Warning: Permanently added '[localhost]:64965' (ED25519) to the list of known hosts.
2026/01/27 17:07:00 parsed 1 programs
syzkaller login: [   88.682888][ T5312] cgroup: Unknown subsys name 'net'
[   88.750666][ T5312] cgroup: Unknown subsys name 'cpuset'
[   88.754452][ T5312] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   90.431250][ T5312] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   91.505106][ T5312] ODEBUG: Out of memory. ODEBUG disabled
[   91.855165][   T10] cfg80211: failed to load regulatory.db
[   95.993680][ T5331] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   96.921628][ T5341] chnl_net:caif_netlink_parms(): no params data found
[   97.046095][ T5341] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.057002][ T5341] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.060169][ T5341] bridge_slave_0: entered allmulticast mode
[   97.077618][ T5341] bridge_slave_0: entered promiscuous mode
[   97.083201][ T5341] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.086380][ T5341] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.096936][ T5341] bridge_slave_1: entered allmulticast mode
[   97.100765][ T5341] bridge_slave_1: entered promiscuous mode
[   97.162235][ T5341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   97.180468][ T5341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   97.238004][ T5341] team0: Port device team_slave_0 added
[   97.248158][ T5341] team0: Port device team_slave_1 added
[   97.289724][ T5341] batman_adv: batadv0: Adding interface: batadv_slave_0
[   97.292771][ T5341] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   97.326906][ T5341] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   97.332938][ T5341] batman_adv: batadv0: Adding interface: batadv_slave_1
[   97.335722][ T5341] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   97.357352][ T5341] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   97.433561][ T5341] hsr_slave_0: entered promiscuous mode
[   97.437791][ T5341] hsr_slave_1: entered promiscuous mode
[   97.710595][ T5341] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   97.731595][ T5341] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   97.760387][ T5341] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   97.768470][ T5341] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   97.905336][ T5341] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.940330][ T5341] 8021q: adding VLAN 0 to HW filter on device team0
[   97.948702][ T3049] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.952001][ T3049] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.977990][   T38] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.981163][   T38] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.260018][ T5341] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.322191][ T5341] veth0_vlan: entered promiscuous mode
[   98.343378][ T5341] veth1_vlan: entered promiscuous mode
[   98.386626][ T5341] veth0_macvtap: entered promiscuous mode
[   98.393016][ T5341] veth1_macvtap: entered promiscuous mode
[   98.411811][ T5341] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.424909][ T5341] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.435106][   T38] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.440217][   T38] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.445118][   T38] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.469399][   T38] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.568904][ T1092] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.605109][ T1092] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.645829][ T1092] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.693743][ T1092] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.839991][ T3049] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.843759][ T3049] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.873345][   T38] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.876546][   T38] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.941667][ T1092] bridge_slave_1: left allmulticast mode
[  100.944351][ T1092] bridge_slave_1: left promiscuous mode
[  100.947308][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.988575][ T1092] bridge_slave_0: left allmulticast mode
[  100.990791][ T1092] bridge_slave_0: left promiscuous mode
