Warning: Permanently added '[localhost]:3576' (ED25519) to the list of known hosts.
2026/01/12 22:23:00 parsed 1 programs
syzkaller login: [ 83.474349][ T5322] cgroup: Unknown subsys name 'net'
[ 83.539531][ T5322] cgroup: Unknown subsys name 'cpuset'
[ 83.545534][ T5322] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 85.437449][ T5322] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 90.048892][ T5338] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 90.466992][ T4680] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 90.471045][ T4680] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 90.474664][ T4680] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 90.478760][ T4680] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 90.482179][ T4680] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 91.817430][ T787] cfg80211: failed to load regulatory.db
[ 94.386705][ T2950] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 94.390036][ T2950] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 94.441854][ T2634] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 94.448001][ T2634] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 95.335795][ T5408] chnl_net:caif_netlink_parms(): no params data found
[ 95.450100][ T5408] bridge0: port 1(bridge_slave_0) entered blocking state
[ 95.454028][ T5408] bridge0: port 1(bridge_slave_0) entered disabled state
[ 95.457894][ T5408] bridge_slave_0: entered allmulticast mode
[ 95.465307][ T5408] bridge_slave_0: entered promiscuous mode
[ 95.476853][ T5408] bridge0: port 2(bridge_slave_1) entered blocking state
[ 95.485578][ T5408] bridge0: port 2(bridge_slave_1) entered disabled state
[ 95.488893][ T5408] bridge_slave_1: entered allmulticast mode
[ 95.495687][ T5408] bridge_slave_1: entered promiscuous mode
[ 95.544187][ T5408] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 95.558148][ T5408] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 95.606498][ T5408] team0: Port device team_slave_0 added
[ 95.617044][ T5408] team0: Port device team_slave_1 added
[ 95.665160][ T5408] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 95.668090][ T5408] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 95.684239][ T5408] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 95.691040][ T5408] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 95.694024][ T5408] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 95.704948][ T5408] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 95.737464][ T5408] hsr_slave_0: entered promiscuous mode
[ 95.741181][ T5408] hsr_slave_1: entered promiscuous mode
[ 96.006974][ T5408] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 96.027432][ T5408] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 96.033055][ T5408] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 96.048617][ T5408] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 96.099318][ T5408] bridge0: port 2(bridge_slave_1) entered blocking state
[ 96.102706][ T5408] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 96.106477][ T5408] bridge0: port 1(bridge_slave_0) entered blocking state
[ 96.109519][ T5408] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 96.208908][ T5408] 8021q: adding VLAN 0 to HW filter on device bond0
[ 96.229242][ T3035] bridge0: port 1(bridge_slave_0) entered disabled state
[ 96.233287][ T3035] bridge0: port 2(bridge_slave_1) entered disabled state
[ 96.254579][ T5408] 8021q: adding VLAN 0 to HW filter on device team0
[ 96.270437][ T2634] bridge0: port 1(bridge_slave_0) entered blocking state
[ 96.273398][ T2634] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 96.289861][ T2634] bridge0: port 2(bridge_slave_1) entered blocking state
[ 96.292999][ T2634] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 96.522770][ T5408] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 96.559095][ T5408] veth0_vlan: entered promiscuous mode
[ 96.568019][ T5408] veth1_vlan: entered promiscuous mode
[ 96.609396][ T5408] veth0_macvtap: entered promiscuous mode
[ 96.614828][ T5408] veth1_macvtap: entered promiscuous mode
[ 96.656584][ T5408] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 96.667555][ T5408] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 96.696939][ T3035] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.719092][ T3035] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.740159][ T172] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.746041][ T3035] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.914230][ T3035] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 96.966810][ T3035] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 97.027176][ T3035] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 97.077479][ T3035] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2026/01/12 22:23:16 executed programs: 0
[ 97.354555][ T46] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 97.362234][ T46] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 97.366100][ T46] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 97.369960][ T46] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 97.373568][ T46] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 97.530295][ T5433] chnl_net:caif_netlink_parms(): no params data found
