Warning: Permanently added '10.128.1.159' (ED25519) to the list of known hosts.
2026/03/06 10:49:41 parsed 1 programs
[   70.667256][ T4190] cgroup: Unknown subsys name 'net'
[   70.799160][ T4190] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   71.436094][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[   71.442667][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[   72.348804][ T4190] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
[   74.199199][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.208846][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.221957][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   74.242227][  T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.250134][  T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.258322][ T3124] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   75.308583][ T4239] chnl_net:caif_netlink_parms(): no params data found
[   75.379459][ T4239] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.388540][ T4239] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.397190][ T4239] device bridge_slave_0 entered promiscuous mode
[   75.408532][ T4239] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.416070][ T4239] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.425769][ T4239] device bridge_slave_1 entered promiscuous mode
[   75.455604][ T4239] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.468973][ T4239] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   75.500021][ T4239] team0: Port device team_slave_0 added
[   75.508078][ T4239] team0: Port device team_slave_1 added
[   75.535186][ T4239] batman_adv: batadv0: Adding interface: batadv_slave_0
[   75.543762][ T4239] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.571536][ T4239] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   75.585163][ T4239] batman_adv: batadv0: Adding interface: batadv_slave_1
[   75.592147][ T4239] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.619959][ T4239] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   75.661105][ T4239] device hsr_slave_0 entered promiscuous mode
[   75.669016][ T4239] device hsr_slave_1 entered promiscuous mode
[   75.814168][ T4239] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   75.827165][ T4239] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   75.837397][ T4239] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   75.847901][ T4239] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   75.877909][ T4239] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.885243][ T4239] bridge0: port 2(bridge_slave_1) entered forwarding state
[   75.893335][ T4239] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.900427][ T4239] bridge0: port 1(bridge_slave_0) entered forwarding state
[   75.948732][ T4239] 8021q: adding VLAN 0 to HW filter on device bond0
[   75.966376][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   75.976469][  T144] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.985103][  T144] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.995476][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   76.009743][ T4239] 8021q: adding VLAN 0 to HW filter on device team0
[   76.024610][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   76.038072][  T144] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.045248][  T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.074198][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   76.084029][  T154] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.091239][  T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.115976][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   76.137966][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   76.156032][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   76.169637][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   76.187003][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   76.204717][ T4239] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   76.324884][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   76.332712][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   76.346828][ T4239] 8021q: adding VLAN 0 to HW filter on device batadv0
