Warning: Permanently added '10.128.0.254' (ED25519) to the list of known hosts.
2026/04/19 16:33:16 parsed 1 programs
Setting up swapspace version 1, size = 127995904 bytes
[  105.742564][ T4634] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
[  107.416523][ T4654] chnl_net:caif_netlink_parms(): no params data found
[  107.460051][ T4654] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.467416][ T4654] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.475946][ T4654] device bridge_slave_0 entered promiscuous mode
[  107.483819][ T4654] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.491347][ T4654] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.500297][ T4654] device bridge_slave_1 entered promiscuous mode
[  107.521533][ T4654] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  107.532927][ T4654] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  107.558403][ T4654] team0: Port device team_slave_0 added
[  107.567503][ T4654] team0: Port device team_slave_1 added
[  107.590032][ T4654] batman_adv: batadv0: Adding interface: batadv_slave_0
[  107.597037][ T4654] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.623395][ T4654] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  107.635318][ T4654] batman_adv: batadv0: Adding interface: batadv_slave_1
[  107.642287][ T4654] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.669001][ T4654] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  107.701853][ T4654] device hsr_slave_0 entered promiscuous mode
[  107.709028][ T4654] device hsr_slave_1 entered promiscuous mode
[  108.316325][ T4654] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  108.332288][ T4654] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  108.347620][ T4654] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  108.357893][ T4654] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  108.393141][ T4654] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.400291][ T4654] bridge0: port 2(bridge_slave_1) entered forwarding state
[  108.407715][ T4654] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.414833][ T4654] bridge0: port 1(bridge_slave_0) entered forwarding state
[  108.431136][ T4224] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.445604][ T4224] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.535768][ T4654] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.561835][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  108.575465][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  108.598852][ T4654] 8021q: adding VLAN 0 to HW filter on device team0
[  108.620341][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  108.635594][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  108.644426][ T4224] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.651652][ T4224] bridge0: port 1(bridge_slave_0) entered forwarding state
[  108.688475][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  108.706332][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  108.721666][ T4224] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.728922][ T4224] bridge0: port 2(bridge_slave_1) entered forwarding state
[  108.746747][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  108.777244][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  108.795898][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  108.817272][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  108.836308][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  108.860468][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  108.872873][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  108.895544][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  108.915576][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  108.927169][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  108.950705][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  108.972486][ T4654] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  109.205339][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  109.213004][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  109.240885][ T4654] 8021q: adding VLAN 0 to HW filter on device batadv0