[ 97.626411][ T5433] bridge0: port 1(bridge_slave_0) entered blocking state
[ 97.629660][ T5433] bridge0: port 1(bridge_slave_0) entered disabled state
[ 97.632775][ T5433] bridge_slave_0: entered allmulticast mode
[ 97.637162][ T5433] bridge_slave_0: entered promiscuous mode
[ 97.641691][ T5433] bridge0: port 2(bridge_slave_1) entered blocking state
[ 97.645753][ T5433] bridge0: port 2(bridge_slave_1) entered disabled state
[ 97.648840][ T5433] bridge_slave_1: entered allmulticast mode
[ 97.652597][ T5433] bridge_slave_1: entered promiscuous mode
[ 97.680311][ T5433] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 97.687418][ T5433] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 97.708955][ T5433] team0: Port device team_slave_0 added
[ 97.713062][ T5433] team0: Port device team_slave_1 added
[ 97.736884][ T5433] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 97.739980][ T5433] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 97.751225][ T5433] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 97.757460][ T5433] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 97.760400][ T5433] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 97.771580][ T5433] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 97.811912][ T5433] hsr_slave_0: entered promiscuous mode
[ 97.815629][ T5433] hsr_slave_1: entered promiscuous mode
[ 97.818472][ T5433] debugfs: 'hsr0' already exists in 'hsr'
[ 97.820971][ T5433] Cannot create hsr debugfs directory
[ 99.140181][ T3035] bridge_slave_1: left allmulticast mode
[ 99.142861][ T3035] bridge_slave_1: left promiscuous mode
[ 99.149514][ T3035] bridge0: port 2(bridge_slave_1) entered disabled state
[ 99.157818][ T3035] bridge_slave_0: left allmulticast mode
[ 99.160216][ T3035] bridge_slave_0: left promiscuous mode
[ 99.162817][ T3035] bridge0: port 1(bridge_slave_0) entered disabled state
[ 99.356548][ T3035] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 99.362906][ T3035] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 99.368321][ T3035] bond0 (unregistering): Released all slaves
[ 99.406125][ T46] Bluetooth: hci0: command tx timeout
[ 99.470904][ T3035] hsr_slave_0: left promiscuous mode
[ 99.473912][ T3035] hsr_slave_1: left promiscuous mode
[ 99.486255][ T3035] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 99.489356][ T3035] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 99.507925][ T3035] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 99.511224][ T3035] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 99.556015][ T3035] veth1_macvtap: left promiscuous mode
[ 99.558431][ T3035] veth0_macvtap: left promiscuous mode
[ 99.560765][ T3035] veth1_vlan: left promiscuous mode
[ 99.563182][ T3035] veth0_vlan: left promiscuous mode
[ 99.993865][ T3035] team0 (unregistering): Port device team_slave_1 removed
[ 100.019099][ T3035] team0 (unregistering): Port device team_slave_0 removed
[ 100.499769][ T5433] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 100.522089][ T5433] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 100.548092][ T5433] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 100.602607][ T5433] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 100.746987][ T5433] 8021q: adding VLAN 0 to HW filter on device bond0
[ 100.759568][ T5433] 8021q: adding VLAN 0 to HW filter on device team0
[ 100.768990][ T172] bridge0: port 1(bridge_slave_0) entered blocking state
[ 100.771925][ T172] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 100.781015][ T3035] bridge0: port 2(bridge_slave_1) entered blocking state
[ 100.784409][ T3035] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 100.941360][ T5433] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 100.978690][ T5433] veth0_vlan: entered promiscuous mode
[ 100.986963][ T5433] veth1_vlan: entered promiscuous mode
[ 101.007842][ T5433] veth0_macvtap: entered promiscuous mode
[ 101.012940][ T5433] veth1_macvtap: entered promiscuous mode
[ 101.026188][ T5433] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 101.036600][ T5433] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 101.046441][ T3035] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.057307][ T3035] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.061007][ T3035] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.081425][ T3035] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.124182][ T3035] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 101.133895][ T3035] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 101.158202][ T1127] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 101.161666][ T1127] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 101.476930][ T5464] loop0: detected capacity change from 0 to 32768
[ 101.495319][ T46] Bluetooth: hci0: command tx timeout
[ 101.573216][ T5464] XFS (loop0): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[ 101.626302][ T5464] XFS (loop0): Log size 624 blocks too small, minimum size is 816 blocks
[ 101.629634][ T5464] XFS (loop0): AAIEEE! Log failed size checks. Abort!
