Warning: Permanently added '10.128.1.108' (ED25519) to the list of known hosts.
2024/10/14 09:24:48 ignoring optional flag "sandboxArg"="0"
2024/10/14 09:24:48 ignoring optional flag "type"="gce"
2024/10/14 09:24:48 parsed 1 programs
[ 90.570193][ T5682] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 92.900558][ T5694] chnl_net:caif_netlink_parms(): no params data found
[ 92.942622][ T5694] bridge0: port 1(bridge_slave_0) entered blocking state
[ 92.950053][ T5694] bridge0: port 1(bridge_slave_0) entered disabled state
[ 92.957462][ T5694] bridge_slave_0: entered allmulticast mode
[ 92.964909][ T5694] bridge_slave_0: entered promiscuous mode
[ 92.972114][ T5694] bridge0: port 2(bridge_slave_1) entered blocking state
[ 92.979716][ T5694] bridge0: port 2(bridge_slave_1) entered disabled state
[ 92.987427][ T5694] bridge_slave_1: entered allmulticast mode
[ 92.993954][ T5694] bridge_slave_1: entered promiscuous mode
[ 93.013076][ T5694] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 93.023879][ T5694] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 93.047404][ T5694] team0: Port device team_slave_0 added
[ 93.055081][ T5694] team0: Port device team_slave_1 added
[ 93.072107][ T5694] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 93.079366][ T5694] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 93.105512][ T5694] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 93.118084][ T5694] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 93.125213][ T5694] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 93.151206][ T5694] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 93.179072][ T5694] hsr_slave_0: entered promiscuous mode
[ 93.188761][ T5694] hsr_slave_1: entered promiscuous mode
[ 93.680527][ T5694] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 93.696549][ T5694] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 93.709416][ T5694] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 93.719058][ T5694] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 93.743652][ T5694] bridge0: port 2(bridge_slave_1) entered blocking state
[ 93.750992][ T5694] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 93.759337][ T5694] bridge0: port 1(bridge_slave_0) entered blocking state
[ 93.766523][ T5694] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 93.828547][ T5694] 8021q: adding VLAN 0 to HW filter on device bond0
[ 93.846027][ T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 93.856151][ T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 93.877388][ T5694] 8021q: adding VLAN 0 to HW filter on device team0
[ 93.898034][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 93.905653][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 93.917604][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 93.924756][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 94.112071][ T5694] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 94.150397][ T5694] veth0_vlan: entered promiscuous mode
[ 94.162342][ T5694] veth1_vlan: entered promiscuous mode
[ 94.191685][ T5694] veth0_macvtap: entered promiscuous mode
[ 94.200959][ T5694] veth1_macvtap: entered promiscuous mode
[ 94.220504][ T5694] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 94.249501][ T5694] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 94.267229][ T5694] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 94.277375][ T5694] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 94.288610][ T5694] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 94.298273][ T5694] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 94.471364][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 94.564366][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 94.602281][ T1123] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 94.617461][ T1123] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 94.638673][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 94.670034][ T2976] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 94.679092][ T2976] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 94.740356][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 94.965524][ T4613] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 94.974114][ T4613] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 94.982472][ T4613] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 94.991035][ T4613] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 94.998886][ T4613] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 95.006947][ T4613] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 97.513038][ T12] bridge_slave_1: left allmulticast mode
[ 97.519094][ T12] bridge_slave_1: left promiscuous mode
[ 97.529889][ T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 97.553645][ T12] bridge_slave_0: left allmulticast mode
[ 97.560845][ T12] bridge_slave_0: left promiscuous mode
[ 97.567478][ T12] bridge0: port 1(bridge_slave_0) entered disabled state
2024/10/14 09:24:59 executed programs: 0
[ 97.692041][ T5229] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 97.703776][ T5229] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 97.725413][ T5229] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 97.744118][ T5229] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 97.756697][ T5229] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 97.766343][ T5229] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 98.068568][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 98.080180][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 98.091019][ T12] bond0 (unregistering): Released all slaves
[ 98.191873][ T12] hsr_slave_0: left promiscuous mode
[ 98.199222][ T12] hsr_slave_1: left promiscuous mode
[ 98.205696][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 98.213131][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 98.228736][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 98.240660][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 98.258718][ T12] veth1_macvtap: left promiscuous mode
[ 98.264777][ T12] veth0_macvtap: left promiscuous mode
[ 98.270406][ T12] veth1_vlan: left promiscuous mode
[ 98.278203][ T12] veth0_vlan: left promiscuous mode
[ 98.626737][ T12] team0 (unregistering): Port device team_slave_1 removed
[ 98.654243][ T12] team0 (unregistering): Port device team_slave_0 removed
[ 98.982952][ T5931] chnl_net:caif_netlink_parms(): no params data found
[ 99.088734][ T5931] bridge0: port 1(bridge_slave_0) entered blocking state
[ 99.096034][ T5931] bridge0: port 1(bridge_slave_0) entered disabled state
[ 99.103263][ T5931] bridge_slave_0: entered allmulticast mode
[ 99.111598][ T5931] bridge_slave_0: entered promiscuous mode
[ 99.119791][ T5931] bridge0: port 2(bridge_slave_1) entered blocking state
[ 99.127113][ T5931] bridge0: port 2(bridge_slave_1) entered disabled state
[ 99.135040][ T5931] bridge_slave_1: entered allmulticast mode
[ 99.142001][ T5931] bridge_slave_1: entered promiscuous mode
[ 99.172032][ T5931] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 99.183855][ T5931] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 99.222208][ T5931] team0: Port device team_slave_0 added
[ 99.231629][ T5931] team0: Port device team_slave_1 added
[ 99.263519][ T5931] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 99.272103][ T5931] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 99.299803][ T5931] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 99.319182][ T5931] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 99.326305][ T5931] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 99.353461][ T5931] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 99.396297][ T5931] hsr_slave_0: entered promiscuous mode