[  109.264255][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  109.279827][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  109.318423][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  109.336408][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  109.355375][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  109.365940][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  109.389325][ T4654] device veth0_vlan entered promiscuous mode
[  109.404492][ T4654] device veth1_vlan entered promiscuous mode
[  109.431484][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  109.443795][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  109.453295][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  109.463042][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  109.476276][ T4654] device veth0_macvtap entered promiscuous mode
[  109.487779][ T4654] device veth1_macvtap entered promiscuous mode
[  109.508597][ T4654] batman_adv: batadv0: Interface activated: batadv_slave_0
[  109.518022][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  109.535903][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  109.546361][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  109.559958][ T4654] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.567901][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  109.577732][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  109.590457][ T4654] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.599857][ T4654] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.616238][ T4654] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.631205][ T4654] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.141457][ T4224] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.165934][ T4224] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.198099][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  111.214113][ T4224] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.234979][ T4224] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.242697][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  113.059257][    T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2026/04/19 16:33:27 executed programs: 0
[  113.596686][ T4867] chnl_net:caif_netlink_parms(): no params data found
[  113.664065][ T4867] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.671582][ T4867] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.679891][ T4867] device bridge_slave_0 entered promiscuous mode
[  113.693630][ T4867] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.701178][ T4867] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.709548][ T4867] device bridge_slave_1 entered promiscuous mode
[  113.738103][ T4867] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  113.750086][ T4867] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  113.785299][    T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.802660][ T4867] team0: Port device team_slave_0 added
[  113.810799][ T4867] team0: Port device team_slave_1 added
[  113.838010][ T4867] batman_adv: batadv0: Adding interface: batadv_slave_0
[  113.847982][ T4867] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  113.879178][ T4867] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  113.892798][ T4867] batman_adv: batadv0: Adding interface: batadv_slave_1
[  113.902937][ T4867] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  113.933397][ T4867] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  113.954404][    T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.003270][ T4867] device hsr_slave_0 entered promiscuous mode
[  114.013041][ T4867] device hsr_slave_1 entered promiscuous mode
[  114.020723][ T4867] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  114.031427][ T4867] Cannot create hsr debugfs directory
[  114.049142][    T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.879545][ T4867] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  114.919105][ T4867] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  114.929144][ T4867] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  114.940686][ T4867] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  115.086279][ T4867] 8021q: adding VLAN 0 to HW filter on device bond0
