0x331/0x720
[  104.990701][ T5061]  reiserfs_fill_super+0x1fa6/0x23e0
[  104.996000][ T5061]  ? reiserfs_kill_sb+0x140/0x140
[  105.001150][ T5061]  ? snprintf+0xd7/0x120
[  105.005436][ T5061]  ? vscnprintf+0x80/0x80
[  105.009780][ T5061]  ? set_blocksize+0x1f1/0x370
[  105.014558][ T5061]  ? sb_set_blocksize+0xa5/0xe0
[  105.019412][ T5061]  mount_bdev+0x287/0x3c0
[  105.023745][ T5061]  ? reiserfs_kill_sb+0x140/0x140
[  105.028783][ T5061]  legacy_get_tree+0xe6/0x180
[  105.033467][ T5061]  ? remove_save_link+0x3c0/0x3c0
[  105.038498][ T5061]  vfs_get_tree+0x88/0x270
[  105.042927][ T5061]  do_new_mount+0x24a/0xa40
[  105.047463][ T5061]  __se_sys_mount+0x2d6/0x3c0
[  105.052153][ T5061]  ? __x64_sys_mount+0xc0/0xc0
[  105.056921][ T5061]  ? lockdep_hardirqs_on+0x94/0x140
[  105.062119][ T5061]  ? __x64_sys_mount+0x1c/0xc0
[  105.066890][ T5061]  do_syscall_64+0x4c/0xa0
[  105.071308][ T5061]  ? clear_bhb_loop+0x30/0x80
[  105.075985][ T5061]  ? clear_bhb_loop+0x30/0x80
[  105.080684][ T5061]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  105.086947][ T5061] RIP: 0033:0x7fc3cbd4776a
[  105.091459][ T5061] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.111151][ T5061] RSP: 002b:00007fc3cb3b4e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  105.119659][ T5061] RAX: ffffffffffffffda RBX: 00007fc3cb3b4ef0 RCX: 00007fc3cbd4776a
[  105.127744][ T5061] RDX: 0000200000000000 RSI: 00002000000000c0 RDI: 00007fc3cb3b4eb0
[  105.135815][ T5061] RBP: 0000200000000000 R08: 00007fc3cb3b4ef0 R09: 0000000000008488
[  105.143803][ T5061] R10: 0000000000008488 R11: 0000000000000246 R12: 00002000000000c0
[  105.151782][ T5061] R13: 00007fc3cb3b4eb0 R14: 00000000000010f9 R15: 0000200000000780
[  105.159773][ T5061]  </TASK>
[  105.162801][ T5061] 
[  105.165121][ T5061] The buggy address belongs to the page:
[  105.170749][ T5061] page:ffffea0001b2e140 refcount:3 mapcount:0 mapping:ffff888140894f30 index:0x213 pfn:0x6cb85
[  105.181069][ T5061] memcg:ffff8880199b0000
[  105.185316][ T5061] aops:def_blk_aops ino:700000
[  105.190082][ T5061] flags: 0xfff00000002022(referenced|active|private|node=0|zone=1|lastcpupid=0x7ff)
[  105.199452][ T5061] raw: 00fff00000002022 0000000000000000 dead000000000122 ffff888140894f30
[  105.208390][ T5061] raw: 0000000000000213 ffff8880716709f8 00000003ffffffff ffff8880199b0000
[  105.217141][ T5061] page dumped because: kasan: bad access detected
[  105.223671][ T5061] page_owner tracks the page as allocated
[  105.229577][ T5061] page last allocated via order 0, migratetype Movable, gfp_mask 0x108c48(GFP_NOFS|__GFP_NOFAIL|__GFP_HARDWALL|__GFP_MOVABLE), pid 5061, ts 104609432283, free_ts 104606706157
[  105.247118][ T5061]  get_page_from_freelist+0x1b77/0x1c60
[  105.252688][ T5061]  __alloc_pages+0x1e1/0x470
[  105.257286][ T5061]  __page_cache_alloc+0xd2/0x3f0
[  105.262234][ T5061]  pagecache_get_page+0x986/0xef0
[  105.267273][ T5061]  __getblk_gfp+0x249/0xb70
[  105.271776][ T5061]  search_by_key+0x424/0x4390
[  105.276462][ T5061]  reiserfs_read_locked_inode+0x154/0x2620
[  105.282357][ T5061]  reiserfs_fill_super+0x124b/0x23e0
[  105.287652][ T5061]  mount_bdev+0x287/0x3c0
[  105.292059][ T5061]  legacy_get_tree+0xe6/0x180
[  105.296745][ T5061]  vfs_get_tree+0x88/0x270
[  105.301259][ T5061]  do_new_mount+0x24a/0xa40
[  105.305757][ T5061]  __se_sys_mount+0x2d6/0x3c0
[  105.310566][ T5061]  do_syscall_64+0x4c/0xa0
[  105.315248][ T5061]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  105.321136][ T5061] page last free stack trace:
[  105.325823][ T5061]  free_unref_page_prepare+0x637/0x6c0
