Warning: Permanently added '10.128.0.43' (ED25519) to the list of known hosts.
2025/06/27 16:34:07 ignoring optional flag "sandboxArg"="0"
2025/06/27 16:34:07 parsed 1 programs
[ 92.152251][ T4595] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 93.519005][ T4615] chnl_net:caif_netlink_parms(): no params data found
[ 93.552048][ T4615] bridge0: port 1(bridge_slave_0) entered blocking state
[ 93.559249][ T4615] bridge0: port 1(bridge_slave_0) entered disabled state
[ 93.567579][ T4615] device bridge_slave_0 entered promiscuous mode
[ 93.577333][ T4615] bridge0: port 2(bridge_slave_1) entered blocking state
[ 93.584540][ T4615] bridge0: port 2(bridge_slave_1) entered disabled state
[ 93.592228][ T4615] device bridge_slave_1 entered promiscuous mode
[ 93.609264][ T4615] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 93.619577][ T4615] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 93.640868][ T4615] team0: Port device team_slave_0 added
[ 93.647618][ T4615] team0: Port device team_slave_1 added
[ 93.668929][ T4615] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 93.675982][ T4615] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 93.702067][ T4615] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 93.713943][ T4615] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 93.721290][ T4615] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 93.747309][ T4615] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 93.770873][ T4615] device hsr_slave_0 entered promiscuous mode
[ 93.777544][ T4615] device hsr_slave_1 entered promiscuous mode
[ 94.406512][ T4615] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 94.435978][ T4615] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 94.446125][ T4615] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 94.467548][ T4615] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 94.555917][ T4615] bridge0: port 2(bridge_slave_1) entered blocking state
[ 94.563105][ T4615] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 94.570583][ T4615] bridge0: port 1(bridge_slave_0) entered blocking state
[ 94.577690][ T4615] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 94.606107][ T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 94.614257][ T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 94.703217][ T4615] 8021q: adding VLAN 0 to HW filter on device bond0
[ 94.718702][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 94.727635][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 94.744040][ T4615] 8021q: adding VLAN 0 to HW filter on device team0
[ 94.755585][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 94.764746][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 94.773899][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 94.781040][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 94.799286][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 94.811953][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 94.827925][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 94.835064][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 94.843756][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 94.863504][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 94.872867][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 94.884151][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 94.894537][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 94.908361][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 94.926817][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 94.936380][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 94.944912][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 94.953807][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 94.965763][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 94.979385][ T4615] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 95.151158][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 95.175178][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 95.189141][ T4615] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 95.220243][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 95.230097][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 95.267017][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 95.276281][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 95.295366][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 95.307737][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 95.316713][ T4615] device veth0_vlan entered promiscuous mode
[ 95.335556][ T4615] device veth1_vlan entered promiscuous mode
[ 95.385474][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 95.393651][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 95.405667][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 95.424658][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 95.447954][ T4615] device veth0_macvtap entered promiscuous mode
[ 95.467546][ T4615] device veth1_macvtap entered promiscuous mode
[ 95.507904][ T4615] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 95.526819][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 95.545682][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 95.554054][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 95.563325][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 95.576334][ T4615] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 95.585079][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 95.599194][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 95.610654][ T4615] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 95.631505][ T4615] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 95.640773][ T4615] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 95.649761][ T4615] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 95.852058][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 95.865553][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 95.874160][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 95.903684][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 95.912313][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 95.924845][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 98.237122][ T1167] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/06/27 16:34:17 executed programs: 0
[ 99.375446][ T4854] chnl_net:caif_netlink_parms(): no params data found
[ 99.432605][ T4854] bridge0: port 1(bridge_slave_0) entered blocking state
[ 99.439859][ T4854] bridge0: port 1(bridge_slave_0) entered disabled state
[ 99.448447][ T4854] device bridge_slave_0 entered promiscuous mode
[ 99.457553][ T4854] bridge0: port 2(bridge_slave_1) entered blocking state
[ 99.464715][ T4854] bridge0: port 2(bridge_slave_1) entered disabled state
[ 99.473292][ T4854] device bridge_slave_1 entered promiscuous mode
[ 99.499546][ T4854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 99.511825][ T4854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 99.541582][ T4854] team0: Port device team_slave_0 added
[ 99.551370][ T4854] team0: Port device team_slave_1 added
