Warning: Permanently added '10.128.1.38' (ED25519) to the list of known hosts.
2026/06/02 19:28:08 parsed 1 programs
[ 81.213083][ T5620] cgroup: Unknown subsys name 'net'
[ 81.457353][ T5620] cgroup: Unknown subsys name 'cpuset'
[ 81.509931][ T5620] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 83.307622][ T5620] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 86.637345][ T822] cfg80211: failed to load regulatory.db
[ 87.632256][ T5646] bridge0: port 1(bridge_slave_0) entered blocking state
[ 87.633794][ T5646] bridge0: port 1(bridge_slave_0) entered disabled state
[ 87.634000][ T5646] bridge_slave_0: entered allmulticast mode
[ 87.635877][ T5646] bridge_slave_0: entered promiscuous mode
[ 87.646759][ T5646] bridge0: port 2(bridge_slave_1) entered blocking state
[ 87.647142][ T5646] bridge0: port 2(bridge_slave_1) entered disabled state
[ 87.647388][ T5646] bridge_slave_1: entered allmulticast mode
[ 87.664371][ T5646] bridge_slave_1: entered promiscuous mode
[ 87.729478][ T5646] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 87.773635][ T5646] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 87.915416][ T5646] team0: Port device team_slave_0 added
[ 87.918440][ T5646] team0: Port device team_slave_1 added
[ 87.956949][ T5646] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 87.956961][ T5646] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 87.956976][ T5646] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 87.961569][ T5646] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 87.961592][ T5646] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 87.961615][ T5646] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 88.050552][ T5646] hsr_slave_0: entered promiscuous mode
[ 88.051900][ T5646] hsr_slave_1: entered promiscuous mode
[ 88.392858][ T5646] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 88.435528][ T5646] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 88.437132][ T5646] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 88.466905][ T5646] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 88.480140][ T5646] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 88.523818][ T5646] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 88.525505][ T5646] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 88.563242][ T5646] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 88.721997][ T5646] 8021q: adding VLAN 0 to HW filter on device bond0
[ 88.864956][ T5646] 8021q: adding VLAN 0 to HW filter on device team0
[ 88.888370][ T4110] bridge0: port 1(bridge_slave_0) entered blocking state
[ 88.888661][ T4110] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 88.916690][ T150] bridge0: port 2(bridge_slave_1) entered blocking state
[ 88.916780][ T150] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 89.367139][ T5646] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 89.448384][ T5646] veth0_vlan: entered promiscuous mode
[ 89.466285][ T5646] veth1_vlan: entered promiscuous mode
[ 89.535598][ T5646] veth0_macvtap: entered promiscuous mode
[ 89.545822][ T5646] veth1_macvtap: entered promiscuous mode
[ 89.575381][ T5646] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 89.601985][ T5646] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 89.627752][ T3561] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.635035][ T3561] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.635901][ T3561] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.637503][ T3561] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 90.486163][ T3561] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 91.172304][ T3561] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 92.044347][ T3561] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 92.425851][ T3561] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 93.105549][ T61] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 93.127480][ T61] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 93.128522][ T61] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 93.132421][ T61] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 93.133078][ T61] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 93.250070][ T3561] bridge_slave_1: left allmulticast mode
