Warning: Permanently added '10.128.0.89' (ED25519) to the list of known hosts.
2026/05/27 18:25:18 parsed 1 programs
[ 98.161069][ T5618] cgroup: Unknown subsys name 'net'
[ 98.386050][ T5618] cgroup: Unknown subsys name 'cpuset'
[ 98.437923][ T5618] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 100.401745][ T5618] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 105.570405][ T1021] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.570428][ T1021] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.636927][ T1021] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.636950][ T1021] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 107.920371][ T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 107.924960][ T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 107.940911][ T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 107.942371][ T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 107.943058][ T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 110.400503][ T5699] bridge0: port 1(bridge_slave_0) entered blocking state
[ 110.401612][ T5699] bridge0: port 1(bridge_slave_0) entered disabled state
[ 110.401961][ T5699] bridge_slave_0: entered allmulticast mode
[ 110.403619][ T5699] bridge_slave_0: entered promiscuous mode
[ 110.422378][ T5699] bridge0: port 2(bridge_slave_1) entered blocking state
[ 110.422544][ T5699] bridge0: port 2(bridge_slave_1) entered disabled state
[ 110.422758][ T5699] bridge_slave_1: entered allmulticast mode
[ 110.425665][ T5699] bridge_slave_1: entered promiscuous mode
[ 110.478164][ T5699] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 110.480848][ T5699] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 110.524197][ T5699] team0: Port device team_slave_0 added
[ 110.528805][ T5699] team0: Port device team_slave_1 added
[ 110.589387][ T5699] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 110.589405][ T5699] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 110.589422][ T5699] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 110.591768][ T5699] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 110.591783][ T5699] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 110.591802][ T5699] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 110.679835][ T5699] hsr_slave_0: entered promiscuous mode
[ 110.681293][ T5699] hsr_slave_1: entered promiscuous mode
[ 111.540727][ T5699] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 111.581353][ T5699] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 111.582530][ T5699] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 111.613065][ T5699] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 111.615328][ T5699] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 111.650973][ T5699] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 111.651902][ T5699] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 111.692318][ T5699] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 111.889290][ T5699] 8021q: adding VLAN 0 to HW filter on device bond0
[ 111.941112][ T5699] 8021q: adding VLAN 0 to HW filter on device team0
[ 111.968897][ T1127] bridge0: port 1(bridge_slave_0) entered blocking state
[ 111.969055][ T1127] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 111.992965][ T126] bridge0: port 2(bridge_slave_1) entered blocking state
[ 111.994314][ T126] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 112.626648][ T5699] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 112.729381][ T5699] veth0_vlan: entered promiscuous mode
[ 112.751712][ T5699] veth1_vlan: entered promiscuous mode
[ 112.814203][ T5699] veth0_macvtap: entered promiscuous mode
[ 112.824460][ T5699] veth1_macvtap: entered promiscuous mode
[ 112.864482][ T5699] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 112.885130][ T5699] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 112.911158][ T1127] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.919205][ T1127] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.936459][ T1127] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.939084][ T1127] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2026/05/27 18:25:37 executed programs: 0