[   76.365230][ T3124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   76.374389][ T3124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   76.391680][ T3124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   76.401457][ T3124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   76.413947][ T3124] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   76.421812][ T3124] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   76.433285][ T4239] device veth0_vlan entered promiscuous mode
[   76.445369][ T4239] device veth1_vlan entered promiscuous mode
[   76.465779][ T3124] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   76.475092][ T3124] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   76.484909][ T3124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   76.494276][ T3124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   76.504865][ T4239] device veth0_macvtap entered promiscuous mode
[   76.515878][ T4239] device veth1_macvtap entered promiscuous mode
[   76.531528][ T4239] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.540848][ T3124] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   76.550081][ T3124] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   76.558689][ T3124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   76.567605][ T3124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   76.596109][ T4239] batman_adv: batadv0: Interface activated: batadv_slave_1
[   76.603835][ T3124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   76.612774][ T3124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   76.625226][ T4239] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.637724][ T4239] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.646746][ T4239] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.656197][ T4239] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.784698][ T4239] syz-executor (4239) used greatest stack depth: 20464 bytes left
2026/03/06 10:49:51 executed programs: 0
[   78.605985][ T4294] chnl_net:caif_netlink_parms(): no params data found
[   78.672545][ T4294] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.679724][ T4294] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.688347][ T4294] device bridge_slave_0 entered promiscuous mode
[   78.697314][ T4294] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.705621][ T4294] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.714572][ T4294] device bridge_slave_1 entered promiscuous mode
[   78.740200][ T4294] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.752536][ T4294] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   78.781646][ T4294] team0: Port device team_slave_0 added
[   78.789848][ T4294] team0: Port device team_slave_1 added
[   78.813731][ T4294] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.820724][ T4294] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.847088][ T4294] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.859768][ T4294] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.866795][ T4294] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.892906][ T4294] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.930659][ T4294] device hsr_slave_0 entered promiscuous mode
[   78.938888][ T4294] device hsr_slave_1 entered promiscuous mode
[   78.946030][ T4294] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   78.954645][ T4294] Cannot create hsr debugfs directory
[   79.041492][ T4294] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.473133][ T4254] Bluetooth: hci0: command 0x0409 tx timeout
[   82.139638][ T4294] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.198795][ T4294] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.271630][ T4294] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.510478][ T4294] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   82.519560][ T4294] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   82.529930][ T4294] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   82.540088][ T4294] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   82.552873][   T13] Bluetooth: hci0: command 0x041b tx timeout
