Warning: Permanently added '10.128.1.7' (ED25519) to the list of known hosts.
2026/05/09 00:21:24 parsed 1 programs
[   84.141199][ T5615] cgroup: Unknown subsys name 'net'
[   84.360692][ T5615] cgroup: Unknown subsys name 'cpuset'
[   84.427103][ T5615] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   86.150615][ T5615] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   86.711975][   T10] cfg80211: failed to load regulatory.db
[   89.430544][ T3434] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.430568][ T3434] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.484432][  T163] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.484465][  T163] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.193929][   T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   93.195897][   T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   93.198741][   T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   93.200362][   T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   93.201990][   T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   94.351372][ T5683] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.352547][ T5683] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.352637][ T5683] bridge_slave_0: entered allmulticast mode
[   94.354495][ T5683] bridge_slave_0: entered promiscuous mode
[   94.369083][ T5683] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.369201][ T5683] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.369356][ T5683] bridge_slave_1: entered allmulticast mode
[   94.374455][ T5683] bridge_slave_1: entered promiscuous mode
[   94.448674][ T5683] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.455630][ T5683] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.496093][ T5683] team0: Port device team_slave_0 added
[   94.500607][ T5683] team0: Port device team_slave_1 added
[   94.528967][ T5683] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.528977][ T5683] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   94.528990][ T5683] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.531297][ T5683] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.531323][ T5683] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   94.531336][ T5683] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.603950][ T5683] hsr_slave_0: entered promiscuous mode
[   94.605340][ T5683] hsr_slave_1: entered promiscuous mode
[   94.825527][ T5683] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   94.871642][ T5683] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   94.875162][ T5683] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   94.910323][ T5683] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   94.915601][ T5683] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   94.952132][ T5683] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   94.953923][ T5683] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   95.001704][ T5683] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   95.038802][ T5683] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.039017][ T5683] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.039700][ T5683] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.039780][ T5683] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.143425][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.176906][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.366257][ T5683] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.396227][ T5683] 8021q: adding VLAN 0 to HW filter on device team0
[   95.411778][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.411925][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.431255][ T1435] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.431453][ T1435] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.819668][ T5683] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.881464][ T5683] veth0_vlan: entered promiscuous mode
[   95.891172][ T5683] veth1_vlan: entered promiscuous mode
[   95.936168][ T5683] veth0_macvtap: entered promiscuous mode