[ 114.442668][ T1309] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 114.530758][ T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 114.562479][ T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 114.564909][ T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 114.568607][ T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 114.569367][ T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 115.191510][ T1309] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 115.470026][ T1309] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 115.529037][ T5745] bridge0: port 1(bridge_slave_0) entered blocking state
[ 115.529220][ T5745] bridge0: port 1(bridge_slave_0) entered disabled state
[ 115.529331][ T5745] bridge_slave_0: entered allmulticast mode
[ 115.533163][ T5745] bridge_slave_0: entered promiscuous mode
[ 115.539002][ T5745] bridge0: port 2(bridge_slave_1) entered blocking state
[ 115.539203][ T5745] bridge0: port 2(bridge_slave_1) entered disabled state
[ 115.539378][ T5745] bridge_slave_1: entered allmulticast mode
[ 115.542142][ T5745] bridge_slave_1: entered promiscuous mode
[ 115.614456][ T5745] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 115.629212][ T5745] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 115.813543][ T1309] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 115.865183][ T5745] team0: Port device team_slave_0 added
[ 115.870959][ T5745] team0: Port device team_slave_1 added
[ 115.915348][ T5745] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 115.915366][ T5745] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 115.915386][ T5745] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 115.925629][ T5745] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 115.925645][ T5745] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 115.925668][ T5745] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 116.013538][ T5745] hsr_slave_0: entered promiscuous mode
[ 116.014379][ T5745] hsr_slave_1: entered promiscuous mode
[ 116.015107][ T5745] debugfs: 'hsr0' already exists in 'hsr'
[ 116.015195][ T5745] Cannot create hsr debugfs directory
[ 116.589680][ T4919] Bluetooth: hci0: command tx timeout
[ 116.717104][ T1309] bridge_slave_1: left allmulticast mode
[ 116.717337][ T1309] bridge_slave_1: left promiscuous mode
[ 116.721944][ T1309] bridge0: port 2(bridge_slave_1) entered disabled state
[ 116.847839][ T1309] bridge_slave_0: left allmulticast mode
[ 116.847866][ T1309] bridge_slave_0: left promiscuous mode
[ 116.848565][ T1309] bridge0: port 1(bridge_slave_0) entered disabled state
[ 117.799595][ T1309] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 117.877442][ T1309] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 117.918824][ T1309] bond0 (unregistering): Released all slaves
[ 118.222724][ T5265] 8021q: adding VLAN 0 to HW filter on device eth1
[ 118.679304][ T4919] Bluetooth: hci0: command tx timeout
[ 118.766746][ T1309] hsr_slave_0: left promiscuous mode
[ 118.806814][ T1309] hsr_slave_1: left promiscuous mode
[ 118.807903][ T1309] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 118.807972][ T1309] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 118.859749][ T1309] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 118.859778][ T1309] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 118.941662][ T1309] veth1_macvtap: left promiscuous mode
[ 118.941832][ T1309] veth0_macvtap: left promiscuous mode
[ 118.942017][ T1309] veth1_vlan: left promiscuous mode
[ 118.942210][ T1309] veth0_vlan: left promiscuous mode
[ 119.677753][ T1309] team0 (unregistering): Port device team_slave_1 removed
[ 119.717261][ T1309] team0 (unregistering): Port device team_slave_0 removed
[ 120.648525][ T5745] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 120.695127][ T5745] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 120.697300][ T5745] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 120.747111][ T4919] Bluetooth: hci0: command tx timeout
