Warning: Permanently added '10.128.0.172' (ED25519) to the list of known hosts.
2025/10/25 11:35:55 parsed 1 programs
[   91.367666][ T5834] cgroup: Unknown subsys name 'net'
[   91.503950][ T5834] cgroup: Unknown subsys name 'cpuset'
[   91.514828][ T5834] cgroup: Unknown subsys name 'rlimit'
[   92.102405][  T981] cfg80211: failed to load regulatory.db
[   93.282927][ T5834] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   96.257598][ T5848] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   96.581401][   T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   96.590195][   T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   96.598630][   T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   96.607827][   T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   96.616817][   T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   98.256234][ T5885] chnl_net:caif_netlink_parms(): no params data found
[   98.358777][ T5885] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.369054][ T5885] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.376530][ T5885] bridge_slave_0: entered allmulticast mode
[   98.384683][ T5885] bridge_slave_0: entered promiscuous mode
[   98.394754][ T5885] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.402997][ T5885] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.410341][ T5885] bridge_slave_1: entered allmulticast mode
[   98.417647][ T5885] bridge_slave_1: entered promiscuous mode
[   98.457907][ T5885] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   98.471676][ T5885] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   98.515416][ T5885] team0: Port device team_slave_0 added
[   98.524208][ T5885] team0: Port device team_slave_1 added
[   98.554903][ T5885] batman_adv: batadv0: Adding interface: batadv_slave_0
[   98.562312][ T5885] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   98.588266][ T5885] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   98.601433][ T5885] batman_adv: batadv0: Adding interface: batadv_slave_1
[   98.608435][ T5885] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   98.634707][ T5885] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   98.683222][ T5885] hsr_slave_0: entered promiscuous mode
[   98.690101][ T5885] hsr_slave_1: entered promiscuous mode
[   98.852791][ T5885] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   98.865540][ T5885] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   98.876823][ T5885] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   98.887469][ T5885] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   98.919259][ T5885] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.926550][ T5885] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.934732][ T5885] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.941925][ T5885] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.008155][ T5885] 8021q: adding VLAN 0 to HW filter on device bond0
[   99.028891][ T1166] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.038010][ T1166] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.055558][ T5885] 8021q: adding VLAN 0 to HW filter on device team0
[   99.072942][ T1166] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.080361][ T1166] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.095715][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.102900][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.303262][ T5885] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.349365][ T5885] veth0_vlan: entered promiscuous mode
[   99.363488][ T5885] veth1_vlan: entered promiscuous mode
[   99.401487][ T5885] veth0_macvtap: entered promiscuous mode
[   99.413261][ T5885] veth1_macvtap: entered promiscuous mode
[   99.434106][ T5885] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.449135][ T5885] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.466183][ T1166] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.476287][ T1166] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.487165][ T1166] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.497154][ T1166] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.656937][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.729499][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.817390][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.888977][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.161423][ T1154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.171154][ T1154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.206212][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.214464][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/10/25 11:36:08 executed programs: 0
