no interfaces have a carrier
[ 36.081528][ T5261] 8021q: adding VLAN 0 to HW filter on device bond0
[ 36.084895][ T5261] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting crond: OK
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.0.152' (ED25519) to the list of known hosts.
2026/06/15 19:30:23 parsed 1 programs
syzkaller login: [ 65.186357][ T5608] cgroup: Unknown subsys name 'net'
[ 65.428261][ T5608] cgroup: Unknown subsys name 'cpuset'
[ 65.485621][ T5608] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 66.916404][ T5608] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 69.365625][ T5629] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 69.365892][ T5629] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 69.366123][ T5629] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 69.366828][ T5629] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 69.367280][ T5629] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 70.460140][ T5648] bridge0: port 1(bridge_slave_0) entered blocking state
[ 70.460230][ T5648] bridge0: port 1(bridge_slave_0) entered disabled state
[ 70.460299][ T5648] bridge_slave_0: entered allmulticast mode
[ 70.460990][ T5648] bridge_slave_0: entered promiscuous mode
[ 70.462333][ T5648] bridge0: port 2(bridge_slave_1) entered blocking state
[ 70.462405][ T5648] bridge0: port 2(bridge_slave_1) entered disabled state
[ 70.462463][ T5648] bridge_slave_1: entered allmulticast mode
[ 70.463182][ T5648] bridge_slave_1: entered promiscuous mode
[ 70.482621][ T5648] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 70.484899][ T5648] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 70.503728][ T5648] team0: Port device team_slave_0 added
[ 70.505852][ T5648] team0: Port device team_slave_1 added
[ 70.523830][ T5648] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 70.523845][ T5648] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 70.523869][ T5648] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 70.525258][ T5648] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 70.525270][ T5648] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 70.525302][ T5648] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 70.556141][ T5648] hsr_slave_0: entered promiscuous mode
[ 70.556935][ T5648] hsr_slave_1: entered promiscuous mode
[ 70.667264][ T5648] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 70.697403][ T5648] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 70.698068][ T5648] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 70.736842][ T5648] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 70.737517][ T5648] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 70.776678][ T5648] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 70.777247][ T5648] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 70.816765][ T5648] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 70.907787][ T5648] bridge0: port 2(bridge_slave_1) entered blocking state
[ 70.907931][ T5648] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 70.908135][ T5648] bridge0: port 1(bridge_slave_0) entered blocking state
[ 70.908230][ T5648] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 70.947224][ T5648] 8021q: adding VLAN 0 to HW filter on device bond0
[ 70.975441][ T42] bridge0: port 1(bridge_slave_0) entered disabled state
[ 71.015376][ T42] bridge0: port 2(bridge_slave_1) entered disabled state
[ 71.376663][ T5648] 8021q: adding VLAN 0 to HW filter on device team0
[ 71.416555][ T42] bridge0: port 1(bridge_slave_0) entered blocking state
[ 71.416651][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 71.420200][ T56] bridge0: port 2(bridge_slave_1) entered blocking state
[ 71.420276][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 71.596318][ T1337] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.596371][ T1337] ieee802154 phy1 wpan1: encryption failed: -22
[ 71.659641][ T5648] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 71.684883][ T5648] veth0_vlan: entered promiscuous mode
[ 71.693247][ T5648] veth1_vlan: entered promiscuous mode
[ 71.712422][ T5648] veth0_macvtap: entered promiscuous mode
[ 71.715346][ T5648] veth1_macvtap: entered promiscuous mode
[ 71.724563][ T5648] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 71.730468][ T5648] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 71.737837][ T1178] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 71.738917][ T1178] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 71.739230][ T1178] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 71.739382][ T1178] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 72.013508][ T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 72.013530][ T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 72.185894][ T3235] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 72.228249][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 72.228278][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 72.455956][ T3235] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 72.735989][ T3235] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 73.516292][ T3235] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2026/06/15 19:30:35 executed programs: 0
[ 74.823905][ T5629] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 74.824350][ T5629] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 74.824591][ T5629] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 74.825828][ T5629] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 74.827664][ T5629] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 75.205194][ T3235] bridge_slave_1: left allmulticast mode