[ 93.250252][ T3561] bridge_slave_1: left promiscuous mode
[ 93.257050][ T3561] bridge0: port 2(bridge_slave_1) entered disabled state
[ 93.431326][ T3561] bridge_slave_0: left allmulticast mode
[ 93.431359][ T3561] bridge_slave_0: left promiscuous mode
[ 93.431613][ T3561] bridge0: port 1(bridge_slave_0) entered disabled state
[ 94.391943][ T3561] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 94.494460][ T3561] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 94.535197][ T3561] bond0 (unregistering): Released all slaves
[ 94.601340][ T5272] 8021q: adding VLAN 0 to HW filter on device eth1
[ 95.120750][ T3561] hsr_slave_0: left promiscuous mode
[ 95.159330][ T3561] hsr_slave_1: left promiscuous mode
[ 95.163339][ T3561] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 95.163401][ T3561] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 95.194013][ T4926] Bluetooth: hci0: command tx timeout
[ 95.208653][ T3561] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 95.208672][ T3561] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 95.281529][ T3561] veth1_macvtap: left promiscuous mode
[ 95.282484][ T3561] veth0_macvtap: left promiscuous mode
[ 95.282707][ T3561] veth1_vlan: left promiscuous mode
[ 95.282931][ T3561] veth0_vlan: left promiscuous mode
[ 95.969914][ T3561] team0 (unregistering): Port device team_slave_1 removed
[ 96.010110][ T3561] team0 (unregistering): Port device team_slave_0 removed
[ 96.182876][ T5272] 8021q: adding VLAN 0 to HW filter on device eth2
[ 96.495066][ T2389] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 96.495090][ T2389] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 96.618195][ T1198] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 96.618215][ T1198] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 96.999000][ T5272] 8021q: adding VLAN 0 to HW filter on device eth3
[ 97.667897][ T5272] 8021q: adding VLAN 0 to HW filter on device eth4
2026/06/02 19:28:29 executed programs: 0
[ 99.503072][ T61] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 99.552336][ T61] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 99.555894][ T61] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 99.557135][ T61] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 99.557801][ T61] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 100.165480][ T5813] bridge0: port 1(bridge_slave_0) entered blocking state
[ 100.165709][ T5813] bridge0: port 1(bridge_slave_0) entered disabled state
[ 100.165848][ T5813] bridge_slave_0: entered allmulticast mode
[ 100.167665][ T5813] bridge_slave_0: entered promiscuous mode
[ 100.181558][ T5813] bridge0: port 2(bridge_slave_1) entered blocking state
[ 100.181955][ T5813] bridge0: port 2(bridge_slave_1) entered disabled state
[ 100.182204][ T5813] bridge_slave_1: entered allmulticast mode
[ 100.195800][ T5813] bridge_slave_1: entered promiscuous mode
[ 100.252569][ T5813] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 100.257130][ T5813] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 100.306168][ T5813] team0: Port device team_slave_0 added
[ 100.309047][ T5813] team0: Port device team_slave_1 added
[ 100.357564][ T5813] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 100.357575][ T5813] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 100.357589][ T5813] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 100.379878][ T5813] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 100.379891][ T5813] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 100.379912][ T5813] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 100.465677][ T5813] hsr_slave_0: entered promiscuous mode
[ 100.466919][ T5813] hsr_slave_1: entered promiscuous mode
[ 101.672534][ T4926] Bluetooth: hci0: command tx timeout