[  101.632391][   T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  101.642784][   T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  101.650776][   T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  101.659308][   T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  101.668042][   T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  101.846154][ T5943] chnl_net:caif_netlink_parms(): no params data found
[  101.931572][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.938935][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.947266][ T5943] bridge_slave_0: entered allmulticast mode
[  101.954887][ T5943] bridge_slave_0: entered promiscuous mode
[  101.963607][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.970927][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.978128][ T5943] bridge_slave_1: entered allmulticast mode
[  101.985825][ T5943] bridge_slave_1: entered promiscuous mode
[  102.020315][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  102.032962][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  102.069332][ T5943] team0: Port device team_slave_0 added
[  102.078418][ T5943] team0: Port device team_slave_1 added
[  102.111360][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.118354][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.145870][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.158504][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.165783][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.192066][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  102.239832][ T5943] hsr_slave_0: entered promiscuous mode
[  102.246569][ T5943] hsr_slave_1: entered promiscuous mode
[  102.253020][ T5943] debugfs: 'hsr0' already exists in 'hsr'
[  102.258847][ T5943] Cannot create hsr debugfs directory
[  102.609254][   T12] bridge_slave_1: left allmulticast mode
[  102.615882][   T12] bridge_slave_1: left promiscuous mode
[  102.624381][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.641628][   T12] bridge_slave_0: left allmulticast mode
[  102.647423][   T12] bridge_slave_0: left promiscuous mode
[  102.655189][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.054096][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  103.066547][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  103.078539][   T12] bond0 (unregistering): Released all slaves
[  103.189528][   T12] hsr_slave_0: left promiscuous mode
[  103.196124][   T12] hsr_slave_1: left promiscuous mode
[  103.204988][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  103.213258][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  103.225945][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  103.234893][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  103.259883][   T12] veth1_macvtap: left promiscuous mode
[  103.265795][   T12] veth0_macvtap: left promiscuous mode
[  103.272075][   T12] veth1_vlan: left promiscuous mode
[  103.278116][   T12] veth0_vlan: left promiscuous mode
[  103.706680][   T52] Bluetooth: hci0: command tx timeout
[  103.943002][   T12] team0 (unregistering): Port device team_slave_1 removed
[  103.969443][   T12] team0 (unregistering): Port device team_slave_0 removed
[  104.431336][ T5943] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  104.444673][ T5943] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  104.461944][ T5943] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  104.474030][ T5943] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  105.039433][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0
[  105.117324][ T5943] 8021q: adding VLAN 0 to HW filter on device team0
[  105.162442][  T997] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.169665][  T997] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.202484][  T997] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.209709][  T997] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.682785][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0