[   95.953069][ T5683] veth1_macvtap: entered promiscuous mode
[   95.982981][ T5683] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.003300][ T5683] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.025042][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.038932][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.040830][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.041016][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.771002][ T1448] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.471864][ T1448] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2026/05/09 00:21:41 executed programs: 0
[   98.265116][   T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   98.269637][   T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   98.273115][   T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   98.275457][   T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   98.276788][   T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   98.375148][ T1448] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.926400][ T1448] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.165467][ T5740] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.173901][ T5740] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.174092][ T5740] bridge_slave_0: entered allmulticast mode
[   99.202642][ T5740] bridge_slave_0: entered promiscuous mode
[   99.206064][ T5740] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.206226][ T5740] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.231824][ T5740] bridge_slave_1: entered allmulticast mode
[   99.234940][ T5740] bridge_slave_1: entered promiscuous mode
[   99.367049][ T5740] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   99.375625][ T5740] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   99.438088][ T5740] team0: Port device team_slave_0 added
[   99.510945][ T5740] team0: Port device team_slave_1 added
[   99.567982][ T5740] batman_adv: batadv0: Adding interface: batadv_slave_0
[   99.567997][ T5740] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   99.568019][ T5740] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   99.574002][ T5740] batman_adv: batadv0: Adding interface: batadv_slave_1
[   99.574015][ T5740] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   99.574035][ T5740] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   99.739245][ T5740] hsr_slave_0: entered promiscuous mode
[   99.739988][ T5740] hsr_slave_1: entered promiscuous mode
[   99.740580][ T5740] debugfs: 'hsr0' already exists in 'hsr'
[   99.740645][ T5740] Cannot create hsr debugfs directory
[  100.071501][ T1448] bridge_slave_1: left allmulticast mode
[  100.071573][ T1448] bridge_slave_1: left promiscuous mode
[  100.071964][ T1448] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.157734][ T1448] bridge_slave_0: left allmulticast mode
[  100.157758][ T1448] bridge_slave_0: left promiscuous mode
[  100.157902][ T1448] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.308450][   T59] Bluetooth: hci0: command tx timeout
[  100.828285][ T1448] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  100.907457][ T1448] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  100.930965][ T1448] bond0 (unregistering): Released all slaves
[  101.267285][ T1448] hsr_slave_0: left promiscuous mode
[  101.306684][ T1448] hsr_slave_1: left promiscuous mode
[  101.308022][ T1448] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  101.308097][ T1448] batman_adv: batadv0: Removing interface: batadv_slave_0
[  101.368470][ T1448] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  101.368496][ T1448] batman_adv: batadv0: Removing interface: batadv_slave_1
[  101.462745][ T1448] veth1_macvtap: left promiscuous mode
[  101.462910][ T1448] veth0_macvtap: left promiscuous mode
[  101.463055][ T1448] veth1_vlan: left promiscuous mode
[  101.463211][ T1448] veth0_vlan: left promiscuous mode
[  102.097028][ T1448] team0 (unregistering): Port device team_slave_1 removed