[   82.619906][ T4294] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.653220][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   82.661300][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   82.672601][ T4294] 8021q: adding VLAN 0 to HW filter on device team0
[   82.685036][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   82.694447][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   82.703514][  T154] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.710601][  T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.721786][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   82.730589][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   82.739773][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   82.748476][  T154] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.755607][  T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.770534][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   82.779502][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   82.808084][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   82.819566][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   82.828522][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   82.840219][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   82.849428][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   82.867338][ T3089] device hsr_slave_0 left promiscuous mode
[   82.874725][ T3089] device hsr_slave_1 left promiscuous mode
[   82.881585][ T3089] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   82.889855][ T3089] batman_adv: batadv0: Removing interface: batadv_slave_0
[   82.898213][ T3089] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   82.906104][ T3089] batman_adv: batadv0: Removing interface: batadv_slave_1
[   82.914103][ T3089] device bridge_slave_1 left promiscuous mode
[   82.920988][ T3089] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.935636][ T3089] device bridge_slave_0 left promiscuous mode
[   82.942008][ T3089] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.960907][ T3089] device veth1_macvtap left promiscuous mode
[   82.967720][ T3089] device veth0_macvtap left promiscuous mode
[   82.974289][ T3089] device veth1_vlan left promiscuous mode
[   82.980296][ T3089] device veth0_vlan left promiscuous mode
[   83.160832][ T3089] team0 (unregistering): Port device team_slave_1 removed
[   83.175827][ T3089] team0 (unregistering): Port device team_slave_0 removed
[   83.191733][ T3089] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   83.209086][ T3089] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   83.266897][ T3089] bond0 (unregistering): Released all slaves
[   83.338224][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   83.346882][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   83.359770][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   83.368426][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   83.379632][ T4294] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   83.487626][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   83.496060][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   83.511648][ T4294] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.529688][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   83.538912][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   83.559793][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   83.568883][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   83.585128][ T4294] device veth0_vlan entered promiscuous mode
[   83.597216][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   83.607248][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   83.620761][ T4294] device veth1_vlan entered promiscuous mode
[   83.643565][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   83.651716][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   83.660341][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   83.669557][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   83.683762][ T4294] device veth0_macvtap entered promiscuous mode
