Warning: Permanently added '10.128.1.105' (ED25519) to the list of known hosts.
2026/04/12 10:11:02 parsed 1 programs
[   90.262078][ T5820] cgroup: Unknown subsys name 'net'
[   90.331666][ T5820] cgroup: Unknown subsys name 'cpuset'
[   90.341745][ T5820] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   91.918098][ T5820] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   92.290717][   T30] cfg80211: failed to load regulatory.db
[   94.662089][ T5837] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   94.670910][ T5837] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   94.678944][ T5837] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   94.687709][ T5837] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   94.695642][ T5837] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   94.855060][ T5835] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   95.612721][   T90] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.620994][   T90] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.658089][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.666555][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.828330][ T5887] chnl_net:caif_netlink_parms(): no params data found
[   97.965286][ T5887] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.975404][ T5887] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.983427][ T5887] bridge_slave_0: entered allmulticast mode
[   97.991869][ T5887] bridge_slave_0: entered promiscuous mode
[   98.002545][ T5887] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.010046][ T5887] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.017531][ T5887] bridge_slave_1: entered allmulticast mode
[   98.024992][ T5887] bridge_slave_1: entered promiscuous mode
[   98.062185][ T5887] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   98.074214][ T5887] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   98.108527][ T5887] team0: Port device team_slave_0 added
[   98.117356][ T5887] team0: Port device team_slave_1 added
[   98.147780][ T5887] batman_adv: batadv0: Adding interface: batadv_slave_0
[   98.154762][ T5887] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   98.181152][ T5887] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   98.194551][ T5887] batman_adv: batadv0: Adding interface: batadv_slave_1
[   98.201565][ T5887] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   98.227844][ T5887] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   98.278172][ T5887] hsr_slave_0: entered promiscuous mode
[   98.285323][ T5887] hsr_slave_1: entered promiscuous mode
[   98.462504][ T5887] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   98.475793][ T5887] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   98.486540][ T5887] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   98.497682][ T5887] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   98.534309][ T5887] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.541650][ T5887] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.549425][ T5887] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.556562][ T5887] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.615630][ T5887] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.634807][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.644568][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.659431][ T5887] 8021q: adding VLAN 0 to HW filter on device team0
[   98.672965][   T90] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.680116][   T90] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.693818][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.700955][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.923465][ T5887] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.972358][ T5887] veth0_vlan: entered promiscuous mode
[   98.984393][ T5887] veth1_vlan: entered promiscuous mode
[   99.017094][ T5887] veth0_macvtap: entered promiscuous mode
[   99.026999][ T5887] veth1_macvtap: entered promiscuous mode
[   99.045616][ T5887] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.062441][ T5887] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.079297][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.089809][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.101495][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.111056][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.253523][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.347739][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.453361][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.532199][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2026/04/12 10:11:16 executed programs: 0
[  100.755292][ T5837] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  100.768813][ T5837] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  100.777769][ T5837] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  100.787670][ T5837] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  100.795598][ T5837] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  100.999361][ T5929] chnl_net:caif_netlink_parms(): no params data found
[  101.117897][ T5929] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.128711][ T5929] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.136994][ T5929] bridge_slave_0: entered allmulticast mode
[  101.145709][ T5929] bridge_slave_0: entered promiscuous mode