[  102.157113][ T1448] team0 (unregistering): Port device team_slave_0 removed
[  102.333929][ T5263] 8021q: adding VLAN 0 to HW filter on device eth1
[  102.387285][   T59] Bluetooth: hci0: command tx timeout
[  102.828387][ T5263] 8021q: adding VLAN 0 to HW filter on device eth2
[  104.192768][ T5740] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  104.249438][ T5740] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  104.250817][ T5740] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  104.314289][ T5740] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  104.325531][ T5740] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  104.364643][ T5740] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  104.366342][ T5740] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  104.391156][ T5740] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  104.468208][   T59] Bluetooth: hci0: command tx timeout
[  104.519901][ T5740] 8021q: adding VLAN 0 to HW filter on device bond0
[  104.556209][ T5740] 8021q: adding VLAN 0 to HW filter on device team0
[  104.579966][ T3434] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.580097][ T3434] bridge0: port 1(bridge_slave_0) entered forwarding state
[  104.602900][  T163] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.603000][  T163] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.036260][ T5740] 8021q: adding VLAN 0 to HW filter on device batadv0
[  105.093161][ T5740] veth0_vlan: entered promiscuous mode
[  105.104920][ T5740] veth1_vlan: entered promiscuous mode
[  105.146082][ T5740] veth0_macvtap: entered promiscuous mode
[  105.158654][ T5740] veth1_macvtap: entered promiscuous mode
[  105.178754][ T5740] batman_adv: batadv0: Interface activated: batadv_slave_0
[  105.203536][ T5740] batman_adv: batadv0: Interface activated: batadv_slave_1
[  105.220598][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.223120][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.223581][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.223622][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.542133][ T3434] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.542153][ T3434] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.593159][ T3434] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.593177][ T3434] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/05/09 00:21:48 executed programs: 2
[  105.940749][ T5842] loop0: detected capacity change from 0 to 32768
[  106.555685][ T5843] loop0: detected capacity change from 0 to 32768
[  106.556815][   T59] Bluetooth: hci0: command tx timeout
[  107.090543][ T5844] loop0: detected capacity change from 0 to 32768
[  107.744871][ T5845] loop0: detected capacity change from 0 to 32768
[  108.163724][ T5846] loop0: detected capacity change from 0 to 32768
[  108.580276][ T5847] loop0: detected capacity change from 0 to 32768
[  108.964333][ T5848] loop0: detected capacity change from 0 to 32768
[  109.403735][ T5849] loop0: detected capacity change from 0 to 32768
[  109.786018][ T5850] loop0: detected capacity change from 0 to 32768
[  110.175511][ T5851] loop0: detected capacity change from 0 to 32768
[  111.176148][ T5853] set_capacity_and_notify: 1 callbacks suppressed
[  111.176159][ T5853] loop0: detected capacity change from 0 to 32768
2026/05/09 00:21:54 executed programs: 14
[  111.577913][ T5854] loop0: detected capacity change from 0 to 32768
[  111.934174][ T5855] loop0: detected capacity change from 0 to 32768
[  112.834559][ T5856] loop0: detected capacity change from 0 to 32768
[  113.459322][ T5857] loop0: detected capacity change from 0 to 32768
[  113.840646][ T5858] loop0: detected capacity change from 0 to 32768
[  114.713670][ T5859] loop0: detected capacity change from 0 to 32768
[  115.321342][ T5863] loop0: detected capacity change from 0 to 32768
[  115.645973][ T5864] loop0: detected capacity change from 0 to 32768
[  115.992687][ T5865] loop0: detected capacity change from 0 to 32768
