Warning: Permanently added '10.128.1.8' (ED25519) to the list of known hosts.
2026/05/17 14:03:18 parsed 1 programs
[ 86.308232][ T5615] cgroup: Unknown subsys name 'net'
[ 86.549838][ T5615] cgroup: Unknown subsys name 'cpuset'
[ 86.617489][ T5615] cgroup: Unknown subsys name 'rlimit'
[ 86.780134][ T10] cfg80211: failed to load regulatory.db
Setting up swapspace version 1, size = 127995904 bytes
[ 88.277702][ T5615] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 91.829107][ T5640] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 91.862660][ T5640] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 91.872089][ T5640] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 91.873403][ T5640] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 91.876633][ T5640] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 92.606471][ T207] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 92.606492][ T207] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 92.680910][ T3536] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 92.680930][ T3536] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 93.515808][ T5652] bridge0: port 1(bridge_slave_0) entered blocking state
[ 93.516825][ T5652] bridge0: port 1(bridge_slave_0) entered disabled state
[ 93.517700][ T5652] bridge_slave_0: entered allmulticast mode
[ 93.519557][ T5652] bridge_slave_0: entered promiscuous mode
[ 93.531778][ T5652] bridge0: port 2(bridge_slave_1) entered blocking state
[ 93.531892][ T5652] bridge0: port 2(bridge_slave_1) entered disabled state
[ 93.532049][ T5652] bridge_slave_1: entered allmulticast mode
[ 93.534749][ T5652] bridge_slave_1: entered promiscuous mode
[ 93.586784][ T5652] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 93.590603][ T5652] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 93.709383][ T5652] team0: Port device team_slave_0 added
[ 93.711380][ T5652] team0: Port device team_slave_1 added
[ 93.993380][ T5652] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 93.993391][ T5652] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 93.993405][ T5652] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 94.002231][ T5652] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 94.002245][ T5652] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 94.002268][ T5652] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 94.071065][ T5652] hsr_slave_0: entered promiscuous mode
[ 94.072492][ T5652] hsr_slave_1: entered promiscuous mode
[ 94.847493][ T5652] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 94.880033][ T5652] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 94.888678][ T5652] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 94.927406][ T5652] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 94.930172][ T5652] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 94.957273][ T5652] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 94.961209][ T5652] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 94.999794][ T5652] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 95.119427][ T5652] 8021q: adding VLAN 0 to HW filter on device bond0
[ 95.165235][ T5652] 8021q: adding VLAN 0 to HW filter on device team0
[ 95.183387][ T3536] bridge0: port 1(bridge_slave_0) entered blocking state
[ 95.183559][ T3536] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 95.218660][ T3536] bridge0: port 2(bridge_slave_1) entered blocking state
[ 95.218784][ T3536] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 95.651410][ T5652] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 95.728132][ T5652] veth0_vlan: entered promiscuous mode
[ 95.751647][ T5652] veth1_vlan: entered promiscuous mode
[ 95.801921][ T5652] veth0_macvtap: entered promiscuous mode
[ 95.812531][ T5652] veth1_macvtap: entered promiscuous mode