[ 99.402959][ T5931] hsr_slave_1: entered promiscuous mode
[ 99.834783][ T4613] Bluetooth: hci0: command tx timeout
[ 100.459148][ T5931] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 100.478315][ T5931] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 100.504592][ T5931] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 100.526570][ T5931] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 100.676943][ T5931] 8021q: adding VLAN 0 to HW filter on device bond0
[ 100.713189][ T5931] 8021q: adding VLAN 0 to HW filter on device team0
[ 100.729023][ T35] bridge0: port 1(bridge_slave_0) entered blocking state
[ 100.736315][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 100.770622][ T35] bridge0: port 2(bridge_slave_1) entered blocking state
[ 100.777835][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 100.997148][ T5931] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 101.047592][ T5931] veth0_vlan: entered promiscuous mode
[ 101.058759][ T5931] veth1_vlan: entered promiscuous mode
[ 101.084257][ T5931] veth0_macvtap: entered promiscuous mode
[ 101.093346][ T5931] veth1_macvtap: entered promiscuous mode
[ 101.111670][ T5931] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 101.127757][ T5931] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 101.139161][ T5931] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.151141][ T5931] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.160099][ T5931] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.168922][ T5931] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.234965][ T2976] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 101.242978][ T2976] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 101.290365][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 101.299095][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 101.369097][ T6057] loop0: detected capacity change from 0 to 1024
[ 101.423313][ T6057] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 101.510739][ T6057] loop0: detected capacity change from 1024 to 1023
[ 101.537790][ T5931] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /0/bus: bad entry in directory: rec_len is smaller than minimal - offset=980, inode=0, rec_len=0, size=1024 fake=0
[ 101.566084][ T5931] ==================================================================
[ 101.574184][ T5931] BUG: KASAN: slab-out-of-bounds in ext4_read_inline_dir+0x567/0xe60
[ 101.582290][ T5931] Read of size 68 at addr ffff8880274cb51a by task syz-executor/5931
[ 101.590422][ T5931]
[ 101.592759][ T5931] CPU: 1 UID: 0 PID: 5931 Comm: syz-executor Not tainted 6.12.0-rc3-syzkaller-g6485cf5ea253 #0
[ 101.603083][ T5931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 101.613144][ T5931] Call Trace:
[ 101.616459][ T5931]
[ 101.619386][ T5931] dump_stack_lvl+0x241/0x360
[ 101.624084][ T5931] ? __pfx_dump_stack_lvl+0x10/0x10
[ 101.629277][ T5931] ? __pfx__printk+0x10/0x10
[ 101.633903][ T5931] ? _printk+0xd5/0x120
[ 101.638056][ T5931] ? __virt_addr_valid+0x183/0x530
[ 101.643163][ T5931] ? __virt_addr_valid+0x183/0x530
[ 101.648444][ T5931] print_report+0x169/0x550
[ 101.652945][ T5931] ? __virt_addr_valid+0x183/0x530
[ 101.658060][ T5931] ? __virt_addr_valid+0x183/0x530
[ 101.663168][ T5931] ? __virt_addr_valid+0x45f/0x530
[ 101.668276][ T5931] ? __phys_addr+0xba/0x170
[ 101.672774][ T5931] ? ext4_read_inline_dir+0x567/0xe60
[ 101.678144][ T5931] kasan_report+0x143/0x180
[ 101.682653][ T5931] ? ext4_read_inline_dir+0x567/0xe60
[ 101.688024][ T5931] kasan_check_range+0x282/0x290
[ 101.692964][ T5931] ? ext4_read_inline_dir+0x567/0xe60
[ 101.698330][ T5931] __asan_memcpy+0x29/0x70
[ 101.702836][ T5931] ext4_read_inline_dir+0x567/0xe60
[ 101.708034][ T5931] ? __lock_acquire+0x1384/0x2050