[ 120.753348][ T5745] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 120.758334][ T5745] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 120.824154][ T5745] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 120.825977][ T5745] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 120.993556][ T5745] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 121.281045][ T5745] 8021q: adding VLAN 0 to HW filter on device bond0
[ 121.314760][ T5745] 8021q: adding VLAN 0 to HW filter on device team0
[ 121.342367][ T3304] bridge0: port 1(bridge_slave_0) entered blocking state
[ 121.350852][ T3304] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 121.374063][ T1000] bridge0: port 2(bridge_slave_1) entered blocking state
[ 121.376480][ T1000] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 121.990266][ T5745] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 122.146296][ T5745] veth0_vlan: entered promiscuous mode
[ 122.162313][ T5745] veth1_vlan: entered promiscuous mode
[ 122.211715][ T5745] veth0_macvtap: entered promiscuous mode
[ 122.215503][ T5745] veth1_macvtap: entered promiscuous mode
[ 122.283183][ T5745] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 122.300938][ T5745] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 122.335066][ T126] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 122.335346][ T126] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 122.335387][ T126] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 122.335423][ T126] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2026/05/27 18:25:46 executed programs: 2
[ 122.714687][ T126] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 122.714710][ T126] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 122.783764][ T126] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 122.783788][ T126] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 122.826739][ T4919] Bluetooth: hci0: command tx timeout
[ 123.231472][ T5835] loop0: detected capacity change from 0 to 32768
[ 123.374076][ T5835]
[ 123.374076][ T5835] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 123.374076][ T5835]
[ 123.483173][ T5745]
[ 123.483173][ T5745] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 123.483173][ T5745]
[ 123.502173][ T5745]
[ 123.502173][ T5745] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 123.502173][ T5745]
[ 124.169594][ T5836] loop0: detected capacity change from 0 to 32768
[ 124.177150][ T5836]
[ 124.177150][ T5836] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 124.177150][ T5836]
[ 124.250575][ T5745]
[ 124.250575][ T5745] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 124.250575][ T5745]
[ 124.250927][ T5745]
[ 124.250927][ T5745] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 124.250927][ T5745]
[ 124.829343][ T5837] loop0: detected capacity change from 0 to 32768
[ 124.851092][ T5837]
[ 124.851092][ T5837] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 124.851092][ T5837]
[ 124.889802][ T5745]
[ 124.889802][ T5745] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 124.889802][ T5745]
[ 124.894021][ T5745]
[ 124.894021][ T5745] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 124.894021][ T5745]
[ 125.525059][ T5838] loop0: detected capacity change from 0 to 32768
[ 125.540583][ T5838]
[ 125.540583][ T5838] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 125.540583][ T5838]
[ 125.587212][ T5745]
[ 125.587212][ T5745] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 125.587212][ T5745]
[ 125.587714][ T5745]
[ 125.587714][ T5745] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 125.587714][ T5745]
[ 126.150710][ T5839] loop0: detected capacity change from 0 to 32768
[ 126.169464][ T5839]
[ 126.169464][ T5839] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 126.169464][ T5839]
[ 126.212359][ T5745]
[ 126.212359][ T5745] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 126.212359][ T5745]
[ 126.215029][ T5745]
[ 126.215029][ T5745] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 126.215029][ T5745]