[ 75.205214][ T3235] bridge_slave_1: left promiscuous mode
[ 75.205382][ T3235] bridge0: port 2(bridge_slave_1) entered disabled state
[ 75.345442][ T3235] bridge_slave_0: left allmulticast mode
[ 75.345463][ T3235] bridge_slave_0: left promiscuous mode
[ 75.345567][ T3235] bridge0: port 1(bridge_slave_0) entered disabled state
[ 76.135463][ T3235] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 76.195523][ T3235] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 76.216066][ T3235] bond0 (unregistering): Released all slaves
[ 76.257375][ T5261] 8021q: adding VLAN 0 to HW filter on device eth1
[ 76.585110][ T3235] hsr_slave_0: left promiscuous mode
[ 76.625220][ T3235] hsr_slave_1: left promiscuous mode
[ 76.625674][ T3235] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 76.625688][ T3235] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 76.665501][ T3235] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 76.665525][ T3235] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 76.717137][ T10] cfg80211: failed to load regulatory.db
[ 76.726425][ T3235] veth1_macvtap: left promiscuous mode
[ 76.726486][ T3235] veth0_macvtap: left promiscuous mode
[ 76.726603][ T3235] veth1_vlan: left promiscuous mode
[ 76.726684][ T3235] veth0_vlan: left promiscuous mode
[ 76.875118][ T59] Bluetooth: hci0: command tx timeout
[ 77.225462][ T3235] team0 (unregistering): Port device team_slave_1 removed
[ 77.265406][ T3235] team0 (unregistering): Port device team_slave_0 removed
[ 77.357700][ T5261] 8021q: adding VLAN 0 to HW filter on device eth3
[ 77.605787][ T5736] bridge0: port 1(bridge_slave_0) entered blocking state
[ 77.605921][ T5736] bridge0: port 1(bridge_slave_0) entered disabled state
[ 77.606041][ T5736] bridge_slave_0: entered allmulticast mode
[ 77.607477][ T5736] bridge_slave_0: entered promiscuous mode
[ 77.609738][ T5736] bridge0: port 2(bridge_slave_1) entered blocking state
[ 77.609858][ T5736] bridge0: port 2(bridge_slave_1) entered disabled state
[ 77.609976][ T5736] bridge_slave_1: entered allmulticast mode
[ 77.611486][ T5736] bridge_slave_1: entered promiscuous mode
[ 77.637363][ T5736] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 77.639889][ T5736] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 77.659847][ T5736] team0: Port device team_slave_0 added
[ 77.662090][ T5736] team0: Port device team_slave_1 added
[ 77.711945][ T5736] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 77.711963][ T5736] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 77.711988][ T5736] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 77.713299][ T5736] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 77.713311][ T5736] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 77.713335][ T5736] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 77.834207][ T5736] hsr_slave_0: entered promiscuous mode
[ 77.840974][ T5736] hsr_slave_1: entered promiscuous mode
[ 77.843609][ T5261] 8021q: adding VLAN 0 to HW filter on device eth4
[ 78.173278][ T5261] 8021q: adding VLAN 0 to HW filter on device eth2
[ 78.955108][ T59] Bluetooth: hci0: command tx timeout
[ 79.715517][ T5736] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 79.758167][ T5736] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 79.759109][ T5736] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 79.798266][ T5736] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 79.799441][ T5736] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 79.847585][ T5736] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 79.848482][ T5736] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 79.887882][ T5736] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 79.959633][ T5736] 8021q: adding VLAN 0 to HW filter on device bond0
[ 79.971535][ T5736] 8021q: adding VLAN 0 to HW filter on device team0
[ 79.976812][ T1042] bridge0: port 1(bridge_slave_0) entered blocking state
[ 79.976886][ T1042] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 79.983115][ T1042] bridge0: port 2(bridge_slave_1) entered blocking state
[ 79.983266][ T1042] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 80.284234][ T5736] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 80.309719][ T5736] veth0_vlan: entered promiscuous mode
[ 80.313383][ T5736] veth1_vlan: entered promiscuous mode
[ 80.340681][ T5736] veth0_macvtap: entered promiscuous mode
[ 80.342924][ T5736] veth1_macvtap: entered promiscuous mode
[ 80.361244][ T5736] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 80.367574][ T5736] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 80.373300][ T1146] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.373500][ T1146] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.373545][ T1146] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.373574][ T1146] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2026/06/15 19:30:41 executed programs: 2
[ 80.502970][ T1042] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.502993][ T1042] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 80.524843][ T152] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.524865][ T152] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 80.715979][ T5912] loop0: detected capacity change from 0 to 32768
[ 80.716788][ T5912] =======================================================
[ 80.716788][ T5912] WARNING: The mand mount option has been deprecated and
[ 80.716788][ T5912] and is ignored by this kernel. Remove the mand
[ 80.716788][ T5912] option from the mount to silence this warning.
