[   91.964393][   T31] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.0.95' (ED25519) to the list of known hosts.
2026/06/11 13:08:00 parsed 1 programs
[  100.724382][ T5615] cgroup: Unknown subsys name 'net'
[  100.985120][ T5615] cgroup: Unknown subsys name 'cpuset'
[  101.059024][ T5615] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[  103.043213][ T5615] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  106.793371][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.793393][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.853250][ T3120] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.853273][ T3120] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.114271][ T5657] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.115513][ T5657] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.115642][ T5657] bridge_slave_0: entered allmulticast mode
[  109.117984][ T5657] bridge_slave_0: entered promiscuous mode
[  109.147517][ T5657] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.147634][ T5657] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.147792][ T5657] bridge_slave_1: entered allmulticast mode
[  109.174687][ T5657] bridge_slave_1: entered promiscuous mode
[  109.221660][ T5657] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  109.224953][ T5657] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  109.540953][ T5657] team0: Port device team_slave_0 added
[  109.543951][ T5657] team0: Port device team_slave_1 added
[  109.611875][ T5657] batman_adv: batadv0: Adding interface: batadv_slave_0
[  109.611893][ T5657] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  109.611920][ T5657] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  109.615245][ T5657] batman_adv: batadv0: Adding interface: batadv_slave_1
[  109.615257][ T5657] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  109.615276][ T5657] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  109.748604][ T5657] hsr_slave_0: entered promiscuous mode
[  109.750700][ T5657] hsr_slave_1: entered promiscuous mode
[  110.058939][ T5657] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  110.112670][ T5657] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  110.113925][ T5657] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  110.163753][ T5657] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  110.166760][ T5657] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  110.193918][ T5657] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  110.198525][ T5657] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  110.232747][ T5657] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  110.530228][ T5657] 8021q: adding VLAN 0 to HW filter on device bond0
[  110.567990][ T5657] 8021q: adding VLAN 0 to HW filter on device team0
[  110.586166][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.586429][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  110.623801][   T66] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.624034][   T66] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.222294][ T5657] 8021q: adding VLAN 0 to HW filter on device batadv0
[  111.292654][ T5657] veth0_vlan: entered promiscuous mode
[  111.313123][ T5657] veth1_vlan: entered promiscuous mode
[  111.366354][ T5657] veth0_macvtap: entered promiscuous mode
[  111.380675][ T5657] veth1_macvtap: entered promiscuous mode
[  111.421163][ T5657] batman_adv: batadv0: Interface activated: batadv_slave_0
[  111.438960][ T5657] batman_adv: batadv0: Interface activated: batadv_slave_1
[  111.465481][  T338] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.483966][  T338] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.487680][  T338] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.510363][  T338] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  112.242894][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.627685][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.253202][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.917279][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.818569][   T12] bridge_slave_1: left allmulticast mode
