Warning: Permanently added '10.128.0.231' (ED25519) to the list of known hosts.
2025/10/14 20:17:11 parsed 1 programs
[ 69.755153][ T4191] cgroup: Unknown subsys name 'net'
[ 69.889839][ T4191] cgroup: Unknown subsys name 'rlimit'
[ 71.398431][ T4191] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 71.456285][ T1427] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.462873][ T1427] ieee802154 phy1 wpan1: encryption failed: -22
[ 73.478133][ T4220] chnl_net:caif_netlink_parms(): no params data found
[ 73.534772][ T4220] bridge0: port 1(bridge_slave_0) entered blocking state
[ 73.542629][ T4220] bridge0: port 1(bridge_slave_0) entered disabled state
[ 73.551137][ T4220] device bridge_slave_0 entered promiscuous mode
[ 73.561244][ T4220] bridge0: port 2(bridge_slave_1) entered blocking state
[ 73.568550][ T4220] bridge0: port 2(bridge_slave_1) entered disabled state
[ 73.576964][ T4220] device bridge_slave_1 entered promiscuous mode
[ 73.606021][ T4220] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 73.617778][ T4220] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 73.649561][ T4220] team0: Port device team_slave_0 added
[ 73.657680][ T4220] team0: Port device team_slave_1 added
[ 73.683882][ T4220] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 73.690982][ T4220] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 73.717122][ T4220] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 73.730533][ T4220] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 73.737627][ T4220] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 73.764099][ T4220] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 73.805213][ T4220] device hsr_slave_0 entered promiscuous mode
[ 73.812219][ T4220] device hsr_slave_1 entered promiscuous mode
[ 73.961583][ T4220] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 73.974967][ T4220] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 73.986544][ T4220] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 73.997539][ T4220] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 74.032831][ T4220] bridge0: port 2(bridge_slave_1) entered blocking state
[ 74.040244][ T4220] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 74.048645][ T4220] bridge0: port 1(bridge_slave_0) entered blocking state
[ 74.055813][ T4220] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 74.118466][ T4220] 8021q: adding VLAN 0 to HW filter on device bond0
[ 74.139479][ T247] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 74.150365][ T247] bridge0: port 1(bridge_slave_0) entered disabled state
[ 74.159922][ T247] bridge0: port 2(bridge_slave_1) entered disabled state
[ 74.176719][ T4220] 8021q: adding VLAN 0 to HW filter on device team0
[ 74.189479][ T247] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 74.198721][ T247] bridge0: port 1(bridge_slave_0) entered blocking state
[ 74.205847][ T247] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 74.225053][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 74.235542][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 74.242814][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 74.268478][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 74.277847][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 74.289297][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 74.308001][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 74.317910][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 74.330521][ T4220] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 74.466182][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 74.476355][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 74.492221][ T4220] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 74.517147][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 74.528881][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 74.551209][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 74.561564][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 74.573601][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 74.581607][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 74.594816][ T4220] device veth0_vlan entered promiscuous mode
[ 74.607960][ T4220] device veth1_vlan entered promiscuous mode
[ 74.632541][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 74.641144][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 74.650618][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 74.659630][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 74.671267][ T4220] device veth0_macvtap entered promiscuous mode