[  105.331278][ T5061]  free_unref_page_list+0x122/0x7e0
[  105.336488][ T5061]  release_pages+0x184b/0x1bb0
[  105.341252][ T5061]  __pagevec_release+0x6d/0xe0
[  105.346006][ T5061]  shmem_undo_range+0x5cb/0x1880
[  105.350939][ T5061]  shmem_evict_inode+0x20d/0xa00
[  105.355875][ T5061]  evict+0x485/0x870
[  105.359764][ T5061]  __dentry_kill+0x431/0x650
[  105.364350][ T5061]  dentry_kill+0xb8/0x290
[  105.368679][ T5061]  dput+0xd8/0x1a0
[  105.372496][ T5061]  do_renameat2+0x704/0xf70
[  105.377129][ T5061]  __x64_sys_rename+0x82/0x90
[  105.381891][ T5061]  do_syscall_64+0x4c/0xa0
[  105.386315][ T5061]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  105.392223][ T5061] 
[  105.394536][ T5061] Memory state around the buggy address:
[  105.400155][ T5061]  ffff88806cb85e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  105.408394][ T5061]  ffff88806cb85f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  105.416454][ T5061] >ffff88806cb85f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  105.424561][ T5061]                                ^
[  105.429653][ T5061]  ffff88806cb86000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  105.437788][ T5061]  ffff88806cb86080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  105.445838][ T5061] ==================================================================
[  105.453877][ T5061] Disabling lock debugging due to kernel taint
[  105.474110][ T5061] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  105.481517][ T5061] CPU: 1 PID: 5061 Comm: syz.0.17 Tainted: G    B             syzkaller #0
[  105.490361][ T5061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  105.500412][ T5061] Call Trace:
[  105.503690][ T5061]  <TASK>
[  105.506600][ T5061]  dump_stack_lvl+0x168/0x230
[  105.511255][ T5061]  ? show_regs_print_info+0x20/0x20
[  105.516511][ T5061]  ? load_image+0x3b0/0x3b0
[  105.520994][ T5061]  panic+0x2c9/0x7f0
[  105.524863][ T5061]  ? bpf_jit_dump+0xd0/0xd0
[  105.529362][ T5061]  ? _raw_spin_unlock_irqrestore+0xf6/0x100
[  105.535251][ T5061]  ? _raw_spin_unlock+0x40/0x40
[  105.540094][ T5061]  ? print_memory_metadata+0x314/0x400
[  105.545572][ T5061]  ? leaf_paste_entries+0x73c/0x10c0
[  105.550849][ T5061]  check_panic_on_warn+0x80/0xa0
[  105.555766][ T5061]  ? leaf_paste_entries+0x73c/0x10c0
[  105.561142][ T5061]  end_report+0x6d/0xf0
[  105.565313][ T5061]  kasan_report+0x102/0x130
[  105.569795][ T5061]  ? leaf_paste_entries+0x73c/0x10c0
[  105.575058][ T5061]  ? leaf_paste_entries+0x73c/0x10c0
[  105.580324][ T5061]  kasan_check_range+0x27b/0x290
[  105.585253][ T5061]  memmove+0x25/0x60
[  105.589121][ T5061]  leaf_paste_entries+0x73c/0x10c0
[  105.594254][ T5061]  balance_leaf+0xacec/0x10e60
[  105.599000][ T5061]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  105.605066][ T5061]  ? lock_chain_count+0x20/0x20
[  105.609897][ T5061]  ? _raw_spin_lock_irqsave+0x7f/0xf0
[  105.615244][ T5061]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  105.621137][ T5061]  ? do_balance+0x930/0x930
[  105.625655][ T5061]  ? _raw_spin_unlock+0x40/0x40
[  105.630656][ T5061]  ? stack_trace_snprint+0xf0/0xf0
[  105.635745][ T5061]  ? stack_depot_save+0x404/0x440
[  105.640758][ T5061]  ? __kasan_kmalloc+0xcc/0xf0
[  105.645524][ T5061]  ? __kasan_kmalloc+0xb5/0xf0
[  105.650266][ T5061]  ? fix_nodes+0x6044/0x82d0
[  105.654834][ T5061]  ? reiserfs_paste_into_item+0x5c8/0x7e0
[  105.660528][ T5061]  ? reiserfs_add_entry+0x975/0xd40
[  105.665728][ T5061]  ? reiserfs_mkdir+0x68f/0x970
[  105.670590][ T5061]  ? reiserfs_xattr_init+0x331/0x720