[  116.631922][ T5867] loop0: detected capacity change from 0 to 32768
2026/05/09 00:21:59 executed programs: 24
[  117.241747][ T5870] loop0: detected capacity change from 0 to 32768
[  117.852962][ T5871] loop0: detected capacity change from 0 to 32768
[  118.200416][ T5872] loop0: detected capacity change from 0 to 32768
[  118.570090][ T5873] loop0: detected capacity change from 0 to 32768
[  119.169704][ T5874] loop0: detected capacity change from 0 to 32768
[  119.774208][ T5875] loop0: detected capacity change from 0 to 32768
[  120.357135][ T5876] loop0: detected capacity change from 0 to 32768
[  120.719755][ T5877] loop0: detected capacity change from 0 to 32768
[  121.311742][ T5878] loop0: detected capacity change from 0 to 32768
[  121.914792][ T5879] loop0: detected capacity change from 0 to 32768
2026/05/09 00:22:05 executed programs: 34
[  122.809210][ T5880] loop0: detected capacity change from 0 to 32768
[  123.174490][ T5881] loop0: detected capacity change from 0 to 32768
[  123.530928][ T5882] loop0: detected capacity change from 0 to 32768
[  123.608576][    C0] ==================================================================
[  123.608591][    C0] BUG: KASAN: slab-use-after-free in lbmIODone+0x1312/0x16c0
[  123.608632][    C0] Read of size 4 at addr ffff88802cc8f208 by task syz-execprog/5613
[  123.608649][    C0] 
[  123.608672][    C0] CPU: 0 UID: 0 PID: 5613 Comm: syz-execprog Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  123.608695][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  123.608712][    C0] Call Trace:
[  123.608720][    C0]  <TASK>
[  123.608728][    C0]  dump_stack_lvl+0xe8/0x150
[  123.608751][    C0]  print_address_description+0x55/0x1e0
[  123.608771][    C0]  ? lbmIODone+0x1312/0x16c0
[  123.608792][    C0]  print_report+0x58/0x70
[  123.608809][    C0]  kasan_report+0x117/0x150
[  123.608834][    C0]  ? lbmIODone+0x1312/0x16c0
[  123.608860][    C0]  lbmIODone+0x1312/0x16c0
[  123.608882][    C0]  ? blkg_put+0x22/0x240
[  123.608898][    C0]  ? blkg_put+0x22/0x240
[  123.608916][    C0]  ? blkg_put+0x18d/0x240
[  123.608934][    C0]  ? bio_endio+0x989/0x9d0
[  123.608955][    C0]  blk_update_request+0x57e/0xe60
[  123.608981][    C0]  blk_mq_end_request+0x3e/0x70
[  123.609003][    C0]  blk_done_softirq+0x10a/0x160
[  123.609024][    C0]  handle_softirqs+0x1de/0x6d0
[  123.609052][    C0]  __local_bh_enable_ip+0x170/0x2b0
[  123.609073][    C0]  tcp_recvmsg+0xdb/0x530
[  123.609102][    C0]  ? __pfx_tcp_recvmsg+0x10/0x10
[  123.609128][    C0]  ? inet6_recvmsg+0xb4/0x490
[  123.609147][    C0]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  123.609166][    C0]  ? security_socket_recvmsg+0x7e/0x2c0
[  123.609189][    C0]  ? __pfx_inet6_recvmsg+0x10/0x10
[  123.609209][    C0]  sock_recvmsg+0xfa/0x1b0
[  123.609228][    C0]  sock_read_iter+0x25a/0x330
[  123.609253][    C0]  ? __pfx_sock_read_iter+0x10/0x10
[  123.609288][    C0]  vfs_read+0x58b/0xa80
[  123.609312][    C0]  ? __pfx_vfs_read+0x10/0x10
[  123.609335][    C0]  ? __fget_files+0x2a/0x420
[  123.609357][    C0]  ksys_read+0x156/0x270
[  123.609378][    C0]  ? __pfx_ksys_read+0x10/0x10
[  123.609407][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.609427][    C0]  do_syscall_64+0x15f/0xf80
[  123.609450][    C0]  ? clear_bhb_loop+0x40/0x90
[  123.609471][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.609491][    C0] RIP: 0033:0x40d3ce
[  123.609520][    C0] Code: ff cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 49 89 f2 48 89 fa 48 89 ce 48 89 df 0f 05 <48> 3d 01 f0 ff ff 76 15 48 f7 d8 48 89 c1 48 c7 c0 ff ff ff ff 48
[  123.609534][    C0] RSP: 002b:00003b37da74d3d8 EFLAGS: 00000202 ORIG_RAX: 0000000000000000
[  123.609559][    C0] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000040d3ce
[  123.609572][    C0] RDX: 0000000001e4e7fc RSI: 00003b37dbb80000 RDI: 0000000000000006
[  123.609585][    C0] RBP: 00003b37da74d418 R08: 0000000000000000 R09: 0000000000000000
[  123.609598][    C0] R10: 0000000000000000 R11: 0000000000000202 R12: 00003b37da739d30