[ 74.683513][ T4220] device veth1_macvtap entered promiscuous mode
[ 74.704988][ T4220] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 74.712666][ T247] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 74.721756][ T247] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 74.730382][ T247] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 74.739597][ T247] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 74.752291][ T4220] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 74.763650][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 74.772839][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 74.783768][ T4220] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.792675][ T4220] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.803882][ T4220] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.812641][ T4220] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.974124][ T144] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 77.310316][ T144] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 79.518964][ T144] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 79.570673][ T144] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 80.213438][ T247] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.222811][ T247] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 80.253441][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 80.274092][ T3074] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.285107][ T3074] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 80.313439][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 80.824829][ T144] device hsr_slave_0 left promiscuous mode
[ 80.833681][ T144] device hsr_slave_1 left promiscuous mode
[ 80.856251][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 80.873293][ T144] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 80.881932][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 80.890539][ T144] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 80.900057][ T144] device bridge_slave_1 left promiscuous mode
[ 80.908626][ T144] bridge0: port 2(bridge_slave_1) entered disabled state
[ 80.940134][ T144] device bridge_slave_0 left promiscuous mode
[ 80.960802][ T144] bridge0: port 1(bridge_slave_0) entered disabled state
[ 81.015918][ T144] device veth1_macvtap left promiscuous mode
[ 81.022445][ T144] device veth0_macvtap left promiscuous mode
[ 81.044117][ T144] device veth1_vlan left promiscuous mode
[ 81.054592][ T144] device veth0_vlan left promiscuous mode
2025/10/14 20:17:25 executed programs: 0
[ 81.307892][ T144] team0 (unregistering): Port device team_slave_1 removed
[ 81.321777][ T144] team0 (unregistering): Port device team_slave_0 removed
[ 81.336976][ T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 81.350736][ T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 81.409852][ T144] bond0 (unregistering): Released all slaves
[ 81.636537][ T4335] chnl_net:caif_netlink_parms(): no params data found
[ 81.794067][ T4335] bridge0: port 1(bridge_slave_0) entered blocking state
[ 81.813305][ T4335] bridge0: port 1(bridge_slave_0) entered disabled state
[ 81.824713][ T4335] device bridge_slave_0 entered promiscuous mode
[ 81.844114][ T4335] bridge0: port 2(bridge_slave_1) entered blocking state
[ 81.851233][ T4335] bridge0: port 2(bridge_slave_1) entered disabled state
[ 81.884583][ T4335] device bridge_slave_1 entered promiscuous mode
[ 81.983776][ T4335] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 82.015546][ T4335] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 82.107517][ T4335] team0: Port device team_slave_0 added
[ 82.126638][ T4335] team0: Port device team_slave_1 added
[ 82.193333][ T4335] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 82.200331][ T4335] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 82.263254][ T4335] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 82.291632][ T4335] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 82.314415][ T4335] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 82.373290][ T4335] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 82.428860][ T4335] device hsr_slave_0 entered promiscuous mode
[ 82.445478][ T4335] device hsr_slave_1 entered promiscuous mode
[ 83.197774][ T4335] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 83.205575][ T4279] Bluetooth: hci0: command 0x0409 tx timeout