[ 95.837474][ T5652] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 95.859248][ T5652] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 95.875937][ T56] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 95.881780][ T56] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 95.897803][ T56] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 95.909994][ T3536] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.511658][ T56] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 96.869841][ T56] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 97.859453][ T56] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 99.089334][ T56] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 99.914139][ T56] bridge_slave_1: left allmulticast mode
[ 99.914346][ T56] bridge_slave_1: left promiscuous mode
[ 99.920142][ T56] bridge0: port 2(bridge_slave_1) entered disabled state
[ 100.037386][ T56] bridge_slave_0: left allmulticast mode
[ 100.037420][ T56] bridge_slave_0: left promiscuous mode
[ 100.037652][ T56] bridge0: port 1(bridge_slave_0) entered disabled state
[ 100.704718][ T56] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 100.784545][ T56] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 100.829275][ T56] bond0 (unregistering): Released all slaves
[ 100.854149][ T5263] 8021q: adding VLAN 0 to HW filter on device eth1
[ 101.244339][ T56] hsr_slave_0: left promiscuous mode
[ 101.275343][ T56] hsr_slave_1: left promiscuous mode
[ 101.298412][ T56] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 101.298524][ T56] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 101.341896][ T56] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 101.341923][ T56] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 101.516053][ T56] veth1_macvtap: left promiscuous mode
[ 101.516280][ T56] veth0_macvtap: left promiscuous mode
[ 101.516552][ T56] veth1_vlan: left promiscuous mode
[ 101.529005][ T56] veth0_vlan: left promiscuous mode
[ 102.244408][ T56] team0 (unregistering): Port device team_slave_1 removed
[ 102.284330][ T56] team0 (unregistering): Port device team_slave_0 removed
[ 102.457242][ T5263] 8021q: adding VLAN 0 to HW filter on device eth2
[ 103.172340][ T5263] 8021q: adding VLAN 0 to HW filter on device eth3
[ 103.886405][ T5263] 8021q: adding VLAN 0 to HW filter on device eth4
2026/05/17 14:03:39 executed programs: 0
[ 104.382687][ T5640] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 104.401417][ T5640] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 104.402329][ T5640] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 104.403367][ T5640] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 104.404772][ T5640] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 105.438907][ T5797] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.439032][ T5797] bridge0: port 1(bridge_slave_0) entered disabled state
[ 105.439120][ T5797] bridge_slave_0: entered allmulticast mode
[ 105.440687][ T5797] bridge_slave_0: entered promiscuous mode
[ 105.443197][ T5797] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.443322][ T5797] bridge0: port 2(bridge_slave_1) entered disabled state
[ 105.443409][ T5797] bridge_slave_1: entered allmulticast mode
[ 105.450479][ T5797] bridge_slave_1: entered promiscuous mode
[ 105.532898][ T5797] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 105.538724][ T5797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 105.580999][ T5797] team0: Port device team_slave_0 added
[ 105.583056][ T5797] team0: Port device team_slave_1 added
[ 105.626294][ T5797] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 105.626310][ T5797] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 105.626327][ T5797] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 105.629061][ T5797] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 105.629074][ T5797] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 105.629095][ T5797] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 105.714421][ T5797] hsr_slave_0: entered promiscuous mode
[ 105.715638][ T5797] hsr_slave_1: entered promiscuous mode
[ 106.457032][ T59] Bluetooth: hci0: command tx timeout