[ 126.754465][ T5840] loop0: detected capacity change from 0 to 32768
[ 126.818720][ T5840]
[ 126.818720][ T5840] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 126.818720][ T5840]
[ 126.857121][ T5745]
[ 126.857121][ T5745] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 126.857121][ T5745]
[ 126.858990][ T5745]
[ 126.858990][ T5745] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 126.858990][ T5745]
[ 127.422868][ T5842] loop0: detected capacity change from 0 to 32768
[ 127.439925][ T5842]
[ 127.439925][ T5842] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 127.439925][ T5842]
[ 127.471330][ T5745]
[ 127.471330][ T5745] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 127.471330][ T5745]
[ 127.472122][ T5745]
[ 127.472122][ T5745] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 127.472122][ T5745]
2026/05/27 18:25:51 executed programs: 10
[ 128.034741][ T5845] loop0: detected capacity change from 0 to 32768
[ 128.042173][ T5845]
[ 128.042173][ T5845] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 128.042173][ T5845]
[ 128.090583][ T5745]
[ 128.090583][ T5745] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 128.090583][ T5745]
[ 128.096663][ T5745]
[ 128.096663][ T5745] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 128.096663][ T5745]
[ 128.643725][ T5848] loop0: detected capacity change from 0 to 32768
[ 128.657977][ T5848]
[ 128.657977][ T5848] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 128.657977][ T5848]
[ 128.703129][ T5745]
[ 128.703129][ T5745] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 128.703129][ T5745]
[ 128.703463][ T5745]
[ 128.703463][ T5745] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 128.703463][ T5745]
[ 129.257529][ T5850] loop0: detected capacity change from 0 to 32768
[ 129.275313][ T5850]
[ 129.275313][ T5850] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 129.275313][ T5850]
[ 129.307831][ T5745]
[ 129.307831][ T5745] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 129.307831][ T5745]
[ 129.313446][ T5745]
[ 129.313446][ T5745] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 129.313446][ T5745]
[ 129.348191][ T1000] ==================================================================
[ 129.348209][ T1000] BUG: KASAN: use-after-free in copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 129.348246][ T1000] Read of size 4096 at addr ffff88804db52000 by task kworker/u8:7/1000
[ 129.348263][ T1000]
[ 129.348275][ T1000] CPU: 1 UID: 0 PID: 1000 Comm: kworker/u8:7 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 129.348299][ T1000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 129.348312][ T1000] Workqueue: loop0 loop_workfn
[ 129.348337][ T1000] Call Trace:
[ 129.348399][ T1000]
[ 129.348408][ T1000] dump_stack_lvl+0xe8/0x150
[ 129.348433][ T1000] print_address_description+0x55/0x1e0
[ 129.348456][ T1000] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 129.348486][ T1000] print_report+0x58/0x70
[ 129.348505][ T1000] kasan_report+0x117/0x150
[ 129.348529][ T1000] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 129.348559][ T1000] kasan_check_range+0x264/0x2c0
[ 129.348583][ T1000] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 129.348610][ T1000] __asan_memcpy+0x29/0x70
[ 129.348629][ T1000] copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 129.348667][ T1000] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[ 129.348696][ T1000] ? rcu_is_watching+0x15/0xb0
[ 129.348726][ T1000] ? shmem_write_begin+0x1ce/0x320
[ 129.348750][ T1000] generic_perform_write+0x5b1/0x8b0
[ 129.348780][ T1000] ? __pfx_generic_perform_write+0x10/0x10
[ 129.348802][ T1000] ? __mark_inode_dirty+0x4cf/0x13b0
[ 129.348827][ T1000] ? preempt_count_add+0x91/0x190
[ 129.348848][ T1000] ? mnt_put_write_access_file+0xbf/0x100
[ 129.348873][ T1000] ? file_update_time_flags+0x406/0x4b0
[ 129.348897][ T1000] shmem_file_write_iter+0xfb/0x120
[ 129.348925][ T1000] lo_rw_aio+0xc80/0xf00
[ 129.348953][ T1000] ? __pfx_lo_rw_aio+0x10/0x10