[ 83.229788][ T4335] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 83.240207][ T4335] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 83.251952][ T4335] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 83.347356][ T4335] 8021q: adding VLAN 0 to HW filter on device bond0
[ 83.361801][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 83.372694][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 83.384840][ T4335] 8021q: adding VLAN 0 to HW filter on device team0
[ 83.397636][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 83.407685][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 83.419896][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 83.427336][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 83.449061][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 83.459704][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 83.469196][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 83.496447][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 83.503703][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 83.515263][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 83.544893][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 83.555961][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 83.566730][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 83.580504][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 83.590911][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 83.612444][ T4335] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 83.625588][ T4335] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 83.641568][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 83.652000][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 83.661028][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 83.671368][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 83.680620][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 83.696649][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 83.912306][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 83.934754][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 83.949122][ T4335] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 83.975212][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 83.988929][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 84.009499][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 84.018734][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 84.029354][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 84.039429][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 84.051227][ T4335] device veth0_vlan entered promiscuous mode
[ 84.065847][ T4335] device veth1_vlan entered promiscuous mode
[ 84.098061][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 84.113987][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 84.153060][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 84.161972][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 84.175119][ T4335] device veth0_macvtap entered promiscuous mode
[ 84.209111][ T4335] device veth1_macvtap entered promiscuous mode
[ 84.228854][ T4335] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 84.242107][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 84.252663][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 84.262330][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 84.272692][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 84.287566][ T4335] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 84.298547][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 84.318383][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 84.332361][ T4335] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 84.349253][ T4335] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 84.358786][ T4335] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 84.369091][ T4335] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 84.500289][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 84.527282][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 84.559965][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 84.579068][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 84.589681][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 84.611692][ T3074] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 84.667286][ T4440] loop0: detected capacity change from 0 to 1024
[ 84.734714][ T4440] hfsplus: invalid length 256 has been corrected to 255