[ 80.716788][ T5912] =======================================================
[ 80.991065][ T5913] loop0: detected capacity change from 0 to 32768
[ 81.035254][ T59] Bluetooth: hci0: command tx timeout
[ 81.245656][ T5914] loop0: detected capacity change from 0 to 32768
[ 81.481232][ T5915] loop0: detected capacity change from 0 to 32768
[ 81.732505][ T5916] loop0: detected capacity change from 0 to 32768
[ 81.987203][ T5917] loop0: detected capacity change from 0 to 32768
[ 82.227961][ T5918] loop0: detected capacity change from 0 to 32768
[ 82.503701][ T5919] loop0: detected capacity change from 0 to 32768
[ 82.765226][ T5920] loop0: detected capacity change from 0 to 32768
[ 83.069777][ T5921] loop0: detected capacity change from 0 to 32768
[ 83.115121][ T59] Bluetooth: hci0: command tx timeout
2026/06/15 19:30:46 executed programs: 22
[ 85.772114][ T5932] set_capacity_and_notify: 10 callbacks suppressed
[ 85.772128][ T5932] loop0: detected capacity change from 0 to 32768
[ 86.024568][ T5933] loop0: detected capacity change from 0 to 32768
[ 86.255780][ T5934] loop0: detected capacity change from 0 to 32768
[ 86.490768][ T5935] loop0: detected capacity change from 0 to 32768
[ 86.730102][ T5936] loop0: detected capacity change from 0 to 32768
[ 86.770003][ T3235] ==================================================================
[ 86.770019][ T3235] BUG: KASAN: use-after-free in copy_folio_from_iter_atomic+0xbbf/0x1a30
[ 86.770055][ T3235] Read of size 4096 at addr ffff88801d31f000 by task kworker/u8:10/3235
[ 86.770073][ T3235]
[ 86.770085][ T3235] CPU: 0 UID: 0 PID: 3235 Comm: kworker/u8:10 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 86.770109][ T3235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 86.770122][ T3235] Workqueue: loop0 loop_workfn
[ 86.770146][ T3235] Call Trace:
[ 86.770153][ T3235]
[ 86.770161][ T3235] dump_stack_lvl+0xe8/0x150
[ 86.770185][ T3235] print_address_description+0x55/0x1e0
[ 86.770207][ T3235] ? copy_folio_from_iter_atomic+0xbbf/0x1a30
[ 86.770235][ T3235] print_report+0x58/0x70
[ 86.770255][ T3235] kasan_report+0x117/0x150
[ 86.770279][ T3235] ? copy_folio_from_iter_atomic+0xbbf/0x1a30
[ 86.770312][ T3235] kasan_check_range+0x264/0x2c0
[ 86.770336][ T3235] ? copy_folio_from_iter_atomic+0xbbf/0x1a30
[ 86.770364][ T3235] __asan_memcpy+0x29/0x70
[ 86.770391][ T3235] copy_folio_from_iter_atomic+0xbbf/0x1a30
[ 86.770428][ T3235] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[ 86.770457][ T3235] ? rcu_is_watching+0x15/0xb0
[ 86.770485][ T3235] ? shmem_write_begin+0x1ce/0x320
[ 86.770511][ T3235] generic_perform_write+0x5a8/0x8b0
[ 86.770540][ T3235] ? __pfx_generic_perform_write+0x10/0x10
[ 86.770563][ T3235] ? __mark_inode_dirty+0x4e7/0x13b0
[ 86.770586][ T3235] ? preempt_count_add+0x91/0x190
[ 86.770613][ T3235] ? mnt_put_write_access_file+0xbf/0x100