[ 99.575493][ T4854] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 99.583002][ T4854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 99.609099][ T4854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 99.622323][ T4854] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 99.629404][ T4854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 99.655532][ T4854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 99.692943][ T4854] device hsr_slave_0 entered promiscuous mode
[ 99.700055][ T4854] device hsr_slave_1 entered promiscuous mode
[ 99.707185][ T4854] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 99.714768][ T4854] Cannot create hsr debugfs directory
[ 100.101977][ T1167] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 100.164540][ T1167] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 100.212430][ T1167] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 101.131138][ T4854] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 101.142069][ T4854] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 101.181943][ T4854] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 101.192157][ T4854] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 101.295099][ T4241] Bluetooth: hci0: command 0x0409 tx timeout
[ 101.300841][ T4854] 8021q: adding VLAN 0 to HW filter on device bond0
[ 101.316269][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 101.324041][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 101.334661][ T4854] 8021q: adding VLAN 0 to HW filter on device team0
[ 101.375372][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 101.384084][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 101.392833][ T144] bridge0: port 1(bridge_slave_0) entered blocking state
[ 101.400166][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 101.408822][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 101.424303][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 101.433040][ T144] bridge0: port 2(bridge_slave_1) entered blocking state
[ 101.440373][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 101.448943][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 101.469047][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 101.477472][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 101.487037][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 101.499328][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 101.508939][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 101.517767][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 101.527175][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 101.556183][ T4854] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 101.570504][ T4854] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 101.582983][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 101.592801][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 101.602646][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 101.613873][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 101.622944][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 101.827157][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 101.834726][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 101.849060][ T4854] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 101.878486][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 101.887914][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 101.919824][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 101.928778][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 101.937959][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 101.947543][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 101.958358][ T4854] device veth0_vlan entered promiscuous mode
[ 101.994808][ T4854] device veth1_vlan entered promiscuous mode
[ 102.027287][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 102.036380][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 102.044614][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 102.054369][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 102.065542][ T4854] device veth0_macvtap entered promiscuous mode
[ 102.097974][ T1167] device hsr_slave_0 left promiscuous mode
[ 102.109277][ T1167] device hsr_slave_1 left promiscuous mode
[ 102.116565][ T1167] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 102.123986][ T1167] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 102.135817][ T1167] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 102.143329][ T1167] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 102.153879][ T1167] device bridge_slave_1 left promiscuous mode
[ 102.160385][ T1167] bridge0: port 2(bridge_slave_1) entered disabled state
[ 102.171651][ T1167] device bridge_slave_0 left promiscuous mode
[ 102.178493][ T1167] bridge0: port 1(bridge_slave_0) entered disabled state
[ 102.194215][ T1167] device veth1_macvtap left promiscuous mode
[ 102.200661][ T1167] device veth0_macvtap left promiscuous mode
[ 102.213302][ T1167] device veth1_vlan left promiscuous mode
[ 102.219904][ T1167] device veth0_vlan left promiscuous mode
[ 102.432952][ T1167] team0 (unregistering): Port device team_slave_1 removed
[ 102.450486][ T1167] team0 (unregistering): Port device team_slave_0 removed
[ 102.466521][ T1167] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 102.484091][ T1167] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 102.525881][ T1167] bond0 (unregistering): Released all slaves
[ 102.590870][ T4854] device veth1_macvtap entered promiscuous mode
[ 102.599812][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 102.608622][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 102.644463][ T4854] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 102.652308][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 102.662426][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 102.675072][ T4854] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 102.684382][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 102.693741][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 102.704883][ T4854] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.713652][ T4854] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.725232][ T4854] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.734119][ T4854] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.793894][ T3059] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.814969][ T3059] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.838100][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 102.847556][ T3059] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.855538][ T3059] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.863791][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 102.967050][ T5042] loop0: detected capacity change from 0 to 4096
[ 102.984806][ T5042] ntfs: (device loop0): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1.
[ 103.015391][ T5042] ntfs: volume version 3.1.
[ 103.032685][ T5042] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Corrupt directory. Aborting lookup.
[ 103.057039][ T5042] ntfs: (device loop0): load_and_init_usnjrnl(): Failed to find inode number for $UsnJrnl.