[   83.691139][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   83.703777][ T4294] device veth1_macvtap entered promiscuous mode
[   83.723951][ T4294] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.733212][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   83.742041][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   83.755923][ T4294] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.764405][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   83.775215][ T1172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   83.787176][ T4294] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.798502][ T4294] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.807591][ T4294] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.818351][ T4294] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.892395][ T1172] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.900280][ T1172] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.917593][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   83.943972][  T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.951838][  T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.963047][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   84.068690][ T4306] loop0: detected capacity change from 0 to 8192
[   84.157371][ T4306] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   84.195459][ T4306] REISERFS (device loop0): using ordered data mode
[   84.202029][ T4306] reiserfs: using flush barriers
[   84.232358][ T4306] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   84.264264][ T4306] REISERFS (device loop0): checking transaction log (loop0)
[   84.286088][ T4306] REISERFS (device loop0): Using tea hash to sort names
[   84.302750][ T4306] REISERFS (device loop0): using 3.5.x disk format
[   84.311213][ T4306] ==================================================================
[   84.319520][ T4306] BUG: KASAN: out-of-bounds in leaf_paste_entries+0x794/0x1130
[   84.327122][ T4306] Read of size 18446744073709551592 at addr ffff88805f87bfa4 by task syz.0.17/4306
[   84.336563][ T4306] 
[   84.338931][ T4306] CPU: 0 PID: 4306 Comm: syz.0.17 Not tainted syzkaller #0
[   84.346151][ T4306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   84.356236][ T4306] Call Trace:
[   84.359537][ T4306]  <TASK>
[   84.362491][ T4306]  dump_stack_lvl+0x188/0x250
[   84.367208][ T4306]  ? show_regs_print_info+0x20/0x20
[   84.372457][ T4306]  ? load_image+0x400/0x400
[   84.377000][ T4306]  ? _raw_spin_lock_irqsave+0xbc/0x100
[   84.382511][ T4306]  ? __lock_acquire+0x13bc/0x7d10
[   84.387571][ T4306]  ? verify_lock_unused+0x140/0x140
[   84.392808][ T4306]  print_address_description+0x60/0x2d0
[   84.398388][ T4306]  ? leaf_paste_entries+0x794/0x1130
[   84.403789][ T4306]  kasan_report+0xdf/0x130
[   84.408244][ T4306]  ? leaf_paste_entries+0x794/0x1130
[   84.413719][ T4306]  ? journal_mark_dirty+0x21d/0xdf0
[   84.418966][ T4306]  ? leaf_paste_entries+0x794/0x1130
[   84.424347][ T4306]  kasan_check_range+0x235/0x290
[   84.429332][ T4306]  ? leaf_paste_entries+0x794/0x1130
[   84.434655][ T4306]  memmove+0x25/0x60
[   84.438602][ T4306]  leaf_paste_entries+0x794/0x1130
[   84.443784][ T4306]  balance_leaf+0xb2e5/0x10ec0
[   84.448599][ T4306]  ? mark_lock+0x94/0x320
[   84.453142][ T4306]  ? lock_chain_count+0x20/0x20
[   84.458038][ T4306]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[   84.463970][ T4306]  ? do_balance+0x930/0x930
[   84.468520][ T4306]  ? _raw_spin_unlock+0x40/0x40
[   84.473405][ T4306]  ? stack_trace_snprint+0xf0/0xf0
[   84.478547][ T4306]  ? stack_depot_save+0x404/0x440
[   84.483614][ T4306]  ? __kasan_kmalloc+0xcc/0xf0
[   84.488421][ T4306]  ? __kasan_kmalloc+0xb5/0xf0
[   84.493208][ T4306]  ? fix_nodes+0x60a2/0x8340
[   84.497855][ T4306]  ? reiserfs_paste_into_item+0x60b/0x810
[   84.503645][ T4306]  ? reiserfs_add_entry+0xa42/0xe10
[   84.508880][ T4306]  ? reiserfs_mkdir+0x6bc/0x920
[   84.513763][ T4306]  ? reiserfs_xattr_init+0x331/0x720