[ 101.713057][ T5931] ? __pfx_ext4_read_inline_dir+0x10/0x10
[ 101.718773][ T5931] ext4_readdir+0x475/0x3a60
[ 101.723364][ T5931] ? __pfx_lock_acquire+0x10/0x10
[ 101.728384][ T5931] ? __pfx___might_resched+0x10/0x10
[ 101.733664][ T5931] ? __mutex_trylock_common+0x183/0x2e0
[ 101.739203][ T5931] ? __pfx___might_resched+0x10/0x10
[ 101.744487][ T5931] ? __pfx___mutex_trylock_common+0x10/0x10
[ 101.750380][ T5931] ? down_read_killable+0xaaa/0xd30
[ 101.755571][ T5931] ? __pfx_ext4_readdir+0x10/0x10
[ 101.760618][ T5931] ? trace_contention_end+0x3c/0x120
[ 101.765900][ T5931] ? __mutex_lock+0x2ef/0xd70
[ 101.770573][ T5931] ? iterate_dir+0x20c/0x800
[ 101.775166][ T5931] ? __pfx_down_read_killable+0x10/0x10
[ 101.780718][ T5931] ? fdget_pos+0x24e/0x320
[ 101.785134][ T5931] ? __pfx___mutex_lock+0x10/0x10
[ 101.790171][ T5931] ? __pfx_reacquire_held_locks+0x10/0x10
[ 101.795888][ T5931] iterate_dir+0x571/0x800
[ 101.800308][ T5931] __se_sys_getdents64+0x1d3/0x4a0
[ 101.805417][ T5931] ? __pfx___se_sys_getdents64+0x10/0x10
[ 101.811043][ T5931] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 101.817021][ T5931] ? __pfx_filldir64+0x10/0x10
[ 101.821781][ T5931] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 101.828107][ T5931] ? exc_page_fault+0x590/0x8c0
[ 101.832960][ T5931] ? do_syscall_64+0xb6/0x230
[ 101.837631][ T5931] do_syscall_64+0xf3/0x230
[ 101.842127][ T5931] ? clear_bhb_loop+0x35/0x90
[ 101.846799][ T5931] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 101.852702][ T5931] RIP: 0033:0x7f61863a9333
[ 101.857115][ T5931] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 02 45 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[ 101.876747][ T5931] RSP: 002b:00007ffd8dc68ce8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[ 101.885247][ T5931] RAX: ffffffffffffffda RBX: 000055555752d640 RCX: 00007f61863a9333
[ 101.893216][ T5931] RDX: 0000000000008000 RSI: 000055555752d640 RDI: 0000000000000006
[ 101.901207][ T5931] RBP: 000055555752d614 R08: 0000000000000000 R09: 0000000000000000
[ 101.909171][ T5931] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[ 101.917152][ T5931] R13: 0000000000000016 R14: 000055555752d610 R15: 00007ffd8dc6c080
[ 101.925215][ T5931]
[ 101.928226][ T5931]
[ 101.930541][ T5931] Allocated by task 5902:
[ 101.934856][ T5931] kasan_save_track+0x3f/0x80
[ 101.939535][ T5931] __kasan_slab_alloc+0x66/0x80
[ 101.944379][ T5931] kmem_cache_alloc_bulk_noprof+0x4fa/0x7c0
[ 101.950262][ T5931] mas_alloc_nodes+0x3d5/0x840
[ 101.955022][ T5931] mas_preallocate+0x554/0x8c0
[ 101.959782][ T5931] mmap_region+0x1ea1/0x2990
[ 101.964365][ T5931] do_mmap+0x8f0/0x1000
[ 101.968521][ T5931] vm_mmap_pgoff+0x1dd/0x3d0
[ 101.973104][ T5931] do_syscall_64+0xf3/0x230
[ 101.977599][ T5931] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 101.983500][ T5931]
[ 101.985814][ T5931] Freed by task 5906:
[ 101.989785][ T5931] kasan_save_track+0x3f/0x80
[ 101.994454][ T5931] kasan_save_free_info+0x40/0x50
[ 101.999469][ T5931] __kasan_slab_free+0x59/0x70
[ 102.004227][ T5931] kmem_cache_free+0x1a2/0x420
[ 102.008982][ T5931] rcu_core+0xaaa/0x17a0
[ 102.013212][ T5931] handle_softirqs+0x2c5/0x980
[ 102.017970][ T5931] __irq_exit_rcu+0xf4/0x1c0
[ 102.022551][ T5931] irq_exit_rcu+0x9/0x30
[ 102.026785][ T5931] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 102.032425][ T5931] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 102.038402][ T5931]
[ 102.040720][ T5931] Last potentially related work creation:
[ 102.046426][ T5931] kasan_save_stack+0x3f/0x60
[ 102.051103][ T5931] __kasan_record_aux_stack+0xac/0xc0
[ 102.056467][ T5931] call_rcu+0x167/0xa70
[ 102.060613][ T5931] mas_wmb_replace+0x1483/0x2860
[ 102.065551][ T5931] mas_commit_b_node+0x1190/0x1af0
[ 102.070652][ T5931] mas_wr_store_entry+0x4ea/0x2380