[  105.778378][ T5943] veth0_vlan: entered promiscuous mode
[  105.784207][   T52] Bluetooth: hci0: command tx timeout
[  105.798918][ T5943] veth1_vlan: entered promiscuous mode
[  105.834717][ T5943] veth0_macvtap: entered promiscuous mode
[  105.847280][ T5943] veth1_macvtap: entered promiscuous mode
[  105.880536][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0
[  105.905817][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1
[  105.929254][  T997] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.949414][  T997] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.970690][  T997] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.979471][  T997] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  106.070818][  T997] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.078792][  T997] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.132234][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.141465][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.213686][ T6028] loop0: detected capacity change from 0 to 128
[  106.223772][ T6028] =======================================================
[  106.223772][ T6028] WARNING: The mand mount option has been deprecated and
[  106.223772][ T6028]          and is ignored by this kernel. Remove the mand
[  106.223772][ T6028]          option from the mount to silence this warning.
[  106.223772][ T6028] =======================================================
[  106.267085][ T6028] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  106.281719][ T6028] hpfs: filesystem error: improperly stopped
[  106.287775][ T6028] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  106.296793][ T6028] hpfs: You really don't want any checks? You are crazy...
[  106.305324][ T6028] hpfs: hpfs_map_sector(): read error
[  106.311149][ T6028] hpfs: code page support is disabled
[  106.318415][ T6028] HPFS: de_next_de: de->length = 84ba
[  106.325211][ T6028] HPFS: dnode_end_de: dnode->first_free = 7b3184b6
[  106.332548][ T6028] HPFS: de_next_de: de->length = 0
[  106.337810][ T6028] HPFS: dnode_end_de: dnode->first_free = 7b3184b6
[  106.349240][ T6028] HPFS: de_next_de: de->length = 0
[  106.355104][ T6028] HPFS: dnode_end_de: dnode->first_free = 7b3184b6
[  106.362182][ T6028] HPFS: de_next_de: de->length = 0
[  106.367732][ T6028] HPFS: dnode_end_de: dnode->first_free = 7b3184b6
[  106.375747][ T6028] HPFS: de_next_de: de->length = 0
[  106.381268][ T6028] HPFS: dnode_end_de: dnode->first_free = 7b3184b6
[  106.387915][ T6028] HPFS: de_next_de: de->length = 0
[  106.393518][ T6028] HPFS: dnode_end_de: dnode->first_free = 7b3184b6
[  106.400952][ T6028] ==================================================================
[  106.409063][ T6028] BUG: KASAN: use-after-free in hpfs_count_dnodes+0x854/0xb20
[  106.416561][ T6028] Read of size 2 at addr ffff88805c04a4d0 by task syz.0.17/6028
[  106.424198][ T6028] 
[  106.426551][ T6028] CPU: 0 UID: 0 PID: 6028 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  106.426571][ T6028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  106.426589][ T6028] Call Trace:
[  106.426597][ T6028]  <TASK>
[  106.426604][ T6028]  dump_stack_lvl+0x189/0x250
[  106.426631][ T6028]  ? __kasan_check_byte+0x12/0x40
[  106.426654][ T6028]  ? __pfx_dump_stack_lvl+0x10/0x10
[  106.426678][ T6028]  ? lock_release+0x4b/0x3e0
[  106.426700][ T6028]  ? __virt_addr_valid+0x4a5/0x5c0
[  106.426727][ T6028]  print_report+0xca/0x240
[  106.426749][ T6028]  ? hpfs_count_dnodes+0x854/0xb20
[  106.426769][ T6028]  kasan_report+0x118/0x150
[  106.426792][ T6028]  ? hpfs_count_dnodes+0x854/0xb20
[  106.426815][ T6028]  hpfs_count_dnodes+0x854/0xb20
[  106.426839][ T6028]  ? __pfx_hpfs_count_dnodes+0x10/0x10
[  106.426862][ T6028]  ? hpfs_map_sector+0x14f/0x380
[  106.426882][ T6028]  ? hpfs_map_fnode+0x27e/0x6a0
[  106.426905][ T6028]  ? set_normalized_timespec64+0xf0/0x1a0
[  106.426923][ T6028]  ? __lock_acquire+0xab9/0xd20
[  106.426943][ T6028]  hpfs_read_inode+0xc52/0x1010
[  106.426969][ T6028]  ? __pfx_hpfs_read_inode+0x10/0x10
[  106.426990][ T6028]  ? inode_set_ctime_to_ts+0x126/0x2f0
[  106.427017][ T6028]  ? __pfx_inode_set_ctime_to_ts+0x10/0x10
[  106.427039][ T6028]  ? do_raw_spin_unlock+0x122/0x240
[  106.427067][ T6028]  ? hpfs_init_inode+0x216/0x350
