Warning: Permanently added '10.128.0.164' (ED25519) to the list of known hosts. 1970/01/01 00:01:23 ignoring optional flag "sandboxArg"="0" 1970/01/01 00:01:24 parsed 1 programs [ 87.354985][ T4668] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 95.962758][ T4354] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 95.965536][ T4354] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 95.968118][ T4354] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 95.970688][ T4354] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 95.973374][ T4354] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 95.975588][ T4354] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 96.770633][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.784447][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.786856][ T458] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.788986][ T458] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.799542][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 96.804831][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 96.955698][ T4731] chnl_net:caif_netlink_parms(): no params data found [ 96.990325][ T4731] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.992529][ T4731] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.995169][ T4731] device bridge_slave_0 entered promiscuous mode [ 96.998416][ T4731] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.000452][ T4731] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.003709][ T4731] device bridge_slave_1 entered promiscuous mode [ 97.017282][ T4731] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.021254][ T4731] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.034687][ T4731] team0: Port device team_slave_0 added [ 97.038065][ T4731] team0: Port device team_slave_1 added [ 97.050175][ T4731] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.052029][ T4731] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.058902][ T4731] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.063131][ T4731] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.064993][ T4731] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.071938][ T4731] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.115012][ T4731] device hsr_slave_0 entered promiscuous mode [ 97.152764][ T4731] device hsr_slave_1 entered promiscuous mode [ 98.486250][ T4731] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 98.524081][ T4731] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 98.564139][ T4731] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 98.598373][ T4731] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 98.677933][ T4731] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.685308][ T458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 98.687752][ T458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 98.694612][ T4731] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.698643][ T458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 98.701287][ T458] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 98.704221][ T458] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.706151][ T458] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.717050][ T458] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 98.719489][ T458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 98.722073][ T458] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 98.726049][ T458] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.728047][ T458] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.730787][ T458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 98.752059][ T458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 98.755955][ T458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 98.759501][ T458] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 98.763037][ T458] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 98.765562][ T458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 98.768293][ T458] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 98.775997][ T4731] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 98.778822][ T4731] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 98.788289][ T162] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 98.790948][ T162] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 98.795278][ T162] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 98.797924][ T162] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 98.805653][ T162] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 