[ 86.770637][ T3235] ? file_update_time_flags+0x406/0x4b0
[ 86.770661][ T3235] shmem_file_write_iter+0xfb/0x120
[ 86.770689][ T3235] lo_rw_aio+0xdcf/0x1080
[ 86.770722][ T3235] ? trace_irq_enable+0x3b/0x140
[ 86.770748][ T3235] ? __pfx_lo_rw_aio+0x10/0x10
[ 86.770769][ T3235] ? kthread_associate_blkcg+0x30f/0x600
[ 86.770793][ T3235] ? kthread_associate_blkcg+0x490/0x600
[ 86.770813][ T3235] ? rt_spin_unlock+0x160/0x200
[ 86.770836][ T3235] loop_process_work+0x638/0x11d0
[ 86.770866][ T3235] ? __pfx_loop_process_work+0x10/0x10
[ 86.770895][ T3235] ? kvm_sched_clock_read+0x11/0x20
[ 86.770919][ T3235] ? sched_clock+0x3f/0x60
[ 86.770951][ T3235] ? do_raw_spin_lock+0x12b/0x2f0
[ 86.770969][ T3235] ? debug_object_deactivate+0x6d/0x3b0
[ 86.770995][ T3235] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 86.771018][ T3235] ? rcu_is_watching+0x15/0xb0
[ 86.771044][ T3235] ? process_scheduled_works+0xa20/0x14e0
[ 86.771068][ T3235] ? rcu_is_watching+0x15/0xb0
[ 86.771093][ T3235] ? lock_acquire+0x5f/0x350
[ 86.771115][ T3235] ? rcu_is_watching+0x15/0xb0
[ 86.771140][ T3235] ? process_scheduled_works+0xa20/0x14e0
[ 86.771164][ T3235] process_scheduled_works+0xa8e/0x14e0
[ 86.771200][ T3235] ? __pfx_process_scheduled_works+0x10/0x10
[ 86.771224][ T3235] ? do_raw_spin_lock+0x12b/0x2f0
[ 86.771243][ T3235] ? assign_work+0x3cf/0x5d0
[ 86.771269][ T3235] worker_thread+0xa47/0xfb0
[ 86.771300][ T3235] ? __kthread_parkme+0x71/0x1f0
[ 86.771330][ T3235] kthread+0x388/0x470
[ 86.771350][ T3235] ? __pfx_worker_thread+0x10/0x10
[ 86.771375][ T3235] ? __pfx_kthread+0x10/0x10
[ 86.771395][ T3235] ret_from_fork+0x514/0xb70
[ 86.771417][ T3235] ? __pfx_ret_from_fork+0x10/0x10
[ 86.771436][ T3235] ? __switch_to+0xc89/0x1420
[ 86.771466][ T3235] ? __pfx_kthread+0x10/0x10
[ 86.771485][ T3235] ret_from_fork_asm+0x1a/0x30
[ 86.771513][ T3235]
[ 86.771521][ T3235]
[ 86.771525][ T3235] The buggy address belongs to the physical page:
[ 86.771534][ T3235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xf00 pfn:0x1d31f
[ 86.771553][ T3235] flags: 0x80000000000000(node=0|zone=1)
[ 86.771575][ T3235] raw: 0080000000000000 ffffea0000d0e7c8 ffffea000117ef08 0000000000000000
[ 86.771591][ T3235] raw: 0000000000000f00 0000000000000000 00000000ffffffff 0000000000000000
[ 86.771601][ T3235] page dumped because: kasan: bad access detected
[ 86.771610][ T3235] page_owner tracks the page as freed
[ 86.771617][ T3235] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xdc0(GFP_KERNEL|__GFP_ZERO), pid 5936, tgid 5936 (syz.0.41), ts 86733732081, free_ts 86768715392
[ 86.771648][ T3235] post_alloc_hook+0x22d/0x280
[ 86.771668][ T3235] get_page_from_freelist+0x2877/0x28f0
[ 86.771691][ T3235] __alloc_frozen_pages_noprof+0x18d/0x380
[ 86.771721][ T3235] alloc_pages_mpol+0xce/0x280