[  114.818763][   T12] bridge_slave_1: left promiscuous mode
[  114.823097][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.999442][   T12] bridge_slave_0: left allmulticast mode
[  114.999467][   T12] bridge_slave_0: left promiscuous mode
[  114.999635][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.869112][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  115.949604][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  115.990600][   T12] bond0 (unregistering): Released all slaves
[  116.022940][ T5264] 8021q: adding VLAN 0 to HW filter on device eth1
[  116.479773][   T12] hsr_slave_0: left promiscuous mode
[  116.525552][   T12] hsr_slave_1: left promiscuous mode
[  116.535253][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  116.535317][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  116.574967][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  116.574996][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  116.708373][   T12] veth1_macvtap: left promiscuous mode
[  116.708643][   T12] veth0_macvtap: left promiscuous mode
[  116.708914][   T12] veth1_vlan: left promiscuous mode
[  116.709191][   T12] veth0_vlan: left promiscuous mode
[  117.529561][   T12] team0 (unregistering): Port device team_slave_1 removed
[  117.588974][   T12] team0 (unregistering): Port device team_slave_0 removed
[  117.820659][ T5264] 8021q: adding VLAN 0 to HW filter on device eth2
[  118.092565][ T4918] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  118.126934][ T4918] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  118.127885][ T4918] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  118.163967][ T4918] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  118.164765][ T4918] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  118.750635][ T5264] 8021q: adding VLAN 0 to HW filter on device eth3
[  120.112401][ T5264] 8021q: adding VLAN 0 to HW filter on device eth4
2026/06/11 13:08:25 executed programs: 0
[  121.302045][ T4918] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  121.331389][ T4918] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  121.332744][ T4918] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  121.334020][ T4918] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  121.334722][ T4918] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  122.101796][ T5805] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.101953][ T5805] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.102423][ T5805] bridge_slave_0: entered allmulticast mode
[  122.104300][ T5805] bridge_slave_0: entered promiscuous mode
[  122.118726][ T5805] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.119325][ T5805] bridge0: port 2(bridge_slave_1) entered disabled state
[  122.119949][ T5805] bridge_slave_1: entered allmulticast mode
[  122.126682][ T5805] bridge_slave_1: entered promiscuous mode
[  122.197071][ T5805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  122.209835][ T5805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  122.251251][ T5805] team0: Port device team_slave_0 added
[  122.254776][ T5805] team0: Port device team_slave_1 added
[  122.297900][ T5805] batman_adv: batadv0: Adding interface: batadv_slave_0
[  122.297919][ T5805] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  122.297938][ T5805] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  122.305811][ T5805] batman_adv: batadv0: Adding interface: batadv_slave_1
[  122.305852][ T5805] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  122.305930][ T5805] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  122.710792][ T5805] hsr_slave_0: entered promiscuous mode
[  122.712054][ T5805] hsr_slave_1: entered promiscuous mode
[  123.390584][ T4918] Bluetooth: hci0: command tx timeout