[ 103.100942][ T5813] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 103.156733][ T5813] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 103.158537][ T5813] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 103.186472][ T5813] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 103.187687][ T5813] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 103.224434][ T5813] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 103.225649][ T5813] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 103.277375][ T5813] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 103.505933][ T5813] 8021q: adding VLAN 0 to HW filter on device bond0
[ 103.556225][ T5813] 8021q: adding VLAN 0 to HW filter on device team0
[ 103.572018][ T2389] bridge0: port 1(bridge_slave_0) entered blocking state
[ 103.572255][ T2389] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 103.606793][ T57] bridge0: port 2(bridge_slave_1) entered blocking state
[ 103.607009][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 103.749916][ T4926] Bluetooth: hci0: command tx timeout
[ 104.665947][ T5813] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 104.812468][ T5813] veth0_vlan: entered promiscuous mode
[ 104.838647][ T5813] veth1_vlan: entered promiscuous mode
[ 104.945486][ T5813] veth0_macvtap: entered promiscuous mode
[ 104.970690][ T5813] veth1_macvtap: entered promiscuous mode
[ 105.017132][ T5813] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 105.054491][ T5813] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 105.089693][ T2389] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.089741][ T2389] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.089776][ T2389] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.089809][ T2389] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.552038][ T150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.552055][ T150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.830077][ T4926] Bluetooth: hci0: command tx timeout
[ 105.986105][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.986125][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/06/02 19:28:36 executed programs: 2
[ 106.386764][ T5965] loop0: detected capacity change from 0 to 32768
[ 106.530422][ T5965] Duplicate index:1 in stbl in dtroot
[ 106.530422][ T5965]
[ 106.530443][ T5965] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 106.530443][ T5965]
[ 106.530661][ T5965] ERROR: (device loop0): remounting filesystem as read-only
[ 106.955694][ T5966] loop0: detected capacity change from 0 to 32768
[ 106.994228][ T5966] Duplicate index:1 in stbl in dtroot
[ 106.994228][ T5966]
[ 106.994243][ T5966] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 106.994243][ T5966]
[ 106.994523][ T5966] ERROR: (device loop0): remounting filesystem as read-only
[ 107.392147][ T5967] loop0: detected capacity change from 0 to 32768
[ 107.466258][ T5967] Duplicate index:1 in stbl in dtroot
[ 107.466258][ T5967]
[ 107.466276][ T5967] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 107.466276][ T5967]
[ 107.466561][ T5967] ERROR: (device loop0): remounting filesystem as read-only
[ 107.863059][ T5968] loop0: detected capacity change from 0 to 32768
[ 107.888627][ T5968] Duplicate index:1 in stbl in dtroot
[ 107.888627][ T5968]
[ 107.888643][ T5968] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 107.888643][ T5968]
[ 107.889001][ T5968] ERROR: (device loop0): remounting filesystem as read-only
[ 107.921594][ T4926] Bluetooth: hci0: command tx timeout
[ 108.246369][ T5969] loop0: detected capacity change from 0 to 32768
[ 108.266316][ T5969] Duplicate index:1 in stbl in dtroot
[ 108.266316][ T5969]
[ 108.266333][ T5969] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 108.266333][ T5969]
[ 108.266537][ T5969] ERROR: (device loop0): remounting filesystem as read-only
[ 108.615948][ T5970] loop0: detected capacity change from 0 to 32768
[ 108.624391][ T5970] Duplicate index:1 in stbl in dtroot
[ 108.624391][ T5970]
[ 108.624407][ T5970] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 108.624407][ T5970]