[ 107.892408][ T5797] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 107.939886][ T5797] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 107.941794][ T5797] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 107.991652][ T5797] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 108.000876][ T5797] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 108.031547][ T5797] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 108.033305][ T5797] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 108.102121][ T5797] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 108.533799][ T59] Bluetooth: hci0: command tx timeout
[ 108.641551][ T5797] 8021q: adding VLAN 0 to HW filter on device bond0
[ 108.679025][ T5797] 8021q: adding VLAN 0 to HW filter on device team0
[ 108.695776][ T1186] bridge0: port 1(bridge_slave_0) entered blocking state
[ 108.695973][ T1186] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 108.712163][ T40] bridge0: port 2(bridge_slave_1) entered blocking state
[ 108.712379][ T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 109.441445][ T5797] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 109.531958][ T5797] veth0_vlan: entered promiscuous mode
[ 109.551549][ T5797] veth1_vlan: entered promiscuous mode
[ 109.609373][ T5797] veth0_macvtap: entered promiscuous mode
[ 109.626566][ T5797] veth1_macvtap: entered promiscuous mode
[ 109.686557][ T5797] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 109.698091][ T5797] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 109.716661][ T56] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 109.717876][ T56] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 109.718751][ T56] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 109.718791][ T56] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 110.204174][ T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.204195][ T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 110.305742][ T1186] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 110.305763][ T1186] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/05/17 14:03:45 executed programs: 2
[ 110.615813][ T59] Bluetooth: hci0: command tx timeout
[ 110.671528][ T5941] loop0: detected capacity change from 0 to 32768
[ 111.262215][ T5942] loop0: detected capacity change from 0 to 32768
[ 111.660416][ T5943] loop0: detected capacity change from 0 to 32768
[ 112.088818][ T5944] loop0: detected capacity change from 0 to 32768
[ 112.468612][ T5945] loop0: detected capacity change from 0 to 32768
[ 112.694273][ T59] Bluetooth: hci0: command tx timeout
[ 112.851505][ T5946] loop0: detected capacity change from 0 to 32768
[ 113.274474][ T5947] loop0: detected capacity change from 0 to 32768
[ 113.669252][ T5948] loop0: detected capacity change from 0 to 32768
[ 114.045862][ T5949] loop0: detected capacity change from 0 to 32768
[ 114.402246][ T5950] loop0: detected capacity change from 0 to 32768
2026/05/17 14:03:50 executed programs: 15
[ 115.859524][ T5955] set_capacity_and_notify: 3 callbacks suppressed
[ 115.859537][ T5955] loop0: detected capacity change from 0 to 32768
[ 116.243853][ T5956] loop0: detected capacity change from 0 to 32768
[ 116.612368][ T5957] loop0: detected capacity change from 0 to 32768
[ 116.973348][ T5960] loop0: detected capacity change from 0 to 32768
[ 117.358182][ T5962] loop0: detected capacity change from 0 to 32768
[ 117.739764][ T5964] loop0: detected capacity change from 0 to 32768
[ 118.076157][ T5966] loop0: detected capacity change from 0 to 32768
[ 118.440167][ T5967] loop0: detected capacity change from 0 to 32768
[ 118.794762][ T5968] loop0: detected capacity change from 0 to 32768
[ 119.131218][ T5969] loop0: detected capacity change from 0 to 32768
2026/05/17 14:03:55 executed programs: 29
[ 120.892437][ T5974] set_capacity_and_notify: 4 callbacks suppressed
[ 120.892449][ T5974] loop0: detected capacity change from 0 to 32768
[ 121.248045][ T5975] loop0: detected capacity change from 0 to 32768
[ 121.627476][ T5976] loop0: detected capacity change from 0 to 32768
[ 121.962626][ T5977] loop0: detected capacity change from 0 to 32768