[  101.158559][ T5929] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.165915][ T5929] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.173404][ T5929] bridge_slave_1: entered allmulticast mode
[  101.181447][ T5929] bridge_slave_1: entered promiscuous mode
[  101.223035][ T5929] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  101.236514][ T5929] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  101.292740][ T5929] team0: Port device team_slave_0 added
[  101.303813][ T5929] team0: Port device team_slave_1 added
[  101.348734][ T5929] batman_adv: batadv0: Adding interface: batadv_slave_0
[  101.355930][ T5929] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  101.382214][ T5929] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  101.395339][ T5929] batman_adv: batadv0: Adding interface: batadv_slave_1
[  101.402523][ T5929] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  101.430032][ T5929] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  101.503547][ T5929] hsr_slave_0: entered promiscuous mode
[  101.510493][ T5929] hsr_slave_1: entered promiscuous mode
[  101.517982][ T5929] debugfs: 'hsr0' already exists in 'hsr'
[  101.524063][ T5929] Cannot create hsr debugfs directory
[  102.147285][   T12] bridge_slave_1: left allmulticast mode
[  102.153115][   T12] bridge_slave_1: left promiscuous mode
[  102.160981][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.172351][   T12] bridge_slave_0: left allmulticast mode
[  102.178849][   T12] bridge_slave_0: left promiscuous mode
[  102.184741][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.368757][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  102.380566][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  102.391151][   T12] bond0 (unregistering): Released all slaves
[  102.545436][   T12] hsr_slave_0: left promiscuous mode
[  102.552924][   T12] hsr_slave_1: left promiscuous mode
[  102.560365][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  102.568896][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  102.578632][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  102.586075][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  102.608951][   T12] veth1_macvtap: left promiscuous mode
[  102.614736][   T12] veth0_macvtap: left promiscuous mode
[  102.621347][   T12] veth1_vlan: left promiscuous mode
[  102.626817][   T12] veth0_vlan: left promiscuous mode
[  102.858372][ T5137] Bluetooth: hci0: command tx timeout
[  102.954885][   T12] team0 (unregistering): Port device team_slave_1 removed
[  102.990537][   T12] team0 (unregistering): Port device team_slave_0 removed
[  103.580179][ T5929] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  103.592399][ T5929] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  103.604763][ T5929] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  103.622153][ T5929] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  104.021602][ T5929] 8021q: adding VLAN 0 to HW filter on device bond0
[  104.103866][ T5929] 8021q: adding VLAN 0 to HW filter on device team0
[  104.148784][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.156023][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  104.214957][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.222178][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  104.621994][ T5929] 8021q: adding VLAN 0 to HW filter on device batadv0
[  104.686505][ T5929] veth0_vlan: entered promiscuous mode
[  104.702153][ T5929] veth1_vlan: entered promiscuous mode
[  104.737974][ T5929] veth0_macvtap: entered promiscuous mode
[  104.749934][ T5929] veth1_macvtap: entered promiscuous mode
[  104.773284][ T5929] batman_adv: batadv0: Interface activated: batadv_slave_0
[  104.789966][ T5929] batman_adv: batadv0: Interface activated: batadv_slave_1
[  104.807965][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  104.826290][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  104.840283][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  104.859961][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  104.926887][ T5137] Bluetooth: hci0: command tx timeout
[  104.953398][  T138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.969875][  T138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.008736][  T138] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.019265][  T138] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.392367][ T5997] loop0: detected capacity change from 0 to 32768
[  105.428340][ T5997] 
[  105.428340][ T5997]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  105.428340][ T5997] 
[  105.470271][   T35] 
[  105.470271][   T35]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  105.470271][   T35] 
[  105.483062][   T35] 
[  105.483062][   T35]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  105.483062][   T35] 
[  105.502340][ T5929] 
[  105.502340][ T5929]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  105.502340][ T5929] 
[  105.523329][  T110] 
[  105.523329][  T110]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  105.523329][  T110] 
[  105.547206][ T5929] 
[  105.547206][ T5929]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  105.547206][ T5929] 
[  105.907176][ T6005] loop0: detected capacity change from 0 to 32768
[  105.924974][ T6005] 
[  105.924974][ T6005]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  105.924974][ T6005] 
[  105.947961][   T35] 
[  105.947961][   T35]  ... Log Wrap ... Log Wrap ... Log Wrap ...