[  125.144036][ T5805] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  125.193164][ T5805] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  125.195289][ T5805] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  125.227287][ T5805] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  125.338783][ T5805] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  125.384469][ T5805] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  125.385656][ T5805] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  125.436201][ T5805] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  125.468706][ T4918] Bluetooth: hci0: command tx timeout
[  125.586641][ T5805] 8021q: adding VLAN 0 to HW filter on device bond0
[  125.632277][ T5805] 8021q: adding VLAN 0 to HW filter on device team0
[  125.651993][  T338] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.652212][  T338] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.720072][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.720215][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  126.420699][ T5805] 8021q: adding VLAN 0 to HW filter on device batadv0
[  126.547191][ T5805] veth0_vlan: entered promiscuous mode
[  126.565864][ T5805] veth1_vlan: entered promiscuous mode
[  126.637264][ T5805] veth0_macvtap: entered promiscuous mode
[  126.663204][ T5805] veth1_macvtap: entered promiscuous mode
[  126.704147][ T5805] batman_adv: batadv0: Interface activated: batadv_slave_0
[  126.729340][ T5805] batman_adv: batadv0: Interface activated: batadv_slave_1
[  126.772594][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  126.775921][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  126.800397][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  126.807726][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  127.347864][ T1405] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.347886][ T1405] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  127.431093][ T1405] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.431114][ T1405] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/06/11 13:08:31 executed programs: 2
[  127.548288][ T4918] Bluetooth: hci0: command tx timeout
[  128.058183][ T5943] loop0: detected capacity change from 0 to 32768
[  129.076453][ T5961] loop0: detected capacity change from 0 to 32768
[  129.628277][ T4918] Bluetooth: hci0: command tx timeout
[  129.746137][ T5962] loop0: detected capacity change from 0 to 32768
[  130.371600][ T5964] loop0: detected capacity change from 0 to 32768
[  130.953392][ T5965] loop0: detected capacity change from 0 to 32768
[  131.531731][ T5967] loop0: detected capacity change from 0 to 32768
[  132.153959][ T5968] loop0: detected capacity change from 0 to 32768
[  132.783202][ T5969] loop0: detected capacity change from 0 to 32768
2026/06/11 13:08:36 executed programs: 10
[  132.911688][ T1337] ieee802154 phy0 wpan0: encryption failed: -22
[  132.911751][ T1337] ieee802154 phy1 wpan1: encryption failed: -22
[  133.365528][ T5973] loop0: detected capacity change from 0 to 32768
[  134.020198][ T5975] loop0: detected capacity change from 0 to 32768
[  134.616318][ T5976] loop0: detected capacity change from 0 to 32768
[  135.231894][ T5977] loop0: detected capacity change from 0 to 32768
[  135.774832][ T5978] loop0: detected capacity change from 0 to 32768
[  136.401370][ T5979] loop0: detected capacity change from 0 to 32768
[  137.042040][ T5980] loop0: detected capacity change from 0 to 32768
[  137.639150][ T5981] loop0: detected capacity change from 0 to 32768
[  138.249584][ T5982] loop0: detected capacity change from 0 to 32768
2026/06/11 13:08:42 executed programs: 19
[  138.842300][ T5983] loop0: detected capacity change from 0 to 32768
[  139.434729][ T5984] loop0: detected capacity change from 0 to 32768
[  140.026627][ T5985] loop0: detected capacity change from 0 to 32768
[  140.660671][ T5986] loop0: detected capacity change from 0 to 32768
[  141.246242][ T5987] loop0: detected capacity change from 0 to 32768
[  141.857239][ T5988] loop0: detected capacity change from 0 to 32768
[  142.450394][ T5989] loop0: detected capacity change from 0 to 32768
[  143.021648][ T5990] loop0: detected capacity change from 0 to 32768
[  143.625347][ T5991] loop0: detected capacity change from 0 to 32768