[  123.609611][    C0] R13: 0000000000000001 R14: 00003b37da6aad20 R15: 0000000000000001
[  123.609630][    C0]  </TASK>
[  123.609637][    C0] 
[  123.609644][    C0] Allocated by task 5882:
[  123.609653][    C0]  kasan_save_track+0x3e/0x80
[  123.609669][    C0]  __kasan_kmalloc+0x93/0xb0
[  123.609684][    C0]  __kmalloc_cache_noprof+0x3a6/0x690
[  123.609707][    C0]  lmLogInit+0x3e5/0x1a00
[  123.609725][    C0]  lmLogOpen+0x4e1/0xfa0
[  123.609744][    C0]  jfs_mount_rw+0xee/0x670
[  123.609763][    C0]  jfs_fill_super+0x754/0xd80
[  123.609778][    C0]  get_tree_bdev_flags+0x431/0x4f0
[  123.609796][    C0]  vfs_get_tree+0x92/0x2a0
[  123.609808][    C0]  do_new_mount+0x341/0xd30
[  123.609824][    C0]  __se_sys_mount+0x31d/0x420
[  123.609839][    C0]  do_syscall_64+0x15f/0xf80
[  123.609853][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.609864][    C0] 
[  123.609867][    C0] Freed by task 5740:
[  123.609874][    C0]  kasan_save_track+0x3e/0x80
[  123.609884][    C0]  kasan_save_free_info+0x46/0x50
[  123.609901][    C0]  __kasan_slab_free+0x5c/0x80
[  123.609912][    C0]  kfree+0x1c5/0x6c0
[  123.609923][    C0]  lmLogShutdown+0x456/0x850
[  123.609938][    C0]  lmLogClose+0x28a/0x520
[  123.609953][    C0]  jfs_umount+0x2fb/0x3d0
[  123.609975][    C0]  jfs_put_super+0x8c/0x190
[  123.609988][    C0]  generic_shutdown_super+0x13d/0x2d0
[  123.610000][    C0]  kill_block_super+0x44/0x90
[  123.610013][    C0]  deactivate_locked_super+0xbc/0x130
[  123.610023][    C0]  cleanup_mnt+0x437/0x4d0
[  123.610035][    C0]  task_work_run+0x1d9/0x270
[  123.610051][    C0]  exit_to_user_mode_loop+0xed/0x480
[  123.610065][    C0]  do_syscall_64+0x33e/0xf80
[  123.610079][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.610091][    C0] 
[  123.610094][    C0] The buggy address belongs to the object at ffff88802cc8f200
[  123.610094][    C0]  which belongs to the cache kmalloc-256 of size 256
[  123.610107][    C0] The buggy address is located 8 bytes inside of
[  123.610107][    C0]  freed 256-byte region [ffff88802cc8f200, ffff88802cc8f300)
[  123.610123][    C0] 
[  123.610126][    C0] The buggy address belongs to the physical page:
[  123.610144][    C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2cc8e
[  123.610158][    C0] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  123.610170][    C0] flags: 0x80000000000040(head|node=0|zone=1)
[  123.610186][    C0] page_type: f5(slab)
[  123.610199][    C0] raw: 0080000000000040 ffff88801a010b40 dead000000000100 dead000000000122
[  123.610210][    C0] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  123.610222][    C0] head: 0080000000000040 ffff88801a010b40 dead000000000100 dead000000000122
[  123.610232][    C0] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  123.610244][    C0] head: 0080000000000001 ffffffffffffff81 00000000ffffffff 00000000ffffffff
[  123.610255][    C0] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000002
[  123.610262][    C0] page dumped because: kasan: bad access detected
[  123.610275][    C0] page_owner tracks the page as allocated
[  123.610280][    C0] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 33, tgid 33 (kdevtmpfs), ts 15271199401, free_ts 0
[  123.610306][    C0]  post_alloc_hook+0x231/0x280
[  123.610322][    C0]  get_page_from_freelist+0x27c8/0x2840
[  123.610337][    C0]  __alloc_frozen_pages_noprof+0x18d/0x380
[  123.610351][    C0]  allocate_slab+0x77/0x660
[  123.610370][    C0]  refill_objects+0x33c/0x3d0
[  123.610393][    C0]  __pcs_replace_empty_main+0x373/0x720
[  123.610409][    C0]  __kmalloc_noprof+0x530/0x7b0
[  123.610421][    C0]  security_inode_init_security+0x102/0x3d0
[  123.610435][    C0]  shmem_mknod+0x1fe/0x360
[  123.610451][    C0]  vfs_mknod+0x44e/0x620
[  123.610465][    C0]  devtmpfs_work_loop+0x861/0xdf0
[  123.610480][    C0]  devtmpfsd+0x4d/0x50
[  123.610494][    C0]  kthread+0x388/0x470
[  123.610510][    C0]  ret_from_fork+0x514/0xb70
[  123.610525][    C0]  ret_from_fork_asm+0x1a/0x30