[  100.993083][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.678334][ T1092] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  101.694602][ T1092] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  101.718136][ T1092] bond0 (unregistering): Released all slaves
[  101.809471][ T1092] hsr_slave_0: left promiscuous mode
[  101.845484][ T1092] hsr_slave_1: left promiscuous mode
[  101.851437][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  101.854739][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_0
[  101.888855][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  101.892317][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_1
[  101.954227][ T1092] veth1_macvtap: left promiscuous mode
[  101.956532][ T1092] veth0_macvtap: left promiscuous mode
[  101.967283][ T1092] veth1_vlan: left promiscuous mode
[  101.969748][ T1092] veth0_vlan: left promiscuous mode
[  102.438267][ T1092] team0 (unregistering): Port device team_slave_1 removed
[  102.461614][ T1092] team0 (unregistering): Port device team_slave_0 removed
[  105.382794][ T5441] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  105.388174][ T5441] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  105.397899][ T5441] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  105.401804][ T5441] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  105.405105][ T5441] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2026/01/27 17:07:20 executed programs: 0
[  106.237880][ T4672] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  106.241769][ T4672] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  106.244962][ T4672] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  106.249828][ T4672] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  106.253337][ T4672] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  106.413429][ T5453] chnl_net:caif_netlink_parms(): no params data found
[  106.513255][ T5453] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.516435][ T5453] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.519963][ T5453] bridge_slave_0: entered allmulticast mode
[  106.523422][ T5453] bridge_slave_0: entered promiscuous mode
[  106.528039][ T5453] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.530814][ T5453] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.534007][ T5453] bridge_slave_1: entered allmulticast mode
[  106.538374][ T5453] bridge_slave_1: entered promiscuous mode
[  106.559589][ T5453] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  106.565720][ T5453] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  106.588962][ T5453] team0: Port device team_slave_0 added
[  106.593241][ T5453] team0: Port device team_slave_1 added
[  106.616642][ T5453] batman_adv: batadv0: Adding interface: batadv_slave_0
[  106.620244][ T5453] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  106.631284][ T5453] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  106.637274][ T5453] batman_adv: batadv0: Adding interface: batadv_slave_1
[  106.640013][ T5453] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  106.651748][ T5453] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  106.689166][ T5453] hsr_slave_0: entered promiscuous mode
[  106.692432][ T5453] hsr_slave_1: entered promiscuous mode
[  107.099407][ T5453] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  107.115307][ T5453] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  107.129412][ T5453] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  107.148745][ T5453] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  107.189271][ T5453] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.192671][ T5453] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.196017][ T5453] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.199086][ T5453] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.303737][ T5453] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.344190][ T5453] 8021q: adding VLAN 0 to HW filter on device team0
[  107.356196][   T31] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.368098][   T31] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.393308][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.396209][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.409886][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.412829][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.735064][ T5453] 8021q: adding VLAN 0 to HW filter on device batadv0