[  115.100892][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  115.110242][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  115.124441][ T4867] 8021q: adding VLAN 0 to HW filter on device team0
[  115.170347][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  115.179774][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  115.189563][ T4338] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.196823][ T4338] bridge0: port 1(bridge_slave_0) entered forwarding state
[  115.238219][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  115.249191][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  115.258580][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  115.271661][ T4338] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.278965][ T4338] bridge0: port 2(bridge_slave_1) entered forwarding state
[  115.291150][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  115.309172][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  115.318635][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  115.332172][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  115.388081][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  115.396589][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  115.409211][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  115.422064][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  115.433967][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  115.443230][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  115.455574][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  115.467192][ T4867] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  115.525638][ T4301] Bluetooth: hci0: command 0x0409 tx timeout
[  115.713453][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  115.725243][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  115.739156][ T4867] 8021q: adding VLAN 0 to HW filter on device batadv0
[  115.799157][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  115.811483][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  115.853019][ T4867] device veth0_vlan entered promiscuous mode
[  115.864286][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  115.873835][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  115.893326][ T4867] device veth1_vlan entered promiscuous mode
[  115.908147][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  115.929784][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  115.938921][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  115.970735][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  115.979841][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  115.988769][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  116.000499][ T4867] device veth0_macvtap entered promiscuous mode
[  116.037121][    T9] device hsr_slave_0 left promiscuous mode
[  116.043620][    T9] device hsr_slave_1 left promiscuous mode
[  116.051166][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  116.060088][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  116.068592][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  116.076547][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  116.087977][    T9] device bridge_slave_1 left promiscuous mode
[  116.094326][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.103966][    T9] device bridge_slave_0 left promiscuous mode
[  116.113613][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.130819][    T9] device veth1_macvtap left promiscuous mode
[  116.137592][    T9] device veth0_macvtap left promiscuous mode
[  116.144000][    T9] device veth1_vlan left promiscuous mode
[  116.152924][    T9] device veth0_vlan left promiscuous mode
[  116.432586][    T9] team0 (unregistering): Port device team_slave_1 removed
[  116.451240][    T9] team0 (unregistering): Port device team_slave_0 removed