2026/06/11 13:08:47 executed programs: 28
[  144.212874][ T5992] loop0: detected capacity change from 0 to 32768
[  144.783665][ T5993] loop0: detected capacity change from 0 to 32768
[  145.378835][ T5994] loop0: detected capacity change from 0 to 32768
[  145.936688][ T5995] loop0: detected capacity change from 0 to 32768
[  146.525476][ T5996] loop0: detected capacity change from 0 to 32768
[  147.132195][ T5997] loop0: detected capacity change from 0 to 32768
[  147.764531][ T5998] loop0: detected capacity change from 0 to 32768
[  148.356740][ T5999] loop0: detected capacity change from 0 to 32768
[  148.966203][ T6000] loop0: detected capacity change from 0 to 32768
2026/06/11 13:08:52 executed programs: 37
[  149.558010][ T6001] loop0: detected capacity change from 0 to 32768
[  150.144389][ T6002] loop0: detected capacity change from 0 to 32768
[  150.735502][ T6003] loop0: detected capacity change from 0 to 32768
[  151.317361][ T6004] loop0: detected capacity change from 0 to 32768
[  151.925522][ T6005] loop0: detected capacity change from 0 to 32768
[  152.532531][ T6006] loop0: detected capacity change from 0 to 32768
[  153.101682][ T6007] loop0: detected capacity change from 0 to 32768
[  153.799466][ T6008] loop0: detected capacity change from 0 to 32768
[  154.433774][ T6009] loop0: detected capacity change from 0 to 32768
2026/06/11 13:08:58 executed programs: 46
[  155.001382][ T6010] loop0: detected capacity change from 0 to 32768
[  155.591442][ T6011] loop0: detected capacity change from 0 to 32768
[  156.181466][ T6012] loop0: detected capacity change from 0 to 32768
[  156.822158][ T6013] loop0: detected capacity change from 0 to 32768
[  157.421549][ T6014] loop0: detected capacity change from 0 to 32768
[  158.019854][ T6015] loop0: detected capacity change from 0 to 32768
[  158.612088][ T6016] loop0: detected capacity change from 0 to 32768
[  159.192539][ T6017] loop0: detected capacity change from 0 to 32768
[  159.802721][ T6018] loop0: detected capacity change from 0 to 32768
2026/06/11 13:09:03 executed programs: 55
[  159.876626][ T3120] =========================================================[  159.876626][ T3120] ==================================================================
[  159.876639][ T3120] BUG: KASAN: use-after-free in copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  159.876678][ T3120] Read of size 4096 at addr ffff8880421db000 by task kworker/u8:14/3120
[  159.876692][ T3120] 
[  159.876712][ T3120] CPU: 1 UID: 0 PID: 3120 Comm: kworker/u8:14 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  159.876729][ T3120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  159.876739][ T3120] Workqueue: loop0 loop_workfn
[  159.876773][ T3120] Call Trace:
[  159.876780][ T3120]  <TASK>
[  159.876786][ T3120]  dump_stack_lvl+0xe8/0x150
[  159.876805][ T3120]  print_address_description+0x55/0x1e0
[  159.876823][ T3120]  ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  159.876846][ T3120]  print_report+0x58/0x70
[  159.876861][ T3120]  kasan_report+0x117/0x150
[  159.876881][ T3120]  ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  159.876923][ T3120]  kasan_check_range+0x264/0x2c0
[  159.876953][ T3120]  ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  159.876979][ T3120]  __asan_memcpy+0x29/0x70
[  159.876994][ T3120]  copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  159.877028][ T3120]  ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[  159.877055][ T3120]  ? ktime_get_coarse_real_ts64_mg+0x59/0x1e0
[  159.877083][ T3120]  ? shmem_write_begin+0x1ce/0x320
[  159.877107][ T3120]  generic_perform_write+0x5b1/0x8b0
[  159.877132][ T3120]  ? __pfx_generic_perform_write+0x10/0x10
[  159.877156][ T3120]  ? file_update_time_flags+0x3b9/0x4b0
[  159.877176][ T3120]  shmem_file_write_iter+0xfb/0x120
[  159.877201][ T3120]  lo_rw_aio+0xc80/0xf00
[  159.877228][ T3120]  ? __pfx_lo_rw_aio+0x10/0x10
[  159.877250][ T3120]  ? kthread_associate_blkcg+0x490/0x600
[  159.877274][ T3120]  ? rt_spin_unlock+0x160/0x200
[  159.877296][ T3120]  loop_process_work+0x637/0x11b0
