Warning: Permanently added '10.128.0.215' (ED25519) to the list of known hosts.
2026/06/07 03:42:45 parsed 1 programs
Setting up swapspace version 1, size = 127995904 bytes
[ 108.236544][ T4624] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 109.857912][ T4639] chnl_net:caif_netlink_parms(): no params data found
[ 109.908489][ T4639] bridge0: port 1(bridge_slave_0) entered blocking state
[ 109.915999][ T4639] bridge0: port 1(bridge_slave_0) entered disabled state
[ 109.924101][ T4639] device bridge_slave_0 entered promiscuous mode
[ 109.932809][ T4639] bridge0: port 2(bridge_slave_1) entered blocking state
[ 109.940231][ T4639] bridge0: port 2(bridge_slave_1) entered disabled state
[ 109.948072][ T4639] device bridge_slave_1 entered promiscuous mode
[ 109.972452][ T4639] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 109.983483][ T4639] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 110.007923][ T4639] team0: Port device team_slave_0 added
[ 110.018751][ T4639] team0: Port device team_slave_1 added
[ 110.037910][ T4639] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 110.045068][ T4639] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 110.071758][ T4639] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 110.085832][ T4639] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 110.092912][ T4639] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 110.119002][ T4639] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 110.151456][ T4639] device hsr_slave_0 entered promiscuous mode
[ 110.158682][ T4639] device hsr_slave_1 entered promiscuous mode
[ 110.883254][ T4639] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 110.911675][ T4639] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 110.932790][ T4639] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 110.952843][ T4639] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 111.093061][ T4639] 8021q: adding VLAN 0 to HW filter on device bond0
[ 111.110166][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 111.118620][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 111.133070][ T4639] 8021q: adding VLAN 0 to HW filter on device team0
[ 111.145476][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 111.155453][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 111.172687][ T3088] bridge0: port 1(bridge_slave_0) entered blocking state
[ 111.179805][ T3088] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 111.202430][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 111.211232][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 111.221875][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 111.232435][ T3088] bridge0: port 2(bridge_slave_1) entered blocking state
[ 111.239549][ T3088] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 111.252193][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 111.261342][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 111.282740][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 111.294438][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 111.303704][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 111.317121][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 111.326852][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 111.337192][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 111.355132][ T4639] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 111.366960][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 111.377868][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 111.388536][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 111.412115][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 111.650766][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 111.658285][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 111.674441][ T4639] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 111.701328][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 111.721408][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 111.763248][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 111.772503][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 111.784774][ T4639] device veth0_vlan entered promiscuous mode
[ 111.796202][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 111.804764][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 111.819147][ T4639] device veth1_vlan entered promiscuous mode
[ 111.871519][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 111.884887][ T3088] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 111.897858][ T4639] device veth0_macvtap entered promiscuous mode
[ 111.912830][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 111.932335][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 111.946685][ T4639] device veth1_macvtap entered promiscuous mode
[ 111.960381][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 111.988832][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 112.020262][ T4639] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 112.027873][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 112.051284][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 112.064448][ T4639] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 112.080269][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 112.093620][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 112.105551][ T4639] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.115490][ T4639] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.124449][ T4639] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.133654][ T4639] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.305336][ T4639] syz-executor (4639) used greatest stack depth: 21072 bytes left
[ 112.452080][ T575] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 113.882803][ T4314] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.897075][ T4314] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.906746][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 113.931859][ T4314] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.939740][ T4314] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.949640][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 114.428266][ T575] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 116.367065][ T575] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 116.419281][ T575] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 117.265772][ T575] device hsr_slave_0 left promiscuous mode
[ 117.281470][ T575] device hsr_slave_1 left promiscuous mode
[ 117.298279][ T575] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 117.312696][ T575] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 117.321005][ T575] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 117.328439][ T575] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 117.339990][ T575] device bridge_slave_1 left promiscuous mode
[ 117.346281][ T575] bridge0: port 2(bridge_slave_1) entered disabled state