[  116.468710][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  116.491006][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  116.584542][    T9] bond0 (unregistering): Released all slaves
[  116.655311][ T4867] device veth1_macvtap entered promiscuous mode
[  116.671352][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  116.681032][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  116.707676][ T4867] batman_adv: batadv0: Interface activated: batadv_slave_0
[  116.717600][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  116.730637][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  116.745454][ T4867] batman_adv: batadv0: Interface activated: batadv_slave_1
[  116.758518][ T4867] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.768529][ T4867] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.780097][ T4867] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.789246][ T4867] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.815636][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  116.827712][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  116.912248][ T4224] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.923301][ T4224] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.934310][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  116.981846][  T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.993509][  T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.002753][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  117.187419][ T5028] loop0: detected capacity change from 0 to 8192
[  117.227455][ T5028] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  117.244016][ T5028] REISERFS (device loop0): using ordered data mode
[  117.251356][ T5028] reiserfs: using flush barriers
[  117.258741][ T5028] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  117.281621][ T5028] REISERFS (device loop0): checking transaction log (loop0)
[  117.299786][ T5028] REISERFS (device loop0): Using tea hash to sort names
[  117.310249][ T5028] ==================================================================
[  117.318602][ T5028] BUG: KASAN: out-of-bounds in leaf_paste_entries+0x794/0x1130
[  117.326273][ T5028] Read of size 18446744073709551584 at addr ffff888059024fa4 by task syz.0.17/5028
[  117.335580][ T5028] 
[  117.337957][ T5028] CPU: 0 PID: 5028 Comm: syz.0.17 Not tainted syzkaller #0
[  117.345274][ T5028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  117.355921][ T5028] Call Trace:
[  117.359239][ T5028]  <TASK>
[  117.362200][ T5028]  dump_stack_lvl+0x188/0x250
[  117.367005][ T5028]  ? show_regs_print_info+0x20/0x20
[  117.372441][ T5028]  ? load_image+0x400/0x400
[  117.377142][ T5028]  ? _raw_spin_lock_irqsave+0xbc/0x100
[  117.382787][ T5028]  ? __lock_acquire+0x13bc/0x7d10
[  117.387869][ T5028]  print_address_description+0x60/0x2d0
[  117.393753][ T5028]  ? leaf_paste_entries+0x794/0x1130
[  117.399356][ T5028]  kasan_report+0xdf/0x130
[  117.403805][ T5028]  ? leaf_paste_entries+0x794/0x1130
[  117.409119][ T5028]  ? journal_mark_dirty+0x21d/0xdf0
[  117.414547][ T5028]  ? leaf_paste_entries+0x794/0x1130
[  117.419982][ T5028]  kasan_check_range+0x235/0x290
[  117.425039][ T5028]  ? leaf_paste_entries+0x794/0x1130
[  117.430353][ T5028]  memmove+0x25/0x60
[  117.434276][ T5028]  leaf_paste_entries+0x794/0x1130
[  117.439526][ T5028]  balance_leaf+0xb2e5/0x10ec0
[  117.444337][ T5028]  ? mark_lock+0x94/0x320
[  117.448697][ T5028]  ? lock_chain_count+0x20/0x20
[  117.453772][ T5028]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  117.459897][ T5028]  ? do_balance+0x930/0x930
[  117.464476][ T5028]  ? _raw_spin_unlock+0x40/0x40
[  117.469400][ T5028]  ? stack_trace_snprint+0xf0/0xf0
[  117.474585][ T5028]  ? stack_depot_save+0x404/0x440
[  117.479701][ T5028]  ? __kasan_kmalloc+0xcc/0xf0
[  117.484493][ T5028]  ? __kasan_kmalloc+0xb5/0xf0
[  117.489279][ T5028]  ? fix_nodes+0x60a2/0x8340
[  117.493911][ T5028]  ? reiserfs_paste_into_item+0x60b/0x810
[  117.499662][ T5028]  ? reiserfs_add_entry+0xa42/0xe10
[  117.504974][ T5028]  ? reiserfs_mkdir+0x6bc/0x920
[  117.509846][ T5028]  ? reiserfs_xattr_init+0x331/0x720