[   84.519091][ T4306]  ? reiserfs_fill_super+0x1fe6/0x2440
[   84.524595][ T4306]  ? mount_bdev+0x287/0x3c0
[   84.529139][ T4306]  ? legacy_get_tree+0xe6/0x180
[   84.534107][ T4306]  ? vfs_get_tree+0x88/0x270
[   84.538740][ T4306]  ? do_new_mount+0x24a/0xa40
[   84.543448][ T4306]  ? __se_sys_mount+0x2e3/0x3d0
[   84.548343][ T4306]  ? do_syscall_64+0x4c/0xa0
[   84.552978][ T4306]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   84.559127][ T4306]  ? __wake_up_bit+0x120/0x120
[   84.563940][ T4306]  ? get_parents+0x400/0xd20
[   84.568569][ T4306]  ? get_neighbors+0x9ba/0x1030
[   84.573472][ T4306]  ? reiserfs_prepare_for_journal+0x269/0x280
[   84.579581][ T4306]  ? fix_nodes+0x7bc3/0x8340
[   84.584238][ T4306]  do_balance+0x318/0x930
[   84.588609][ T4306]  ? get_right_neighbor_position+0x210/0x210
[   84.594644][ T4306]  ? reiserfs_paste_into_item+0x3b0/0x810
[   84.600456][ T4306]  reiserfs_paste_into_item+0x6dd/0x810
[   84.606053][ T4306]  ? reiserfs_cut_from_item+0x1fa0/0x1fa0
[   84.611890][ T4306]  ? reiserfs_get_parent+0x2f0/0x2f0
[   84.617208][ T4306]  ? inode_get_bytes+0x73/0xa0
[   84.622017][ T4306]  ? _find_first_zero_bit+0x60/0xf0
[   84.627257][ T4306]  reiserfs_add_entry+0xa42/0xe10
[   84.632333][ T4306]  ? drop_new_inode+0x60/0x60
[   84.637166][ T4306]  ? journal_begin+0x1f1/0x350
[   84.641957][ T4306]  ? reiserfs_update_inode_transaction+0x1c/0x120
[   84.648409][ T4306]  reiserfs_mkdir+0x6bc/0x920
[   84.653137][ T4306]  ? reiserfs_symlink+0x790/0x790
[   84.658202][ T4306]  ? rwsem_write_trylock+0x135/0x1c0
[   84.663520][ T4306]  ? lookup_one_len+0x19d/0x2d0
[   84.664335][ T4254] Bluetooth: hci0: command 0x040f tx timeout
[   84.668404][ T4306]  ? lookup_one_common+0x460/0x460
[   84.679526][ T4306]  reiserfs_xattr_init+0x331/0x720
[   84.684688][ T4306]  reiserfs_fill_super+0x1fe6/0x2440
[   84.690038][ T4306]  ? reiserfs_kill_sb+0x140/0x140
[   84.695102][ T4306]  ? snprintf+0xe5/0x140
[   84.699388][ T4306]  ? vscnprintf+0x80/0x80
[   84.703763][ T4306]  ? set_blocksize+0x1f3/0x370
[   84.708570][ T4306]  ? sb_set_blocksize+0xa5/0xe0
[   84.713460][ T4306]  mount_bdev+0x287/0x3c0
[   84.717919][ T4306]  ? reiserfs_kill_sb+0x140/0x140
[   84.722989][ T4306]  legacy_get_tree+0xe6/0x180
[   84.727700][ T4306]  ? remove_save_link+0x3e0/0x3e0
[   84.732910][ T4306]  vfs_get_tree+0x88/0x270
[   84.737370][ T4306]  do_new_mount+0x24a/0xa40
[   84.741921][ T4306]  __se_sys_mount+0x2e3/0x3d0
[   84.746640][ T4306]  ? __x64_sys_mount+0xc0/0xc0
[   84.751461][ T4306]  ? lockdep_hardirqs_on+0x94/0x140
[   84.756699][ T4306]  ? __x64_sys_mount+0x1c/0xc0
[   84.761515][ T4306]  do_syscall_64+0x4c/0xa0
[   84.765965][ T4306]  ? clear_bhb_loop+0x30/0x80
[   84.770778][ T4306]  ? clear_bhb_loop+0x30/0x80
[   84.775508][ T4306]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   84.781531][ T4306] RIP: 0033:0x7f38d2971a0a
[   84.785988][ T4306] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   84.805731][ T4306] RSP: 002b:00007ffeca831918 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   84.814188][ T4306] RAX: ffffffffffffffda RBX: 00007ffeca8319a0 RCX: 00007f38d2971a0a
[   84.822289][ T4306] RDX: 00002000000002c0 RSI: 00002000000031c0 RDI: 00007ffeca831960
[   84.830295][ T4306] RBP: 00002000000002c0 R08: 00007ffeca8319a0 R09: 0000000000000800
[   84.838296][ T4306] R10: 0000000000000800 R11: 0000000000000246 R12: 00002000000031c0
[   84.846294][ T4306] R13: 00007ffeca831960 R14: 000000000000111e R15: 0000200000000300
[   84.854498][ T4306]  </TASK>
[   84.857584][ T4306] 
[   84.859939][ T4306] The buggy address belongs to the page:
[   84.865683][ T4306] page:ffffea00017e1ec0 refcount:2 mapcount:0 mapping:ffff88814088daf0 index:0x213 pfn:0x5f87b
[   84.876043][ T4306] memcg:ffff888079178000
[   84.880306][ T4306] aops:def_blk_aops ino:700000
[   84.885108][ T4306] flags: 0xfff00000002032(referenced|lru|active|private|node=0|zone=1|lastcpupid=0x7ff)
[   84.894881][ T4306] raw: 00fff00000002032 ffffea0001a7ce08 ffff8880771cb030 ffff88814088daf0
[   84.903508][ T4306] raw: 0000000000000213 ffff88806897a1d0 00000002ffffffff ffff888079178000