[ 117.357087][ T575] device bridge_slave_0 left promiscuous mode
[ 117.363731][ T575] bridge0: port 1(bridge_slave_0) entered disabled state
[ 117.380965][ T575] device veth1_macvtap left promiscuous mode
[ 117.387062][ T575] device veth0_macvtap left promiscuous mode
[ 117.397802][ T575] device veth1_vlan left promiscuous mode
[ 117.403796][ T575] device veth0_vlan left promiscuous mode
2026/06/07 03:42:58 executed programs: 0
[ 117.779180][ T575] team0 (unregistering): Port device team_slave_1 removed
[ 117.797610][ T575] team0 (unregistering): Port device team_slave_0 removed
[ 117.815721][ T575] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 117.864919][ T575] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 117.954012][ T575] bond0 (unregistering): Released all slaves
[ 118.192714][ T4987] chnl_net:caif_netlink_parms(): no params data found
[ 118.262411][ T4987] bridge0: port 1(bridge_slave_0) entered blocking state
[ 118.278310][ T4987] bridge0: port 1(bridge_slave_0) entered disabled state
[ 118.304107][ T4987] device bridge_slave_0 entered promiscuous mode
[ 118.313397][ T4987] bridge0: port 2(bridge_slave_1) entered blocking state
[ 118.323601][ T4987] bridge0: port 2(bridge_slave_1) entered disabled state
[ 118.332416][ T4987] device bridge_slave_1 entered promiscuous mode
[ 118.374247][ T4987] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 118.388087][ T4987] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 118.446077][ T4987] team0: Port device team_slave_0 added
[ 118.463170][ T4987] team0: Port device team_slave_1 added
[ 118.507536][ T4987] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 118.514693][ T4987] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 118.550115][ T4987] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 118.581466][ T4987] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 118.588478][ T4987] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 118.625690][ T4987] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 118.683278][ T4987] device hsr_slave_0 entered promiscuous mode
[ 118.701089][ T4987] device hsr_slave_1 entered promiscuous mode
[ 119.215832][ T4987] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 119.225779][ T4987] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 119.243162][ T4987] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 119.274235][ T4987] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 119.400066][ T4987] 8021q: adding VLAN 0 to HW filter on device bond0
[ 119.423426][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 119.438072][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 119.449463][ T4987] 8021q: adding VLAN 0 to HW filter on device team0
[ 119.461153][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 119.471324][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 119.481795][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 119.488894][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 119.513442][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 119.522404][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 119.532902][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 119.543760][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 119.551004][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 119.561736][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 119.572030][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 119.582757][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 119.594175][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 119.616740][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 119.626645][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 119.636237][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 119.649715][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 119.662181][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 119.675619][ T4987] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 119.689142][ T4987] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 119.699449][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 119.711529][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 119.895790][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 119.902622][ T13] Bluetooth: hci0: command 0x0409 tx timeout
[ 119.909837][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 119.923314][ T4987] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 119.947977][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 119.959213][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 119.983962][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 119.993011][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 120.004864][ T4987] device veth0_vlan entered promiscuous mode
[ 120.013050][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 120.021756][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 120.045831][ T4987] device veth1_vlan entered promiscuous mode
[ 120.070915][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 120.079760][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 120.088038][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 120.097557][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 120.111949][ T4987] device veth0_macvtap entered promiscuous mode
[ 120.122412][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 120.133673][ T4987] device veth1_macvtap entered promiscuous mode
[ 120.153780][ T4987] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 120.165026][ T4987] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 120.173257][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 120.182527][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 120.194065][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 120.203609][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 120.217681][ T4987] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 120.226887][ T4987] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 120.235986][ T4987] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 120.245039][ T4987] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 120.329534][ T3088] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 120.349066][ T3088] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 120.357804][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 120.381098][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 120.388989][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 120.397014][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 120.700714][ T5052] loop0: detected capacity change from 0 to 32768
[ 120.861684][ T5052] =======================================================
[ 120.861684][ T5052] WARNING: The mand mount option has been deprecated and
[ 120.861684][ T5052] and is ignored by this kernel. Remove the mand
[ 120.861684][ T5052] option from the mount to silence this warning.