[ 101.655479][ T5464] XFS (loop0): log mount failed
[ 101.820227][ T5464] loop0: detected capacity change from 0 to 128
[ 101.838053][ T5464] =======================================================
[ 101.838053][ T5464] WARNING: The mand mount option has been deprecated and
[ 101.838053][ T5464] and is ignored by this kernel. Remove the mand
[ 101.838053][ T5464] option from the mount to silence this warning.
[ 101.838053][ T5464] =======================================================
[ 101.869312][ T5464] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[ 101.876732][ T5464] hpfs: filesystem error: improperly stopped
[ 101.879740][ T5464] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[ 101.883170][ T5464] hpfs: You really don't want any checks? You are crazy...
[ 101.890904][ T5464] hpfs: hpfs_map_sector(): read error
[ 101.893201][ T5464] hpfs: code page support is disabled
[ 101.897088][ T5464] hpfs: filesystem error: map_dirent: not a directory
[ 101.899700][ T5464]
[ 101.900802][ T5464] hpfs: hpfs_map_4sectors(): unaligned read
[ 101.903298][ T5464] hpfs: filesystem error: unable to find root dir
[ 101.907751][ T5464] ==================================================================
[ 101.911126][ T5464] BUG: KASAN: use-after-free in hpfs_bplus_lookup+0x4dc/0x860
[ 101.914540][ T5464] Read of size 4 at addr ffff88801261f004 by task syz.0.17/5464
[ 101.918762][ T5464]
[ 101.919807][ T5464] CPU: 0 UID: 0 PID: 5464 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full)
[ 101.919821][ T5464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 101.919827][ T5464] Call Trace:
[ 101.919834][ T5464]
[ 101.919839][ T5464] dump_stack_lvl+0xe8/0x150
[ 101.919857][ T5464] print_report+0xca/0x240
[ 101.919868][ T5464] ? hpfs_bplus_lookup+0x4dc/0x860
[ 101.919879][ T5464] kasan_report+0x118/0x150
[ 101.919890][ T5464] ? hpfs_bplus_lookup+0x4dc/0x860
[ 101.919902][ T5464] hpfs_bplus_lookup+0x4dc/0x860
[ 101.919911][ T5464] ? __pfx_hpfs_bplus_lookup+0x10/0x10
[ 101.919918][ T5464] ? hpfs_get_block+0x98/0x6e0
[ 101.919927][ T5464] hpfs_bmap+0x22a/0x4d0
[ 101.919936][ T5464] ? __pfx_hpfs_bmap+0x10/0x10
[ 101.919944][ T5464] ? __page_table_check_zero+0x6a/0x3e0
[ 101.919956][ T5464] hpfs_get_block+0xa8/0x6e0
[ 101.919968][ T5464] do_mpage_readpage+0x822/0x1990
[ 101.919986][ T5464] mpage_readahead+0x3b0/0x790
[ 101.919996][ T5464] ? __pfx_mpage_readahead+0x10/0x10
[ 101.920009][ T5464] ? __pfx_hpfs_get_block+0x10/0x10
[ 101.920025][ T5464] ? blk_start_plug+0x6f/0x1b0
[ 101.920037][ T5464] read_pages+0x17a/0x580
[ 101.920052][ T5464] ? __pfx_read_pages+0x10/0x10
[ 101.920065][ T5464] ? filemap_add_folio+0x35f/0x540
[ 101.920087][ T5464] page_cache_ra_unbounded+0x750/0x990
[ 101.920105][ T5464] filemap_get_pages+0x468/0x1dc0
[ 101.920120][ T5464] ? __lock_acquire+0x6b6/0x2cf0