[   84.912282][ T4306] page dumped because: kasan: bad access detected
[   84.918742][ T4306] page_owner tracks the page as allocated
[   84.924487][ T4306] page last allocated via order 0, migratetype Movable, gfp_mask 0x108c48(GFP_NOFS|__GFP_NOFAIL|__GFP_HARDWALL|__GFP_MOVABLE), pid 4306, ts 84285416348, free_ts 84066996750
[   84.941864][ T4306]  get_page_from_freelist+0x1bbd/0x1ca0
[   84.947460][ T4306]  __alloc_pages+0x1ee/0x480
[   84.952089][ T4306]  __page_cache_alloc+0xce/0x440
[   84.957142][ T4306]  pagecache_get_page+0x9b6/0xf10
[   84.962369][ T4306]  __getblk_gfp+0x247/0xb60
[   84.967050][ T4306]  search_by_key+0x46c/0x4470
[   84.971780][ T4306]  reiserfs_read_locked_inode+0x195/0x26b0
[   84.977635][ T4306]  reiserfs_fill_super+0x12af/0x2440
[   84.983123][ T4306]  mount_bdev+0x287/0x3c0
[   84.987601][ T4306]  legacy_get_tree+0xe6/0x180
[   84.992317][ T4306]  vfs_get_tree+0x88/0x270
[   84.996798][ T4306]  do_new_mount+0x24a/0xa40
[   85.001454][ T4306]  __se_sys_mount+0x2e3/0x3d0
[   85.006185][ T4306]  do_syscall_64+0x4c/0xa0
[   85.010640][ T4306]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   85.016580][ T4306] page last free stack trace:
[   85.021279][ T4306]  free_unref_page_prepare+0x637/0x6c0
[   85.026801][ T4306]  free_unref_page_list+0x119/0x820
[   85.032045][ T4306]  release_pages+0x186c/0x1be0
[   85.036840][ T4306]  tlb_finish_mmu+0x176/0x300
[   85.041549][ T4306]  unmap_region+0x344/0x3b0
[   85.046105][ T4306]  __do_munmap+0x9f8/0xdf0
[   85.050691][ T4306]  __vm_munmap+0x140/0x240
[   85.055156][ T4306]  __x64_sys_munmap+0x67/0x70
[   85.060003][ T4306]  do_syscall_64+0x4c/0xa0
[   85.064464][ T4306]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   85.070538][ T4306] 
[   85.072893][ T4306] Memory state around the buggy address:
[   85.078558][ T4306]  ffff88805f87be80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   85.086660][ T4306]  ffff88805f87bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   85.094838][ T4306] >ffff88805f87bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   85.102947][ T4306]                                ^
[   85.108087][ T4306]  ffff88805f87c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   85.116371][ T4306]  ffff88805f87c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   85.124606][ T4306] ==================================================================
[   85.132863][ T4306] Disabling lock debugging due to kernel taint
[   85.154489][ T4306] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   85.161740][ T4306] CPU: 0 PID: 4306 Comm: syz.0.17 Tainted: G    B             syzkaller #0
[   85.170357][ T4306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   85.180472][ T4306] Call Trace:
[   85.183777][ T4306]  <TASK>
[   85.186738][ T4306]  dump_stack_lvl+0x188/0x250
[   85.191436][ T4306]  ? show_regs_print_info+0x20/0x20
[   85.196656][ T4306]  ? load_image+0x400/0x400
[   85.201184][ T4306]  panic+0x2e5/0x810
[   85.205113][ T4306]  ? bpf_jit_dump+0xd0/0xd0
[   85.209660][ T4306]  ? _raw_spin_unlock_irqrestore+0x10d/0x120
[   85.215683][ T4306]  ? _raw_spin_unlock+0x40/0x40
[   85.220578][ T4306]  ? leaf_paste_entries+0x794/0x1130
[   85.226000][ T4306]  check_panic_on_warn+0x80/0xa0
[   85.230987][ T4306]  ? leaf_paste_entries+0x794/0x1130
[   85.236310][ T4306]  end_report+0x6d/0xf0
[   85.240497][ T4306]  kasan_report+0x102/0x130
[   85.245028][ T4306]  ? leaf_paste_entries+0x794/0x1130
[   85.250333][ T4306]  ? journal_mark_dirty+0x21d/0xdf0
[   85.255561][ T4306]  ? leaf_paste_entries+0x794/0x1130
[   85.260874][ T4306]  kasan_check_range+0x235/0x290
[   85.265843][ T4306]  ? leaf_paste_entries+0x794/0x1130
[   85.271265][ T4306]  memmove+0x25/0x60
[   85.275198][ T4306]  leaf_paste_entries+0x794/0x1130
[   85.280346][ T4306]  balance_leaf+0xb2e5/0x10ec0
[   85.285256][ T4306]  ? mark_lock+0x94/0x320
[   85.289625][ T4306]  ? lock_chain_count+0x20/0x20
[   85.294511][ T4306]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[   85.300435][ T4306]  ? do_balance+0x930/0x930