[  159.877323][ T3120]  ? __pfx_loop_process_work+0x10/0x10
[  159.877343][ T3120]  ? __lock_acquire+0x6b5/0x2cf0
[  159.877365][ T3120]  ? look_up_lock_class+0x57/0x110
[  159.877390][ T3120]  ? register_lock_class+0x31/0x2e0
[  159.877414][ T3120]  ? __lock_acquire+0x6b5/0x2cf0
[  159.877438][ T3120]  ? finish_task_switch+0x15f/0xbe0
[  159.877465][ T3120]  ? lock_acquire+0x106/0x350
[  159.877487][ T3120]  ? do_raw_spin_lock+0x12b/0x2f0
[  159.877505][ T3120]  ? lock_acquire+0x106/0x350
[  159.877528][ T3120]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  159.877548][ T3120]  ? process_scheduled_works+0xa70/0x1860
[  159.877568][ T3120]  ? process_scheduled_works+0xa70/0x1860
[  159.877587][ T3120]  ? process_scheduled_works+0xa70/0x1860
[  159.877603][ T3120]  ? process_scheduled_works+0xa70/0x1860
[  159.877620][ T3120]  process_scheduled_works+0xb5d/0x1860
[  159.877649][ T3120]  ? __pfx_process_scheduled_works+0x10/0x10
[  159.877669][ T3120]  ? assign_work+0x3d5/0x5e0
[  159.877687][ T3120]  worker_thread+0xa53/0xfc0
[  159.877715][ T3120]  kthread+0x388/0x470
[  159.877736][ T3120]  ? __pfx_worker_thread+0x10/0x10
[  159.877753][ T3120]  ? __pfx_kthread+0x10/0x10
[  159.877774][ T3120]  ret_from_fork+0x514/0xb70
[  159.877794][ T3120]  ? __pfx_ret_from_fork+0x10/0x10
[  159.877813][ T3120]  ? __switch_to+0xc79/0x1410
[  159.877842][ T3120]  ? __pfx_kthread+0x10/0x10
[  159.877866][ T3120]  ret_from_fork_asm+0x1a/0x30
[  159.877896][ T3120]  </TASK>
[  159.877902][ T3120] 
[  159.877906][ T3120] The buggy address belongs to the physical page:
[  159.877927][ T3120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x40 pfn:0x421db
[  159.877949][ T3120] flags: 0x80000000000000(node=0|zone=1)
[  159.877973][ T3120] raw: 0080000000000000 ffffea0001046e88 ffffea0001083f08 0000000000000000
[  159.877987][ T3120] raw: 0000000000000040 0000000000000000 00000000ffffffff 0000000000000000
[  159.877995][ T3120] page dumped because: kasan: bad access detected
[  159.878006][ T3120] page_owner tracks the page as freed
[  159.878012][ T3120] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xdc0(GFP_KERNEL|__GFP_ZERO), pid 6018, tgid 6018 (syz.0.69), ts 159807013453, free_ts 159875101490
[  159.878040][ T3120]  post_alloc_hook+0x22d/0x280
[  159.878060][ T3120]  get_page_from_freelist+0x28b2/0x2930
[  159.878083][ T3120]  __alloc_frozen_pages_noprof+0x18d/0x380
[  159.878103][ T3120]  alloc_pages_mpol+0xd1/0x380
[  159.878122][ T3120]  alloc_pages_noprof+0xd2/0x2f0
[  159.878141][ T3120]  lmLogInit+0x357/0x1a00
[  159.878163][ T3120]  lmLogOpen+0x4e1/0xfa0
[  159.878183][ T3120]  jfs_mount_rw+0xee/0x670
[  159.878203][ T3120]  jfs_fill_super+0x754/0xd80
[  159.878219][ T3120]  get_tree_bdev_flags+0x431/0x4f0
[  159.878237][ T3120]  vfs_get_tree+0x92/0x2a0
[  159.878254][ T3120]  do_new_mount+0x341/0xd30
[  159.878277][ T3120]  __se_sys_mount+0x31d/0x420
[  159.878300][ T3120]  do_syscall_64+0x174/0x580
[  159.878324][ T3120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.878340][ T3120] page last free pid 5805 tgid 5805 stack trace:
[  159.878351][ T3120]  __free_frozen_pages+0xfe5/0x10d0
[  159.878369][ T3120]  lmLogShutdown+0x44e/0x850
[  159.878395][ T3120]  lmLogClose+0x28a/0x520
[  159.878422][ T3120]  jfs_umount+0x2fb/0x3d0
[  159.878448][ T3120]  jfs_put_super+0x8c/0x190
[  159.878467][ T3120]  generic_shutdown_super+0x13d/0x2d0
[  159.878486][ T3120]  kill_block_super+0x44/0x90
[  159.878508][ T3120]  deactivate_locked_super+0xbc/0x130
[  159.878526][ T3120]  cleanup_mnt+0x437/0x4d0
[  159.878546][ T3120]  task_work_run+0x1d9/0x270
[  159.878572][ T3120]  exit_to_user_mode_loop+0x193/0x680
[  159.878595][ T3120]  do_syscall_64+0x353/0x580
[  159.878623][ T3120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.878643][ T3120] 
[  159.878648][ T3120] Memory state around the buggy address:
[  159.878660][ T3120]  ffff8880421daf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  159.878675][ T3120]  ffff8880421daf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  159.878688][ T3120] >ffff8880421db000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  159.878699][ T3120]                    ^