[ 120.861684][ T5052] =======================================================
[ 120.938990][ T4987] ==================================================================
[ 120.947443][ T4987] BUG: KASAN: use-after-free in jfs_readdir+0x129f/0x3cf0
[ 120.954821][ T4987] Read of size 8 at addr ffff888078100030 by task syz-executor/4987
[ 120.962847][ T4987]
[ 120.965235][ T4987] CPU: 1 PID: 4987 Comm: syz-executor Not tainted syzkaller #0
[ 120.972817][ T4987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 120.983106][ T4987] Call Trace:
[ 120.986427][ T4987]
[ 120.989393][ T4987] dump_stack_lvl+0x188/0x250
[ 120.994209][ T4987] ? show_regs_print_info+0x20/0x20
[ 120.999443][ T4987] ? load_image+0x400/0x400
[ 121.004047][ T4987] ? _raw_spin_lock_irqsave+0xbc/0x100
[ 121.009520][ T4987] ? unlock_page+0x17c/0x1f0
[ 121.014233][ T4987] print_address_description+0x60/0x2d0
[ 121.019814][ T4987] ? jfs_readdir+0x129f/0x3cf0
[ 121.024697][ T4987] kasan_report+0xdf/0x130
[ 121.029153][ T4987] ? jfs_readdir+0x129f/0x3cf0
[ 121.034006][ T4987] jfs_readdir+0x129f/0x3cf0
[ 121.038643][ T4987] ? dtInitRoot+0x660/0x660
[ 121.043182][ T4987] ? end_current_label_crit_section+0x14b/0x170
[ 121.049588][ T4987] ? common_file_perm+0x171/0x1c0
[ 121.054646][ T4987] iterate_dir+0x218/0x560
[ 121.059167][ T4987] __se_sys_getdents64+0xf2/0x270
[ 121.064199][ T4987] ? __x64_sys_getdents64+0x80/0x80
[ 121.069402][ T4987] ? filldir+0x720/0x720
[ 121.073669][ T4987] ? vtime_user_exit+0x2c8/0x3e0
[ 121.078620][ T4987] ? lockdep_hardirqs_on+0x94/0x140
[ 121.083826][ T4987] do_syscall_64+0x4c/0xa0
[ 121.088252][ T4987] ? clear_bhb_loop+0x30/0x80
[ 121.092943][ T4987] ? clear_bhb_loop+0x30/0x80
[ 121.097693][ T4987] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 121.103622][ T4987] RIP: 0033:0x7fee4e56d8b3
[ 121.108159][ T4987] Code: c7 c0 e8 ff ff ff 64 c7 00 16 00 00 00 31 c0 eb 9e e8 81 9b fd ff 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 e8 ff ff ff f7 d8
[ 121.127773][ T4987] RSP: 002b:00007ffea9cec3c8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[ 121.136229][ T4987] RAX: ffffffffffffffda RBX: 000055555fd85a50 RCX: 00007fee4e56d8b3
[ 121.144217][ T4987] RDX: 0000000000008000 RSI: 000055555fd85a80 RDI: 0000000000000005
[ 121.152278][ T4987] RBP: 000055555fd85a80 R08: 00000000000285c1 R09: 0000000000000001
[ 121.160252][ T4987] R10: 00007fee4e77dcc0 R11: 0000000000000293 R12: 000055555fd85a54
[ 121.168231][ T4987] R13: ffffffffffffffe8 R14: 0000000000000010 R15: 00007ffea9cee670
[ 121.176222][ T4987]
[ 121.179243][ T4987]
[ 121.181587][ T4987] Allocated by task 4987:
[ 121.186013][ T4987] __kasan_slab_alloc+0x9c/0xd0
[ 121.190884][ T4987] slab_post_alloc_hook+0x4c/0x380
[ 121.196033][ T4987] kmem_cache_alloc+0x100/0x290
[ 121.200902][ T4987] mempool_alloc+0x18d/0x4e0
[ 121.205495][ T4987] __get_metapage+0x5e8/0x1060
[ 121.210269][ T4987] dtReadFirst+0xd5/0x8f0
[ 121.214623][ T4987] jfs_readdir+0x97e/0x3cf0
[ 121.219126][ T4987] iterate_dir+0x218/0x560
[ 121.223542][ T4987] __se_sys_getdents64+0xf2/0x270
[ 121.228565][ T4987] do_syscall_64+0x4c/0xa0