[ 101.920136][ T5464] ? __pfx_filemap_get_pages+0x10/0x10
[ 101.920151][ T5464] ? unwind_next_frame+0xa5/0x23d0
[ 101.920168][ T5464] filemap_read+0x3f6/0x11a0
[ 101.920181][ T5464] ? kernel_text_address+0xa5/0xe0
[ 101.920194][ T5464] ? __kernel_text_address+0xd/0x40
[ 101.920208][ T5464] ? __pfx_filemap_read+0x10/0x10
[ 101.920227][ T5464] ? generic_file_read_iter+0x8f/0x510
[ 101.920241][ T5464] ? __asan_memset+0x22/0x50
[ 101.920254][ T5464] ? iov_iter_kvec+0xb8/0x180
[ 101.920263][ T5464] __kernel_read+0x4cf/0x960
[ 101.920277][ T5464] ? __pfx___kernel_read+0x10/0x10
[ 101.920294][ T5464] integrity_kernel_read+0x89/0xd0
[ 101.920307][ T5464] ? __pfx_integrity_kernel_read+0x10/0x10
[ 101.920317][ T5464] ? __kmalloc_cache_noprof+0x3e2/0x700
[ 101.920362][ T5464] ? ima_calc_file_hash+0x820/0x16f0
[ 101.920375][ T5464] ? __asan_memcpy+0x40/0x70
[ 101.920388][ T5464] ima_calc_file_hash+0x85e/0x16f0
[ 101.920403][ T5464] ? unwind_next_frame+0xa5/0x23d0
[ 101.920414][ T5464] ? __pfx_ima_calc_file_hash+0x10/0x10
[ 101.920434][ T5464] ? arch_stack_walk+0xfc/0x150
[ 101.920446][ T5464] ? look_up_lock_class+0x57/0x110
[ 101.920504][ T5464] ? register_lock_class+0x31/0x2e0
[ 101.920515][ T5464] ? __lock_acquire+0x6b6/0x2cf0
[ 101.920524][ T5464] ? make_vfsgid+0x49/0xa0
[ 101.920538][ T5464] ? generic_fillattr+0x63d/0x9a0
[ 101.920551][ T5464] ima_collect_measurement+0x428/0x8f0
[ 101.920566][ T5464] ? __pfx_ima_collect_measurement+0x10/0x10
[ 101.920581][ T5464] ? trace_contention_end+0x39/0x100
[ 101.920594][ T5464] ? __mutex_lock+0x335/0x1350
[ 101.920608][ T5464] ? __pfx_ima_get_hash_algo+0x10/0x10
[ 101.920621][ T5464] process_measurement+0x111e/0x1a70
[ 101.920636][ T5464] ? __pfx_process_measurement+0x10/0x10
[ 101.920648][ T5464] ? tomoyo_check_open_permission+0x325/0x3b0
[ 101.920664][ T5464] ? tomoyo_check_open_permission+0x16a/0x3b0
[ 101.920689][ T5464] ima_file_check+0xd9/0x130
[ 101.920701][ T5464] ? __pfx_ima_file_check+0x10/0x10
[ 101.920711][ T5464] security_file_post_open+0xbb/0x290
[ 101.920724][ T5464] path_openat+0x3456/0x3dd0
[ 101.920738][ T5464] ? __pfx_stack_trace_save+0x10/0x10
[ 101.920757][ T5464] ? kmem_cache_alloc_noprof+0x37d/0x710
[ 101.920769][ T5464] ? getname_flags+0xb8/0x540
[ 101.920779][ T5464] ? __pfx_path_openat+0x10/0x10
[ 101.920791][ T5464] ? __lock_acquire+0x6b6/0x2cf0
[ 101.920803][ T5464] do_filp_open+0x1fa/0x410
[ 101.920813][ T5464] ? __pfx_do_filp_open+0x10/0x10
[ 101.920826][ T5464] ? _raw_spin_unlock+0x28/0x50
[ 101.920838][ T5464] ? alloc_fd+0x64c/0x6c0
[ 101.920849][ T5464] do_sys_openat2+0x121/0x200
[ 101.920860][ T5464] ? __se_sys_futex+0x36f/0x400
[ 101.920871][ T5464] ? __pfx_do_sys_openat2+0x10/0x10
[ 101.920882][ T5464] ? exc_page_fault+0x71/0xd0
[ 101.920897][ T5464] ? __pfx___se_sys_futex+0x10/0x10
[ 101.920909][ T5464] __x64_sys_openat+0x138/0x170
[ 101.920919][ T5464] do_syscall_64+0xec/0xf80