2026/04/12 10:11:22 executed programs: 4
[  105.947961][   T35] 
[  105.959716][   T35] 
[  105.959716][   T35]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  105.959716][   T35] 
[  105.978421][ T5929] 
[  105.978421][ T5929]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  105.978421][ T5929] 
[  105.998671][  T111] 
[  105.998671][  T111]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  105.998671][  T111] 
[  106.017016][ T5929] 
[  106.017016][ T5929]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  106.017016][ T5929] 
[  106.333283][ T6006] loop0: detected capacity change from 0 to 32768
[  106.351453][ T6006] 
[  106.351453][ T6006]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  106.351453][ T6006] 
[  106.384668][  T138] 
[  106.384668][  T138]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  106.384668][  T138] 
[  106.396419][  T138] 
[  106.396419][  T138]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  106.396419][  T138] 
[  106.408927][ T5929] 
[  106.408927][ T5929]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  106.408927][ T5929] 
[  106.422730][ T5929] 
[  106.422730][ T5929]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  106.422730][ T5929] 
[  106.434311][  T110] 
[  106.434311][  T110]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  106.434311][  T110] 
[  106.466212][  T110] ==================================================================
[  106.474460][  T110] BUG: KASAN: slab-use-after-free in txEnd+0x32d/0x530
[  106.481335][  T110] Write of size 8 at addr ffff8880310bd040 by task jfsCommit/110
[  106.489071][  T110] 
[  106.491435][  T110] CPU: 1 UID: 0 PID: 110 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  106.491464][  T110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  106.491479][  T110] Call Trace:
[  106.491488][  T110]  <TASK>
[  106.491497][  T110]  dump_stack_lvl+0xe8/0x150
[  106.491541][  T110]  print_report+0xba/0x230
[  106.491573][  T110]  ? txEnd+0x32d/0x530
[  106.491605][  T110]  kasan_report+0x117/0x150
[  106.491644][  T110]  ? txEnd+0x32d/0x530
[  106.491678][  T110]  kasan_check_range+0x264/0x2c0
[  106.491713][  T110]  txEnd+0x32d/0x530
[  106.491745][  T110]  jfs_lazycommit+0x5b8/0xaa0
[  106.491782][  T110]  ? __pfx_jfs_lazycommit+0x10/0x10
[  106.491814][  T110]  ? __pfx_default_wake_function+0x10/0x10
[  106.491850][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  106.491911][  T110]  ? __kthread_parkme+0x7a/0x1f0
[  106.491950][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  106.491984][  T110]  kthread+0x388/0x470
[  106.492009][  T110]  ? __pfx_jfs_lazycommit+0x10/0x10
[  106.492042][  T110]  ? __pfx_kthread+0x10/0x10
[  106.492066][  T110]  ret_from_fork+0x51e/0xb90
[  106.492105][  T110]  ? __pfx_ret_from_fork+0x10/0x10
[  106.492136][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  106.492165][  T110]  ? __switch_to+0xc7d/0x1450
[  106.492195][  T110]  ? __pfx_kthread+0x10/0x10
[  106.492218][  T110]  ret_from_fork_asm+0x1a/0x30
[  106.492312][  T110]  </TASK>
[  106.492321][  T110] 
[  106.629249][  T110] Allocated by task 6006:
[  106.633662][  T110]  kasan_save_track+0x3e/0x80
[  106.638348][  T110]  __kasan_kmalloc+0x93/0xb0
[  106.642960][  T110]  __kmalloc_cache_noprof+0x31c/0x660
[  106.648337][  T110]  lmLogOpen+0x2d1/0xfa0
[  106.652585][  T110]  jfs_mount_rw+0xee/0x670
[  106.657013][  T110]  jfs_fill_super+0x754/0xd80
[  106.661704][  T110]  get_tree_bdev_flags+0x431/0x4f0
[  106.666823][  T110]  vfs_get_tree+0x92/0x2a0
[  106.671269][  T110]  do_new_mount+0x341/0xd30