[ 102.075773][ T5931] mas_store_prealloc+0xcbb/0x1390
[ 102.080887][ T5931] vma_complete+0x21d/0xb50
[ 102.085388][ T5931] __split_vma+0xaa6/0xc50
[ 102.089796][ T5931] vms_gather_munmap_vmas+0x4b2/0x15d0
[ 102.095252][ T5931] mmap_region+0x817/0x2990
[ 102.099751][ T5931] do_mmap+0x8f0/0x1000
[ 102.103899][ T5931] vm_mmap_pgoff+0x1dd/0x3d0
[ 102.108481][ T5931] ksys_mmap_pgoff+0x4eb/0x720
[ 102.113323][ T5931] do_syscall_64+0xf3/0x230
[ 102.117822][ T5931] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 102.123715][ T5931]
[ 102.126030][ T5931] The buggy address belongs to the object at ffff8880274cb400
[ 102.126030][ T5931] which belongs to the cache maple_node of size 256
[ 102.139985][ T5931] The buggy address is located 26 bytes to the right of
[ 102.139985][ T5931] allocated 256-byte region [ffff8880274cb400, ffff8880274cb500)
[ 102.154558][ T5931]
[ 102.156888][ T5931] The buggy address belongs to the physical page:
[ 102.163294][ T5931] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x274ca
[ 102.172101][ T5931] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 102.180598][ T5931] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 102.188579][ T5931] page_type: f5(slab)
[ 102.192556][ T5931] raw: 00fff00000000040 ffff88801ac91000 0000000000000000 0000000000000001
[ 102.201130][ T5931] raw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000
[ 102.209711][ T5931] head: 00fff00000000040 ffff88801ac91000 0000000000000000 0000000000000001
[ 102.218385][ T5931] head: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000
[ 102.227043][ T5931] head: 00fff00000000001 ffffea00009d3281 ffffffffffffffff 0000000000000000
[ 102.235707][ T5931] head: ffff888000000002 0000000000000000 00000000ffffffff 0000000000000000
[ 102.244365][ T5931] page dumped because: kasan: bad access detected
[ 102.250777][ T5931] page_owner tracks the page as allocated
[ 102.256481][ T5931] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5556, tgid 5556 (sh), ts 80282771041, free_ts 78405897746
[ 102.276969][ T5931] post_alloc_hook+0x1f3/0x230
[ 102.281765][ T5931] get_page_from_freelist+0x3039/0x3180
[ 102.287521][ T5931] __alloc_pages_noprof+0x292/0x710
[ 102.292732][ T5931] alloc_pages_mpol_noprof+0x3e8/0x680
[ 102.298208][ T5931] alloc_slab_page+0x6a/0x120
[ 102.302985][ T5931] allocate_slab+0x5a/0x2f0
[ 102.307491][ T5931] ___slab_alloc+0xcd1/0x14b0
[ 102.312212][ T5931] __slab_alloc+0x58/0xa0
[ 102.316542][ T5931] kmem_cache_alloc_noprof+0x1c1/0x2a0
[ 102.322020][ T5931] mas_alloc_nodes+0x26c/0x840
[ 102.326787][ T5931] mas_preallocate+0x554/0x8c0
[ 102.331550][ T5931] __split_vma+0x302/0xc50
[ 102.335959][ T5931] vms_gather_munmap_vmas+0x2ee/0x15d0
[ 102.341412][ T5931] mmap_region+0x817/0x2990
[ 102.345910][ T5931] do_mmap+0x8f0/0x1000
[ 102.350056][ T5931] vm_mmap_pgoff+0x1dd/0x3d0
[ 102.354643][ T5931] page last free pid 5541 tgid 5541 stack trace:
[ 102.360972][ T5931] free_unref_page+0xcd0/0xf00
[ 102.365752][ T5931] __folio_put+0x2c7/0x440
[ 102.370188][ T5931] pipe_read+0x6ed/0x13e0
[ 102.374533][ T5931] vfs_read+0x9bb/0xbc0
[ 102.378720][ T5931] ksys_read+0x183/0x2b0
[ 102.382969][ T5931] do_syscall_64+0xf3/0x230
[ 102.387469][ T5931] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 102.393364][ T5931]
[ 102.395712][ T5931] Memory state around the buggy address:
[ 102.401369][ T5931] ffff8880274cb400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 102.409421][ T5931] ffff8880274cb480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 102.417473][ T5931] >ffff8880274cb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 102.425522][ T5931] ^
[ 102.430359][ T5931] ffff8880274cb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 102.438422][ T5931] ffff8880274cb600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 102.446559][ T5931] ==================================================================