[ 103.067555][ T5042] ntfs: (device loop0): load_system_files(): Failed to load $UsnJrnl. Mounting read-only. Run chkdsk.
[ 103.110044][ T4854] ntfs: (device loop0): ntfs_ucstonls(): Unicode name contains characters that cannot be converted to character set maccenteuro. You might want to try to use the mount option nls=utf8.
[ 103.145085][ T4854] ntfs: (device loop0): ntfs_filldir(): Skipping unrepresentable inode 0x4.
[ 103.165942][ T4854] ==================================================================
[ 103.174278][ T4854] BUG: KASAN: slab-out-of-bounds in ntfs_readdir+0xdda/0x3550
[ 103.181756][ T4854] Read of size 1 at addr ffff88807b076d99 by task syz-executor/4854
[ 103.189765][ T4854]
[ 103.192105][ T4854] CPU: 0 PID: 4854 Comm: syz-executor Not tainted 5.15.186-syzkaller #0
[ 103.200805][ T4854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 103.210871][ T4854] Call Trace:
[ 103.214261][ T4854]
[ 103.217305][ T4854] dump_stack_lvl+0x168/0x230
[ 103.222093][ T4854] ? show_regs_print_info+0x20/0x20
[ 103.227319][ T4854] ? load_image+0x3b0/0x3b0
[ 103.231842][ T4854] ? _raw_spin_lock_irqsave+0xb0/0xf0
[ 103.237248][ T4854] print_address_description+0x60/0x2d0
[ 103.242810][ T4854] ? ntfs_readdir+0xdda/0x3550
[ 103.247583][ T4854] kasan_report+0xdf/0x130
[ 103.252030][ T4854] ? ntfs_readdir+0xdda/0x3550
[ 103.256814][ T4854] ntfs_readdir+0xdda/0x3550
[ 103.261540][ T4854] ? __might_sleep+0xf0/0xf0
[ 103.266167][ T4854] ? preempt_count_add+0x8d/0x190
[ 103.271212][ T4854] ? rwsem_write_trylock+0x12f/0x1b0
[ 103.276609][ T4854] ? clear_nonspinnable+0x60/0x60
[ 103.281685][ T4854] ? ntfs_unmap_page+0x200/0x200
[ 103.286651][ T4854] iterate_dir+0x218/0x560
[ 103.291096][ T4854] __se_sys_getdents64+0xe5/0x260
[ 103.296139][ T4854] ? __x64_sys_getdents64+0x80/0x80
[ 103.301348][ T4854] ? filldir+0x720/0x720
[ 103.305606][ T4854] ? vtime_user_exit+0x2dc/0x400
[ 103.310608][ T4854] ? lockdep_hardirqs_on+0x94/0x140
[ 103.315830][ T4854] do_syscall_64+0x4c/0xa0
[ 103.320257][ T4854] ? clear_bhb_loop+0x30/0x80
[ 103.330911][ T4854] ? clear_bhb_loop+0x30/0x80
[ 103.335636][ T4854] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 103.341561][ T4854] RIP: 0033:0x7f021439d693
[ 103.345997][ T4854] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 82 3e f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[ 103.365704][ T4854] RSP: 002b:00007ffc4d096328 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[ 103.374220][ T4854] RAX: ffffffffffffffda RBX: 0000555586205640 RCX: 00007f021439d693
[ 103.382212][ T4854] RDX: 0000000000008000 RSI: 0000555586205640 RDI: 0000000000000006
[ 103.390212][ T4854] RBP: 0000555586205614 R08: 0000000000000000 R09: 0000000000000000
[ 103.398289][ T4854] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[ 103.406533][ T4854] R13: 0000000000000016 R14: 0000555586205610 R15: 0000000000000001
[ 103.414541][ T4854]
[ 103.417695][ T4854]
[ 103.420027][ T4854] Allocated by task 4854:
[ 103.424366][ T4854] __kasan_kmalloc+0xb5/0xf0
[ 103.428982][ T4854] ntfs_readdir+0x798/0x3550
[ 103.433722][ T4854] iterate_dir+0x218/0x560
[ 103.438233][ T4854] __se_sys_getdents64+0xe5/0x260
[ 103.443283][ T4854] do_syscall_64+0x4c/0xa0
[ 103.447816][ T4854] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 103.453826][ T4854]