[  117.515157][ T5028]  ? reiserfs_fill_super+0x1fe6/0x2440
[  117.520971][ T5028]  ? mount_bdev+0x287/0x3c0
[  117.525520][ T5028]  ? legacy_get_tree+0xe6/0x180
[  117.530415][ T5028]  ? vfs_get_tree+0x88/0x270
[  117.535045][ T5028]  ? do_new_mount+0x24a/0xa40
[  117.539843][ T5028]  ? __se_sys_mount+0x2e3/0x3d0
[  117.544916][ T5028]  ? do_syscall_64+0x4c/0xa0
[  117.549543][ T5028]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  117.555887][ T5028]  ? __wake_up_bit+0x120/0x120
[  117.560683][ T5028]  ? get_parents+0x400/0xd20
[  117.565401][ T5028]  ? get_neighbors+0x9ba/0x1030
[  117.570285][ T5028]  ? reiserfs_prepare_for_journal+0x269/0x280
[  117.576377][ T5028]  ? fix_nodes+0x7bc3/0x8340
[  117.581030][ T5028]  do_balance+0x318/0x930
[  117.585786][ T5028]  ? get_right_neighbor_position+0x210/0x210
[  117.591808][ T5028]  ? reiserfs_paste_into_item+0x3b0/0x810
[  117.597557][ T5028]  reiserfs_paste_into_item+0x6dd/0x810
[  117.603324][ T5028]  ? reiserfs_cut_from_item+0x1fa0/0x1fa0
[  117.605070][ T4223] Bluetooth: hci0: command 0x041b tx timeout
[  117.609219][ T5028]  ? reiserfs_get_parent+0x2f0/0x2f0
[  117.620520][ T5028]  ? inode_get_bytes+0x73/0xa0
[  117.625317][ T5028]  ? _find_first_zero_bit+0x60/0xf0
[  117.630551][ T5028]  reiserfs_add_entry+0xa42/0xe10
[  117.635717][ T5028]  ? drop_new_inode+0x60/0x60
[  117.640556][ T5028]  ? journal_begin+0x1f1/0x350
[  117.645443][ T5028]  ? reiserfs_update_inode_transaction+0x1c/0x120
[  117.651893][ T5028]  reiserfs_mkdir+0x6bc/0x920
[  117.656604][ T5028]  ? reiserfs_symlink+0x790/0x790
[  117.661769][ T5028]  ? rwsem_write_trylock+0x135/0x1c0
[  117.667424][ T5028]  ? lookup_one_len+0x19d/0x2d0
[  117.672298][ T5028]  ? lookup_one_common+0x460/0x460
[  117.677524][ T5028]  reiserfs_xattr_init+0x331/0x720
[  117.682666][ T5028]  reiserfs_fill_super+0x1fe6/0x2440
[  117.688435][ T5028]  ? reiserfs_kill_sb+0x140/0x140
[  117.693486][ T5028]  ? snprintf+0xe5/0x140
[  117.698031][ T5028]  ? vscnprintf+0x80/0x80
[  117.702653][ T5028]  ? set_blocksize+0x1f3/0x370
[  117.707537][ T5028]  ? sb_set_blocksize+0xa5/0xe0
[  117.712499][ T5028]  mount_bdev+0x287/0x3c0
[  117.716857][ T5028]  ? reiserfs_kill_sb+0x140/0x140
[  117.722007][ T5028]  legacy_get_tree+0xe6/0x180
[  117.726707][ T5028]  ? remove_save_link+0x3e0/0x3e0
[  117.731769][ T5028]  vfs_get_tree+0x88/0x270
[  117.736212][ T5028]  do_new_mount+0x24a/0xa40
[  117.740850][ T5028]  __se_sys_mount+0x2e3/0x3d0
[  117.746337][ T5028]  ? __x64_sys_mount+0xc0/0xc0
[  117.751222][ T5028]  ? lockdep_hardirqs_on+0x94/0x140
[  117.756533][ T5028]  ? __x64_sys_mount+0x1c/0xc0
[  117.761329][ T5028]  do_syscall_64+0x4c/0xa0
[  117.765780][ T5028]  ? clear_bhb_loop+0x30/0x80
[  117.770487][ T5028]  ? clear_bhb_loop+0x30/0x80
[  117.775412][ T5028]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  117.781425][ T5028] RIP: 0033:0x7f705328018a
[  117.786067][ T5028] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  117.805708][ T5028] RSP: 002b:00007f70528e1e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  117.814159][ T5028] RAX: ffffffffffffffda RBX: 00007f70528e1ee0 RCX: 00007f705328018a
[  117.822276][ T5028] RDX: 0000200000000040 RSI: 0000200000000000 RDI: 00007f70528e1ea0
[  117.830279][ T5028] RBP: 0000200000000040 R08: 00007f70528e1ee0 R09: 000000000000800c
[  117.838356][ T5028] R10: 000000000000800c R11: 0000000000000246 R12: 0000200000000000
[  117.846469][ T5028] R13: 00007f70528e1ea0 R14: 0000000000001122 R15: 0000200000000300
[  117.854490][ T5028]  </TASK>
[  117.857560][ T5028] 
[  117.859906][ T5028] The buggy address belongs to the page:
[  117.865556][ T5028] page:ffffea0001640900 refcount:3 mapcount:0 mapping:ffff888017095af0 index:0x213 pfn:0x59024
[  117.875995][ T5028] memcg:ffff8880197cc000
[  117.880349][ T5028] aops:def_blk_aops ino:700000
[  117.885149][ T5028] flags: 0xfff00000002022(referenced|active|private|node=0|zone=1|lastcpupid=0x7ff)
[  117.894554][ T5028] raw: 00fff00000002022 0000000000000000 dead000000000122 ffff888017095af0
[  117.903249][ T5028] raw: 0000000000000213 ffff888071a9e000 00000003ffffffff ffff8880197cc000