[  106.675777][  T110]  __se_sys_mount+0x31d/0x420
[  106.680457][  T110]  do_syscall_64+0x14d/0xf80
[  106.685050][  T110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.690931][  T110] 
[  106.693350][  T110] Freed by task 5929:
[  106.697755][  T110]  kasan_save_track+0x3e/0x80
[  106.702429][  T110]  kasan_save_free_info+0x46/0x50
[  106.707549][  T110]  __kasan_slab_free+0x5c/0x80
[  106.712341][  T110]  kfree+0x1c1/0x630
[  106.716256][  T110]  lmLogClose+0x297/0x520
[  106.720583][  T110]  jfs_umount+0x2ef/0x3c0
[  106.724910][  T110]  jfs_put_super+0x8c/0x190
[  106.729421][  T110]  generic_shutdown_super+0x13d/0x2d0
[  106.734792][  T110]  kill_block_super+0x44/0x90
[  106.739462][  T110]  deactivate_locked_super+0xbc/0x130
[  106.744828][  T110]  cleanup_mnt+0x437/0x4d0
[  106.749289][  T110]  task_work_run+0x1d9/0x270
[  106.753911][  T110]  exit_to_user_mode_loop+0xed/0x480
[  106.759205][  T110]  do_syscall_64+0x32d/0xf80
[  106.763802][  T110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.769694][  T110] 
[  106.772004][  T110] The buggy address belongs to the object at ffff8880310bd000
[  106.772004][  T110]  which belongs to the cache kmalloc-1k of size 1024
[  106.786185][  T110] The buggy address is located 64 bytes inside of
[  106.786185][  T110]  freed 1024-byte region [ffff8880310bd000, ffff8880310bd400)
[  106.800084][  T110] 
[  106.802403][  T110] The buggy address belongs to the physical page:
[  106.808818][  T110] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x310b8
[  106.817661][  T110] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  106.826148][  T110] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  106.833770][  T110] page_type: f5(slab)
[  106.837750][  T110] raw: 00fff00000000040 ffff88813fea6dc0 dead000000000100 dead000000000122
[  106.846765][  T110] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  106.855793][  T110] head: 00fff00000000040 ffff88813fea6dc0 dead000000000100 dead000000000122
[  106.864903][  T110] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  106.873598][  T110] head: 00fff00000000003 ffffea0000c42e01 00000000ffffffff 00000000ffffffff
[  106.882260][  T110] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  106.890993][  T110] page dumped because: kasan: bad access detected
[  106.897400][  T110] page_owner tracks the page as allocated
[  106.903093][  T110] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 15, tgid 15 (ksoftirqd/0), ts 105936469635, free_ts 103898489405
[  106.923589][  T110]  post_alloc_hook+0x231/0x280
[  106.928372][  T110]  get_page_from_freelist+0x24dc/0x2580
[  106.933948][  T110]  __alloc_frozen_pages_noprof+0x18d/0x380
[  106.939755][  T110]  allocate_slab+0x77/0x660
[  106.944309][  T110]  refill_objects+0x331/0x3c0
[  106.949021][  T110]  __pcs_replace_empty_main+0x2e6/0x730
[  106.954668][  T110]  __kmalloc_noprof+0x474/0x760
[  106.959611][  T110]  ieee802_11_parse_elems_full+0x159/0x2ab0
[  106.965590][  T110]  ieee80211_inform_bss+0x161/0x1160
[  106.971087][  T110]  cfg80211_inform_single_bss_data+0xd08/0x1b70
[  106.977342][  T110]  cfg80211_inform_bss_data+0x266/0x3c40
[  106.983033][  T110]  cfg80211_inform_bss_frame_data+0x3c7/0x760
[  106.989108][  T110]  ieee80211_bss_info_update+0x794/0xa40
[  106.994753][  T110]  ieee80211_scan_rx+0x552/0xa40
[  106.999697][  T110]  ieee80211_rx_list+0x29e5/0x3710
[  107.004806][  T110]  ieee80211_rx_napi+0x1b1/0x3e0
[  107.009747][  T110] page last free pid 5481 tgid 5481 stack trace:
[  107.016079][  T110]  __free_frozen_pages+0xc2b/0xdb0