[ 84.748308][ T4440] ==================================================================
[ 84.756683][ T4440] BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0x5b9/0x1240
[ 84.764458][ T4440] Read of size 2 at addr ffff8880704b3a18 by task syz.0.17/4440
[ 84.772123][ T4440]
[ 84.774493][ T4440] CPU: 1 PID: 4440 Comm: syz.0.17 Not tainted syzkaller #0
[ 84.781857][ T4440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 84.792095][ T4440] Call Trace:
[ 84.795407][ T4440]
[ 84.798376][ T4440] dump_stack_lvl+0x168/0x230
[ 84.803282][ T4440] ? show_regs_print_info+0x20/0x20
[ 84.808520][ T4440] ? _printk+0xcc/0x110
[ 84.812901][ T4440] ? hfsplus_uni2asc+0x5b9/0x1240
[ 84.818066][ T4440] ? load_image+0x3b0/0x3b0
[ 84.822614][ T4440] ? _raw_spin_lock_irqsave+0xb0/0xf0
[ 84.828031][ T4440] print_address_description+0x60/0x2d0
[ 84.833627][ T4440] ? hfsplus_uni2asc+0x5b9/0x1240
[ 84.838695][ T4440] kasan_report+0xdf/0x130
[ 84.843159][ T4440] ? hfsplus_uni2asc+0x5b9/0x1240
[ 84.848232][ T4440] ? hfsplus_bnode_read+0x265/0x6c0
[ 84.853483][ T4440] hfsplus_uni2asc+0x5b9/0x1240
[ 84.858380][ T4440] ? hfsplus_bnode_read_u16+0x84/0xd0
[ 84.863809][ T4440] hfsplus_listxattr+0x58b/0xb80
[ 84.868809][ T4440] ? hfsplus_getxattr+0xd0/0xd0
[ 84.873708][ T4440] ? user_path_at_empty+0x13e/0x190
[ 84.878975][ T4440] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 84.885027][ T4440] ? rcu_is_watching+0x11/0xa0
[ 84.889832][ T4440] ? kmem_cache_free+0x14c/0x210
[ 84.894824][ T4440] ? bpf_lsm_inode_listxattr+0x5/0x10
[ 84.900238][ T4440] listxattr+0x283/0x2e0
[ 84.904519][ T4440] ? hfsplus_getxattr+0xd0/0xd0
[ 84.909465][ T4440] path_listxattr+0xd9/0x1b0
[ 84.914101][ T4440] ? getxattr+0x370/0x370
[ 84.918473][ T4440] ? lockdep_hardirqs_on+0x94/0x140
[ 84.923724][ T4440] do_syscall_64+0x4c/0xa0
[ 84.928190][ T4440] ? clear_bhb_loop+0x30/0x80
[ 84.932907][ T4440] ? clear_bhb_loop+0x30/0x80
[ 84.937622][ T4440] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 84.943568][ T4440] RIP: 0033:0x7f3ecc861ec9
[ 84.948113][ T4440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 84.967759][ T4440] RSP: 002b:00007ffc3c7fde58 EFLAGS: 00000246 ORIG_RAX: 00000000000000c3
[ 84.976212][ T4440] RAX: ffffffffffffffda RBX: 00007f3eccab8fa0 RCX: 00007f3ecc861ec9
[ 84.984222][ T4440] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000080
[ 84.992228][ T4440] RBP: 00007f3ecc8e4f91 R08: 0000000000000000 R09: 0000000000000000
[ 85.000235][ T4440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 85.008420][ T4440] R13: 00007f3eccab8fa0 R14: 00007f3eccab8fa0 R15: 0000000000000003
[ 85.016541][ T4440]
[ 85.019591][ T4440]
[ 85.021938][ T4440] Allocated by task 4440:
[ 85.026287][ T4440] __kasan_kmalloc+0xb5/0xf0
[ 85.030917][ T4440] hfsplus_find_init+0x85/0x1c0
[ 85.035802][ T4440] hfsplus_listxattr+0x38c/0xb80
[ 85.040779][ T4440] listxattr+0x283/0x2e0
[ 85.045059][ T4440] path_listxattr+0xd9/0x1b0
[ 85.049684][ T4440] do_syscall_64+0x4c/0xa0
[ 85.054132][ T4440] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 85.060074][ T4440]
[ 85.062426][ T4440] The buggy address belongs to the object at ffff8880704b3800
[ 85.062426][ T4440] which belongs to the cache kmalloc-1k of size 1024
[ 85.076509][ T4440] The buggy address is located 536 bytes inside of
[ 85.076509][ T4440] 1024-byte region [ffff8880704b3800, ffff8880704b3c00)
[ 85.089904][ T4440] The buggy address belongs to the page:
[ 85.095575][ T4440] page:ffffea0001c12c00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x704b0
[ 85.105840][ T4440] head:ffffea0001c12c00 order:3 compound_mapcount:0 compound_pincount:0
[ 85.114202][ T4440] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 85.122327][ T4440] raw: 00fff00000010200 ffffea00006be600 0000000700000007 ffff888016841dc0
[ 85.130942][ T4440] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 85.139549][ T4440] page dumped because: kasan: bad access detected
[ 85.145998][ T4440] page_owner tracks the page as allocated
[ 85.151738][ T4440] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4149, ts 57626953918, free_ts 57614485823
[ 85.170879][ T4440] get_page_from_freelist+0x1b77/0x1c60
[ 85.176483][ T4440] __alloc_pages+0x1e1/0x470
[ 85.181115][ T4440] new_slab+0xc0/0x4b0
[ 85.185230][ T4440] ___slab_alloc+0x81e/0xdf0
[ 85.189872][ T4440] __kmalloc_node_track_caller+0x1fc/0x3a0
[ 85.195818][ T4440] __alloc_skb+0x22c/0x750
[ 85.200445][ T4440] sk_stream_alloc_skb+0x1fa/0xa60