[ 101.920925][ T5464] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 101.920931][ T5464] ? trace_irq_disable+0x37/0x100
[ 101.920940][ T5464] ? clear_bhb_loop+0x60/0xb0
[ 101.920946][ T5464] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 101.920953][ T5464] RIP: 0033:0x7fc63858f7c9
[ 101.920962][ T5464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 101.920968][ T5464] RSP: 002b:00007ffea3b9ea28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 101.920977][ T5464] RAX: ffffffffffffffda RBX: 00007fc6387e5fa0 RCX: 00007fc63858f7c9
[ 101.920982][ T5464] RDX: 0000000000000000 RSI: 0000200000004280 RDI: ffffffffffffff9c
[ 101.920986][ T5464] RBP: 00007fc638613f91 R08: 0000000000000000 R09: 0000000000000000
[ 101.920990][ T5464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 101.920994][ T5464] R13: 00007fc6387e5fa0 R14: 00007fc6387e5fa0 R15: 0000000000000004
[ 101.921001][ T5464]
[ 101.921003][ T5464]
[ 102.140611][ T5464] The buggy address belongs to the physical page:
[ 102.142592][ T5464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x7f7f43a06 pfn:0x1261f
[ 102.146280][ T5464] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 102.148995][ T5464] raw: 00fff00000000000 ffffea000049f488 ffffea00004985c8 0000000000000000
[ 102.152619][ T5464] raw: 00000007f7f43a06 0000000000000000 00000000ffffffff 0000000000000000
[ 102.155899][ T5464] page dumped because: kasan: bad access detected
[ 102.158626][ T5464] page_owner tracks the page as freed
[ 102.160852][ T5464] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|__GFP_COMP), pid 5339, tgid 5339 (udevd), ts 101855790212, free_ts 101856737146
[ 102.168791][ T5464] post_alloc_hook+0x234/0x290
[ 102.171222][ T5464] get_page_from_freelist+0x24e0/0x2580
[ 102.173743][ T5464] __alloc_frozen_pages_noprof+0x181/0x370
[ 102.176240][ T5464] alloc_pages_mpol+0x232/0x4a0
[ 102.178361][ T5464] vma_alloc_folio_noprof+0xe4/0x200
[ 102.180692][ T5464] folio_prealloc+0x30/0x180
[ 102.182757][ T5464] do_pte_missing+0x14e8/0x3330
[ 102.184979][ T5464] handle_mm_fault+0x1b26/0x32b0
[ 102.187205][ T5464] do_user_addr_fault+0x764/0x1380
[ 102.189545][ T5464] exc_page_fault+0x71/0xd0
[ 102.191618][ T5464] asm_exc_page_fault+0x26/0x30
[ 102.193752][ T5464] page last free pid 5339 tgid 5339 stack trace:
[ 102.196601][ T5464] free_unref_folios+0xdb3/0x14f0
[ 102.198835][ T5464] folios_put_refs+0x584/0x670
[ 102.200963][ T5464] free_pages_and_swap_cache+0x4be/0x520
[ 102.203469][ T5464] tlb_flush_mmu+0x3a0/0x680
[ 102.205479][ T5464] tlb_finish_mmu+0xc3/0x1d0
[ 102.207518][ T5464] vms_clear_ptes+0x42b/0x530
[ 102.209655][ T5464] vms_complete_munmap_vmas+0x206/0x8a0
[ 102.212232][ T5464] do_vmi_align_munmap+0x364/0x440
[ 102.214627][ T5464] do_vmi_munmap+0x253/0x2e0
[ 102.216689][ T5464] __vm_munmap+0x207/0x380