[ 108.624673][ T5970] ERROR: (device loop0): remounting filesystem as read-only
[ 108.991818][ T5971] loop0: detected capacity change from 0 to 32768
[ 109.005112][ T5971] Duplicate index:1 in stbl in dtroot
[ 109.005112][ T5971]
[ 109.005128][ T5971] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 109.005128][ T5971]
[ 109.005399][ T5971] ERROR: (device loop0): remounting filesystem as read-only
[ 109.309944][ T5972] loop0: detected capacity change from 0 to 32768
[ 109.332007][ T5972] Duplicate index:1 in stbl in dtroot
[ 109.332007][ T5972]
[ 109.332024][ T5972] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 109.332024][ T5972]
[ 109.332277][ T5972] ERROR: (device loop0): remounting filesystem as read-only
[ 109.672575][ T5973] loop0: detected capacity change from 0 to 32768
[ 109.682418][ T5973] Duplicate index:1 in stbl in dtroot
[ 109.682418][ T5973]
[ 109.682433][ T5973] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 109.682433][ T5973]
[ 109.682667][ T5973] ERROR: (device loop0): remounting filesystem as read-only
[ 110.009638][ T5974] loop0: detected capacity change from 0 to 32768
[ 110.032693][ T5974] Duplicate index:1 in stbl in dtroot
[ 110.032693][ T5974]
[ 110.032708][ T5974] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 110.032708][ T5974]
[ 110.032978][ T5974] ERROR: (device loop0): remounting filesystem as read-only
[ 110.519924][ T5975] Duplicate index:1 in stbl in dtroot
[ 110.519924][ T5975]
[ 110.519939][ T5975] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 110.519939][ T5975]
[ 110.522391][ T5975] ERROR: (device loop0): remounting filesystem as read-only
[ 110.893339][ T5976] Duplicate index:1 in stbl in dtroot
[ 110.893339][ T5976]
[ 110.893379][ T5976] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 110.893379][ T5976]
[ 110.893681][ T5976] ERROR: (device loop0): remounting filesystem as read-only
[ 111.215765][ T5977] Duplicate index:1 in stbl in dtroot
[ 111.215765][ T5977]
[ 111.215795][ T5977] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 111.215795][ T5977]
[ 111.216069][ T5977] ERROR: (device loop0): remounting filesystem as read-only
2026/06/02 19:28:41 executed programs: 15
[ 111.523305][ T5978] set_capacity_and_notify: 3 callbacks suppressed
[ 111.523321][ T5978] loop0: detected capacity change from 0 to 32768
[ 111.558261][ T5978] Duplicate index:1 in stbl in dtroot
[ 111.558261][ T5978]
[ 111.558279][ T5978] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 111.558279][ T5978]
[ 111.560041][ T5978] ERROR: (device loop0): remounting filesystem as read-only
[ 111.903497][ T5979] loop0: detected capacity change from 0 to 32768
[ 111.924750][ T5979] Duplicate index:1 in stbl in dtroot
[ 111.924750][ T5979]
[ 111.924766][ T5979] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 111.924766][ T5979]
[ 111.924993][ T5979] ERROR: (device loop0): remounting filesystem as read-only
[ 112.271194][ T5980] loop0: detected capacity change from 0 to 32768
[ 112.285360][ T5980] Duplicate index:1 in stbl in dtroot
[ 112.285360][ T5980]
[ 112.285378][ T5980] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 112.285378][ T5980]
[ 112.285644][ T5980] ERROR: (device loop0): remounting filesystem as read-only
[ 112.584856][ T5981] loop0: detected capacity change from 0 to 32768
[ 112.606874][ T5981] Duplicate index:1 in stbl in dtroot
[ 112.606874][ T5981]
[ 112.606889][ T5981] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 112.606889][ T5981]
[ 112.607155][ T5981] ERROR: (device loop0): remounting filesystem as read-only
[ 112.915092][ T5982] loop0: detected capacity change from 0 to 32768
[ 112.937785][ T5982] Duplicate index:1 in stbl in dtroot
[ 112.937785][ T5982]
[ 112.937801][ T5982] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 112.937801][ T5982]
[ 112.938671][ T5982] ERROR: (device loop0): remounting filesystem as read-only
[ 113.235125][ T5983] loop0: detected capacity change from 0 to 32768
[ 113.258079][ T5983] Duplicate index:1 in stbl in dtroot
[ 113.258079][ T5983]
[ 113.258095][ T5983] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 113.258095][ T5983]