[ 129.348977][ T1000] ? kthread_associate_blkcg+0x490/0x600
[ 129.349003][ T1000] ? rt_spin_unlock+0x160/0x200
[ 129.349053][ T1000] loop_process_work+0x637/0x11b0
[ 129.349085][ T1000] ? __pfx_loop_process_work+0x10/0x10
[ 129.349106][ T1000] ? __lock_acquire+0x6b5/0x2cf0
[ 129.349130][ T1000] ? look_up_lock_class+0x57/0x110
[ 129.349149][ T1000] ? register_lock_class+0x31/0x2e0
[ 129.349175][ T1000] ? __lock_acquire+0x6b5/0x2cf0
[ 129.349202][ T1000] ? trace_hrtimer_start+0x82/0x200
[ 129.349225][ T1000] ? do_raw_spin_lock+0x12b/0x2f0
[ 129.349247][ T1000] ? lock_acquire+0x106/0x350
[ 129.349272][ T1000] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 129.349294][ T1000] ? process_scheduled_works+0xa70/0x1860
[ 129.349315][ T1000] ? process_scheduled_works+0xa70/0x1860
[ 129.349337][ T1000] ? process_scheduled_works+0xa70/0x1860
[ 129.349366][ T1000] ? process_scheduled_works+0xa70/0x1860
[ 129.349388][ T1000] process_scheduled_works+0xb5d/0x1860
[ 129.349421][ T1000] ? __pfx_process_scheduled_works+0x10/0x10
[ 129.349444][ T1000] ? assign_work+0x3d5/0x5e0
[ 129.349465][ T1000] worker_thread+0xa53/0xfc0
[ 129.349498][ T1000] kthread+0x388/0x470
[ 129.349523][ T1000] ? __pfx_worker_thread+0x10/0x10
[ 129.349543][ T1000] ? __pfx_kthread+0x10/0x10
[ 129.349567][ T1000] ret_from_fork+0x514/0xb70
[ 129.349591][ T1000] ? __pfx_ret_from_fork+0x10/0x10
[ 129.349609][ T1000] ? __switch_to+0xc79/0x1410
[ 129.349639][ T1000] ? __pfx_kthread+0x10/0x10
[ 129.349663][ T1000] ret_from_fork_asm+0x1a/0x30
[ 129.349692][ T1000]
[ 129.349699][ T1000]
[ 129.349704][ T1000] The buggy address belongs to the physical page:
[ 129.349714][ T1000] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88804db52000 pfn:0x4db52
[ 129.349735][ T1000] flags: 0x80000000000000(node=0|zone=1)
[ 129.349759][ T1000] raw: 0080000000000000 ffffea00010037c8 ffffea000136d548 0000000000000000
[ 129.349775][ T1000] raw: ffff88804db52000 0000000000000000 00000000ffffffff 0000000000000000
[ 129.349785][ T1000] page dumped because: kasan: bad access detected
[ 129.349795][ T1000] page_owner tracks the page as freed
[ 129.349802][ T1000] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xdc0(GFP_KERNEL|__GFP_ZERO), pid 5850, tgid 5850 (syz.0.26), ts 129265322894, free_ts 129346721343
[ 129.349833][ T1000] post_alloc_hook+0x22d/0x280
[ 129.349854][ T1000] get_page_from_freelist+0x28b2/0x2930
[ 129.349878][ T1000] __alloc_frozen_pages_noprof+0x18d/0x380
[ 129.349901][ T1000] alloc_pages_mpol+0xd1/0x380
[ 129.349921][ T1000] alloc_pages_noprof+0xd2/0x2f0
[ 129.349942][ T1000] lmLogInit+0x357/0x1a00
[ 129.349968][ T1000] lmLogOpen+0x4e1/0xfa0
[ 129.349988][ T1000] jfs_mount_rw+0xee/0x670
[ 129.350008][ T1000] jfs_fill_super+0x754/0xd80
[ 129.350027][ T1000] get_tree_bdev_flags+0x431/0x4f0
[ 129.350046][ T1000] vfs_get_tree+0x92/0x2a0
[ 129.350065][ T1000] do_new_mount+0x341/0xd30
[ 129.350088][ T1000] __se_sys_mount+0x31d/0x420
[ 129.350102][ T1000] do_syscall_64+0x174/0x580
[ 129.350118][ T1000] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 129.350135][ T1000] page last free pid 5745 tgid 5745 stack trace:
[ 129.350146][ T1000] __free_frozen_pages+0xfe5/0x10d0
[ 129.350166][ T1000] lmLogShutdown+0x44e/0x850
[ 129.350189][ T1000] lmLogClose+0x28a/0x520
[ 129.350214][ T1000] jfs_umount+0x2fb/0x3d0
[ 129.350235][ T1000] jfs_put_super+0x8c/0x190
[ 129.350254][ T1000] generic_shutdown_super+0x13d/0x2d0
[ 129.350273][ T1000] kill_block_super+0x44/0x90
[ 129.350294][ T1000] deactivate_locked_super+0xbc/0x130
[ 129.350312][ T1000] cleanup_mnt+0x437/0x4d0
[ 129.350330][ T1000] task_work_run+0x1d9/0x270
[ 129.350363][ T1000] exit_to_user_mode_loop+0x193/0x680
[ 129.350384][ T1000] do_syscall_64+0x353/0x580
[ 129.350400][ T1000] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 129.350418][ T1000]
[ 129.350423][ T1000] Memory state around the buggy address:
[ 129.350434][ T1000] ffff88804db51f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 129.350447][ T1000] ffff88804db51f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 129.350461][ T1000] >ffff88804db52000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 129.350470][ T1000] ^