[  105.675873][ T5061]  ? reiserfs_fill_super+0x1fa6/0x23e0
[  105.681307][ T5061]  ? mount_bdev+0x287/0x3c0
[  105.685875][ T5061]  ? legacy_get_tree+0xe6/0x180
[  105.690706][ T5061]  ? vfs_get_tree+0x88/0x270
[  105.695272][ T5061]  ? do_new_mount+0x24a/0xa40
[  105.699927][ T5061]  ? __se_sys_mount+0x2d6/0x3c0
[  105.704754][ T5061]  ? do_syscall_64+0x4c/0xa0
[  105.709324][ T5061]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  105.715664][ T5061]  ? __wake_up_bit+0x100/0x100
[  105.720594][ T5061]  ? get_parents+0x400/0xd20
[  105.725167][ T5061]  ? get_neighbors+0x9ba/0x1030
[  105.730010][ T5061]  ? reiserfs_prepare_for_journal+0x269/0x280
[  105.736188][ T5061]  ? fix_nodes+0x7b26/0x82d0
[  105.740766][ T5061]  do_balance+0x2fa/0x930
[  105.745079][ T5061]  ? get_right_neighbor_position+0x210/0x210
[  105.751048][ T5061]  reiserfs_paste_into_item+0x69b/0x7e0
[  105.756665][ T5061]  ? reiserfs_cut_from_item+0x1ef0/0x1ef0
[  105.762377][ T5061]  ? reiserfs_get_parent+0x270/0x270
[  105.767732][ T5061]  ? inode_get_bytes+0x73/0xa0
[  105.772500][ T5061]  ? memset+0x1e/0x40
[  105.776478][ T5061]  ? _find_first_zero_bit+0x60/0xf0
[  105.781654][ T5061]  reiserfs_add_entry+0x975/0xd40
[  105.786673][ T5061]  ? drop_new_inode+0x60/0x60
[  105.791496][ T5061]  ? journal_begin+0x1f1/0x350
[  105.796245][ T5061]  ? reiserfs_update_inode_transaction+0x1c/0x120
[  105.802753][ T5061]  reiserfs_mkdir+0x68f/0x970
[  105.807516][ T5061]  ? reiserfs_symlink+0x770/0x770
[  105.812619][ T5061]  ? preempt_count_add+0x8d/0x190
[  105.817622][ T5061]  ? rwsem_write_trylock+0x12f/0x1b0
[  105.822891][ T5061]  ? lookup_one_len+0x18e/0x2c0
[  105.827725][ T5061]  ? lookup_one_common+0x460/0x460
[  105.832940][ T5061]  reiserfs_xattr_init+0x331/0x720
[  105.838096][ T5061]  reiserfs_fill_super+0x1fa6/0x23e0
[  105.843409][ T5061]  ? reiserfs_kill_sb+0x140/0x140
[  105.848430][ T5061]  ? snprintf+0xd7/0x120
[  105.852685][ T5061]  ? vscnprintf+0x80/0x80
[  105.857031][ T5061]  ? set_blocksize+0x1f1/0x370
[  105.861780][ T5061]  ? sb_set_blocksize+0xa5/0xe0
[  105.866612][ T5061]  mount_bdev+0x287/0x3c0
[  105.871009][ T5061]  ? reiserfs_kill_sb+0x140/0x140
[  105.876021][ T5061]  legacy_get_tree+0xe6/0x180
[  105.880680][ T5061]  ? remove_save_link+0x3c0/0x3c0
[  105.885804][ T5061]  vfs_get_tree+0x88/0x270
[  105.890320][ T5061]  do_new_mount+0x24a/0xa40
[  105.895001][ T5061]  __se_sys_mount+0x2d6/0x3c0
[  105.899793][ T5061]  ? __x64_sys_mount+0xc0/0xc0
[  105.904541][ T5061]  ? lockdep_hardirqs_on+0x94/0x140
[  105.909722][ T5061]  ? __x64_sys_mount+0x1c/0xc0
[  105.914481][ T5061]  do_syscall_64+0x4c/0xa0
[  105.918940][ T5061]  ? clear_bhb_loop+0x30/0x80
[  105.923693][ T5061]  ? clear_bhb_loop+0x30/0x80
[  105.928455][ T5061]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  105.934331][ T5061] RIP: 0033:0x7fc3cbd4776a
[  105.938812][ T5061] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.958403][ T5061] RSP: 002b:00007fc3cb3b4e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  105.966811][ T5061] RAX: ffffffffffffffda RBX: 00007fc3cb3b4ef0 RCX: 00007fc3cbd4776a
[  105.975181][ T5061] RDX: 0000200000000000 RSI: 00002000000000c0 RDI: 00007fc3cb3b4eb0
[  105.983226][ T5061] RBP: 0000200000000000 R08: 00007fc3cb3b4ef0 R09: 0000000000008488
[  105.991538][ T5061] R10: 0000000000008488 R11: 0000000000000246 R12: 00002000000000c0
[  105.999588][ T5061] R13: 00007fc3cb3b4eb0 R14: 00000000000010f9 R15: 0000200000000780
[  106.007557][ T5061]  </TASK>
[  106.010926][ T5061] Kernel Offset: disabled
[  106.015373][ T5061] Rebooting in 86400 seconds..