[  123.610542][    C0] page_owner free stack trace missing
[  123.610548][    C0] 
[  123.610551][    C0] Memory state around the buggy address:
[  123.610558][    C0]  ffff88802cc8f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  123.610567][    C0]  ffff88802cc8f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  123.610575][    C0] >ffff88802cc8f200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  123.610581][    C0]                       ^
[  123.610589][    C0]  ffff88802cc8f280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  123.610597][    C0]  ffff88802cc8f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  123.610604][    C0] ==================================================================
[  123.610649][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  123.610662][    C0] CPU: 0 UID: 0 PID: 5613 Comm: syz-execprog Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  123.610679][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  123.610688][    C0] Call Trace:
[  123.610693][    C0]  <TASK>
[  123.610699][    C0]  vpanic+0x56c/0xa60
[  123.610718][    C0]  ? __pfx_vpanic+0x10/0x10
[  123.610733][    C0]  ? __pfx___schedule+0x10/0x10
[  123.610751][    C0]  panic+0xc5/0xd0
[  123.610767][    C0]  ? __pfx_panic+0x10/0x10
[  123.610783][    C0]  ? preempt_schedule_thunk+0x16/0x30
[  123.610807][    C0]  ? lbmIODone+0x1312/0x16c0
[  123.610825][    C0]  check_panic_on_warn+0x89/0xb0
[  123.610844][    C0]  ? lbmIODone+0x1312/0x16c0
[  123.610860][    C0]  end_report+0x73/0x170
[  123.610879][    C0]  ? lbmIODone+0x1312/0x16c0
[  123.610894][    C0]  kasan_report+0x128/0x150
[  123.610909][    C0]  ? lbmIODone+0x1312/0x16c0
[  123.610927][    C0]  lbmIODone+0x1312/0x16c0
[  123.610943][    C0]  ? blkg_put+0x22/0x240
[  123.610956][    C0]  ? blkg_put+0x22/0x240
[  123.610969][    C0]  ? blkg_put+0x18d/0x240
[  123.610982][    C0]  ? bio_endio+0x989/0x9d0
[  123.611000][    C0]  blk_update_request+0x57e/0xe60
[  123.611023][    C0]  blk_mq_end_request+0x3e/0x70
[  123.611039][    C0]  blk_done_softirq+0x10a/0x160
[  123.611054][    C0]  handle_softirqs+0x1de/0x6d0
[  123.611071][    C0]  __local_bh_enable_ip+0x170/0x2b0
[  123.611086][    C0]  tcp_recvmsg+0xdb/0x530
[  123.611107][    C0]  ? __pfx_tcp_recvmsg+0x10/0x10
[  123.611128][    C0]  ? inet6_recvmsg+0xb4/0x490
[  123.611145][    C0]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  123.611160][    C0]  ? security_socket_recvmsg+0x7e/0x2c0
[  123.611177][    C0]  ? __pfx_inet6_recvmsg+0x10/0x10
[  123.611192][    C0]  sock_recvmsg+0xfa/0x1b0
[  123.611206][    C0]  sock_read_iter+0x25a/0x330
[  123.611226][    C0]  ? __pfx_sock_read_iter+0x10/0x10
[  123.611252][    C0]  vfs_read+0x58b/0xa80
[  123.611270][    C0]  ? __pfx_vfs_read+0x10/0x10
[  123.611288][    C0]  ? __fget_files+0x2a/0x420
[  123.611305][    C0]  ksys_read+0x156/0x270
[  123.611321][    C0]  ? __pfx_ksys_read+0x10/0x10
[  123.611337][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.611351][    C0]  do_syscall_64+0x15f/0xf80
[  123.611371][    C0]  ? clear_bhb_loop+0x40/0x90
[  123.611394][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.611408][    C0] RIP: 0033:0x40d3ce
[  123.611419][    C0] Code: ff cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 49 89 f2 48 89 fa 48 89 ce 48 89 df 0f 05 <48> 3d 01 f0 ff ff 76 15 48 f7 d8 48 89 c1 48 c7 c0 ff ff ff ff 48
[  123.611430][    C0] RSP: 002b:00003b37da74d3d8 EFLAGS: 00000202 ORIG_RAX: 0000000000000000
[  123.611445][    C0] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000040d3ce
[  123.611455][    C0] RDX: 0000000001e4e7fc RSI: 00003b37dbb80000 RDI: 0000000000000006
[  123.611464][    C0] RBP: 00003b37da74d418 R08: 0000000000000000 R09: 0000000000000000
[  123.611473][    C0] R10: 0000000000000000 R11: 0000000000000202 R12: 00003b37da739d30
[  123.611483][    C0] R13: 0000000000000001 R14: 00003b37da6aad20 R15: 0000000000000001
[  123.611499][    C0]  </TASK>
[  123.612704][    C0] Kernel Offset: disabled