[  107.799291][ T5453] veth0_vlan: entered promiscuous mode
[  107.805748][ T5453] veth1_vlan: entered promiscuous mode
[  107.854830][ T5453] veth0_macvtap: entered promiscuous mode
[  107.860742][ T5453] veth1_macvtap: entered promiscuous mode
[  107.898365][ T5453] batman_adv: batadv0: Interface activated: batadv_slave_0
[  107.912509][ T5453] batman_adv: batadv0: Interface activated: batadv_slave_1
[  107.941181][   T38] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  107.953374][   T38] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  107.964040][   T38] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  107.981643][   T38] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  108.049981][   T38] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.053171][   T38] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.100448][   T38] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.103859][   T38] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.328594][ T4672] Bluetooth: hci0: command tx timeout
[  108.765929][ T5497] loop0: detected capacity change from 0 to 32768
[  108.883622][  T103] BUG: spinlock bad magic on CPU#0, jfsCommit/103
[  108.886506][  T103] ==================================================================
[  108.889932][  T103] BUG: KASAN: slab-out-of-bounds in string+0x231/0x2b0
[  108.893016][  T103] Read of size 1 at addr ffff888044bb52f8 by task jfsCommit/103
[  108.896210][  T103] 
[  108.897400][  T103] CPU: 0 UID: 0 PID: 103 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  108.897431][  T103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  108.897438][  T103] Call Trace:
[  108.897462][  T103]  <TASK>
[  108.897483][  T103]  dump_stack_lvl+0xe8/0x150
[  108.897594][  T103]  print_report+0xba/0x230
[  108.897608][  T103]  ? string+0x231/0x2b0
[  108.897626][  T103]  kasan_report+0x117/0x150
[  108.897691][  T103]  ? number+0x61/0xf80
[  108.897702][  T103]  ? string+0x231/0x2b0
[  108.897714][  T103]  string+0x231/0x2b0
[  108.897727][  T103]  vsnprintf+0x739/0xee0
[  108.897741][  T103]  vprintk_store+0x371/0xd50
[  108.897789][  T103]  ? __pfx_vprintk_store+0x10/0x10
[  108.897800][  T103]  ? __irq_work_queue_local+0x1f2/0x540
[  108.897813][  T103]  ? __pfx___irq_work_queue_local+0x10/0x10
[  108.897823][  T103]  ? console_unlock+0x150/0x1c0
[  108.897833][  T103]  ? do_raw_spin_unlock+0x4d/0x210
[  108.897847][  T103]  ? is_printk_cpu_sync_owner+0x32/0x40
[  108.897861][  T103]  vprintk_emit+0x192/0x560
[  108.897871][  T103]  ? is_module_address+0x17/0xf0
[  108.897885][  T103]  ? __pfx_vprintk_emit+0x10/0x10
[  108.897895][  T103]  ? is_dynamic_key+0x1ac/0x1c0
[  108.897911][  T103]  _printk+0xdd/0x130
[  108.897926][  T103]  ? __pfx__printk+0x10/0x10
[  108.897942][  T103]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  108.897959][  T103]  spin_dump+0x101/0x1a0
[  108.897974][  T103]  do_raw_spin_lock+0x1e5/0x2f0
[  108.897985][  T103]  ? __wake_up_common_lock+0x2f/0x1f0
[  108.897999][  T103]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  108.898012][  T103]  _raw_spin_lock_irqsave+0x4c/0x60
[  108.898027][  T103]  __wake_up_common_lock+0x2f/0x1f0
[  108.898042][  T103]  release_metapage+0x13c/0xac0
[  108.898089][  T103]  ? txFreeMap+0xb19/0xde0
[  108.898103][  T103]  ? do_raw_spin_unlock+0x4d/0x210
[  108.898115][  T103]  xtTruncate+0xecd/0x2f20
[  108.898133][  T103]  ? __pfx_xtTruncate+0x10/0x10
[  108.898148][  T103]  ? __mark_inode_dirty+0x6a8/0x1320
[  108.898162][  T103]  ? __asan_memset+0x22/0x50
[  108.898175][  T103]  ? __dquot_initialize+0x21b/0xd30
[  108.898189][  T103]  jfs_free_zero_link+0x35b/0x4c0
[  108.898200][  T103]  ? __pfx_jfs_free_zero_link+0x10/0x10
[  108.898210][  T103]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  108.898222][  T103]  ? do_raw_spin_lock+0x12b/0x2f0
[  108.898235][  T103]  jfs_evict_inode+0x363/0x440
[  108.898244][  T103]  ? evict+0x612/0xb10
[  108.898256][  T103]  ? __pfx_jfs_evict_inode+0x10/0x10
[  108.898265][  T103]  evict+0x61e/0xb10
[  108.898276][  T103]  ? __pfx_evict+0x10/0x10
[  108.898284][  T103]  ? _raw_spin_unlock+0x28/0x50
[  108.898293][  T103]  ? iput+0xcc2/0x1020
[  108.898301][  T103]  jfs_lazycommit+0x43d/0xaa0
[  108.898310][  T103]  ? __pfx_jfs_lazycommit+0x10/0x10
[  108.898319][  T103]  ? __pfx_default_wake_function+0x10/0x10