[ 122.309059][ T5978] loop0: detected capacity change from 0 to 32768
[ 122.658875][ T5979] loop0: detected capacity change from 0 to 32768
[ 122.991294][ T5980] loop0: detected capacity change from 0 to 32768
[ 123.355554][ T5981] loop0: detected capacity change from 0 to 32768
[ 123.707065][ T5982] loop0: detected capacity change from 0 to 32768
[ 124.065754][ T5983] loop0: detected capacity change from 0 to 32768
2026/05/17 14:04:00 executed programs: 44
[ 126.196193][ T5989] set_capacity_and_notify: 5 callbacks suppressed
[ 126.196206][ T5989] loop0: detected capacity change from 0 to 32768
[ 126.568220][ T5990] loop0: detected capacity change from 0 to 32768
[ 126.946938][ T5991] loop0: detected capacity change from 0 to 32768
[ 127.289343][ T5992] loop0: detected capacity change from 0 to 32768
[ 127.656024][ T5993] loop0: detected capacity change from 0 to 32768
[ 128.051012][ T5994] loop0: detected capacity change from 0 to 32768
[ 128.414423][ T5995] loop0: detected capacity change from 0 to 32768
[ 128.770576][ T5996] loop0: detected capacity change from 0 to 32768
[ 129.162625][ T5997] loop0: detected capacity change from 0 to 32768
[ 129.507453][ T5998] loop0: detected capacity change from 0 to 32768
2026/05/17 14:04:06 executed programs: 58
[ 131.305637][ T6003] set_capacity_and_notify: 4 callbacks suppressed
[ 131.305648][ T6003] loop0: detected capacity change from 0 to 32768
[ 131.667267][ T6004] loop0: detected capacity change from 0 to 32768
[ 132.015012][ T6005] loop0: detected capacity change from 0 to 32768
[ 132.367368][ T6006] loop0: detected capacity change from 0 to 32768
[ 132.727235][ T6007] loop0: detected capacity change from 0 to 32768
[ 132.856001][ T1339] ieee802154 phy0 wpan0: encryption failed: -22
[ 132.856090][ T1339] ieee802154 phy1 wpan1: encryption failed: -22
[ 133.077161][ T6008] loop0: detected capacity change from 0 to 32768
[ 133.448073][ T6009] loop0: detected capacity change from 0 to 32768
[ 133.805606][ T6010] loop0: detected capacity change from 0 to 32768
[ 134.179822][ T6011] loop0: detected capacity change from 0 to 32768
[ 134.566359][ T6012] loop0: detected capacity change from 0 to 32768
2026/05/17 14:04:11 executed programs: 72
[ 136.648270][ T6018] set_capacity_and_notify: 5 callbacks suppressed
[ 136.648281][ T6018] loop0: detected capacity change from 0 to 32768
[ 136.999745][ T6019] loop0: detected capacity change from 0 to 32768
[ 137.377083][ T6020] loop0: detected capacity change from 0 to 32768
[ 137.746289][ T6021] loop0: detected capacity change from 0 to 32768
[ 138.079239][ T6022] loop0: detected capacity change from 0 to 32768
[ 138.409944][ T6023] loop0: detected capacity change from 0 to 32768
[ 138.797813][ T6024] loop0: detected capacity change from 0 to 32768
[ 139.148010][ T6025] loop0: detected capacity change from 0 to 32768
[ 139.208754][ T56] ==================================================================
[ 139.208770][ T56] BUG: KASAN: use-after-free in copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 139.208807][ T56] Read of size 4096 at addr ffff88803f1d6000 by task kworker/u8:3/56
[ 139.208823][ T56]
[ 139.208849][ T56] CPU: 0 UID: 0 PID: 56 Comm: kworker/u8:3 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 139.208869][ T56] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 139.208880][ T56] Workqueue: loop0 loop_workfn
[ 139.208918][ T56] Call Trace:
[ 139.208926][ T56]
[ 139.208934][ T56] dump_stack_lvl+0xe8/0x150
[ 139.208955][ T56] print_address_description+0x55/0x1e0
[ 139.208976][ T56] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 139.208994][ T56] print_report+0x58/0x70
[ 139.209012][ T56] kasan_report+0x117/0x150
[ 139.209033][ T56] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 139.209055][ T56] kasan_check_range+0x264/0x2c0
[ 139.209074][ T56] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 139.209092][ T56] __asan_memcpy+0x29/0x70
[ 139.209116][ T56] copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 139.209144][ T56] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[ 139.209163][ T56] ? ktime_get_coarse_real_ts64_mg+0x59/0x1e0