[ 103.456157][ T4854] Last potentially related work creation:
[ 103.461874][ T4854] kasan_save_stack+0x35/0x60
[ 103.466565][ T4854] kasan_record_aux_stack+0xb8/0x100
[ 103.471863][ T4854] call_rcu+0x179/0x920
[ 103.476028][ T4854] ip6_route_info_create+0x9c5/0x1210
[ 103.481417][ T4854] ip6_route_add+0x24/0x130
[ 103.485934][ T4854] addrconf_prefix_route+0x20d/0x2b0
[ 103.491235][ T4854] inet6_addr_add+0x4ff/0x9c0
[ 103.495924][ T4854] inet6_rtm_newaddr+0x5d7/0x840
[ 103.500877][ T4854] rtnetlink_rcv_msg+0x9b9/0xe60
[ 103.505824][ T4854] netlink_rcv_skb+0x1e0/0x430
[ 103.510609][ T4854] netlink_unicast+0x77c/0x920
[ 103.515377][ T4854] netlink_sendmsg+0x8ab/0xbc0
[ 103.520154][ T4854] __sys_sendto+0x423/0x580
[ 103.524682][ T4854] __x64_sys_sendto+0xda/0xf0
[ 103.529405][ T4854] do_syscall_64+0x4c/0xa0
[ 103.533841][ T4854] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 103.539745][ T4854]
[ 103.542078][ T4854] The buggy address belongs to the object at ffff88807b076c00
[ 103.542078][ T4854] which belongs to the cache kmalloc-512 of size 512
[ 103.556224][ T4854] The buggy address is located 409 bytes inside of
[ 103.556224][ T4854] 512-byte region [ffff88807b076c00, ffff88807b076e00)
[ 103.569507][ T4854] The buggy address belongs to the page:
[ 103.575146][ T4854] page:ffffea0001ec1d00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7b074
[ 103.585318][ T4854] head:ffffea0001ec1d00 order:2 compound_mapcount:0 compound_pincount:0
[ 103.593651][ T4854] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 103.601653][ T4854] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff888016841c80
[ 103.610246][ T4854] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 103.618831][ T4854] page dumped because: kasan: bad access detected
[ 103.625244][ T4854] page_owner tracks the page as allocated
[ 103.630969][ T4854] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3549, ts 15877363259, free_ts 12898198732
[ 103.650094][ T4854] get_page_from_freelist+0x1b77/0x1c60
[ 103.655707][ T4854] __alloc_pages+0x1e1/0x470
[ 103.660319][ T4854] new_slab+0xc0/0x4b0
[ 103.664400][ T4854] ___slab_alloc+0x81e/0xdf0
[ 103.669013][ T4854] kmem_cache_alloc_trace+0x1a5/0x2a0
[ 103.674410][ T4854] kernfs_fop_open+0x3da/0xbf0
[ 103.679226][ T4854] do_dentry_open+0x7ff/0xf80
[ 103.684020][ T4854] path_openat+0x2682/0x2f30
[ 103.688631][ T4854] do_filp_open+0x1b3/0x3e0
[ 103.693143][ T4854] do_sys_openat2+0x142/0x4a0
[ 103.697838][ T4854] __x64_sys_openat+0x135/0x160
[ 103.702697][ T4854] do_syscall_64+0x4c/0xa0
[ 103.707209][ T4854] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 103.713121][ T4854] page last free stack trace:
[ 103.717797][ T4854] free_unref_page_prepare+0x637/0x6c0
[ 103.723269][ T4854] free_unref_page+0x94/0x280
[ 103.727962][ T4854] free_contig_range+0x96/0xf0
[ 103.732748][ T4854] destroy_args+0xef/0x8b0
[ 103.737216][ T4854] debug_vm_pgtable+0x318/0x370
[ 103.742092][ T4854] do_one_initcall+0x1ee/0x680
[ 103.746968][ T4854] do_initcall_level+0x137/0x1f0
[ 103.751932][ T4854] do_initcalls+0x4b/0x90
[ 103.756598][ T4854] kernel_init_freeable+0x3ce/0x560
[ 103.761807][ T4854] kernel_init+0x19/0x1b0
[ 103.766158][ T4854] ret_from_fork+0x1f/0x30
[ 103.770583][ T4854]
[ 103.772914][ T4854] Memory state around the buggy address:
[ 103.778598][ T4854] ffff88807b076c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 103.786672][ T4854] ffff88807b076d00: 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc
[ 103.794838][ T4854] >ffff88807b076d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 103.803007][ T4854] ^
[ 103.807959][ T4854] ffff88807b076e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 103.816027][ T4854] ffff88807b076e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 103.824091][ T4854] ==================================================================
[ 103.832170][ T4854] Disabling lock debugging due to kernel taint
[ 103.841443][ T4255] Bluetooth: hci0: command 0x041b tx timeout
[ 103.854681][ T4854] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 103.861994][ T4854] CPU: 0 PID: 4854 Comm: syz-executor Tainted: G B 5.15.186-syzkaller #0
[ 103.871722][ T4854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 103.881885][ T4854] Call Trace:
[ 103.885214][ T4854]
[ 103.888143][ T4854] dump_stack_lvl+0x168/0x230
[ 103.892830][ T4854] ? show_regs_print_info+0x20/0x20
[ 103.898022][ T4854] ? load_image+0x3b0/0x3b0
[ 103.902622][ T4854] panic+0x2c9/0x7f0
[ 103.906515][ T4854] ? bpf_jit_dump+0xd0/0xd0
[ 103.911020][ T4854] ? _raw_spin_unlock_irqrestore+0xf6/0x100
[ 103.916911][ T4854] ? _raw_spin_unlock+0x40/0x40
[ 103.921760][ T4854] ? ntfs_readdir+0xdda/0x3550
[ 103.926517][ T4854] check_panic_on_warn+0x80/0xa0
[ 103.931646][ T4854] ? ntfs_readdir+0xdda/0x3550
[ 103.936598][ T4854] end_report+0x6d/0xf0
[ 103.940760][ T4854] kasan_report+0x102/0x130
[ 103.945270][ T4854] ? ntfs_readdir+0xdda/0x3550
[ 103.950034][ T4854] ntfs_readdir+0xdda/0x3550
[ 103.954637][ T4854] ? __might_sleep+0xf0/0xf0
[ 103.959224][ T4854] ? preempt_count_add+0x8d/0x190
[ 103.964508][ T4854] ? rwsem_write_trylock+0x12f/0x1b0
[ 103.969901][ T4854] ? clear_nonspinnable+0x60/0x60
[ 103.974920][ T4854] ? ntfs_unmap_page+0x200/0x200
[ 103.979862][ T4854] iterate_dir+0x218/0x560
[ 103.984277][ T4854] __se_sys_getdents64+0xe5/0x260
[ 103.989298][ T4854] ? __x64_sys_getdents64+0x80/0x80
[ 103.994577][ T4854] ? filldir+0x720/0x720
[ 103.998814][ T4854] ? vtime_user_exit+0x2dc/0x400
[ 104.003747][ T4854] ? lockdep_hardirqs_on+0x94/0x140
[ 104.009044][ T4854] do_syscall_64+0x4c/0xa0
[ 104.013461][ T4854] ? clear_bhb_loop+0x30/0x80
[ 104.018132][ T4854] ? clear_bhb_loop+0x30/0x80
[ 104.022810][ T4854] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 104.028697][ T4854] RIP: 0033:0x7f021439d693
[ 104.033202][ T4854] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 82 3e f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[ 104.052978][ T4854] RSP: 002b:00007ffc4d096328 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[ 104.061484][ T4854] RAX: ffffffffffffffda RBX: 0000555586205640 RCX: 00007f021439d693
[ 104.069468][ T4854] RDX: 0000000000008000 RSI: 0000555586205640 RDI: 0000000000000006
[ 104.077432][ T4854] RBP: 0000555586205614 R08: 0000000000000000 R09: 0000000000000000
[ 104.085404][ T4854] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[ 104.093375][ T4854] R13: 0000000000000016 R14: 0000555586205610 R15: 0000000000000001
[ 104.101612][ T4854]
[ 104.119832][ T4854] Kernel Offset: disabled
[ 104.124160][ T4854] Rebooting in 86400 seconds..