[ 102.218716][ T5464] __x64_sys_munmap+0x60/0x70
[ 102.220940][ T5464] do_syscall_64+0xec/0xf80
[ 102.223000][ T5464] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 102.225627][ T5464]
[ 102.226809][ T5464] Memory state around the buggy address:
[ 102.229362][ T5464] ffff88801261ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 102.232799][ T5464] ffff88801261ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 102.236568][ T5464] >ffff88801261f000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 102.240048][ T5464] ^
[ 102.241724][ T5464] ffff88801261f080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 102.245231][ T5464] ffff88801261f100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 102.248707][ T5464] ==================================================================
[ 102.290851][ T5464] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 102.294126][ T5464] CPU: 0 UID: 0 PID: 5464 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full)
[ 102.298003][ T5464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 102.303126][ T5464] Call Trace:
[ 102.304934][ T5464]
[ 102.306531][ T5464] vpanic+0x1e0/0x670
[ 102.308533][ T5464] panic+0xb9/0xc0
[ 102.310510][ T5464] ? __pfx_panic+0x10/0x10
[ 102.312965][ T5464] ? preempt_schedule_thunk+0x16/0x30
[ 102.315823][ T5464] ? hpfs_bplus_lookup+0x4dc/0x860
[ 102.318466][ T5464] check_panic_on_warn+0x89/0xb0
[ 102.321036][ T5464] ? hpfs_bplus_lookup+0x4dc/0x860
[ 102.323154][ T5464] end_report+0x6f/0x140
[ 102.325046][ T5464] kasan_report+0x129/0x150
[ 102.326839][ T5464] ? hpfs_bplus_lookup+0x4dc/0x860
[ 102.329109][ T5464] hpfs_bplus_lookup+0x4dc/0x860
[ 102.331289][ T5464] ? __pfx_hpfs_bplus_lookup+0x10/0x10
[ 102.333751][ T5464] ? hpfs_get_block+0x98/0x6e0
[ 102.335887][ T5464] hpfs_bmap+0x22a/0x4d0
[ 102.337817][ T5464] ? __pfx_hpfs_bmap+0x10/0x10
[ 102.339993][ T5464] ? __page_table_check_zero+0x6a/0x3e0
[ 102.342469][ T5464] hpfs_get_block+0xa8/0x6e0
[ 102.344524][ T5464] do_mpage_readpage+0x822/0x1990
[ 102.346813][ T5464] mpage_readahead+0x3b0/0x790
[ 102.348755][ T5464] ? __pfx_mpage_readahead+0x10/0x10
[ 102.350967][ T5464] ? __pfx_hpfs_get_block+0x10/0x10
[ 102.353185][ T5464] ? blk_start_plug+0x6f/0x1b0
[ 102.355298][ T5464] read_pages+0x17a/0x580
[ 102.357341][ T5464] ? __pfx_read_pages+0x10/0x10
[ 102.359324][ T5464] ? filemap_add_folio+0x35f/0x540
[ 102.361411][ T5464] page_cache_ra_unbounded+0x750/0x990
[ 102.363868][ T5464] filemap_get_pages+0x468/0x1dc0
[ 102.366133][ T5464] ? __lock_acquire+0x6b6/0x2cf0
[ 102.368467][ T5464] ? __pfx_filemap_get_pages+0x10/0x10
[ 102.370967][ T5464] ? unwind_next_frame+0xa5/0x23d0
[ 102.373244][ T5464] filemap_read+0x3f6/0x11a0
[ 102.375309][ T5464] ? kernel_text_address+0xa5/0xe0
[ 102.377347][ T5464] ? __kernel_text_address+0xd/0x40
[ 102.379845][ T5464] ? __pfx_filemap_read+0x10/0x10