[  108.898329][  T103]  ? __kthread_parkme+0x7a/0x1f0
[  108.898335][  T103]  ? __kthread_parkme+0x19c/0x1f0
[  108.898342][  T103]  kthread+0x726/0x8b0
[  108.898350][  T103]  ? __pfx_jfs_lazycommit+0x10/0x10
[  108.898359][  T103]  ? __pfx_kthread+0x10/0x10
[  108.898366][  T103]  ? _raw_spin_unlock_irq+0x23/0x50
[  108.898375][  T103]  ? __pfx_kthread+0x10/0x10
[  108.898386][  T103]  ret_from_fork+0x51b/0xa40
[  108.898396][  T103]  ? __pfx_ret_from_fork+0x10/0x10
[  108.898411][  T103]  ? __switch_to+0xc82/0x1410
[  108.898426][  T103]  ? __pfx_kthread+0x10/0x10
[  108.898437][  T103]  ret_from_fork_asm+0x1a/0x30
[  108.898455][  T103]  </TASK>
[  108.898479][  T103] 
[  109.045838][  T103] The buggy address belongs to the object at ffff888044bb5268
[  109.045838][  T103]  which belongs to the cache jfs_ip of size 2216
[  109.051335][  T103] The buggy address is located 144 bytes inside of
[  109.051335][  T103]  allocated 2216-byte region [ffff888044bb5268, ffff888044bb5b10)
[  109.057223][  T103] 
[  109.058236][  T103] The buggy address belongs to the physical page:
[  109.060983][  T103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x44bb0
[  109.064696][  T103] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  109.068306][  T103] memcg:ffff88803feccd01
[  109.070120][  T103] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  109.073500][  T103] page_type: f5(slab)
[  109.075219][  T103] raw: 04fff00000000040 ffff888000179c80 dead000000000122 0000000000000000
[  109.078841][  T103] raw: 0000000000000000 00000000800d000d 00000000f5000000 ffff88803feccd01
[  109.082557][  T103] head: 04fff00000000040 ffff888000179c80 dead000000000122 0000000000000000
[  109.086440][  T103] head: 0000000000000000 00000000800d000d 00000000f5000000 ffff88803feccd01
[  109.090451][  T103] head: 04fff00000000003 ffffea000112ec01 00000000ffffffff 00000000ffffffff
[  109.094211][  T103] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  109.097837][  T103] page dumped because: kasan: bad access detected
[  109.100527][  T103] page_owner tracks the page as allocated
[  109.102996][  T103] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd2050(__GFP_RECLAIMABLE|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5497, tgid 5497 (syz.0.17), ts 108782347780, free_ts 97667862248
[  109.112192][  T103]  post_alloc_hook+0x228/0x280
[  109.114289][  T103]  get_page_from_freelist+0x24dc/0x2580
[  109.116995][  T103]  __alloc_frozen_pages_noprof+0x18d/0x380
[  109.119474][  T103]  alloc_pages_mpol+0x232/0x4a0
[  109.121619][  T103]  allocate_slab+0x86/0x3a0
[  109.123575][  T103]  ___slab_alloc+0xd82/0x1760
[  109.125625][  T103]  __slab_alloc+0x65/0x100
[  109.127557][  T103]  kmem_cache_alloc_lru_noprof+0x3ed/0x6c0
[  109.130119][  T103]  jfs_alloc_inode+0x28/0x70
[  109.132156][  T103]  alloc_inode+0x6a/0x1b0
[  109.134052][  T103]  new_inode+0x22/0x170
[  109.135890][  T103]  jfs_fill_super+0x569/0xd80
[  109.137986][  T103]  get_tree_bdev_flags+0x431/0x4f0
[  109.140243][  T103]  vfs_get_tree+0x92/0x2a0
[  109.142311][  T103]  do_new_mount+0x329/0xa50
[  109.144182][  T103]  __se_sys_mount+0x31d/0x420
[  109.146213][  T103] page last free pid 73 tgid 73 stack trace:
[  109.148525][  T103]  __free_frozen_pages+0xbf8/0xd70
[  109.150504][  T103]  __slab_free+0x2ce/0x320
[  109.152259][  T103]  qlist_free_all+0x97/0x100
[  109.154044][  T103]  kasan_quarantine_reduce+0x148/0x160
[  109.156158][  T103]  __kasan_slab_alloc+0x22/0x80
[  109.158062][  T103]  kmem_cache_alloc_node_noprof+0x427/0x6f0
[  109.160453][  T103]  zswap_store+0xb68/0x1f80
[  109.162321][  T103]  swap_writeout+0x70c/0xd70
[  109.164281][  T103]  shrink_folio_list+0x332f/0x5160
[  109.166469][  T103]  evict_folios+0x4795/0x5880
[  109.168454][  T103]  try_to_shrink_lruvec+0x88b/0xb20
[  109.170636][  T103]  shrink_one+0x25c/0x710
[  109.172522][  T103]  shrink_node+0x2f8b/0x35f0
[  109.174524][  T103]  kswapd+0x144c/0x2800
[  109.176209][  T103]  kthread+0x726/0x8b0
[  109.177880][  T103]  ret_from_fork+0x51b/0xa40
[  109.179698][  T103] 
[  109.180640][  T103] Memory state around the buggy address:
[  109.182813][  T103]  ffff888044bb5180: 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc
[  109.185874][  T103]  ffff888044bb5200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  109.189036][  T103] >ffff888044bb5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  109.192540][  T103]                                                                 ^