[ 86.771742][ T3235] alloc_pages_noprof+0xd2/0x2f0
[ 86.771762][ T3235] lmLogInit+0x357/0x1a20
[ 86.771785][ T3235] lmLogOpen+0x4e3/0xf90
[ 86.771810][ T3235] jfs_mount_rw+0xf3/0x670
[ 86.771833][ T3235] jfs_fill_super+0x769/0xda0
[ 86.771852][ T3235] get_tree_bdev_flags+0x430/0x4f0
[ 86.771871][ T3235] vfs_get_tree+0x92/0x2a0
[ 86.771889][ T3235] do_new_mount+0x319/0xdc0
[ 86.771912][ T3235] __se_sys_mount+0x31d/0x420
[ 86.771938][ T3235] do_syscall_64+0x174/0x580
[ 86.771961][ T3235] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.771979][ T3235] page last free pid 5736 tgid 5736 stack trace:
[ 86.771991][ T3235] __free_frozen_pages+0x1019/0x1100
[ 86.772011][ T3235] lmLogShutdown+0x44e/0x850
[ 86.772036][ T3235] lmLogClose+0x28c/0x530
[ 86.772060][ T3235] jfs_umount+0x2da/0x3b0
[ 86.772084][ T3235] jfs_put_super+0x8c/0x190
[ 86.772104][ T3235] generic_shutdown_super+0x13d/0x2d0
[ 86.772131][ T3235] kill_block_super+0x44/0x90
[ 86.772149][ T3235] deactivate_locked_super+0xbc/0x130
[ 86.772175][ T3235] cleanup_mnt+0x3d3/0x460
[ 86.772192][ T3235] task_work_run+0x1d9/0x270
[ 86.772209][ T3235] exit_to_user_mode_loop+0x1fa/0x730
[ 86.772229][ T3235] do_syscall_64+0x353/0x580
[ 86.772252][ T3235] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.772271][ T3235]
[ 86.772275][ T3235] Memory state around the buggy address:
[ 86.772286][ T3235] ffff88801d31ef00: fc fc fc fc fa fb fb fb fb fb fb fb fb fb fb fb
[ 86.772299][ T3235] ffff88801d31ef80: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 86.772312][ T3235] >ffff88801d31f000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 86.772322][ T3235] ^
[ 86.772332][ T3235] ffff88801d31f080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 86.772345][ T3235] ffff88801d31f100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 86.772355][ T3235] ==================================================================
[ 86.772386][ T3235] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 86.772401][ T3235] CPU: 0 UID: 0 PID: 3235 Comm: kworker/u8:10 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 86.772424][ T3235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 86.772437][ T3235] Workqueue: loop0 loop_workfn
[ 86.772460][ T3235] Call Trace:
[ 86.772467][ T3235]
[ 86.772475][ T3235] vpanic+0x56c/0xa60
[ 86.772500][ T3235] ? rcu_is_watching+0x15/0xb0
[ 86.772525][ T3235] ? __pfx_vpanic+0x10/0x10
[ 86.772548][ T3235] ? rcu_is_watching+0x15/0xb0
[ 86.772576][ T3235] panic+0xc5/0xd0
[ 86.772597][ T3235] ? __pfx_panic+0x10/0x10
[ 86.772620][ T3235] ? preempt_schedule_thunk+0x16/0x40
[ 86.772649][ T3235] ? copy_folio_from_iter_atomic+0xbbf/0x1a30
[ 86.772678][ T3235] ? preempt_schedule_thunk+0x16/0x40
[ 86.772715][ T3235] ? copy_folio_from_iter_atomic+0xbbf/0x1a30
[ 86.772743][ T3235] check_panic_on_warn+0x89/0xb0