[ 121.232985][ T4987] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 121.238891][ T4987]
[ 121.241225][ T4987] Freed by task 4987:
[ 121.245300][ T4987] kasan_set_track+0x4b/0x70
[ 121.249917][ T4987] kasan_set_free_info+0x1f/0x40
[ 121.254929][ T4987] ____kasan_slab_free+0xd5/0x110
[ 121.259965][ T4987] slab_free_freelist_hook+0xea/0x170
[ 121.265354][ T4987] kmem_cache_free+0x8f/0x210
[ 121.270037][ T4987] release_metapage+0x97b/0xe10
[ 121.274894][ T4987] jfs_readdir+0x103b/0x3cf0
[ 121.279593][ T4987] iterate_dir+0x218/0x560
[ 121.284042][ T4987] __se_sys_getdents64+0xf2/0x270
[ 121.289161][ T4987] do_syscall_64+0x4c/0xa0
[ 121.293608][ T4987] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 121.299571][ T4987]
[ 121.301902][ T4987] The buggy address belongs to the object at ffff888078100000
[ 121.301902][ T4987] which belongs to the cache jfs_mp of size 184
[ 121.315525][ T4987] The buggy address is located 48 bytes inside of
[ 121.315525][ T4987] 184-byte region [ffff888078100000, ffff8880781000b8)
[ 121.328736][ T4987] The buggy address belongs to the page:
[ 121.334391][ T4987] page:ffffea0001e04000 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78100
[ 121.344561][ T4987] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 121.352177][ T4987] raw: 00fff00000000200 0000000000000000 dead000000000122 ffff8881469718c0
[ 121.360796][ T4987] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 121.369510][ T4987] page dumped because: kasan: bad access detected
[ 121.376107][ T4987] page_owner tracks the page as allocated
[ 121.381816][ T4987] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x192800(GFP_NOWAIT|__GFP_NOWARN|__GFP_NORETRY|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 4987, ts 120938628436, free_ts 120912830041
[ 121.401008][ T4987] get_page_from_freelist+0x1bbd/0x1ca0
[ 121.406656][ T4987] __alloc_pages+0x1ee/0x480
[ 121.411254][ T4987] new_slab+0xc0/0x4b0
[ 121.415419][ T4987] ___slab_alloc+0x80a/0xdd0
[ 121.420106][ T4987] kmem_cache_alloc+0x195/0x290
[ 121.424971][ T4987] mempool_alloc+0x18d/0x4e0
[ 121.429591][ T4987] __get_metapage+0x5e8/0x1060
[ 121.434368][ T4987] dtReadFirst+0xd5/0x8f0
[ 121.438813][ T4987] jfs_readdir+0x97e/0x3cf0
[ 121.443334][ T4987] iterate_dir+0x218/0x560
[ 121.447775][ T4987] __se_sys_getdents64+0xf2/0x270
[ 121.452803][ T4987] do_syscall_64+0x4c/0xa0
[ 121.457678][ T4987] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 121.463836][ T4987] page last free stack trace:
[ 121.468504][ T4987] free_unref_page_prepare+0x637/0x6c0
[ 121.473962][ T4987] free_unref_page+0x8f/0x2a0
[ 121.478648][ T4987] tlb_finish_mmu+0x28b/0x370
[ 121.483335][ T4987] unmap_region+0x344/0x3b0
[ 121.487926][ T4987] __do_munmap+0x9f8/0xdf0
[ 121.492353][ T4987] __vm_munmap+0x140/0x240
[ 121.496842][ T4987] __x64_sys_munmap+0x67/0x70
[ 121.501545][ T4987] do_syscall_64+0x4c/0xa0
[ 121.506162][ T4987] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 121.512075][ T4987]
[ 121.514411][ T4987] Memory state around the buggy address:
[ 121.520128][ T4987] ffff8880780fff00: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc
[ 121.528189][ T4987] ffff8880780fff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 121.536253][ T4987] >ffff888078100000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 121.544386][ T4987] ^
[ 121.550037][ T4987] ffff888078100080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc
[ 121.558126][ T4987] ffff888078100100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 121.566185][ T4987] ==================================================================
[ 121.574241][ T4987] Disabling lock debugging due to kernel taint
[ 121.595912][ T4987] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 121.603173][ T4987] CPU: 1 PID: 4987 Comm: syz-executor Tainted: G B syzkaller #0
[ 121.612118][ T4987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 121.622211][ T4987] Call Trace:
[ 121.625503][ T4987]
[ 121.628433][ T4987] dump_stack_lvl+0x188/0x250
[ 121.633120][ T4987] ? show_regs_print_info+0x20/0x20
[ 121.638331][ T4987] ? load_image+0x400/0x400
[ 121.642840][ T4987] panic+0x2e5/0x810
[ 121.646753][ T4987] ? bpf_jit_dump+0xd0/0xd0
[ 121.651453][ T4987] ? _raw_spin_unlock_irqrestore+0x10d/0x120
[ 121.657474][ T4987] ? _raw_spin_unlock+0x40/0x40
[ 121.662362][ T4987] ? jfs_readdir+0x129f/0x3cf0
[ 121.667135][ T4987] check_panic_on_warn+0x80/0xa0
[ 121.672079][ T4987] ? jfs_readdir+0x129f/0x3cf0
[ 121.677068][ T4987] end_report+0x6d/0xf0
[ 121.681274][ T4987] kasan_report+0x102/0x130
[ 121.685807][ T4987] ? jfs_readdir+0x129f/0x3cf0
[ 121.690601][ T4987] jfs_readdir+0x129f/0x3cf0
[ 121.695233][ T4987] ? dtInitRoot+0x660/0x660
[ 121.699932][ T4987] ? end_current_label_crit_section+0x14b/0x170
[ 121.706328][ T4987] ? common_file_perm+0x171/0x1c0
[ 121.711365][ T4987] iterate_dir+0x218/0x560
[ 121.715798][ T4987] __se_sys_getdents64+0xf2/0x270
[ 121.720946][ T4987] ? __x64_sys_getdents64+0x80/0x80
[ 121.726169][ T4987] ? filldir+0x720/0x720
[ 121.730420][ T4987] ? vtime_user_exit+0x2c8/0x3e0
[ 121.735370][ T4987] ? lockdep_hardirqs_on+0x94/0x140
[ 121.740659][ T4987] do_syscall_64+0x4c/0xa0
[ 121.745082][ T4987] ? clear_bhb_loop+0x30/0x80
[ 121.749789][ T4987] ? clear_bhb_loop+0x30/0x80
[ 121.754508][ T4987] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 121.760429][ T4987] RIP: 0033:0x7fee4e56d8b3
[ 121.764872][ T4987] Code: c7 c0 e8 ff ff ff 64 c7 00 16 00 00 00 31 c0 eb 9e e8 81 9b fd ff 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 e8 ff ff ff f7 d8
[ 121.784878][ T4987] RSP: 002b:00007ffea9cec3c8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[ 121.793311][ T4987] RAX: ffffffffffffffda RBX: 000055555fd85a50 RCX: 00007fee4e56d8b3
[ 121.801484][ T4987] RDX: 0000000000008000 RSI: 000055555fd85a80 RDI: 0000000000000005
[ 121.809510][ T4987] RBP: 000055555fd85a80 R08: 00000000000285c1 R09: 0000000000000001
[ 121.817588][ T4987] R10: 00007fee4e77dcc0 R11: 0000000000000293 R12: 000055555fd85a54
[ 121.825572][ T4987] R13: ffffffffffffffe8 R14: 0000000000000010 R15: 00007ffea9cee670
[ 121.833578][ T4987]
[ 121.836881][ T4987] Kernel Offset: disabled
[ 121.841225][ T4987] Rebooting in 86400 seconds..