[   85.304969][ T4306]  ? _raw_spin_unlock+0x40/0x40
[   85.309847][ T4306]  ? stack_trace_snprint+0xf0/0xf0
[   85.315602][ T4306]  ? stack_depot_save+0x404/0x440
[   85.320663][ T4306]  ? __kasan_kmalloc+0xcc/0xf0
[   85.325452][ T4306]  ? __kasan_kmalloc+0xb5/0xf0
[   85.330247][ T4306]  ? fix_nodes+0x60a2/0x8340
[   85.334883][ T4306]  ? reiserfs_paste_into_item+0x60b/0x810
[   85.340628][ T4306]  ? reiserfs_add_entry+0xa42/0xe10
[   85.345846][ T4306]  ? reiserfs_mkdir+0x6bc/0x920
[   85.350732][ T4306]  ? reiserfs_xattr_init+0x331/0x720
[   85.356055][ T4306]  ? reiserfs_fill_super+0x1fe6/0x2440
[   85.361539][ T4306]  ? mount_bdev+0x287/0x3c0
[   85.366088][ T4306]  ? legacy_get_tree+0xe6/0x180
[   85.370976][ T4306]  ? vfs_get_tree+0x88/0x270
[   85.375592][ T4306]  ? do_new_mount+0x24a/0xa40
[   85.380296][ T4306]  ? __se_sys_mount+0x2e3/0x3d0
[   85.385167][ T4306]  ? do_syscall_64+0x4c/0xa0
[   85.389775][ T4306]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   85.395854][ T4306]  ? __wake_up_bit+0x120/0x120
[   85.400620][ T4306]  ? get_parents+0x400/0xd20
[   85.405210][ T4306]  ? get_neighbors+0x9ba/0x1030
[   85.410086][ T4306]  ? reiserfs_prepare_for_journal+0x269/0x280
[   85.416266][ T4306]  ? fix_nodes+0x7bc3/0x8340
[   85.420893][ T4306]  do_balance+0x318/0x930
[   85.425272][ T4306]  ? get_right_neighbor_position+0x210/0x210
[   85.431268][ T4306]  ? reiserfs_paste_into_item+0x3b0/0x810
[   85.437011][ T4306]  reiserfs_paste_into_item+0x6dd/0x810
[   85.442565][ T4306]  ? reiserfs_cut_from_item+0x1fa0/0x1fa0
[   85.448311][ T4306]  ? reiserfs_get_parent+0x2f0/0x2f0
[   85.453599][ T4306]  ? inode_get_bytes+0x73/0xa0
[   85.458365][ T4306]  ? _find_first_zero_bit+0x60/0xf0
[   85.463573][ T4306]  reiserfs_add_entry+0xa42/0xe10
[   85.468631][ T4306]  ? drop_new_inode+0x60/0x60
[   85.473316][ T4306]  ? journal_begin+0x1f1/0x350
[   85.478079][ T4306]  ? reiserfs_update_inode_transaction+0x1c/0x120
[   85.484494][ T4306]  reiserfs_mkdir+0x6bc/0x920
[   85.489177][ T4306]  ? reiserfs_symlink+0x790/0x790
[   85.494201][ T4306]  ? rwsem_write_trylock+0x135/0x1c0
[   85.499506][ T4306]  ? lookup_one_len+0x19d/0x2d0
[   85.504363][ T4306]  ? lookup_one_common+0x460/0x460
[   85.509478][ T4306]  reiserfs_xattr_init+0x331/0x720
[   85.514781][ T4306]  reiserfs_fill_super+0x1fe6/0x2440
[   85.520073][ T4306]  ? reiserfs_kill_sb+0x140/0x140
[   85.525096][ T4306]  ? snprintf+0xe5/0x140
[   85.529339][ T4306]  ? vscnprintf+0x80/0x80
[   85.533694][ T4306]  ? set_blocksize+0x1f3/0x370
[   85.538458][ T4306]  ? sb_set_blocksize+0xa5/0xe0
[   85.543304][ T4306]  mount_bdev+0x287/0x3c0
[   85.547659][ T4306]  ? reiserfs_kill_sb+0x140/0x140
[   85.552699][ T4306]  legacy_get_tree+0xe6/0x180
[   85.557385][ T4306]  ? remove_save_link+0x3e0/0x3e0
[   85.562447][ T4306]  vfs_get_tree+0x88/0x270
[   85.566895][ T4306]  do_new_mount+0x24a/0xa40
[   85.571418][ T4306]  __se_sys_mount+0x2e3/0x3d0
[   85.576112][ T4306]  ? __x64_sys_mount+0xc0/0xc0
[   85.580881][ T4306]  ? lockdep_hardirqs_on+0x94/0x140
[   85.586088][ T4306]  ? __x64_sys_mount+0x1c/0xc0
[   85.590866][ T4306]  do_syscall_64+0x4c/0xa0
[   85.595288][ T4306]  ? clear_bhb_loop+0x30/0x80
[   85.599961][ T4306]  ? clear_bhb_loop+0x30/0x80
[   85.604645][ T4306]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   85.610536][ T4306] RIP: 0033:0x7f38d2971a0a
[   85.614964][ T4306] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   85.634651][ T4306] RSP: 002b:00007ffeca831918 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   85.643176][ T4306] RAX: ffffffffffffffda RBX: 00007ffeca8319a0 RCX: 00007f38d2971a0a
[   85.651160][ T4306] RDX: 00002000000002c0 RSI: 00002000000031c0 RDI: 00007ffeca831960
[   85.659185][ T4306] RBP: 00002000000002c0 R08: 00007ffeca8319a0 R09: 0000000000000800
[   85.667314][ T4306] R10: 0000000000000800 R11: 0000000000000246 R12: 00002000000031c0
[   85.675424][ T4306] R13: 00007ffeca831960 R14: 000000000000111e R15: 0000200000000300
[   85.683428][ T4306]  </TASK>
[   85.686805][ T4306] Kernel Offset: disabled
[   85.691240][ T4306] Rebooting in 86400 seconds..