[  106.427091][ T6028]  hpfs_fill_super+0x129d/0x2040
[  106.427127][ T6028]  ? __pfx_hpfs_fill_super+0x10/0x10
[  106.427155][ T6028]  ? __pfx_snprintf+0x10/0x10
[  106.427173][ T6028]  ? set_blocksize+0x21e/0x500
[  106.427202][ T6028]  ? sb_set_blocksize+0x104/0x180
[  106.427227][ T6028]  ? setup_bdev_super+0x4c1/0x5b0
[  106.427253][ T6028]  get_tree_bdev_flags+0x40e/0x4d0
[  106.427279][ T6028]  ? __pfx_hpfs_fill_super+0x10/0x10
[  106.427306][ T6028]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  106.427335][ T6028]  vfs_get_tree+0x92/0x2b0
[  106.427360][ T6028]  do_new_mount+0x302/0xa10
[  106.427388][ T6028]  ? __pfx_do_new_mount+0x10/0x10
[  106.427416][ T6028]  ? kmem_cache_free+0x19b/0x690
[  106.427439][ T6028]  __se_sys_mount+0x313/0x410
[  106.427468][ T6028]  ? __pfx___se_sys_mount+0x10/0x10
[  106.427495][ T6028]  ? do_syscall_64+0xbe/0xfa0
[  106.427520][ T6028]  ? __x64_sys_mount+0x20/0xc0
[  106.427547][ T6028]  do_syscall_64+0xfa/0xfa0
[  106.427571][ T6028]  ? lockdep_hardirqs_on+0x9c/0x150
[  106.427596][ T6028]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.427613][ T6028]  ? clear_bhb_loop+0x60/0xb0
[  106.427631][ T6028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.427648][ T6028] RIP: 0033:0x7f373139076a
[  106.427669][ T6028] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.427684][ T6028] RSP: 002b:00007ffdcfc86ac8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  106.427702][ T6028] RAX: ffffffffffffffda RBX: 00007ffdcfc86b50 RCX: 00007f373139076a
[  106.427714][ T6028] RDX: 000020000000a000 RSI: 0000200000009ec0 RDI: 00007ffdcfc86b10
[  106.427726][ T6028] RBP: 000020000000a000 R08: 00007ffdcfc86b50 R09: 0000000003200041
[  106.427738][ T6028] R10: 0000000003200041 R11: 0000000000000246 R12: 0000200000009ec0
[  106.427749][ T6028] R13: 00007ffdcfc86b10 R14: 0000000000009e21 R15: 0000200000000000
[  106.427769][ T6028]  </TASK>
[  106.427774][ T6028] 
[  106.747814][ T6028] The buggy address belongs to the physical page:
[  106.754241][ T6028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x7f9ea1468 pfn:0x5c04a
[  106.763709][ T6028] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  106.770841][ T6028] raw: 00fff00000000000 ffffea0001700948 ffffea0001700508 0000000000000000
[  106.779434][ T6028] raw: 00000007f9ea1468 0000000000000000 00000000ffffffff 0000000000000000
[  106.788038][ T6028] page dumped because: kasan: bad access detected
[  106.794479][ T6028] page_owner tracks the page as freed
[  106.799866][ T6028] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 6017, tgid 6017 (dhcpcd-run-hook), ts 106043745820, free_ts 106397888029
[  106.818039][ T6028]  post_alloc_hook+0x240/0x2a0
[  106.822826][ T6028]  get_page_from_freelist+0x2365/0x2440
[  106.828392][ T6028]  __alloc_frozen_pages_noprof+0x181/0x370
[  106.834225][ T6028]  alloc_pages_mpol+0x232/0x4a0
[  106.839092][ T6028]  vma_alloc_folio_noprof+0xe4/0x200
[  106.844473][ T6028]  folio_prealloc+0x30/0x180
[  106.849073][ T6028]  do_wp_page+0x1231/0x5800
[  106.853578][ T6028]  __handle_mm_fault+0x102e/0x5440
[  106.858691][ T6028]  handle_mm_fault+0x40a/0x8e0
[  106.863457][ T6028]  do_user_addr_fault+0x764/0x1380
[  106.868580][ T6028]  exc_page_fault+0x82/0x100
[  106.873180][ T6028]  asm_exc_page_fault+0x26/0x30
[  106.878043][ T6028] page last free pid 6017 tgid 6017 stack trace:
[  106.884371][ T6028]  free_unref_folios+0xd22/0x1460
[  106.889406][ T6028]  folios_put_refs+0x584/0x670
[  106.894186][ T6028]  free_pages_and_swap_cache+0x277/0x520
[  106.899847][ T6028]  tlb_flush_mmu+0x3a0/0x680
[  106.904452][ T6028]  tlb_finish_mmu+0xc3/0x1d0
[  106.909077][ T6028]  exit_mmap+0x444/0xb40
[  106.913327][ T6028]  __mmput+0x118/0x430
[  106.917425][ T6028]  exit_mm+0x1da/0x2c0
[  106.921511][ T6028]  do_exit+0x648/0x2300
[  106.925696][ T6028]  do_group_exit+0x21c/0x2d0
[  106.930291][ T6028]  __x64_sys_exit_group+0x3f/0x40
[  106.935342][ T6028]  x64_sys_call+0x21f7/0x2200
[  106.940027][ T6028]  do_syscall_64+0xfa/0xfa0
[  106.944552][ T6028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.950463][ T6028] 
[  106.952798][ T6028] Memory state around the buggy address:
[  106.958435][ T6028]  ffff88805c04a380: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  106.966510][ T6028]  ffff88805c04a400: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  106.974577][ T6028] >ffff88805c04a480: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  106.982642][ T6028]                                                  ^