[ 102.381933][ T5464] ? generic_file_read_iter+0x8f/0x510
[ 102.384611][ T5464] ? __asan_memset+0x22/0x50
[ 102.386605][ T5464] ? iov_iter_kvec+0xb8/0x180
[ 102.388754][ T5464] __kernel_read+0x4cf/0x960
[ 102.390841][ T5464] ? __pfx___kernel_read+0x10/0x10
[ 102.393224][ T5464] integrity_kernel_read+0x89/0xd0
[ 102.395354][ T5464] ? __pfx_integrity_kernel_read+0x10/0x10
[ 102.397698][ T5464] ? __kmalloc_cache_noprof+0x3e2/0x700
[ 102.400119][ T5464] ? ima_calc_file_hash+0x820/0x16f0
[ 102.402513][ T5464] ? __asan_memcpy+0x40/0x70
[ 102.404736][ T5464] ima_calc_file_hash+0x85e/0x16f0
[ 102.407007][ T5464] ? unwind_next_frame+0xa5/0x23d0
[ 102.409329][ T5464] ? __pfx_ima_calc_file_hash+0x10/0x10
[ 102.411841][ T5464] ? arch_stack_walk+0xfc/0x150
[ 102.414043][ T5464] ? look_up_lock_class+0x57/0x110
[ 102.416450][ T5464] ? register_lock_class+0x31/0x2e0
[ 102.418831][ T5464] ? __lock_acquire+0x6b6/0x2cf0
[ 102.421056][ T5464] ? make_vfsgid+0x49/0xa0
[ 102.423119][ T5464] ? generic_fillattr+0x63d/0x9a0
[ 102.425338][ T5464] ima_collect_measurement+0x428/0x8f0
[ 102.427735][ T5464] ? __pfx_ima_collect_measurement+0x10/0x10
[ 102.430435][ T5464] ? trace_contention_end+0x39/0x100
[ 102.432707][ T5464] ? __mutex_lock+0x335/0x1350
[ 102.434809][ T5464] ? __pfx_ima_get_hash_algo+0x10/0x10
[ 102.437272][ T5464] process_measurement+0x111e/0x1a70
[ 102.439593][ T5464] ? __pfx_process_measurement+0x10/0x10
[ 102.441761][ T5464] ? tomoyo_check_open_permission+0x325/0x3b0
[ 102.443887][ T5464] ? tomoyo_check_open_permission+0x16a/0x3b0
[ 102.446333][ T5464] ima_file_check+0xd9/0x130
[ 102.448252][ T5464] ? __pfx_ima_file_check+0x10/0x10
[ 102.450516][ T5464] security_file_post_open+0xbb/0x290
[ 102.452983][ T5464] path_openat+0x3456/0x3dd0
[ 102.454980][ T5464] ? __pfx_stack_trace_save+0x10/0x10
[ 102.457211][ T5464] ? kmem_cache_alloc_noprof+0x37d/0x710
[ 102.459484][ T5464] ? getname_flags+0xb8/0x540
[ 102.461474][ T5464] ? __pfx_path_openat+0x10/0x10
[ 102.463483][ T5464] ? __lock_acquire+0x6b6/0x2cf0
[ 102.465598][ T5464] do_filp_open+0x1fa/0x410
[ 102.467509][ T5464] ? __pfx_do_filp_open+0x10/0x10
[ 102.469513][ T5464] ? _raw_spin_unlock+0x28/0x50
[ 102.471562][ T5464] ? alloc_fd+0x64c/0x6c0
[ 102.473646][ T5464] do_sys_openat2+0x121/0x200
[ 102.475584][ T5464] ? __se_sys_futex+0x36f/0x400
[ 102.477565][ T5464] ? __pfx_do_sys_openat2+0x10/0x10
[ 102.479861][ T5464] ? exc_page_fault+0x71/0xd0
[ 102.481950][ T5464] ? __pfx___se_sys_futex+0x10/0x10
[ 102.484175][ T5464] __x64_sys_openat+0x138/0x170
[ 102.486319][ T5464] do_syscall_64+0xec/0xf80
[ 102.488343][ T5464] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 102.491048][ T5464] ? trace_irq_disable+0x37/0x100
[ 102.493306][ T5464] ? clear_bhb_loop+0x60/0xb0
[ 102.495383][ T5464] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 102.498030][ T5464] RIP: 0033:0x7fc63858f7c9