[  117.911934][ T5028] page dumped because: kasan: bad access detected
[  117.918355][ T5028] page_owner tracks the page as allocated
[  117.924081][ T5028] page last allocated via order 0, migratetype Movable, gfp_mask 0x108c48(GFP_NOFS|__GFP_NOFAIL|__GFP_HARDWALL|__GFP_MOVABLE), pid 5028, ts 117299215677, free_ts 117294116720
[  117.941388][ T5028]  get_page_from_freelist+0x1bbd/0x1ca0
[  117.946978][ T5028]  __alloc_pages+0x1ee/0x480
[  117.951607][ T5028]  __page_cache_alloc+0xce/0x440
[  117.956568][ T5028]  pagecache_get_page+0x9b6/0xf10
[  117.961733][ T5028]  __getblk_gfp+0x247/0xb60
[  117.966474][ T5028]  search_by_key+0x46c/0x4470
[  117.971181][ T5028]  reiserfs_read_locked_inode+0x195/0x26b0
[  117.977009][ T5028]  reiserfs_fill_super+0x12af/0x2440
[  117.982331][ T5028]  mount_bdev+0x287/0x3c0
[  117.986694][ T5028]  legacy_get_tree+0xe6/0x180
[  117.991399][ T5028]  vfs_get_tree+0x88/0x270
[  117.995835][ T5028]  do_new_mount+0x24a/0xa40
[  118.000366][ T5028]  __se_sys_mount+0x2e3/0x3d0
[  118.005147][ T5028]  do_syscall_64+0x4c/0xa0
[  118.009584][ T5028]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  118.015507][ T5028] page last free stack trace:
[  118.020196][ T5028]  free_unref_page_prepare+0x637/0x6c0
[  118.025768][ T5028]  free_unref_page_list+0x119/0x820
[  118.030988][ T5028]  release_pages+0x186c/0x1be0
[  118.035858][ T5028]  tlb_finish_mmu+0x1b4/0x370
[  118.040562][ T5028]  unmap_region+0x344/0x3b0
[  118.045115][ T5028]  __do_munmap+0x9f8/0xdf0
[  118.049566][ T5028]  __vm_munmap+0x140/0x240
[  118.054086][ T5028]  __x64_sys_munmap+0x67/0x70
[  118.058789][ T5028]  do_syscall_64+0x4c/0xa0
[  118.063237][ T5028]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  118.069246][ T5028] 
[  118.071593][ T5028] Memory state around the buggy address:
[  118.077239][ T5028]  ffff888059024e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  118.085424][ T5028]  ffff888059024f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  118.093526][ T5028] >ffff888059024f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  118.101619][ T5028]                                ^
[  118.106778][ T5028]  ffff888059025000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  118.114867][ T5028]  ffff888059025080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  118.123306][ T5028] ==================================================================
[  118.131602][ T5028] Disabling lock debugging due to kernel taint
[  118.150178][ T5028] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  118.157433][ T5028] CPU: 0 PID: 5028 Comm: syz.0.17 Tainted: G    B             syzkaller #0
[  118.166252][ T5028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  118.176538][ T5028] Call Trace:
[  118.179842][ T5028]  <TASK>
[  118.182796][ T5028]  dump_stack_lvl+0x188/0x250
[  118.187510][ T5028]  ? show_regs_print_info+0x20/0x20
[  118.193280][ T5028]  ? load_image+0x400/0x400
[  118.197838][ T5028]  panic+0x2e5/0x810
[  118.201772][ T5028]  ? bpf_jit_dump+0xd0/0xd0
[  118.206426][ T5028]  ? _raw_spin_unlock_irqrestore+0x10d/0x120
[  118.212430][ T5028]  ? _raw_spin_unlock+0x40/0x40
[  118.217304][ T5028]  ? leaf_paste_entries+0x794/0x1130
[  118.222611][ T5028]  check_panic_on_warn+0x80/0xa0
[  118.227680][ T5028]  ? leaf_paste_entries+0x794/0x1130
[  118.233174][ T5028]  end_report+0x6d/0xf0
[  118.237361][ T5028]  kasan_report+0x102/0x130
[  118.241878][ T5028]  ? leaf_paste_entries+0x794/0x1130
[  118.247396][ T5028]  ? journal_mark_dirty+0x21d/0xdf0
[  118.252617][ T5028]  ? leaf_paste_entries+0x794/0x1130
[  118.257927][ T5028]  kasan_check_range+0x235/0x290
[  118.262880][ T5028]  ? leaf_paste_entries+0x794/0x1130
[  118.268252][ T5028]  memmove+0x25/0x60
[  118.272148][ T5028]  leaf_paste_entries+0x794/0x1130
[  118.277396][ T5028]  balance_leaf+0xb2e5/0x10ec0
[  118.282338][ T5028]  ? mark_lock+0x94/0x320
[  118.286692][ T5028]  ? lock_chain_count+0x20/0x20
[  118.291751][ T5028]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  118.297739][ T5028]  ? do_balance+0x930/0x930