[ 85.205597][ T4440] tcp_sendmsg_locked+0xc3e/0x3590
[ 85.210747][ T4440] tcp_sendmsg+0x2b/0x40
[ 85.215042][ T4440] sock_write_iter+0x29c/0x380
[ 85.219842][ T4440] vfs_write+0x712/0xd00
[ 85.224116][ T4440] ksys_write+0x14d/0x250
[ 85.228485][ T4440] do_syscall_64+0x4c/0xa0
[ 85.232944][ T4440] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 85.238887][ T4440] page last free stack trace:
[ 85.243590][ T4440] free_unref_page_prepare+0x637/0x6c0
[ 85.249095][ T4440] free_unref_page+0x94/0x280
[ 85.253818][ T4440] skb_release_data+0x3fa/0x850
[ 85.258705][ T4440] __kfree_skb+0x4c/0x60
[ 85.262986][ T4440] tcp_recvmsg_locked+0x14d5/0x2760
[ 85.268233][ T4440] tcp_recvmsg+0x350/0x710
[ 85.272688][ T4440] inet_recvmsg+0x136/0x1e0
[ 85.277337][ T4440] sock_read_iter+0x2a2/0x340
[ 85.282070][ T4440] vfs_read+0x725/0xcf0
[ 85.285611][ T13] Bluetooth: hci0: command 0x041b tx timeout
[ 85.286301][ T4440] ksys_read+0x14d/0x250
[ 85.296569][ T4440] do_syscall_64+0x4c/0xa0
[ 85.301199][ T4440] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 85.307148][ T4440]
[ 85.309507][ T4440] Memory state around the buggy address:
[ 85.315252][ T4440] ffff8880704b3900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 85.323371][ T4440] ffff8880704b3980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 85.331439][ T4440] >ffff8880704b3a00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 85.339758][ T4440] ^
[ 85.344624][ T4440] ffff8880704b3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 85.352692][ T4440] ffff8880704b3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 85.360754][ T4440] ==================================================================
[ 85.368819][ T4440] Disabling lock debugging due to kernel taint
[ 85.383437][ T4440] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 85.390690][ T4440] CPU: 0 PID: 4440 Comm: syz.0.17 Tainted: G B syzkaller #0
[ 85.399307][ T4440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 85.409622][ T4440] Call Trace:
[ 85.413009][ T4440]
[ 85.415943][ T4440] dump_stack_lvl+0x168/0x230
[ 85.420720][ T4440] ? show_regs_print_info+0x20/0x20
[ 85.425926][ T4440] ? load_image+0x3b0/0x3b0
[ 85.430443][ T4440] panic+0x2c9/0x7f0
[ 85.434357][ T4440] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 85.440532][ T4440] ? bpf_jit_dump+0xd0/0xd0
[ 85.445135][ T4440] ? _raw_spin_unlock_irqrestore+0xf6/0x100
[ 85.451122][ T4440] ? _raw_spin_unlock+0x40/0x40
[ 85.455977][ T4440] ? hfsplus_uni2asc+0x5b9/0x1240
[ 85.461011][ T4440] check_panic_on_warn+0x80/0xa0
[ 85.466085][ T4440] ? hfsplus_uni2asc+0x5b9/0x1240
[ 85.471150][ T4440] end_report+0x6d/0xf0
[ 85.475350][ T4440] kasan_report+0x102/0x130
[ 85.479865][ T4440] ? hfsplus_uni2asc+0x5b9/0x1240
[ 85.484899][ T4440] ? hfsplus_bnode_read+0x265/0x6c0
[ 85.490104][ T4440] hfsplus_uni2asc+0x5b9/0x1240
[ 85.495500][ T4440] ? hfsplus_bnode_read_u16+0x84/0xd0
[ 85.501559][ T4440] hfsplus_listxattr+0x58b/0xb80
[ 85.506519][ T4440] ? hfsplus_getxattr+0xd0/0xd0
[ 85.511378][ T4440] ? user_path_at_empty+0x13e/0x190
[ 85.516591][ T4440] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 85.522615][ T4440] ? rcu_is_watching+0x11/0xa0
[ 85.527403][ T4440] ? kmem_cache_free+0x14c/0x210
[ 85.532434][ T4440] ? bpf_lsm_inode_listxattr+0x5/0x10
[ 85.537824][ T4440] listxattr+0x283/0x2e0
[ 85.542070][ T4440] ? hfsplus_getxattr+0xd0/0xd0
[ 85.547032][ T4440] path_listxattr+0xd9/0x1b0
[ 85.551662][ T4440] ? getxattr+0x370/0x370
[ 85.555999][ T4440] ? lockdep_hardirqs_on+0x94/0x140
[ 85.561228][ T4440] do_syscall_64+0x4c/0xa0
[ 85.565647][ T4440] ? clear_bhb_loop+0x30/0x80
[ 85.570357][ T4440] ? clear_bhb_loop+0x30/0x80
[ 85.575054][ T4440] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 85.580964][ T4440] RIP: 0033:0x7f3ecc861ec9
[ 85.585387][ T4440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 85.605346][ T4440] RSP: 002b:00007ffc3c7fde58 EFLAGS: 00000246 ORIG_RAX: 00000000000000c3
[ 85.614739][ T4440] RAX: ffffffffffffffda RBX: 00007f3eccab8fa0 RCX: 00007f3ecc861ec9
[ 85.623197][ T4440] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000080
[ 85.631380][ T4440] RBP: 00007f3ecc8e4f91 R08: 0000000000000000 R09: 0000000000000000
[ 85.639469][ T4440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 85.647563][ T4440] R13: 00007f3eccab8fa0 R14: 00007f3eccab8fa0 R15: 0000000000000003
[ 85.655582][ T4440]
[ 85.663044][ T4440] Kernel Offset: disabled
[ 85.667457][ T4440] Rebooting in 86400 seconds..