[ 102.499902][ T5464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 102.507943][ T5464] RSP: 002b:00007ffea3b9ea28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 102.511500][ T5464] RAX: ffffffffffffffda RBX: 00007fc6387e5fa0 RCX: 00007fc63858f7c9
[ 102.515007][ T5464] RDX: 0000000000000000 RSI: 0000200000004280 RDI: ffffffffffffff9c
[ 102.518061][ T5464] RBP: 00007fc638613f91 R08: 0000000000000000 R09: 0000000000000000
[ 102.521622][ T5464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 102.525071][ T5464] R13: 00007fc6387e5fa0 R14: 00007fc6387e5fa0 R15: 0000000000000004
[ 102.528313][ T5464]
[ 102.530005][ T5464] Kernel Offset: disabled
[ 102.531845][ T5464] Rebooting in 86400 seconds..
VM DIAGNOSIS:
22:23:21 Registers:
info registers vcpu 0
CPU#0
RAX=0000000000000061 RBX=0000000000000061 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900029e5990
R8 =ffff8880340a8237 R9 =1ffff11006815046 R10=dffffc0000000000 R11=ffffffff851bb760
R12=dffffc0000000000 R13=ffffffff999009fa R14=ffffffff99c156c0 R15=0000000000000000
RIP=ffffffff851bb7dc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055555aa44500 ffffffff 00c00000
GS =0000 ffff88808d414000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000004280 CR3=000000001f1b6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000008 Opmask01=0000000000000014 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffea3b9df90 00007ffea3b9df70
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffea3b9e0d0 00007ffea3b9df50
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffea3b9df90
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffea3b9e0d0
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffea3b9e0d0 00007ffea3b9df50
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffea3b9df90 00007ffea3b9df70
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc6386150f1
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc6386151cf
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 eefe5ddfcbbbf977 7f2eefe5ddfcbbbf 9777f2eefe5ddfcb bbf9770073667068
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 598cfa3495246ec9 d339a8c0a489e30f af1d9f583c0bedea 00040009000a0008
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6e3d6b63656863 2c736973613d6573 61632c6f6e3d7361 652c6f6e3d736165
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4ae47909766ebd5e dc1a7503e60a54f0 f135a227dca5d0b5 eee147e26ade8c39
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 37b7163b7bfd9638 9ef370f65611955f 51c884b60ce29a8e b6138c1932c37eb0
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 e05ab850c7023446 6d2683ce3a8abd33 4c33e4b22795c6c1 cc8fafa1526be8e5
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 585f793ca9bd08c0 741b53e7434b5e33 2536fafae850e18d df89a6063f5cc80c
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000