[ 139.209188][ T56] ? shmem_write_begin+0x1ce/0x320
[ 139.209210][ T56] generic_perform_write+0x5b1/0x8b0
[ 139.209235][ T56] ? __pfx_generic_perform_write+0x10/0x10
[ 139.209260][ T56] ? file_update_time_flags+0x3b9/0x4b0
[ 139.209281][ T56] shmem_file_write_iter+0xfb/0x120
[ 139.209305][ T56] lo_rw_aio+0xc80/0xf00
[ 139.209335][ T56] ? __pfx_lo_rw_aio+0x10/0x10
[ 139.209360][ T56] ? kthread_associate_blkcg+0x490/0x600
[ 139.209394][ T56] ? rt_spin_unlock+0x160/0x200
[ 139.209414][ T56] loop_process_work+0x637/0x11b0
[ 139.209446][ T56] ? __pfx_loop_process_work+0x10/0x10
[ 139.209468][ T56] ? __lock_acquire+0x6b5/0x2cf0
[ 139.209490][ T56] ? look_up_lock_class+0x57/0x110
[ 139.209513][ T56] ? register_lock_class+0x31/0x2e0
[ 139.209535][ T56] ? __lock_acquire+0x6b5/0x2cf0
[ 139.209562][ T56] ? trace_hrtimer_start+0x82/0x200
[ 139.209582][ T56] ? do_raw_spin_lock+0x12b/0x2f0
[ 139.209601][ T56] ? lock_acquire+0x106/0x350
[ 139.209623][ T56] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 139.209644][ T56] ? process_scheduled_works+0xa70/0x1860
[ 139.209664][ T56] ? process_scheduled_works+0xa70/0x1860
[ 139.209684][ T56] ? process_scheduled_works+0xa70/0x1860
[ 139.209702][ T56] ? process_scheduled_works+0xa70/0x1860
[ 139.209721][ T56] process_scheduled_works+0xb5d/0x1860
[ 139.209753][ T56] ? __pfx_process_scheduled_works+0x10/0x10
[ 139.209773][ T56] ? assign_work+0x3d5/0x5e0
[ 139.209790][ T56] worker_thread+0xa53/0xfc0
[ 139.209817][ T56] kthread+0x388/0x470
[ 139.209839][ T56] ? __pfx_worker_thread+0x10/0x10
[ 139.209856][ T56] ? __pfx_kthread+0x10/0x10
[ 139.209879][ T56] ret_from_fork+0x514/0xb70
[ 139.209900][ T56] ? __pfx_ret_from_fork+0x10/0x10
[ 139.209918][ T56] ? __switch_to+0xc79/0x1410
[ 139.209944][ T56] ? __pfx_kthread+0x10/0x10
[ 139.209966][ T56] ret_from_fork_asm+0x1a/0x30
[ 139.209995][ T56]
[ 139.210002][ T56]
[ 139.210006][ T56] The buggy address belongs to the physical page:
[ 139.210027][ T56] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x3c pfn:0x3f1d6
[ 139.210044][ T56] flags: 0x80000000000000(node=0|zone=1)
[ 139.210069][ T56] raw: 0080000000000000 ffffea0000dac8c8 ffffea0000e14548 0000000000000000
[ 139.210083][ T56] raw: 000000000000003c 0000000000000000 00000000ffffffff 0000000000000000
[ 139.210091][ T56] page dumped because: kasan: bad access detected
[ 139.210103][ T56] page_owner tracks the page as freed
[ 139.210110][ T56] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xdc0(GFP_KERNEL|__GFP_ZERO), pid 6025, tgid 6025 (syz.0.95), ts 139164051352, free_ts 139208266879
[ 139.210138][ T56] post_alloc_hook+0x231/0x280
[ 139.210156][ T56] get_page_from_freelist+0x27c8/0x2840
[ 139.210177][ T56] __alloc_frozen_pages_noprof+0x18d/0x380
[ 139.210194][ T56] alloc_pages_mpol+0xd1/0x380
[ 139.210211][ T56] alloc_pages_noprof+0xd2/0x2f0
[ 139.210227][ T56] lmLogInit+0x357/0x1a00
[ 139.210246][ T56] lmLogOpen+0x4e1/0xfa0
[ 139.210264][ T56] jfs_mount_rw+0xee/0x670
[ 139.210282][ T56] jfs_fill_super+0x754/0xd80
[ 139.210296][ T56] get_tree_bdev_flags+0x431/0x4f0
[ 139.210314][ T56] vfs_get_tree+0x92/0x2a0
[ 139.210332][ T56] do_new_mount+0x341/0xd30
[ 139.210352][ T56] __se_sys_mount+0x31d/0x420
[ 139.210381][ T56] do_syscall_64+0x15f/0xf80
[ 139.210402][ T56] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 139.210420][ T56] page last free pid 5797 tgid 5797 stack trace:
[ 139.210430][ T56] __free_frozen_pages+0xfa6/0x10f0
[ 139.210448][ T56] lmLogShutdown+0x44e/0x850
[ 139.210468][ T56] lmLogClose+0x28a/0x520
[ 139.210487][ T56] jfs_umount+0x2fb/0x3d0
[ 139.210505][ T56] jfs_put_super+0x8c/0x190
[ 139.210520][ T56] generic_shutdown_super+0x13d/0x2d0
[ 139.210534][ T56] kill_block_super+0x44/0x90
[ 139.210550][ T56] deactivate_locked_super+0xbc/0x130
[ 139.210564][ T56] cleanup_mnt+0x437/0x4d0
[ 139.210580][ T56] task_work_run+0x1d9/0x270
[ 139.210601][ T56] exit_to_user_mode_loop+0xf3/0x4d0
[ 139.210620][ T56] do_syscall_64+0x33e/0xf80
[ 139.210639][ T56] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 139.210655][ T56]