[  159.878709][ T3120]  ffff8880421db080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  159.878723][ T3120]  ffff8880421db100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  159.878733][ T3120] ==================================================================
[  159.882881][ T3120] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  159.882933][ T3120] CPU: 1 UID: 0 PID: 3120 Comm: kworker/u8:14 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  159.883016][ T3120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  159.883049][ T3120] Workqueue: loop0 loop_workfn
[  159.883139][ T3120] Call Trace:
[  159.883160][ T3120]  <TASK>
[  159.883181][ T3120]  vpanic+0x56c/0xa60
[  159.883267][ T3120]  ? __pfx_vpanic+0x10/0x10
[  159.883343][ T3120]  panic+0xc5/0xd0
[  159.883406][ T3120]  ? __pfx_panic+0x10/0x10
[  159.883490][ T3120]  ? preempt_schedule_thunk+0x16/0x30
[  159.883613][ T3120]  ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  159.883717][ T3120]  ? preempt_schedule_thunk+0x16/0x30
[  159.883801][ T3120]  ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  159.883872][ T3120]  check_panic_on_warn+0x89/0xb0
[  159.883918][ T3120]  ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  159.883958][ T3120]  end_report+0x73/0x170
[  159.884019][ T3120]  ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  159.884052][ T3120]  kasan_report+0x128/0x150
[  159.884079][ T3120]  ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  159.884149][ T3120]  kasan_check_range+0x264/0x2c0
[  159.884183][ T3120]  ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  159.884217][ T3120]  __asan_memcpy+0x29/0x70
[  159.884246][ T3120]  copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  159.884322][ T3120]  ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[  159.884371][ T3120]  ? ktime_get_coarse_real_ts64_mg+0x59/0x1e0
[  159.884458][ T3120]  ? shmem_write_begin+0x1ce/0x320
[  159.884532][ T3120]  generic_perform_write+0x5b1/0x8b0
[  159.884617][ T3120]  ? __pfx_generic_perform_write+0x10/0x10
[  159.884693][ T3120]  ? file_update_time_flags+0x3b9/0x4b0
[  159.884767][ T3120]  shmem_file_write_iter+0xfb/0x120
[  159.884865][ T3120]  lo_rw_aio+0xc80/0xf00
[  159.884982][ T3120]  ? __pfx_lo_rw_aio+0x10/0x10
[  159.885057][ T3120]  ? kthread_associate_blkcg+0x490/0x600
[  159.885132][ T3120]  ? rt_spin_unlock+0x160/0x200
[  159.885206][ T3120]  loop_process_work+0x637/0x11b0
[  159.885298][ T3120]  ? __pfx_loop_process_work+0x10/0x10
[  159.885361][ T3120]  ? __lock_acquire+0x6b5/0x2cf0
[  159.885435][ T3120]  ? look_up_lock_class+0x57/0x110
[  159.885517][ T3120]  ? register_lock_class+0x31/0x2e0
[  159.885592][ T3120]  ? __lock_acquire+0x6b5/0x2cf0
[  159.885652][ T3120]  ? finish_task_switch+0x15f/0xbe0
[  159.885684][ T3120]  ? lock_acquire+0x106/0x350
[  159.885714][ T3120]  ? do_raw_spin_lock+0x12b/0x2f0
[  159.885760][ T3120]  ? lock_acquire+0x106/0x350
[  159.885809][ T3120]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  159.885835][ T3120]  ? process_scheduled_works+0xa70/0x1860
[  159.885886][ T3120]  ? process_scheduled_works+0xa70/0x1860
[  159.885967][ T3120]  ? process_scheduled_works+0xa70/0x1860
[  159.886028][ T3120]  ? process_scheduled_works+0xa70/0x1860
[  159.886083][ T3120]  process_scheduled_works+0xb5d/0x1860
[  159.886182][ T3120]  ? __pfx_process_scheduled_works+0x10/0x10
[  159.886273][ T3120]  ? assign_work+0x3d5/0x5e0
[  159.886355][ T3120]  worker_thread+0xa53/0xfc0
[  159.886444][ T3120]  kthread+0x388/0x470
[  159.886510][ T3120]  ? __pfx_worker_thread+0x10/0x10
[  159.886572][ T3120]  ? __pfx_kthread+0x10/0x10
[  159.886639][ T3120]  ret_from_fork+0x514/0xb70
[  159.886704][ T3120]  ? __pfx_ret_from_fork+0x10/0x10
[  159.886766][ T3120]  ? __switch_to+0xc79/0x1410
[  159.886851][ T3120]  ? __pfx_kthread+0x10/0x10
[  159.886920][ T3120]  ret_from_fork_asm+0x1a/0x30
[  159.887037][ T3120]  </TASK>
[  159.887648][ T3120] Kernel Offset: disabled