[ 102.474805][ T4613] Bluetooth: hci0: command tx timeout
[ 102.518467][ T5931] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 102.525730][ T5931] CPU: 0 UID: 0 PID: 5931 Comm: syz-executor Not tainted 6.12.0-rc3-syzkaller-g6485cf5ea253 #0
[ 102.536079][ T5931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 102.546153][ T5931] Call Trace:
[ 102.549432][ T5931]
[ 102.552355][ T5931] dump_stack_lvl+0x241/0x360
[ 102.557029][ T5931] ? __pfx_dump_stack_lvl+0x10/0x10
[ 102.562237][ T5931] ? __pfx__printk+0x10/0x10
[ 102.566837][ T5931] ? preempt_schedule+0xe1/0xf0
[ 102.571697][ T5931] ? vscnprintf+0x5d/0x90
[ 102.576033][ T5931] panic+0x349/0x880
[ 102.579938][ T5931] ? check_panic_on_warn+0x21/0xb0
[ 102.585053][ T5931] ? __pfx_panic+0x10/0x10
[ 102.589469][ T5931] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 102.595455][ T5931] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 102.601782][ T5931] ? print_report+0x502/0x550
[ 102.606461][ T5931] check_panic_on_warn+0x86/0xb0
[ 102.611392][ T5931] ? ext4_read_inline_dir+0x567/0xe60
[ 102.616760][ T5931] end_report+0x77/0x160
[ 102.621004][ T5931] kasan_report+0x154/0x180
[ 102.625537][ T5931] ? ext4_read_inline_dir+0x567/0xe60
[ 102.630912][ T5931] kasan_check_range+0x282/0x290
[ 102.635845][ T5931] ? ext4_read_inline_dir+0x567/0xe60
[ 102.641211][ T5931] __asan_memcpy+0x29/0x70
[ 102.645624][ T5931] ext4_read_inline_dir+0x567/0xe60
[ 102.650826][ T5931] ? __lock_acquire+0x1384/0x2050
[ 102.655848][ T5931] ? __pfx_ext4_read_inline_dir+0x10/0x10
[ 102.661567][ T5931] ext4_readdir+0x475/0x3a60
[ 102.666170][ T5931] ? __pfx_lock_acquire+0x10/0x10
[ 102.671190][ T5931] ? __pfx___might_resched+0x10/0x10
[ 102.676472][ T5931] ? __mutex_trylock_common+0x183/0x2e0
[ 102.682013][ T5931] ? __pfx___might_resched+0x10/0x10
[ 102.687298][ T5931] ? __pfx___mutex_trylock_common+0x10/0x10
[ 102.693185][ T5931] ? down_read_killable+0xaaa/0xd30
[ 102.698388][ T5931] ? __pfx_ext4_readdir+0x10/0x10
[ 102.703496][ T5931] ? trace_contention_end+0x3c/0x120
[ 102.708871][ T5931] ? __mutex_lock+0x2ef/0xd70
[ 102.713550][ T5931] ? iterate_dir+0x20c/0x800
[ 102.718231][ T5931] ? __pfx_down_read_killable+0x10/0x10
[ 102.723768][ T5931] ? fdget_pos+0x24e/0x320
[ 102.728183][ T5931] ? __pfx___mutex_lock+0x10/0x10
[ 102.733199][ T5931] ? __pfx_reacquire_held_locks+0x10/0x10
[ 102.738924][ T5931] iterate_dir+0x571/0x800
[ 102.743347][ T5931] __se_sys_getdents64+0x1d3/0x4a0
[ 102.748469][ T5931] ? __pfx___se_sys_getdents64+0x10/0x10
[ 102.754096][ T5931] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 102.760073][ T5931] ? __pfx_filldir64+0x10/0x10
[ 102.764922][ T5931] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 102.771255][ T5931] ? exc_page_fault+0x590/0x8c0
[ 102.776108][ T5931] ? do_syscall_64+0xb6/0x230
[ 102.780780][ T5931] do_syscall_64+0xf3/0x230
[ 102.785281][ T5931] ? clear_bhb_loop+0x35/0x90
[ 102.789956][ T5931] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 102.795855][ T5931] RIP: 0033:0x7f61863a9333
[ 102.800276][ T5931] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 02 45 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[ 102.819876][ T5931] RSP: 002b:00007ffd8dc68ce8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[ 102.828284][ T5931] RAX: ffffffffffffffda RBX: 000055555752d640 RCX: 00007f61863a9333
[ 102.836253][ T5931] RDX: 0000000000008000 RSI: 000055555752d640 RDI: 0000000000000006
[ 102.844225][ T5931] RBP: 000055555752d614 R08: 0000000000000000 R09: 0000000000000000
[ 102.852197][ T5931] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[ 102.860162][ T5931] R13: 0000000000000016 R14: 000055555752d610 R15: 00007ffd8dc6c080
[ 102.868129][ T5931]
[ 102.871384][ T5931] Kernel Offset: disabled
[ 102.875707][ T5931] Rebooting in 86400 seconds..