[  118.302252][ T5028]  ? _raw_spin_unlock+0x40/0x40
[  118.307118][ T5028]  ? stack_trace_snprint+0xf0/0xf0
[  118.312232][ T5028]  ? stack_depot_save+0x404/0x440
[  118.317283][ T5028]  ? __kasan_kmalloc+0xcc/0xf0
[  118.322051][ T5028]  ? __kasan_kmalloc+0xb5/0xf0
[  118.326820][ T5028]  ? fix_nodes+0x60a2/0x8340
[  118.331452][ T5028]  ? reiserfs_paste_into_item+0x60b/0x810
[  118.337219][ T5028]  ? reiserfs_add_entry+0xa42/0xe10
[  118.342460][ T5028]  ? reiserfs_mkdir+0x6bc/0x920
[  118.347326][ T5028]  ? reiserfs_xattr_init+0x331/0x720
[  118.352726][ T5028]  ? reiserfs_fill_super+0x1fe6/0x2440
[  118.358273][ T5028]  ? mount_bdev+0x287/0x3c0
[  118.362824][ T5028]  ? legacy_get_tree+0xe6/0x180
[  118.367698][ T5028]  ? vfs_get_tree+0x88/0x270
[  118.372298][ T5028]  ? do_new_mount+0x24a/0xa40
[  118.377070][ T5028]  ? __se_sys_mount+0x2e3/0x3d0
[  118.381923][ T5028]  ? do_syscall_64+0x4c/0xa0
[  118.386692][ T5028]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  118.392801][ T5028]  ? __wake_up_bit+0x120/0x120
[  118.397687][ T5028]  ? get_parents+0x400/0xd20
[  118.402549][ T5028]  ? get_neighbors+0x9ba/0x1030
[  118.407422][ T5028]  ? reiserfs_prepare_for_journal+0x269/0x280
[  118.413533][ T5028]  ? fix_nodes+0x7bc3/0x8340
[  118.418136][ T5028]  do_balance+0x318/0x930
[  118.422803][ T5028]  ? get_right_neighbor_position+0x210/0x210
[  118.428820][ T5028]  ? reiserfs_paste_into_item+0x3b0/0x810
[  118.434559][ T5028]  reiserfs_paste_into_item+0x6dd/0x810
[  118.440126][ T5028]  ? reiserfs_cut_from_item+0x1fa0/0x1fa0
[  118.445867][ T5028]  ? reiserfs_get_parent+0x2f0/0x2f0
[  118.451240][ T5028]  ? inode_get_bytes+0x73/0xa0
[  118.456127][ T5028]  ? _find_first_zero_bit+0x60/0xf0
[  118.461329][ T5028]  reiserfs_add_entry+0xa42/0xe10
[  118.466378][ T5028]  ? drop_new_inode+0x60/0x60
[  118.471072][ T5028]  ? journal_begin+0x1f1/0x350
[  118.475860][ T5028]  ? reiserfs_update_inode_transaction+0x1c/0x120
[  118.482304][ T5028]  reiserfs_mkdir+0x6bc/0x920
[  118.487113][ T5028]  ? reiserfs_symlink+0x790/0x790
[  118.492164][ T5028]  ? rwsem_write_trylock+0x135/0x1c0
[  118.497471][ T5028]  ? lookup_one_len+0x19d/0x2d0
[  118.502333][ T5028]  ? lookup_one_common+0x460/0x460
[  118.507559][ T5028]  reiserfs_xattr_init+0x331/0x720
[  118.512682][ T5028]  reiserfs_fill_super+0x1fe6/0x2440
[  118.517991][ T5028]  ? reiserfs_kill_sb+0x140/0x140
[  118.523017][ T5028]  ? snprintf+0xe5/0x140
[  118.527285][ T5028]  ? vscnprintf+0x80/0x80
[  118.531793][ T5028]  ? set_blocksize+0x1f3/0x370
[  118.536565][ T5028]  ? sb_set_blocksize+0xa5/0xe0
[  118.541414][ T5028]  mount_bdev+0x287/0x3c0
[  118.545756][ T5028]  ? reiserfs_kill_sb+0x140/0x140
[  118.550782][ T5028]  legacy_get_tree+0xe6/0x180
[  118.555472][ T5028]  ? remove_save_link+0x3e0/0x3e0
[  118.560498][ T5028]  vfs_get_tree+0x88/0x270
[  118.565093][ T5028]  do_new_mount+0x24a/0xa40
[  118.569606][ T5028]  __se_sys_mount+0x2e3/0x3d0
[  118.574285][ T5028]  ? __x64_sys_mount+0xc0/0xc0
[  118.579070][ T5028]  ? lockdep_hardirqs_on+0x94/0x140
[  118.584267][ T5028]  ? __x64_sys_mount+0x1c/0xc0
[  118.589031][ T5028]  do_syscall_64+0x4c/0xa0
[  118.593454][ T5028]  ? clear_bhb_loop+0x30/0x80
[  118.598309][ T5028]  ? clear_bhb_loop+0x30/0x80
[  118.603073][ T5028]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  118.608966][ T5028] RIP: 0033:0x7f705328018a
[  118.613393][ T5028] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  118.633008][ T5028] RSP: 002b:00007f70528e1e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  118.641476][ T5028] RAX: ffffffffffffffda RBX: 00007f70528e1ee0 RCX: 00007f705328018a
[  118.649534][ T5028] RDX: 0000200000000040 RSI: 0000200000000000 RDI: 00007f70528e1ea0
[  118.657877][ T5028] RBP: 0000200000000040 R08: 00007f70528e1ee0 R09: 000000000000800c
[  118.666057][ T5028] R10: 000000000000800c R11: 0000000000000246 R12: 0000200000000000
[  118.674083][ T5028] R13: 00007f70528e1ea0 R14: 0000000000001122 R15: 0000200000000300
[  118.682498][ T5028]  </TASK>
[  118.686040][ T5028] Kernel Offset: disabled
[  118.690588][ T5028] Rebooting in 86400 seconds..