[ 129.350480][ T1000] ffff88804db52080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 129.350492][ T1000] ffff88804db52100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 129.350501][ T1000] ==================================================================
[ 129.351783][ T1000] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 129.351796][ T1000] CPU: 1 UID: 0 PID: 1000 Comm: kworker/u8:7 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 129.351811][ T1000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 129.351818][ T1000] Workqueue: loop0 loop_workfn
[ 129.351835][ T1000] Call Trace:
[ 129.351840][ T1000]
[ 129.351845][ T1000] vpanic+0x56c/0xa60
[ 129.351860][ T1000] ? rcu_is_watching+0x15/0xb0
[ 129.351880][ T1000] ? __pfx_vpanic+0x10/0x10
[ 129.351895][ T1000] panic+0xc5/0xd0
[ 129.351908][ T1000] ? __pfx_panic+0x10/0x10
[ 129.351921][ T1000] ? preempt_schedule_thunk+0x16/0x30
[ 129.351938][ T1000] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 129.351954][ T1000] ? preempt_schedule_thunk+0x16/0x30
[ 129.351970][ T1000] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 129.351985][ T1000] check_panic_on_warn+0x89/0xb0
[ 129.352000][ T1000] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 129.352016][ T1000] end_report+0x73/0x170
[ 129.352029][ T1000] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 129.352044][ T1000] kasan_report+0x128/0x150
[ 129.352058][ T1000] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 129.352076][ T1000] kasan_check_range+0x264/0x2c0
[ 129.352089][ T1000] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 129.352108][ T1000] __asan_memcpy+0x29/0x70
[ 129.352119][ T1000] copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 129.352140][ T1000] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[ 129.352156][ T1000] ? rcu_is_watching+0x15/0xb0
[ 129.352173][ T1000] ? shmem_write_begin+0x1ce/0x320
[ 129.352187][ T1000] generic_perform_write+0x5b1/0x8b0
[ 129.352204][ T1000] ? __pfx_generic_perform_write+0x10/0x10
[ 129.352218][ T1000] ? __mark_inode_dirty+0x4cf/0x13b0
[ 129.352232][ T1000] ? preempt_count_add+0x91/0x190
[ 129.352245][ T1000] ? mnt_put_write_access_file+0xbf/0x100
[ 129.352259][ T1000] ? file_update_time_flags+0x406/0x4b0
[ 129.352273][ T1000] shmem_file_write_iter+0xfb/0x120
[ 129.352289][ T1000] lo_rw_aio+0xc80/0xf00
[ 129.352305][ T1000] ? __pfx_lo_rw_aio+0x10/0x10
[ 129.352320][ T1000] ? kthread_associate_blkcg+0x490/0x600
[ 129.352340][ T1000] ? rt_spin_unlock+0x160/0x200
[ 129.352363][ T1000] loop_process_work+0x637/0x11b0
[ 129.352382][ T1000] ? __pfx_loop_process_work+0x10/0x10
[ 129.352395][ T1000] ? __lock_acquire+0x6b5/0x2cf0
[ 129.352408][ T1000] ? look_up_lock_class+0x57/0x110
[ 129.352419][ T1000] ? register_lock_class+0x31/0x2e0
[ 129.352434][ T1000] ? __lock_acquire+0x6b5/0x2cf0
[ 129.352452][ T1000] ? trace_hrtimer_start+0x82/0x200
[ 129.352466][ T1000] ? do_raw_spin_lock+0x12b/0x2f0
[ 129.352478][ T1000] ? lock_acquire+0x106/0x350
[ 129.352492][ T1000] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 129.352505][ T1000] ? process_scheduled_works+0xa70/0x1860
[ 129.352517][ T1000] ? process_scheduled_works+0xa70/0x1860
[ 129.352530][ T1000] ? process_scheduled_works+0xa70/0x1860
[ 129.352541][ T1000] ? process_scheduled_works+0xa70/0x1860
[ 129.352554][ T1000] process_scheduled_works+0xb5d/0x1860
[ 129.352572][ T1000] ? __pfx_process_scheduled_works+0x10/0x10
[ 129.352586][ T1000] ? assign_work+0x3d5/0x5e0
[ 129.352598][ T1000] worker_thread+0xa53/0xfc0
[ 129.352616][ T1000] kthread+0x388/0x470
[ 129.352630][ T1000] ? __pfx_worker_thread+0x10/0x10
[ 129.352641][ T1000] ? __pfx_kthread+0x10/0x10
[ 129.352655][ T1000] ret_from_fork+0x514/0xb70
[ 129.352668][ T1000] ? __pfx_ret_from_fork+0x10/0x10
[ 129.352680][ T1000] ? __switch_to+0xc79/0x1410
[ 129.352697][ T1000] ? __pfx_kthread+0x10/0x10
[ 129.352711][ T1000] ret_from_fork_asm+0x1a/0x30
[ 129.352729][ T1000]
[ 129.353451][ T1000] Kernel Offset: disabled