[  107.021191][  T110]  __slab_free+0x263/0x2b0
[  107.025689][  T110]  qlist_free_all+0x97/0x100
[  107.030291][  T110]  kasan_quarantine_reduce+0x148/0x160
[  107.035748][  T110]  __kasan_kmalloc+0x22/0xb0
[  107.040334][  T110]  __kmalloc_node_track_caller_noprof+0x4db/0x7b0
[  107.046752][  T110]  __alloc_skb+0x2c1/0x7d0
[  107.051164][  T110]  alloc_skb_with_frags+0xca/0x890
[  107.056272][  T110]  sock_alloc_send_pskb+0x878/0x990
[  107.061471][  T110]  unix_dgram_sendmsg+0x460/0x18e0
[  107.066572][  T110]  __sys_sendto+0x672/0x710
[  107.071081][  T110]  __x64_sys_sendto+0xde/0x100
[  107.075849][  T110]  do_syscall_64+0x14d/0xf80
[  107.080447][  T110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.086334][  T110] 
[  107.088727][  T110] Memory state around the buggy address:
[  107.094341][  T110]  ffff8880310bcf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  107.102421][  T110]  ffff8880310bcf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  107.110471][  T110] >ffff8880310bd000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  107.118515][  T110]                                            ^
[  107.124858][  T110]  ffff8880310bd080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  107.132905][  T110]  ffff8880310bd100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  107.140948][  T110] ==================================================================
[  107.161017][ T5137] Bluetooth: hci0: command tx timeout
[  107.296670][  T110] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  107.303945][  T110] CPU: 0 UID: 0 PID: 110 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  107.313076][  T110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  107.323244][  T110] Call Trace:
[  107.326534][  T110]  <TASK>
[  107.329469][  T110]  vpanic+0x56c/0xa60
[  107.333490][  T110]  ? __pfx_vpanic+0x10/0x10
[  107.338025][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.343692][  T110]  ? __pfx___schedule+0x10/0x10
[  107.348580][  T110]  panic+0xc5/0xd0
[  107.352337][  T110]  ? __pfx_panic+0x10/0x10
[  107.356785][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.362446][  T110]  ? preempt_schedule_common+0x82/0xd0
[  107.367936][  T110]  ? txEnd+0x32d/0x530
[  107.372024][  T110]  check_panic_on_warn+0x89/0xb0
[  107.377071][  T110]  ? txEnd+0x32d/0x530
[  107.381188][  T110]  end_report+0x73/0x180
[  107.385462][  T110]  ? txEnd+0x32d/0x530
[  107.389550][  T110]  kasan_report+0x128/0x150
[  107.394077][  T110]  ? txEnd+0x32d/0x530
[  107.398184][  T110]  kasan_check_range+0x264/0x2c0
[  107.403182][  T110]  txEnd+0x32d/0x530
[  107.407169][  T110]  jfs_lazycommit+0x5b8/0xaa0
[  107.411874][  T110]  ? __pfx_jfs_lazycommit+0x10/0x10
[  107.417089][  T110]  ? __pfx_default_wake_function+0x10/0x10
[  107.422926][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.428580][  T110]  ? __kthread_parkme+0x7a/0x1f0
[  107.433562][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.439214][  T110]  kthread+0x388/0x470
[  107.443293][  T110]  ? __pfx_jfs_lazycommit+0x10/0x10
[  107.448510][  T110]  ? __pfx_kthread+0x10/0x10
[  107.453112][  T110]  ret_from_fork+0x51e/0xb90
[  107.457738][  T110]  ? __pfx_ret_from_fork+0x10/0x10
[  107.462885][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.468573][  T110]  ? __switch_to+0xc7d/0x1450
[  107.473366][  T110]  ? __pfx_kthread+0x10/0x10
[  107.478002][  T110]  ret_from_fork_asm+0x1a/0x30
[  107.482821][  T110]  </TASK>
[  107.486639][  T110] Kernel Offset: disabled
[  107.490989][  T110] Rebooting in 86400 seconds..