[ 113.258275][ T5983] ERROR: (device loop0): remounting filesystem as read-only
[ 113.308491][ C1] =========================================================[ 113.308491][ C1] ==================================================================
[ 113.308507][ C1] BUG: KASAN: slab-use-after-free in lbmIODone+0x1312/0x16c0
[ 113.308543][ C1] Read of size 4 at addr ffff8880290f3608 by task ksoftirqd/1/31
[ 113.308559][ C1]
[ 113.308583][ C1] CPU: 1 UID: 0 PID: 31 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 113.308604][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 113.308622][ C1] Call Trace:
[ 113.308632][ C1]
[ 113.308640][ C1] dump_stack_lvl+0xe8/0x150
[ 113.308666][ C1] print_address_description+0x55/0x1e0
[ 113.308691][ C1] ? lbmIODone+0x1312/0x16c0
[ 113.308718][ C1] print_report+0x58/0x70
[ 113.308739][ C1] kasan_report+0x117/0x150
[ 113.308766][ C1] ? lbmIODone+0x1312/0x16c0
[ 113.308796][ C1] lbmIODone+0x1312/0x16c0
[ 113.308831][ C1] ? blkg_put+0x22/0x240
[ 113.308855][ C1] ? blkg_put+0x22/0x240
[ 113.308878][ C1] ? blkg_put+0x18d/0x240
[ 113.308901][ C1] ? bio_endio+0x989/0x9d0
[ 113.308928][ C1] blk_update_request+0x57e/0xe60
[ 113.308961][ C1] blk_mq_end_request+0x3e/0x70
[ 113.308988][ C1] blk_done_softirq+0x10a/0x160
[ 113.309015][ C1] handle_softirqs+0x1de/0x6d0
[ 113.309037][ C1] ? smpboot_thread_fn+0x4d/0xa50
[ 113.309056][ C1] run_ksoftirqd+0x52/0x180
[ 113.309077][ C1] smpboot_thread_fn+0x541/0xa50
[ 113.309097][ C1] ? smpboot_thread_fn+0x4d/0xa50
[ 113.309121][ C1] kthread+0x388/0x470
[ 113.309140][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10
[ 113.309164][ C1] ? __pfx_kthread+0x10/0x10
[ 113.309184][ C1] ret_from_fork+0x514/0xb70
[ 113.309207][ C1] ? __pfx_ret_from_fork+0x10/0x10
[ 113.309229][ C1] ? __switch_to+0xc79/0x1410
[ 113.309248][ C1] ? __pfx_kthread+0x10/0x10
[ 113.309270][ C1] ret_from_fork_asm+0x1a/0x30
[ 113.309302][ C1]
[ 113.309308][ C1]
[ 113.309313][ C1] Allocated by task 5983:
[ 113.309321][ C1] kasan_save_track+0x3e/0x80
[ 113.309343][ C1] __kasan_kmalloc+0x93/0xb0
[ 113.309364][ C1] __kmalloc_cache_noprof+0x3a6/0x690
[ 113.309388][ C1] lmLogInit+0x3e5/0x1a00
[ 113.309411][ C1] lmLogOpen+0x4e1/0xfa0
[ 113.309434][ C1] jfs_mount_rw+0xee/0x670
[ 113.309458][ C1] jfs_fill_super+0x75a/0xd70
[ 113.309476][ C1] get_tree_bdev_flags+0x431/0x4f0
[ 113.309491][ C1] vfs_get_tree+0x92/0x2a0
[ 113.309505][ C1] do_new_mount+0x341/0xd30
[ 113.309526][ C1] __se_sys_mount+0x31d/0x420
[ 113.309545][ C1] do_syscall_64+0x174/0x580
[ 113.309562][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 113.309579][ C1]
[ 113.309583][ C1] Freed by task 5983:
[ 113.309591][ C1] kasan_save_track+0x3e/0x80
[ 113.309611][ C1] kasan_save_free_info+0x46/0x50
[ 113.309625][ C1] __kasan_slab_free+0x5c/0x80
[ 113.309643][ C1] kfree+0x1c5/0x6c0
[ 113.309660][ C1] lmLogShutdown+0x456/0x850
[ 113.309683][ C1] lmLogClose+0x28a/0x520
[ 113.309707][ C1] jfs_umount+0x2fb/0x3d0
[ 113.309729][ C1] jfs_fill_super+0x9cd/0xd70
[ 113.309747][ C1] get_tree_bdev_flags+0x431/0x4f0
[ 113.309761][ C1] vfs_get_tree+0x92/0x2a0
[ 113.309776][ C1] do_new_mount+0x341/0xd30
[ 113.309795][ C1] __se_sys_mount+0x31d/0x420
[ 113.309823][ C1] do_syscall_64+0x174/0x580
[ 113.309839][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 113.309856][ C1]
[ 113.309860][ C1] The buggy address belongs to the object at ffff8880290f3600
[ 113.309860][ C1] which belongs to the cache kmalloc-256 of size 256
[ 113.309875][ C1] The buggy address is located 8 bytes inside of
[ 113.309875][ C1] freed 256-byte region [ffff8880290f3600, ffff8880290f3700)
[ 113.309894][ C1]
[ 113.309898][ C1] The buggy address belongs to the physical page:
[ 113.309915][ C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x290f2
[ 113.309932][ C1] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 113.309947][ C1] flags: 0x80000000000040(head|node=0|zone=1)
[ 113.309965][ C1] page_type: f5(slab)
[ 113.309982][ C1] raw: 0080000000000040 ffff88813fe21b40 dead000000000100 dead000000000122