[  106.989323][ T6028]  ffff88805c04a500: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  106.997393][ T6028]  ffff88805c04a580: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  107.005462][ T6028] ==================================================================
[  107.026641][ T6028] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  107.033904][ T6028] CPU: 1 UID: 0 PID: 6028 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  107.043055][ T6028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  107.053151][ T6028] Call Trace:
[  107.056474][ T6028]  <TASK>
[  107.059436][ T6028]  dump_stack_lvl+0x99/0x250
[  107.064078][ T6028]  ? __asan_memcpy+0x40/0x70
[  107.068725][ T6028]  ? __pfx_dump_stack_lvl+0x10/0x10
[  107.073979][ T6028]  ? __pfx__printk+0x10/0x10
[  107.078582][ T6028]  vpanic+0x237/0x6d0
[  107.082579][ T6028]  ? __pfx_vpanic+0x10/0x10
[  107.087104][ T6028]  ? preempt_schedule+0xae/0xc0
[  107.091972][ T6028]  ? __pfx_preempt_schedule+0x10/0x10
[  107.097359][ T6028]  panic+0xb9/0xc0
[  107.101092][ T6028]  ? __pfx_panic+0x10/0x10
[  107.105612][ T6028]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  107.111518][ T6028]  ? hpfs_count_dnodes+0x854/0xb20
[  107.116636][ T6028]  check_panic_on_warn+0x89/0xb0
[  107.121579][ T6028]  ? hpfs_count_dnodes+0x854/0xb20
[  107.126702][ T6028]  end_report+0x78/0x160
[  107.130972][ T6028]  kasan_report+0x129/0x150
[  107.135506][ T6028]  ? hpfs_count_dnodes+0x854/0xb20
[  107.140650][ T6028]  hpfs_count_dnodes+0x854/0xb20
[  107.145638][ T6028]  ? __pfx_hpfs_count_dnodes+0x10/0x10
[  107.151155][ T6028]  ? hpfs_map_sector+0x14f/0x380
[  107.156122][ T6028]  ? hpfs_map_fnode+0x27e/0x6a0
[  107.161427][ T6028]  ? set_normalized_timespec64+0xf0/0x1a0
[  107.167157][ T6028]  ? __lock_acquire+0xab9/0xd20
[  107.172027][ T6028]  hpfs_read_inode+0xc52/0x1010
[  107.177328][ T6028]  ? __pfx_hpfs_read_inode+0x10/0x10
[  107.182628][ T6028]  ? inode_set_ctime_to_ts+0x126/0x2f0
[  107.188103][ T6028]  ? __pfx_inode_set_ctime_to_ts+0x10/0x10
[  107.193947][ T6028]  ? do_raw_spin_unlock+0x122/0x240
[  107.199169][ T6028]  ? hpfs_init_inode+0x216/0x350
[  107.204128][ T6028]  hpfs_fill_super+0x129d/0x2040
[  107.209094][ T6028]  ? __pfx_hpfs_fill_super+0x10/0x10
[  107.214399][ T6028]  ? __pfx_snprintf+0x10/0x10
[  107.219085][ T6028]  ? set_blocksize+0x21e/0x500
[  107.223866][ T6028]  ? sb_set_blocksize+0x104/0x180
[  107.228919][ T6028]  ? setup_bdev_super+0x4c1/0x5b0
[  107.233969][ T6028]  get_tree_bdev_flags+0x40e/0x4d0
[  107.239100][ T6028]  ? __pfx_hpfs_fill_super+0x10/0x10
[  107.244405][ T6028]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  107.250060][ T6028]  vfs_get_tree+0x92/0x2b0
[  107.254492][ T6028]  do_new_mount+0x302/0xa10
[  107.259018][ T6028]  ? __pfx_do_new_mount+0x10/0x10
[  107.264063][ T6028]  ? kmem_cache_free+0x19b/0x690
[  107.269013][ T6028]  __se_sys_mount+0x313/0x410
[  107.273710][ T6028]  ? __pfx___se_sys_mount+0x10/0x10
[  107.278940][ T6028]  ? do_syscall_64+0xbe/0xfa0
[  107.283702][ T6028]  ? __x64_sys_mount+0x20/0xc0
[  107.288498][ T6028]  do_syscall_64+0xfa/0xfa0
[  107.293029][ T6028]  ? lockdep_hardirqs_on+0x9c/0x150
[  107.298250][ T6028]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.304327][ T6028]  ? clear_bhb_loop+0x60/0xb0
[  107.309016][ T6028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.314923][ T6028] RIP: 0033:0x7f373139076a
[  107.319364][ T6028] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.339063][ T6028] RSP: 002b:00007ffdcfc86ac8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  107.347495][ T6028] RAX: ffffffffffffffda RBX: 00007ffdcfc86b50 RCX: 00007f373139076a
[  107.355578][ T6028] RDX: 000020000000a000 RSI: 0000200000009ec0 RDI: 00007ffdcfc86b10
[  107.363577][ T6028] RBP: 000020000000a000 R08: 00007ffdcfc86b50 R09: 0000000003200041
[  107.371607][ T6028] R10: 0000000003200041 R11: 0000000000000246 R12: 0000200000009ec0
[  107.379591][ T6028] R13: 00007ffdcfc86b10 R14: 0000000000009e21 R15: 0000200000000000
[  107.387583][ T6028]  </TASK>
[  107.390947][ T6028] Kernel Offset: disabled
[  107.395289][ T6028] Rebooting in 86400 seconds..