98.892910][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 98.895028][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 98.900181][ T4731] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.911686][ T458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 98.915039][ T458] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 98.927039][ T162] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 98.929687][ T162] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 98.934718][ T162] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 98.937133][ T162] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 98.939675][ T4731] device veth0_vlan entered promiscuous mode [ 98.945390][ T4731] device veth1_vlan entered promiscuous mode [ 98.960466][ T162] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 98.965114][ T162] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 98.967722][ T162] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 98.970410][ T162] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 98.974573][ T4731] device veth0_macvtap entered promiscuous mode [ 98.978233][ T4731] device veth1_macvtap entered promiscuous mode [ 99.371219][ T4731] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.376142][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 99.378731][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 99.381264][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 99.385020][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 99.389507][ T4731] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.393673][ T4731] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.396151][ T4731] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.398544][ T4731] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.400818][ T4731] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.435151][ T162] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 99.444150][ T162] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 100.457841][ T582] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 1970/01/01 00:01:41 executed programs: 0 [ 101.308844][ T4352] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 101.311839][ T4352] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 101.314859][ T4352] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 101.317353][ T4352] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 101.319540][ T4352] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 101.321578][ T4352] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 101.407789][ T4956] chnl_net:caif_netlink_parms(): no params data found [ 101.438093][ T4956] bridge0: port 1(bridge_slave_0) entered blocking state [ 101.440154][ T4956] bridge0: port 1(bridge_slave_0) entered disabled state [ 101.447413][ T4956] device bridge_slave_0 entered promiscuous mode [ 101.451267][ T4956] bridge0: port 2(bridge_slave_1) entered blocking state [ 101.453654][ T4956] bridge0: port 2(bridge_slave_1) entered disabled state [ 101.456139][ T4956] device bridge_slave_1 entered promiscuous mode [ 101.472045][ T4956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 101.476713][ T4956] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 101.492333][ T4956] team0: Port device team_slave_0 added [ 101.495722][ T4956] team0: Port device team_slave_1 added [ 101.509155][ T4956] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 101.511063][ T4956] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 101.518602][ T4956] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 101.525925][ T4956] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 101.527816][ T4956] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 101.535249][ T4956] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 101.604441][ T4956] device hsr_slave_0 entered promiscuous mode [ 101.652856][ T4956] device hsr_slave_1 entered promiscuous mode [ 101.674176][ T4956] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 101.676281][ T4956] Cannot create hsr debugfs directory [ 102.714137][ T582] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 103.362981][ T4354] Bluetooth: hci0: command 0x0409 tx timeout [ 104.204573][ T582] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.306215][ T582] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.236039][ T4956] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 105.315496][ T4956] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 105.344256][ T4956] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 105.374600][ T4956] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 105.442509][ T4352] Bluetooth: hci0: command 0x041b tx timeout [ 105.567724][ T4956] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.574216][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 105.576695][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 105.581557][ T4956] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.585867][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 105.588561][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 105.591028][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.592998][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.595608][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 105.600139][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 105.603471][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 105.606018][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.607977][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.647328][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 105.652067][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 105.657114][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 105.660429][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 105.663738][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 105.668270][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 105.671118][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 105.677316][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 105.679967][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 105.747366][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 105.749943][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 105.754107][ T4956] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 105.887359][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 105.889556][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 105.897436][ T582] device hsr_slave_0 left promiscuous mode [ 105.932837][ T582] device hsr_slave_1 left promiscuous mode [ 106.012606][ T582] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 106.014599][ T582] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 106.017331][ T582] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 106.019310][ T582] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 106.021696][ T582] device bridge_slave_1 left promiscuous mode [ 106.023538][ T582] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.064059][ T582] device bridge_slave_0 left promiscuous mode [ 106.065887][ T582] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.182683][ T582] device veth1_macvtap left promiscuous mode [ 106.184314][ T582] device veth0_macvtap left promiscuous mode [ 106.185924][ T582] device veth1_vlan left promiscuous mode [ 106.187523][ T582] device veth0_vlan left promiscuous mode [ 107.522509][ T4352] Bluetooth: hci0: command 0x040f tx timeout [ 108.087851][ T582] team0 (unregistering): Port device team_slave_1 removed [ 108.325471][ T582] team0 (unregistering): Port device team_slave_0 removed [ 108.523378][ T582] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 108.775185][ T582] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 109.602552][ T4354] Bluetooth: hci0: command 0x0419 tx timeout [ 111.314034][ T582] bond0 (unregistering): Released all slaves [ 111.549420][ T4956] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 111.567439][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 111.570094][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 111.579993][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 111.585035][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 111.591195][ T4956] device veth0_vlan entered promiscuous mode [ 111.594414][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 111.597007][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 111.604285][ T4956] device veth1_vlan entered promiscuous mode [ 111.616456][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 111.619178][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 111.621675][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 111.625041][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 111.629791][ T4956] device veth0_macvtap entered promiscuous mode [ 111.633874][ T4956] device veth1_macvtap entered promiscuous mode [ 111.644704][ T4956] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 111.646833][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 111.649414][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 111.651868][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 111.655558][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 