[ 113.309998][ C1] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[ 113.310014][ C1] head: 0080000000000040 ffff88813fe21b40 dead000000000100 dead000000000122
[ 113.310030][ C1] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[ 113.310046][ C1] head: 0080000000000001 ffffffffffffff81 00000000ffffffff 00000000ffffffff
[ 113.310061][ C1] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000002
[ 113.310070][ C1] page dumped because: kasan: bad access detected
[ 113.310081][ C1] page_owner tracks the page as allocated
[ 113.310088][ C1] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd2000(__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 10387620136, free_ts 0
[ 113.310117][ C1] post_alloc_hook+0x1f9/0x250
[ 113.310139][ C1] get_page_from_freelist+0x265c/0x26e0
[ 113.310164][ C1] __alloc_frozen_pages_noprof+0x18d/0x380
[ 113.310189][ C1] allocate_slab+0x74/0x5e0
[ 113.310204][ C1] refill_objects+0x33c/0x3d0
[ 113.310219][ C1] __pcs_replace_empty_main+0x373/0x720
[ 113.310236][ C1] __kmalloc_noprof+0x530/0x7b0
[ 113.310258][ C1] usb_hcd_submit_urb+0x798/0x1b10
[ 113.310280][ C1] usb_start_wait_urb+0x13f/0x5b0
[ 113.310297][ C1] usb_control_msg+0x234/0x3e0
[ 113.310312][ C1] usb_get_string+0xa1/0x3c0
[ 113.310330][ C1] usb_string_sub+0x76/0x420
[ 113.310346][ C1] usb_string+0x1d1/0x7d0
[ 113.310362][ C1] usb_cache_string+0x7d/0xf0
[ 113.310378][ C1] usb_new_device+0x289/0x16e0
[ 113.310392][ C1] register_root_hub+0x270/0x5f0
[ 113.310416][ C1] page_owner free stack trace missing
[ 113.310422][ C1]
[ 113.310426][ C1] Memory state around the buggy address:
[ 113.310435][ C1] ffff8880290f3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 113.310447][ C1] ffff8880290f3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 113.310459][ C1] >ffff8880290f3600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 113.310467][ C1] ^
[ 113.310476][ C1] ffff8880290f3680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 113.310488][ C1] ffff8880290f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 113.310497][ C1] ==================================================================
[ 113.316036][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 113.316067][ C1] CPU: 1 UID: 0 PID: 31 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 113.316088][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 113.316100][ C1] Call Trace:
[ 113.316107][ C1]
[ 113.316115][ C1] vpanic+0x56c/0xa60
[ 113.316147][ C1] ? __pfx_vpanic+0x10/0x10
[ 113.316172][ C1] ? __pfx___schedule+0x10/0x10
[ 113.316202][ C1] panic+0xc5/0xd0
[ 113.316225][ C1] ? __pfx_panic+0x10/0x10
[ 113.316250][ C1] ? preempt_schedule_thunk+0x16/0x40
[ 113.316274][ C1] ? lbmIODone+0x1312/0x16c0
[ 113.316301][ C1] check_panic_on_warn+0x89/0xb0
[ 113.316325][ C1] ? lbmIODone+0x1312/0x16c0
[ 113.316351][ C1] end_report+0x73/0x170
[ 113.316377][ C1] ? lbmIODone+0x1312/0x16c0
[ 113.316402][ C1] kasan_report+0x128/0x150
[ 113.316428][ C1] ? lbmIODone+0x1312/0x16c0
[ 113.316457][ C1] lbmIODone+0x1312/0x16c0
[ 113.316484][ C1] ? blkg_put+0x22/0x240
[ 113.316506][ C1] ? blkg_put+0x22/0x240
[ 113.316529][ C1] ? blkg_put+0x18d/0x240
[ 113.316551][ C1] ? bio_endio+0x989/0x9d0
[ 113.316577][ C1] blk_update_request+0x57e/0xe60
[ 113.316610][ C1] blk_mq_end_request+0x3e/0x70
[ 113.316637][ C1] blk_done_softirq+0x10a/0x160
[ 113.316664][ C1] handle_softirqs+0x1de/0x6d0
[ 113.316685][ C1] ? smpboot_thread_fn+0x4d/0xa50
[ 113.316704][ C1] run_ksoftirqd+0x52/0x180
[ 113.316725][ C1] smpboot_thread_fn+0x541/0xa50
[ 113.316745][ C1] ? smpboot_thread_fn+0x4d/0xa50
[ 113.316767][ C1] kthread+0x388/0x470
[ 113.316788][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10
[ 113.316807][ C1] ? __pfx_kthread+0x10/0x10
[ 113.316839][ C1] ret_from_fork+0x514/0xb70
[ 113.316863][ C1] ? __pfx_ret_from_fork+0x10/0x10
[ 113.316886][ C1] ? __switch_to+0xc79/0x1410
[ 113.316906][ C1] ? __pfx_kthread+0x10/0x10
[ 113.316928][ C1] ret_from_fork_asm+0x1a/0x30
[ 113.316960][ C1]
[ 113.317108][ C1] Kernel Offset: disabled