[  109.195916][  T103]  ffff888044bb5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  109.199361][  T103]  ffff888044bb5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  109.202909][  T103] ==================================================================
[  109.206344][  T103] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  109.209461][  T103] CPU: 0 UID: 0 PID: 103 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  109.213496][  T103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  109.217971][  T103] Call Trace:
[  109.219478][  T103]  <TASK>
[  109.222459][  T103]  vpanic+0x1e0/0x670
[  109.224527][  T103]  panic+0xc5/0xd0
[  109.226076][  T103]  ? __pfx_panic+0x10/0x10
[  109.228061][  T103]  ? string+0x231/0x2b0
[  109.229890][  T103]  ? rcu_is_watching+0x15/0xb0
[  109.232024][  T103]  ? string+0x231/0x2b0
[  109.233915][  T103]  ? string+0x231/0x2b0
[  109.235753][  T103]  check_panic_on_warn+0x89/0xb0
[  109.237951][  T103]  ? string+0x231/0x2b0
[  109.239737][  T103]  end_report+0x6f/0x140
[  109.242455][  T103]  kasan_report+0x128/0x150
[  109.244482][  T103]  ? number+0x61/0xf80
[  109.246290][  T103]  ? string+0x231/0x2b0
[  109.248167][  T103]  string+0x231/0x2b0
[  109.250016][  T103]  vsnprintf+0x739/0xee0
[  109.251880][  T103]  vprintk_store+0x371/0xd50
[  109.253952][  T103]  ? __pfx_vprintk_store+0x10/0x10
[  109.256082][  T103]  ? __irq_work_queue_local+0x1f2/0x540
[  109.258423][  T103]  ? __pfx___irq_work_queue_local+0x10/0x10
[  109.260895][  T103]  ? console_unlock+0x150/0x1c0
[  109.263009][  T103]  ? do_raw_spin_unlock+0x4d/0x210
[  109.265249][  T103]  ? is_printk_cpu_sync_owner+0x32/0x40
[  109.267524][  T103]  vprintk_emit+0x192/0x560
[  109.269459][  T103]  ? is_module_address+0x17/0xf0
[  109.271650][  T103]  ? __pfx_vprintk_emit+0x10/0x10
[  109.273935][  T103]  ? is_dynamic_key+0x1ac/0x1c0
[  109.276077][  T103]  _printk+0xdd/0x130
[  109.277801][  T103]  ? __pfx__printk+0x10/0x10
[  109.279882][  T103]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  109.282505][  T103]  spin_dump+0x101/0x1a0
[  109.284384][  T103]  do_raw_spin_lock+0x1e5/0x2f0
[  109.286521][  T103]  ? __wake_up_common_lock+0x2f/0x1f0
[  109.289066][  T103]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  109.291492][  T103]  _raw_spin_lock_irqsave+0x4c/0x60
[  109.293719][  T103]  __wake_up_common_lock+0x2f/0x1f0
[  109.295787][  T103]  release_metapage+0x13c/0xac0
[  109.297892][  T103]  ? txFreeMap+0xb19/0xde0
[  109.299830][  T103]  ? do_raw_spin_unlock+0x4d/0x210
[  109.302042][  T103]  xtTruncate+0xecd/0x2f20
[  109.304114][  T103]  ? __pfx_xtTruncate+0x10/0x10
[  109.306259][  T103]  ? __mark_inode_dirty+0x6a8/0x1320
[  109.308656][  T103]  ? __asan_memset+0x22/0x50
[  109.310715][  T103]  ? __dquot_initialize+0x21b/0xd30
[  109.312967][  T103]  jfs_free_zero_link+0x35b/0x4c0
[  109.315186][  T103]  ? __pfx_jfs_free_zero_link+0x10/0x10
[  109.317701][  T103]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  109.320413][  T103]  ? do_raw_spin_lock+0x12b/0x2f0
[  109.322641][  T103]  jfs_evict_inode+0x363/0x440
[  109.324692][  T103]  ? evict+0x612/0xb10
[  109.326478][  T103]  ? __pfx_jfs_evict_inode+0x10/0x10
[  109.328633][  T103]  evict+0x61e/0xb10
[  109.330399][  T103]  ? __pfx_evict+0x10/0x10
[  109.332862][  T103]  ? _raw_spin_unlock+0x28/0x50
[  109.335179][  T103]  ? iput+0xcc2/0x1020
[  109.336931][  T103]  jfs_lazycommit+0x43d/0xaa0
[  109.338838][  T103]  ? __pfx_jfs_lazycommit+0x10/0x10
[  109.340893][  T103]  ? __pfx_default_wake_function+0x10/0x10
[  109.343545][  T103]  ? __kthread_parkme+0x7a/0x1f0
[  109.345691][  T103]  ? __kthread_parkme+0x19c/0x1f0
[  109.347786][  T103]  kthread+0x726/0x8b0
[  109.349677][  T103]  ? __pfx_jfs_lazycommit+0x10/0x10
[  109.351753][  T103]  ? __pfx_kthread+0x10/0x10
[  109.353672][  T103]  ? _raw_spin_unlock_irq+0x23/0x50
[  109.356214][  T103]  ? __pfx_kthread+0x10/0x10
[  109.358463][  T103]  ret_from_fork+0x51b/0xa40
[  109.360710][  T103]  ? __pfx_ret_from_fork+0x10/0x10
[  109.363369][  T103]  ? __switch_to+0xc82/0x1410
[  109.365608][  T103]  ? __pfx_kthread+0x10/0x10
[  109.367676][  T103]  ret_from_fork_asm+0x1a/0x30
[  109.369672][  T103]  </TASK>
[  109.371355][  T103] Kernel Offset: disabled
[  109.373194][  T103] Rebooting in 86400 seconds..