[ 86.772765][ T3235] ? copy_folio_from_iter_atomic+0xbbf/0x1a30
[ 86.772792][ T3235] end_report+0x73/0x170
[ 86.772815][ T3235] ? copy_folio_from_iter_atomic+0xbbf/0x1a30
[ 86.772841][ T3235] kasan_report+0x128/0x150
[ 86.772862][ T3235] ? copy_folio_from_iter_atomic+0xbbf/0x1a30
[ 86.772895][ T3235] kasan_check_range+0x264/0x2c0
[ 86.772917][ T3235] ? copy_folio_from_iter_atomic+0xbbf/0x1a30
[ 86.772945][ T3235] __asan_memcpy+0x29/0x70
[ 86.772974][ T3235] copy_folio_from_iter_atomic+0xbbf/0x1a30
[ 86.773010][ T3235] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[ 86.773040][ T3235] ? rcu_is_watching+0x15/0xb0
[ 86.773067][ T3235] ? shmem_write_begin+0x1ce/0x320
[ 86.773091][ T3235] generic_perform_write+0x5a8/0x8b0
[ 86.773118][ T3235] ? __pfx_generic_perform_write+0x10/0x10
[ 86.773141][ T3235] ? __mark_inode_dirty+0x4e7/0x13b0
[ 86.773164][ T3235] ? preempt_count_add+0x91/0x190
[ 86.773190][ T3235] ? mnt_put_write_access_file+0xbf/0x100
[ 86.773212][ T3235] ? file_update_time_flags+0x406/0x4b0
[ 86.773235][ T3235] shmem_file_write_iter+0xfb/0x120
[ 86.773263][ T3235] lo_rw_aio+0xdcf/0x1080
[ 86.773286][ T3235] ? trace_irq_enable+0x3b/0x140
[ 86.773308][ T3235] ? __pfx_lo_rw_aio+0x10/0x10
[ 86.773328][ T3235] ? kthread_associate_blkcg+0x30f/0x600
[ 86.773351][ T3235] ? kthread_associate_blkcg+0x490/0x600
[ 86.773371][ T3235] ? rt_spin_unlock+0x160/0x200
[ 86.773392][ T3235] loop_process_work+0x638/0x11d0
[ 86.773421][ T3235] ? __pfx_loop_process_work+0x10/0x10
[ 86.773448][ T3235] ? kvm_sched_clock_read+0x11/0x20
[ 86.773471][ T3235] ? sched_clock+0x3f/0x60
[ 86.773502][ T3235] ? do_raw_spin_lock+0x12b/0x2f0
[ 86.773520][ T3235] ? debug_object_deactivate+0x6d/0x3b0
[ 86.773544][ T3235] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 86.773563][ T3235] ? rcu_is_watching+0x15/0xb0
[ 86.773587][ T3235] ? process_scheduled_works+0xa20/0x14e0
[ 86.773612][ T3235] ? rcu_is_watching+0x15/0xb0
[ 86.773638][ T3235] ? lock_acquire+0x5f/0x350
[ 86.773660][ T3235] ? rcu_is_watching+0x15/0xb0
[ 86.773686][ T3235] ? process_scheduled_works+0xa20/0x14e0
[ 86.773720][ T3235] process_scheduled_works+0xa8e/0x14e0
[ 86.773752][ T3235] ? __pfx_process_scheduled_works+0x10/0x10
[ 86.773774][ T3235] ? do_raw_spin_lock+0x12b/0x2f0
[ 86.773794][ T3235] ? assign_work+0x3cf/0x5d0
[ 86.773819][ T3235] worker_thread+0xa47/0xfb0
[ 86.773849][ T3235] ? __kthread_parkme+0x71/0x1f0
[ 86.773878][ T3235] kthread+0x388/0x470
[ 86.773897][ T3235] ? __pfx_worker_thread+0x10/0x10
[ 86.773920][ T3235] ? __pfx_kthread+0x10/0x10
[ 86.773939][ T3235] ret_from_fork+0x514/0xb70
[ 86.773961][ T3235] ? __pfx_ret_from_fork+0x10/0x10
[ 86.773979][ T3235] ? __switch_to+0xc89/0x1420
[ 86.774007][ T3235] ? __pfx_kthread+0x10/0x10
[ 86.774026][ T3235] ret_from_fork_asm+0x1a/0x30
[ 86.774056][ T3235]
[ 86.774204][ T3235] Kernel Offset: disabled