111.660979][ T4956] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 111.668453][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 111.671208][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 111.675158][ T4956] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.677502][ T4956] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.679785][ T4956] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.682176][ T4956] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.720175][ T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.722585][ T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.733254][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 111.739369][ T4399] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.741532][ T4399] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.745509][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:01:51 executed programs: 2 [ 111.976793][ T5154] loop0: detected capacity change from 0 to 32768 [ 111.991256][ T5154] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 0 [ 111.991256][ T5154] [ 111.999769][ T5154] ERROR: (device loop0): remounting filesystem as read-only [ 112.513074][ T5156] loop0: detected capacity change from 0 to 32768 [ 112.520793][ T5156] ================================================================== [ 112.522920][ T5156] BUG: KASAN: slab-out-of-bounds in jfs_readdir+0x15d0/0x3030 [ 112.524962][ T5156] Read of size 1 at addr ffff0000e9587dd5 by task syz.0.17/5156 [ 112.527052][ T5156] [ 112.527655][ T5156] CPU: 0 PID: 5156 Comm: syz.0.17 Not tainted 6.1.131-syzkaller-dirty #0 [ 112.529949][ T5156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 112.532631][ T5156] Call trace: [ 112.533504][ T5156] dump_backtrace+0x1c8/0x1f4 [ 112.534771][ T5156] show_stack+0x2c/0x3c [ 112.535844][ T5156] dump_stack_lvl+0x108/0x170 [ 112.537063][ T5156] print_report+0x174/0x4c0 [ 112.538284][ T5156] kasan_report+0xd4/0x130 [ 112.539467][ T5156] __asan_report_load1_noabort+0x2c/0x38 [ 112.541051][ T5156] jfs_readdir+0x15d0/0x3030 [ 112.542264][ T5156] iterate_dir+0x1f4/0x4ec [ 112.543443][ T5156] __arm64_sys_getdents64+0x1c4/0x4a0 [ 112.544879][ T5156] invoke_syscall+0x98/0x2bc [ 112.546064][ T5156] el0_svc_common+0x138/0x258 [ 112.547275][ T5156] do_el0_svc+0x58/0x13c [ 112.548427][ T5156] el0_svc+0x58/0x168 [ 112.549493][ T5156] el0t_64_sync_handler+0x84/0xf0 [ 112.550843][ T5156] el0t_64_sync+0x18c/0x190 [ 112.552057][ T5156] [ 112.552696][ T5156] Allocated by task 5156: [ 112.553889][ T5156] kasan_set_track+0x4c/0x80 [ 112.555131][ T5156] kasan_save_alloc_info+0x24/0x30 [ 112.556542][ T5156] __kasan_slab_alloc+0x74/0x8c [ 112.557834][ T5156] slab_post_alloc_hook+0x74/0x458 [ 112.559221][ T5156] kmem_cache_alloc_lru+0x1ac/0x2f8 [ 112.560604][ T5156] jfs_alloc_inode+0x2c/0x68 [ 112.561819][ T5156] iget_locked+0x170/0x708 [ 112.562978][ T5156] jfs_iget+0x30/0x364 [ 112.564063][ T5156] jfs_fill_super+0x644/0x9f0 [ 112.565341][ T5156] mount_bdev+0x274/0x370 [ 112.566438][ T5156] jfs_do_mount+0x44/0x58 [ 112.567612][ T5156] legacy_get_tree+0xd4/0x16c [ 112.568854][ T5156] vfs_get_tree+0x90/0x274 [ 112.570025][ T5156] do_new_mount+0x278/0x8fc [ 112.571229][ T5156] path_mount+0x590/0xe5c [ 112.572390][ T5156] __arm64_sys_mount+0x45c/0x594 [ 112.573697][ T5156] invoke_syscall+0x98/0x2bc [ 112.574939][ T5156] el0_svc_common+0x138/0x258 [ 112.576271][ T5156] do_el0_svc+0x58/0x13c [ 112.577408][ T5156] el0_svc+0x58/0x168 [ 112.578475][ T5156] el0t_64_sync_handler+0x84/0xf0 [ 112.579804][ T5156] el0t_64_sync+0x18c/0x190 [ 112.581047][ T5156] [ 112.581669][ T5156] The buggy address belongs to the object at ffff0000e9586f00 [ 112.581669][ T5156] which belongs to the cache jfs_ip of size 2240 [ 112.585421][ T5156] The buggy address is located 1557 bytes to the right of [ 112.585421][ T5156] 2240-byte region [ffff0000e9586f00, ffff0000e95877c0) [ 112.589176][ T5156] [ 112.589801][ T5156] The buggy address belongs to the physical page: [ 112.591411][ T5156] page:000000007cc583e3 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x129580 [ 112.594149][ T5156] head:000000007cc583e3 order:3 compound_mapcount:0 compound_pincount:0 [ 112.596380][ T5156] memcg:ffff0000d28d3301 [ 112.597447][ T5156] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff) [ 112.599604][ T5156] raw: 05ffc00000010200 0000000000000000 dead000000000122 ffff0000c6f23e00 [ 112.601958][ T5156] raw: 0000000000000000 00000000000d000d 00000001ffffffff ffff0000d28d3301 [ 112.604266][ T5156] page dumped because: kasan: bad access detected [ 112.605931][ T5156] [ 112.606530][ T5156] Memory state around the buggy address: [ 112.607987][ T5156] ffff0000e9587c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 112.610113][ T5156] ffff0000e9587d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 112.612231][ T5156] >ffff0000e9587d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 112.614419][ T5156] ^ [ 112.616168][ T5156] ffff0000e9587e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 112.618379][ T5156] ffff0000e9587e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 112.620576][ T5156] ================================================================== [ 112.623232][ T5156] Disabling lock debugging due to kernel taint [ 112.624847][ T5156] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 0 [ 112.624847][ T5156] [ 112.628070][ T5156] ERROR: (device loop0): remounting filesystem as read-only [ 113.063598][ T5162] loop0: detected capacity change from 0 to 32768 [ 113.068357][ T5162] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 0 [ 113.068357][ T5162] [ 113.075438][ T5162] ERROR: (device loop0): remounting filesystem as read-only [ 113.492748][ T5164] loop0: detected capacity change from 0 to 32768 [ 113.498169][ T5164] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 0 [ 113.498169][ T5164] [ 113.504126][ T5164] ERROR: (device loop0): remounting filesystem as read-only [ 113.918690][ T5166] loop0: detected capacity change from 0 to 32768 [ 113.925583][ T5166] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 0 [ 113.925583][ T5166] [ 113.928825][ T5166] ERROR: (device loop0): remounting filesystem as read-only [ 114.075836][ T5168] loop0: detected capacity change from 0 to 32768 [ 114.087055][ T5168] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 0 [ 114.087055][ T5168] [ 114.090287][ T5168] ERROR: (device loop0): remounting filesystem as read-only [ 114.259639][ T5170] loop0: detected capacity change from 0 to 32768 [ 114.265351][ T5170] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 0 [ 114.265351][ T5170] [ 114.270942][ T5170] ERROR: (device loop0): remounting filesystem as read-only [ 114.698606][ T5172] loop0: detected capacity change from 0 to 32768 [ 114.707539][ T5172] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 0 [ 114.707539][ T5172] [ 114.711086][ T5172] ERROR: (device loop0): remounting filesystem as read-only [ 114.868990][ T5174] loop0: detected capacity change from 0 to 32768 [ 114.874480][ T5174] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 0 [ 114.874480][ T5174] [ 114.877947][ T5174] ERROR: (device loop0): remounting filesystem as read-only [ 115.309041][ T5176] loop0: detected capacity change from 0 to 32768 [ 115.314520][ T5176] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 0 [ 115.314520][ T5176] [ 115.317797][ T5176] ERROR: (device loop0): remounting filesystem as read-only [ 115.745268][ T5178] loop0: detected capacity change from 0 to 32768 [ 115.750196][ T5178] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 0 [ 115.750196][ T5178] [ 115.750385][ T3912] ------------[ cut here ]------------ [ 115.754870][ T3912] virt_to_phys used for non-linear address: 00000000b1c7c47a (0x8ffffb772) [ 115.757594][ T3912] WARNING: CPU: 0 PID: 3912 at arch/arm64/mm/physaddr.c:15 __virt_to_phys+0x84/0x9c [ 115.758029][ T5178] ERROR: (device loop0): remounting filesystem as read-only [ 115.760013][ T3912] Modules linked in: [ 115.760025][ T3912] CPU: 0 PID: 3912 Comm: udevd Tainted: G B 6.1.131-syzkaller-dirty #0 [ 115.765597][ T3912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 115.768375][ T3912] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 115.770489][ T3912] pc : __virt_to_phys+0x84/0x9c [ 115.771770][ T3912] lr : __virt_to_phys+0x80/0x9c [ 115.773115][ T3912] sp : ffff800023be7a00 [ 115.774271][ T3912] x29: ffff800023be7a00 x28: 0000000000000cc0 x27: 0000000000000001 [ 115.776433][ T3912] x26: 0000000000000001 x25: ffff800023be7b50 x24: 0000000000040000 [ 115.778651][ T3912] x23: fffffc0000000000 x22: ffff8000154b2000 x21: 00000008ffffb772 [ 115.780854][ T3912] x20: 00010008ffffb772 x19: 00000008ffffb772 x18: 1fffe0003679b576 [ 115.783027][ T3912] x17: ffff800015a9d000 x16: ffff800012342824 x15: ffff0001b3cdabbc [ 115.785225][ T3912] x14: ffff0001b3cdabb8 x13: 1fffe0003679b576 x12: 0000000000000001 [ 115.787449][ T3912] x11: 0000000000ff0100 x10: 0000000040000000 x9 : b0364f33ece70200 [ 115.789688][ T3912] x8 : ffff8000154b2000 x7 : 1fffe0003679b577 x6 : ffff800008278240 [ 115.791787][ T3912] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 [ 115.793947][ T3912] x2 : ffff800023be7560 x1 : 0000000000000000 x0 : ffff8000082782e0 [ 115.796124][ T3912] Call trace: [ 115.797004][ T3912] __virt_to_phys+0x84/0x9c [ 115.798181][ T3912] qlist_free_all+0x60/0xcc [ 115.799374][ T3912] kasan_quarantine_reduce+0x124/0x130 [ 115.800879][ T3912] __kasan_slab_alloc+0x2c/0x8c [ 115.802216][ T3912] slab_post_alloc_hook+0x74/0x458 [ 115.803573][ T3912] kmem_cache_alloc+0x230/0x37c [ 115.804903][ T3912] getname_flags+0xd0/0x48c [ 115.806181][ T3912] __arm64_sys_newfstatat+0x118/0x1c0 [ 115.807679][ T3912] invoke_syscall+0x98/0x2bc [ 115.808949][ T3912] el0_svc_common+0x138/0x258 [ 115.810228][ T3912] do_el0_svc+0x58/0x13c [ 115.811414][ T3912] el0_svc+0x58/0x168 [ 115.812510][ T3912] el0t_64_sync_handler+0x84/0xf0 [ 115.813876][ T3912] el0t_64_sync+0x18c/0x190 [ 115.815104][ T3912] irq event stamp: 1145572 [ 115.816267][ T3912] hardirqs last enabled at (1145571): [] _raw_spin_unlock_irqrestore+0x48/0xac [ 115.819214][ T3912] hardirqs last disabled at (1145572): [] __schedule+0x2a4/0x1d44 [ 115.821800][ T3912] softirqs last enabled at (1145474): [] local_bh_enable+0x10/0x34 [ 115.824414][ T3912] softirqs last disabled at (1145472): [] local_bh_disable+0x10/0x34 [ 115.826998][ T3912] ---[ end trace 0000000000000000 ]--- [ 115.830758][ T3912] Unable to handle kernel paging request at virtual address fffffe002956fec8 [ 115.833142][ T3912] KASAN: maybe wild-memory-access in range [0x0003f0014ab7f640-0x0003f0014ab7f647] [ 115.835614][ T3912] Mem abort info: [ 115.836623][ T3912] ESR = 0x0000000096000004 [ 115.837825][ T3912] EC = 0x25: DABT (current EL), IL = 32 bits [ 115.839419][ T3912] SET = 0, FnV = 0 [ 115.840440][ T3912] EA = 0, S1PTW = 0 [ 115.841549][ T3912] FSC = 0x04: level 0 translation fault [ 115.843664][ T3912] Data abort info: [ 115.844626][ T3912] ISV = 0, ISS = 0x00000004 [ 115.845859][ T3912] CM = 0, WnR = 0 [ 115.846822][ T3912] swapper pgtable: 4k pages, 48-bit VAs, pgdp=00000001ab23a000 [ 115.848800][ T3912] [fffffe002956fec8] pgd=0000000000000000, p4d=0000000000000000 [ 115.850867][ T3912] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP [ 115.852774][ T3912] Modules linked in: [ 115.853799][ T3912] CPU: 0 PID: 3912 Comm: udevd Tainted: G B W 6.1.131-syzkaller-dirty #0 [ 115.856448][ T3912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 115.859403][ T3912] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 115.861674][ T3912] pc : qlist_free_all+0x70/0xcc [ 115.863133][ T3912] lr : qlist_free_all+0x60/0xcc [ 115.864550][ T3912] sp : ffff800023be7a20 [ 115.865723][ T3912] x29: ffff800023be7a20 x28: 0000000000000cc0 x27: 0000000000000001 [ 115.868036][ T3912] x26: 0000000000000001 x25: ffff800023be7b50 x24: 0000000000040000 [ 115.870315][ T3912] x23: fffffc0000000000 x22: ffff8000154b2000 x21: 00000008ffffb772 [ 115.872567][ T3912] x20: 0000000000000000 x19: ffff800023be7a60 x18: 1fffe0003679b576 [ 115.874681][ T3912] x17: ffff800015a9d000 x16: ffff800012342824 x15: ffff0001b3cdabbc [ 115.876850][ T3912] x14: ffff0001b3cdabb8 x13: 1fffe0003679b576 x12: 0000000000000001 [ 115.879105][ T3912] x11: 0000000000ff0100 x10: 0000000040000000 x9 : b0364f33ece70200 [ 115.881324][ T3912] x8 : fffffe002956fec0 x7 : 1fffe0003679b577 x6 : ffff800008278240 [ 115.883573][ T3912] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 [ 115.885724][ T3912] x2 : ffff800023be7560 x1 : 0000000000000000 x0 : 0000800a95bfb772 [ 115.887911][ T3912] Call trace: [ 115.888833][ T3912] qlist_free_all+0x70/0xcc [ 115.890019][ T3912] kasan_quarantine_reduce+0x124/0x130 [ 115.891503][ T3912] __kasan_slab_alloc+0x2c/0x8c [ 115.892885][ T3912] slab_post_alloc_hook+0x74/0x458 [ 115.894361][ T3912] kmem_cache_alloc+0x230/0x37c [ 115.895666][ T3912] getname_flags+0xd0/0x48c [ 115.896925][ T3912] __arm64_sys_newfstatat+0x118/0x1c0 [ 115.898357][ T3912] invoke_syscall+0x98/0x2bc [ 115.899655][ T3912] el0_svc_common+0x138/0x258 [ 115.900915][ T3912] do_el0_svc+0x58/0x13c [ 115.902021][ T3912] el0_svc+0x58/0x168 [ 115.903123][ T3912] el0t_64_sync_handler+0x84/0xf0 [ 115.904531][ T3912] el0t_64_sync+0x18c/0x190 [ 115.905731][ T3912] Code: d346fc08 927acd08 cb181908 8b170108 (f9400509) [ 115.907598][ T3912] ---[ end trace 0000000000000000 ]--- [ 116.320355][ T3912] Kernel panic - not syncing: Oops: Fatal exception [ 116.322320][ T3912] SMP: stopping secondary CPUs [ 116.323665][ T3912] Kernel Offset: disabled [ 116.324887][ T3912] CPU features: 0x080000,02070084,26017203 [ 116.326522][ T3912] Memory Limit: none [ 116.704953][ T3912] Rebooting in 86400 seconds..