[ 139.210660][ T56] Memory state around the buggy address:
[ 139.210668][ T56] ffff88803f1d5f00: fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb fb
[ 139.210678][ T56] ffff88803f1d5f80: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc
[ 139.210688][ T56] >ffff88803f1d6000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 139.210696][ T56] ^
[ 139.210704][ T56] ffff88803f1d6080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 139.210715][ T56] ffff88803f1d6100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 139.210724][ T56] ==================================================================
[ 139.213158][ T56] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 139.213178][ T56] CPU: 0 UID: 0 PID: 56 Comm: kworker/u8:3 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 139.213199][ T56] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 139.213209][ T56] Workqueue: loop0 loop_workfn
[ 139.213237][ T56] Call Trace:
[ 139.213243][ T56]
[ 139.213250][ T56] vpanic+0x56c/0xa60
[ 139.213273][ T56] ? __pfx_vpanic+0x10/0x10
[ 139.213297][ T56] panic+0xc5/0xd0
[ 139.213317][ T56] ? __pfx_panic+0x10/0x10
[ 139.213338][ T56] ? preempt_schedule_thunk+0x16/0x30
[ 139.213365][ T56] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 139.213392][ T56] ? preempt_schedule_thunk+0x16/0x30
[ 139.213417][ T56] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 139.213434][ T56] check_panic_on_warn+0x89/0xb0
[ 139.213459][ T56] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 139.213477][ T56] end_report+0x73/0x170
[ 139.213497][ T56] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 139.213515][ T56] kasan_report+0x128/0x150
[ 139.213536][ T56] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 139.213558][ T56] kasan_check_range+0x264/0x2c0
[ 139.213578][ T56] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 139.213595][ T56] __asan_memcpy+0x29/0x70
[ 139.213620][ T56] copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 139.213649][ T56] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[ 139.213667][ T56] ? ktime_get_coarse_real_ts64_mg+0x59/0x1e0
[ 139.213692][ T56] ? shmem_write_begin+0x1ce/0x320
[ 139.213711][ T56] generic_perform_write+0x5b1/0x8b0
[ 139.213734][ T56] ? __pfx_generic_perform_write+0x10/0x10
[ 139.213755][ T56] ? file_update_time_flags+0x3b9/0x4b0
[ 139.213771][ T56] shmem_file_write_iter+0xfb/0x120
[ 139.213791][ T56] lo_rw_aio+0xc80/0xf00
[ 139.213815][ T56] ? __pfx_lo_rw_aio+0x10/0x10
[ 139.213834][ T56] ? kthread_associate_blkcg+0x490/0x600
[ 139.213853][ T56] ? rt_spin_unlock+0x160/0x200
[ 139.213869][ T56] loop_process_work+0x637/0x11b0
[ 139.213894][ T56] ? __pfx_loop_process_work+0x10/0x10
[ 139.213912][ T56] ? __lock_acquire+0x6b5/0x2cf0
[ 139.213930][ T56] ? look_up_lock_class+0x57/0x110
[ 139.213950][ T56] ? register_lock_class+0x31/0x2e0
[ 139.213969][ T56] ? __lock_acquire+0x6b5/0x2cf0
[ 139.213990][ T56] ? trace_hrtimer_start+0x82/0x200
[ 139.214010][ T56] ? do_raw_spin_lock+0x12b/0x2f0
[ 139.214027][ T56] ? lock_acquire+0x106/0x350
[ 139.214048][ T56] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 139.214065][ T56] ? process_scheduled_works+0xa70/0x1860
[ 139.214081][ T56] ? process_scheduled_works+0xa70/0x1860
[ 139.214098][ T56] ? process_scheduled_works+0xa70/0x1860
[ 139.214113][ T56] ? process_scheduled_works+0xa70/0x1860
[ 139.214130][ T56] process_scheduled_works+0xb5d/0x1860
[ 139.214156][ T56] ? __pfx_process_scheduled_works+0x10/0x10
[ 139.214175][ T56] ? assign_work+0x3d5/0x5e0
[ 139.214194][ T56] worker_thread+0xa53/0xfc0
[ 139.214221][ T56] kthread+0x388/0x470
[ 139.214242][ T56] ? __pfx_worker_thread+0x10/0x10
[ 139.214259][ T56] ? __pfx_kthread+0x10/0x10
[ 139.214279][ T56] ret_from_fork+0x514/0xb70
[ 139.214299][ T56] ? __pfx_ret_from_fork+0x10/0x10
[ 139.214317][ T56] ? __switch_to+0xc79/0x1410
[ 139.214343][ T56] ? __pfx_kthread+0x10/0x10
[ 139.214364][ T56] ret_from_fork_asm+0x1a/0x30
[ 139.214402][ T56]
[ 139.214710][ T56] Kernel Offset: disabled